Privacy policy

§1 Information about the collection of personal data

(1) In the following, we provide information on the collection of personal data when using our website. Personal data are any data that personally relate to you, e.g. name, address, email addresses, user behaviour.

(2) The data controller in terms of Art. 4 para. 7 of the EU General Data Protection Regulation (GDPR) is medisana GmbH, Carl-Schurz-Straße 2, 41460 Neuss, info@medisana.de, www.medisana.de (see our imprint). You can contact our data protection officer via datenschutz.ne@medisana.de or via our postal address, addressing your letter to the Data Protection Officer.

(3) When you contact us by email or by means of a contact form, the information you provide (your email address, your name and telephone number if applicable) shall be stored by us in order to answer your questions. We shall delete the data collected in this context after their storage is no longer required, or otherwise limit their further processing if we are required by law to continue retaining them.

(4) In the event that we employ contracted service providers to provide individual features of our offer, or wish to use your data for advertising purposes, we shall inform you in detail about the respective processes. We shall also specify the defined criteria governing storage periods.

§2 Your rights

(1) You have the following rights towards us with respect to your personal data:
– Right to information
– Right to rectification or deletion
– Right to restriction of processing
– Right to object to processing
– Right to data portability

(2) You have the right to complain to a data protection supervisory authority about our processing of your personal data.

§3 Collection of personal data when visiting our website

(1) If you use our website for informative purposes only, meaning that you do not register or otherwise provide us with data, we shall only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data which are technically necessary for us to display our website to you and to guarantee stability and security (legal basis is Art. 6 para. 1 clause 1 lit. f GDPR):
– IP address
– Date and time of the query
– Time zone difference from Greenwich Mean Time (GMT)
– Content of the request (specific page)
– Access status/HTTP status code
– Quantity of data transferred in each case
– Website from which the request came
– Browser
– Operating system and its interface
– Language and version of the browser software.

(2) In addition to the aforementioned data, cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard disk in association with the browser you are using and by which the body which sets the cookie (in this case, us), receives certain information. Cookies cannot run programs nor deliver viruses to your computer. They serve to make our site more user-friendly and effective.

(3) Use of cookies:

a) This website uses the following types of cookies, whose scope and functionality shall be explained below:
– Transient cookies (in addition to b)
– Persistent cookies (see c).

b) Transient cookies are automatically deleted when you close the browser. These especially include session cookies. These store a so-called session ID with which various requests from your browser can be assigned to the common session. This allows your computer to be recognised when you return to our website. Session cookies are deleted when you log out or close the browser.

c) Persistent cookies are automatically deleted after a specified period, which may differ depending on the cookie. You can delete cookies stored on your computer at any time via your browser’s security settings.

d) You can configure your browser settings as desired and refuse to accept third-party cookies or all cookies. We would like to point out that if you do this, you may not be able to experience the full functionality of the website.

e) If you have an account with us, we use cookies to identify you on follow-up visits. Otherwise you would have to log in again each time you visit us.

f) Flash cookies used are not detected by your browser, but rather by your Flash plug-in. Furthermore, we use HTML5 storage objects, which are stored on your device. These objects independently store the required browser data and do not have an automatic expiry date. If you do not want Flash cookies to be used, you must install a corresponding add-on, e.g. „Clear Flash Cookies“ for Mozilla Firefox (https://addons.mozilla.org/en-US/firefox/addon/clear-flash-cookies/?src=search ) or the Adobe Flash Killer Cookie for Google Chrome. You can prevent the use of HTML 5 storage objects by using your browser’s private mode. We also recommend that you regularly delete your cookies and your browser history manually.

§4 Further features and offers on our website

(1) In addition to the purely informational use of our website, we offer various services that you can use if interested. For this purpose, you must provide further personal data which we use to provide the respective service and to which the aforementioned data processing principles apply.

(2) In some cases, we will use external service providers to process your data. These have been carefully selected and commissioned by us, are bound by our instructions and are regularly audited.

(3) Furthermore, we may disclose your personal data to third parties if we offer promotions, competitions, contracts or similar services together with partners. For more information, please provide your personal data or see the description of the offer below.

(4) If our service providers or partners are located in a country outside the European Economic Area (EEA), we shall inform you of the consequences of this circumstance in the description of the offer.

§5 Objection to or revocation of your consent for the processing of your data

(1) If you have given your consent to the processing of your data, you may revoke this at any time. If you exercise this right, this will affect our ability to process your personal data after you have already given it to us.

(2) Insofar as we base the processing of your personal data on the balance of interests, you may object to the processing. This is the case if processing is not necessary in particular to fulfil a contract with you, which is described by us in the description of the functions. When exercising such an objection, we ask you to explain the reasons why we should not process your personal data as we have done. In the event of your justified objection, we shall examine the situation and either stop or adjust our data processing or point out to you our compelling legitimate reasons, on the basis of which we shall continue processing.

(3) Of course, you may object to the processing of your personal data for advertising and data analysis purposes at any time. Please use the following contact details to inform us of your objection to the processing of your personal data for advertising purposes: medisana GmbH, Carl-Schurz-Straße 2, 41460 Neuss, info@medisana.de, telephone: +49 (0) 2131 / 36 68 0, Fax: +49 (0) 2131 / 36 68 50 95.

§ 6 Use of Google Analytics for website analysis

(1) This website uses Google Analytics, a web analysis service provided by Google Inc. (“Google”). Google Analytics uses so-called cookies, which are text files that are stored on your computer that enable an analysis of how you use the website. The information generated by the cookie about your use of the website is usually transmitted to and stored by Google on servers in the United States. However, if IP anonymisation is activated on this website, Google will first shorten your IP address in a member state of the European Union or in other states that are parties to the Agreement on the European Economic Area. The full IP address will only be transmitted to a Google server in the USA and shortened there in exceptional cases. On behalf of the operator of this website, Google uses this information to evaluate your use of the website, compile reports regarding website activity and to provide other services to the website operator related to website usage and internet usage.

(2) The IP address transmitted from your browser within the framework of Google Analytics will not be collated with other data from Google.

(3) You may prevent the use of cookies by selecting the corresponding setting in your browser; however, we would like to inform you that this may prevent you from experiencing the full functionality offered by this website. You can also prevent the data generated by cookies concerning your use of the website (incl. your IP address) from being passed to Google, and the processing of this data by Google, by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de .

(4) This website uses Google Analytics with the “_anonymizeIp()” extension. Through the use of this tool, IP addresses are processed in shortened form, thus making it impossible to associate them with a specific person. If the data collected about you are personal, they will be blocked instantly and the personal data will be deleted immediately.

(5) We use Google Analytics to analyse and regularly improve the use of our website. The statistics obtained in this way enable us to improve our services and make them more interesting for you as a user. For the exceptional cases in which personal data are transferred to the USA, Google has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework .
The legal basis for the use of Google Analytics is Art. 6 para. 1 clause. 1 lit. f) GDPR.

(6) Information about the third-party provider: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001. User terms and conditions: http://www.google.com/analytics/terms/de.html, overview of data protection: http://www.google.com/intl/de/analytics/learn/privacy.html , and the privacy policy: http://www.google.de/intl/de/policies/privacy .

(7) This website also uses Google Analytics for an analysis of visitor flows across all devices. This is carried out via a user ID (Google Universal Analytics). You can disable the cross-device analysis of your usage in your customer account under „My data“, „Personal data“.

§ 7 Social Media and YouTube

1. Use of social media plug-ins

(1) We currently use the following social media plug-ins: Facebook, Instagram. We use the so-called two-click solution. This means that if you visit our site, initially no personal data will be passed on to the providers of these plug-ins. You can recognise the provider of the plug-in by the marking on the box above its initial letter or the logo. We offer you the option to communicate directly with the provider of the plug-in via the button. Only if you click on the marked field and thereby activate it, will the plug-in provider receive the information that you have accessed the corresponding website via our online offer. In addition, the data mentioned in § 3 of this policy shall be transmitted. In the case of Facebook, according to the respective providers in Germany, the IP address is anonymised immediately after collection. By activating the plug-in, data are automatically transmitted to the respective plug-in provider and stored there (US providers in the USA). Since the plug-in provider collects data mainly via cookies, we recommend that you delete all cookies using your browser’s security settings before clicking on the greyed-out box.

(2) We have no influence on the data collected or the way in which they are processed, nor are we aware of the full extent of data collection, the purposes of processing or the storage periods. We also have no information on the deletion of the data collected by the plug-in provider.

(3) The plug-in provider stores the data collected about you as user profiles and uses these for the purposes of advertising, market research and/or demand-oriented design of its website. Such evaluation is carried out in particular (also for users who are not logged in) to display customised advertising and to inform other users of the social network about your activities on our website. You have a right to object to the creation of these user profiles. You must contact the respective plug-in provider to exercise this right. Through the plug-ins we offer you the option to interact with social networks and other users, so that we can improve our offering and make it more interesting for you as a user. The legal basis for the use of plug-ins is Art. 6 para. 1 clause. 1 lit. f) GDPR.

(4) The data are passed on regardless of whether you have an account with the plug-in provider and are logged in there. If you are logged in with the plug-in provider, the data we collect about you will be directly assigned to your existing account with the plug-in provider. When you activate the button and link the page, for example, the plug-in provider also stores this information in your user account and communicates this publicly to your contacts. We recommend that you log out regularly after using a social network, especially before activating the button, so as to avoid mapping to your profile with the plug-in provider.

(5) For more information on the purpose and extent of the data collection and their processing by the plug-in provider, please refer to the privacy policies of these providers shown below. Here, you will also find further information on your rights and settings options for protecting your privacy.

(6) Addresses of plug-in providers and URL with their privacy policies:

a) Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA; http://www.facebook.com/policy.php ; further information on data collection: http://www.facebook.com/help/186325668085084 , http://www.facebook.com/about/privacy/your-info-on-other#applications as well as http://www.facebook.com/about/privacy/your-info#everyoneinfo .
Facebook has submitted to the EU-US Privacy Shield: https://www.privacyshield.gov/EU-US-Framework.

b) Instagram LLC., 1601 Willow Road, Menlo Park, California 94025, USA;
https://help.instagram.com/155833707900388/

2. Integration of YouTube videos

(1) We have included YouTube videos in our online offer, which are stored on http://www.YouTube.com and are directly playable from our website. These are all integrated and embedded in the „Extended Privacy Mode“, i.e. no data about you as user are transferred to YouTube if you do not play the videos. Only when you play the videos will the data referred to in paragraph 2 be transmitted. We have no influence on this data transfer.

(2) By visiting the website, YouTube receives the information that you have accessed the corresponding sub-page of our website. In addition, the data mentioned in § 3 of this policy is transmitted. This takes place regardless of whether YouTube makes available a user account via which you are logged in or no user account exists. If you are logged in to Google, your information will be directly associated with your account. If you do not wish to be associated with your profile when using YouTube, you must first log out before clicking the button. YouTube stores your data as usage profiles and uses them for the purposes of advertising, market research and/or requirements-oriented design of its website. Such evaluation also takes place (even for users who are not logged in) for the purposes of providing customised advertising and to inform other social network users about activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact YouTube to exercise this right.

(3) Further information regarding the purpose and scope of the data collection and their processing by YouTube can be found in the privacy policy. There you will also find further information on your corresponding rights and settings options for protecting your privacy: https://www.google.de/intl/de/policies/privacy . Google also processes your personal data in the US and has submitted itself to the EU-US Privacy Shield https://www.privacyshield.gov/EU-US-Framework.