Data Privacy Policy

Privacy policy and data protection information

In the following privacy policy, we inform you according to Art. 13 et seq. of the GDPR of how personal data is processed on this site and your rights in this regard. This privacy policy explains how our website and our online services process and transmit the data you provide.

Controller

The controller according to Art. 4 (7) of the GDPR is the party that, alone or jointly with others, determines the purposes and means of personal data processing.

With regard to our website, the controller is:

Medtron Aktiengesellschaft
Hauptstrasse 255, 66128 Saarbrücken, Germany
E-Mail: info@medtron.com
Tel.: +49 681 97017-0 Fax: +49 681 97017-20

 

The data protection officer’s contact details

We have appointed a data protection officer according to Art. 37 of the GDPR. You can contact our data protection officer using the details below:

Frau Tatjana Tröster – Datenschutz & Büroservice
Fliederweg 13, 78073 Bad Dürrheim, Deutschland
email: mail@buero-troester.de 

Dury Legal
Beethovenstrasse 24
DE – 66111 Saarbrücken E-Mail: kanzlei@dury.de Tel.: 0681/9400543-0

 

Providing the website and creating log files

Each time our website is accessed, our system automatically records data and information from the accessing device (e.g. computer, mobile phone, tablet, etc.).

What personal data is collected and to what extent is it processed?

(1) Information about the browser type and the version used;
(2) The accessing device’s operating system;
(3) The host name of the accessing computer;
(4) The accessing device’s IP address;
(5) The date and time of access;
(6) Websites and resources (images, files, other page contents) that were accessed on our website;
(7) Websites from which the user’s system accessed our website (referrer tracking);
(8) Message confirming whether access was successful;
(9) The amount of data transmitted;
(10) The host’s ISP. This data is stored in our system’s log files. This data is not stored together with other personal data belonging to a specific user, so individual site visitors are not identified. The data is also anonymised immediately after collection, so it is no longer possible to draw conclusions about the individual person based on their IP address. Evaluating the anonymised data allows us to monitor and improve our website’s stability and availability over an extended period of time. Temporary (automated) storage of data in plain text format is necessary for a visit to a website to enable delivery of the website. Personal data is also stored and processed to maintain our website’s compatibility for all visitors where possible and to combat misuse and eliminate faults. To this end, it is necessary to log the accessing computer’s technical data, so that we can respond to display errors, attacks on our IT systems and/or functionality errors on our website as early as possible. Additionally, we also use the data to optimise the website and to ensure the general security of our IT systems.

Legal basis for personal data processing

Art. 6 (1) f of the GDPR (legitimate interest). Our legitimate interest is to guarantee achievement of the purpose outlined below.

Purpose of data processing

Temporary (automated) data storage is necessary for a visit to a website to enable delivery of the website. Personal data is also stored and processed to maintain our website’s compatibility for all visitors where possible and to combat misuse and eliminate faults. To this end, it is necessary to log the accessing computer’s technical data, so that we can respond to display errors, attacks on our IT systems and/or functionality errors on our website as early as possible. Additionally, we also use the data to optimise the website and to ensure the general security of our IT systems.

Duration of storage

The above technical data is deleted as soon as it is no longer needed to guarantee the website’s compatibility for all visitors, but at the latest within three months of our website being accessed. Anonymised data is generally stored indefinitely for statistical purposes.

Opportunity for objection and erasure

You may object to processing at any time according to Art. 21 of the GDPR and request that your data be erased according to Art. 17 of the GDPR. You will find the rights that you are entitled to and information on how to assert them at the bottom of this privacy policy.

 

Processor

We work together with a service provider, who helps us to provide the server capacity required for this, to supply our site’s content. Insofar as server access is required within the website, the data collected thereby is processed for this purpose on servers run by the company STRATO AG, Otto-Ostrowski-Straße 7, 10249 Berlin, Deutschland (https://strato.de. Your data is processed based on a processing contract according to Art. 28 of the GDPR, which is the legal basis for data transfer to this company. In addition, our online agency is engaged as a processor for the purpose of maintaining our website: blueAlpha GmbH, Amerikastrasse 21, 66482 Zweibrücken, Germanyhttps://bluealpha.de)

 

Special features of the website

Our site offers you a variety of features which, when used by us, serve to collect, process and store personal data. We have provided an explanation of what happens to this data below:

 

Application form

What personal data is collected and to what extent is it processed?

The data that you enter in the application form’s form fields and upload if necessary will be processed to fulfil the purpose stated below. You must provide your first and last name, date of birth, telephone number, email address and postal address (street, building number, postcode, town/city). You must also upload a CV (mandatory) before submitting your application. All other information, such as a cover letter, references or other documents, are voluntary, but we may request them as part of the application process. You will also still have to answer the CAPTCHA request for submission purposes.

Legal basis for personal data processing

The legal basis for collecting and processing applicant data is Art. 6 (1) b (initiating a contract), and Art. 88 (1) of the GDPR in conjunction with Section 26 of the German Federal Data Protection Act. Insofar as special categories of personal data that are required for the fulfilment of legal obligations arising from labour law, social security law and social protection according to Art. 9 (2) b of the GDPR in conjunction with Section 26 (3) of the German Federal Data Protection Act are collected, processing is performed on this legal basis. If special categories of personal data are also to be processed, we will obtain consent for this according to Art. 9 (2) a of the GDPR.

Purpose of data processing

The purpose of data processing is reviewing and processing the application documents you upload using the form.

Duration of storage

The data will be deleted as soon as the application has been processed and there is no longer a legitimate interest in storing the application data. If your application is successful, we will continue to process the data according to Art. 6 (1) b, and Art. 88 (1) of the GDPR in conjunction with Section 26 of the German Federal Data Protection Act in the context of your employment relationship. Your application documents will therefore be deleted six months at the latest following conclusion of the application process if no further storage is required (e.g. due to a legal dispute about the application process). In this case, the data is stored for as long as it is required for further storage to achieve the purpose.

Opportunity for objection and erasure

You will find the rights that you are entitled to and information on how to assert them at the bottom of this privacy policy.

Need to provide personal data

The information provided in the application form is not contractually or legally required, but is necessary for sending and processing the application. If you do not fill out the existing mandatory fields or do not fill them out completely, the application you have requested cannot be sent or processed.

 

Contact form(s)

What personal data is collected and to what extent is it processed?

We will use the data you entered in our contact forms and in the contact form’s input screen to fulfil the purpose mentioned below.

Legal basis for personal data processing

Art. 6 (1) a of the GDPR (consent by means of clear confirmatory action or conduct)

Purpose of data processing

We will use the data collected by means of our contact form(s) only to process the specific contact request received through the contact form(s).

Duration of storage

The data collected is deleted immediately after your request has been processed, provided that there are no statutory retention periods.

Opportunity for objection and erasure

The opportunities for objection and erasure are based on the general regulations on the right of objection and entitlement to erasure under data protection legislation that are outlined below in this privacy policy.

Need to provide personal data

Use of the contact forms is voluntary and is neither contractually nor legally required. You are not obligated to contact us using the contact form; you can also use the other contact options provided on our website instead. If you would like to use our contact form, you must fill in the fields marked as mandatory. If you do not provide the necessary information in the contact form, you will either be unable to send the request or we will unfortunately be unable process your request.

 

Form for subscribing to the newsletter

What personal data is collected and to what extent is it processed?

By signing up for the newsletter on our website, we receive the email address you entered in the sign-up field and, if applicable, additional contact details, provided that you disclose them to us using the newsletter sign-up form.

Legal basis for personal data processing

Art. 6 (1) a of the GDPR (consent by means of clear confirmatory action or conduct)

Purpose of data processing

Data captured on our newsletter’s sign-up screen is used by us for the sole purpose of sending our newsletter, in which we provide information about all our services and our news. Once you have signed up, we will send you a confirmation email containing a link you have to click on to complete the process of signing up to our newsletter (double opt-in).

Duration of storage

You can unsubscribe from our newsletter at any time by clicking on the Unsubscribe link, which is also included in every newsletter. We will delete your data immediately after you cancel your subscription. We will also delete your data immediately if you do not complete the sign-up process. We reserve the right to delete the same without any need to provide justification or to provide any prior or subsequent information.

Revocation and removal option

The opportunities for objection and erasure are based on the general regulations on the right of objection and entitlement to erasure under data protection legislation that are outlined below in this privacy policy.

Need to provide personal data

If you would like to use our newsletter, you must fill out the fields that are marked as mandatory and confirm your email address by clicking on the double opt-in link. The newsletter sign-up details are not necessary to enter into a contract with us, and nor are they legally binding. They are used exclusively for sending our newsletter. If you do not fill in the required information, we will unfortunately be unable to provide you with our newsletter service.

 

Statistical evaluation of visits to this website – web trackers

We collect, process and store the following data when our website, or individual files of our website, are accessed: IP address, web page that the file was accessed from, name of the file, the date and time of access, the volume of data transmitted and the access success notification (‘web log’). We only use this access data in a non-personalised form with a view to continuously improving our website and for statistical purposes. We also use the following web trackers to evaluate visits to our website:

 

Matomo (local)

Extent of personal data processing

Our website contains tracking code from Matomo (formerly Piwik), an open-source web analytics tool(https://matomo.org. Web tracking is carried out exclusively by ourselves without any personally identifiable data. Matomo is hosted on our own server infrastructure for this purpose. Data is not, therefore, transferred to third parties. We collect, process and store usage data about how our site is used (e.g. referrer links, the time spent on certain URLs, the clickstream) and also data about your browser settings (e.g. the browser manufacturer and version, the screen resolution and the operating system used). The legal basis is Art. 6 (1) f of the GDPR, and the legitimate interest is website analysis. We may also collect and store parts of your IP address and information about our website’s loading speed. We can only create anonymous usage profiles and extract statistical information from this data. We also use cookies as part of Matomo web tracking to distinguish returning site visitors from first-time visitors. Cookies are small text files that are stored locally in your internet browser’s memory and contain a separate ID and potentially other technical information. The data collected in this context will not be merged with any other personal data we may have without your separate consent.

Legal basis for personal data processing

In many cases, there is no personally identifiable information. If you are personally identifiable, the legal basis for collection is Art. 6 (1) f of the GDPR, and the legitimate interest is analysing our website.

Purpose of data processing

The purpose of web tracking is to analyse user traffic so we can anonymously monitor our website’s functionality and usability and continuously improve our website. It is used exclusively for the purpose of collecting statistical, non-personal data.

Duration of storage

We store all web tracking data collected through Matomo for an indefinite period of time, insofar as this data is only available to us in anonymised form. If the data is not anonymised, we will delete it after 12 months at the latest.

Opportunity for objection and erasure

You can prevent the collection and processing of the aforementioned data by installing a JavaScript blocker to prevent the collection of other app analysis data. If you do end up being personally identifiable, you can revoke your consent at any time according to the rules outlined in this privacy policy.

 

Integration of external web services and data processing outside the EU

We use active contents from external providers (‘web services’) on our website. When you access our website, these external providers may receive personal information about your visit to our website. Data may be processed outside the EU in this regard. You can prevent this from happening by installing an appropriate browser plugin or by disabling the execution of scripts in your browser. This can lead to functional restrictions on websites you visit. We use the following external web services:

 

Elementor

We use the Elementor service provided by Elementor Ltd., Tuval Street 40, Ramat Gan, Israel, email: legal@elementor.comProcessing also takes place in a third country outside of the EU. This third country is covered by a European Commission adequacy decision. Please see the European Commission website (link: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_deor an up-to-date list of all adequacy decisions. The legal basis for personal data transfer is our legitimate interest in processing according to Art. 6 (1) f of the GDPR. Our legitimate interest is to guarantee achievement of the purpose outlined below. Elementor allows us to embed third-party content on our site and control our templates and page design. With regard to processing, you have the right to object as set out in Art. 21. You will find more information at the end of this privacy policy. You will find more information about how the transferred data is handled in the provider’s privacy policy at https://elementor.com/about/privacy/.

Google

We use the Google service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, email: support-de@google.com, Website: http://www.google.com/Processing also takes place in a third country that is not covered by a Commission adequacy decision. So the usual level of protection afforded by the GDPR cannot be guaranteed for the transfer, since it cannot be ruled out that e.g. authorities can access the collected data in the third country. The legal basis for personal data transfer is your consent according to Art. 6 (1) a of the GDPR or Art. 9 (2) a of the GDPR, which you have given on our website. We use Google so we can reload additional Google services on the website. You can revoke your consent at any time. You will find more information about revoking your consent either in the consent section itself or at the end of this privacy policy. You will find more information about how the transferred data is handled in the provider’s privacy policy at https://policies.google.com/privacy.

Google APIs

We use the Google APIs service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, email: support-de@google.com, Website: http://www.google.com/Processing also takes place in a third country that is not covered by a Commission adequacy decision. So the usual level of protection afforded by the GDPR cannot be guaranteed for the transfer, since it cannot be ruled out that e.g. authorities can access the collected data in the third country. The legal basis for personal data transfer is your consent according to Art. 6 (1) a of the GDPR or Art. 9 (2) a of the GDPR, which you have given on our website. We use Google APIs so we can reload additional Google services on the website. Google APIs is a collection of interfaces for communication between the various Google services used on your website. The service or we collect(s) the following data for processing itself: IP address You can revoke your consent at any time. You will find more information about revoking your consent either in the consent section itself or at the end of this privacy policy. You will find more information about how the transferred data is handled in the provider’s privacy policy at https://policies.google.com/privacy.

Cookie-Law-Info

We use the Cookie Law Info service provided by Mozilor Limited, 10 Paxton Crescent, Shenley Lodge, Milton Keynes, MK5 7PY, United Kingdom. You will find the provider’s contact form at https://www.webtoffee.com/contact/. For more information, please visit https://de.wordpress.org/plugins/cookie-law-info/ Processing takes place in a third country for which the European Commission has taken an adequacy decision. So the usual level of protection afforded by the GDPR can be guaranteed for the transfer. The legal basis for personal data transfer is the fulfilment of legal obligations according to Art. 6 (1) c of the GDPR. We can save your settings with regard to the use of cookies with the help of the cookie banner.

Google Fonts

We use the Google Fonts service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, email: support-de@google.com, Website: http://www.google.com/Processing also takes place in a third country that is not covered by a Commission adequacy decision. So the usual level of protection afforded by the GDPR cannot be guaranteed for the transfer, since it cannot be ruled out that e.g. authorities can access the collected data in the third country. The legal basis for personal data transfer is your consent according to Art. 6 (1) a of the GDPR or Art. 9 (2) a of the GDPR, which you have given on our website. The Google Fonts service is used to reload fonts on our site to improve the appearance of the version you see. You can revoke your consent at any time. You will find more information about revoking your consent either in the consent section itself or at the end of this privacy policy. You will find more information about how the transferred data is handled in the provider’s privacy policy at https://policies.google.com/privacy.

Google Maps

What personal data is collected and to what extent is it processed?

We use the maps service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as ‘Google Maps’), on our website. Google Maps is integrated on the website via the Google API to visualise location information and display it in the form of a map. Google Maps’ processing of your IP address is technically necessary to display the map. With regard to the web services integrated using Google APIs, the rules set out in the relevant section of this privacy policy will apply. Processing also takes place in a third country that is not covered by a Commission adequacy decision. So the usual level of protection afforded by the GDPR cannot be guaranteed for the transfer, since it cannot be ruled out that e.g. authorities can access the collected data in the third country.

Legal basis for personal data processing

Art. 6 (1) f of the GDPR (legitimate interest). Our legitimate interest is being able to show you online location information presented in the usual way in a visualised form.

Purpose of data processing

Google will use the information obtained using Google Maps on our behalf to show you the map. By using Google Maps, you will be able to find us faster and more accurately than with a simple non-interactive map.

Duration of storage

Google will store the data relevant to Google Maps’ function for as long as is necessary to render the booked web service. Data is collected and stored in an anonymised format. If you are personally identifiable, the data will be deleted immediately provided that it is not subject to any statutory retention requirements. In any case, data will be deleted once the retention requirement ceases to apply.

Opportunity for objection and erasure

You can prevent personal data (particularly your IP address) from being collected by and disclosed to Google and Google’s processing of this data by disabling the execution of script codes in your browser, by installing a script blocker in your browser, or by enabling your browser’s ‘Do Not Track’ setting. You will find Google’s security and privacy policy at https://policies.google.com/privacy.

Joint processing

We have concluded a joint processing contract with Google with regard to Google Maps. You will find the content at https://privacy.google.com/intl/de/businesses/mapscontrollerterms/.

Gstatic

We use the Gstatic service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, email: support-de@google.com, Website: http://www.google.com/rocessing also takes place in a third country that is not covered by a Commission adequacy decision. So the usual level of protection afforded by the GDPR cannot be guaranteed for the transfer, since it cannot be ruled out that e.g. authorities can access the collected data in the third country. The legal basis for personal data transfer is your consent according to Art. 6 (1) a of the GDPR or Art. 9 (2) a of the GDPR, which you have given on our website. Gstatic is a service that Google uses to retrieve static content to reduce bandwidth usage and pre-load required catalogue files. You can revoke your consent at any time. You will find more information about revoking your consent either in the consent section itself or at the end of this privacy policy. You will find more information about how the transferred data is handled in the provider’s privacy policy at https://policies.google.com/privacy.

 

Information about the use of cookies

What personal data is collected and to what extent is it processed?

We integrate and use cookies on various pages to enable certain website functions and to integrate external web services. The ‘cookies’ are small text files that your browser can save on your accessing device. These text files contain a characteristic string of characters that uniquely identifies the browser when you return to our website. The process of saving a cookie file is also known as ‘setting a cookie’. Cookies can be set by the website itself and by external web services. Cookies are set by our website or the external web services to maintain our website’s full functionality, to improve user friendliness, or to serve the purpose stated with your consent. Cookie technology also allows us to recognise individual visitors using pseudonyms, e.g. a unique or random ID, so we can provide more personalised services. Details are shown in the table below.

Legal basis for personal data processing

Insofar as the cookies are processed based on consent pursuant to Art. 6 (1) a of the GDPR, this consent shall also be deemed consent under Section 25 (1) of the German Telecommunications and Telemedia Data Protection Act (TTDSG) for setting the cookie on the user’s terminal device. Insofar as another legal basis is mentioned according to the GDPR (e.g. for the performance of a contract or for the fulfilment of legal obligations), storage or setting is performed based on an exception according to Section 25 (2) of the German Telecommunications and Telemedia Data Protection Act. This is the case ‘where the sole purpose of storing information in the end user’s terminal equipment or the sole purpose of accessing information already stored in the end user’s terminal equipment is to carry out communication transfer over a public telecommunications network’ or ‘where the storage of information in the end user’s terminal equipment or the access to information already stored in the end user’s terminal equipment is strictly necessary to enable the provider of a telemedia service to provide a telemedia service explicitly requested by the user’. Please refer to the cookie table listed further on in this section for the relevant legal basis.

Purpose of data processing

Nuestro sitio web o servicios web externos instalan las cookies para mantener la plena funcionalidad de nuestro sitio web, para mejorar la experiencia del usuario o para lograr la finalidad indicada con su consentimiento. La tecnología de las cookies también nos permite reconocer a visitantes individuales mediante seudónimos, por ejemplo, una identificación individual o aleatoria, para que podamos ofrecer servicios más personalizados. Los detalles se enumeran en el siguiente cuadro.

Duration of storage

Our cookies are stored until they are deleted from your browser or, if the cookie is a session cookie, until the session is ended. Details are shown in the table below.

Possibility of objection and elimination

You can make settings in your browser by yourself in line with your requirements so that the setting of cookies is generally prevented. You can then decide whether to accept cookies on a case-by-case basis or to categorically accept cookies. Cookies can be used for different purposes, e.g. to identify that your accessing device has previously connected to our website (permanent cookies) or to save your most recently viewed pages (session cookies). If you have expressly given us permission to process your personal data, you may revoke this consent at any time. Please note that this does not affect the lawfulness of processing carried out based on such consent up until the same is revoked.

Cookie-NameServerProviderPurposelegal basisDuration of storageType
CookieLawInfoConsentmedtron.comWebsite operatorThis cookie stores data about whether the cookie banner or the cookie notice regarding functional cookies was shown to you correctly and what you decided regarding the use of cookies on our website.Art. 6 (1) c of the GDPR (meeting a legal obligation)approx. 12 monthsCookie-Banner
PHPSESSIDmedtron.comWebsite operatorCookie required by applications based on the PHP language. The cookie is stored during the session. It is needed to save certain website settings during the website visit (session).Art. 6 (1) a of the GDPR or Art. 9 (2) a of the GDPR (consent)SessionConfiguration
_pk_id.*medtron.comMatomo (local)This cookie stores data about when the website visitor accessed the website to compile statistical data from it. Additional data is collected for statistical purposes based on the site visit.Art. 6 (1) f of the GDPR (legitimate interests)approx. 12 monthsAnalytics
_pk_id.4.bbd6medtron.comMatomo (local)The cookie used assigns an ID to the site visitor and determines statistical data on the site visitor’s website visits. This is used to personalise the advertising shown to the user.Art. 6 (1) a of the GDPR or Art. 9 (2) a of the GDPR (consent)approx. 13 monthsMarketing
_pk_ses.*medtron.comMatomo (local)This cookie stores data about when the website visitor accessed the website to compile statistical data from it. Additional data is collected for statistical purposes based on the site visit.Art. 6 (1) f of the GDPR (legitimate interests)approx. 30 minutesAnalytics
_pk_ses.4.bbd6medtron.comMatomo (local)This cookie allows us to save individual convenience settings you have selected and to keep them for your current and future visits to the site.Art. 6 (1) a of the GDPR or Art. 9 (2) a of the GDPR (consent)approx. 31 minutesConfiguration
cookielawinfo-checkbox-advertisementmedtron.comWebsite operatorThis is a cookie that stores the user’s decision regarding the cookie banner.Art. 6 (1) c of the GDPR (meeting a legal obligation)approx. 12 monthsCookie-Banner
cookielawinfo-checkbox-functionalmedtron.comWebsite operatorThis cookie stores your entries with regard to our cookie banner.Art. 6 (1) c of the GDPR (meeting a legal obligation)approx. 12 monthsCookie-Banner
cookielawinfo-checkbox-necessarymedtron.comWebsite operatorCookie that stores the user’s decision about the cookie banner.Art. 6 (1) c of the GDPR (meeting a legal obligation)approx. 12 monthsCookie-Banner
cookielawinfo-checkbox-othersmedtron.comWebsite operatorThis cookie stores your entries with regard to our cookie banner.Art. 6 (1) c of the GDPR (meeting a legal obligation)approx. 12 monthsCookie-Banner
cookielawinfo-checkbox-performancemedtron.comWebsite operatorThis cookie stores your entries with regard to our cookie banner.Art. 6 (1) c of the GDPR (meeting a legal obligation)approx. 12 monthsCookie-Banner
omCookieConsentmedtron.comWebsite operatorThis cookie stores your entries with regard to our cookie banner.Art. 6 (1) c of the GDPR (meeting a legal obligation)approx. 9 monthsCookie-Banner
viewed_cookie_policymedtron.comWebsite operatorCookie that stores the user’s decision about the cookie banner.Art. 6 (1) c of the GDPR (meeting a legal obligation)approx. 12 monthsCookie-Banner
wordpress_[hash]medtron.comWebsite operatorThis cookie is necessary for operation of our website. It is impossible to run our website without this cookie.Art. 6 (1) f of the GDPR (legitimate interests)SessionBasic functionality
wordpress_logged_in_[hash]medtron.comWebsite operatorThis cookie is necessary for operation of our website. It is impossible to run our website without this cookie.Art. 6 (1) f of the GDPR (legitimate interests)SessionBasic functionality
wordpress_test_cookiemedtron.comWebsite operatorThis cookie is necessary for operation of our website. It is impossible to run our website without this cookie.Art. 6 (1) f of the GDPR (legitimate interests)SessionBasic functionality
wp-settings-[UID]medtron.comWebsite operatorThis cookie is necessary for operation of our website. It is impossible to run our website without this cookie.Art. 6 (1) f of the GDPR (legitimate interests)approx. 12 monthsBasic functionality
wp-settings-{time}-[UID]medtron.comWebsite operatorThis cookie is necessary for operation of our website. It is impossible to run our website without this cookie.Art. 6 (1) f of the GDPR (legitimate interests)approx. 12 monthsBasic functionality

 

Local and session storage used

In simplified terms, ‘web storage’ technology is a technical option that allows data and information to be stored on the user’s computer or terminal device, in a similar way to cookies. Data can generally be stored in the web storage technology in two ways. The name of the web storage technology depends on the duration of storage. A distinction is made between permanent storage (localStorage) and storage that is limited to the ‘session’ (sessionStorage). A session begins when the page is accessed, and ends when the page is exited (e.g. by closing the tab or the browser). The local or session storage is accessed using the scripts and web services used on the school portal. We have created a table where we explain the type of data and the purpose of the local or session storage.

NameTypePurposelegal basis
ElementorLocal StorageThe modifications made to the page design by our plugin can be reloaded in your browser with the help of the local storage entry. Our legitimate interest is being able to deliver our site properly.Art. 6 (1) f of the GDPR
ElementorSession StorageThe session storage entries are also used to display the modifications made by the plugin and are deleted after the browser session has expired.Art. 6 (1) f of the GDPR

 

Data security and data protection, communication by email

When it is collected, stored and processed, your personal data is protected by means of technical and organisational measures to ensure that it is inaccessible to third parties. Since we cannot guarantee complete data security on the transmission path to our IT systems during unencrypted communication by email, we advise sending highly confidential information using encrypted communication or by post.

 

Right of access and rectification requests – Erasure and restriction of data – Revocation of consent – Right to object

 

Right of access

You have the right to request confirmation as to whether we process your personal data. If we do, you have a right of access to the information specified in Art. 15 (1) of the GDPR, provided that the rights and freedoms of others are not adversely affected (cf. Art. 15 (4) of the GDPR). We are also happy to provide you with a copy of the data.

Right to rectification

According to Art. 16 of the GDPR, you have the right to have incorrectly stored personal data (such as your address, name, etc.) corrected by us at any time. You can also request that the data we store be completed at any time. Adjustment to this effect will be performed without delay.

Right to erasure

According to Art. 17 (1) of the GDPR, you have the right to request that we erase the personal data collected about you if

      • the data is either no longer needed;
      • the legal basis of processing is no longer applicable due to you revoking your consent;
      • you have objected to processing and there are no legitimate grounds for processing;
      • your data is being processed unlawfully;
      • a legal obligation requires this or collection according to Art. 8 (1) of the GDPR has taken place.

According to Art. 17 (3) of the GDPR, the right does not exist if

      • processing is necessary to exercise the right to freedom of expression and information;
      • your data was collected based on a legal obligation;
      • processing is necessary for reasons of public interest;
      • the data is necessary to establish, exercise or defend legal claims.
      •  

Right to restriction of processing

According to Art. 18 (1) of the GDPR, you have the right to request on a case-by-case basis that processing of your personal data be restricted. This applies if

      • you dispute the correctness of the personal data;
      • processing is unlawful and you do not consent to erasure of the data;
      • the data is no longer required for the purpose for which it is being processed, but the data collected is being used to assert, exercise or defend legal claims;
      • an objection has been made against processing according to Art. 21 (1) of the GDPR and it is still unclear which interests take precedence.

Right of revocation

If you have given us express permission to process your personal data (Art. 6 (1) a of the GDPR or Art. 9 (2) a of the GDPR), you can revoke this consent at any time. Please note that revocation of consent does not affect the lawfulness of processing carried out based on such consent up until the same is revoked.

Right to objection

According to Art. 21 of the GDPR, you have the right to object at any time to the processing of personal data concerning you that has been collected based on Art. 6 (1) f (in the context of a legitimate interest). You are only entitled to this right if special circumstances preclude storage and processing.

How do you exercise your rights?

You can exercise your rights at any time by using the contact details provided below:

Medtron Aktiengesellschaft
Hauptstrasse 255, 66128 Saarbrücken, Germany
E-Mail: info@medtron.com
Tel.: +49 681 97017-0 Fax: +49 681 97017-20

 

Right to data portability

According to Art. 20 of the GDPR, you are entitled to have personal data concerning you transferred. We provide the data in a structured, commonly used and machine-readable format. The data can be sent either to yourself or to a controller named by you. We will provide you with the following data on request according to Art. 20 (1) of the GDPR:

      • Data collected based on express consent according to Art. 6 (1) a of the GDPR or Art. 9 (2) a of the GDPR;
      • Data that we have received from you according to Art. 6 (1) b of the GDPR in the context of existing contracts;
      • Data processed in the context of an automated procedure.

We will transfer the personal data directly to a controller of your choosing insofar as doing so is technically feasible. Please note that we are not allowed to transfer data that interferes with the rights and freedoms of others according to Art. 20 (4) of the GDPR.

 

Right to lodge a complaint with the supervisory authority according to Art. 77 (1) of the GDPR

If you suspect that your data is being processed unlawfully on our website, you can naturally obtain judicial clarification of the issue at any time. Every other legal option is open to you too. Regardless of this, you have the option of contacting a supervisory authority according to Art. 77 (1) of the GDPR. You have a right to lodge a complaint according to Art. 77 of the GDPR in the EU member state of your place of residence, your workplace and/or the place of the suspected violation, i.e. you can choose the supervisory authority you wish to contact from the aforementioned locations. The supervisory authority with whom the complaint was lodged then informs you of the status and results of your petition, including the possibility of a judicial remedy according to Art. 78 of the GDPR.

Created by:© DURY LEGAL Rechtsanwälte – www.dury.de© Website-Check GmbH – www.website-check.de

Privacy policy of our social media sites.

Here you can find the privacy policy of our social media sites.