This privacy statement provides you with a simple overview of what happens to your personal data when you visit this website. Personal data is any data by which you can be personally identified. In the course of our business and website operations, we process personal data (hereinafter the “Data”). For detailed information on data protection, please refer to our Privacy Policy, which is set out below in the text.
Responsible for data processing in accordance with the provisions of the General Data Protection Regulation (GDPR) is:
Medosophos
Isabel Wendt-Christodoulou
Fuhlsbüttler Street 415a
22309 Hamburg
info@medosophos.de
The data concerned in detail, processing purposes, legal bases, recipients are listed in the following list:
a) Log file during website visit.
These are mainly technical data (e.g. Internet browser, operating system or time of page view). This data is collected automatically as soon as you enter this website.
We log your website visit. In doing so, we process:
Name(s) of our accessed website(s)
date and time of access
The legal basis for data processing is our overriding, legitimate interest in the ongoing provision and security of our website in accordance with Art. 6 (1) f) DSGVO.
The log file is deleted after seven days, unless it is needed to prove or clarify specific legal violations that have become known within the retention period.
b) Hosting
To provide our online presence, we use the services of web hosting provider STRATO AG, registered office of the stock corporation: Otto-Ostrowski-Straße 7, 10249 Berlin, telephone:030-300 146 0, register court: Berlin Charlottenburg HRB 79450, VAT ID no.: DE 211 045 709, which processes the above-mentioned data and all data to be processed in connection with the operation of this website (log file when visiting the website) on our behalf.
The legal basis for data processing is our overriding, legitimate interest in providing our website in accordance with Art. 6 (1) f) DSGVO.
c) Contacting us
If you contact us, we process the following data from you for the purpose of processing and handling your request: Name, contact details – if provided by you – and your message.
If you send us inquiries via contact form, your data from the inquiry form, including the contact data you provided there, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. We do not pass on this data without your consent. The processing of this data is based on Art. 6 (1) lit. b DSGVO, if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the requests addressed to us (Art. 6 (1) (f) DSGVO) or on your consent (Art. 6 (1) (a) DSGVO) if this has been requested; the consent can be revoked at any time. The data you enter in the contact form will remain with us until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g. after we have completed processing your request). Mandatory legal provisions – in particular retention periods – remain unaffected.
If you contact us by e-mail or telephone, your inquiry including all resulting personal data (name, inquiry) will be stored and processed by us for the purpose of processing your request. We do not pass on this data without your consent. The processing of this data is based on Art. 6 (1) lit. b DSGVO, if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the requests sent to us (Art. 6 (1) (f) DSGVO) or on your consent (Art. 6 (1) (a) DSGVO) if this has been requested; the consent can be revoked at any time. The data you send to us via contact requests will remain with us until you request us to delete it, revoke your consent to store it or the purpose for storing the data no longer applies (e.g. after your request has been processed). Mandatory legal provisions – in particular legal retention periods – remain unaffected.
d) Newsletter and provision of downloads
In order to provide you with regular or one-off information about our company and offers, we offer to send you an e-mail newsletter. With your newsletter registration, we process the data you entered during registration (e-mail address as well as other voluntary information). To prevent misuse, we will send you an e-mail after your registration in which we ask you to confirm your registration (double opt-in procedure). In order to be able to prove the registration process in a legally compliant manner, your registration is logged. This concerns the time of registration and confirmation as well as your IP address.
The legal basis for sending the newsletter is your consent pursuant to Art. 6 (1) a) DSGVO. The data processing in connection with the sending of the confirmation email for your registration and the associated data logging is carried out in accordance with Art. 6 para.1 f) DSGVO due to our legitimate interest in proving your proper registration.
For the dispatch of the newsletter, we use service providers to whom we transmit the named data.
The data collected in this process is transmitted to the servers of the following service providers as part of processing on behalf of medosophos: CleverReach.
For the processing of the newsletters, we use newsletter service providers, which are described below.
CleverReach GmbH & Co. KG//CRASH Building, Schafjückenweg 2, 26180 Rastede, Germany.
This website uses Clever reach to send newsletters.
CleverReach is a service with which, among other things, the sending of newsletters can be organized and analyzed. The data you enter for the purpose of receiving newsletters is stored on CleverReach’s servers in Germany.
With the help of CleverReach, we are able to analyze our newsletter campaigns. For example, we can see whether a newsletter message was opened and which links, if any, were clicked. In this way, we can determine, among other things, which links were clicked on particularly often.
In addition, we can see whether certain previously defined actions were performed after opening / clicking (conversion rate). We can thus see, for example, whether you have made a purchase after clicking on the newsletter.
CleverReach also allows us to subdivide (“cluster”) the newsletter recipients based on various categories. In doing so, the newsletter recipients can be subdivided by age, gender or place of residence, for example. In this way, the newsletters can be better adapted to the respective target groups. If you do not want any analysis by CleverReach, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message.
For detailed information on the functions of CleverReach, please refer to the following link: https://www.cleverreach.com/de/
You can find the CleverReach privacy policy at: https://www.cleverreach.com/de/datenschutz/
The data processing is based on your consent (Art. 6 para. 1 lit. a DSGVO). You can revoke this consent at any time. The legality of the data processing operations already carried out remains unaffected by the revocation.
The data you provide us with for the purpose of receiving the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and will be deleted from the newsletter distribution list after you unsubscribe from the newsletter. Data that has been stored by us for other purposes remains unaffected by this.
After you have unsubscribed from the newsletter distribution list, your e-mail address will be stored by us or the newsletter service provider in a blacklist, if necessary, to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your interest and our interest in complying with legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 (1) f DSGVO). The storage in the blacklist is not limited in time. You can object to the storage if your interests outweigh our legitimate interest.
We have concluded a contract on order processing (AVV) with the above-mentioned provider. This is a contract required by data protection law, which ensures that this provider only processes the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.
You have the right at any time to receive information free of charge about the origin, recipient and purpose of your stored personal data. You also have a right to request the correction or deletion of this data. If you have given your consent to data processing, you can revoke this consent at any time for the future. You also have the right to request the restriction of the processing of your personal data under certain circumstances. Furthermore, you have the right to lodge a complaint with the competent supervisory authority.
For this purpose, as well as for further questions on the subject of data protection, you can contact us at any time.
a) Information
Upon request, we will provide you at any time and free of charge with information about all personal data that we have stored about you.
b) Correction, deletion, restriction of processing (blocking), objection
If you no longer agree with the storage of your personal data or if this data has become incorrect, we will arrange for the deletion or blocking of your data or make the necessary corrections (insofar as this is possible under the applicable law) on the basis of a corresponding instruction. The same applies if we are only to process data in a restrictive manner in the future. You have the right to object in particular in cases where your data is required due to the performance of a task that is in the public interest or in our legitimate interest, as well as profiling based on this. Likewise, you have such a right of objection in the event of data processing for the purpose of direct advertising.
c) Data portability
If data processing is carried out on the basis of a contract, pre-contractual negotiations, consent or with the help of automated processes, you have the right to data portability. Upon request, we will provide you with your data in a common, structured and machine-readable format so that you can transfer the data to another responsible party upon request.
d) Right of revocation for consents with effect for the future
You may revoke consents granted at any time with effect for the future. Your revocation will not affect the lawfulness of the processing until the time of revocation.
e) Right of appeal
You also have the possibility to complain about your data protection rights to a supervisory authority: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
f) Restrictions
Data for which we are not able to identify the data subject, e.g. if it has been anonymized for analysis purposes, is not covered by the above rights. Information, deletion, blocking, correction or transfer to another company may be possible in relation to this data if you provide us with additional information that allows us to identify you.
Exercise of your data subject rights
If you have any questions regarding the processing of your personal data, if you wish to obtain information, correct, block, object to or delete data, or if you wish to transfer the data to another company, please contact info@medosophos.de.
We use online conferencing tools, among others, to communicate with our customers. The specific tools we use are listed below. When you communicate with us via video or audio conferencing over the Internet, your personal data is collected and processed by us and the provider of the respective conferencing tool.
In doing so, the conferencing tools collect all data that you provide/enter to use the tools (email address and/or your phone number). Furthermore, the conference tools process the duration of the conference, start and end (time) of participation in the conference, number of participants and other “context information” related to the communication process (metadata).
Furthermore, the provider of the tool processes all technical data required to handle the online communication. This includes in particular IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or speaker, and the type of connection.
If content is exchanged, uploaded or otherwise made available within the tool, this is also stored on the servers of the tool providers. Such content includes, but is not limited to, cloud recordings, chat/instant messages, voicemails uploaded photos and videos, files, whiteboards, and other information shared while using the Service.
Please note that we do not have full control over the data processing operations of the tools used. Our options are largely based on the company policy of the respective provider. For further information on data processing by the conference tools, please refer to the privacy statements of the respective tools used, which we have listed below this text.
The conference tools are used to communicate with prospective or existing contractual partners or to offer certain services to our customers (Art. 6 para. 1 lit. b DSGVO). Furthermore, the use of the tools serves the general simplification and acceleration of communication with us or our company (legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO). Insofar as consent has been requested, the tools in question are used on the basis of this consent; consent can be revoked at any time with effect for the future.
The data collected directly by us via the video and conference tools will be deleted from our systems as soon as you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies. Stored cookies remain on your terminal device until you delete them. Mandatory legal retention periods remain unaffected.
We have no influence on the storage period of your data, which is stored by the operators of the conference tools for their own purposes. For details, please contact the operators of the conference tools directly.
We use the following conference tools:
ZOOM
We use Zoom. The provider of this service is Zoom Communications Inc, San Jose, 55 Almaden Boulevard, 6th Floor, San Jose, CA 95113, USA. For details on data processing, please refer to Zoom’s privacy policy: https://zoom.us/de-de/privacy.html.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://zoom.us/de-de/privacy.html.
Unless a more specific storage period has been mentioned within this Privacy Policy, your personal data will remain with us until the purpose for data processing ceases to apply. If you assert a legitimate request for deletion or revoke consent for data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g. retention periods under tax or commercial law); in the latter case, the data will be deleted after these reasons no longer apply.
If you have consented to data processing, we process your personal data on the basis of Art. 6 (1) lit. a DSGVO or Art. 9 (2) lit. a DSGVO, if special categories of data are processed pursuant to Art. 9 (1) DSGVO. In the case of explicit consent to the transfer of personal data to third countries, the data processing is also based on Art. 49 (1) a DSGVO. If you have consented to the storage of cookies or to the access to information in your terminal device (e.g. via device fingerprinting), the data processing is additionally carried out on the basis of Section 25 (1) TTDSG. The consent can be revoked at any time. If your data is required for the performance of a contract or for the implementation of pre-contractual measures, we process your data on the basis of Art. 6 para. 1 lit. b DSGVO. Furthermore, if your data is required for the fulfillment of a legal obligation, we process it on the basis of Art. 6 para. 1 lit. c DSGVO. Furthermore, the data processing may be carried out on the basis of our legitimate interest according to Art. 6 para. 1 lit. f DSGVO. Information on the relevant legal bases in each individual case is provided in the following paragraphs of this data protection declaration.
Among other things, we use tools from companies based in the USA or other third countries that are not secure under data protection law. If these tools are active, your personal data may be transferred to these third countries and processed there. We would like to point out that no level of data protection comparable to the EU can be guaranteed in these countries.
Many data processing operations are only possible with your express consent. You can revoke consent you have already given at any time. The legality of the data processing carried out until the revocation remains unaffected by the revocation.
© MEDOSOPHOS 2023. ALL RIGHTS RESERVED