1. General selection
1.1 What are personal data
Personal data is information that reveals or can reveal the identity of the user. We adhere to the principle of data avoidance. As far as possible, the collection of personal data is dispensed with.
1.2 Handling of personal data
Personal data are used exclusively for establishing a contract, structuring the content, executing or processing the contractual relationship (Art. 6 I S. 1 b GDPR).
In addition, personal data will only be processed insofar as we have received your consent (Art. 6 I S. 1 a GDPR) or it is data whose processing is necessary for our legitimate interests and insofar as the balance shows that none oppose overriding interests, fundamental rights or fundamental freedoms on your part (Art. 6 I S. 1 f GDPR).
We can use contract processors to process your personal data, but we will generally not pass the personal data on to third parties.
The data will only be passed on to the shipping company commissioned with the delivery to fulfill the contract, insofar as this is necessary for the delivery of the goods ordered. To process payments, the payment data required for this will be passed on to the credit institute commissioned with the payment and, if applicable, the commissioned and selected payment service provider.
Your personal data will only be processed within the EU, unless otherwise stated below.
1.3 Usage data
General technical information is collected when you visit the website. These are the IP address used, time, duration of the visit, browser type and, if applicable, the page of origin. For technical reasons, this usage data is registered in a log file and can be used and saved for the purpose of statistical analysis of this website. There is no link between this usage data and your other personal data.
1.4 Duration of storage
After the end of the purpose for which the data was collected, we only save your personal data for as long as this is required by law (especially tax law).
2. Your rights
You can request information from us as to whether we process your personal data and, if this is the case, you have the right to information about this personal data and the further information specified in Art. 15 GDPR.
2.2 Right to Correction
You have the right to have your incorrect personal data corrected and, in accordance with Art. 16 GDPR, you can request the completion of incomplete personal data.
2.3 Right to deletion
You have the right to ask us to delete your personal data immediately. We are obliged to delete them immediately, in particular if one of the following reasons applies:
- Your personal data are no longer necessary for the purposes for which they were collected or otherwise processed.
- You withdraw your consent on which the processing of your data was based and there is no other legal basis for the processing.
- Your data has been processed unlawfully.
The right to deletion does not exist if your personal data are required to assert, exercise or defend our legal claims.
2.4 Right to restriction of processing
You have the right to request that we restrict the processing of your personal data if
- You contest the accuracy of the data and we therefore check the accuracy,
- the processing is unlawful and you refuse to delete it and instead request that it be restricted
- we no longer need the data, but you need it to assert, exercise or defend legal claims,
- You have objected to the processing of your data and it is not yet certain whether our legitimate reasons outweigh your reasons.
2.5 Right to data portability
You have the right to receive the personal data concerning you, which you have provided to us, in a structured, common and machine-readable format and you have the right to transmit this data to another person in charge without hindrance from us, provided that the processing is based on consent or is based on a contract and the processing is carried out by us using automated processes.
2.6 Right of withdrawal
If the processing of your personal data is based on consent, you have the right to revoke this consent at any time.
2.7 General selection and right of appeal
Exercising your above rights is basically free of charge for you. If you have any complaints, you have the right to contact the supervisory authority responsible for us, the state data protection officer.
3. Data security
3.1 Data security
All data on our website are secured against loss, destruction, access, modification and dissemination using technical and organizational measures.
3.2 Sessions and Cookies
Here you will find the domain, the name and the duration of the cookies that are only used with your consent.
If you register for our newsletter, we use the data required for this or separately provided by you in order to regularly send you our e‑mail newsletter based on your consent in accordance with Art. 6 Para. 1 S. 1 lit.
You can unsubscribe from the newsletter at any time and you can either send us a message using the contact options given in the imprint or the link provided in the newsletter. After unsubscribing, we will delete your e‑mail address unless you have expressly consented to further use of your data or we reserve the right to use data beyond this, which is permitted by law and about which we will inform you in this declaration.
5. Presence on social media platforms
We use the following social media platforms for company presentation and communication (express reference is made to the data protection declarations and opt-out options linked below).
Facebook (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland)
Data protection declaration: https://www.facebook.com/about/privacy/
Opt-out: https://www.facebook.com/settings?tab=ads alternatively http://www.youronlinechoices.com
Twitter (Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA)
Data protection declaration: https://twitter.com/de/privacy
Instagram (Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA)
Data protection declaration and opt-out: http://instagram.com/about/legal/privacy/.
LinkedIn (LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland)
Data protection declaration https://www.linkedin.com/legal/privacy-policy
Xing (XING AG, Dammtorstraße 29–32, 20354 Hamburg, Germany)
Data protection declaration and opt-out: https://privacy.xing.com/de/datenschutzerklaerung.
YouTube (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland)
Data protection: http://www.youtube.com/t/privacy/.
These social media platforms may process personal data outside the EU, we refer to the above data protection declarations of the social media platforms.
The respective social media platforms can, if necessary, use your usage behavior and the resulting interests and actions on your part to create user profiles and save cookies on your computer, in which your usage behavior is saved. If you have an account on the respective social media platform and are logged in, your usage behavior can even be saved regardless of the device. Your usage profile can be used, for example, to place advertisements that presumably correspond to your interests.
We process the personal data exclusively to communicate with you via the social media platform you have chosen and to optimize our online presence and ensure that this does not affect any interests on your part that outweigh this legitimate interest on our part (Art. 6 I p. 1 f GDPR). If you have already given the respective operator of the social media platform effective consent to the corresponding data processing, your personal data will also be processed on the basis of this consent (Art. 6 I S. 1 a GDPR).
6. Third Party Services
6.1 Google Analytics
This website uses Google Analytics, a web analysis service from Google, operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”) and collects and stores data via this web analysis service, from which usage profiles are created using pseudonyms become. The usage profiles created in this way are used to evaluate visitor behavior in order to design and improve the offerings presented on this website as required. Google Analytics uses so-called “cookies”, small text files that are stored on your computer and that enable your use of the website to be analyzed. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. If IP anonymization is activated on this website, your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. The full IP address will only be transmitted to a Google server in the USA and shortened there in exceptional cases. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide the website operator with other services relating to website activity and internet usage. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. The usage profiles managed under a pseudonym are also not merged with the personal data about the user without the express and separately declared consent of the user. Thus, the assessment shows that there are no overriding interests on your part (Art. 6 I S. 1 f GDPR). You can prevent the storage of cookies by setting your browser software accordingly; we would like to point out, however, that in this case you may not be able to use all functions of this website to their full extent. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by clicking on the following link (http: // tools.google.com/dlpage/gaoptout?hl=de) download and install the available browser plug-in.
6.2 Social media links and social sharing
We have our own social media pages with the third-party providers that can be reached via links from this website. Using the links will take you to the respective websites of the third party providers (e.g. Facebook, Twitter, Instagram) and you can also share our content. There is no data transfer when you visit our website. To avoid unnecessary data transfer, we recommend logging out of the respective third-party provider before using a corresponding link, so that usage profiles cannot be created by the third-party provider just by using the link.
6.3 Use of Facebook plugins
This website uses plugins from the social network www.facebook.com, which is operated by Facebook Inc. 1 Hacker Way, Menlo Park, CA 94304, USA (“Facebook”). The body responsible for processing the information collected by Facebook is Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland.
If you visit our website with such a plug-in, a connection to the Facebook servers is established and the plug-in is activated on the website by notifying your browser. This will tell the Facebook server which of our websites you have visited. If you are logged in as a member of Facebook, Facebook will assign this information to your personal Facebook user account. When using the plug-in functions (e.g. clicking the “Like” button, submitting a comment), this information is also assigned to your Facebook account, which you can only prevent by logging out before activating the plug-in. For more information on the collection and use of data by Facebook, your rights in this regard and options for protecting your privacy, see the Facebook data protection information at https://www.facebook.com/about/privacy/.
6.4 Use of Instagram
Links to the social network Instagram are integrated on these pages. The connection to Instagram is established via the “Instagram icon” on our site. The operator of the social network is Instagram Inc., 1 Hacker Way, Menlo Park, California 94025, USA (“Instagram”). If you click on the “Instagram icon” while you are logged into your Instagram account, you can link the content of our pages to your Instagram profile. This enables Instagram to assign your visit to our website to your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the data transmitted or its use by Instagram. Further information on Instagram’s data protection declaration can be found at https://help.instagram.com/155833707900388/.
6.5 Use of Google Maps
This website uses Google Maps, a Google map service operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). When using Google Maps, data about the use of the maps functions by visitors to the website are also collected, processed and used. This does not affect the interests of the users that outweigh the technical necessity of integrating the interactive map material (Art. 6 I S. 1 f GDPR). You can view Google’s data protection information at http://www.google.de/intl/de/policies/privacy/. You can see the additional usage information for Google Maps at http://www.google.com/intl/de_de/help/terms_maps.html.
6.6 Use of Youtube
This website and the integrated offers contain so-called embeddings of videos on YouTube. These enable the connection to YouTube and the videos stored there. YouTube is an offer from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). This does not affect the interests of the users that outweigh the technical necessity of integrating the videos (Art. 6 I S. 1 f GDPR). The purpose and scope of the data collection and data use by Google as well as your rights and setting options for protection as a YouTube customer can be found in the YouTube data protection information. You can find this at: http://www.youtube.com/t/privacy/.
6.7 Google Web Fonts
We use so-called web fonts from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”) in order to be able to show you a uniform font on our website. When you visit one of our pages, these are automatically saved in your browser cache to enable the desired display. If your browser does not support the web fonts used, a standard font from your computer may be used. This does not affect the interests of the users that outweigh this technical necessity (Art. 6 I S. 1 f GDPR). You can view Google’s data protection declaration here: https://www.google.com/policies/privacy/ Further information on Google Web Fonts can be found at https://developers.google.com/fonts/faq
6.8 Active Campaign
This website uses the services of ActiveCampaign to send newsletters and for the live chat function. The provider is ActiveCampaign, LLC, 1 North Dearborn Street, 5th floor, Chicago, Illinois (USA) 60602.
ActiveCampaign is certified according to the “EU-US Privacy Shield”. The “Privacy Shield” is an agreement between the European Union (EU) and the USA that aims to ensure compliance with European data protection standards in the USA. If you enter data for the purpose of subscribing to the newsletter and / or to use the live chat function (e.g. e‑mail address), this and the communication will be stored on ActiveCampaign’s servers in the USA.
6.8.1 Sending newsletters
ActiveCampaign is a service with which, among other things, the dispatch of newsletters can be organized and analyzed. If you enter data for the purpose of subscribing to the newsletter (e.g. email address), it will be stored on ActiveCampaign’s servers in the USA.
With the help of ActiveCampaign we can analyze our newsletter campaigns. When you open an email sent with Active Campaign, a file contained in the email (so-called web beacon) connects to the ActiveCampaign servers in the USA. In this way it can be determined whether a newsletter message has been opened and which links have been clicked. Technical information is also recorded (e.g. time of access, IP address, browser type and operating system).
This information cannot be assigned to the respective newsletter recipient. They are used exclusively for the statistical analysis of newsletter campaigns. The results of these analyzes can be used to better adapt future newsletters to the interests of the recipients.
If you do not want an analysis by ActiveCampaign, you have to unsubscribe from the newsletter. We provide a link for this in every newsletter message. You can also unsubscribe from the newsletter directly on the website.
The data processing takes place on the basis of your consent (Art. 6 Para. 1 lit. a GDPR). You can revoke this consent at any time by unsubscribing from the newsletter.
The legality of the data processing operations that have already taken place remains unaffected by the revocation.
The data you have stored with us for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted from our servers as well as from the ActiveCampaign servers after you unsubscribe from the newsletter. This does not affect data that we have saved for other purposes.
Link to the Privacy Shield certification: https://www.privacyshield.gov / participant? id = a2zt0000000GnH6AAK
6.8.2 Live chat
You can use the live chat like a contact form to chat with our employees in almost real time. When the chat starts, the following personal data is collected.
- Date and time of the call,
- Browser type / version,
- IP address,
- operating system used,
- URL of the previously visited website,
- Amount of data sent.
- And if given: first name, surname and email address.
In addition, Active Campaign analyzes the live chat communication for us to find out which is the most effective channel for each individual contact
Depending on the course of the conversation with our employees, additional personal data may arise in the chat that you enter. The type of this data depends heavily on your request or the problem you describe to us. The processing of all this data serves to provide you with quick and efficient contact options and thus to improve our customer service.
When you visit our website, the chat widget is loaded. The chat widget technically represents the source code that is executed on your computer and enables the chat.
The history of the live chat is saved indefinitely. The purpose of this is to save you extensive explanations about the history of your request and to ensure constant quality control of our live chat offer. Processing is therefore permitted in accordance with Art. 6 Paragraph 1 Letter f GDPR.
If you do not wish this, you are welcome to inform us using the contact details listed below. Saved live chats will then be deleted by us immediately.
The storage of the chat data also serves the purpose of ensuring the security of our information technology systems. This is also our legitimate interest, which is why processing is permissible according to Art. 6 Paragraph 1 Letter f GDPR.
Link to the Privacy Shield certification: https://www.privacyshield.gov / participant? id = a2zt0000000GnH6AAK
7. Contacting us
To contact us regarding data protection, please feel free to contact us using the contact options below. Responsible according to the GDPR:
Baldus Medizintechnik GmbH
On the sheepfold 5
56182 Urbar am Rhein
Telephone: 0049 261/96 38 926–0