Privacy Policy

1. Data protection at a glance

General information

We have compiled the following information to provide you with a brief overview of what happens to your personal data when you visit our website. Personal data means all data that can be used to personally identify you. Detailed data protection information can be found in our Data Protection Statement below this section.

Data collection on our website

Who is responsible for data collection on this website?
Data on this website is processed by the website operator. You can find their contact details in the legal notice of this website.
How do we collect your data?
Part of the data collected by us is the data you disclose to us. This may include data that you enter in a contact form, for example.
Other data is automatically collected by our IT systems when you visit our website. This primarily concerns technical data (e.g. Internet browser, operating system or time of access). This data is collected automatically as soon as you access our website.
What do we use your data for?
Some of the data is collected to ensure the defect-free provision of our website. Other data may be used to analyse your website usage behaviour.
What rights do you have with regard to your data?
You have, at any time and without incurring a charge, the right to request information regarding the sources, recipients and purposes of your personal data stored by us. You also have the right to request the correction, blocking or deletion of this data. If you have given us your consent to the processing of your data, you can revoke it any time. Under certain circumstances, you also have the right to restrict the processing of your data. You also have the right to lodge a complaint with the responsible supervisory authority. To exercise your rights or for other queries regarding the issue of data protection, you can contact us at the address in the legal notice at any time. You also have the right to lodge a complaint with the responsible supervisory authority.

Analysis tools and tools from third-party providers

When visiting our website, your Internet usage may be analysed for statistical purposes. This primarily occurs using cookies and what are known as analysis programs. The analysis of your Internet usage is usually based on anonymised data; your Internet usage cannot be traced back to you. You may object to this analysis or prevent it by refraining from using certain tools. Detailed information can be found in the following Data Protection Statement.
You may object to this analysis. Our Data Protection Statement will inform you about the options available to you for exercising your right to object.

2. Hosting

External hosting

The pages of the body named in the legal notice are hosted by an external provider (host).
Personal data collected on this website is stored on the host’s servers. In particular, this may include IP addresses, contact requests, meta and communication data, contract data, contact details, names, website accesses and other data generated via our websites. The host is used in the interest of secure, efficient and fast provision of our website by a professional provider (Article 6, section 1, letter f of the General Data Protection Regulation (hereafter ‘GDPR’), as well as for the purpose of fulfilling contracts with interested parties and existing customers (Article 6, section 1, letter b GDPR).
The processing of your data by our host takes place only to the extent that this is necessary for the fulfilment of their service obligations and to follow our instructions with regard to this data.
In order to ensure processing of your data compliant with data protection regulations, we have concluded a data processing contract with our host.


The host of our website is:

Fischenich GmbH

Busenbacher Weg 30-32

42499 Hückeswagen

 

3. General and compulsory information

Data protection

The operators of these websites take the protection of your personal data very seriously. We treat your personal data as confidential and handle it in compliance with the statutory data protection regulations and this Data Protection Statement.
Different types of personal data will be collected when you use this website. Personal data means data which can be used to identify you personally. This Data Protection Statement explains which data we collect and what we use the data for. It also explains the means and purposes of data collection and use.
Please note that transmission of data via the Internet (e.g. in email communications) may have security loopholes. Complete protection of data from third-party access is not possible.

Note on the data controller

The data controller for data processing on this website is:
schein orthopädie service KG
Hildegardstraße 5
42897 Remscheid
Telephone: +49 (0)2191 9100
Email: remscheid[at]schein.de
The data controller is the natural or legal person who decides alone or jointly with others on the purposes and means of processing personal data (e.g. names, email addresses, etc.).

Duration of storage

Your personal data will remain with us until the purpose of the data processing is no longer relevant, unless a more specific storage period has been specified within this Data Protection Statement. If you revoke your consent to data processing or make a legitimate request for deletion, your data will be deleted unless we have a legally permissible reason for storing your personal data (e.g. tax or commercial retention periods); in the latter case, the deletion shall take place once these reasons no longer apply.

Legally stipulated data protection officer

We have appointed a data protection officer for our company.
EDV-Fortress
Sascha Hasselbach
Schulweg 8
42799 Leichlingen
datenschutz[at]schein.de

Notice on data transfer to the USA

Our website includes tools from companies based in the United States. When these tools are active, your personal information may be shared with the US servers of the respective companies. Please be aware that the USA is not a safe third country within the meaning of EU data protection law. US companies are required to disclose personal information to security agencies without you, as a data subject, being able to take legal action in this regard. We therefore cannot rule out the possibility that US authorities (e.g. intelligence agencies) process, evaluate and permanently store your data on US servers for surveillance purposes. We have no influence over these processing activities.

Revoking your consent to data processing

Many data processing operations are only possible with your express consent. You can revoke your previously provided consent at any time. The lawfulness of data processing up to the time of revocation will not be affected by this revocation of consent.

Right to object to the collection of data in special cases and to direct marketing (Article 21 GDPR)

If the data processing is carried out on the basis of Article 6, section 1, letter e or f GDPR, you have the right to object at any time to the processing of your personal data for reasons arising from your particular situation. This also applies to profiling based on these provisions. The respective legal basis on which processing is based can be found in this Data Protection Statement. If you object, we will no longer process the relevant personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms or the processing is for the exercising of legal claims (objection acc. to Article 21, section 1 GDPR).
Where we process your personal data for direct-marketing purposes, you have the right to object at any time to the processing of the relevant personal data for such marketing. The right to objection includes profiling if it is related to such direct marketing. If you object, your personal data will no longer be used for direct marketing purposes (objection acc. to Article 21, section 2 GDPR).

Right to lodge a complaint with the responsible supervisory authority

In the event of breaches of the GDPR, those affected by the processing shall have the right to complain to a supervisory authority, in particular in the member state of their habitual residence, their place of work or the place of the alleged infringement. The right to lodge a complaint exists without prejudice to any other administrative or judicial remedy.

Right to data portability

You have the right to personally receive or have provided to a third party a copy of data that we process automatically based on your consent or in order to perform an agreement, in a commonly used, machine-readable format. We will only comply with a request to transfer your data directly to another controller in as far as such transfer is technically feasible.

 

 

SSL and/or TLS encryption

This website uses SSL and/or TSL encryption for security reasons and to protect the transmission of confidential information, such as orders or queries you send to us as the website operator. You can tell that a connection is encrypted by looking at the address line of your browser and noting that ‘http://’ has changed to ‘https://’ and seeing the lock icon in the browser line.
If SSL and/or TLS encryption is activated, the data you send us cannot be viewed by third parties.

Access, blocking, erasure

Within the framework of the applicable statutory provisions, you have the right at any time to access information free of charge regarding the personal data stored about you, its origins and recipient and the purpose of data processing and, if necessary, the right to have this data rectified, blocked or deleted (erased). To do this or for other queries regarding the issue of personal data, you may contact us at the address in the legal notice at any time.

Right to restriction of processing

You have the right to request restriction of the processing of your personal data. Please contact the body mentioned in the legal notice at any time for this purpose.
There is a right to restriction of processing in the following cases:

If you have restricted processing of your personal data, such personal data shall, with the exception of storage, only be processed with your consent or for the assertion, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or of a member state.

 

Objection against advertising emails

We hereby object against the use of the contact details published for the purpose of complying with the obligation to publish a legal notice for the purpose of sending unsolicited advertising and information materials. The operators of the websites expressly reserve the right to take legal action in the case of any unsolicited delivery of advertising information, such as spam emails.

4. Data collection and data subjects’ rights

Cookies

Some of our webpages use what are known as cookies. Cookies are harmless to your computer and cannot infect it with viruses. The purpose of cookies is to make our service more user-friendly, effective and secure. Cookies are small text files which are placed on your computer and stored by your browser.
Most of the cookies used by us are what are known as ‘session cookies’. They are automatically deleted after the end of your visit. Other cookies will remain on your user device until you delete them. These cookies allow us to recognise your browser the next time you visit one of our webpages.
You can adjust your browser settings to the informed of the use of cookies and only permit cookies on a case-by-case basis, prohibit the acceptance of cookies for certain cases or categorically and activate the automatic deletion of cookies when you close your browser. The functions offered on this website may be limited when you have cookies deactivated.
Cookies that are required to perform the electronic communications process or to provide functions you require (e.g. shopping cart function) are stored on the basis of Article 6, section 1, letter f GDPR. The website operator has a legitimate interest in the storage of cookies for the technically flawless and optimised provision of its services. If other cookies (e.g. cookies for analysing your Internet usage) are stored, these will be discussed separately in this Data Protection Statement.

Server log files

The provider of the pages automatically collects and stores information in server log files, which are automatically transmitted to us by your browser. This information includes:

This data is not merged with other sources of data.
The data processing is based on Article 6, section 1, letter f GDPR, which permits the processing of data for the performance of a contract or for pre-contractual measures.

Contact form

If you send us queries via contact form, your details from the contact form, including the contact details you provide there, are stored by us for the purpose of processing your query and for any follow-up queries. We do not pass on this data without your consent.
The processing of the data entered in the contact form therefore takes place exclusively based on your consent (Article 6, section 1, letter a GDPR). You may revoke this consent at any time. To do this, you may simply provide us with an informal notification by email. The legality of the data processing procedures up until the point of revocation shall remain unaffected by the revocation.
We shall retain the data you enter in the contact form until you ask us to delete it, revoke your consent to its storage or the purpose of data storage no longer exists (e.g. when the processing of your query is complete). Obligatory statutory provisions – particularly retention periods – shall remain unaffected.

Query by email, phone or fax

If you contact us by email, telephone or fax, your query, including all personal data contained therein (e.g. name, content of your query) will be stored and processed by us for the purpose of processing your query. We will not share this information without your consent.
If your query relates to the fulfilment of a contract or is necessary for the implementation of pre-contractual measures, the processing of this data is carried out on the basis of Article 6, section 1, letter b GDPR. In all other cases, the processing is based on our legitimate interest in processing queries addressed to us (Article 6, section 1, letter f GDPR) or on your consent (Article 6, section 1, letter a GDPR) if this has been requested.
We shall retain the data you enter in the contact form until you ask us to delete it, revoke your consent to its storage or the purpose of data storage no longer exists (e.g. when the processing of your request is complete). Obligatory statutory provisions, particularly legally stipulated retention periods, shall remain unaffected.

Communication via WhatsApp Business

Among other services, we use the instant-messaging service WhatsApp Business to communicate with our customers.
The use of the WhatsApp Business instant-messaging service takes place on the basis of our legitimate interest in communicating as quickly and effectively as possible with customers, interested parties and other business and contractual partners (Article 6, section 1, sentence 1, letter f GDPR). If corresponding consent has been provided, the data processing is carried out exclusively on the basis of that consent. This can be revoked with effect for the future at any time.
Communication via WhatsApp Business is carried out via end-to-end (peer-to-peer) encryption, which prevents WhatsApp Business or other third parties from gaining access to the communication content. However, WhatsApp Business has access to metadata generated during the communication process (e.g. sender, recipient and time). Please also be aware that WhatsApp Business has stated that it shares the personal data of its users with its US-based parent company Facebook. Further details on data processing can be found in WhatsApp’s privacy policy on: https://www.whatsapp.com/legal/#privacy-policy .
We shall retain the content of communication on and with WhatsApp Business until you ask us to delete it, revoke your consent to its storage or the purpose of data storage no longer exists (e.g. when the processing of your query is complete). Obligatory statutory provisions – particularly retention periods – shall remain unaffected.
The provider is:
WhatsApp Ireland Limited
4 Grand Canal Square
Grand Canal Harbour
Dublin 2
Ireland
In order to ensure processing of your data compliant with data protection regulations, with the installation of WhatsApp Business we have concluded a data processing contract with WhatsApp Business (‘WhatsApp Business Data Processing Conditions’).
We are willing to participate in dispute resolution procedures. The link to online dispute resolution can be found here: www.ec.europa.eu/consumers/odr

Data processing (customer, interested party and contract data)

We collect, process and use personal data only to the extent that it is necessary for the establishment, shaping in content terms or adjustment of the legal relationship (inventory data). This is based on Article 6, section 1, letter b GDPR, which permits the processing of data for the fulfilment of a contract or for pre-contractual measures. We collect, process and use personal data on the use of this website (usage data) only to the extent necessary to enable the user to make use of the service or for invoicing purposes.
The collected customer data is deleted after the order has been concluded or the business relationship ended. Statutory retention periods are unaffected.

Processing of applicant data

We offer you the opportunity to apply for a job with us (e.g. by email or by post). In the following section, we would like to inform you about the scope, purpose and use of your personal data collected during the application process. The collection, processing and use of your data is carried out in accordance with applicable data protection law, as well as all other legal provisions. We will treat your data as strictly confidential.
When you send us an application, we process your related personal data (e.g. contact and communication data, application documents, notes made in the course of interviews, etc.) insofar as this is necessary for the decision on the establishment of an employment relationship. The legal basis for this is Section 26 of the new version of the German Federal Data Protection Act (initiation of an employment relationship), Article 6, section 1, letter b GDPR (general initiation of contracts) and – if you have given your consent – Article 6, section 1, letter a GDPR.
The consent can be revoked at any time. Your personal data will only be passed on within our company to those involved in the processing of your application.
If the application is successful, the data submitted by you will be stored in our data processing systems on the basis of Section 26 of the new version of the German Data Protection Act and Article 6, section 1, letter b GDPR for the purposes of carrying out the employment relationship.
If we are unable to offer you a job, you reject a job offer or you withdraw your application, we reserve the right to keep the data you provide on the basis of our legitimate interests (Article 6, section 1, letter f GDPR) for up to six months from the end of the application process (rejection or withdrawal of application). The data is then deleted and the physical application documents are destroyed. In particular, this document retention is used for the purposes of evidence in the event of a legal dispute. If it becomes apparent that the data will be necessary after the expiry of the six-month period (e.g. due to an impending or pending legal dispute), deletion will only take place if the purpose for further storage no longer applies.
A longer retention period can also occur if you have provided corresponding consent (Article 6, section 1, letter a GDPR) or if statutory retention periods prevent deletion.

Data subjects’ rights:

According to GDPR, when visiting our website, you have the following rights as a data subject:

1) Right of access (Article 15 GDPR)
You have the right to request information as to whether personal data concerning you is processed by us. Insofar as this is the case, in accordance with Article 15 GDPR you have the right to request information regarding this personal data and the types of information individually detailed in Article 15 GDPR.

2) Right to rectification and erasure (Articles 16 and 17 GDPR)
You have the right to request immediate rectification of any inaccurate personal data concerning you. Furthermore, taking into account the purposes of the processing, you have the right to request completion of incomplete personal data concerning you (Article 16 GDPR). You also have the right to request the immediate deletion (erasure) of personal data concerning you, provided that one of the reasons set out in Article 17 GDPR applies.

3) Right to restriction of processing (Article 18 GDPR)
You have the right to request the restriction of personal data concerning you if one of the conditions set out in Article 18 GDPR applies.

4) Right to data portability (Article 20 GDPR)
You have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format and you have the right to request the transfer of such data to a third party, provided that one of the cases referred to in Article 20 GDPR is relevant in this context.

5) Right to object (Article 21 GDPR)
You have the right to object at any time to the processing of personal data concerning you for reasons arising from your particular situation, provided that the processing is carried out on the basis of Article 6, section 1, letters e or f GDPR. We will no longer process the personal data, insofar as the processing is not taking place for the assertion, exercise or defence of legal claims and if there are no demonstrably compelling legitimate grounds for the processing that override your interests, rights and freedoms.

6) Right to complain to a supervisory authority (Article 77 GDPR)
You have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data violates applicable data protection regulations. In particular, you may exercise this right to complain to a supervisory authority in the member state of your place of residence, your place of work or the place of the alleged infringement. A list of the contact details of data protection officers in the German federal states and the supervisory authorities for the private sector can be found by following this link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html

7) Profiling and automated decision-making (Article 22 GDPR)
We consciously refrain from profiling or automated decision-making.

 

5. Analysis tools and advertising

Google Analytics

This website uses functions of the Google Analytics web analytics service.
The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Analytics uses what are known as ‘cookies’. These are text files stored on your computer that enable your use of the website to be analysed. The information about your use of this website generated by cookies is usually transmitted to a Google server in the United States and stored there.
Google Analytics cookies are stored on the basis of Article 6, section 1, letter f GDPR. The website operator has a legitimate interest in the analysis of user behaviour, in order to optimise their web service and their advertising.
IP anonymisation
We have activated the IP anonymisation function on this website. This means that Google will truncate the IP address within a member state of the European Union or other signatory country to the Agreement on the European Economic Area prior to its transmission to the United States. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and truncated there. Google uses this information on behalf of the website operator to evaluate your use of the website, compile website-activity reports and provide further services for the website operator associated with the use of both the website in particular and the Internet in general. The IP address transmitted by your browser for the purposes of Google Analytics will not be merged with other data held by Google.
Browser plug-in
You can prevent cookies from being stored on your device by changing the relevant setting in your browser software; please note that you may not be able to use all of this website’s functions if you have cookies deactivated. You may also prevent the data generated by the cookie related to your use of this website (including your IP address) from being transmitted to and processed by Google by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.
Objection to data collection
You can prevent the collection of your data by Google Analytics by clicking on the following link. This will cause an opt-out cookie that prevents the collection of your data when you visit this website in future to be placed on your computer: deactivate Google Analytics
More information on the handling of user data by Google Analytics can be found in Google’s data protection statement: https://support.google.com/analytics/answer/6004245?hl=de.
Data processing
We have concluded an agreement on data processing with Google and fully implement the strict specifications of German data protection authorities in the use of Google Analytics.
Demographic features in Google Analytics
This website uses the ‘demographic features’ function of Google Analytics. Reports containing statements on the age, gender and interests of site visitors can therefore be compiled. This data comes from Google’s interest-based advertising and from visitor data made available by third-party providers. This data cannot be assigned to a specific individual. You can disable this function at any time using the ad settings in your Google account or categorically prohibit Google Analytics’ collection of your data as described in the ‘Objection to data collection’ section.

6. Newsletter

Newsletter data

If you would like to receive the newsletter offered on the website, we require an email address from you, as well as information which allows us to check that you are the owner of the stated email address and you consent to receiving the newsletter. Other data is not collected or is only collected on a voluntary basis. We use this data exclusively to send the requested information and do not forward it to third parties.
The processing of the data entered in the newsletter registration form occurs exclusively based on your consent (Article 6, section 1, letter a GDPR). You may revoke consent given for the storage of data, the email address and its use to send the newsletter at any time, namely via the ‘Unsubscribe’ link in the newsletter. The legality of the data processing procedures already undertaken shall remain unaffected by the revocation.
The data you provide us with for the purposes of receiving the newsletter is stored by us until you unsubscribe from the newsletter and is deleted once you unsubscribe from the newsletter. Data which is stored by us for other purposes (e.g. email addresses for the member area) shall remain unaffected.

7. Plug-ins and tools

Google Maps

This website uses the Google Maps service via an API. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
It is necessary to store your IP address in order to use the features of Google Maps. This information is generally transmitted to a Google server in the United States and stored there. The provider of the website has no influence over this transmission of data.
We use Google Maps in order to make our website more appealing and make it easy to find the locations we list on our website. This represents a legitimate interest within the meaning of Article 6, section 1, letter f GDPR.
For more information on the handling of user data, please see Google’s data protection statement available on: https://www.google.de/intl/de/policies/privacy/.

Google reCAPTCHA

We use Google reCAPTCHA (hereinafter referred to as ‘reCAPTCHA’) on our websites. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
reCAPTCHA should be used to check whether data is input into our websites (e.g. in a contact form) by a person or an automated program. To do this, reCAPTCHA analyses the website visitor’s behaviour based on various characteristics. This analysis begins automatically as soon as the website visitor accesses the website. For the analysis, reCAPTCHA evaluates different information (e.g. IP address, duration of website visitor’s visit to the website or mouse movements made by the user). The data collected in the analysis is forwarded to Google.
The reCAPTCHA analyses all run in the background. Website visitors are not informed that an analysis is taking place.
Data is processed on the basis of Article 6, section 1, letter f GDPR. The website operator has a legitimate interest in protecting its web services from improper automated spying and spam.
For more information on Google reCAPTCHA and Google’s privacy policy, please see the following links: https://policies.google.com/privacy?hl=de and https://www.google.com/recaptcha/intro/android.html.

 

(Source: eRecht24)