Privacy policy

Status: 06.04.2020

As the operator of this website, iATROS GmbH ("iATROS" or "we") takes the protection of your personal data very seriously. The protection of your privacy when processing personal data is an important concern for us. In the following, we would like to inform you about the data we collect and process when you visit our Internet presence (hereinafter also referred to as "website") or use the services we offer elsewhere (hereinafter also referred to as "services").

Responsible person

Responsible in the sense of the EU data protection basic regulation (DSGVO) is

iATROSGmbH

Görresstraße 20a

80798 Munich

Data protection officer

Our data protection officer is the

heyData UG (limited liability),

Landsberger Strasse 155,

80687 Munich,

[email protected]

Content

The following privacy policy contains the following sections:

- Logging of non-personal data when using our Internet presence

- Newsletter

- Collection and use of personal data

- Legal basis for the processing

- Data transmission to third parties

- Transfer of data to third countries

- Storage period, deletion of personal data

- your rights

- Right of appeal to the competent supervisory authority

- Data security

- Contact form

- Cookies Use of Google Analytics

- Use of Google Remarketing

- Use of Cloudflare

- Profiling

- Changes to this privacy policy

- Contact

The basic rule is:

You can make use of our services and visit our website without providing any personal information. Personal data is only collected if you voluntarily provide us with it during your visit to our website. Data is personal if it can be assigned to a specific or identifiable person. This includes, for example, information such as name, postal and e-mail address or telephone number, but also usage data such as your IP address.

Logging of non-personal data when using our Internet presence

When you call up our website or download data from the website or one of its sub-pages, information about this is stored and processed in a log file. This process is made anonymous. Conclusions about your person are not possible. Depending on the access protocol used, the protocol data record contains information with the following contents:

- Name of the requested file, the date and time of the page call

- IP address of the requesting computer

- access methods/functions requested by the requesting computer

- the web page called up or the name of the file called up

- Operating system and browser type or browser settings

- the amount of data transferred and the message whether the access/retrieval was successful

There is no possibility for us to link IP address and possibly existing personal data. The stored data is used exclusively for the purpose of identifying and tracking unauthorised attempts to access the web server and for statistical evaluations such as visitor numbers and page popularity and to improve our online service. These data are used exclusively by us. It is not passed on to third parties.

Newsletter

On our website you have the possibility to subscribe to a free newsletter. The data provided during registration will be processed exclusively for sending the newsletter. The legal basis for this data processing is Art. 6 (1) lit. a) DSGVO. You can object to this use of your e-mail address at any time by sending a message to the contact option described below or via a link provided for this purpose in the newsletter.

Collection and use of personal data

In order to enable us to provide certain services, the collection of personal data is unavoidable. We then request and store your inventory data (name, address and company name) and your contact data (e.g. e-mail, telephone numbers).

If you provide us with personal data for the purpose of contacting you, this data will only remain stored by us for as long as it is necessary for the purpose of the respective communication and contact. As soon as the personal data is no longer required by us for these purposes and there is no longer any obligation to keep it for a longer period, it will be deleted immediately.

We use the collected data to answer your inquiries, for service and customer care, marketing and market research, to comply with legal requirements and, if you have ordered it, to send you our newsletter. In order to provide our services to you, it may be necessary to pass on your personal data to companies that we use to provide the service or to process the contract. These are, for example, transport companies, technicians, IT and hosting service providers, payment service providers, operators of merchandise management systems or marketing newsletter service providers.

You can revoke your declaration of consent given to us at any time and object to the creation of user profiles at any time with effect for the future. In addition, you can also object to the use of your personal data for postal marketing measures, for example, to the extent permitted by law. In both cases it is sufficient to send an e-mail to the following address: [email protected]

Legal basis for the processing

In accordance with Art. 13 DSGVO, we inform you of the legal basis of our data processing. The legal basis for processing depends on the purpose for which the data are processed.

If you have given us your consent to process your personal data, we will base the data processing on the consent you have given us in accordance with Art. 6 Paragraph 1 lit. a) DSGVO.

However, the processing of your personal data may also be necessary for the following reasons, for example to fulfil a contract concluded with you or to carry out pre-contractual measures requested by you and to provide you with our services (e.g. feedback requests, online surveys on our business relationship) and to fulfil our legal obligations (Art. 6 para. 1 p. 1 lit. a) to c) DSGVO). We also use your personal data in accordance with Art. 6 Para. 1 S. 1 lit. f DSGVO to pursue our legitimate interests, provided that your rights and freedoms do not prevail.

Transfer of data to third parties

Your personal data will not be transferred to third parties for purposes other than those listed below. We will only pass on your personal data to third parties if and to the extent necessary:

- you have given your express consent in accordance with Art. 6 Para. 1 S. 1 lit. a DSGVO,

- the disclosure pursuant to Art. 6 para. 1 sentence 1 lit. f DSGVO is necessary for the assertion, exercise or defence of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data,

- there is a legal obligation to pass on the information in accordance with Art. 6 Para. 1 sentence 1 lit. c DSGVO, and

Our employees and partners are obliged by us to maintain secrecy and to comply with data protection regulations.

Data transfer to third countries

If we share your personal information in accordance with this Privacy Policy, this may include transferring your personal information to countries outside the European Economic Area (EEA). If we transfer your personal data to countries outside the European Economic Area, we will always ensure that an adequate level of protection is provided there by ensuring, where required by law, that at least one of the following appropriate safeguards is in place

- Transfer of personal data to countries which the European Commission considers to offer an adequate level of protection for personal data (so-called "adequacy finding");

- the use of specific contracts approved by the European Commission which ensure that personal data enjoy the same level of protection as they do in the EEA;

- transfer of personal data to a body that has a valid "Privacy Shield" certification, thereby providing a level of protection of personal data similar to the EU standard; or

- Transfer of personal data to a body that has established binding internal data protection rules that are equivalent to the EU level of protection of personal data.

Storage period, deletion of personal data

The data processed by us will be deleted or restricted in their processing in accordance with articles 17 and 18 DSGVO. Unless expressly stated in this data protection declaration, the data stored by us will be deleted as soon as they are no longer required for their intended purpose and the deletion does not conflict with any statutory storage obligations. If the data are not deleted because they are required for other and legally permissible purposes, their processing will be restricted. This means that the data is blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax law reasons.

Your rights

You are entitled to various rights in relation to data concerning your person. You have a right to receive, free of charge and upon request, information about the personal data we have stored about you, a right to correct, delete or restrict the processing of this data and a right to object to the processing. Whether and to what extent these rights apply in individual cases and which conditions intervene is determined by the DSGVO and the Federal Data Protection Act. According to the DSGVO, you also have a fundamental right to data transferability. Furthermore, if you give your consent to process your personal data, this consent can be revoked at any time with effect for the future.

Should you have any questions, comments or requests regarding the collection, processing, use or deletion of your personal data by us, please contact [email protected]

Right of appeal to the competent supervisory authority

As a data subject, you have the right to complain to the competent supervisory authority in the event of a breach of data protection law. The competent supervisory authority with regard to data protection issues is the State Data Protection Commissioner of the federal state in which our company is located.

Data security

For security reasons and to protect the transmission of confidential content that you send to us as the site operator, our website uses SSL or TLS encryption. This means that data that you transmit via this website cannot be read by third parties. You can recognise an encrypted connection by the "https://" address line of your browser and the lock symbol in the browser line.

All data to be processed in connection with the operation of this website is stored during hosting. This is necessary to enable the operation of the website. We process the data accordingly on the basis of our legitimate interests in accordance with Art. 6 para. 1 f) DSGVO. For the provision of our online presence, we use the services of web hosting providers to whom we transfer the above-mentioned data.

Contact form

Data transmitted via the contact form will be stored including your contact data in order to be able to process your enquiry or to be available for follow-up questions. These data will not be passed on without your consent.

The data entered in the contact form will be processed exclusively on the basis of your consent (Art. 6 para. 1 lit. a DSGVO). A revocation of your already given consent is possible at any time. An informal notification by e-mail is sufficient for the revocation. The legality of the data processing operations carried out up to revocation remains unaffected by revocation.

Data transmitted via the contact form will remain with us until you request us to delete it, revoke your consent to its storage or until there is no longer any need for data storage. Mandatory legal provisions - in particular retention periods - remain unaffected.

Cookies

Our website uses cookies. These are small text files that your web browser stores on your device. Cookies help us to make our offer more user-friendly, effective and safer.

Some cookies are "session cookies." Such cookies are automatically deleted after the end of your browser session. On the other hand, other cookies remain on your terminal device until you delete them yourself. Such cookies help us to recognize you when you return to our website.

With a modern web browser you can monitor, restrict or prevent the setting of cookies. Many web browsers can be configured so that cookies are deleted automatically when you close the program. Disabling cookies may result in limited functionality on our website.

The setting of cookies, which are necessary for electronic communication processes or the provision of certain functions requested by you, is based on Art. 6Abs. 1 lit. f DSGVO. As operators of this website, we have a legitimate interest in the storage of cookies for the technically error-free and smooth provision of our services. If other cookies are set (e.g. for analysis functions), these will be treated separately in this data protection declaration.

Furthermore, our website uses the "Cookie Consent" application of Osano, Inc. ("Osano"). This ensures the legally correct setting of cookies. When the website is first called up, the plug-in actively obtains the user's consent to the use of cookies and/or tracking technologies, but does not itself collect any personal data.

Details about this tool can be found at https://cookieconsent.osano.com and corresponding data protection information at https://www.osano.com/legal/privacy/.

Use of Google Analytics

We use Google Analytics to analyse website usage. The resulting data is used to optimise our website and advertising measures. Google Analytics is a web analysis service provided by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, United States). Google processes the data for website use on our behalf and is contractually obliged to take measures to ensure the confidentiality of the processed data. During your visit to the website, the following data, among others, is recorded:

- Pages accessed

- The achievement of "website objectives" (e.g. contact requests and newsletter subscriptions)

- Your behaviour on the pages (for example clicks, scrolling behaviour and dwell time)

- Your approximate location (country and city)

- Your IP address (in abbreviated form, so that no clear assignment is possible)

- Technical information such as browser, Internet provider, terminal device and screen resolution

- Source of your visit (i.e. via which website or advertising medium you came to us)

This data is transferred to a Google server in the USA. Google complies with the data protection regulations of the "EU-US Privacy Shield" agreement.

Google Analytics stores cookies in your web browser for a period of two years since your last visit. These cookies contain a randomly generated user ID with which you can be recognised during future visits to the website.

The recorded data is stored together with the randomly generated user ID, which enables the evaluation of pseudonymous user profiles. This user-related data is automatically deleted after 14 months. Other data remains stored in aggregated form for an unlimited period.

If you do not agree with the collection, you can prevent this by installing a browser add-on once to deactivate Google Analytics.

Use of Google Ads

Google Ads Conversion

We use the offer of Google AdsConversion to draw attention to our attractive offers with the help of advertising material (so-called Google Ads) on external websites. In relation to the data of the advertising campaigns, we can determine how successful the individual advertising measures are. In this way, we pursue the interest in showing you advertisements that are of interest to you, making our website more interesting for you and achieving a fair calculation of advertising costs.

These advertising materials are delivered by Google via so-called "Ad Servers". For this purpose, we use Ad Server Cookies, through which certain parameters can be measured to measure success, such as the display of ads or clicks by users. If you reach our website via a Google ad, Google Ads will store a cookie on your end device. These cookies usually expire after 30 days and are not intended to identify you personally. The unique cookie ID, number of ad impressions per placement (frequency), last impression (relevant for post-view conversions) and opt-out information (marking that the user no longer wishes to be contacted) are usually stored as analysis values for this cookie.

These cookies enable Google to recognize your internet browser. If a user visits certain pages of an ad client's website and the cookie stored on their computer has not expired, Google and the client may recognize that the user clicked on the ad and was redirected to that page. A different cookie is associated with each ad client. As a result, cookies cannot be tracked through the websites of ad clients. We ourselves do not collect and process any personal data in the advertising measures mentioned above. We only receive statistical evaluations from Google. By means of these evaluations we can recognize which of the advertising measures used are particularly effective. We do not receive any further data from the use of the advertising material, in particular we cannot identify the users on the basis of this information.

Due to the marketing tools used, your browser automatically establishes a direct connection with the Google server. We have no influence on the scope and further use of the data collected by Google through the use of this tool and therefore inform you according to our state of knowledge: Through the integration of Ads Conversion, Google receives the information that you have called up the corresponding part of our website or clicked on an advertisement from us. If you are registered with a Google service, Google can assign the visit to your account. Even if you are not registered with Google or have not logged in, it is possible that the provider will find out and save your IP address.

Google Ads Remarketing

We use the remarketing feature within the Google Ads service. The remarketing feature allows us to serve ads to users of our website on other websites within the Google advertising network (in Google Search or on YouTube, so-called "Google Ads" or on other websites) based on their interests. For this purpose, the interaction of the users on our website is analysed, e.g. which offers the user was interested in, in order to be able to show the users targeted advertising on other pages after visiting our website. For this purpose, Google stores a number in the browsers of users who visit certain Google services or websites in the Google display network. This number, known as a "cookie," is used to track the visits of those users. This number is used to uniquely identify a web browser on a particular device, not to identify an individual, and no personal information is stored.

You can prevent participation in this tracking process in various ways: a) by setting your browser software accordingly, in particular by suppressing third-party cookies; b) by installing the plug-in provided by Google at the link below: https://www.google.com/settings/ads/plugin; c) by deactivating the interest-based ads of the providers that are part of the self-regulation campaign "About Ads" via the link http://www.aboutads.info/choices, whereby this setting is deleted if you delete your cookies; d) by permanently deactivating them in your Firefox, Internet Explorer or Google Chrome browsers under the link http://www.google.com/settings/ads/plugin, e) by means of an appropriate cookie setting. We would like to point out that in this case you may not be able to use all functions of this offer to their full extent.

Further information on data protection at Google can be found here: http://www.google.com/intl/de/policies/privacy and https://services.google.com/sitestats/de.html. Alternatively, you can visit the website of the Network Advertising Initiative (NAI) at http://www.networkadvertising.org.

Google has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

Cookie lifetime: up to 180 days (this only applies to cookies set through this website). Legal basis: Art. 6 (1) a DSGVO

Use of Google Remarketing

We also use the remarketing function of Google. This enables us to provide you with personalised advertising on other websites based on the interests you have shown on our website. This possibility is limited to a maximum of 18 months.

ere information on this can be found in the Google privacy policy. You can also prevent interest-based advertising by installing a browser plugin.

Use of Cloudflare

Our pages use features of CloudFlare. Provider is CloudFlare, Inc. 665 3rd St. #200, San Francisco, CA 94107, USA. CloudFlare offers a worldwide distributed content delivery network with DNS. Technically, the information transfer between your browser and our website is routed through CloudFlare's network. CloudFlare is thus able to analyze the data traffic between users and our website, for example to detect and ward off attacks on our services. In addition, CloudFlare may store cookies on your computer for optimization and analysis purposes. This serves to protect our legitimate interests in an optimal marketing of our services according to article 6 paragraph 1S. 1 lit. b DSGVO. We have concluded a corresponding agreement with Cloudflare on the basis of the DSGVO for order processing. Cloudflare is a certified participant of the EU-US Privacy Shield Framework. Cloudflare has committed itself to handle all personal data contained in the member states of the European Union (EU) in accordance with the Privacy Shield Framework and its applicable principles. Further information about the Privacy Shield Framework can be found on the Privacy Shield List of the US Department of Commerce at https://www.privacyshield.gov. Cloudflare collects statistical data about the visit of this website. The access data includes: Name of the accessed website, file, date and time of access, transferred data volume, message about successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider. Cloudflare uses the protocol data for statistical evaluations for the purpose of operation, security and optimization of the offer.

Profiling

You have the right not to be subject to a decision based solely on automated processing, including profiling, that has legal effect on you or significantly affects you in a similar manner. This shall not apply if the decision

(1) is necessary for the conclusion or performance of a contract between you and us,

(2) is authorised by Union law or the law of the Member States to which we are subject and that law provides for appropriate measures to safeguard your rights and freedoms and your legitimate interests; or

(3) with your express consent.

Changes to this privacy policy

We reserve the right to change this privacy policy at any time with effect for the future. A current version is available on our website. Please visit our website regularly and inform yourself about the applicable data protection regulations. Please also note that data protection regulations and handling of data protection can also change continuously with third parties, e.g. Google or Facebook. It is therefore advisable and necessary to keep up to date with changes in the legal regulations and the practice of companies.

Contact

If you have any questions, comments or requests regarding this privacy statement, please contact: [email protected]