Imprint

Marvel Fusion GmbH
Theresienhöhe 12
80339 Munich
Germany
info@marvelfusion.com

registered with the local court of Munich
under HRB 249969
managing directors:
Moritz von der Linden, Dr. Georg Korn, Heike Freund
UStID: DE325385329

For applicants, please see the Applicants Data Protection Declaration

EU online dispute resolution

Photo Credits

Homepage: 1 GettyImages; 2 Lawrence Livermore National Laboratory; 3 Photo courtesy Los Alamos National Laboratory; all other GettyImages

Technology: GettyImages

Fusion Energy: GettyImages

Team: Photographer Quirin Leppert

Research: ELI Beamlines laser centre, Czech republic; Max-Planck-Institute for Quantum Optics, Photographer Thorsten Naeser

Join us: GettyImages

I. Introduction

In the following, we inform you about the processing of your personal data, in particular regarding personal data which we obtain from you in connection with (i) any relationship we may have with you or your organization, or (ii) your use of our website or e-mail communication with us. If you are our employee or a job applicant, please refer to the separate, more specific data protection declarations provided to you https://marvelfusion.com/applicants/. Personal data means any information relating to an identified or identifiable natural person.

We reserve the right to adapt this data protection declaration with effect for the future, in particular in the event of further developments of the website, the use of new technologies or changes to the legal basis or the corresponding jurisdiction. We recommend that you read the data protection declaration from time to time and keep a printout or copy for your records.

II. Controller/data protection officer

The data controller pursuant to Art. 4(7) of the EU General Data Protection Regulation (“GDPR”) is Marvel Fusion GmbH, Theresienhöhe 12, 80339 Munich, Germany, represented by the CEO Moritz von der Linden, info@marvelfusion.com (herein referred to as “we” or “us”).

You can reach our data protection officer at privacy@marvelfusion.com or our above postal address with the addition “the data protection officer”.

III. Which personal data do we process?

We may process in particular the following personal data from you:

• Business information, including information provided as part of the contractual or customer relationship between you or your organization and us or otherwise voluntarily provided by you or your organization;
• Identity and contact data, including name, title, address, email address, telephone number, date of birth, employment history, education and/or professional background, tax status, job title and function, and other personal data relevant to the relationship between you or your organization and us;
• Financial and payment information, including your bank account information and other information necessary to process payments and prevent fraud;
• Physical credentials relating to details of your visits to our premises;
• Profile and usage data, including your preferences in receiving marketing information, your communication preferences and information about how you use our website, including the services you view or search for, page response time, download errors, visit duration and page interaction information (such as scroll, click and mouse-over events); and
• Access Data as described below in section B.I.

There is no obligation to provide us with your personal data. However, if personal data is required for the provision of a service, the provision is necessary if you wish to make use of these services.

IV. How do we collect your personal data?

We may collect your personal data in particular under the following circumstances:

• When you or your organization offer or provide services to us or otherwise a contractual relationship exists or is being negotiated;
• When the personal data is provided to us by a third party (such as a recruiter or a member of your organization);
• When you contact us by telephone, email or other electronic means or in writing, or when you provide us with other information directly;
• When you or your organization are active on our website, fill out a form, submit an inquiry or otherwise interact on our website or other online platforms.

V. For which purposes do we process your personal data?

We may process your personal data in particular for the following purposes:

• The provision of services and the conclusion and performance of contracts with you or your organization (including registering you as a contact, providing and receiving services by you and your organization; accounting, auditing, and other steps related to the conduct of our business relationship);
• For human resources purposes (including recruitment);
• To ensure compliance with legal obligations, legal orders and our policies;
• For insurance purposes;
• Exercising and defending our legal rights and complying with court orders;
• Regulating access to our business premises and for security purposes;
• Protecting the security of our communications and other systems and preventing and detecting security threats, fraud or other criminal or malicious activity;
• Marketing and promotion of our services and processing information about your preferences in order to personalize and improve the quality of our communications with you;
• In connection with an investment; reorganization, restructuring, merger, acquisition, or transfer of shares or assets of us.

VI. Legal Basis

The legal basis for processing your personal data includes one or more of the following:

• You have given consent to the processing of your personal data for one or more specific purposes (Art. 6 (1)(a) GDPR);
• Processing is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract (Art. 6 (1)(b) GDPR);
• Processing is necessary for compliance with a legal obligation to which we are subject (Art. 6 (1)(b) GDPR); and
• Processing is necessary for legitimate interests pursued by us or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms (Art. 6 (1)(f) GDPR).

VII. Who can access your personal data?

Depending on the specific situation, your personal data may be accessed by our management team, the department you or your organization is working with, and our legal, finance, accounting, IT, PR, People, science and tech and/or administrative teams.

In addition, we may disclose your personal data to other people in your organization and third parties, including our contractors in connection with services they perform for us, e.g. data processing service providers such as Microsoft, Kumavision, Personio, PinPoint, Google, PushK, Greenhouse, research institutions, professional advisors or consultants. We may also disclose your personal data to our subsidiaries in particular Marvel Fusion Inc. We may further disclose your personal data to courts, law enforcement agencies, government authorities and (potential) investors. We may also transfer your personal data to third parties in connection with an investment, reorganization, restructuring, merger, acquisition, or transfer of shares or assets of us.

This may include recipients in countries outside the European Economic Area that do not offer the same level of data protection as the country in which you are located and whose level of data protection has not been recognized as adequate by the European Commission. Such transfers will only be conducted if the requirements pursuant to Art. 44 et seq. GDPR are met, in particular if standard contractual clauses have been entered into and respective transfer impact assessments have been conducted or if you have given your consent pursuant to Art. 49(1)(a) GDPR.

VIII. Security of Processing

We use appropriate technical and organizational measures to protect your personal data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

Within your visit to our website, we use Transport Layer Security v1.2 or higher. You can tell whether an individual page of our website is encrypted by the closed key or lock symbol in the lower status bar of your browser.

IX. Your rights

You have the following rights with regard to your personal data:

• Right of access (Art. 15 GDPR);
• Right to rectification (Art. 16 GDPR) or erasure (Art. 17 GDPR);
• Right to restriction of processing (Art. 18 GDPR);
• Right to object to processing (Art. 21 GDPR);
• Right to withdraw consent (Art. 7(3) GDPR); and
• Right to receive the personal data in a structured, commonly used and machine-readable format and have those personal data be transmitted to another controller if the prerequisites of Art. 20(1)(a,b) GDPR are met.

You can exercise your rights by notifying the contacts listed in section A.II. above. You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us (Art. 77 GDPR).

X. How long to we retain your personal data?

We will retain your personal data only for as long as it is necessary to fulfill the respective purposes. This includes the fulfillment of legal, accounting or reporting obligations and, to the extent necessary for us to assert or defend potential legal claims, until the expiry of the relevant retention period or until the relevant claims have been settled. After the respective retention period has expired, we will destroy your personal data in accordance with applicable laws and regulations.

B. Specific Provisions for website use

In particular, we would like to inform you in more detail about the processing of your personal data collected when using our website or contacting us for HR purposes:

I. Informational use of our website

In the case of a merely informational use of our website, i.e. if you do not register or otherwise submit information to us, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data

• IP address;
• Date and time of the request;
• Time zone difference to Greenwich Mean Time;
• Content of the request (specific page);
• Access status/HTTP status code;
• Amount of data transferred in each case;
• Website from which the request comes;
• Browser type, language and version of the browser, and
• Operating system

(together “Access Data”),

which is technically necessary for us to ensure the functionality, stability and security of the website and our information technology systems (legal basis is Art. 6(1)(f)GDPR).

The Access Data is deleted when it is no longer necessary to achieve the purpose of its processing, which is generally the case after thirty days at the latest; processing beyond this is possible in individual instances.

You may object to the processing. Your right to object exists for reasons arising from your particular situation. We will not further process your Access Data unless we can demonstrate compelling legitimate interests for the processing which override your interests, rights and freedoms, or if the processing serves the purpose of asserting, exercising or defending legal claims (Article 21(1) GDPR). In the event of your justified objection, we will review the factual situation and either discontinue or adapt the data processing or show you our compelling legitimate interests on the basis of which we will continue the processing. You can send us your objection via the contact details listed in section A.2.

II. Cookies

III. HR-Data

Cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard drive associated with the browser you are using and through which we receive certain information. They serve to make the internet offer as a whole more user-friendly and effective. Cookies cannot execute programs.

Some elements of our website require that your browser can be identified even after a page change. The user data collected by such technically necessary cookies is not processed to create user profiles. We also use so-called “session cookies”, which store a session ID that can be used to assign various requests from your browser to the joint session. Session cookies are necessary for the use of the website. In particular, they allow us to recognize the terminal device used when you return to the website. We use this cookie to recognize you on subsequent visits to the website. The legal basis for this processing is Art. 6(1)(f)GDPR. The session cookies are deleted as soon as you log out or close the browser.

You can object to the processing. Your right to object exists for reasons arising from your particular situation. We will not further process your data unless we can demonstrate compelling legitimate interests for the processing which override your interests, rights and freedoms, furthermore, if the processing serves the purpose of asserting and exercising or defending against legal claims (Article 21(1) DSGVO). By changing the settings in your internet browser, you can disable or restrict the transfer of cookies. Cookies that have already been stored, can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to fully use all functions of the website.

For detailed information on the processing of your personal data in connection with recruiting activities, please refer to our Applicants Data Protection Declaration: https://marvelfusion.com/applicants/.

Our website provides the option to submit job applications through our recruiting website. The personal data transmitted as part of your application is stored in a database. The databases are operated by Personio GmbH (“Personio”), which offers a personnel administration and applicant management software (https://www.personio.de/impressum/), The Infuse Group (“PinPoint”) and Greenhouse Software, Inc. (“Greenhouse”). In this context, Personio, PinPoint and Greenhouse are our processors according to Art. 28 GDPR.

If you submit personal information through our recruiting website and your application does not result in an employment relationship, your personal data will be deleted three months after the end of the application process, unless you have given us your consent in accordance with Art. 6(1)(a) GDPR for longer-term storage of your personal data to be able to consider you for new job offers. This is done to fulfill legal obligations or to defend against any claims arising from legal regulations. Subsequently, we are obliged to delete or anonymize your data. In this case, the data is only available to us as so-called metadata without direct personal reference for statistical evaluations (for example, proportion of women or men in applications, number of applications per period, etc.). If you receive an offer of employment with us as part of the application process and accept it, we will store the personal data collected as part of the application process for at least the duration of the employment relationship.