Welcome to the MDSS website. We appreciate your interest in our company. Protection of the personal data you entrust to us is a priority and we want you to feel safe and secure when you visit our website or use our online offers.
Medical Device Safety Service
Tel: 0511 6262 8630
Fax: 0511 6262 8633
CONTACT DATA PROTECTION OFFICER
WHEN AND WHICH PERSONAL DATA ARE PROCESSED?
The data processing instructions for our products and services can be found separately.
In the following cases, personal data are processed:
a. If you visit our website, the browser you used automatically sends information to the server of our website. This information is temporarily stored in a log file. The following information may be collected without your intervention and stored until automated deletion:
• IP address of the requesting computer (currently not collected),
• date and time of access,
• name and URL of the retrieved file,
• Website from which access is made (referrer URL),
• the browser used and, if applicable, the operating system of your computer as well as the name of your access provider.
b. For inquiries about quotes and any kind of telephone inquiries, you have the option to contact us using the forms offered on the website. For this purpose, it is necessary to provide the information required so that we know the origin of the request, which assist us in preparation in advance.
c. If you would like to send us a job application or advertised position or apply on your own initiation, we will process your submitted documents and personal data.
In case of these applications we need your name, address and other contact details, date and place of birth, nationality and qualification certificates. It is possible to provide additional information which from your point of view would be advantageous to establish an employment relationship.
d. Newsletter Registration - When you subscribe to our newsletters, we will collect your e-mail address. The data specified will be processed.
e. You can leave comments on the individual contributions. For this purpose, we store your IP address and the data you provide. You are not obliged to enter your data and can work with pseudonyms.
f. In case of booking a zoom consulting appointment, you send a request via a registration form. For this purpose we process the following data: Customer: YES/NO; company name; contact person; e-mail; telephone number (voluntary) and information about the desired appointment.
PURPOSES OF DATA PROCESSING
We use only the voluntarily provided personal data, only for the agreed purpose, and only to the required extent.
a. The data mentioned are processed by us for the following purposes:
The legal basis for data processing is Art. 6 (1) lit. f GDPR. Our legitimate interest follows from the data collection purposes listed above. In no case do we use the collected data for the purpose of drawing conclusions about you as an individual.
b. The processing of data for the purpose of contacting us / requesting a quotation / telephone contact with us is handled in accordance with Art. 6 (1) lit. b GDPR on the basis of a pre-contractual measure. If a contract is established, the data can be included in our customer care service. The data will not be processed for any further purpose.
c. The data processing serves the purpose for the establishment and implementation of an employment relationship according to Art. 88 GDPR in conjunction with § 26 BDSG. In case of a positive decision, the personal data will be included in our personnel file and will follow the purpose of the "employee management" procedure.
d. If, pursuant to Art. 6 (1) lit. a GDPR you have expressly consented, we use your e-mail address to regularly send you our newsletter.
e. On the basis of Art. 6 (1) lit. f DSGVO we process your data. This takes place for security reasons, if the rights of third parties are violated in comments and contributions or illegal contents are left behind (insults, defamations, inciting contents etc.), for which we ourselves can be responsible. We are dependent on your identity to be able to release us from this.
f. The data processing takes place to establish a contractual relationship and service provision.
Your comments are accessible to everyone and can also be recorded and retrieved by search engines.
CATEGORIES OF RECIPIENTS OF PERSONAL DATA
A transfer of your personal data to third parties for purposes other than those listed below does not take place.
We share your personal information to third parties only if:
This is legally allowed according to Art. 6 (1) lit. b GDPR and is required to enter into a contract with you.
Any data transfer to third countries takes place only, as far as you have given us your consent.
DURATION FOR WHICH PERSONAL DATA IS STORED
a. Cookies are stored in your browser as so-called session cookies and are automatically deleted after leaving the website. The duration of storage in this case follows from the technical functionality of the browser you are using.
b. Personal data sent to us in connection with a contact request on our website will only be stored for the duration of the processing of the request. If a contract is signed, the information you provide can be stored in our customer care system on a regular basis for 10 years, unless there is another legal obligation that obliges us to retain it for a longer period of time.
c. The personal data collected will be in case of:
a. Rejection: Saved for at least three months. The longest storage period at most six months.
b. Recruitment: Our retention periods apply. The information you are given will be provided to you upon recruitment.
d. Your specified personal data will be stored until revoked.
e. Your IP address will be stored for 28 days after publishing. A deletion of the comment does not take place in principle, except on your inquiry.
We would like to point out that we will delete your data if storage thereof is prohibited (especially if the data is incorrect and a correction is not possible). In lieu of deletion, it will be blocked, if legal or other obstacles are in the way (for example, special retention obligations based on commercial and tax regulations).
f. The data related to the determination of dates remain stored until the purpose is fulfilled. Data that is collected for billing purposes must be kept for 10 years.
RIGHT TO OBJECT
If processing of your personal data is based on legitimate interests in accordance with Art. 6 (1) lit. f GDPR, you have the right to file an objection against the processing of your personal data in accordance with Art. 21 GDPR, provided that there are reasons for this arising from your particular situation, or the objection refers to direct advertisement. In the latter case, you have a general right to object, which is implemented by us without specifying any particular reason. If you would like to exercise your right of revocation or objection, please send an e-mail to email@example.com.
RIGHT OF INFORMATION, CORRECTION, DELETION, RESTRICTION
The data subject is entitled to access the personal data concerned and to rectify or delete them or restrict their processing. Furthermore, you have a right to object to the processing.
RIGHT TO DATA TRANSFERABILITY
The data subject is entitled to data portability.
RIGHT OF APPEAL AT THE SUPERVISORY AUTHORITY
You have the right to file a complaint with the supervisory authority.
PROVISION OF PERSONAL DATA
There is no legal obligation for you to provide personal data.
AUTOMATED DECISION MAKING, INCLUDING PROFILING
Under certain circumstances, we may perform an automated profiling, with the aim of evaluating personal aspects. We may use these profiling measures in the following cases:
Due to legal and regulatory requirements, we are committed to combating money laundering, the financing of terrorism and property-related offenses. In this regard, data evaluations (including comparison with legally prescribed lists) are carried out.
This website uses the Google Maps product of Google Inc. By using this site, you consent to the collection, processing, and use of the automated data collected by Google Inc, its agents and third parties.
and the additional terms and conditions for "Google Maps"
On this website data is collected and stored using the web analysis service software Matomo (www.matomo.org), a service of the provider InnoCraft Ltd, 150 Willis St, 6011 Wellington, New Zealand, ("Mataomo") on the basis of our legitimate interest in the statistical analysis of user behaviour for optimisation and marketing purposes in accordance with Art. 6 Para. 1 lit. f DSGVO. From this data, pseudonymized user profiles can be created and evaluated for the same purpose. Cookies may be used for this purpose. Cookies are small text files that are stored locally in the cache of the visitor's Internet browser. Among other things, the cookies enable the recognition of the Internet browser. The data collected with Matomo technology (including your pseudonymised IP address) is processed on our servers.
The information generated by the cookie in the pseudonymous user profile is not used to personally identify the visitor of this website and is not combined with personal data about the bearer of the pseudonym.
If you do not agree with the storage and evaluation of this data from your visit, you can object to the storage and use of this data at any time. In this case a so-called opt-out cookie is stored in your browser, which means that Matomo does not collect any session data. Please note that the complete deletion of your cookies means that the opt-out cookie is also deleted and may have to be reactivated by you.
Cookies used on our Website
When you enter our website, you will be asked by a banner for your consent to data processing through cookies. The consent refers to the following listed cookies and represents a consent according to Art. 6 (1) lit. a GDPR.
If you make a decision, we set a cookie with you around this decision to store. This cookie bears the name "_pk_id.1.6a50" and is stored for 28 days. After the 28 days have expired, you will have to give your consent again or object to the processing on a new visit.
Social Media Buttons
We also want our website to display information, that we share on social networks on this website and give you the possibility to share out information on your social media accounts. For this we use plugins of the providers of the respective services. If you click on the plugin to share a post over the network, a connection will be established with the respective service. This contribution is then made visible in your user account according to your privacy settings for the service - e.g. only to a certain group of people in the network or publicly.
The default settings of the plugins would immediately transfer your personal data to the social network server when you access the website, regardless of whether you click or tap on the plugin or are registered as a user in the social network. To avoid this, we used the Shariff tool. With Shariff the connection to the server of the service is only established when you click on the plugin.
Shariff is provided by c't and heise online as open source software. More information can be found here: https://www.heise.de/ct/artikel/Shariff-Social-Media-Buttons-mit-Datenschutz-2467514.html
The legal basis for data processing by social networks after the integration of the Shariff tool is Art. 6 para. 1 lit. a) DSGVO. The use of the plugins for advertising purposes only takes place after your active consent.
We currently use the Twitter button with Shariff: The social plugin of the social network Twitter is used on the website. By clicking on the "Twitter" button, you can share a post with your contacts on Twitter and our current tweets on the website will be displayed.
If you are logged in to your Twitter account when you activate the plugin, the data transferred will be assigned to your user account and the shared post will be displayed there.
Twitter is a service of Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. Twitter Inc. is certified under the EU-US Privacy Shield https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active, an agreement that ensures compliance with EU privacy laws. You can access Twitter's privacy statement at the following link: https://twitter.com/en/privacy