Collection and processing of personal data
In principle, it is possible to use our internet pages without providing any personal information. However, if you wish to make use of special services provided by our company on our website, it may be necessary for us to process your personal data. If we have to process personal data and there is no legal basis for such processing, we generally obtain the consent of the person affected.
What cookies do we use?
Anonymous data collection
You can visit our website without actively providing any personal information. However, we automatically store access data (server log files) every time the website is accessed. This data is evaluated solely for the purpose of improving our services and does not allow any conclusions to be drawn about you. This data is not combined with other data sources. Article 6(1) GDPR constitutes the legal basis for the processing of data.
We process and use data for the following purposes:
- Deployment of medica web pages,
- Improvement of our web pages and
- Prevention and detection of errors/malfunctions as well as misuse of the web pages.
This kind of data processing takes place either to fulfil the contract for the use of the medica web pages or we pursue a legitimate interest in ensuring the functionality and error-free operation of the medica web pages as well as adapting these websites to the users' requirements.
Use of cookie tracking
Use of Google Analytics
This website uses functions of the web analysis service Google Analytics. The provider is Google Inc, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. Google Analytics uses "cookies", i.e. text files that are stored on your computer and that allow an analysis of how you use the website. The information generated by the cookies about your use of this website (including your IP address) is transmitted to a Google server in the USA and stored there. Google will use this information for the purpose of evaluating how you use the website, to compile reports on website activity for website operators, and to provide other services relating to website activity and internet usage. Google may also transfer this information to third parties if this is required by law or if third parties process this data on behalf of Google.
Preventing the storage of cookies
Click here for opt out: Disable Google Analytics
We have activated the IP anonymisation function on this website. As a result, your IP address will be truncated by Google within EU Member States and in other countries that have signed the Agreement on the European Economic Area before being transmitted to the US.
Please note that the code "gat.anonymizeIp" has been added to Google Analytics on this website to ensure anonymous collection of IP addresses (IP masking).
Objection to data collection
Use of Google AdWords
On our website we use Google Conversion Tracking, an analysis service run by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google"). Google AdWords places a cookie on your computer (a conversion cookie) if you reached our website via a Google ad. These cookies expire after 30 days and are not used for personal identification. If you visit some of our pages and the cookie has not expired, we and Google may recognise that someone clicked on the ad and was redirected to our page. Each AdWords customer receives a different cookie. Cookies can therefore not be traced via the websites of AdWords customers. The information collected using the conversion cookie is used to generate conversion statistics for AdWords customers who have opted for conversion tracking. AdWords customers see the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, you will not receive any information that personally identifies users.
Use of Google Maps
We use Google Maps to display maps and to create route maps. Google Maps is operated by Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
By using this website, you consent to Google, one of its representatives or third-party providers collecting, processing and using the data gathered automatically and the data you have entered.
You can find detailed information in the Privacy Centre on google.com: Transparency, choice and privacy at https://policies.google.com/privacy?hl=en-GB&gl=de
Are social media features offered?
Social media features can be used on our website.
When one of these pages is accessed, a connection to the respective social media servers can be established. They will be informed that you have visited our website with your IP address. If you now comment, like or share something and you are logged in to your respective account, it may be possible for the social media platform to assign your visit to our website to you and your user account. Please be aware that, as the provider of these pages, we have no knowledge of the content of the data transmitted and its use.
These services are provided by the following companies:
Provider Facebook Ireland Ltd: Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland
- Opt-Out: https://www.facebook.com/settings?tab=ads
Specific information about Facebook fan pages: When you visit our Facebook fan page, Facebook processes your personal data (Facebook Insights). This data is transmitted to us anonymously by Facebook as part of Facebook Insights. This anonymous data is statistical data about our fanpage subscribers.
In addition, we receive profile data from you when you interact with us or our site, for example when you link or comment on posts, write to us via Facebook or follow our site.
Supplier: LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland
- Opt-Out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out
Specific information about LinkedIn company pages: When you visit our LinkedIn company website, LinkedIn processes your personal data. LinkedIn will use LinkedIn Analytics to provide us with this information in an anonymous form. These anonymous data are statistical data of our followers.
In addition, LinkedIn will inform us of your profile name when you interact with us or our site, e.g. when you link or comment on amounts or follow our site.
Google+ / Youtube
Provider. Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
- Opt-Out: https://adssettings.google.com/authenticated
Specific information about Youtube accounts or channels: When you visit our Youtube site, Youtube processes your personal data. This data is transmitted to us anonymously by Youtube as part of Youtube Creator Studio usage. This anonymous data is statistical data about our channel subscribers.
In addition, Youtube provides us with the user names of your Google+ profile when you interact with us or our site, e.g. by linking or commenting on videos or subscribing to our channel.
If you do not want the social media channel in question to be able to assign your visit to our site to your respective account, you must log out of the respective service before visiting our website.
What do we do with your data? Our services on the website
You can send us inquiries by using a contact form. Your details from the contact form, including the information you provide there, will be stored for the purpose of processing your inquiry and in the event of any follow-up questions. We will not pass on this data without your consent. Article 6(1) GDPR constitutes the legal basis for the collection and processing of data.
The data you enter in the contact form will remain with us until you request us to delete it, your consent for storage is revoked, or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory statutory regulations – in particular retention periods – remain unaffected.
If you send us inquiries or information by e-mail, the details you provide therein (e-mail address, content of your e-mail, subject of your e-mail and date) including the contact data (name, surname, if applicable telephone number, address) will be stored with us for the purpose of processing the inquiry and in the event of follow-up questions. We will not pass on this data without your consent. Article 6(1) GDPR constitutes the legal basis for the collection and processing of data.
Users are advised that e-mails can be read or changed during transmission without authorisation and without being detected. medica uses software to filter unwanted e-mails (spam filter). The spam filter means that e-mails can be rejected if, due to certain attributes, they are mistakenly identified as spam.
The data you have entered will remain with us until you request us to delete it, until you revoke your approval to its storage, or until the purpose for data storage ceases to apply (e.g. after your request has been processed). Mandatory statutory regulations – in particular retention periods – remain unaffected.
Subscription to our newsletter/magazine
You can subscribe to our company newsletter/magazine on our website. The newsletter is how we inform our customers and business partners at regular intervals about the company's services. For this purpose, we require a valid e-mail address from you and information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receiving the newsletter. Further data will either not be collected or collected only on a voluntary basis. For legal reasons, a confirmation e-mail in the double opt-in procedure is sent to the e-mail address entered by the person concerned for the first time when sending out our newsletter. We use this data exclusively for sending the newsletter and do not pass it on to third parties. Article 6(1) GDPR constitutes the legal basis for the collection and processing of data.
When you register for the newsletter, we also store the IP address of the computer system used at the time of registration assigned by the Internet Service Provider (ISP), as well as the date and time of registration. It is necessary for us to collect this data to be able to trace any potential misuse of the e-mail address of a person concerned at a later point in time and is therefore used for our protection.
Newsletter2Go is the newsletter software that we use. Your data will be transmitted to Newsletter2Go GmbH. Newsletter2Go is prohibited from selling your data and using it for purposes other than sending newsletters. Newsletter2Go is a German, certified provider selected in accordance with the requirements of the General Data Protection Regulation and the Federal Data Protection Act (BDSG).
Further information can be found here: https://www.newsletter2go.co.uk/information-for-newsletter-recipients/?_ga=2.201644564.405149940.1527486243-1532077577.1527153493
You can revoke your consent to the storage of your data, the e-mail address and their use for sending the newsletter at any time, e.g. by using the "unsubscribe" link found in each newsletter. The legality of the data processing operations already carried out remains unaffected by this revocation.
We will store the data you provide for the purpose of subscribing to the newsletter until you unsubscribe from the newsletter. This data will then be deleted after you have unsubscribed from the newsletter.
The newsletters contain so-called tracking pixels. A tracking pixel is a miniature graphic that is embedded in e-mails sent in HTML format to enable log file recording and log file analysis. This allows a statistical evaluation of the success or failure of online marketing campaigns to be carried out. Based on the embedded tracking pixels, we can detect whether and when an e-mail was opened by an individual and which links in the e-mail were viewed by the individual.
We store and evaluate personal data collected via the tracking pixels contained in the newsletters on the basis of justified interests in order to optimise newsletter distribution and to adapt the content of future newsletters even better to the interests of the individual concerned. Article 6 (1) GDPR constitutes the legal basis. This personal data will not be passed on to third parties. The individuals concerned are entitled at any time to revoke the respective separate declaration of consent given via the double opt-in procedure. After revocation, this personal data will be deleted by the data controller. Unsubscribing from receiving the newsletter is interpreted as automatic cancellation.
Will my data be passed on to third parties?
Internal transmission, within medica
We transmit your data internally to the administration, HR department, service department and sales department in order to comply with our contractual or legal obligations and to answer your inquiry. Your data will only be transmitted or disclosed to the extent necessary for this purpose and in compliance with the relevant data protection regulations.
Transmission to third parties
We transfer your data to certain third parties to be able to provide corresponding applications and services ( "order processors") that provide external services for us. A transfer to other third parties may take place in order to fulfil our obligations (authorities, banks, social insurance carriers, etc.). Third parties process the data only in accordance with our instructions and are also prohibited from using this data for their own commercial purposes which do not correspond to the agreed purposes.
If the processing of your data takes place outside Europe, this transfer will carried out in compliance with all applicable data protection laws and in particular in accordance with Art. 44 f. GDPR.
Transfer to a third country or international organisation
Data may be transferred to countries outside the EU or the EEA (third countries) for the abovementioned purposes (transfer to third parties). Transfers are made only to enable us to carry out our contractual and legal obligations or on the basis of your consent. This kind of transfer is carried out in compliance with all applicable data protection laws and in particular in accordance with Art. 44 f. GDPR. In particular, either on the basis of adequacy decisions adopted by the European Commission or on the basis of certain guarantees (e.g. standard data protection clauses, etc.).
We do not transmit data to international organisations.
How long will my data be stored?
Duration of storage
We store your data as long as this is necessary for the provision of our online services and the services associated therewith or if this has been provided for by the European Directive and Regulative Authority or another legislator in laws or regulations to which the data controller is subject. In all other cases, we delete your personal data once the purpose has been fulfilled, with the exception of such data which we must continue to store in order to fulfil legal obligations.
How secure is my data?
medica uses technical and organisational security measures to protect the data that we manage against accidental or intentional manipulation, loss, destruction or access by unauthorised persons. Our security measures are continuously improved in line with technological developments.
For security reasons and to protect the transmission of confidential content, such as requests you send to us as a site operator, this site uses SSL encryption (Secure Socket Layer) in conjunction with the highest level of encryption supported by your browser. This is usually a 256-bit encryption. If your browser does not support 256-bit encryption, then we use 128-bit v3 technology instead. You can tell whether a webpage of our website is being transmitted in encrypted form by the fact that the address line of the browser changes from "http: //" to "https: //" and to the lock symbol in your browser line.
If SSL encryption is activated, the data you transmit to us cannot be read by third parties.
We would like to point out that data transmission over the internet (e.g. communication by e-mail) can have security gaps. It is not possible to protect such data completely against access by third parties.
What is the legal basis for processing data?
Legal basis for processing operations
Article 6 (I)(a) GDPR is what our company uses as the legal basis for processing operations for which we obtain consent for a specific processing purpose.
If the processing of personal data is necessary for the performance of a contract to which the person affected is party, as is the case for example with processing operations necessary for the delivery of goods or the provision of other services or consideration, then the processing is based on Article 6 (I)(b) GDPR. The same applies to such processing operations that are necessary to carry out pre-contractual measures, for example in cases of inquiries about our products or services.
If our company is subject to a legal obligation which requires the processing of personal data, for example to fulfil tax obligations, then the processing is based on Article 6 (I)(c) GDPR.
In rare cases, the processing of personal data may become necessary to protect the vital interests of the person affected or another natural person. This would be the case, for example, if a visitor were injured in our company and his/her name, age, health insurance data or other vital information had to be passed on to a doctor, a hospital or other third parties. Processing would then be based on Article 6 (I)(d) GDPR. Ultimately, processing operations could be based on Article 6 (I)(f) GDPR.
Processing operations which are not covered by any of the aforementioned legal foundations are subject to this legal basis if processing is necessary to safeguard a legitimate interest of our company or a third party, provided that the interests, fundamental rights and freedoms of the person affected do not prevail. If the processing of personal data is based on Article 6 (I)(f) GDPR, it is in our legitimate interest to conduct our business for the wellbeing of all our employees and our customers.
Legal or contractual stipulations for the provision of personal data; necessity for the conclusion of the contract; obligation of the person affected to provide the personal data; possible consequences of failure to provide them
We inform you that the provision of personal data is partly required by law (e.g. tax regulations) or may also result from contractual regulations (e.g. information on the contractual partner). In some cases, it may be necessary for a contract to be concluded if an individual concerned provides us with personal data which we subsequently have to process. For example, the individual concerned is obliged to provide us with personal data if our company enters into a contract with him/her. Failure to provide personal data would mean that the contract with the individual concerned could not be concluded. Prior to the provision of personal data by the individual concerned, he/she must contact one of our employees. Our employee will inform him/her on a case-by-case basis whether the provision of personal data is required by law or contractually required for the conclusion of the agreement, whether there is an obligation to provide personal data and what consequences the failure to provide the personal data would have.
Is the data of minors protected?
This online service is not aimed at children under 16 years of age. Persons under 16 years of age may not transmit any personal data to medica without the consent of their parents or legal guardians.
What rights do I have as a person affected?
You have the right to information about the data we store, the duration of data, purpose and legal basis of storage, as well as the origin and recipient of transmissions. Incorrect data must be corrected, while inadmissibly stored data or data no longer required must be deleted. In addition, the person affected has a right of objection, a right to limitation of processing, and the right to data transferability.
This information will be provided at your request. This information is free of charge.
You also have the right to lodge a complaint directly with a supervisory authority.
Revocation of consent to data processing
Some data processing operations are only possible with your express consent. You can revoke any consent you have already given at any time. All you need to do is send an informal e-mail to us at firstname.lastname@example.org. The legality of data processing up to the point of revocation remains unaffected by this revocation.
medica Medizintechnik GmbH
Tel.: +49 7355-93 14-0
Contact details of the external data protection officer:
Tel.: +49 7542 / 94921-01