Privacy

1. Privacy at a glance

General information

The following information provides a simple overview of what happens to your personal data when you visit our website. Personal data means all data that can be used to personally identify you. You can find detailed information about data protection in our Privacy Policy set out underneath this text.

Data collection on our website

Who is responsible for the data collection on this website?

The data processing on this website is done by the website owner. You can find the owner’s contact details in this website’s Legal Notice.

How do we collect your data?

Firstly, your data is collected by you giving it to us. This may be, for example, data that you enter in a contact form.

Other data is collected by our IT systems automatically when you visit the website. This is primarily technical data (e.g. your internet browser, operating system or the time you accessed the site). This data is collected automatically as soon as you access our website.

What do we use your data for?

Some of the data is collected to ensure the smooth delivery of our website. Other data may be used to analyse your user behaviour.

What rights do you have in respect of your data?

You have the right to obtain information about the origin, recipients and purpose of your stored personal data free of charge at any time. You also have the right to demand the rectification, blocking or erasure of said data. You can contact us for this purpose, and regarding any other privacy-related issues, at any time using the address specified in the Legal Notice. In addition, you also have the right to lodge a complaint with the supervisory authority.

In certain circumstances, you also have the right to restrict the processing of your personal data. For more details, see the “Right to restrict processing” section of the Privacy Policy.

Analysis tools and tools from third party providers

When you visit our website, your surfing behaviour may be statistically analysed. This is done in particular using cookies and so-called analysis programs. Analysis of your surfing behaviour is usually anonymous, the surfing behaviour cannot be traced back to you. You may object to this analysis or prevent it by not using certain tools. Detailed information about this can be found in the following Privacy Policy.

You can object to this analysis. We will tell you about your objection options in this Privacy Policy.

2. General Notes and Required Information

Privacy

The owners of this website take the protection of your personal data extremely seriously. We treat your personal information confidentially and in compliance with the statutory data protection rules and this Privacy Policy.

Various personal data is collected when you use this website. Personal data means data that can be used to personally identify you. This Privacy Policy explains which data we collect and what we use it for. It also explains how this happens and for what purpose.

We wish to point out that the transmission of data on the internet (e.g. during email communication) can pose security risks. It is impossible to guarantee complete data protection in relation to third-party access.

Controller

The controllers for the data processing on this website are:

RP MEDICS GmbH
Reinald Pasedag, Roland Pasedag, Andreas Hainz
Egererstr. 1
D – 83339 Chieming
Germany
Telephone: +49 06106 / 66028 154
Email: info@pandiiia.com

The controller is the natural person or legal entity who decides, alone or jointly with others, upon the purpose and means of the processing of personal data (e.g. names, email addresses, etc.).

Revoking your consent to data processing

Many data processing operations are only possible with your express consent. You may revoke previously granted consent at any time. To do so, simply send us an informal message by email. This will not affect the legality of the data processing performed prior to the revocation.

Right to object to data collection in certain scenarios and to direct marketing (Art. 21 GDPR)

If data processing is performed on the basis of Art. 6(1)(e) or (f) GDPR, you have the right to object to the processing of your personal data at any time on grounds relating to your particular situation. This also applies to profiling based on those provisions. Details of the respective legal basis for data processing can be found in this Privacy Policy. If you submit an objection, we will no longer process your personal data in question except where we are able to demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or where the processing is necessary to establish, exercise or defend legal claims (objection pursuant to Art. 21(1) GDPR).

Where your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of the personal data in question for the purposes of such direct marketing. This also applies to profiling where it is related to such direct marketing. If you object, your personal data will then no longer be used for direct marketing purposes (objection pursuant to Art. 21(2) GDPR).

Right to lodge a complaint with a supervisory authority

In the event of breaches of the GDPR, the data subjects have the right to lodge a complaint with a supervisory authority, in particular in the member state of their habitual residence, their workplace or the location of the alleged breach. The right to complain exists irrespective of any other administrative or judicial remedy.

Right to data portability

You have the right to have data that we process automatically, on the basis of your consent or to fulfil a contract, passed to yourself or to a third party in a commonly used, machine-readable format. When you request a direct transfer of the data to another controller, this will only be done where it is technically feasible.

SSL and TLS encryption

For security reasons and to protect transfers of confidential content, for example orders or enquiries you send to us as site owners, this site uses SSL and TLS encryption. You can tell that the connection is encrypted because the browser address line changes from “http://” to “https://” and from the lock icon in your browser line.

When SSL and TLS encryption is enabled, the data you send to us cannot also be read by third parties.

Information, blocking, erasure and rectification

Within the framework of the relevant legal provisions, you have the right to receive information, free of charge and at any time, about your stored personal data, its origin and recipients, and the purpose of the data processing. Where applicable, you also have the right to have such data rectified, blocked or erased. You may contact us for this purpose, or with any other queries about personal data, at any time at the address specified in the Legal Notice.

Right to restrict processing

You have the right to request restriction of the processing of your personal data. You can contact us for this purpose at any time using the address specified in the Legal Notice. The right to restrict processing exists in the following scenarios:

If you dispute the accuracy of the personal data stored by us, we usually require time to verify this. For the duration of the check, you have the right to ask for processing of your personal data to be restricted.

If the processing of your personal data was/is done unlawfully, you may request restriction of the data processing instead of erasure of the data.

If we no longer need your personal data but you need it to exercise, defend or assert legal claims, you have the right to restrict the processing of your personal data instead of it being erased.

If you have submitted an objection pursuant to Art. 21(1) GDPR, your interests must be weighed against our interests. Until it is established whose rights take precedence, you may ask for the processing of your personal data to be restricted.

If you have restricted the processing of your personal data, said data may only be processed – apart from its storage – with your consent or for the purposes of asserting, exercising or defending legal claims or protecting the rights of another natural or legal person or for the sake of an important public interest of the European Union or of a Member State.

Objection to advertising emails

Use of the contact details published in our statutory legal notice for the purposes of sending unsolicited advertising and information is hereby prohibited. The site owner expressly reserves the right to take legal action in the event of the unsolicited sending of advertising, for example spam mail.

3. Data Protection Officer

Data Protection Officer required by law

We have appointed a Data Protection Officer for our company.

Sicdata Unternehmensberatung
Tobias Erdmann
Heiligenstock 34d
42697 Solingen
Telephone: +49 212 73 87 24-0
Email: erdmann@sicdata.de

4. Data collection on our website

Cookies

Websites sometimes use so-called cookies. Cookies do not harm your computer and do not contain viruses. Cookies are used to improve the user friendliness, effectiveness and security of our site. Cookies are small text files that are stored on your computer and saved in your browser.

Most of the cookies we use are so-called “session cookies”. They are deleted automatically at the end of your visit. Other cookies remain on your end device until you delete them. These cookies enable us to recognise your browser the next time you visit the site.

You can configure your browser so that you are informed when cookies are set and to only permit cookies in some cases, to exclude the acceptance of cookies in certain cases or generally, and to enable automatic deletion of the cookies when you close your browser. Disabling cookies may limit the functionality of this website however.

Cookies required for electronic communications or to provide certain features required by you (e.g. shopping basket function) will be saved on the basis of Art. 6(1)(f) GDPR. The website owner has a legitimate interest in saving cookies for the technically flawless and optimised provision of its services. If other cookies (e.g. cookies to analyse your surfing behaviour) are saved, these will be dealt with separately within this Privacy Policy.

Server log files

The website provider automatically collects and saves information in so-called server log files which are automatically sent to us by your browser. This includes:

Browser type and browser version
Operating system used
Referrer URL
Host name of the accessing computer
Time of the server request
IP address

This data is not combined with other data sources.

This data is collected on the basis of Art. 6(1)(f) GDPR. The website owner has a legitimate interest in the technically flawless presentation and optimisation of its website – the server log files must be collected for this reason.

Contact form

If you send us requests via the contact form, we will store the information you provide on the enquiry form, including the contact details you specify therein, to process your enquiry and for any follow-up questions. Where necessary, we may transfer said information to our cooperation partners. We will not forward this data without your consent.

Processing of the data entered on the contact form will therefore be solely on the basis of your consent (Art. 6(1)(a) GDPR). You may revoke this consent with effect for the future. To do so, simply send us an informal message by email. This revocation will not affect the legality of the data processing previously performed.

We will keep the data you enter on the contact form until you ask us to delete it, revoke your consent to the storage thereof, or until the purpose for saving the data ceases to apply (e.g. once your enquiry has been processed in full). Mandatory statutory provisions, in particular retention periods, will remain unaffected.

Enquiry by email, telephone or fax

When you contact us by email, telephone or fax, we will store and process your enquiry, including any resulting personal data (name, enquiry), for the purpose of dealing with your request or concern. We will not forward this data without your consent.

This data will be processed on the basis of Art. 6(1)(b) GDPR if your enquiry is related to the fulfilment of a contract or is required to implement precontractual measures. In all other cases, the processing will take place based on your consent (Art. 6(1)(a) GDPR) and / or based on our legitimate interests (Art. 6(1)(f) GDPR) since we have a legitimate interest in dealing with enquiries submitted to us effectively.

We will keep the data you send to us via the contact form until you ask us to delete it, revoke your consent to the storage thereof, or until the purpose for saving the data ceases to apply (e.g. once your request or concern has been dealt with in full). Mandatory statutory provisions, in particular statutory retention periods, will remain unaffected.

Registration on this website

You may register on our website in order to use additional site features. We will only use the data entered for this purpose for use of the respective product or service you registered for. The mandatory information requested during the registration process must be provided in full. Otherwise, the registration will be declined.

In the case of important changes, for example to the range of services we offer or in the case of technically necessary modifications, we will use the email address you provided during registration to notify you.

Processing of the data entered during registration will be done on the basis of your consent (Art. 6(1)(a) GDPR). You may revoke any consent you have previously provided at any time. To do so, simply send us an informal message by email. The legality of any data processing already performed will not be affected by the revocation.

We will store the data collected during registration for as long as you remain registered with our website. It will then be erased. Any statutory retention periods will remain unaffected.

Data processing (customer and contract data)

We only collect, process and use personal data where necessary to establish, define the content of, or change the legal relationship (basic data). This is done on the basis of Art. 6(1)(b) GDPR which permits the processing of data to fulfil a contract or to take steps prior to entering into a contract. We only collect, process and use personal data regarding use of our websites (usage data) where necessary to enable the user to use the service or invoice them for the same. The collected customer data will be erased following completion of the order or termination of the business relationship. Any statutory retention periods will remain unaffected.

5. Analysis tools and advertising

Google Analytics

This website uses functions from the Google Analytics web analysis service. The provider is Google Ireland

Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics uses so-called “cookies”. These are text files that are stored on your computer and enable analysis of your use of the website. The information generated by the cookie about your use of the website is generally transmitted to and stored on one of Google’s servers in the USA.

The storage of Google Analytics cookies and use of these analysis tools is done on the basis of Art. 6(1)(f) GDPR. The website owner has a legitimate interest in analysing user behaviour to optimise its website and its advertising.

IP anonymisation

We have enabled the IP anonymisation function on this website. This means that your IP address is shortened by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. Google will use this information on behalf of the website owner to analyse your use of the website, and to compile reports about website activities and provide services associated with the use of this website and internet usage for the website owner. The IP address transmitted by your browser as part of Google Analytics will not be merged by Google with other data.

Browser plug-in

You can prevent the storage of cookies with an appropriate setting in your browser software however, please note that if you do this, you may not be able to make full use of all of the features of this website. Furthermore, you can prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) by Google, as well as the processing of this data by Google, by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en-GB.

Objecting to data collection

You can block the collection of your data by Google Analytics by clicking the following link. An opt-out cookie will be set which prevents your data from being collected when you visit this website in the future: Disabling Google Analytics.

You can find more information about how user data is handled with Google Analytics in Google’s Privacy Policy: https://support.google.com/analytics/answer/6004245?hl=en.

Contract data processing

We have concluded a contract data processing agreement with Google and implement the strict requirements of the German data protection authorities fully when using Google Analytics.

Demographics with Google Analytics

This website uses the “demographics” feature from Google Analytics. This enables the drafting of reports which contain statements on the age, gender and interests of website visitors. This data comes from Google’s interest-based advertising and visitor data from third-party providers. This data cannot be attributed to a specific individual. You can disable this feature at any time via the advertising settings in your Google account or you can prohibit your data from being collected by Google Analytics in general as described in “Objecting to data collection”.

Storage period

Data stored by Google at user and event level which is linked to cookies, user names (e.g. UserID) or advertising IDs (e.g. double-click cookies, Android advertising ID) will be anonymised or erased after 14 months. For more details on this, see the following link: https://support.google.com/analytics/answer/7667196?hl=en

6. Newsletter

Newsletter data

If you wish to receive the newsletter offered on the website, we will need your email address and information permitting us to verify that you are the owner of the specified email address and consent to receiving the newsletter. No other data will be collected or will only be collected on a voluntary basis. We will only use this data to send the requested information and we will not forward it to third parties.

Processing of the data entered on the newsletter subscription form will be solely on the basis of your consent (Art. 6(1)(a) GDPR). You may revoke the consent granted to saving your data and email address, and the use thereof for sending out the newsletter, at any time, for example via the “Unsubscribe” link in the newsletter. The legality of any data processing operations already performed will not be affected by the revocation.

We will store the data you provide for the newsletter subscription until you unsubscribe from the newsletter and we will erase it following cancellation of the newsletter subscription. Data saved by us for other purposes will remain unaffected by this.

Inxmail

This website uses Inxmail to send out newsletters. The provider is Inxmail GmbH, Wentzingerstraße 17, 79106 Freiburg, Germany.

Inxmail is a service that can be used to organise and analyse newsletter sending. The data entered by you to register for the newsletter will be stored on Inxmail servers in Germany.

If you do not want your data to be analysed by Inxmail, you must unsubscribe from the newsletter. We provide a link for this purpose in every newsletter message. You can also unsubscribe from the newsletter on the website directly.

Data analysis by Inxmail

Using Inxmail, we can analyse our newsletter campaigns. Among other things, this allows us to see if a newsletter message was opened and which links, if any, were clicked on. This means, among other things, that we can see which links are clicked particularly often.

Inxmail also enables us to subdivide the newsletter recipients into various recipient categories (e.g. place of residence). This allows us to tailor the newsletter more effectively to the respective target groups.

Legal basis

The data processing is performed on the basis of your consent (Art. 6(1)(a) GDPR). You may revoke this consent at any time. The legality of any data processing operations already performed will not be affected by the revocation.

Storage period

We will store the data you provide for the newsletter subscription until you unsubscribe from the newsletter and it will be erased following cancellation of the newsletter subscription both from our servers and Inxmail’s servers. Data saved by us for other purposes will remain unaffected by this.

Conclusion of a contract data processing agreement

We have concluded a contract with Inxmail in which we obliged Inxmail to protect our customers’ data and not forward it to third parties.

For further details, see Inxmail’s data privacy policy at: https://www.inxmail.com/data-conditions.

7. Plug-ins and tools

YouTube

Our website uses plug-ins from the YouTube site operated by Google. The owner of the website is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

When you visit one of our pages featuring a YouTube plug-in, a connection will be established with YouTube’s servers. At the same time, the YouTube server is told which of our pages you have visited.

YouTube may also store various cookies on your end device. YouTube can obtain information about visitors to our website from these cookies. This information is used, among other things, to compile video statistics, to improve the user friendliness of the site, and to prevent fraud attempts. The cookies remain on your end device until you delete them.

If you are logged in to your YouTube account, you allow YouTube to link your surfing behaviour to your personal profile directly. You can prevent this by logging out of your YouTube account.

YouTube is used in the interest of an appealing presentation of our online offers. This constitutes a legitimate interest as defined in Art. 6(1)(f) GDPR.

You can find more information about how user data is handled in YouTube’s privacy policy at: https://policies.google.com/privacy?hl=en-GB.

Google Maps

This site uses the Google Maps map service via an API. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

To use the Google Maps function, your IP address must be saved. This information is usually transmitted to a Google server in the USA and is stored there. The provider of this site has no influence over this data transmission.

The use of Google Maps is in the interest of an appealing presentation of our website and to make it easy to find the locations we refer to on our website. This constitutes a legitimate interest as defined in Art. 6(1)(f) GDPR.

You can find more information about how user data is handled in Google’s privacy policy: https://policies.google.com/privacy?hl=en-GB.

Google Web Fonts

To display fonts consistently, this site uses so-called web fonts which are provided by Google. When you visit a site, your browser loads the necessary web fonts into your browser cache in order to display text and fonts correctly.

To do this, your browser has to establish a connection to Google’s servers. By doing so, Google learns that our website was visited via your IP address. Google Web Fonts are used in the interest of a consistent and appealing presentation of our website. This constitutes a legitimate interest as defined in Art. 6(1)(f) GDPR.

If your browser does not support web fonts, your computer will use a standard font.

You can find more information about Google web fonts at https://developers.google.com/fonts/faq and in Google’s privacy policy: https://policies.google.com/privacy?hl=en-GB.

Google reCAPTCHA

We use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on our websites. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

The purpose of reCAPTCHA is to check if the data input on our website (e.g. in a contact form) was done by a human or by an automated program. For this purpose, reCAPTCHA analyses the behaviour of website visitors using various features. This analysis starts automatically as soon as the website visitor accesses the website. For the analysis, reCAPTCHA analyses various information (e.g. IP address, time spent by the visitor on the website or the user’s mouse movements). The data recorded in the analysis is forwarded to Google.

The reCAPTCHA analyses run completely in the background. Website visitors are not informed that an analysis is taking place.

The data processing is on the basis of Art. 6(1)(f) GDPR. The website owner has a legitimate interest in protecting its website against abusive automated spying and spam.

You can find more information about Google reCAPTCHA and Google’s privacy policy at the following links: https://policies.google.com/privacy?hl=en-GB and https://www.google.com/recaptcha/intro/android.html.

8. Standalone services

Applications

We provide you with the ability to apply for jobs with us (e.g. by email, post or via an online application form). Below we tell you to what extent, for what purpose and how the personal data you provide is collected and used during the application process. We hereby declare that your data will be collected, processed and used in compliance with the applicable data protection legislation

and all other statutory provisions and that your data will be handled strictly confidentially.

Extent and purpose of the data collection

When you send us an application, we process your associated personal data (e.g. contact and communication details, application documentation, notes from interviews, etc.) where necessary in order to make a decision on whether or not to establish an employment relationship. The legal basis for this processing is Section 26 of the new German Federal Data Protection Act (BDSG) (Initiating an employment relationship), Art. 6(1)(b) GDPR (General contract initiation) and, if you have granted consent, Art. 6(1)(a) GDPR. The 12 / 14 consent may be revoked at any time. Your personal data will only be forwarded within our company to individuals involved in processing your application.

If your application is successful, the data submitted by you will be stored in our data processing systems for the purpose of implementing the employment relationship on the basis of Art. 26 new BDSG and Art. 6(1)(b) GDPR. Retention period for the data If we are unable to offer you a position or if you reject an offered position, withdraw your application, revoke your consent to data processing, or ask us to erase your data, the data you provided, incl. any remaining physical application documents, will be stored and retained for a maximum of 6 months following conclusion of the application process (retention period) so that details of the application process can be verified in the event of disagreements (Art. 6(1)(f) GDPR).

YOU CAN OBJECT TO THIS STORAGE IF YOU HAVE LEGITIMATE INTERESTS THAT OVERRIDE OUR INTERESTS.

Following expiry of the retention period, the data will be erased providing there is no statutory retention obligation or any other legal basis for its continued storage. Where it is evident that retention of your data will be necessary after expiry of the retention period (e.g. due to an imminent or pending legal dispute), said data will only be erased once the data is no longer necessary. Any other statutory retention obligations remain unaffected.