Protecting your privacy during the processing of personal data is an important concern for us. When you visit our website, our web servers automatically save the IP address of your Internet service provider, the website from which you visit us, the pages on our website that you visit, and the date and duration of your visit. This information is necessary for the technical functionality of the webpages and the secure operation of the server. A personalised evaluation of this data is not carried out.
If you send us information via the contact form, this data will be stored on our servers in the course of data backup. Your data will be used by us exclusively to process your request. Your data will be handled in a strictly confidential manner. Your data will not be passed on to third parties.
Responsible party:
medi GmbH & Co. KG
Medicusstr. 1
95448 Bayreuth
Telephone: 0921 912-0
Telefax: 0921 912-370
Personal data
Personal data are data about yourself. This includes your name, your address and your Email address. You are not obligated to disclose any personal data in order to visit our website. In some cases, we need your name and address as well as further information to be able to offer you the service you require.
The same applies if we supply you with informative material on request or if we answer your enquiries. We will always notify you in such cases. Otherwise, we only save data that you have automatically or voluntarily submitted to us.
When you use our services, we normally only collect data that are necessary to be able to offer you our services. We may ask you for further information on a voluntary basis. Whenever we process personal information, we do so in order to provide you with our services or to pursue our commercial interests.
Stored data
Server log files
Server log files
Website providers automatically collect and store information in so-called server log files, which your browser automatically transmits to us.
These are:
- Data and time of the request
- Name of the requested file
- Page from which the file was requested
- Access status (file transferred, file not found, etc.)
- the web browser and operating system used
- complete IP address of the computer making the request
- amount of data transmitted
This data is not combined with other data sources. The processing is carried out in accordance with Art. 6(1)(f) DSGVO on the basis of our legitimate interest in improving the stability and functionality of our website.
This data is stored by us for security reasons, especially with regard to the prevention of attempts to attack our web server. It is not possible for us to draw conclusions regarding individuals based on this data. The data remains on our web server for 21 days and on a log server for 6 months. The data is processed for statistical purposes only; it is not compared with other datasets or passed on to third parties, even in extracts.
Cookies
Cookies
When you visit our website, we may store information on your computer in the form of cookies. Cookies are small files that are transferred from an Internet server to your browser and stored on your hard drive. The information stored in the cookies allows you to be automatically recognised the next time you visit our website, which will make it easier for you to use the site. The legal basis for the use of cookies is your consent in accordance with Art. 6 (1)(a) GDPR or, for necessary cookies, our legitimate interest in accordance with Art. 6 (1)(f) GDPR. Our legitimate interests are in maintaining the functionality and security of the website, protection against misuse and improving our service.
Of course, you can also visit our website without accepting cookies. If you do not want your computer to be recognised the next time you visit, you can also refuse the use of cookies by changing the settings in your browser to “refuse cookies”. The respective procedure can be found in the settings of your browser. If you reject the use of cookies, however, there may be restrictions on the use of some areas of our website.
Withdraw or change your cookie consent and get more information about the functional duration of the individual cookies.Pingdom
Pingdom
This website uses the monitoring service Pingdom, operated by the Swedish company Pingdom AB, Kopparbergsvägen 8, 722 13, Västerås, Sweden. Pingdom uses what are called “cookies”, which are small text files that are locally saved in the cache of the website visitor’s browser. These cookies help in identifying the browser and hence make it possible to analyse your accesses as well as the performance and availability of our website in order to improve the performance and the presentation of the contents on the website.
You can find the data protection guidelines of Pingdom under: www.pingdom.com/legal/privacy-policy/
For more information about the use of cookies on our site, please see the section "Cookies".
More information
Customer account
Customer account
We set up a password-protected direct-access to the user data (customer account) stored by us for each customer who registers accordingly. Here you can view data about your completed, open and recently shipped orders and manage your address information, bank details and the newsletter. You undertake to treat the personal access-data confidentially and not to make them accessible to unauthorised third parties. We cannot assume any liability for misused passwords, unless we are responsible for the misuse.
The legal basis for this processing activity is art. 6 (1) (b) GDPR.
We would like to make your visit to our website as pleasant as possible with the function “Stay logged in”. This function allows you to use our services without having to log in again each time. For security reasons, however, you will be asked to enter your password again if, for example, you need to change your personal data or you wish to place an order. We recommend that you do not use this feature if the computer is used by multiple users. We would like to point out that the “Stay logged in" function is not available if you use a setting that automatically deletes stored cookies after each session.
For more information about the use of cookies on our site, please see the section "Cookies".
Security
Security
We have taken technical and administrative security precautions to protect your personal data against loss, destruction, manipulation and unauthorised access. All our employees and service providers working for us are obliged to comply with the applicable privacy laws.
Whenever we collect and process personal information, it is encrypted before it is transmitted. This means that your data cannot be misused by third parties. Our security precautions are subject to a continuous improvement process and our privacy policies are constantly being revised. Please make sure that you have the latest version.
Data transfers to third countries
Data transfers to third countries
If we process data in countries outside the European Economic Area (“EEA”), we protect it based on an adequacy decision of the EU Commission Art. 45 (1) GDPR or use the standard contractual clauses of the EU Commission in accordance with Art. 46 (2)(c) GDPR when structuring contractual relationships with recipients in third countries.
Storage period
Storage period
We will store your data,
- if you have consented to the processing thereof, only until you withdraw your consent;
- if we need the data to perform a contract, only for as long as the contractual relationship with you exists;
- if we use the data on the basis of a legitimate interest, only as long as your interest in deletion or anonymisation does not outweigh this legitimate interest;
- if statutory retention obligations exist, until the end of the retention periods.
Your rights
You have the right at any time to request information, correction, deletion or restriction of the processing of your stored data; a right to object to the processing; as well as the right to data portability and to lodge a complaint in accordance with the requirements of privacy law.
access
Right of access
You can request information from us as to whether and to what extent we process your data.
rectification
Right to rectification
If we process your data that is incomplete or inaccurate, you may request that we correct or supplement it at any time.
erasure
Right to erasure
You can demand that we delete your data if we process it unlawfully or if the processing disproportionately interferes with your justifiable protection interests. Please note that there may be reasons that prevent an immediate erasure, e.g., in the case of legally stipulated retention obligations. Irrespective of the exercise of your right to deletion, we will delete your data immediately and completely, insofar as there is no contractual or statutory obligation to retain data in this respect.
restrict processing
Right to restrict processing
You can ask us to restrict the processing of your data if
- you dispute the accuracy of the data for a period of time that allows us to verify the accuracy of the data,
- the processing of the data is unlawful, but you decline to delete it and instead demand a restriction on the use of the data,
- we no longer need the data for the intended purpose, but you still need this data to file or defend legal claims, or
- you have objected to the processing of the data.
data portability
Right to data portability
You may request that we provide you with the information you have provided to us in a structured, standard and computer-readable format and that you may provide that information to another representative without interference from us, provided that
- we process this data on the basis of an agreement given and revocable by you or for the fulfilment of a contract between us, and
- that such processing is carried out using automated procedures.
If technically feasible, you may request us to transfer your data directly to another representative.
Right to object
Right to object
If we process your data for legitimate reasons, you may object to such processing at any time. We will then no longer process your data unless we can prove compelling and protection-worthy grounds for the processing which outweigh your interests, rights and freedoms or if the processing serves the assertion, exercise or defence of legal claims. You can object to the processing of your data for the purpose of direct marketing at any time without giving reasons.
Right to appeal
Right to appeal
If you are of the opinion that we have violated German or European data protection law when processing your data, please contact us so that we can clarify any questions you may have. Of course, you also have the right to contact the competent regulatory authority for you, the respective regional office for data protection supervision.
If you wish to exercise any of the aforementioned rights against us, please contact our data protection officer. In case of any doubt, we may request additional information to confirm your identity.
Changes to this Privacy Policy
We reserve the right to change our privacy policy if necessary due to new technologies. Please make sure that you have the latest version. If substantial changes are made to this privacy statement, we will post them on our website.
All interested parties and visitors to our website can contact us with questions about privacy at:
ePrivacy GmbH
Prof. Dr. Christoph Bauer
Große Bleichen 21
20354 Hamburg
Germany
E-Mail: dataprotection@medi.de