Privacy policy
Privacy policy of ALUMIS GmbH & Co KG (as of July 2025)
We are very delighted that you have shown interest in our enterprise. Data protection is of a particularly high priority for the management of the ALUMIS GmbH & Co KG. It is generally possible to use the ALUMIS GmbH & Co KG website without providing any personal data. However, if a data subject wishes to make use of special services via our website, it may be necessary to process personal data. If the processing of personal data is necessary and there is no legal basis for such processing, we generally obtain the consent of the data subject.
The processing of personal data, such as the name, address, e-mail address or telephone number of a data subject, is always carried out in accordance with the General Data Protection Regulation and in accordance with the country-specific data protection regulations applicable to ALUMIS GmbH & Co KG. This privacy policy provides information about the type, scope and purpose of the personal data we collect, use and process. It also informs data subjects about their rights.
ALUMIS GmbH & Co KG has implemented numerous technical and organizational measures to ensure that the personal data processed via this website is protected as completely as possible. Nevertheless, Internet-based data transmissions can generally have security gaps, so that absolute protection cannot be guaranteed. Every data subject is therefore free to transmit personal data to us by alternative means, for example by telephone.
1. definitions
The data protection declaration of the ALUMIS GmbH & Co KG is based on the terms used by the European legislator for the adoption of the General Data Protection Regulation (GDPR). Our privacy policy should be easy to read and understand for the public as well as for our customers and business partners. To ensure this, we would like to explain the terms used in advance.
We use the following terms, among others, in this Privacy Policy:
a) Personal data
Personal data means any information relating to an identified or identifiable natural person (hereinafter referred to as “data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
b) Data subject
Data subject is any identified or identifiable natural person whose personal data is processed by the controller responsible for the processing.
c) Processing
Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
d) Restriction of processing
Restriction of processing is the marking of stored personal data with the aim of restricting its future processing.
e) Profiling
Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements.
f) Pseudonymization
Pseudonymization is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
g) Controller or controller responsible for the processing
Controller or controller responsible for the processing is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
h) Processor
Processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
i) Recipient
Recipient is a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients.
j) Third party
A third party is a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data.
k) Consent
Consent is any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
2. name and address of the person responsible
Address:
In der Lake 2
33829 Borgholzhausen
Germany
Phone: +49 5425 95371-0
Mail: service@alumis-group.de
3. cookies and consent management
This website uses cookies. When you visit the website for the first time, a cookie banner is displayed. There you can select which cookies may be set. This is done using the Borlabs Cookie tool from Borlabs GmbH, Rübenkamp 32, 22305 Hamburg.
Borlabs Cookie saves your selected settings in a cookie on your device. Your data will not be transmitted to third parties. The storage takes place in accordance with Art. 6 para. 1 lit. c GDPR.
4. collection of general data and information
When you access this website, the hosting provider automatically collects information that your browser transmits. This includes
- Browser type and version
- Operating system used
- Referrer URL
- Host name of the accessing computer
- Time of the server request
- IP address (anonymized)
This data is used to ensure a smooth connection setup and system security and is not merged with other data sources. The data is stored temporarily in log files on the basis of Art. 6 para. 1 lit. f GDPR.
5. SSL encryption
This website uses SSL encryption (https) for security reasons and to protect the transmission of confidential content.
6. plugins and services
a) WPForms
If you use our contact form, we store your details to process the request (Art. 6 para. 1 lit. b GDPR). The data will not be passed on to third parties.
b) WP Rocket
We use WP Rocket to optimize loading times. No personal data is transferred to third parties.
c) Google Fonts (locally embedded)
The fonts used are embedded locally. No connection to Google servers is established. No data is passed on.
d) YouTube
This website integrates videos from the YouTube platform (Google Ireland Ltd.). When you play a video, a connection to YouTube is established. The legal basis is your consent in accordance with Art. 6 para. 1 lit. a GDPR.
e) Instagram button
The website contains a simple link to our Instagram profile. Clicking on it does not trigger any data processing on our website. Only on Instagram do the data protection provisions of Meta Platforms Ireland Ltd. apply.
f) Akismet Anti-Spam
The Akismet plugin (Automattic Inc., USA) is used to protect against spam. The IP addresses and content of commenting users may be transmitted to servers in the USA. We only use Akismet in a data protection-compliant configuration or with express consent. Legal basis: Art. 6 para. 1 lit. f GDPR.
7. your rights
You have the right to:
- Information (Art. 15 GDPR)
- Rectification (Art. 16 GDPR)
- Erasure (Art. 17 GDPR)
- Restriction of processing (Art. 18 GDPR)
- Data portability (Art. 20 GDPR)
- Objection (Art. 21 GDPR)
- Revocation of consents granted (Art. 7 para. 3 GDPR)
Please send your request to the above e-mail address.
8. right of appeal
You have the right to lodge a complaint with a data protection supervisory authority. The competent supervisory authority for our company is
State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia
Kavalleriestraße 2-4
40213 Düsseldorf
Telephone: 0211 / 38424-0
E-mail: poststelle@ldi.nrw.de
Website: https://www.ldi.nrw.de
This privacy policy will be adapted as necessary. Please inform yourself regularly about the current status.
