Version: 1.1
Last updated: 21 May 2026
1. Overview of Data Protection
Controller
The controller responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is:
AMO GmbH
Gesellschaft für Angewandte Mikro- und Optoelektronik mbH
Otto-Blumenthal-Straße 25
52074 Aachen
Germany
Phone: +49 (0) 241 – 8867 200
Email: amo@amo.de
Types of Data Collected
When you visit our website, we may process the following categories of personal data:
- Usage data (IP address, browser type, pages visited, time of access)
Your Rights at a Glance
As a data subject, you have the following rights under the GDPR:
- Right of access (Art. 15 GDPR)
- Right to rectification (Art. 16 GDPR)
- Right to erasure (Art. 17 GDPR)
- Right to restriction of processing (Art. 18 GDPR)
- Right to data portability (Art. 20 GDPR)
- Right to object (Art. 21 GDPR)
- Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)
To exercise any of these rights, please contact us at the address listed above.
2. Hosting and Server Log Files
This website is hosted on servers operated by AMO GmbH (Gesellschaft für Angewandte Mikro- und Optoelektronik mbH), Otto-Blumenthal-Straße 25, 52074 Aachen, Germany, via its own AMICA network infrastructure. As the website is hosted entirely within Germany on AMO’s own infrastructure, no personal data is transferred to third-party hosting providers or to third countries in connection with the hosting of this website.
When you access our website, your browser automatically transmits certain information to our server. This includes:
- Browser type and version
- Operating system
- Referrer URL
- Hostname of the accessing device
- Date and time of the server request
- IP address
This data is not merged with other data sources. It is collected on the basis of Art. 6 para. 1 lit. f GDPR (legitimate interest in the technically error-free presentation and optimisation of the website).
Storage duration: Server log files are stored for a maximum of 7 days and then automatically deleted.
3. Cookies and Consent
This website uses cookies and similar technologies. Some of these are technically necessary for the operation of the website; others are used only with your prior consent.
When you first visit our website, you will be asked to consent to the use of non-essential cookies and third-party services via our cookie banner. You may withdraw your consent at any time with effect for the future.
Legal basis (necessary cookies): Art. 6 para. 1 lit. f GDPR (legitimate interest in providing a functioning website).
Legal basis (non-essential services): Art. 6 para. 1 lit. a GDPR (consent).
4. YouTube
This website may embed videos from YouTube, a service operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).
When you play an embedded YouTube video, a connection is established to YouTube’s servers. YouTube may receive information about which pages of our website you have visited and may set cookies on your device. If you are logged into your Google account, YouTube may be able to associate your browsing behavior with your personal profile.
Data is transferred to Google servers, which may be located in the United States. Google LLC is certified under the EU-US Data Privacy Framework (DPF), which provides an adequate level of data protection pursuant to Art. 45 GDPR.
Legal basis: Art. 6 para. 1 lit. a GDPR (consent). Videos are only loaded after you have given your consent via the cookie banner.
For more information, please refer to Google’s Privacy Policy: https://policies.google.com/privacy
5. Google APIs and Related Services
This website may use technical infrastructure services provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, which may be loaded when you visit our website. These include:
- Google APIs – interfaces used to load website functionality
- Google Image CDN / gstatic – infrastructure for delivering images and static content
These services may transmit your IP address and other technical data to Google servers, which may be located in the United States. Google LLC is certified under the EU-US Data Privacy Framework (DPF) (Art. 45 GDPR).
Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest in providing a functioning website).
For more information, please refer to Google’s Privacy Policy: https://policies.google.com/privacy
6. Data Transfers to Third Countries
Several of the services described in this Privacy Policy involve the transfer of personal data to recipients in the United States.
Where personal data is transferred to recipients in the United States, such transfer is based, where applicable, on an adequacy decision of the European Commission pursuant to Art. 45 GDPR, in particular the EU-US Data Privacy Framework (DPF) for certified organizations. Where no adequacy decision applies, we rely on appropriate safeguards such as the EU Standard Contractual Clauses pursuant to Art. 46 GDPR. You may request a copy of the applicable safeguards by contacting us at the address stated in Section 1.
7. Social Media Links
This website contains links to the project’s profiles on LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland) and YouTube (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland). These are external links only. No social media plugins are embedded on this website that would transmit data to these platforms when the page loads. Data is only transmitted when you actively click on the respective link and visit the platform.
LinkedIn Privacy Policy: https://www.linkedin.com/legal/privacy-policy | Google/YouTube Privacy Policy: https://policies.google.com/privacy
8. Contact by Email or Telephone
When you contact us by email, telephone, or other means, we process the information you provide, such as your name, contact details, the content of your message, and any related communication metadata. The purpose of this processing is to handle and respond to your enquiry.
Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest in responding to enquiries). Where the enquiry relates to pre-contractual or contractual matters, the legal basis may also be Art. 6 para. 1 lit. b GDPR.
Storage duration: The data will be deleted once the enquiry has been finally resolved, unless statutory retention obligations apply or further processing is necessary.
9. Publication of Personal Data of Project Members
This website publishes personal data of project consortium members (e.g. on the Consortium and Contact pages). The legal basis depends on the category of data:
- Name, role, and institutional affiliation: Art. 6 para. 1 lit. f GDPR (legitimate interest in communicating the project team in the context of a publicly funded EU research project).
- Photographs: Art. 6 para. 1 lit. a GDPR (consent) or Art. 6 para. 1 lit. f GDPR (legitimate interest), depending on the context of the photograph.
- Direct contact details (email address, telephone number): Art. 6 para. 1 lit. a GDPR (consent) or Art. 6 para. 1 lit. f GDPR where publication is necessary for the exercise of project-related functions.
If you are a project member and wish to have your personal data removed or corrected, please contact us at amo@amo.de.
10. Event Photographs
Photographs taken at project events (such as workshops, conferences, and consortium meetings) may be published on this website, in particular in the News & Events section. These photographs may depict identifiable individuals.
Overview and atmosphere photographs of project events may be published on the basis of our legitimate interest in documenting and communicating project activities to the public (Art. 6 para. 1 lit. f GDPR). Close-up photographs or portraits of identifiable individuals are generally published on the basis of consent (Art. 6 para. 1 lit. a GDPR), unless another legal basis applies in the individual case. If you are depicted in a photograph published on this website and wish to have it removed or if you wish to withdraw your consent, please contact us at amo@amo.de. We will process your request without undue delay.
11. Links to Third-Party Websites
Our website may contain links to external websites operated by third parties. This Privacy Policy applies only to our website. We have no influence over the content or data protection practices of linked websites and cannot accept responsibility for them.
12. Your Rights in Detail
Right of Access (Art. 15 GDPR)
You have the right to obtain confirmation as to whether personal data concerning you is being processed, and if so, to receive a copy of that data and further information about the processing.
Right to Rectification (Art. 16 GDPR)
You have the right to request the rectification of inaccurate personal data or the completion of incomplete data.
Right to Erasure (Art. 17 GDPR)
You may request the erasure of your personal data where the data is no longer necessary for the purposes for which it was collected, where consent has been withdrawn, or where the data has been unlawfully processed.
Right to Restriction of Processing (Art. 18 GDPR)
You may request the restriction of processing of your personal data in certain circumstances, e.g. while the accuracy of the data is being verified.
Right to Data Portability (Art. 20 GDPR)
You have the right to receive personal data you have provided to us in a structured, commonly used, and machine-readable format, and to transmit that data to another controller, where technically feasible.
Right to Withdraw Consent (Art. 7 para. 3 GDPR)
Where processing is based on your consent, you have the right to withdraw your consent at any time with effect for the future. The lawfulness of processing carried out before the withdrawal remains unaffected. To withdraw your consent, please contact us at the address listed in Section 1 or adjust your preferences via the cookie banner on this website.
Right to Object (Art. 21 GDPR)
Where we process your personal data on the basis of a legitimate interest (Art. 6 para. 1 lit. f GDPR), you have the right to object to such processing at any time on grounds relating to your particular situation.
Right to Lodge a Complaint (Art. 77 GDPR)
You have the right to lodge a complaint with a supervisory authority. The competent supervisory authority for AMO GmbH in North Rhine-Westphalia is:
Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen (LDI NRW)
Postfach 20 04 44
40102 Düsseldorf
Germany
Website: https://www.ldi.nrw.de
13. Data Security
This website uses SSL/TLS encryption to protect the transmission of confidential content. An encrypted connection is indicated by the padlock icon in your browser and by the “https://” prefix in the address bar.
We implement appropriate technical and organisational measures to protect your personal data against accidental or unlawful destruction, loss, alteration, and unauthorised disclosure or access.
14. Changes to This Privacy Policy
We reserve the right to update this Privacy Policy from time to time to reflect changes in legal requirements or to our data processing practices. The current version is always available on this website.