Data security

We take data security seriously

The protection of your privacy when processing personal data is an important concern for us. When you visit our website, our web servers automatically store the IP address of your internet service provider, the website from which you visit us, the pages you visit on our site, as well as the date and duration of your visit. This information is essential for the technical transmission of the webpages and for the secure operation of the servers. A personalized evaluation of this data does not take place.

If you send us data via a contact form, this data will be stored on our servers as part of data backup. Your data will be used exclusively for processing your request. Your data will be treated with strict confidentiality. It will not be shared with third parties.

Personal data

Personal data refers to information about you as a person. This includes your name, address, and email address. You do not need to disclose any personal data to visit our website. In some cases, we need your name, address, and other information in order to provide you with the requested service.

The same applies if you request information materials from us or if we respond to your inquiries. In these cases, we will always inform you accordingly. Additionally, we only store the data that you have automatically or voluntarily provided to us.

When you use one of our services, we generally collect only the data necessary to provide you with that service. We may ask for additional information, but providing this is voluntary. Whenever we process personal data, we do so in order to offer you our service or to pursue our commercial objectives.

Automatically saved data

Server Log Files

The provider of these pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These include:

• Date and time of the request
• Name of the requested file
• Page from which the file was requested
• Access status (file transferred, file not found, etc.)
• Web browser and operating system used
• Full IP address of the requesting computer
• Amount of data transferred

This data is not combined with other data sources. The processing is carried out in accordance with Article 6(1)(f) of the GDPR based on our legitimate interest in improving the stability and functionality of our website.

For technical security reasons, particularly to defend against attempted attacks on our web server, this data is stored by us for a short period. It is not possible for us to draw any conclusions about individual persons based on this data. After a maximum of seven days, the data is anonymized by shortening the IP address to the domain level, so that no connection to individual users can be made. The data is also processed anonymously for statistical purposes; no comparison with other data sets or transfer to third parties, even in part, takes place. Only within the framework of our server statistics, which we publish every two years in our activity report, is the number of page views represented.

Cookies

When you visit our website, we may store information on your computer in the form of cookies. Cookies are small files that are transferred from an internet server to your browser and stored on your hard drive. Only the internet protocol address is stored — no personal data. The information stored in the cookies allows us to automatically recognize you on your next visit to our website, making it easier for you to use. The legal basis for the use of cookies is our legitimate interest in accordance with Article 6(1)(f) of the GDPR.

Of course, you can also visit our website without accepting cookies. If you do not want your computer to be recognized on your next visit, you can refuse the use of cookies by changing your browser settings to “reject cookies.” You can find the specific instructions in your browser’s user manual. However, if you refuse the use of cookies, this may result in limitations in the use of some areas of our website.

Security

We have implemented technical and administrative security measures to protect your personal data against loss, destruction, manipulation, and unauthorized access. All our employees and service providers working for us are committed to complying with the applicable data protection laws.

Whenever we collect and process personal data, it is encrypted before being transmitted. This means that your data cannot be misused by third parties. Our security measures are subject to a continuous improvement process, and our privacy policies are regularly updated. Please ensure that you have the most recent version.

Rights of Data Subjects

You have the right at any time to access, rectify, delete, or restrict the processing of your stored data, the right to object to processing, as well as the right to data portability and the right to file a complaint, in accordance with data protection regulations.

Right to Access:

You may request information from us regarding whether and to what extent we process your data.

Right to Rectification:

If we process data about you that is incomplete or incorrect, you can request its correction or completion at any time.

Right to Deletion:

You can request the deletion of your data if we are processing it unlawfully or if the processing disproportionately interferes with your legitimate protection interests. Please note that there may be reasons that prevent immediate deletion, such as legal retention obligations.

Regardless of your right to deletion, we will promptly and completely delete your data as long as there is no legal or contractual obligation to retain it.

Right to Restriction of Processing:

You may request the restriction of the processing of your data if:

• You dispute the accuracy of the data, for a period that allows us to verify the accuracy.
• The processing of the data is unlawful, but you refuse deletion and instead request a restriction on the use of the data.
• We no longer need the data for the intended purpose, but you require it to assert or defend legal claims.
• You have objected to the processing of the data.

Right to Data Portability:

You can request that we provide the data you have given us in a structured, commonly used, and machine-readable format and that we transmit this data to another controller without hindrance, provided:

• We process this data based on your given and revocable consent or for the fulfillment of a contract between us, and
• This processing is carried out using automated procedures.

Where technically feasible, you may request that we transmit your data directly to another controller.

Right to Object:

If we process your data based on legitimate interest, you may object to this data processing at any time; this also applies to profiling based on these provisions. We will then no longer process your data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing serves the assertion, exercise, or defense of legal claims. You may object to the processing of your data for direct marketing purposes at any time without providing reasons.

Right to Lodge a Complaint:

If you believe that we have violated German or European data protection law in processing your data, we ask that you contact us to clarify any questions. Of course, you also have the right to lodge a complaint with the supervisory authority responsible for you, the respective State Office for Data Protection Supervision.

If you wish to exercise any of the above rights, please contact our Data Protection Officer. In case of doubt, we may request additional information to confirm your identity.

Changes to our privacy statement

We reserve the right to amend our privacy statements if new technologies make this necessary. Please ensure that you have the most current version. If fundamental changes are made to this privacy policy, we will announce them on our website.

PlugIns & Tools

Ultimately Social

This website uses features of the social plugin UltimatelySocial. The provider is lnisev Ltd., 93 Mill Street, Qormi QRM 3100, Malta. UltimatelySocial uses so-called “cookies.” These are text files that are stored on your computer and enable an analysis of your use of the website. We have currently disabled these cookies. If you use the “Share” button at the bottom of the webpage, UltimatelySocial will establish a connection for you to the following social media services:

https://platform.linkedin.com

https://platform.twitter.com

https://syndication.twitter.com

https://staticxx.facebook.com

You can find more information about the data protection practices of UltimatelySocial at the following link: https://www.ultimatelysocial.com/gdpr.

Registration for Our Newsletter via rapidmail

To receive the newsletter offered on our website, you can register through our form. We use the so-called double opt-in procedure. Initially, a confirmation email is sent to the email address you provided, requesting confirmation. The registration becomes effective only when you click the activation link contained in the confirmation email. We use the data you provide to us solely for sending the newsletter, which may contain information or offers.

We use rapidmail to send our newsletter. Therefore, your data will be transmitted to rapidmail GmbH. rapidmail GmbH is prohibited from using your data for purposes other than sending the newsletter. It is not permitted for rapidmail GmbH to disclose or sell your data. rapidmail is a German, certified newsletter software provider that has been carefully selected in accordance with the requirements of the GDPR and the BDSG.

You can revoke your consent to the storage of your data and its use for newsletter distribution at any time, for example, via the unsubscribe link in the newsletter.

Protection Against Hacking Attacks by Wordfence

This site uses the security plugin WORDFENCE to protect the website from hacking attacks, etc. The provider is DEFIANT, 800 5th Ave Ste 4100, Seattle, WA 98104. WORDFENCE currently uses three cookies, and below is an explanation of what each cookie does, who sets the cookie, and how it contributes to the protection of the site.

wfwaf-authcookie- (Hash)

What it does: This cookie is used by the WORDFENCE firewall to perform a capability check of the current user before loading WordPress.

Who receives this cookie: This cookie is set only for users who can log in to WordPress.

How this cookie helps: With this cookie, the WORDFENCE firewall recognizes logged-in users and allows them increased access. WORDFENCE can also identify non-logged-in users and restrict their access to secure areas. The cookie informs the firewall of the access level a visitor has, helping the firewall make informed decisions about who should be allowed and who should be blocked.

wf_loginalerted_ (Hash)

What it does: This cookie is used to notify the WORDFENCE administrator when an administrator logs in from a new device or location.

Who receives this cookie: This cookie is set only for administrators.

How this cookie helps: This cookie helps website operators know whether an admin login has occurred from a new device or location.

wfCBLBypass

What it does: WORDFENCE offers a site visitor the opportunity to bypass country blocking by accessing a hidden URL. This cookie tracks who is allowed to bypass the country block.

Who receives this cookie: When a hidden URL defined by the site administrator is accessed, this cookie checks whether the user can access the site from a country that is restricted by the country block. It is set for anyone who knows the URL that allows bypassing the default country block. This cookie is not set for someone who does not know the hidden URL to bypass the country block.

How this cookie helps: This cookie allows website owners to permit certain users to access blocked countries even if their country has been restricted.

For more information on how user data is handled, please refer to DEFIANT’s privacy policy: https://www.WORDFENCE.com/privacy-policy/

Ninja Forms

For the inquiry form on our website, we use the plugin “Ninja Forms” by WP Ninjas, LLC. Ninja Forms meets all the requirements of the GDPR.

The data you submit through the inquiry form will be forwarded via email to employees of BonVenture. We collect this data to verify whether your inquiry meets the criteria for an investment and to contact you if necessary.

Matomo

Our website uses “Matomo” (formerly “Piwik”), a web analytics service provided by InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand. Matomo stores cookies on your device, which allow us to analyze the use of our website. The information collected is stored exclusively on our server, including the following data:

• Two bytes of the IP address of the user’s calling system
• The accessed website
• The website from which the user arrived at the accessed website (referrer)
• The subpages accessed from the accessed website
• The duration of stay on the website
• The frequency of access to the website

Our website uses Matomo with the setting “Anonymize Visitors’ IP addresses.” IP addresses are not stored in full; instead, 2 bytes of the address are masked (e.g., 192.168.xxx.xxx). This way, it is no longer possible to associate the shortened IP address with the calling computer. The IP address transmitted by your browser via Matomo is not merged with other data we collect.

Opt-out complete; your visits to this website will not be recorded by the Web Analytics tool. Note that if you clear your cookies, delete the opt-out cookie, or if you change computers or Web browsers, you will need to perform the opt-out procedure again.

You may choose to prevent this website from aggregating and analyzing the actions you take here. Doing so will protect your privacy, but will also prevent the owner from learning from your actions and creating a better experience for you and other users.

You are not opted out. Uncheck this box to opt-out. You are currently opted out. Check this box to opt-in.

The tracking opt-out feature requires cookies to be enabled.

SSL and TLS Encryption

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries you send to us as the site operator. You can recognize an encrypted connection by the change in the address bar of your browser from “http://” to “https://” and by the padlock symbol in your browser’s address bar.

When SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Data Protection Officer

All interested parties and visitors to our website can reach us regarding data protection inquiries at:

Mr. Christian Volkmer
Projekt 29 GmbH & Co. KG
Ostengasse 14
93047 Regensburg

Tel.:  0941 2986930
Fax:  0941 29869316
E-Mail: anfragen@projekt29.de

www.projekt29.de

Information on Data Protection According to Article 13 of the GDPR

Here you will find our specific information in accordance with Article 13 of the GDPR:

• General Information (PDF)
• Information on Data Protection in Applicant Management (PDF)