As website operators, we also process personal data. In the following, we would like to give you an overview of these processes as well as of your rights and other important information that must be provided in accordance with the General Data Protection Regulation (GDPR). When you visit our website, you can access, save and print out the following data protection information at any time.
1.2. Person Responsible
The person responsible for data processing within the meaning of the General Data Protection Regulation is:
Alliance Medical GmbH
vertreten durch den Geschäftsführer Herrn Michel Jongens
Tel: 02305 / 921710
1.3. Data Protection Officer
Our data protection officer monitors data protection at our company. You can contact him if you have any questions about data protection with us or about your data processed by us:
Dr.-Ing. Martin H. Ludwig
Tel: 0234 / 51 69 90 – 0
1.4. What data do we process when you visit our website and why do we do this?
Visiting our website is generally possible without the direct provision of personal data. You do not have to log in with your name etc. during your visit. However, there are also situations in which personal data is processed:
The internal section of our website can only be accessed after registration. If you have permission to access this section, you will find further information on data processing in the internal section. If you do not have the permission and enter personal data in the registration form, this data will be processed. In this case, we process your data to verify access permission and protect our infrastructure from attacks.
If you enter your data in our contact form (usually your contact data and your requests to us), we process these data – exclusively – for your request. For this purpose, the data is required.
If the data is required for contacting you in order to fulfil a contract with you or if a contract is intended to be concluded with you, this will result in the legality of the data processing. If mere contact remains, this results from the protection of legitimate interests. Because it is in our interest to answer your request and you have made this request, so we can assume that you have nothing against this processing. However, there is also data that you automatically transmit to us when you visit our website. This is your IP address. Without the IP address, we cannot display the website in your browser. Furthermore, when you access our website via a link, your browser transmits the so-called referrer. Here we see which link you clicked on. You can prevent this by not calling up our page via a link, i.e. clicking on a link, but by entering the website address directly in your browser. You also provide us with technical data about your browser and your computer: which browser, which operating system you are using, how large your monitor is, etc.
On the one hand we process this data (the IP address) to display the website to you. On the other hand, we log the visited websites (your IP address is shortened and thus made anonymous) in order to statistically evaluate the visits and improve our site: Which areas of our website are popular, which are less. We also evaluate the referrer in this way to optimize advertising that links to our website. Especially with the referrer, it is possible that personal data from you is integrated here and is thus transmitted to us. We have no influence on this and do not evaluate this data on a personal basis. Displaying the website to you and optimizing the website is our legitimate interest.
We also do not pass your data on to third parties. However, there are a few exceptions:
- You have asked us to pass the data on,
- You have asked us for something for which it is necessary to pass on the data,
- it is necessary for legitimate reasons to pass on the data.
In this case, our data protection officer will consider whether you might have anything against it. If, at our customary discretion you would have nothing against it, we may pass the data on. One example is a criminal attack on our servers. Here we may pass on the temporally relevant sections of the log files to the investigating authorities. The only one who will object is the criminal assailant. And criminals are not protected in their actions.
- And there is the exception that we are legally obliged to transmit the data.
We would like to ask you not to provide us with more data than is necessary for the respective matter. This helps us to comply with the principle of data minimisation and earmarking. Data that are not (no longer) necessary for a matter are generally deleted in a timely manner. Please note that we endeavour to secure all types of data transmission using SSL encryption. However, this safeguard is not complete, so the risk of unintentional disclosure of data cannot be completely excluded. Automatic decision making such as profiling does not take place.
1.5. And what about cookies etc.?
Cookies are small text files which are stored on your system and whose content is transmitted back to us. They can serve various purposes. For example, you can manage a shopping basket, or you can be recognized as a recurring website visitor.
There are other techniques that offer comparable functions: IDs in the URL or “browser fingerprinting”.
We use these techniques for technical reasons for administration, e.g. to save the settings you have made (e.g. the display font size).
We also use these techniques to recognize a visitor during his visits to improve our website: If visitors visit us regularly, we obviously have a good offer – if they only visit our website once and do not come back, then we have to do something. These data are not personal, we cannot identify you as a visitor here. You can prevent the creation of cookies by a certain setting of your browser. You can usually find information on this in your browser’s instructions. By preventing the creation of cookies, some functions of our website may fail.
1.6. Website Analysis: WordPress.com-Stats
1.7. Your rights as a data subject
You have the comprehensive right to information from us at any time as to whether and which of your personal data is processed or disclosed by us or another party for which purposes. You have the right at any time to have incorrect data corrected and unlawfully processed data deleted immediately. Furthermore, you can request the restriction of the processing of your personal data if on the one hand the continuation of the processing no longer appears legal but on the other hand an immediate deletion is not yet required (e.g. if the correctness is disputed but this has yet to be checked). If the processing is based on your consent, you can revoke this at any time – of course only for the future. You also have the right to data transferability and the right of appeal to the following supervisory authority:
State Commissioner for Data Protection and Freedom of Information
PO Box 20 04 44
40102 Düsseldorf, Germany
Phone: +49 211/38424-0
Fax: +49 211 38424-10
E-Mail: post office[at]ldi.nrw.de
Legal, economic and technical developments may make it necessary to adapt this data protection information. We will make the updated version available to you promptly on our website.
1.9. Text of Article 13 of the DGDPR (General Data Protection Regulation):
Information to be provided where personal data are collected from the data subject
- Where personal data relating to a data subject are collected from the data subject, the controller shall, at the time when personal data are obtained, provide the data subject with all of the following information:
- the identity and the contact details of the controller and, where applicable, of the controller’s representative;
- the contact details of the data protection officer, where applicable;
- the purposes of the processing for which the personal data are intended as well as the legal basis for the processing;
- where the processing is based on point (f) of Article 6(1), the legitimate interests pursued by the controller or by a third party;
- the recipients or categories of recipients of the personal data, if any;
- where applicable, the fact that the controller intends to transfer personal data to a third country or international organisation and the existence or absence of an adequacy decision by the Commission, or in the case of transfers referred to in Article 46or 47, or the second subparagraph of Article 49(1), reference to the appropriate or suitable safeguards and the means by which to obtain a copy of them or where they have been made available.
- In addition to the information referred to in paragraph 1, the controller shall, at the time when personal data are obtained, provide the data subject with the following further information necessary to ensure fair and transparent processing:
- the period for which the personal data will be stored, or if that is not possible, the criteria used to determine that period;
- the existence of the right to request from the controller access to and rectification or erasure of personal data or restriction of processing concerning the data subject or to object to processing as well as the right to data portability;
- where the processing is based on point (a) of Article 6(1) or point (a) of Article 9(2), the existence of the right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal;
- the right to lodge a complaint with a supervisory authority;
- whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract, as well as whether the data subject is obliged to provide the personal data and of the possible consequences of failure to provide such data;
- the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.
- Where the controller intends to further process the personal data for a purpose other than that for which the personal data were collected, the controller shall provide the data subject prior to that further processing with information on that other purpose and with any relevant further information as referred to in paragraph 2.
- Paragraphs 1, 2 and 3 shall not apply where and insofar as the data subject already has the information.