Privacy Policy

Liberate Science GmbH (“we”) operates various websites and services ( “Sites” and “Services”), accessible via https://libscie.org and its subdomains. With this privacy policy, we inform you about the personal data we collect when you visit our Site and Services, plus how we process that data. Thereby, we also fulfil our obligation to inform you pursuant to Article 13 General Data Protection Regulation (GDPR).

I. Identity of the controller

Liberate Science GmbH (c/o ImpactHub)
Rollbergstraße 28A
12053 Berlin, Germany
info@libscie.org

II. Purposes of processing, its legal basis and the period for which the data will be stored

1. General use of the Sites and Services

Generally, we do not store personal data while you use our Sites with the exception that our web server registers all connections to the Site automatically and collects the following technical information about your visit:

IP address
Name of the files accessed
Information about the transmission
Date and time of the connection
Amount of data transmitted
Operating system and
Web browser/user agent

We process this data to establish a connection to your device over the Internet. We store the aforementioned data in log files in order to ensure the security and integrity of our IT systems. The respective purposes of the processing also constitute our legitimate interests we pursue with it (Art. 6 par. 1 lit. f) GDPR). We retain our log files for 14 days and delete them thereafter.

2. Contact

You can contact us, for example, by writing an email. In such case, we will process the personal data you provide us with in order to answer your request. This may include especially your name, email address, subject of your message and the message itself. We will retain your messages until we have fulfilled your request and may be stored up to 60 days for internal educational purposes. Afterwards, we will delete it. We base the processing for such purposes on Art. 6 par. 1 lit. f) GDPR, while the purposes of the processing also constitute our legitimate interests we pursue with it.

3. Registration on the Services

To use any of our managed software as a service (the Services), an Account is registered with us upon completing the first purchase of a service subscription. For payment processing, we use the service provider Paddle.com Market Ltd (“Paddle”). Paddle will independently collect the necessary payment information. For more information on the processing by Paddle, please refer to Paddle’s privacy policy, accessible under https://paddle.com/privacy.

Paddle will transfer a confirmation to us if the payment was successful, which includes your email address and is used to register and configure your Account accordingly. Immediately upon registration, we send a confirmation email with account information and relevant service information. Your Account will be active until you delete it. The legal basis for the processing described above is Art. 6 par. 1 lit. b) GDPR.

4. Functions of the Sites and Services

We provide various managed software as a service. Each of the Services serves its own purpose and requires unique processing. We base any processing solely on the requirement that it is necessary to provide you with the functionality of the Services according to our Service Terms of Use and on Art. 6 par. 1 lit. b) GDPR.

You can subscribe to our newsletter on our Site. In this case, we will process your email address for sending our newsletters based on your consent (Art. 6 para. 1 lit. a) GDPR) until you withdraw your consent. You can withdraw your consent at any time, for example, by clicking on the unsubscribe link provided in every newsletter email or by contacting info@libscie.org.

In addition, we process the time of registration and your double opt-in confirmation. We process your data for pursuing our legitimate interest and to be able to prove our compliance with the law. The legal basis for this is Art. 6 par. 1 lit. f) GDPR and Art. 6 par. 1 lit. c) GDPR in conjunction with Art. 5 par. 2 DSGVO.

We may analyze your use of our newsletter, e.g. whether you have opened it or clicked on certain links, and process this data to optimize and improve our newsletters. This purpose also represents our legitimate interest that we pursue with this processing (Art. 6 par. 1 lit. f) DSGVO).

6. Legal obligations to retain documents

We have the statutory obligation to retain certain documents according to Sec. 257 HGB (German Commercial Code) and Sec. 147 AO (Fiscal Code of Germany) as well as social security laws and employment laws. These documents may also include personal data. Specifically, these are:

Accounts and records, inventories, annual financial statements, single fiscal statements according to Sec. 325 par. 2a HGB, group fiscal statements, situation reports, group situation reports the opening balance sheet as well as the operating instructions and other organizational documents needed for their comprehension, accounting records, documents pursuant to Article 15(1) and Article 163 of the Union Customs Code.

These documents have to be retained for a period of 10 years.

Trade or business letters received, reproductions of trade or business letters sent, other documents to the extent that these are of relevance for taxation.

These documents have to be retained for a period of 6 years

The respective storage period shall begin upon the end of the calendar year in which the last entry was made in the accounts, the inventory, the opening balance sheet, the annual financial statement or the situation report drawn up, the trade or business letter received or sent, the accounting record created, the record made or the other documents created. The legal basis for such processing is Art. 6 par. 1 lit. c) GDPR.

III. Recipients and transfers to third countries

If we are unable to provide services ourselves or if it is not reasonable to do so, we use external service providers. These service providers are primarily providers of IT services.

If not specifically mentioned elsewhere in this privacy policy, we do not transfer your data to third countries.

We use the following service providers in accordance with our instructions:

Telekom Deutschland GmbH – Landgrabenweg 151, 53227 Bonn, Germany
Paddle.com Market Ltd – Judd House, 18-29 Mora Street, London EC1V 8BT, United Kingdom
n8n GmbH – Novalisstr. 10, 10115 Berlin, Germany

The provider Paddle.com Market Ltd resides in the United Kingdom, a so-called third country outside the European Union. The United Kingdom has an adequate level of data protection recognized as recognized by the European Commission.

IV. Rights of the data subject

If the respective requirements are met, the GDPR grants you certain rights as a data subject.

Art. 15 GDPR – Right of access: You shall have the right to obtain from us confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to the personal data and certain information.

Art. 16 GDPR – Right to rectification: You shall have the right to obtain from us without undue delay the rectification of inaccurate personal data concerning you. Taking into account the purposes of the processing, you shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.

Art. 17 GDPR – Right to erasure: You shall have the right to obtain from us the erasure of personal data concerning you without undue delay.

Art. 18 GDPR – Right to restriction of processing: You shall have the right to obtain from us the restriction of processing.

Art. 20 GDPR – Right to data portability: You shall have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and you shall have the right to transmit those data to another controller without hindrance from us. You shall also have the right to have the personal data transmitted directly from us to another controller, where technically feasible.

Art. 77 GDPR – Right to lodge a complaint with a supervisory authority: Without prejudice to any other administrative or judicial remedy, you shall have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR.

Art. 21 GDPR – Right to Object: You shall have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you, which is based on legitimate interests or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller

In such case, we shall no longer process the personal data unless we demonstrate compelling legitimate grounds for the processing, which override your interests, rights and freedoms or where the processing is necessary for the establishment, exercise or defence of legal claims.

Where personal data are processed for direct marketing purposes, you shall have the right to object at any time for such marketing, which includes profiling to the extent that it is related to such direct marketing.

If you wish to object to any processing of data, you may send us an email to one of our aforementioned email addresses.

Art. 7 par. 3 GDPR – Withdrawal of Consent: If you have given us your consent, you have the right to withdraw your consent at any time. In case of withdrawal, all data processing based on your consent before your withdrawal will remain lawful.

VI. Obligation to provide us with personal data

You have no statutory or contractual obligation to provide us with any personal data. However, we may not be able to provide you with our services if you decide not to do so.

VII. Existence of automated individual decision-making, including profiling

We do not use automated individual decision-making, including profiling pursuant to Art. 22 GDPR, which produces legal effects concerning you or similarly significantly affects you.

VIII. Internet specific processing or use of personal data

1. General Storage of or Access to Information on your End Device

For providing you the services of our Site, we store or access information on your end device mainly by using cookies or similar technologies. Cookies are small text files, which are transferred from the Site or third parties and stored on your device. Cookies cannot execute programs or infect your device with computer viruses. Some cookies are stored only for your current browser session and will be deleted once you close your browser. Other cookies may be stored on your device for a certain period. You can obtain more information on how long specific cookies are stored within your end device's or browser software's settings.

We use cookies for different purposes, but only if they are strictly necessary to provide our services to you according to Sec. 25 par. 2 Nr. 2 TTDSG. If at some point this should not be the case, we will ask for your informed consent. We use the following essential cookies by default to provide you with the website functionality:

Anonymous session token (for account access)
Anti-Cross Site Request Forgery (for security purposes)

Typically, these cookies do not contain personal data. However, if that may be the case in certain situations, the processing of such data is based on Art. 6 par. 1 lit. f) GDPR and the aforementioned purposes constitute the legitimate interests we pursue with them.