1. General information on the processing of personal data
(1) The protection of your personal data is of particular importance to us. In the following we would therefore like to inform you in detail which personal data is processed when using our websites and offers.
(2) The person responsible pursuant to Art. 4 No. 7 of the General Data Protection Regulation ("GDPR") shall be
Beacon Medical Germany GmbH
(3) You can reach our data protection officer at firstname.lastname@example.org or by post at our address with the addition "the data protection officer".
(4) We process personal data only in compliance with the relevant data protection regulations. This means that the data will only be processed if legal permission has been obtained. I.e., in particular if the data processing is necessary for the provision of our contractual services and online services, or is required by law, consent is given, as well as due to our legitimate interests (i.e. interest in the analysis, optimization and economic operation and security of our online services within the meaning of Art. 6 para. 1 lit. f GDPR).
(5) The legal basis for the consents is Art. 6 para. 1 lit. a and Art. 7 GDPR, the legal basis for the processing to fulfil our services and carry out contractual measures is Art. 6 para. 1 lit. b GDPR, the legal basis for the processing to fulfil our legal obligations is Art. 6 para. 1 lit. c GDPR, and the legal basis for the processing to safeguard our legitimate interests is Art. 6 para. 1 lit. f GDPR.
2. Data processing when visiting our websites
(1) When using our web pages for purely informational purposes, i.e. if you do not make an enquiry, log in or otherwise provide us with personal information, we process the data that your browser transmits to our server and which is technically necessary to display our web pages for you and to guarantee stability and security:
- IP address,
- Date and time of the request,
- Duration of the website visit,
- Time zone difference to Greenwich Mean Time (GMT),
- Content of the request (concrete page),
- Access status/HTTP status code,
- the amount of data transferred in each case,
- Web page from which the request comes,
- Websites that you visit on our site,
- Internet Service Provider,
- Browser type,
- Server Log Files,
- operating system and its interface,
- Language and version of the browser software.
(2) The legal basis is Art. 6 para. 1 sentence 1 lit. f GDPR, namely our legitimate interest in the presentation of the websites accessed.
3. Data processing during the establishment of contact
When you contact us by e-mail, telephone or via a contact form, the data you provide (e.g. e-mail address, name, telephone number or the content of the enquiry) will be processed by us in order to answer your questions and/or process your request. The legal basis is Art. 6 (1) (b) GDPR.
4. Data processing for the execution of the contract
(1) If you provide us with your contact, communication or contract data, we will process these for the fulfilment, processing and invoicing of the contractual services. A contract cannot be concluded without their specification. Your data will be passed on to service providers (service providers, operators of communication applications, etc.) for the aforementioned purpose who may support us, who we have of course carefully selected and who are bound by our instructions. These are in particular technical service providers who support us in the provision of services.
(2) The legal basis is the existing contractual relationship or pre-contractual measures (Art. 6 para. 1 sentence 1 lit. b GDPR).
(1) In addition to the aforementioned data, cookies are stored on your terminal device when you use our website. Cookies are small text files that are stored on your hard drive and assigned to your browser and provide us with information. They serve to make our website more user-friendly and effective. The legal basis is Art. 6 para. 1 sentence 1 lit. f GDPR, namely our legitimate interest in improving the user-friendliness of our website and in evaluating our online marketing activities.
(2) You can configure your browser settings according to your wishes and thus e.g. refuse the acceptance of cookies. We would like to point out that in this case you may not be able to use all the functions of our website.
5.1 Google Analytics
(2) However, if IP anonymisation is activated, Google will previously shorten your IP address within Member States of the European Union or in other signatory states to the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there. IP anonymization is active in our web service. On our behalf, Google will use this information to evaluate the use of our websites, to compile reports on activities and to provide us with other services related to website and Internet use.
(1) Our website uses the password protection "DocCheck" for certain subpages via an API to restrict access to individual groups of persons. Provider is the DocCheck Medical services GmbH, Vogelsanger Str. 66, 50823 Cologne. By entering your login data in the integrated login window, your data is transferred directly to DocCheck. The information generated by these cookies is only transferred to DocCheck servers and is not shared with us or any other third party.
(2) The DocCheck password protection is used to comply with legal requirements which require access to specific medical groups for certain information. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. When using the DocCheck password, DocCheck collects your user ID, your IP address, the website IDs of the respective partner websites on which you have logged in, and the date for security purposes. This data is used to compile anonymous statistics to improve DocCheck's services. Personal user profiles that provide information about your individual access habits are not created.
(3) You can find more information on the handling of user data in DocCheck's data protection declaration: http://info.doccheck.com/de/privacy/
(1) We send e-mails and other electronic notifications with advertising information (hereinafter "Newsletter") only with your consent or legal permission. The newsletters contain information about our products, offers, promotions and our company. By subscribing to our newsletter, you agree to receive it.
(2) The use of a shipping service provider, the performance of statistical surveys and analyses and the recording of the registration procedure shall be based on our legitimate interests pursuant to Art. 6 para. 1 lit. f GDPR. Our interest is in the use of a user-friendly and secure newsletter system that serves our business interests and meets your expectations.
(3) You can revoke your consent to receive our newsletter at any time. You will find a link for revocation at the end of each newsletter.
7. Ninja Forms
We use Ninja Forms, an offer of WP Ninjas LLC, P.O. Box 401, Cleveland, Tennessee, 37364, United States, which enables us to create and evaluate intelligent and at the same time individual forms.
You can find out more about Ninja Forms' data processing at: https://ninjaforms.com/gdpr-compliance-wordpress-forms/.
8. Your rights
(1) You have the following rights against us with regard to your personal data:
- Right of access (Art. 15 GDPR),
- Right to rectification and cancellation (Art. 16 and 17 GDPR),
- Right to limitation of processing (Art. 18 GDPR),
- Right to object to the processing (Art. 21 GDPR),
- Right to data transferability (Art. 20 GDPR).
(2) You also have the right to complain to the data protection supervisory authority about the processing of your data by us.
(3) We draw your attention to the fact that you can revoke any data protection consent you may have given us at any time with effect for the future. The same applies to consent to advertising. The best way to do this is to send an informal e-mail to: email@example.com. The respective revocation may lead to the fact that our offers can no longer be made available to you or only to a limited extent.
(4) If we base the processing of your personal data on a weighing of interests (Art. 6 Para. 1 S. 1 lit. f GDPR), you may object to the processing. In the event of such an objection, we ask you to explain the reasons why we should not process your personal data as we have done. In the event of your justified objection, we will examine the facts and either discontinue or adapt the data processing or point out our compelling reasons worthy of protection on the basis of which we will continue the processing.
9. Disclosure of data to third parties and third-party providers
(1) We will only pass on your data to third parties if this is necessary for contractual purposes, e.g. on the basis of Art. 6 para. 1 lit. b) GDPR or on the basis of legitimate interests pursuant to Art. 6 para. 1 lit. f) GDPR. GDPR can be justified.
(2) If we use subcontractors to provide our services, we shall take appropriate legal, technical and organisational measures to ensure the protection of personal data in accordance with the relevant legal requirements.
(3) If third party providers are indicated in the context of this data protection declaration and their registered office is located in a third country, it is to be assumed that a data transfer takes place in the countries where the third-party provider is located. We only process your data in a third country if it is necessary to fulfil our (pre)contractual obligations (Art. 6 para. 1 lit. b GDPR), on the basis of your consent (Art. 6 para. 1 lit. a GDPR), on the basis of a legal obligation (Art. 6 para. 1 lit. c GDPR) or on the basis of our legitimate interests (Art. 6 para. 1 lit. f GDPR). The same applies to the processing by third parties on our behalf, the disclosure of your personal data to third parties and their transfer to third parties.
10. Data deletion
(1) The data stored by us will be deleted as soon as they are no longer required for their intended purpose and there are no legal obligations to retain them. If the data are not deleted because they are required for other and legally permissible purposes, their processing will be restricted. This means that the data will be blocked and not processed for other purposes. This applies, for example, to data that must be stored for commercial or tax reasons.
(2) According to legal requirements, the documents shall be stored for six years in accordance with § 257 para. 1 HGB (commercial books, inventories, commercial letters, accounting records, etc.) and for ten years in accordance with § 147 para. 1 AO (books, records, management reports, accounting records, commercial and business letters, documents relevant for taxation, etc.).
11. Final provisions
(1) We use technical and organizational security measures to protect your data, in particular against accidental or intentional manipulation, loss, destruction or attack by unauthorized persons. Our security measures are continuously improved in line with technological developments.