Status: May 2022
1 General information
We take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations.
The controller within the meaning of the EU General Data Protection Regulation (“GDPR”) with regard to the processing of personal data in connection with the Website is ClinTriCare GmbH & Co. KG, Untere Illereicher Straße 10, 89281 Altenstadt an der Iller, Germany (“ClinTriCare”, “we”, “us”).
2 Processing of your data
As a matter of principle, we process your personal data only insofar as this is necessary to provide a functional website and our content and services.
3 Visiting the website
3.1 In principle, you can visit our website without providing us with any personal data. As is usual with most websites, our systems automatically record every access or retrieval of our website and store this temporarily in a log file (“log files”). The data stored in this context includes in particular the following data:
– IP address of the requesting computer
– Name and URL of the accessed file
– Date and time of access
– access status / http status code
– amount of data transferred in each case
– identification data of the browser used
3.2 We are not able to assign this data to specific persons. Personal user profiles are also not created. The aforementioned processing of data takes place for the purpose of enabling the use of the website (connection establishment) and for internal system-related purposes (technical administration, system security). The storage in log files is done to ensure the functionality of the website. In addition, we use this data to optimize the website and to ensure the security of our systems.
Insofar as the processing of data in the context of visiting the website involves personal data, the corresponding processing of this data is based on Art. 6 (1) p. 1 lit. f DSGVO (legitimate interest). The legitimate interest follows from the above-mentioned purposes.
4.1 On the website, the possibility of contacting us by, for example, contact form, email, telephone or via social media is available. If you contact us in these ways or send us an inquiry, the personal data you provide will be stored by us. In this respect, we do not collect any mandatory data, but only receive and store the personal data that you transmit to us. This data is used exclusively for the purpose of processing the corresponding request.
– Types of data processed: inventory data (e.g. names, addresses), contact data (e.g. e-mail, telephone numbers), content data (e.g. entries in online forms), usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
– Data subjects: Communication partners, interested parties.
– Purposes of processing: contact requests and communication, management and response to requests.
– Legal bases: contract performance and pre-contractual inquiries (Art. 6 para. 1 p. 1 lit. b. DSGVO), Legitimate Interests (Art. 6 para. 1 p. 1 lit. f. DSGVO).
4.2 The legal basis for the processing of the aforementioned personal data is Art. 6 para. 1 p. 1 lit. f DSGVO (legitimate interests). The legitimate interest arises from the fact that we can only perform the action requested by the user (e.g. answering inquiries) by processing the user’s data accordingly. If the contact aims at the possibility of concluding a business relationship with us, Art. 6 para. 1 lit. b DSGVO (contract performance and pre-contractual measures) is additionally the legal basis for the processing.
We use so-called session cookies to recognize that you have already visited individual pages of our website. These are automatically deleted after you leave our site.
You can configure your browser so that no cookies are stored or a message always appears before a new cookie is created. However, the deactivation of cookies may mean that you cannot (fully) use all the functions of our website.
5.2 The legal basis for the above processing of personal data is Art. 6 para. 1 p. 1 lit. f DSGVO (legitimate interest). The legitimate interest follows from the above purposes, to optimize website use and to improve user-friendliness.
6 Data transfer to third parties
The personal data collected in the course of using the website will – subject to other cases expressly described in this data protection declaration – not be passed on to third parties or transmitted in any other way without your consent. Exceptions to this are transfers of personal data to state institutions and authorities, insofar as we are legally obligated to do so. The legal basis for this processing of your personal data is Art. 6 para. 1 p. 1 lit. c DSGVO (fulfillment of a legal obligation).
For the operation of the website and the services offered on the website (for example, hosting of the website), we may use external IT service providers who process personal data from you on our behalf. These service providers process the data exclusively in accordance with our instructions. The legal basis for such data processing is Art. 6 para. 1 p. 1 lit. b) DSGVO (contract performance and pre-contractual measures) and Art. 28 DSGVO (order processing).
7 Duration of storage of your personal data
Insofar as no other storage period results from the other regulations of this data protection declaration, we store your personal data obtained by us in connection with the use of the website only as long as this is necessary to process your requests or inquiries to us, thereafter only to the extent and insofar as we are obligated to do so due to legal storage obligations. If we no longer need your data for the purposes described above, it will only be stored during the respective legal retention period and not processed for other purposes.
8 Your rights
You have the right to request information from us at any time about the personal data we have stored about you. If the legal requirements are met, you also have the right to demand that we correct, delete or restrict the processing of the relevant data and the right to object to the processing of your data by us.
If you have given your consent to the use of personal data, you may revoke this consent at any time for the future.
If you believe that the processing of personal data concerning you by us violates applicable data protection law, you may lodge a complaint with the competent supervisory authority for data protection.
You can contact us at the address given in section 1. You can reach our designated data protection officer at the e-mail address firstname.lastname@example.org and by telephone at +49-6221-39505-315.
10 Data security
ClinTriCare maintains up-to-date technical measures to ensure data security, in particular to protect your personal data from dangers during data transmissions and from third parties gaining knowledge. These are adapted to the current state of the art in each case.
11 Changes to the data protection declaration
From time to time, it may become necessary to amend this data protection declaration, for example due to further developments of our website or due to legal changes. We therefore reserve the right to change the data protection declaration at any time with effect for the future. We therefore recommend that you read this data protection declaration again at regular intervals.
Provision of the online offer and web hosting
In order to provide our online offer securely and efficiently, we use the services of one or more web hosting providers from whose servers (or servers managed by them) the online offer can be accessed. For these purposes, we may use infrastructure and platform services, computing capacity, storage space and database services, as well as security services and technical maintenance services.
The data processed in the course of providing the hosting offer may include all information relating to the users of our online offer, which is generated in the course of use and communication. This regularly includes the IP address, which is necessary to be able to deliver the contents of online offers to browsers, and all entries made within our online offer or from websites.
E-mail sending and hosting: The web hosting services we use also include the sending, receiving and storing of e-mails. For these purposes, the addresses of the recipients and senders as well as further information regarding the e-mail dispatch (e.g. the providers involved) and the contents of the respective e-mails are processed. The aforementioned data may also be processed for SPAM detection purposes. Please note that e-mails are generally not sent encrypted on the Internet. As a rule, e-mails are encrypted in transit, but (unless a so-called end-to-end encryption method is used) not on the servers from which they are sent and received. Therefore, we cannot assume any responsibility for the transmission path of the e-mails between the sender and the reception on our server.
Collection of access data and log files: We ourselves (or our hosting provider) collect data on access to the server (logs). The logs may include the address and name of the web pages and files accessed, the date and time of access, the volume of data transferred, notification of successful access, browser type and version, the user’s operating system, referrer URL (the previously visited page) and, as a rule, IP addresses and the requesting provider.
The server log files may be used, on the one hand, for security purposes, e.g., to prevent server overload (especially in the event of abusive attacks, so-called DDoS attacks) and, on the other hand, to ensure the utilization of the servers and their stability.
– Types of data processed: Content data (e.g. entries in online forms), usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
– Data subjects: Users (e.g., website visitors, users of online services).
– Legal grounds: Legitimate interests (Art. 6 para. 1 p. 1 lit. f. DSGVO).
Services used and service providers: