Data protection:

1. An overview of data protection

General information

The following information will provide you with an easy to navigate overview of what will happen with your personal data when you visit our website. The term “personal data” comprises all data that can be used to personally identify you. For detailed information about the subject matter of data protection, please consult our Data Protection Declaration, which we have included beneath this copy.

Data recording on our website

Who is the responsible party for the recording of data on this website (i.e. the “controller”)?

The data on this website is processed by the operator of the website, whose contact information is available under section “Information Required by Law” on this website.

How do we record your data?

We collect your data as a result of your sharing of your data with us. This may, for instance be information you enter into our contact form.

Our IT systems automatically record other data when you visit our website. This data comprises primarily technical information (e.g. web browser, operating system or time the site was accessed). This information is recorded automatically when you access our website.

How do we use your data?

Generally, we need your data to prepare for or implement a contract. Another category of data is collected to ensure that our website is faultlessly available to you. Other data is used to analyze your user behavior.

What rights do you have with respect to your data?

You have the right to receive information about the origin, recipient, and purpose of your stored personal data at no charge and at any time. You also have the right to request that this data is correct, locked, or deleted. On this point, as well as for other questions about data protection, you can contact us at the address indicated in the Imprint at any time. You also have the right to complain to the responsible supervisory authorities.

Analysis tools and tools provided by third parties

There is a possibility that your browsing patterns will be statistically analysed when your visit our website. Such analyses are performed primarily with cookies and with what we refer to as analysis programmes. As a rule, the analyses of your browsing patterns are conducted anonymously; i.e. the browsing patterns cannot be traced back to you. You have the option to object to such analyses or you can prevent their performance by not using certain tools. For detailed information about this, please consult our Data Protection Declaration below.

You do have the option to object to such analyses. We will brief you on the objection options in this Data Protection Declaration.

2. General information and mandatory information

Data protection

The operators of this website and its pages take the protection of your personal data very seriously. Hence, we handle your personal data as confidential information and in compliance with the statutory data protection regulations and this Data Protection Declaration.

Whenever you use this website, a variety of personal information will be collected. Personal data comprises data that can be used to personally identify you. This Data Protection Declaration explains which data we collect as well as the purposes we use this data for. It also explains how, and for which purpose the information is collected.

We herewith advise you that the transmission of data via the Internet (i.e. through e-mail communications) may be prone to security gaps. It is not possible to completely protect data against third party access.

Information about the responsible party (referred to as the “controller” in the GDPR)

The data processing controller on this website is:

HEYER Medical AG

Carl-Heyer-Strasse 1/3 

56130 Bad Ems

Deutschland

Telefon:+ 49 2603 791-3

E-Mail: info@heyermedical.de

The controller is the natural person or legal entity that single-handedly or jointly with others makes decisions as to the purposes of and resources for the processing of personal data (e.g. names, e-mail addresses, etc.).

Revocation of your consent to the processing of data

A wide range of data processing transactions are possible only subject to your express consent. You can also revoke at any time any consent you have already given us. To do so, all you are required to do is sent us an informal notification via e-mail. This shall be without prejudice to the lawfulness of any data collection that occurred prior to your revocation.

Right to Complain to the Responsible Authorities

In the event of an infringement against data protection law, affected parties have the right to complain to the responsible supervisory authorities. The responsible supervisory authority in data protection questions is the state Data Protection Officer of the federal state in which the headquarters of our company are located. You can find a list of the Data Protection Officers and their contact information in the following link: www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

Right to data portability

You have the right to demand that we hand over any data we automatically process on the basis of your consent or in order to fulfil a contract be handed over to you or a third party in a commonly used, machine readable format. If you should demand the direct transfer of the data to another controller, this will be done only if it is technically feasible.

SSL and/or TLS encryption

For security reasons and to protect the transmission of confidential content, such as purchase orders or inquiries you submit to us as the website operator, this website uses either an SSL or a TLS encryption programme. You can recognise an encrypted connection by checking whether the address line of the browser switches from “http://” to “https://” and also by the appearance of the lock icon in the browser line.

If the SSL or TLS encryption is activated, data you transmit to us cannot be read by third parties.

Origin, Locking, Deletion

In the context of the applicable statutory provisions, you have the right to information about your stored personal data, its origin and recipient, and the purpose of data processing and, if applicable, the right to correct, lock, or delete this data at no charge and at any time. On this point, as well as for other questions about personal data, you can contact us at the address indicated in the Imprint at any time.

3. Data protection officer

Designation of a data protection officer as mandated by law

We have appointed a data protection officer for our company.

Matthäus Eismont

HEYER Medical AG

Carl-Heyer-Str. 1/3

56130 Bad Ems

Deutschland 

Telephone. +49 2603 791-165

E-Mail: meismont(at)heyermedical.de

4. Data Collection on Our Website

Cookies

Internet websites sometimes use cookies. Cookies do not damage your computer and do not contain viruses. Cookies help us to make our website more user-friendly, more effective, and more secure. Cookies are small text files that are stored on your computer and saved by your browser.

Most of the cookies we use are what are called “session cookies.” They are automatically deleted at the end of your visit. Other cookies remain stored on your end device until you delete them. These cookies allow us to recognize your browser at your next visit.

You can set up your browser to tell you when a cookie is set and to only allow cookies in individual cases, to allow cookies in certain cases, or to generally exclude them, and can also activate a setting to automatically delete cookies when the browser is closed. When cookies are deactivated, the functionality of the website may be limited.

Cookies that are necessary to perform the electronic communication process or to provide certain functions you request are stored on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in storing cookies for the technologically correct and optimized provision of their services. Inasmuch as other cookies are stored (e.g. cookies to analyze your surfing behavior), these will be discussed separately in this Privacy Policy.

Server Log Files

The provider of this website collects and automatically stores information in server log files, which your browser automatically sends to us. These include:

  • Browser type and browser version
  • Operating system that is used
  • Referrer URL
  • Host name of the accessing computer
  • Time of the server inquiry
  • IP address
  • Data quantity

This data will not be combined with other data sources.

The access logs of the web server record what server inquires have taken place at what times. They contain the following data:

IP, directory protection user, date, time, pages visited, records, status code, data quantity, referrer, user agent, host name visited.

The IP addresses will be saved in an anonymized form. The last three numbers will be removed for this purpose, e.g. 127.0.0.1 becomes 127.0.0.*. IPv6 addresses will also be anonymized. Information about directory protection users will be anonymized after one day.

Error logs that record defective site visits will be deleted after seven days.

Visits over an FTP will be recorded anonymously and stored for 60 days.

The mail logs for sending emails from the web environment will be anonymized after one day and then retained for 60 days. In anonymization, all data about the sender/recipient, etc. will be removed. Only the time the email was sent and how the email was processed are retained (source ID or not sent).

Mail logs for things sent via our mail server are deleted after four weeks. The long retention period is necessary to guarantee the functionality of the mail services and in defense against spam.

The basis for data processing is Art. 6 para. 1 lit. b GDPR, which allows data to be processed to fulfill a contract or for pre-contractual measures, and Art. 6 para. 1 lit. f GDPR, as the website operator has a legitimate interest in storing log files for technologically correct and optimized provision of their services.

Contact Form

If you send inquiries to us using the contact form, your information from the contact form, including the contact information you have indicated, will be stored for the purpose of processing the inquiry and for the event that there are any related questions.

The website contains a contact form that facilitates quick electronic communication with our company and direct communication with us, which also includes a general address for electronic mail (email address). If you contact us by email or using a contact form, the personal data you send will be stored automatically. Any such data that you send to us on a voluntary basis will be stored for the purpose of handling your inquiry or contacting you. This personal data will not be disclosed to third parties.

The data entered in the contact form is processed on the basis of Art. 6 para. 1 lit. b GDPR, which allows data to be processed for the fulfillment of a contract or for pre-contractual measures, and of Art. 6 para. 1 lit. f GDPR, as the website operator has a legitimate interest in storing the data.

Processing of data (customer and contract data)

We collect, process and use personal data only to the extent necessary for the establishment, content organization or change of the legal relationship (data inventory). These actions are taken on the basis of Art. 6 Sect. 1 lit. b GDPR, which permits the processing of data for the fulfilment of a contract or pre-contractual actions. We collect, process and use personal data concerning the use of our website (usage data) only to the extent that this is necessary to make it possible for users to utilize the services and to bill for them.

The collected customer data shall be eradicated upon completion of the order or the termination of the business relationship. This shall be without prejudice to any statutory retention mandates. 

Data Disclosures at Contractual Conclusion for Services and Digital Contents

We only disclose personal data to third parties if this is necessary in the context of contract processing, such as to the credit institute charged with processing payment.

Any other disclosure of data will not occur, or will only occur if you have explicitly consented to the disclosure. Any disclosure of your data to third parties without your explicit consent, such as for advertising purposes, will not occur.

The basis for data processing is Art. 6 para. 1 lit. b GDPR, which allows data to be processed for the fulfillment of a contract or for pre-contractual measures.

5. Analysis Tools and Advertising

Google Analytics

This website uses functions from the web analysis service called Google Analytics. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Google Analytics uses “cookies.” These are text files that are stored on your computer and allow your use of the website to be analyzed. The information about your use of the website that is recorded with cookies is generally transferred to a Google server in the USA and stored there.

The storage of Google Analytics cookies occurs on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the analysis of user behavior to optimize both their website and their advertising.

IP Anonymization

We have activated the IP anonymization function on this website. In this process, your IP address is shortened by Google within Member State of the European Union or in other contracting states of the treaty on the European Economic Area. The full IP addresses will only be transferred to a Google server in the USA and shortened there in exceptional cases. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to create reports about activities in our website, and to perform other services for us in connection with the use of our website and the use of the Internet. The IP addresses transferred by your browser in the context of Google Analytics will not be combined with other data from Google.

Browser Plugin

You can prevent cookies from being stored by using the appropriate setting in your browser software; however, we must inform you that not all functions of this website can be fully used in this case. You can also prevent the data that is created by the cookie and relates to your usage of the website (incl. your IP address) from being acquired by Google and the processing of this data by Google by downloading and installing the browser plugin available under the following link: https://tools.google.com/dlpage/gaoptout?hl=en.

Objecting to Data Collection

You can prevent or permit the collection of your data by Google Analytics by entering the appropriate settings via the cookie banner. "Disable" sets an opt-out cookie that prevents your information from being collected on future visits to this site: display cookie hint banner

You can find more information about how user data is handled in Google Analytics in Google’s Privacy Policy: https://support.google.com/analytics/answer/6004245?hl=en.

Order Data Processing

We have concluded a contract for order data processing with Google and fully implement the strict rules of the German data protection authorities in the use of Google Analytics.

6. Newsletter

Newsletter data

If you would like to subscribe to the newsletter offered on this website, we will need from you an e-mail address as well as information that allow us to verify that you are the owner of the e-mail address provided and consent to the receipt of the newsletter. No further data shall be collected or shall be collected only on a voluntary basis. We shall use such data only for the sending of the requested information and shall not share such data with any third parties.

The processing of the information entered into the newsletter subscription form shall occur exclusively on the basis of your consent (Art. 6 Sect. 1 lit. a GDPR). You may revoke the consent you have given to the archiving of data, the e-mail address and the use of this information for the sending of the newsletter at any time, for instance by clicking on the "Unsubscribe" link in the newsletter. This shall be without prejudice to the lawfulness of any data processing transactions that have taken place to date.

The data you archive with us for the purpose of the newsletter subscription shall be archived by us until you unsubscribe from the newsletter. Once you cancel your subscription to the newsletter, the data shall be deleted. This shall not affect data we have been archiving for other purposes.

CleverReach

This website uses CleverReach for the sending of newsletters. The provider is the CleverReach GmbH & Co. KG, Mühlenstr. 43, 26180 Rastede, Germany. CleverReach is a service that can be used to organize and analyse the sending of newsletters. The data you have entered for the purpose of subscribing to our newsletter (e.g. e-mail address) are stored on servers of CleverReach in Germany or in Ireland.

Our newsletters sent out via CleverReach allow us to analyse the user patterns of our newsletter recipients. Among other things, in conjunction with this, it is possible how many recipients actually opened the newsletter e-mail and how often which link inside the newsletter has been clicked. With the assistance of a tool called Conversion Tracking, we can also determine whether an action that has been predefined in the newsletter actually occurred after the link was clicked (e.g. purchase of a product on our website). For more information on the data analysis services by CleverReach newsletters, please go to: www.cleverreach.com/en/features/reporting-tracking/.

The data is processed based on your consent (Art. 6 Sect. 1 lit. a GDPR).  You may revoke any consent you have given at any time by unsubscribing from the newsletter. This shall be without prejudice to the lawfulness of any data processing transactions that have taken place prior to your revocation.

If you do not want to permit an analysis by CleverReach, you must unsubscribe from the newsletter. We provide a link for you to do this in every newsletter message. Moreover, you can also unsubscribe from the newsletter right on the website.

The data you archive with us for the purpose of the newsletter subscription shall be archived by us until you unsubscribe from the newsletter. Once you cancel your subscription to the newsletter, the data shall be deleted from our servers as well as those of CleverReach. This shall not affect data we have been archiving for other purposes.

For more details, please consult the Data Protection Provisions of CleverReach at: https://www.cleverreach.com/en/privacy-policy/.

7. Plug-ins and Tools

YouTube

Our website uses plug-ins of the YouTube platform, which is being operated by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.

We use YouTube in the expanded data protection mode. According to YouTube, this mode ensures that YouTube does not store any information about visitors to this website before they watch the video. Nevertheless, this does not necessarily mean that the sharing of data with YouTube partners can be ruled out as a result of the expanded data protection mode. For instance, regardless of whether you are watching a video, YouTube will always establish a connection with the Google DoubleClick network.

As soon as you start to play a YouTube video on our website, a connection to YouTube’s servers will be established. As a result, the YouTube server will be notified, which of our pages you have visited. If you are logged into your YouTube account while you visit our site, you enable YouTube to directly allocate your browsing patterns to your personal profile. You have the option to prevent this by logging out of your YouTube account.

Furthermore, after you have started to play a video, YouTube will be able to place various cookies on your device. With the assistance of these cookies, YouTube will be able to obtain information about our website visitor. Among other things, this information will be used to generate video statistics with the aim of improving the user friendliness of the site and to prevent attempts to commit fraud. These cookies will stay on your device until you delete them.

Under certain circumstances, additional data processing transactions may be triggered after you have started to play a YouTube video, which are beyond our control.

The use of YouTube is based on our interest in presenting our online content in an appealing manner. Pursuant to Art. 6 Sect. 1 lit. f GDPR, this is a legitimate interest.

For more information on how YouTube handles user data, please consult the YouTube Data Privacy Policy under: https://policies.google.com/privacy?hl=en.

Google Web Fonts

For uniform presentation of different fonts, this website uses web fonts that are provided by Google. When visiting a website, your browser loads the necessary web fonts in your browser cache to correctly display text and fonts.

For this purpose, the browser you use must create a connection to the Google servers. This informs Google that our website was visited by your IP address. The use of Google web fonts occurs in the interest of a uniform, appealing presentation of our online product range. This constitutes a legitimate interest in the sense of Art. 6 para 1 lit. f GDPR.

If your browser does not support web fonts, a standard script is used by your computer.

You can find out more information about Google web fonts under https://developers.google.com/fonts/faq and in Google’s Privacy Policy: https://www.google.com/policies/privacy/.

Google Maps

This website uses the Google Maps map service via an API. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

To use the functions of Google Maps, it is necessary to store your IP address. This information is generally transferred to a Google server in the USA and stored there. The provider of this website has no influence on this data transfer.

The use of Google Maps occurs in the interest of an appealing depiction of our online product range and to allow users to easily find the locations we indicate on the website. This constitutes a legitimate interest in the sense of Art. 6 para 1 lit. f GDPR.

You can find more information about how user data is handled in Google’s Protection Policy: https://www.google.de/intl/en/policies/privacy/.