Last updated:
Privacy Policy of Inventive Studios GmbH
1. Privacy at a Glance
General Information
The following notes provide an overview of what happens to your personal data when you visit this website or contact us. Personal data is any data with which you can be personally identified.
Detailed information on data protection can be found in the subsequent sections of this privacy policy.
Responsible Party
Data processing on this website is carried out by Inventive Studios GmbH. Full contact details can be found in Section 2 of this privacy policy.
Data Protection Officer
We have appointed an external data protection officer. Contact details can be found in Section 2 of this privacy policy.
How Do We Collect Your Data?
On one hand, your data is collected when you provide it to us, for example, when you contact us by email, book an appointment, apply for a job, or communicate with us in any other way.
Other data is collected automatically when you visit the website through the IT systems used. This is primarily technical data such as browser, operating system, IP address, referrer URL, and time of page access. This data is required to provide the website technically and to operate it securely.
Insofar as we use services that are not technically necessary, they are only used with your consent via our consent management or cookie settings.
What Do We Use Your Data For?
We process personal data in particular to provide this website, answer inquiries, coordinate appointments, process applications, offer our services, ensure the security of the website, and comply with legal obligations.
What Rights Do You Have?
Subject to statutory conditions, you have the right of access, rectification, erasure, restriction of processing, data portability, and objection to certain processing operations at any time. Insofar as processing is based on your consent, you can withdraw this consent at any time with effect for the future.
You also have the right to lodge a complaint with a data protection supervisory authority. The competent supervisory authority for Inventive Studios GmbH is the State Commissioner for Data Protection and Freedom of Information of Rhineland-Palatinate (LfDI RLP), Hintere Bleiche 34, 55116 Mainz, www.datenschutz.rlp.de.
2. General Information and Mandatory Information
Data Protection
We take the protection of your personal data seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.
When you use this website, various personal data are processed. This privacy policy explains what data we process, for what purposes, and on what legal bases the processing is based.
We point out that data transmission over the Internet (e.g., when communicating via email) can have security gaps. Complete protection of data against access by third parties is not possible.
Responsible Party
The responsible party (controller) within the meaning of the General Data Protection Regulation (GDPR) is:
Inventive Studios GmbH
Taunusstraße 59-61
55118 Mainz
Germany
Phone: +49 6131 4887640
Email: info@inventivestudios.de
Website: www.inventivestudios.de
Authorized Managing Directors: Gersi Gega and Christoph Köhler
The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data.
Data Protection Officer
Our external data protection officer is:
DSBOK.DE – Oliver Krause
Untergasse 2
65474 Bischofsheim
Germany
Email: teltec@dsbok.de
Phone: 06144 402197
Competent Data Protection Supervisory Authority
The competent supervisory authority for Inventive Studios GmbH is:
The State Commissioner for Data Protection and Freedom of Information of Rhineland-Palatinate (LfDI RLP)
Hintere Bleiche 34
55116 Mainz
www.datenschutz.rlp.de
You have the right to contact this authority with a complaint at any time.
Legal Bases for Processing
We process personal data based on the following legal bases:
Art. 6 (1) lit. a GDPR, provided you have given your consent;
Art. 6 (1) lit. b GDPR, insofar as processing is necessary for the performance of a contract or to take steps prior to entering into a contract;
Art. 6 (1) lit. c GDPR, insofar as processing is necessary for compliance with a legal obligation;
Art. 6 (1) lit. f GDPR, insofar as processing is necessary for the purposes of our legitimate interests or those of a third party, except where such interests are overridden by your interests or fundamental rights and freedoms.
For access to information in your end device or the storage of information on your end device, the provisions of the Telecommunications Digital Services Data Protection Act (TDDDG) also apply. Insofar as cookies or comparable technologies are not technically strictly necessary, we only use them based on your consent.
Storage Duration
Unless a more specific storage period is specified in this privacy policy, we store personal data only as long as necessary for the respective purpose. If you assert a legitimate request for erasure or withdraw consent, we will delete your data unless there are other legally permissible reasons for storage, such as commercial or tax retention periods or the establishment, exercise, or defense of legal claims.
Recipients of Personal Data
We use technical service providers to provide and operate our website and to process inquiries and appointments. They receive personal data only to the extent necessary for the respective service and where there is a legal basis. Where necessary, we conclude data processing agreements with service providers in accordance with Art. 28 GDPR.
Third Country Transfers
Insofar as personal data is transferred to recipients outside the European Union or the European Economic Area, this is only done if there is an appropriate legal basis. This can be, in particular, an adequacy decision by the European Commission, certification under the EU-U.S. Data Privacy Framework (DPF), the conclusion of standard contractual clauses, or explicit consent.
Withdrawal of Your Consent
Many data processing operations are only possible with your consent. You can withdraw consent you have already granted at any time with effect for the future. The lawfulness of the processing carried out up to the withdrawal remains unaffected by the withdrawal.
Right to Object under Art. 21 GDPR
If data processing is based on Art. 6 (1) lit. e or Art. 6 (1) lit. f GDPR, you have the right to object to the processing of your personal data at any time for reasons arising from your particular situation.
If your personal data is processed for direct marketing purposes, you have the right to object to the processing of your personal data for such marketing purposes at any time.
Right to Lodge a Complaint with the Competent Supervisory Authority
In the event of violations of the GDPR, you have the right to lodge a complaint with a data protection supervisory authority. You can contact in particular the competent supervisory authority of your habitual residence, your place of work, or the place of the alleged violation. The competent authority for Inventive Studios GmbH is the LfDI Rhineland-Palatinate (see Section 2).
Right to Data Portability
You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a structured, commonly used, machine-readable format, as far as this is technically feasible.
Access, Rectification, Erasure, and Restriction
Within the framework of the statutory provisions, you have the right to free information about your stored personal data at any time, as well as the right to rectification, erasure, or restriction of the processing of this data, where applicable.
SSL or TLS Encryption
For security reasons and to protect the transmission of confidential content, this website uses SSL or TLS encryption. You can recognize an encrypted connection by the "https://" in the address bar of your browser and the lock symbol in the browser bar.
Objection to Promotional Emails
We hereby object to the use of contact data published under the legal notice obligation for sending unsolicited advertising and information materials. We reserve the right to take legal action in the event of unsolicited sending of advertising information, such as spam emails.
3. Hosting and Technical Provision of the Website
Hosting via Framer
This website is created and hosted using the website service Framer.
Provider is:
Framer B.V.
Rozengracht 207B
1016 LZ Amsterdam
Netherlands
When visiting this website, Framer processes technical data required for the provision, security, and delivery of the website. This may include, in particular, IP address, browser information, operating system, referrer URL, time of the server request, and pages accessed.
The processing is based on Art. 6 (1) lit. f GDPR. Our legitimate interest lies in the secure, fast, and reliable provision of our website.
Insofar as Framer processes personal data on our behalf as part of providing the website, this is based on a data processing agreement in accordance with Art. 28 GDPR.
Framer may use sub-processors located outside the European Union to provide its services. Such transfers are made on the basis of appropriate safeguards, in particular standard contractual clauses or certification under the EU-U.S. Data Privacy Framework. Details can be found in Framer's privacy policy at www.framer.com/privacy.
Server Log Files
When accessing this website, information that your browser sends to the server is automatically processed. This can include, in particular:
Browser type and browser version;
operating system used;
Referrer URL;
Hostname of the accessing computer;
Time of the server request;
IP address;
accessed page or file;
amount of data sent;
Notification of successful retrieval.
This data is processed for technical provision, stability, security, and error analysis of the website on the basis of Art. 6 (1) lit. f GDPR. Server log files are typically deleted automatically after 14 days, unless there are concrete indications of misuse that require longer retention.
4. Cookies, Consent Management, and Cookie Settings
Our website may use cookies or comparable technologies. Cookies are small text files stored on your device. Comparable technologies can store or read information on your device.
Technically necessary cookies and comparable technologies are used insofar as they are required for the operation of the website or the provision of explicitly desired functions. The legal basis is Art. 6 (1) lit. f GDPR and § 25 (2) TDDDG.
We only use non-essential cookies and comparable technologies, in particular for analysis, marketing, external media, or comparable services, with your consent. The legal basis is Art. 6 (1) lit. a GDPR and § 25 (1) TDDDG.
You can change or withdraw your consent at any time with effect for the future via the cookie settings on our website.
Framer Analytics
Insofar as we use the integrated Framer Analytics function, this is carried out without persistent user identifiers, according to Framer. Insofar as IP addresses are processed even briefly, this is done on the basis of Art. 6 (1) lit. f GDPR. Our legitimate interest lies in analyzing website usage for the technical optimization of our services. We cannot draw conclusions about individual persons based on Framer Analytics.
Should we also use external analysis or marketing services, they will be described separately in this privacy policy and activated only with your consent.
5. Contacting Us
When you contact us by email, phone, or other means, we process the personal data you provide in order to process your inquiry and for possible follow-up questions.
This may include, in particular, name, email address, phone number, company, content of your message, time of contact, and communication data.
Processing is carried out on the basis of Art. 6 (1) lit. b GDPR, provided your request is related to the performance of a contract or prior to entering into a contract. In all other cases, processing is based on Art. 6 (1) lit. f GDPR. Our legitimate interest lies in the effective handling of inquiries.
The data will be deleted as soon as the purpose of processing no longer applies, provided there are no statutory retention requirements or legitimate interests in further storage.
6. Appointment Booking via Microsoft / Outlook
Links for appointment booking via Microsoft services, in particular Outlook or Microsoft Bookings, may be integrated on our website. Clicking on such an appointment link redirects you to a Microsoft page.
Provider is:
Microsoft Ireland Operations Limited
One Microsoft Place
South County Business Park, Leopardstown
Dublin 18, Ireland
When booking an appointment, name, email address, appointment selection, communication content, calendar data, technical data, and other information entered by you may be processed. The processing serves the scheduling, administration, and execution of appointments.
The legal basis is Art. 6 (1) lit. b GDPR, insofar as the appointment booking serves to take steps prior to entering into a contract or to perform a contract. Otherwise, processing is based on Art. 6 (1) lit. f GDPR. Our legitimate interest lies in efficient appointment planning and communication.
Microsoft may process data outside the European Union or European Economic Area. Microsoft is certified under the EU-U.S. Data Privacy Framework (DPF), ensuring an adequate level of data protection for transfers to the US. In addition, Microsoft uses standard contractual clauses.
Further information can be found in Microsoft's privacy policy at privacy.microsoft.com.
7. Applications
You can apply to us, for example by email or via contact options listed on the website. If you send us an application, we process the associated personal data for the purpose of carrying out the application process.
This may include, in particular, name, contact details, CV, certificates, portfolio, work samples, cover letter, qualifications, communication data, and other information sent by you.
The legal basis is Art. 6 (1) lit. b GDPR in conjunction with § 26 BDSG. If you provide separate consent, Art. 6 (1) lit. a GDPR is the legal basis.
Your application data will only be forwarded within our company to persons involved in making decisions about the application.
If we do not make you a job offer, you reject an offer, or you withdraw your application, we routinely store your application data for up to six months after the application process is completed. Longer storage may take place if necessary for the establishment, exercise, or defense of legal claims or if you have consented to longer storage.
8. Newsletter
A newsletter may be reference on our website. A newsletter will only be sent if you have explicitly consented to this, or if there is another legal permission.
If you register for a newsletter, we process in particular your email address as well as, where applicable, your name, company, registration time, IP address during registration and confirmation, and your declaration of consent. Processing is based on Art. 6 (1) lit. a GDPR.
You can withdraw consent you have granted at any time with effect for the future, for example via an unsubscribe link in the newsletter or by sending us a message.
If we use an external service to send newsletters (e.g., Mailchimp, HubSpot, Brevo, or comparable providers), we will additionally identify this provider, the associated data processing, and any third-country transfers in this privacy policy. Currently, there is no active newsletter registration via the website.
9. Social Media Links
Our website may contain links to our profiles on social networks, particularly LinkedIn and Instagram. If you click these links, you leave our website and are redirected to the respective platform.
When just visiting our website, simple social media links do not transmit personal data to the respective platform operators. Data processing by the platform operators only begins when you click the respective link or interact with the platform.
The respective providers are responsible for data processing on the linked platforms. Please refer to their privacy policies.
10. AI-assisted Content and Media
Inventive Studios provides services in the areas of technological media production and AI-assisted content creation. On this website, content, in particular texts, images, videos, audio, visuals, or other media, may have been fully or partially created, edited, or optimized using AI systems.
Insofar as AI-generated or AI-edited content with personal references or other personal data is used on the website, this is done only on the basis of a suitable legal basis, in particular consent, contractual basis, or legitimate interest, provided the statutory requirements are met.
To the extent legally required – in particular under Art. 50 of Regulation (EU) 2024/1689 on Artificial Intelligence (EU AI Act) or other applicable labeling obligations – we label AI-generated or AI-edited media directly on the respective content.
11. External Media, Maps, Videos, and Third-Party Content
Currently, this privacy policy is tailored to a website without the mandatory active integration of external map, video, tracking, or marketing services, unless such services are explicitly named in this privacy policy.
Should we integrate external content such as YouTube, Vimeo, Google Maps, Meta Pixel, Google Ads, Google Analytics, reCAPTCHA, or comparable services in the future, we will update this privacy policy accordingly and, where necessary, obtain prior consent via our consent management.
12. Status and Amendments of this Privacy Policy
We reserve the right to adapt this privacy policy if our website, services used, legal requirements, or internal processes change. The current version is always available on our website.
