Name and address of the controller
The controller within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is:
Dreve ProDiMed GmbH
Max-Planck-Str. 31
59423 Unna/Germany
Phone: +49 2303 8807-0
Fax: +49 2303 8807-745
Email: info@dreve.de
Name and address of the data protection officer
The data protection officer of the controller is:
Deutsche Datenschutz Consult GmbH
Christoph Heinrich
www.deutsche-datenschutz-consult.de
Stresemannstraße 29
22769 Hamburg/Germany
Phone: +49 40 2286070 0
Email: datenschutzbeauftragte@dreve.de
Server statistics
When you visit our website, we collect the following data transmitted by your browser:
The data is processed temporarily to enable the website to be delivered correctly to the user’s computer. For this purpose, the user’s IP address must be stored for the duration of the session. The delivery of the website at the user’s request constitutes a legitimate interest, which is why the temporary storage and processing in this context is based on Art. 6 (1) lit. f GDPR.
The data is deleted as soon as it is no longer necessary for the purpose for which it was collected. This is the case when the respective session has ended. The above-mentioned data is also stored in our system’s log files, whereby the IP address is only recorded in anonymized form. Logging is carried out for the internal evaluation of our offer, to optimize the display of our website, and to identify and prevent misuse. The stored data is not merged with other data sources or used for marketing purposes. Log files are deleted after 30 days at the latest. Since the IP address is stored anonymously in the log files, it is no longer considered personal data.
Cookies
This website uses cookies. A “cookie” is a piece of text information that the visited website places on the viewer’s computer via the web browser, where it can be read again later by the web browser.
Cookies can store information about details you provide when visiting the website – for example, language selection, entries in form fields, etc. Cookies can also store a unique identifier that allows your browser to be recognized by the website.
We use both session cookies, which are automatically deleted when you close your browser, and persistent cookies, which remain on your device until their set expiration date. Additionally, third-party services are integrated into this website, which may also store cookies on your computer. See below for the integrated services.
Cookies are set on the basis of Art. 6 (1) sentence 1 lit. f GDPR, whereby our legitimate interest lies in providing a functional and user-friendly website, responding to customer inquiries, and optimizing our web offering.
We use the personal data collected with the help of cookies to optimize the information and offers on our website in your interest by optimizing the navigation of the site from a technical point of view, e.g., by enabling you to save your settings for your next visit or features such as recognizing a closed session to enable a login or a shopping cart, etc.
The user data collected by cookies is not used to create user profiles.
Session cookies set by us are deleted when you close your browser, while persistent cookies set by us are deleted after the set expiration date.
You can prevent the setting of cookies by our website at any time by means of a corresponding setting in the Internet browser used and thus permanently object to the setting of cookies. As a user, you therefore have full control over the use of cookies. Furthermore, cookies that have already been set can be deleted at any time via an Internet browser or other software programs. This is possible in all common Internet browsers.
If the data subject deactivates the setting of cookies in the Internet browser used, not all functions of our website may be fully usable.
Consent Manager
To manage the consent-required content on this website, we use the consent manager from Usercentrics GmbH. (Sendlinger Straße 7, 80331 Munich/Germany). The following information is shared with Usercentrics for this purpose:
This data is processed in order to comply with our legal obligation to be able to prove that consent has been given and is therefore based on Art. 6 (1) (c) GDPR. The data is retained for one year and then deleted, unless other legal obligations prevent this. This data is not used to create profiles or to track website visitors beyond consent management.
Contact form
Our website features a contact form that can be used to contact us electronically. If a user chooses to do so, the data entered in the input mask will be transmitted to us and stored. In addition to the user’s request, this data includes:
When the message is sent, the following data is also stored:
Alternatively, you can contact us via the email address provided. In this case, the user’s personal data transmitted with the email will be stored.
In this context, the data will not be passed on to third parties. The data will be used exclusively for processing the conversation.
If necessary, the data will be processed within the framework of the initiation or execution of a contractual relationship, Art. 6 (1) lit. b GDPR. Furthermore, processing may take place within the scope of our legitimate interests, Art. 6 (1) lit. f GDPR. Our legitimate interest here is to provide an uncomplicated way for potential customers interested in our services or other visitors to our website to contact us. Our legitimate interests may also include, for example, the internal forwarding of the inquiry to enable another employee to respond or similar organizational measures to facilitate work. This does not include surprising or excessive processing procedures that are detrimental to the sender.
The data collected from the input mask is used exclusively for the purpose of processing your inquiry and providing information about our services. Your data will not be passed on or used for other purposes.
The other personal data processed during the sending process is used to prevent misuse of the contact form and to ensure the security of our information technology systems.
The contact form generates an email and sends it to an internal email address at Dreve. Since emails can constitute business letters within the meaning of the German Commercial Code (HGB), they are stored for a period of 6 years beginning with the year following the receipt or sending of the email. This is done on the basis of Art. 6 (1) lit. c GDPR in conjunction with the archiving obligation under § 257 HGB. Contact requests that do not constitute business letters are deleted when the respective conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the matter in question has been conclusively clarified.
The additional personal data collected during the sending process will be deleted after a period of 30 days at the latest.
The user may object to the storage of their personal data at any time. To do so, simply send an informal email to our data protection officer (see above for address), providing the information necessary to identify the contact. In such a case, the conversation cannot be continued. All personal data stored in the course of establishing contact will be deleted in this case.
Applications
As part of the application process, we only collect the data that you provide to us. If you apply via the form on our website, this data will be transmitted to us in encrypted form. If you send us your application documents by email, this will be done in unencrypted form. We would like to point out that this unencrypted transmission is not secure under data protection law.
After receiving your application, we use the information you have provided to assess your suitability for the position and to carry out the application process. If appropriate, suitable applications will be forwarded internally to the department managers in the company responsible for the respective vacant position. The further procedure will then be coordinated. Within the company, only those persons who need your data for the proper execution of our application process have access to it.
Your data will be processed exclusively in data centers in the Federal Republic of Germany.
The data you provide to us in connection with an application is processed on the basis of Art. 6 (1) lit. b GDPR for the purpose of deciding on the establishment of an employment relationship.
Information that we collect optionally via the application form is used to better classify your application and also serves to decide on the establishment of an employment relationship. We use the optional information about how you became aware of us on the basis of legitimate interests to evaluate and improve our recruiting strategy.
If the data is required for legal purposes after the application process has been completed, data processing may be carried out on the basis of the requirements of Art. 6 GDPR, in particular for the purpose of pursuing legitimate interests pursuant to Art. 6 (1) (f) GDPR. Our interest then lies in asserting or defending claims. Data is usually deleted 6 months after the position in question has been filled.
If, in the event of a rejection, we are still interested in your profile, we will obtain your consent for further storage and review for suitability for other open positions in the company. Your data will only be used further with your consent. If you do not respond to the request within the time window in which we store your data on the basis of our legitimate interests, your data will be automatically deleted. In all other cases, your data will be deleted immediately upon rejection.
If you have consented to the further storage of your personal data, we will transfer your data to our applicant pool on the basis of Art. 6 (1) (a) GDPR. The data will be deleted after two years. You can revoke your consent at any time with effect for the future.
If you are offered a position as part of the application process, the data will be transferred from the applicant data system to our personnel information system.
Customer feedback
If you provide feedback on our products using the forms on our website, we collect the information you provide for the purpose of evaluating the quality of our products and identifying potential for improvement. This constitutes a legitimate interest within the meaning of Art. 6 (1) lit. f GDPR. The information you provide is stored under a unique ID, which we cannot subsequently assign to your person, session, or device. Unless you have provided identifying information in the free text fields, the storage is therefore anonymous.
Renting devices
If you wish to rent a device using the corresponding form on our website, we collect the information you provide for the purpose of processing the rental agreement. The data collected via the form is necessary for the performance of the contract and is processed on the basis of Art. 6 (1) lit. b GDPR, provided that the contract is concluded with you as a natural person. If you conclude the contract on behalf of a company, the processing is based on Art. 6 (1) lit. f GDPR, whereby our legitimate interest lies in serving our customers and processing concluded contracts.
The data processed in connection with the rental of a device will be stored after the contract has been fulfilled on the basis of Art. 6 (1) lit. c GDPR for the purpose of fulfilling the legal archiving obligations under § 147 AO (German Fiscal Code) and then deleted.
Repairing devices
If you request the repair of a device using the appropriate form on our website, we collect the information you provide for the purpose of processing the repair and, if necessary, processing the rental of a replacement device. The data collected via the form is necessary for the fulfillment of the contract for the repair and, if requested, the rental of the replacement device, and is processed on the basis of Art. 6 (1) lit. b GDPR, provided that the contract is concluded with you as a natural person. If you conclude the contract on behalf of a company, the processing is carried out on the basis of Art. 6 (1) lit. f GDPR, whereby our legitimate interest lies in the support of our customers and in the processing of concluded contracts.
The data processed in connection with the repair of the device and the possible rental of a replacement device will be stored after the respective contracts have been processed on the basis of Art. 6 (1) lit. c GDPR for the fulfillment of the statutory archiving obligations under § 147 AO (German Fiscal Code) and then deleted.
Correspondence in connection with the execution of contracts
If you correspond with us via email, we collect, store, and process your name, email address, and all content of the correspondence. This data is processed for the purpose of initiating or executing a contractual relationship with you or the responsible body you represent.
The legal basis for processing is generally Art. 6 (1) (b) GDPR if the communication is for the purpose of initiating or executing a contractual relationship with you. If you represent a company in your communication with us, processing is based on Art. 6 (1) (f) GDPR, whereby our legitimate interest lies in establishing and maintaining business relationships. In individual cases, processing may also be based on Art. 6 (1) (a) GDPR if you have given us your consent to contact you and/or correspond with you.
If we receive your email address in connection with the execution of a contract with you or the company you represent, we will send you information about our products and services at irregular intervals.
This is done on the basis of our legitimate interest in presenting our product portfolio to our customers and generating further interest in our services. The processing of your email address is based on Art. 6 (1) lit. f GDPR. You can object to the processing of your email address for this purpose at any time in accordance with Art. 21 (2) GDPR without giving reasons.
If required for the performance of a contract or by law, we only disclose or transfer personal data of our customers to third parties if this serves the provision of our services in accordance with Art. 6 (1) lit. b GDPR, is required by law in accordance with Art. 6 (1) lit. c GDPR, serves our interests or those of our customers in an efficient and cost-effective provision of services as a legitimate interest in accordance with Art. 6 (1) lit. f GDPR, or is necessary for the establishment, exercise or defense of legal claims. GDPR, serves our interests or those of our customers in the efficient and cost-effective provision of services as a legitimate interest pursuant to Art. 6 (1) lit. f. GDPR, or within the scope of consent pursuant to Art. 6 (1) lit. a., Art. 7 GDPR.
Your data will only be stored for as long as it is needed to process the correspondence. In addition, we are legally obliged to store business correspondence for a period of 6 years. Your data is stored on the basis of Art. 6 (1) (c) GDPR in order to comply with the statutory retention obligations. Once these retention obligations have expired, your data will be deleted unless there is a need for further storage of the data for the conclusion or fulfillment of a contract.
Our services for registered users
Use of the customer portal
If you would like to take advantage of the opportunity to order goods in our general web shop or in our order portals for dental and hearing technology, you have the option of registering on our portal. For this purpose, we require the following personal data from you:
During the usage process, technically necessary information such as IP address, access time, etc. is also collected, which allows us to implement our service in accordance with current security standards.
After a comparison with the relevant sanctions lists (in accordance with Art. 6 (1) (c) GDPR in the case of a possible personal reference), you will then have the opportunity to use our services. The legal basis for the data collected during registration and use of our portal is the necessity for the performance of the contract pursuant to Art. 6 (1) (b) GDPR if you are acting as an independent individual in your own name, or alternatively our legitimate interest in being able to name an individually identifiable natural person at our contractual partner, Art. 6 (1) lit. f GDPR.
As soon as you create an order within one of our portals or in the web shop, further information about your payment methods may be required for the performance of the contract. In individual cases, a credit check may also be carried out, but not across the board and automatically. If such a credit check is carried out, it also applies to self-employed natural persons if they decide to register on our portal. In such a case, the check carried out is necessary for the performance of the contract in accordance with Art. 6 (1) lit. b GDPR. Although a scoring value is calculated automatically by the company commissioned to carry out the credit check, no automated decision-making takes place on the basis of this value, but rather on the basis of an individual assessment of each case.
Your data will be stored for 6 or 10 years, calculated from the year following the conclusion of the contract, in accordance with the legal obligations to provide evidence under commercial and tax law, Art. 6 (1) (c) GDPR.
If you send us your company data as a supplier via our registration form, we will store this data even if no cooperation is initially established. The data is stored so that we can contact you at a later date for future projects or requirements. Your data is processed and stored on the basis of our legitimate interest in efficient supplier selection and management in accordance with Art. 6 (1) (f) GDPR.
Your data will be added to our supplier pool and stored for a maximum of two years. Your data will then be deleted unless we have contacted you again or entered into a business relationship with you. You have the right to object to the storage of your data for this purpose or to request its deletion at any time. To do so, simply use the contact details for our data protection officer provided above.
Chat service
After registering, our customers have the option of contacting us via chat for advice on our products. To enable this, we use products from the provider Userlike UG, Probsteigasse 44–46, 50670 Cologne/Germany. This provider acts as a processor for us as soon as personal data is involved. In this case, we process the data of our contact person within the scope of our legitimate interest in being able to offer our customers an uncomplicated and modern consultation option, Art. 6 (1) lit. f GDPR. It is also possible to refrain from providing any data other than the connection data (IP address, etc.) that is required for technical reasons. The chat is not directly assigned to the customer in our customer database. Information is only added to our customer database manually if this is appropriate in accordance with our legitimate interest in providing our customers with optimal service, Art. 6 (1) lit. f GDPR.
Orders placed for you by third parties
If we receive your data from an organization that places orders with us on your behalf, we process your data on the basis of your consent, which you have given to this organization for the transfer of data to us. We have entered into contractual agreements with our customers who place such orders for end users to ensure that the customer obtains such consent from the data subject before transferring the data to us.
The processing of your data is therefore based on your consent in accordance with Art. 6 (1) (a) GDPR.
Newsletter
Registration
For our newsletter, we collect your email address, your preferred form of address, your first and last name, and your specific interests. Registration for our newsletter is done using a double opt-in procedure. This means that after registering, you will receive an email asking you to confirm your registration. This confirmation is necessary to prevent anyone from registering with someone else’s email address. Newsletter registrations are logged in order to be able to verify the registration process in accordance with legal requirements. This includes storing the time of registration and confirmation as well as the IP address. Changes to your data stored by the mailing service provider are also logged.
The newsletter is sent on the basis of the recipient’s consent in accordance with Art. 6 (1) lit. a, Art. 7 GDPR in conjunction with § 7 (2) No. 3 UWG (German Unfair Competition Act) or on the basis of the legal permission in accordance with § 7 (3) UWG.
The login process is logged in order to comply with our documentation obligations under Article 6 (1) (c) in conjunction with Article 7 (1) of the GDPR.
We use your email address to send the newsletter, emails, and other electronic notifications with promotional information (hereinafter “newsletter”) only with the consent of the recipients or with legal permission. If the content of the newsletter is specifically described during the registration process, this content is decisive for the consent of users. In addition, our newsletters contain information about our services and us.
Our interest in logging the registration process is to ensure the operation of a user-friendly and secure newsletter system that serves our legitimate business interests, meets user expectations, and enables us to comply with our documentation obligations pursuant to Article 6 (1) (c) in conjunction with Article 7(1) GDPR.
The data collected will be retained until you revoke your consent. In order to be able to prove that consent was previously given, we may store email addresses that have been unsubscribed due to revocation for up to three years before deleting them. The processing of this data is then limited to the purpose of fulfilling our documentation obligations and a possible defense against claims. An individual request for deletion is possible at any time, provided that the former existence of consent is confirmed at the same time.
You can unsubscribe from our newsletter at any time, i. e., revoke your consent. You will find a link to unsubscribe from the newsletter at the end of each newsletter.
Performance measurement
The newsletters may contain links that, when clicked, transmit information about the clicked link and/or the newsletter itself to us. When you click on a link, technical information such as information about your browser and your system, your IP address, and the time of access is collected.
This information is used to improve the technical aspects of the services based on the technical data or the target groups and their reading behavior based on the access location (which can be determined using the IP address) or the access times. The statistical surveys also include determining whether the newsletters are opened, when they are opened, and which links are clicked. The evaluations serve to identify the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.
These evaluation activities are in our legitimate interests as the operator of the newsletter, Art. 6 (1) lit. f GDPR.
Customer satisfaction surveys
For the clinical follow-up of our products, we conduct surveys among our customers to assess their satisfaction with our services. The purpose of these surveys is to collect additional clinical data on the product after it has been placed on the market and to use this data to continuously evaluate the safety, performance, and effectiveness of the product. For this purpose, we provide our customers with questionnaires through which they can give us feedback on the products they have purchased from us.
To make customers aware of the survey, we use the email address provided in connection with the purchase of the product or include a link to the website with the questionnaires in the invoice or other order-related documents.
The customer satisfaction survey itself is anonymous. We collect the product you are providing feedback on, your role (dealer, user, or patient), and the information you provide about the product you purchased from us. A personal reference can only be made if you create it yourself by providing information in the free text fields. However, the processing of personal data in the context of the survey is neither planned nor intended.
The processing of your email address to encourage you to participate in the customer satisfaction analysis is based on Art. 6 (1) lit. c GDPR in conjunction with Article 61 (11) MDR. According to this standard the clinical evaluation and related documentation must be updated throughout the entire life cycle of the medical device on the basis of clinical data. This implementation shall be documented in the manufacturer’s post-market clinical follow-up plan (PMCF plan) in accordance with Annex XIV Part B and the post-market surveillance plan (PMS plan) in accordance with Article 84.
The (typically anonymous) results of the surveys are processed by our product management and quality assurance departments and are not passed on to third parties. The data is deleted as soon as it is no longer relevant to the medical device.
Info mails for existing customers
If we receive your email address in connection with the purchase of a product or service, we reserve the right to occasionally inform you by email about similar products or services from our company. This use of your email address is based on our legitimate interests (Art. 6 (1) (f) GDPR) in presenting you with offers from our portfolio that may be of interest to you and thus promoting interest in our products and services.
We do not measure the success (e.g., opening or click rates) of our informational emails.
You can object to the use of your email address for this purpose at any time by clicking on the corresponding link provided at the end of each such email.
Online survey
When you purchase goods or services from us, we will inform you in our communication about the possibility of telling us how satisfied you were with our services via an online survey.
As part of the online customer satisfaction survey, we collect basic usage data such as your IP address and access time, which are necessary for the technical implementation of the survey. Apart from this, we ask about purchasing behavior and satisfaction without establishing a direct personal reference. The survey is therefore largely anonymous; a personal reference would only be theoretically conceivable considering the IP address.
This data is evaluated in order to identify potential for improvement in our web shop and to optimize it accordingly. At the same time, we want to respond to justified criticism and offer our users the most pleasant shopping experience possible. We have a legitimate interest in improving the user experience, which is why the processing of your data for the survey is based on Art. 6 (1) lit. f GDPR.
Information provided in the online survey will be stored for a period of one year and then deleted.
Online presence in social media
We maintain online presences on Xing, Instagram, Facebook, and LinkedIn platforms in order to communicate with customers, interested parties, and users active there and to inform them about our services. When accessing the respective platforms, the terms and conditions and data processing guidelines of the respective operators apply.
Unless otherwise stated in our privacy policy, we process the data of users who communicate with us via these platforms, e.g., by posting on our online presences or sending us messages. This is done on the basis of our legitimate interest in offering an appealing interaction option for our customers and interested parties, Art. 6 (1) lit. f GDPR.
Furthermore, the data of visitors to our online presences is evaluated by the platform operators and the anonymized data is made available to us. The provision of our online presences on the platforms and the collection of statistical evaluations about our visitors to these online presences, for which we are responsible, is carried out in our legitimate interest in being able to evaluate our offering and assess our market reach, Art. 6 (1) lit. f GDPR.
The actual statistical evaluation is the responsibility of the platform operators. For more information, you can contact the responsible platform operators at any time or refer to their privacy policies.
Name: Xing, responsible for New Work SE
Address: Am Strandkai 1, 20457 Hamburg/Germany
Privacy Policy: https://privacy.xing.com/de/datenschutzerklaerung
Name: Instagram, responsible party: Facebook Ireland Limited
Address: 4 Grand Canal Square, Dublin 2/Ireland
Privacy Policy: https://help.instagram.com/519522125107875
Name: Facebook Ireland Ltd
Address: 4 Grand Canal Square, Grand Canal Harbour, D2 Dublin/Ireland
Privacy Policy: de-de.facebook.com/policy.php
Joint responsibility: https://www.facebook.com/legal/terms/page_controller_addendum
Name: LinkedIn
Address: LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2/Ireland
Privacy Policy: https://de.linkedin.com/legal/privacy/eu?
Third-party services
Google Maps
We integrate maps from the Google Maps service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043/USA (hereinafter referred to as “Google”). The data processed includes, in particular, IP addresses and location data of users, but the latter is not collected without their consent (usually carried out in the settings of your mobile devices). The data may be processed in the USA. The legal basis for our implementation of Google Maps is your consent pursuant to Art. 6 (1) (a) and Art. 7 GDPR, which you give by clicking on the placeholder to activate the map.
For more information, please refer to Google’s privacy policy: https://www.google.com/policies/privacy/
Opt-out: https://adssettings.google.com/authenticated
You can object to the use of your data by Google Maps at any time by clicking on this link: https://adssettings.google.com/authenticated
YouTube
On our website, we use the plugin of the YouTube service, offered by YouTube LLC, 901 Cherry Avenue, San Bruno, CA 94066/USA, represented by Google Inc. with headquarters at 1600 Amphitheatre Parkway, Mountain View, CA 94043/USA (hereinafter referred to as “YouTube”). The plugin can be recognized on our site by the term “YouTube” associated with the symbol of the red rectangle with the play button. When we embed YouTube videos on our website, our consent manager Usercentrics initially only loads a placeholder that asks for your consent to activate the YouTube plugin. Only when you click on the placeholder do you activate the YouTube plugin and a direct connection between your browser and the YouTube server is established. This tells YouTube that your browser has accessed the relevant page of our website, even if you do not have a YouTube profile or are not currently logged in to YouTube. This information (including your IP address) is transmitted directly from your browser to a YouTube server in the USA and stored there. We only implement YouTube in the no-cookie version on our site. If you are logged into YouTube, YouTube can immediately associate your visit to our website with your YouTube profile. If you interact with the plugins, for example by clicking the “Play” button, the corresponding information is also transmitted directly to a YouTube server and stored there. For the purpose and scope of data collection and the further processing and use of the data by YouTube, as well as your rights in this regard, please refer to the privacy policy at https://policies.google.com/privacy?hl=de
You can find your privacy settings options here: https://adssettings.google.com/authenticated
The YouTube component is integrated on the basis of Art. 6 (1) sentence 1 lit. a GDPR, as you consent to processing by YouTube when you activate the plug-in.
If you do not want YouTube to assign the data collected via our website directly to your YouTube account, you must log out of YouTube before visiting our website.
Friendly Captcha
To protect ourselves from bots using features of our website that we want to reserve for human visitors (such as the contact form), we use a program code from Friendly Captcha in some areas of the website. This causes your device to establish a connection to the Friendly Captcha servers in connection with the protected area (e.g., submitting a contact form).
Your browser receives a calculation task from Friendly Captcha. The complexity of the calculation task depends on various risk factors. Your device solves the calculation task, which uses certain system resources, and sends the calculation result to our web server. The web server contacts the Friendly Captcha server via an interface and receives a response indicating whether the puzzle was solved correctly by the device.
In addition, your browser transmits connection data, environmental data, interaction data, and functional data to Friendly Captcha. Friendly Captcha does not set any cookies and does not store any data in persistent browser memory. Data that could identify you (such as IP addresses) is anonymized using one-way hashing. Friendly Captcha evaluates the data it receives and determines how likely it is that the user is human or a bot and sends us the result. Based on this, we can differentiate between human and potentially automated access to our website or its individual features.
Friendly Captcha is used for the purpose of detecting and handling potential bots and risks, thereby ensuring the security and functionality of our website. We have a legitimate interest in this, so the processing of your personal data is based on Art. 6 (1) lit. f GDPR.
Your rights
You have the right to request the correction, restriction of processing, transferability, and/or deletion of your personal data. In addition, you can request information about processing operations relating to your personal data and have the right to be informed of the recipients of your data if you have exercised your right to deletion, restriction of processing, or correction.
Furthermore, you can complain to the competent supervisory authority about processing operations and object to the processing of your personal data.
Right to object
If we process your personal data on the basis of our legitimate interests (Art. 6 (1) (f) GDPR), you have the right to object to this processing. If we process your personal data for direct marketing purposes, the objection can be made without giving reasons (Art. 21 (2) GDPR). In this case, we will immediately stop processing your data. Otherwise, you must provide reasons relating to your particular situation (Art. 21 (1) GDPR) so that we can reassess the balancing of interests under Art. 6 (1) (f) GDPR.
Right to information
You have the right to obtain information about your stored data free of charge. Upon request, we will inform you in writing, in accordance with applicable law, which personal data we have stored about you. This also includes the origin and recipients of your data as well as the purpose of data processing.
Right to rectification
You have the right to have your data stored by us corrected if it is incorrect.
Right to restriction of processing
Furthermore, you can have the processing of your data restricted under the conditions of Art. 18 (1) GDPR (for example, if the accuracy is disputed or the processing is unlawful). We may then only process the data concerned under the conditions of Art. 18 (2) GDPR (for example, with your consent or to exercise or defend legal claims).
Right to erasure
You may also request the erasure of your personal data under the conditions of Art. 17 (1) (a)–(f) GDPR (for example, if we no longer need the personal data or the processing is unlawful), unless the exceptions of Art. 17 (3) (a)–(e) GDPR apply (for example, where we are legally obliged to process the data).
Right to data portability
You have the right to request that we provide you with the personal data you have submitted to us in a format that allows it to be transferred to another location.
Right to lodge a complaint with a supervisory authority
You have the option of lodging a complaint with a data protection supervisory authority of your choice if you believe that our processing of your personal data is unlawful.
Note on data security
We use the SSL (Secure Socket Layer) procedure in conjunction with the highest level of encryption supported by your browser on our website. This is usually 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit technology instead. You can tell whether an individual page of our website is transmitted in encrypted form by the closed display of the key or lock symbol in the lower status bar of your browser.
We also use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction, or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.
No automated decision-making
We would like to point out that when using our services and utilizing our products/services, you will not be subject to a decision based solely on automated processing – including profiling – that has legal effects on you or similarly significantly affects you.
Information status: 02/2026