Privacy Notice

1. Controller

Responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is:

iODIN GmbH
Schanzenstr. 87
40549 Düsseldorf
Germany

Managing Director: Dr. med. dent. Rolf G. Winnen, M.A.
E-Mail: info@iodin.de

2. Principle: Data Minimization

We operate this website with the explicit objective of data minimization. Specifically, this means:

• We do not use cookies.
• We do not use tracking, analytics, or marketing tools.
• We do not operate web forms and do not store personal data entered via the website.
• We do not use social media plug-ins.
• We do not load fonts, scripts, or other content from third-party servers. The website uses a local system font stack and embedded or self-served image files.

Contact is made exclusively via the e-mail addresses linked in the imprint and on the website. When you click on such a contact link, your local e-mail application opens with a pre-filled message. The processing of the e-mail sent in this way then takes place exclusively on your e-mail provider's systems and our mailbox, not via the website itself.

3. Server Logfiles

Each time you access an Internet page, your browser technically necessarily transmits certain data to the server providing the page. This data is temporarily stored by our website's hosting provider in so-called logfiles. The following data is collected:

• IP address of the requesting device
• Date and time of access
• Page accessed and data transmitted
• HTTP status code
• Browser used, operating system, and language (User-Agent)
• Referrer URL, if transmitted

Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest in technically error-free and secure website operation and in defending against attacks).

Storage period: These logfiles are automatically deleted after 30 days, unless a concrete security incident requires longer retention. No consolidation of this data with other data sources or person-related analysis takes place.

Data processor: With the hosting of our website, IONOS SE, Elgendorfer Str. 57, 56410 Montabaur, Germany, has been commissioned as a data processor pursuant to Art. 28 GDPR. A data processing agreement (DPA) has been concluded with the provider.

4. Contact by E-Mail

At several points on our website you will find buttons such as "Investor inquiry", "OEM & strategic partnership", or "Media & clinical partners". When you click on these, your local e-mail application opens with a pre-filled message to our contact address info@iodin.de. No data processing takes place on our website; in particular, your entries are not transmitted to our servers before you send the e-mail.

As soon as you send us an e-mail, we process the personal data transmitted in the e-mail (name, e-mail address, content of the message, and any further information you provide voluntarily) exclusively to answer your inquiry and to communicate with you.

Legal basis: Art. 6 para. 1 lit. b GDPR (initiation or performance of pre-contractual measures) or Art. 6 para. 1 lit. f GDPR (legitimate interest in answering inquiries).

Storage period: We store your inquiry and the associated correspondence as long as this is required for processing and no statutory retention periods apply. Inquiries not resulting in further business relationship will be deleted no later than 24 months after receipt. Applicable commercial or tax law retention obligations remain unaffected.

Note: Transmission by unencrypted e-mail carries inherent risks. If you wish to transmit sensitive information, please contact us to arrange a secure communication method.

5. External Fonts and Scripts

This website deliberately refrains from including external resources from third-party servers. No fonts, icons, or JavaScript libraries are obtained from external CDNs. This means your IP address is not transmitted to third parties when you access the page.

6. Your Rights as a Data Subject

Insofar as personal data relating to you is processed, you have the following rights against the controller:

• Right to access (Art. 15 GDPR)
• Right to rectification (Art. 16 GDPR)
• Right to erasure (Art. 17 GDPR)
• Right to restrict processing (Art. 18 GDPR)
• Right to data portability (Art. 20 GDPR)
• Right to object (Art. 21 GDPR)
• Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)

Competent supervisory authority: LDI NRW, Kavalleriestraße 2-4, 40213 Düsseldorf, Germany; postal address: Postfach 20 04 44, 40102 Düsseldorf, Germany.

To exercise your rights, a simple e-mail to info@iodin.de is sufficient.

7. Data Security

We use encryption during your website visit according to the current state of the art (TLS, recognizable by the "https://" in your browser's address bar). We have implemented technical and organizational security measures to protect your data against manipulation, loss, and unauthorized access. Our security measures are continuously adapted in line with technical developments.

8. No Automated Decision Making

We do not use any automated decision-making, including profiling, within the meaning of Art. 22 GDPR.

9. Changes to This Privacy Notice

We reserve the right to amend this privacy notice if changes to the website or legal requirements make this necessary. You can always access the current version on our website.

Last updated: May 2026