Name and address of the controller
The controller in terms of the General Data Protection Regulation (GDPR) and other national data protection laws of the member states as well as other data protection regulations is:
Dreve ProDiMed GmbH
Tel.: +49 2303-8807-0
Fax: +49 2303-8807-745
Name and address of the Data Protection Officer
The data protection officer of the controller is:
Deutsche Datenschutz Consult GmbH
22769 Hamburg Germany
Tel.: +49 40 228 60 70 402
When you visit our website, we record the following data transmitted by your browser:
The data is also stored in the log files of our system, whereby the IP address is anonymized when entered.
The legal basis for the temporary storage of data and log files is GDPR art.6 para 1 subpara f.
The temporary storage of the IP address by the system is necessary to provide a transmission of the website to the user’s computer. For this purpose, the user’s IP address must remain stored for the duration of the session. This is also the reason for our legitimate interest in this process.
The reporting is used for the internal evaluation of our offer, to optimize the display of our website and to identify and defend against misuse. The record is used for the internal evaluation of our offer, to optimize the display of our website and to identify and defend against misuse. The collected data will not be linked with other data sources and will not be used for marketing purposes.
These purposes define our legitimate interest in data processing according to GDPR art.6 para 1 subpara f.
The data will be deleted as soon as they are no longer necessary for the purpose for which they were collected. If data is collected for the purpose of providing the website, it will be deleted as soon as the respective session has ended.
For the storage of the data in log files, this is after 30 days at the latest.
The collection of data for the provision of the website and the storage of the data in log files is mandatory for the functioning of the website. There is therefore no possibility of objection on the part of the user.
Note on data security
We use the SSL (Secure Socket Layer) procedure on our website in combination with the highest encryption level supported by your browser. In general, this is a 256 bit encryption. If your browser does not support 256-bit encryption, we use 128-bit technology instead. You can tell whether an individual page of our website is being transmitted in encrypted form by the closed display of the key or lock symbol in the lower status bar of your browser.
We also use appropriate technical and organisational security measures to protect your data against accidental or deliberate manipulation, partial or complete loss, destruction or unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.
Our services for registered users
If you would like to take the opportunity to order goods in our web shop or in our order portals for dental and hearing technology, you can register on our portal. For this purpose, we need personal data from you:
During the usage process, technically necessary information such as IP address, time of access, etc. is also collected, which allows us to technically implement our service according to current security standards.
Subsequently, after a comparison with the relevant sanctions lists (in accordance with GDPR art.6 para 1 subpara c in the case of a possible personal reference), you have the opportunity to make use of our services. The legal basis for the data collected in the course of registration and use of our portal is the requirement for the fulfilment of the contract in accordance with GDPR art.6 para 1 subpara b, if you are acting as an independent individual in your own name, alternatively our legitimate interest in being able to name an individually identifiable natural person at our contractual partner, GDPR art.6 para 1 subpara f.
As soon as you place an order within one of our portals or in the web shop, further details on your payment modalities may be required, which are necessary for the execution of the contract. Depending on the occasion, a credit assessment may also be required in individual cases, but not as a lump sum and not automatically. If such a credit check is carried out, it also affects natural persons acting independently if they decide to register on our portal. In such a case, the check carried out is required for the execution of the contract in accordance with GDPR art.6 para 1 subpara b. Although a scoring value is automatically calculated by the company commissioned for a credit assessment, no automated decision making is made on the basis of this value, but is based on an individual assessment of the individual case.
Your data will be stored for 6 or 10 years, respectively, within the framework of the legal obligations to provide evidence under commercial and tax law, starting from the year following the conclusion of the contract, GDPR art.6 para 1 subpara b.
If you would like to object to our depositing your data in the context of our legitimate interest, please contact firstname.lastname@example.org.
After registration, our customers have the choice to contact us via chat for advice on our products. To enable this we use products of the provider Userlike UG, Probsteigasse 44–46, 50670 Cologne, Germany. This provider will act for us as processor as soon as personal data is involved. In this case, we process the data of our contact person within the scope of our legitimate interest in being able to offer our customers an uncomplicated and up-to-date consulting option, GDPR art.6 para 1 subpara f. It is also possible that no further data will be provided apart from the connection data (IP address, etc.) which is required for technical reasons. There is no direct assignment of the chat to the customer in our customer database. Information is solely fed manually into our customer database if this is appropriate in accordance with our legitimate interest, in order to offer our customers the best possible service, GDPR art.6 para 1 subpara f.
Data of third parties
If data of your customers or patients is obtained within the context of your order, we will act on your behalf and process the received data according to your instructions. In this case, it is for you as the contractor to comply with the legal obligations arising from data protection, which are not subject to us in the context of processing the order.
On our website there is a contact form which can be used for electronic contact. If a user takes advantage of this option, the data entered in the input mask is transmitted to us and will be stored. This data is in addition to the user’s formulated requests:
At the time the message is sent, the following data is also stored:
Alternatively, it is possible to contact us via the provided e-mail address. In this case, the user’s personal data transmitted with the e-mail will be stored.
In this context, the data will not be passed on to third parties. The data will be used exclusively for processing the conversation.
If necessary for this purpose, the data will be processed within the framework of the initiation or execution of a contractual relationship, GDPR art.6 para 1 subpara b. In all other respects, processing may take place within the scope of our legitimate interests, GDPR art.6 para 1 subpara f. Our legitimate interest here is to provide an uncomplicated opportunity for possible interested parties in our services or for other visitors to our website to contact us. Our legitimate interests may also lie, for example, in the internal forwarding of the enquiry to enable another employee to answer it or in similar organisational measures to ease the workload. This does not include unexpected or excessive processing that is disadvantageous to the sender.
The collection of data from the input mask is carried out exclusively for the purpose of processing your enquiry and providing information about our services. Your data will not be passed on or used for other purposes.
The other personal data processed during the sending process serves to prevent misuse of the contact form and to ensure the security of our information technology systems.
The data will be deleted as soon as they are no longer required for the purpose of their collection. For the personal data from the input mask of the contact form and those sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is finished when it can be concluded from the circumstances
that the matter in question has been finally clarified.
The additional personal data collected during the sending process will be deleted after a period of 30 days at the latest.
The user can object to the storage of his personal data at any time. For this purpose, an informal e-mail to our data protection officer (address see above) stating the data required for the assignment of the contact is sufficient. In such a case the conversation cannot be continued. All personal data stored in the course of the contact will be deleted in this case.
For our newsletter we collect your e-mail address, your preferred form of salutation, your first and last name and your special interests. The registration for our newsletter
is done in a so-called double opt-in procedure. This means that after registration you will receive an e-mail requesting to confirm your registration. This confirmation is necessary so that no one with a foreign e-mail address can register. Newsletter registrations are logged in order to be able to prove the registration process in accordance with legal requirements. This includes the storage of the registration and confirmation time as well as the IP address. Changes to your data stored by the shipping service provider are also recorded.
The dispatch of the newsletter is based on the consent of the recipient in accordance with GDPR art. 6 para 1 subpara a and GDPR art. 7.
The registration procedure is recorded on the basis of our duty of proof in accordance with GDPR art. 6 para 1 subpara c in combination with GDPR art. 7 para 1.
We use your e-mail address to send the newsletter, e-mails and other electronic notifications containing advertising information (hereinafter referred to as “newsletter”) only with the consent of the recipients or a legal permission. If the contents of the newsletter are specifically described in the context of a registration for the newsletter, these are decisive for the consent of the users. Furthermore, our newsletters contain information about our services and us.
Our interest in the logging of the registration process is focused on the use of a user-friendly and secure newsletter system that serves our business interests as well as the expectations of the users and also allows us to comply with our obligation to provide evidence, GDPR art. 6 para 1 subpara c in combination with GDPR art. 6 para 1.
The collected data will be stored until your consent is withdrawn. In order to be able to prove a previously given consent, we can store e-mail addresses that have been removed due to withdrawal for up to three years before we delete them. The processing of this data is then limited to the purpose of fulfilling our obligation to provide evidence and a possible defence against claims. An individual request to delete the data is possible at any time, provided, that the former existence of a consent is confirmed at the same time.
You can cancel the receipt of our newsletter at any time, i.e. you can withdraw your consent. You will find a link to cancel the newsletter at the end of each newsletter.
The newsletters may contain links which, when opened, transmit information to us via the clicked link and/or the newsletter itself. Within the scope of this retrieval, technical information such as information on the browser and your system as well as your IP address and the time of retrieval are initially collected.
This information is used for technical improvement of the services based on the technical data or the target groups and their reading behavior based on the retrieval locations (which can be determined with the help of the IP address) or the access times. Statistical surveys also include determining whether newsletters are opened, when they are opened and which links are clicked. The evaluations serve to identify the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.
These evaluation activities are in our legitimate interests as operators of the newsletter, GDPR art. 6 para 1 subpara f.
Social media online presence
We maintain online presences on the Facebook and LinkedIn platforms in order to communicate with the customers, interested parties and users active there and to be able to inform them about our services. When calling up the respective platforms, the terms and conditions and data processing guidelines of the respective operators apply.
Unless otherwise stated in our data protection declaration, we process the data of users if they communicate with us via these platforms, e. g. write articles on our online presences or send us messages. This is done on the basis of our legitimate interest in being able to offer an appealing interaction opportunity for our customers and interested parties.
Furthermore, the data of visitors to our online sites is evaluated by the platform operators and the anonymised data is made available to us. The provision of our online sites on the platforms, which is our responsibility, and the receipt of statistical evaluations of our visitors to these online sites is in our legitimate interest in being able to evaluate our offer and to evaluate our market reach, GDPR art. 6 para 1 subpara f.
The actual statistical evaluation is the responsibility of the platform operators. For more detailed information, you can contact the responsible platform operators at any time, or you can take this information from their data protection declarations.
Name: Facebook Ireland Ltd.
Address: 4 Grand Canal Square,Grand Canal Harbour, D2 Dublin, Ireland
Joint responsibility: https://www.facebook.com/legal/terms/page_controller_addendum
Name: YouTube, LLC
Address: 901 Cherry Ave., San Bruno, CA 94066, USA
Name: Instagram, Responsible: Facebook Ireland Limited
Address: 4 Grand Canal Square, Dublin 2, Ireland
Cookies can store information about the details you provide when visiting the website – for example, language selection, entries in form fields, etc. Cookies can also be used to store a unique identifier that allows your browser to be recognized by the website.
We ourselves use both session cookies (automatically deleted when the browser is closed) and persistent cookies (remain on your computer until the set expiry date) on this site.
In addition, this website incorporates services of third party providers, which can also store cookies on your computer. For the integrated services, see below.
Cookies are set on the basis of GDPR art.6 para 1 subpara f., whereby our legitimate interest lies in the provision of a functional and user-friendly website, the response to customer enquiries and the optimisation of our web offering.
We use the personal data collected with the help of cookies to enhance the information and offers on our website in your interest by optimising the navigation of the site from a technical point of view, e. g. by the option of saving your settings for your next visit or features such as the recognition of a closed session to enable a login or a shopping basket, etc.
The user data collected by the cookies is not used to create user profiles.
Session cookies set by us are deleted when the browser is closed, persistent cookies set by us are deleted after the set expiration date.
Third party services
a) Google Analytics
We use Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”), on the basis of your permission in accordance with GDPR art. 6 para 1 subpara a.
Google will use this information on our behalf to evaluate the use of our website by users, to compile reports on the activities within this website and to provide us with further services associated with the use of this website and the Internet. In doing so, pseudonymous user profiles of the users can be drawn up from the collected data.
We only use Google Analytics with activated IP anonymisation. This means that the IP address of the user is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transferred to a Google server in the USA and shortened there. The IP address transmitted by the user’s browser is not merged with other Google data.
Users can prevent the storage of cookies by adjusting their browser software accordingly; users can also prevent the collection of data generated by the cookie and related to their use of the online offer to Google and the processing of this data by Google by downloading and installing the browser plug-in available under the following link:
and in the settings for the display of advertising by Google (https://adssettings.google.com/authenticated). The personal data of users will be deleted or anonymised after 14 days.
You give your consent to this processing by confirming the cookie banner that is called up when you visit this website. You can revoke your consent to the processing at any time with effect for the future. You do this by clicking on the small circle at the bottom left of the screen, which appears after confirming the cookie banner.
b) Google Maps
We integrate the maps of the “Google Maps” service of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter “Google”). The processed data includes in particular IP addresses and location data of the users, the latter, however, are not collected without their consent (usually in the context of the settings of your mobile devices). The data may be processed in the USA. Google is part of the EU-US Privacy Shield, for which an adequacy finding has been issued by the EU Commission.
The legal basis for the access to Google Maps implemented by us is our legitimate interest in an optimal presentation of our location-based content for interested users of our offer, GDPR art. 6 para 1 subpara a. For further details, please refer to Google’s data protection declaration: https://www.google.com/policies/privacy/
You can object to the use of your data by Google Maps at any time by clicking on this link: https://adssettings.google.com/authenticated.
On our website, we use the plugin of the service Youtube, provided by YouTube LLC, 901 Cherry Avenue, San Bruno, CA 94066, USA, which is represented by Google Inc. with headquarters at 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter: Youtube). The plugin can be identified on our site by the term “Youtube “, linked to the symbol of the red rectangle with the play button.
When you call up a page of our website that contains such a plug-in, a direct connection is established between your browser and the YouTube server. This gives YouTube the information that your browser has called up the corresponding page of our website, even if you do not have a profile on YouTube or are not currently logged on to YouTube. This information (including your IP address) is transmitted by your browser directly to a YouTube server in the USA and stored there. Youtube is subject to the EU-US Privacy Shield through its parent company Google, for which an adequacy decision has been made by the EU Commission.
If you are logged in to YouTube, YouTube can directly assign the visit to our website to your YouTube profile. If you interact with the plugins, for example by pressing the “Play” button, the corresponding information is also transmitted directly to a YouTube server and stored there. The purpose and scope of data collection and the further processing and use of data by Youtube as well as your rights in this regard can be found in the data protection information at https://policies.google.com/privacy?hl=de
You can find your relevant setting options for the protection of your privacy here: https://adssettings.google.com/authenticated.
The integration of the YouTube component is based on GDPR art. 6 para 1 subpara f, whereas our legitimate interest lies in the ideal presentation of our products via a highly compatible platform, the promotion of our presence in social media and the social interaction with our services and offers, which is also the purpose of transmitting the IP address and other data.
If you do not want Youtube to assign the data collected via our website directly to your Youtube account, you must log out of Youtube before visiting our website. You can also completely prevent the loading of the Youtube component with add-ons for your browser, e. g. with the script blocker “NoScript” (http://noscript.net/).
d) Google Fonts
This site uses so-called web fonts, which are provided by Google, for the standard display of fonts.
If you have previously used the Web Fonts on another site and downloaded them from Google CDN, your browser will fall back to the cached copy. If this is not the case, your browser will download the Web Fonts itself. Through this, Google will gain knowledge that our website was accessed via your IP address. A transfer of this data to the USA cannot be excluded. Google has been verified under the EU-US Privacy Shield, for which the EU Commission has issued an adequacy decision.
Google Web Fonts are used in the interest of a uniform and attractive presentation of our online offers. This constitutes a legitimate interest within the meaning of GDPR art. 6 para 1 subpara f.
If your browser does not support Web Fonts, a standard font from your computer will be used.
Further information about Google Web Fonts can be found here:
This website uses Ajax and jQuery or jQueryUI technologies, which optimize loading speeds. In this respect, Google servers call up program libraries. The CDN (Content delivery network) of Google is used. If you have used jQuery on another page of the Google CDN before, your browser will fall back to the cached copy. If this is not the case, a download is required, whereby data from your browser is sent to Google Inc. This data is transmitted to the USA. Google is certified under the EU-US Privacy Shield, which is subject to an adequacy finding by the EU Commission pursuant to Art. 45 GDPR.
You can find out more about these technologies at: https://developers.google.com/speed/libraries/#jquery
We would like to point out that in the context of using our services and the use of our performances/services, you will not be subject to a decision that is based on automated processing – including profiling – which has legal effect on you or which significantly affects you in a similar way.
You have the right to request correction, restriction of processing, transferability and/or deletion of your personal data. You may also request information on processing operations concerning your personal data and have the right to inform the recipients of your data if you have applied for deletion, restriction of processing or rectification.
You may also complain to the competent authorities about processing operations and object to the storage of your personal data.