INNOptimizer®

Privacy Policy

How we collect, use, and protect your personal data

Last updated: 30 October 2025

Responsible Party (Controller)

SynSilico B.V.
Urmonderbaan 22, 6167 RD Geleen, The Netherlands
+31 641547571
contact@synsilico.com

Data Protection Officer

Oliver May
oliver.may@synsilico.com

1. An Overview of Data Protection

General Information

The following information provides an easy-to-navigate overview of what happens to your personal data when you visit this website. The term "personal data" comprises all data that can be used to personally identify you. For detailed information about data protection, please consult our Data Protection Declaration, which follows below.

Data Recording on This Website

Who is responsible for the data processing on this website?

The data on this website is processed by the operator of the website. Contact information is available under "Information about the responsible party (controller)" in this Privacy Policy.

How do we record your data?

Your data is collected when you share it with us, for example, by entering information into our contact form. Other data is collected automatically or after your consent when visiting the website (e.g., browser type, operating system, access time).

What are the purposes of data use?

Some data ensures error-free website functionality; others are used to analyze usage behavior. If contracts are initiated via the website, transmitted data is also processed for contract offers and related communications.

What rights do you have?

You have the right to:

  • Request information about the origin, recipients, and purpose of your personal data
  • Request correction or deletion of data
  • Revoke consent to data processing at any time
  • Request restriction of processing
  • File a complaint with a supervisory authority

You can contact us at any time regarding data protection matters.

Analysis Tools and Third-Party Tools

Your browsing patterns may be statistically analyzed via analytical programs. Details can be found in this Privacy Policy.

2. Hosting

Amazon Web Services (AWS)

The provider is Amazon Web Services EMEA SARL, 38 Avenue John F. Kennedy, 1855 Luxembourg ("AWS"). Personal data may be processed on AWS servers, including transfers to the U.S. Transfers are based on EU Standard Contractual Clauses (SCCs).

See: AWS GDPR DPA

Privacy Policy: https://aws.amazon.com/de/privacy/

AWS is used based on Art. 6(1)(f) GDPR (legitimate interest in reliable hosting). If consent is required, processing is based on Art. 6(1)(a) GDPR and § 25 (1) TDDDG. AWS is certified under the EU-US Data Privacy Framework (DPF).

See: DPF Participant Info

We have a Data Processing Agreement (DPA) in place with AWS.

External Hosting

This website is hosted externally. Personal data (e.g., IP addresses, contact data, metadata, etc.) is stored on the host's servers.

External hosting serves:

  • Contract fulfillment (Art. 6(1)(b) GDPR)
  • Secure and efficient website operation (Art. 6(1)(f) GDPR)

We use the following host:

Vercel Inc.
440 N Barranca Ave, Suite 4133
Covina, CA 91723, United States

A DPA has been concluded with Vercel to ensure GDPR compliance.

3. General Information and Mandatory Information

Data Protection

We treat personal data confidentially and in accordance with legal requirements. Data transmission over the Internet (e.g., email) may have security vulnerabilities.

Storage Duration

Unless otherwise specified, personal data is kept until its purpose is fulfilled. Requests for deletion or withdrawal of consent will result in data deletion unless legal obligations require retention.

Legal Basis for Data Processing

Depending on context, processing occurs based on:

  • Art. 6(1)(a) GDPR (consent)
  • Art. 6(1)(b) GDPR (contractual necessity)
  • Art. 6(1)(c) GDPR (legal obligation)
  • Art. 6(1)(f) GDPR (legitimate interest)

Recipients of Personal Data

We share data only when legally required, contractually necessary, or justified by legitimate interest. DPAs and joint processing agreements ensure compliance.

Rights of Data Subjects

Revocation of Consent

You may revoke consent at any time without affecting prior lawful processing.

Right to Object (Art. 21 GDPR)

You may object at any time to data processing based on Art. 6(1)(e) or (f) GDPR. If you object to direct advertising, your personal data will no longer be used for that purpose.

Complaint Right

You may file complaints with the competent supervisory authority.

Data Portability

You can request transfer of data in a machine-readable format.

Access, Correction, Deletion

You have rights to access, correct, or delete your personal data.

Restriction of Processing

You may request restriction of processing in specific cases (e.g., data accuracy disputes or unlawful processing).

Security Measures

SSL/TLS Encryption

We use SSL/TLS to secure data transmission. You can identify encrypted connections by the "https://" prefix or lock symbol in your browser.

Encrypted Payments

Payment data (e.g., card details) are transmitted via encrypted SSL/TLS connections.

Rejection of Unsolicited Emails

We object to the use of published contact data for unsolicited advertising or spam.

4. Recording of Data on This Website

Cookies

Our website uses cookies for functionality, analytics, and performance. Cookies may be:

  • Session (temporary)
  • Persistent (stored)
  • First-party or third-party

Required cookies are stored under Art. 6(1)(f) GDPR (legitimate interest). Consent-based cookies follow Art. 6(1)(a) GDPR and § 25 (1) TDDDG. You can manage cookie preferences in your browser settings.

CCM19

We use CCM19 (Papoo Software & Media GmbH, Germany) for cookie consent management. Legal basis: Art. 6(1)(f) GDPR. A DPA ensures GDPR compliance.

Contact Form

Information you provide is stored to handle your inquiry. Processing bases:

  • Art. 6(1)(b) GDPR (contract)
  • Art. 6(1)(f) GDPR (legitimate interest)
  • Art. 6(1)(a) GDPR (consent)

Use of Clerk

We use Clerk (Clerk Inc., San Francisco, USA) for authentication. Processing is based on Art. 6(1)(f) GDPR (legitimate interest). Data transfers rely on Standard Contractual Clauses (SCCs).

Privacy Policy: https://clerk.com/privacy

Use of AI on the Website

We use AI-driven Bayesian Optimization and related tools to enhance services. Processing is based on Art. 6(1)(f) GDPR (legitimate interest) or Art. 6(1)(a) GDPR (consent).

Requests via Email, Telephone, or Fax

Contact data are processed for responding to inquiries under Art. 6(1)(b) or (f) GDPR.

Registration on the Website

Registration data is used to provide services. Processing is based on Art. 6(1)(b) GDPR. Data is retained while registration remains active.

Registration with Google

Users may register via Google (Google Ireland Ltd.). Processing is based on Art. 6(1)(f) GDPR (legitimate interest). Google is certified under the EU-US Data Privacy Framework (DPF).

See: DPF Participant Info

5. eCommerce and Payment Service Providers

Payment Services

When making payments, your data (name, amount, bank/credit info) is processed by third-party providers. Processing bases:

  • Art. 6(1)(b) GDPR (contract)
  • Art. 6(1)(f) GDPR (secure transactions)
  • Art. 6(1)(a) GDPR (consent)

Stripe

Stripe Payments Europe, Ltd
1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland

Data transfers rely on SCCs.

See: Stripe Privacy Policy and Stripe GDPR Guide.

If you have any questions about this Privacy Policy, please contact us at contact@synsilico.com

    Privacy Policy | INNOptimizer®