Privacy

Privacy Policy OxyCare GmbH

(www.oxycare.eu)

 

Dear visitor

the protection of your privacy is important to us! With the following information, we would therefore like to inform you about how we handle your data that is collected when you use our website.

 

Data protection information

Information on the processing of your personal data

Table of contents

I. General

II. Person responsible and data protection officer

a. Name and address of the data controller
b. Name and address of the data protection officer

III. Purposes of the processing and legal bases

a. Website visits in general
b. Webshop
c. Contact form
d. Newsletter
e. Comment function
f. Recommendation function
g. Online prescription transmission
h. Google Maps

IV. Information on specific processing purposes

a. Patient and customer care
b. Advertising and marketing
c. Processing of applications
d. Video surveillance of company and business premises

V. Data transfer and recipients

a. Website visits in general
b. Contact form, newsletter, comment and recommendation function, online prescription transfer, advertising and marketing
c. Online shop

VI. Storage period of data

VII. Cookies

a. Google Analytics
b. Google Tag Manager
c. Google AdWords Conversion
d. Threat Metrix

VIII. Data subject rights/your rights to protect your personal data

IX. Right to complain

X. Other

I. General

The protection of your privacy is important to us. We strictly comply with the legal provisions of the EU General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG) and other applicable legal provisions on the protection, lawful handling and confidentiality of personal data. As a matter of principle, we collect and use personal data of our users only insofar as this is necessary for the provision of a functioning website as well as our contents and services. If this is not the case, personal data will only be used with the user's consent. An exception applies in those cases in which it is not possible to obtain prior consent for actual reasons and the processing of the data is permitted by legal regulations.

In the following, we would like to inform you about the processing of your personal data. If you have any questions, please contact us using the contact details provided.

II. Person responsible and data protection officer

a. Name and address of the data controller

The data controller within the meaning of the EU General Data Protection Regulation (DSGVO) is

OxyCare GmbH
Holzweide 6
D-28307 Bremen
Telephone: 0421 - 48 99 66
Fax: 0421 - 48 99 699
E-mail: [email protected]

b. Name and address of the data protection officer

The data protection officer of the controller is:

Sebastian Strimitzer
Heigerleinstrasse 2/4-9
A-1160 Vienna
Tel.: +43 1 924 05 28
E-mail: [email protected]

III. Purposes of processing and legal basis

a. Website visits in general

When you visit our website, we collect and store access data in log files (so-called log files or access logs) in order to be able to guarantee the permanent functionality of the website. We process the following data in this context:

- IP address
- Date and time of access
- Websites from which you accessed our site (referrer URL)
- operating system
- Name of the internet service provider
- Product and version information of the browser used
- Amount of data transferred, loading time

The legal basis for data processing is our legitimate interest according to Art. 6 Para. 1 lit. f DSGVO. This is to ensure the functionality, security and accessibility of the website for all site visitors and, if necessary, the collection, defence and assertion of legal claims.

It is not possible to draw any direct conclusions about your identity on the basis of the information. The data is automatically deleted after the aforementioned purposes have been achieved.

b. Webshop

b.1. Purchases of goods or products

If you make a purchase via our webshop, you will provide us with personal data. We use this data, as well as the other information provided, to process the goods or product purchases/fulfil our contractual obligations. This also includes all necessary data transfers to third parties (e.g. shipping or logistics companies, communication service providers, credit rating agencies, etc.).

Our legal basis for this data processing is Art. 6 para. 1 lit. b DSGVO (contract, fulfilment of contract, preliminary contract). We retain your data to the extent that we are subject to legal obligations to retain data. The relevant legal basis in these cases is Art. 6 para. 1 lit. c DSGVO (legal obligation). In individual cases, we store your data on the legal basis of legitimate interest Art. 6 para. 1 lit. f DSGVO for the collection, assertion and defence of legal claims.

b.2. Customer account

In order to provide you with the greatest possible convenience, we offer you the permanent storage of your personal data in a password-protected customer account/user account.

The creation of a customer account is voluntary and not a prerequisite for goods or product purchases via our webshop. You can view and change the personal data stored in your customer account at any time. You are also free to delete the customer account at any time.

When selecting your personal password, please ensure that it is sufficiently secure to protect your personal data. This is used together with your e-mail address to access your customer account.

Please note that you will automatically remain logged in after leaving our website unless you actively log out.

Our legal basis for data processing in connection with your customer account is your (if applicable conclusive) consent Art. 6 para. 1 lit. a DSGVO.

b.3. Processing of payments

We offer the following payment options: card payment, direct bank transfer, SEPA direct debit, purchase on account, prepayment, hire purchase, as well as payment via mobile payment methods/wallets. All these payment options are processed via our service provider Novalnet AG, Feringastraße 4, D-85774 Unterföhring, Germany. We forward your personal data to our service provider for the purpose of payment processing/administration.

The legal basis for the data processing is Art. 6 para. 1 lit. b DSGVO - the data processing is necessary for the fulfilment of the contract (processing of the payment). The provision of personal data (e.g. payment information) is necessary for the purchase of our goods and products, without provision a purchase of goods/products is not possible. Please note that Novalnet AG as a payment service provider in certain constellations (e.g. choice of payment method instalment purchase - advance payments/credit granted by Novalnet AG; choice of payment method purchase on account - subrogation to Novalnet AG) independently carries out creditworthiness checks (incl. identity determinations for fraud prevention) and also reserves the right to pass on data to third parties such as credit agencies. Information on the data processing of your personal data by the payment service provider can be found at https://www.novalnet.de/datenschutz

Data transfer: Your personal data will be transferred to Novalnet AG.

Storage period: We store your personal data in accordance with our legal obligations to retain/hold data. According to §147 of the German Fiscal Code (Abgabenordnung) and §257 of the German Commercial Code (Handelsgesetzbuch), we must retain records/documents relevant for tax or accounting purposes for a period of 10 years from the end of the calendar year to which they relate.

b.4 Trusted Shops seal of approval and Trusted Shops customer ratings

The Trusted Shops Trustbadge is integrated in our webshop to display our Trusted Shops seal of approval and any ratings collected, as well as to offer Trusted Shops products to buyers after they have placed an order.

This serves to protect our overriding legitimate interests in optimal marketing by enabling secure shopping, as determined in the context of a balancing of interests, in accordance with Art. 6 (1) p. 1 lit. f DSGVO. The trust badge and the services advertised with it are an offer of Trusted Shops GmbH, Subbelrather Str. 15C, 50823 Cologne. The Trustbadge is provided by a CDN provider (Content Delivery Network) within the framework of order processing. Trusted Shops GmbH also uses service providers from the USA. Further information on the data protection of Trusted Shops GmbH can be found in our data protection declaration.

When the Trustbadge is called up, the web server automatically saves a so-called server log file, which also contains your IP address, the date and time of the call-up, the amount of data transferred and the requesting provider (access data) and documents the call-up. Individual access data are stored in a security database for the analysis of security anomalies. The log files are automatically deleted 90 days after creation at the latest.

Further personal data (name, e-mail address, contract or buyer data, order data) are transferred to Trusted Shops GmbH if you decide to use Trusted Shops products after completing an order or if you have already registered to use them. The contractual agreement between you and Trusted Shops applies. For this purpose, personal data is automatically collected from the order data. Whether you as a buyer are already registered for product use is automatically checked using a neutral parameter, the email address hashed by cryptological one-way function. The e-mail address is converted into this hash value, which cannot be decrypted by Trusted Shops, before it is transmitted. After checking for a match, the parameter is automatically deleted.

This is necessary for the fulfilment of our overriding legitimate interests in the provision of the buyer protection linked to the specific order in each case and the transactional evaluation services in accordance with Art. 6 para. 1 p. 1 lit. f DSGVO.

You have the option to object to this data processing (data subject's right to object to data processing in the legitimate interest pursuant to Art. 21 (1) and (2)). In this case, we will only process your data if there are compelling reasons on our part worthy of protection for further processing. Insofar as the data processing carried out by us relates to areas which are to be assigned to direct advertising, your objection has absolute effect. In this case, we will stop processing the data.

Information on the processing of personal data by the company Trusted Shops GmbH can be found at https://business.trustedshops.at/impressum#datenschutz.

c. Contact form

Our website contains a contact form that can be used to contact us electronically. To use the contact form, enter your name, e-mail and message so that we can process and respond to your enquiry accordingly. We process your personal data on the legal basis of legitimate interest Art. 6 para. 1 lit. f DSGVO (our legitimate interest lies in the provision and use of various communication offers), as well as contract performance Art. 6 para. 1 lit. b DSGVO. Alternatively, it is possible to contact us via the e-mail address provided. If the data subject contacts the controller via one of these channels, the personal data transmitted by the data subject will be automatically stored. The storage is solely for the purpose of processing or contacting the data subject.

Insofar as we base the data processing contact form on legal grounds of legitimate interest, you have the right to object in accordance with Art. 21 DSGVO. If you assert this right, we will no longer process your data unless there are grounds for further processing that merit protection.

d. Newsletter

If you subscribe to our newsletter, the data in the input mask will be transmitted to us. When subscribing to the newsletter, the user's IP address and the date and time of registration are stored. This serves to prevent misuse of the services or the e-mail address of the person concerned. The data is used exclusively for sending the newsletter. The newsletter is sent on the basis of your consent. You can cancel your subscription to the newsletter at any time. Likewise, you can revoke your consent to the storage of personal data at any time. For this purpose, you will find a corresponding link in each newsletter. To ensure the protection of personal data, we use a so-called double opt-in procedure - your subscription to the newsletter is only considered validly granted when you confirm a link that we send to your e-mail address.

e. Comment function

On our website you have the possibility to rate the products offered and to leave a comment. When using the comment function, your comment will be publicly displayed under the product. In addition to the content, your chosen pseudonym will also be displayed, provided you have agreed to the publication. In addition, we can assign your comment to your user account. This is necessary in order to be able to contact you in the event of discrepancies and queries regarding your comment. The legal basis for data processing is your consent, Art. 6 para. 1 sentence 1 lit. a DSGVO, which you give when using the comment function. The legal basis for any contact or queries by us in connection with your rating is legitimate interest Art. 6 para. 1 lit. f DSGVO.

f. Recommendation function

We offer you the possibility to recommend our webshop to third parties and to draw their attention to our offers. To do this, you enter their name, your e-mail address, as well as the name and e-mail address of the third party and, if necessary, change the suggested sample text. Your data will not be used by us for other purposes and will be deleted after the recommendation message has been sent. The legal basis for the processing of your personal data and the transfer of data to third parties is legitimate interest Art. 6 para. 1 lit. f DSGVO. Our legitimate interest lies in advertising and marketing (product or goods recommendations from interested parties and customers to third parties, improvement of the level of awareness of the company). We draw your attention to your right of objection pursuant to Art. 21 (1) DSGVO.

g. Online prescription transmission

You have the option of sending us your prescription (medical prescription) directly online for faster supply. We use the personal data and information you provide via online transmission exclusively to initiate a supply of devices, products and aids or to establish contact with you or your attending physician.

The online transmission is designed in such a way that your data is not passed on to third parties; the data transmission to us is encrypted.

Our legal basis for data processing is contract Art. 6 para. 1 lit. b DSGVO (supply of medically prescribed devices, products and aids; fulfilment of contracts concluded with us; fulfilment of pre-contractual obligations), Art. 9 para. 2 lit. h DSGVO in conjunction with §22 para. 1 no. 1 lit. b BDSG (processing of health data when implementing medical prescriptions, SGB V data exchange health insurance companies, etc.).

h. Google Maps

We use the "Google Maps" service on our websites. Google Maps is an application of the company Google. Inc. (hereinafter "Google"), which enables you to locate our company more easily.

Google Maps automatically transmits data to Google. Google subsequently uses the data for its own purposes (advertising, market research, further development of services, etc.). For information on data processing by Google, see https://policies.google.com/privacy?hl=de. We obtain your consent for the data transfer to Google. Data will only be transferred after your consent.

 

IV. Information on specific processing purposes

a. Patient and customer care

We process personal data in the care of patients and customers for the purposes of:

- Responding to enquiries made (e.g. advice, clarification of needs).
- Processing prescriptions (supplying patients with devices, products and aids in accordance with the specifications of the medical prescriptions we receive)
- Processing and fulfilment of contracts (equipment/product purchases, loans, service and work contracts, rental contracts, transfer for use, other usage agreements). Use agreements)
- Documentation of functional tests and training/instructions in the use of the devices/medical products (corresponding legal obligation), other documentation of use (e.g., documentation of the use of the devices/products) Documentation of use
- Rectification of malfunctions (during and outside business hours - emergency service)
- Billing for services rendered (health insurance providers, cost units)
- Settlement of services (invoicing, settlement with customers)
- Warranty and guarantee processing
- Assertion, exercise and defence of legal claims
- Marketing, advertising, public relations

Legal basis:

The legal basis for this data processing is individual treatment in the health and social sector Art. 9 para. 2 lit. h DSGVO in conjunction with §22 para. 1 no. 1 lit. b BDSG (processing of health data in the implementation of medical prescriptions, SGB V data exchange health insurance companies, etc.), Art. 6 para. 1 lit. b DSGVO (supply of the medically prescribed devices, products and aids; fulfilment of contracts concluded with us, pre-contractual obligations), fulfilment of legal obligations Art. 6 para. 1 lit. c DSGVO (documentation, confirmation of referral, data exchange with health insurance providers, obligation to store data), and in individual cases legitimate interests Art. 6 para. 1 lit. f DSGVO (our legitimate interests lie in the implementation of advertising and marketing measures, and the assertion, exercise and defence of legal claims).

Source/origin of data:

If we care for you in the context of prescription processing (medical prescription with devices/products), we receive your data from doctors, hospitals and other health care facilities or from health insurance providers. In all other cases, we collect personal data directly from you.

Disclosure of data:

We only pass on your data to the extent that this is necessary to fulfil our legal or contractual obligations. In the area of prescription processing, we transmit documents to health insurance providers/cost units for the purpose of billing and remuneration. If necessary, data is passed on to service providers that we have commissioned with the billing of cost units.

Companies associated with us (companies of the group of companies) receive limited data if this is necessary for the fulfilment of the tasks assigned internally to these companies in connection with patient and customer care - e.g. areas of equipment disinfection, repair and maintenance. Through strict internal guidelines for the protection of personal data, we ensure that an adequate level of protection and security is guaranteed in all companies of the Group. The companies affiliated with us to which we may transfer data in the context of patient or customer care are:

- Ospe Medical Service GmbH
- A.R.U. Medizintechnik GmbH
- OxyCare Plasma-Desinfection GmbH
- OxyCare Austria GmbH
- OxyCare Bulgaria
- ClinicCare GmbH

Duration of data storage:

In principle, your data will only be stored for the period required to fulfil the purpose, and beyond that for as long as we are subject to legal obligations to retain/hold data, or in individual cases if retention is necessary to fulfil our legitimate interests.

Other:

In some areas, we are legally obliged to collect, store and also forward data (e.g. billing requirements of other service providers according to §302 SGB V, obligation to document instruction in the handling of medical devices according to §4 MPBetreibV). Furthermore, the provision of data is a prerequisite for the conclusion of contracts with us; without the provision of data, we cannot provide you with care.

The provision of personal data is necessary in the area of patient and customer care, without personal data of patients and customers we cannot fulfil our contractual and legal obligations (care mandate, etc.).

b. Advertising and marketing

We use your personal data for the purposes of advertising and marketing on the legal basis of legitimate interest Art. 6 para. 1 lit. f DSGVO in order to send you advertising information tailored to your needs or interests (information on products and services of our company). In doing so, we take particular care not to violate legal regulations on permitted contact.

If necessary, we obtain your express consent for contacting you for advertising and marketing purposes. In this case, Art. 6 para. 1 lit. a is the legal basis for data processing.

You have the right to object to data processing in the legitimate interest. You can revoke your consent at any time. You can find more detailed information in this data protection information under the point Data subject rights.

c. Processing of applications

When processing applications (receipt of applications including accompanying documents, sorting, selection, contacting, etc.), we process the categories of data or information that applicants provide to us as part of the application (e.g. first name, surname, nationality, contact details, certificates, qualifications and previous activities) or that we request separately. If special categories of personal data (such as health data, religious affiliation, degree of disability) are also provided, processing only takes place if the applicant has consented to this or if a legal authorisation justifies the data processing.

Personal data is generally collected directly from the applicant as part of the recruitment process. In addition, we may have received data from third parties (e.g. job placement agencies) to whom the applicant provides the data for disclosure.

The data processing serves to carry out and process the application procedure and to assess the extent to which the applicant is suitable for the position in question. As a rule, the legal basis for data processing is Art. 6 para. 1 lit. b DSGVO in conjunction with. §In individual cases, we ask the applicant to provide a separate data protection consent Art. 6 para. 1 lit. a DSGVO in conjunction with §26 BDSG. In individual cases, we also process data on the basis of legitimate interests Art. 6 para. 1 lit. f DSGVO (collection, assertion and defence of legal claims).

We only process special categories of data (e.g. police clearance certificate, trade union and religious affiliation) insofar as we are subject to a legal obligation (Art. 6 para. 1 lit. c in conjunction with Art. 9 para. 2 lit. b DSGVO) or the applicant has separately consented to the processing (Art. 6 para. 1 lit. a or Art. 9 para. 2 lit. a DSGVO).

Applicant data may be passed on within our group of companies (OxyCare GmbH, OSPE Medical Service GmbH, A.R.U. Medizintechnik GmbH, OxyCare Plasma-Desinfektion GmbH, OxyCare Österreich GmbH, OxyCare Bulgaria, ClinicCare GmbH) as part of a group-wide applicant management system. In the case of successful applications, we transmit data to the payroll accountant/tax advisor commissioned by us, the tax office, health insurance fund(s) and the pension insurance institution.

As a rule, we delete applicant data after 6 months from the end of the respective application procedure. In individual cases, we retain data for as long as is necessary for the collection, defence and assertion of legal claims. If applicants agree to the retention of application data, we retain the data for a period of 2 years. Applications are only possible if personal data is provided/disclosed. If the data is not provided, it will not be possible to apply or have the application considered. We will treat your data confidentially.

d. Video surveillance of company and business premises

In our "OxyCare InformationsCenter" Bremen, Knochenhauerstraße, Bremen, and in our office/sales location, Holzweide 6, Bremen, we operate video surveillance systems for the exercise of domiciliary rights, for the prevention of criminal offences and for the preservation of evidence on the legal basis of legitimate interest, Art. 6 (1) lit. f DSGVO. Our legitimate interests are derived from the above-mentioned purposes: preventive protection of the property of the business owner and third parties, ensuring protection and safety for employees and other persons on the business premises, preservation of evidence.

We store the collected data (image material, no sound material) as long as the data is required to achieve the purpose. In cases of justified suspicion of the commission of a punishable offence, enquiries from investigating authorities, responses to requests from persons concerned, we retain the data for a longer period of time. An evaluation/selection of the data is only carried out in the case described. The data is stored in encrypted form, the monitored areas are marked accordingly.

We do not transfer records to third parties - with the exception of data transfer to investigating authorities or courts (investigations, proceedings), insurance companies (processing of insurance claims) and lawyers (representation, legal enforcement).

Data subjects have a (relative) right to object to the processing of personal data (Art. 21 (1) GDPR). However, it must be assumed that there are compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subjects or that the processing is necessary for the assertion, exercise or defence of legal claims, and thus further processing may take place.

 

V. Data transfer and recipients

a. Website visits in general

As a rule, we only pass on your data collected on the basis of the use of our website to the extent that this is absolutely necessary to fulfil the purposes set out (e.g. operation and maintenance of the website via ext. service providers). However, we may also be obliged by law or by the authorities to pass on data to third parties (e.g. passing on data to law enforcement agencies).

b. Contact form, newsletter, comment and recommendation function, online prescription transfer, advertising and marketing

We only pass on your data to third parties to the extent that this is necessary to fulfil the stated purposes (e.g. data transfer to contracted IT service providers, service providers for printing, dispatch, e-mail providers). In individual cases, however, we may be obliged by law or by the authorities to pass on your data to authorities, courts and other state agencies (law enforcement agencies).

c. Online shop

In order to fulfil our contractual obligations, we sometimes use external service providers (e.g. delivery services, post office, shipping companies and forwarding agents, payment service providers, credit companies for financing purchases). We forward to these service providers the data necessary to fulfil the tasks assigned to them.

If you make use of an advance service provided by Oxycare GmbH, a credit check may be carried out by means of an enquiry with SCHUFA Holding AG, Kormoranweg 5, 65201 Wiesbaden. The personal data required for this purpose will be transmitted to credit agencies such as SCHUFA Holding GmbH. The collection, storage and forwarding of the data is carried out for the purpose of checking creditworthiness and avoiding non-payment and on the basis of Art. 6 Para. 1 S. 1 lit. b DSGVO and Art. 6 Para. 1 S. 1 lit. f DSGVO. Based on this information, a statistical probability of a credit default and thus your solvency is calculated. In the event of a negative credit assessment, we reserve the right to refuse performance.

VI. storage period of the data

Your data will only be stored for as long as is technically and organisationally necessary to achieve the stated purposes and to fulfil our legal obligations. If necessary, we also retain your personal data for certain periods on the basis of legitimate interest. When determining the periods, we take care not to infringe your rights and freedoms. If the retention of data is no longer necessary, we will delete your data immediately.

VII. Cookies

Cookies are used on our websites. Cookies are small files that are stored either for the duration of your browser session in the cache of your internet browser (session cookies), or for a fixed period on your hard drive (permanent cookies). Cookies enable recognition so that you can be provided with content tailored to your needs and wishes more quickly and in a more targeted manner during future visits to our website.

For the use of cookies, we usually obtain your express consent via a cookie banner (legal basis Art. 6 para. 1 lit. a DSGVO). You can select your cookie preferences via the cookie banner. Cookies that are necessary to ensure the functionality of our websites are not included in a selection option. We use these on the legal basis of legitimate interest Art. 6 para. 1 lit. f DSGVO.

Overview of the cookies used and legal basis:

WebseiteEingesetztes CookieRechtsgrundlage
oxycare-gmbh.deGoogle AnalyticsArt. 6 Abs. 1 lit. a

Google Tag ManagerArt. 6 Abs. 1 lit. f
oxycare.euGoogle Tag ManagerArt. 6 Abs. 1 lit. f

Trusted ShopsArt. 6 Abs. 1 lit. f

Google AdWords ConversionArt. 6 Abs. 1 lit. a

Threat MetrixArt. 6 Abs. 1 lit. f
foot-care.deKeine Cookies-

In the following, we inform you about the processing purposes and backgrounds pursued with the respective cookie.

a. Google Analytics

Our website uses Google Analytics, a web analytics service provided by Google Inc (hereinafter "Google").

The information generated by the cookie about the use of the website is usually transmitted to a Google server in the USA and stored there. We use IP anonymisation on our website, which means that your IP address is shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.

Google uses this information on our behalf to evaluate your use of our website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator. The transmitted data can be used to create usage profiles of visitors to our website. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

The evaluation of your user behaviour of the website is based on your given consent Art. 6 para. 1 lit. a DSGVO. By evaluating the anonymised usage data, the site is adapted to user behaviour and optimised. You have the option to revoke your consent with effect for the future.

You can find more information on the terms of use and data protection of Google Analytics at

http://www.google.com/analytics/terms/de.html oder https://www.google.de/intl/de/policies/

b. Google Tag Manager

We use the "Google Tag Manager" service as a central means of collecting, recording and forwarding the personal data associated with the website visit. This service bundles the applications we use into a central administration interface, which makes it easier for us to administer the website applications.

The use of the "Google Tag Manager" service requires the processing of your personal data collected in connection with website use (for details of the data processed, see point C.1).

Our legal basis for the data forwarding is legitimate interest Art. 6 para. 1 lit. f DSGVO, our legitimate interests lie in facilitating the administration of the applications we use on the website.

c. Google AdWords Conversion

We use the "Google Ads Conversion" service of Google Ireland Limited (Google) to display advertising tailored to your interests and to determine the success of advertising measures. For this purpose, we store a cookie ("Google AdWords Conversion") on your terminal device - provided you consent to the setting of the cookie. Our legal basis for data processing according to DSGVO is therefore Art. 6 para. 1 lit. a (consent).

The cookie is used to evaluate certain parameters such as your click behaviour on our website, selected products, cancelled orders for goods, duration of visit, etc. The aim is to subsequently provide you with information on the conversion of your order. The aim is to use this information to show you advertisements and offers from our company on our own and third-party websites (also across several browser sessions or end devices).

The Google Ads Conversion service is designed in such a way that Google does not provide us with any personal information. We only receive statistical evaluations of the success of the Google Ads advertising measures on an aggregated level.

The cookie is usually stored on your end device for a period of 30 days.

We would like to point out that the majority of data processing in connection with Google Ads Conversion is the responsibility of Google under data protection law. We have no influence whatsoever on these processing purposes pursued by Google, the scope or the extent of the data processing by Google. Please note that Google - if you are registered with a Google service (e.g. Gmail, Youtube) - can assign the information collected via the cookie to your account and thus to your person. Even if you are not registered with Google or have not logged into a Google service, it is possible that Google will process your data. Information on the processing of personal data by Google can be found at https://policies.google.com/privacy?hl=de.

By setting the appropriate general settings in your browser software, you can have a limited influence on data processing in connection with user analysis and user tracking. In particular, suppressing/blocking third-party cookies means that you do not receive any or fewer ads from third-party providers or that browser data is not usually collected across multiple websites.

d. Threat Metrix

We use the Threat Metrix application to protect the personal data of the customers of our online shop (prevention of fraud, malware infiltration, data protection violations, Trojan attacks). We set a cookie on your end device, which collects the data categories browser information, date and time of access, information about the hardware and software you use, as well as your IP address. The data is transmitted to the provider LexisNexis Risk Solution company, Global Reach, Dunleavy Drive, Cardiff CF11 oSN, United Kingdom (https://risk.lexisnexis.com/privacy-policy#contact).

Our legal basis for the use of this service and the associated data transfer to the service provider is legitimate interest Art. 6 para. 1 lit. f DSGVO (provision of a secure website environment, protection of personal data of website users).

VIII.Data subject rights/your rights to protect your personal data

You have a number of rights in relation to your personal data processed by us. You can exercise all of these rights free of charge and informally (by email, telephone or post), where appropriate after providing proof of your identity, at the address below. Your rights in detail:

Right to information: you can request information about the data we process informally at any time. In this case, we will inform you in writing about the data we have stored about you, the purposes for which we use this data, the categories of recipients to whom we pass this data and how long we intend to store it. We will comply with your request for information without delay, but within one month at the latest.

Right to deletion: You have the right to request the deletion of your data processed by us at any time. We will comply with this request if your data is no longer necessary for the purpose for which it was collected, if you revoke any existing consent, in the event of unlawful data processing or if deletion is necessary to comply with a legal obligation.

Right to rectification: If we process incorrect or incomplete data about you in error, we will of course rectify this. An informal communication addressed to us is sufficient for this purpose.

Right to restriction of processing: If it is not possible to delete your data or you do not wish this to happen, but you do not consent to the use of the data beyond its storage, we are obliged to restrict the further processing of your personal data upon your notification.

Right to data portability: We will provide you with the data we have stored about you, which we have received on the basis of a contract or on the basis of your consent, free of charge in a common file format upon your informal notification. You may use this data for your own purposes and pass it on to future contractual partners. If you wish and if it is technically feasible, we will also transfer your data directly to an addressee named by you. In this case, we will inform you after the transfer has taken place. We will comply with your request without delay, but within one month at the latest.

Right to revoke consent given: You can revoke your consent to data processing at any time with effect for the future. In this case, we will stop processing the data. The lawfulness of the data processing carried out up to this point is not affected by a revocation of consent.

Right to object: If we process your data on the basis of our legitimate interest, you have the right under the General Data Protection Regulation to object to the further processing of your data. If you exercise this right, we will no longer process your data for the purpose to which you have objected - unless there are legitimate grounds on our part for further processing which override your interests, rights and freedoms, or the processing serves the assertion, exercise or defence of legal claims.

IX.Right of appeal

The EU General Data Protection Regulation and the German Federal Data Protection Act guarantee you the above-mentioned rights. If you believe that one of these rights has been violated by us, you have the option of complaining to a data protection supervisory authority.

The data protection authority responsible for us is the State Commissioner for Data Protection and Freedom of Information of the Free Hanseatic City of Bremen

Dr. Imke Sommer
Arndtstraße 1
27570 Bremerhaven
Phone: +49 421 3512010 or +49 471 5932010
E-mail: [email protected]


Claims against us to which you are entitled on the basis of other legal grounds remain unaffected by this. We would appreciate it if you would give us the opportunity to dispel any concerns or help clarify any issues before involving the authorities.


X. Several

1. we take all necessary and appropriate technical and organisational security measures to protect your personal data from loss and misuse. Your data will be stored in a secure, state-of-the-art operating environment. 2.

2. access to our website is secured via HTTPS. This means that communication between your terminal device and our servers is encrypted. 3.

3. in order to improve our service offer, you will find links on our website to other websites for which other providers are responsible. To what extent our partners collect personal data, please refer to their data protection declarations. You can recognise the redirection by the fact that a new browser window opens and a new address is displayed in the browser line.

We expressly reserve the right to make future changes or adjustments to this data protection declaration.

Status of the data protection information: 09/2020