Privacy Policy
DATA PROTECTION DECLARATION
1. General information and principles of data processing
We are pleased that you are visiting our website. The protection of your privacy and the protection of your personal data, so-called personal data, when using our website is an important concern for us. According to Art. 4 No. 1 GDPR, personal data is any information relating to an identified or identifiable natural person. This includes, for example, information such as your first and last name, your address, your telephone number, your email address, but also your IP address. Data that cannot be linked to your person, such as anonymised data, is not personal data. Processing (e.g. collection, storage, retrieval, consultation, use, transmission, erasure or destruction) in accordance with Art. 4 No. 2 GDPR always requires your consent or another legal basis. Processed personal data must be erased as soon as the purpose of the processing has been achieved and there are no longer any statutory retention obligations to be complied with.
Here you will find information on how we handle your personal data when you visit our website. In order to provide the functions and services of our website, it is necessary for us to collect personal data about you. Below you will also find information on the type and scope of the respective data processing, the purpose and the corresponding legal basis as well as the respective storage period. This privacy policy only applies to this website. It does not apply to third-party websites to which we merely refer via a hyperlink. We cannot assume any responsibility for the confidential handling of your personal data on these third-party websites, as we have no influence on whether they comply with the statutory data protection regulations. For information on how third parties handle your personal data, please refer directly to their websites.
2. Responsible Body
Jointly responsible for data processing are:
OCM Klinik GmbH, represented by the managing director Cathleen Wenning-Weber
OCM Gemeinschaftspraxis GbR, represented by the managing director Cathleen Wenning-Weber
OCM Medizinisches Versorgungszentrum GbR, represented by the medical director Prof. Dr. med. Martin Jung
Jointly contactable at:
Steinerstr. 6
81369 Munich
Phone: +49 89.206082-0
Fax: +49 89.206082-333
info@ocm-muenchen.de
www.ocm-muenchen.de
3. Data Protection Officer
If you have any questions about data protection, you can also contact our data protection officer at any time:
Dr Georg F. Schröder, LL.M.
legal data Schröder Rechtsanwaltsgesellschaft mbH
Prannerstr. 1
80333 Munich
Tel: +49-89 - 954 597 520
Fax: +49-89 - 954 597 522
E-Mail: georg.schroeder@legaldata.law
4. Processing of Health Data
a) Type and scope of data collection
We process your personal data, in particular your health data, if you are a patient with us or make an enquiry. This includes medical histories, diagnoses, therapy suggestions and findings that we or other doctors collect. Other doctors or psychotherapists with whom you are receiving treatment may also provide us with data for these purposes (e.g. in doctor's letters).
b) Purpose and legal basis of data collection
Data processing is carried out on the basis of legal requirements in order to fulfil the treatment contract between you and your doctor and the associated obligations. The collection of health data is a prerequisite for your treatment. If the necessary information is not provided, careful treatment cannot take place.
The legal basis for processing your data is Article 9(2)(h) GDPR in conjunction with Section 22(1)(1)(b) of the German Federal Data Protection Act (BDSG).
c) Storage period
We will only store your personal data for as long as is necessary to carry out the treatment.
Due to legal requirements, we are obliged to store this data for at least 10 years after completion of the treatment. Other regulations may stipulate longer retention periods, for example 30 years for X-ray records in accordance with Section 28 (3) of the X-ray Ordinance (RöV).
5. Electronic Patient File (ePA)
a) Type and scope of data collection
You can authorise our doctors to use your ePa. Our doctors will then have access to the health data stored in your eHR to the extent of your authorisation. You can authorise this either via the app provided by your health insurance provider or directly at our practice using your electronic health card (eHC).
Use of the ePA is voluntary for you. You will not suffer any disadvantage if you decide not to use the ePA.
At your request, we will fill your electronic patient file with the health data available to us (e.g. medical histories, diagnoses, treatment suggestions and findings). Patients are entitled to have data transferred to and stored in the EPR, provided that this data is processed electronically by the service providers participating in SHI-accredited medical care as part of the treatment of the insured person and provided that this does not conflict with other legal provisions.
Under data protection law, your health insurance fund is responsible for providing the electronic patient file.
b) Purpose and legal basis of data collection
The purpose of data processing is the use of the ePA.
The legal basis for the processing is your consent pursuant to Art. 6 para. 1 lit. a GDPR, Art. 9 GDPR in conjunction with Art. 339 para. 1 SGB V, Sections 344, 344-348 SGB V. § 339 para. 1 SGB V, §§ 344, 346-348 SGB V.
c) Storage period
We will only have access to your ePA for as long as you wish. You have the option of limiting the duration of our access through technical settings in your app. You have the option of deleting individual components of your ePA at any time.
You also have the option to close your EPA completely at any time, i.e. to have it deleted. To do this, you must revoke the consent you have given to your health insurance company to use the PPC.
6. Provision and Use of the Website / Server Log Files
a) Type and scope of data processing
If you use this website without transmitting data to us in any other way (e.g. by registering or using the contact form), we collect technically necessary data in the form of log data (so-called log files), which are automatically transmitted to our server by your end device, including
- IP address
- Date and time of the request
- URL of the accessed subpage
- URL of the page from which the redirection to our site took place (so-called referrer URL)
- Access status/HTTP status code
- Type, language and version of the browser software
- Operating system
b) Purpose and legal basis of data processing
This processing is technically necessary in order to be able to display our website to you. We also use the data to ensure the security and stability of our website.
The legal basis for the processing is Art. 6 para. 1 lit. f) GDPR. The processing of the aforementioned data is necessary for the provision of a website and thus serves to safeguard a legitimate interest of our company.
c) Storage period
As soon as the aforementioned personal data is no longer required to display the website, it will be deleted. This is the case no later than seven days after visiting our website. The collection of data for the provision of the website and the storage of data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility for the user to object to this aspect. Further storage may take place in individual cases if this is required by law.
7. Data Collection for the Implementation of pre-contractual Measures and for Contract Fulfilment
a) Type and scope of data processing
We collect personal data about you in the pre-contractual area and when concluding a contract. This concerns, for example, first and last name, address, e-mail address, telephone number or bank details.
b) Purpose and legal basis of data processing
We collect and process this data exclusively for the purpose of executing the contract or fulfilling pre-contractual obligations.
The legal basis for this is Art. 6 para. 1 lit b) GDPR. If you have also given your consent, the additional legal basis is Art. 6 para. 1 lit. a) GDPR.
c) Storage period
The data will be deleted as soon as it is no longer required for the purpose of its processing. In addition, there may be statutory retention obligations of up to 10 years, for example retention obligations under commercial or tax law in accordance with the German Commercial Code (HGB) or the German Fiscal Code (AO). If such retention obligations exist, we will block or delete your data when these statutory retention periods expire.
8. Contact Form
a) Type and scope of data processing
On our website, we give you the opportunity to contact us using a form provided. As part of the process of sending your enquiry via the contact form, reference is made to this privacy policy to obtain your consent.
If you use the contact form at www.ocm-muenchen.de/de/kontakt or the contact form at https://www.ocm-muenchen.de/en/orthopedic-surgery-germany, the following personal data may be processed by you:
- Customer number
- Title
- First name
- Surname
- title
- Postcode
- Postcode
- Town
- Country
- e-mail address
- Telephone number
- Subject
- Content of the message
- Any other fields contained in the respective form
When using the contact form, your personal data will not be passed on to third parties.
b) Purpose and legal basis
The purpose of providing your contact details is to be able to respond to your enquiry.
The legal basis for the processing is your consent pursuant to Art. 6 para. 1 lit. a) GDPR, which you can revoke at any time for the future.
c) Storage period
We will retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request).
Mandatory statutory provisions - in particular retention periods under the German Commercial Code (HGB) or the German Fiscal Code (AO) - remain unaffected by this.
9. contact options by e-mail
a) Type and scope of data processing
You can apply to us by e-mail. When you apply, we collect and store the data that you send us by e-mail (see also section 9 of this privacy policy) or enter in our application form on the website.
b) Purpose and legal basis
The purpose of data processing is to respond appropriately to your enquiry. The legal basis for this is Art. 6 para. 1 lit. f) GDPR. There is a legitimate interest in processing the above-mentioned personal data to process your enquiry.
c) Storage period
The duration of the storage of the above-mentioned data depends on the background of your contact. Your personal data will be deleted regularly if the purpose of the communication no longer applies and storage is no longer required due to statutory retention obligations. This may result, for example, from the processing of your request.
10. Smart Telephone Assistant
a) Type and scope of data processing
We use the telephone assistant of the provider Aaron GmbH, Schinkestr. 9, 12047 Berlin, e-mail: hi@aaron.ai (‘Aaron.ai’). With the telephone assistant, you can reach us at any time, even if we are currently looking after our patients or if you call outside office hours. The telephone assistant will answer and ask for the necessary information for your enquiry (e.g. making an appointment). You can also tell the telephone assistant how we can best reach you. Our practice team receives this information on the computer and can get in touch with you promptly - by phone or text message. With the telephone assistant, your enquiry can be received at any time and then processed by us in a targeted manner.
b) Purpose and legal basis
The purpose of the processing is to manage and process your requests (e.g. making appointments). We have concluded an order processing contract with Aaron.ai that meets the requirements of Art. 28 GDPR. Aaron.ai is legally and contractually obliged to maintain confidentiality and to protect your data. Data processing outside the European Union does not take place.
c) Storage period
After your request has been processed, your data will be deleted from the web-based application, but no later than 3 months after the process has been completed.
Further information on data protection at Aaron.ai can be found in the provider's privacy policy at: aaron.ai/datenschutz
11. Application Option
a) Type and scope of data processing
You can apply to us by e-mail. When you apply, we collect and store the data that you send us by e-mail (see also section 9 of this privacy policy) or enter in our application form on the website.
b) Purpose and legal basis of data processing
We only process your data for the purpose of processing your application. Your data will not be passed on to third parties. The legal basis for the processing is Art. 88 para. 1 GDPR in conjunction with. § 26 para. 1 BDSG. If, in the event of a rejection, you give us your consent to the further storage of your data so that we can return to your application in the future if necessary, the legal basis is Art. 6 para. 1 lit. a) GDPR.
c) Storage period
If we are unable to offer you a position, we will store your data for a maximum of six months after the end of the application process, taking into account Section 61b (1) ArbGG in conjunction with Section 15 AGG. § 15 AGG. The start of the period is the receipt of the rejection letter.
If you have given us your consent to include you in our applicant pool, we will store your data for a maximum of two years.
d) Data transfer
Your data will only be passed on to the departments involved in the decision (responsible HR or specialist departments, practice management).
In addition, we may be obliged by law, official or court order to transfer your data to public authorities (e.g. public prosecutor's office, police, supervisory authorities, tax office, social insurance institutions, etc.).
Other data recipients may be those bodies for which you have given us your consent to transfer data.
12. Matomo
This website uses the open source web analysis service Matomo. Matomo uses technologies that enable cross-page recognition of the user to analyse user behaviour (e.g. device fingerprinting). The information collected by Matomo about the use of this website is stored on our server. The IP address is anonymised before storage. With the help of Matomo, we are able to collect and analyse data about the use of our website by website visitors. This enables us to find out, among other things, when which pages were accessed and from which region. We also record various log files (e.g. IP address, referrer, browser and operating system used) and can measure whether our website visitors perform certain actions (e.g. clicks, purchases, etc.). The use of this analysis tool is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the anonymised analysis of user behaviour in order to optimise both its website and its advertising.
IP anonymisation
We use IP anonymisation for the analysis with Matomo. This means that your IP address is shortened before it is analysed so that it can no longer be clearly assigned to you.
Hosting
We host Matomo exclusively on our own servers so that all analysis data remains with us and is not passed on.
13. Integration of YouTube Videos
We use the YouTube embedding function to display and play videos from the provider Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, Tel: +353 1 543 1000, Fax: +353 1 686 5660, E-Mail: support-deutschland@google.com (“Google”).
The extended data protection mode is used here, which, according to the provider, only initiates the storage of user information when the videos are played. If the playback of embedded YouTube videos is started, the provider “YouTube” uses cookies to collect information about user behavior. According to YouTube, these are used, among other things, to record video statistics, improve user-friendliness and prevent abusive behavior. If you are logged in to Google, your data can be assigned directly to your account when you click on a video. If you do not wish to be associated with your YouTube profile, you must log out before activating the button. Google stores your data (even for users who are not logged in) as usage profiles and analyzes them. Such an evaluation is carried out in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR on the basis of your consent. Regardless of whether the embedded videos are played, a connection to the Google network “DoubleClick” is established each time this website is accessed, which can trigger further data processing operations without our influence. Further information on data protection at “YouTube” can be found in the provider's privacy policy at: https://www.google.de/intl/de/policies/privacy
14. Jameda Widgets and Seals
The Jameda widget is integrated on this website. The Jameda widget is an offer from jameda GmbH, Balanstraße 71a, 81541 Munich. A widget is a small window that displays variable information. The seal works in a similar way, i.e. it does not always look the same, but the display changes regularly. Although the corresponding content is displayed on our website, it is retrieved from the jameda servers at that moment. Only in this way can the current content always be shown, especially the current rating. For this purpose, a data connection must be established from this website to jameda and jameda receives certain technical data (date and time of the visit; the page from which the query is made; Internet Protocol address (IP address) used, browser type and version, device type, operating system and similar technical information), which are necessary for the content to be delivered. However, this data is only used to provide the content and is not stored or used in any other way.
With the integration, we pursue the purpose and the legitimate interest of presenting current and correct content on our homepage. The legal basis is Art. 6 para. 1 f) GDPR. We do not store the aforementioned data as a result of this integration. Further information on data processing by jameda can be found in the privacy policy at https://www.jameda.de/info/datenschutz.
15. Social Media
a) Type and scope of data processing
Our website contains links to our profiles on social networks. We provide information there about our products and current special offers. No data is transferred to the operators of the social networks when you load our website, but only when you actively follow the link to our profile on the respective social network. If you access our profile page on a social network, the operator of the social network may place cookies on your device, regardless of whether you have an account with the network or whether you are logged in there. Cookies are data packets that mark the user's end device with a specific identifier. Cookies are primarily used to display personalized advertising to visitors to social networks, including our profile pages.
This is done, for example, by displaying advertisements from advertising partners of the social network whose websites the user has previously visited on the pages of the social network.
Cookies also enable us to compile statistics about the use of our profile page (e.g. number of page views, user categories). If we receive such statistical analyses from the operator of the social network, the data is anonymized by the operator beforehand, i.e. it is not possible for us to assign usage data to an individual user. However, if you are logged in to the social network, the operator of the social network may be able to assign the visit to our profile on the social network to your existing account there.
We have no influence on which data is collected and transmitted by the operator of the social network, to which third party recipients the data is transmitted by the operator of the social network and how long the data is stored by the operator of the social network. Please refer to the privacy policy of the respective social network.
We do not pass on your data collected on our profile page on the respective social network to third parties unless this is necessary on the basis of your consent or to fulfill a contract with you. If we use external service providers (e.g. in the area of IT), this takes place in the form of order processing with the service provider, on the basis of which the service provider is obliged to process data in accordance with our instructions. In addition, data may be passed on to courts and competent law enforcement and supervisory authorities on the basis of official orders and legal obligations.
You are not obliged to provide us with your data on our profile pages on social networks. If you do not want the operators of the social networks to collect data from you on our profile pages, you can prevent this by not accessing our profile pages.
We delete private messages that you send us via social networks one year after the last communication with you. We will always keep your public posts (e.g. in our timeline) published permanently until you expressly request their deletion.
We reserve the right to delete illegal content published by users on our profile page on the respective social network, e.g. copyright infringements or statements relevant under criminal law.
According to the case law of the European Court of Justice, we are jointly responsible with the operator of the respective social network for the operation of our profile page with regard to compliance with data protection regulations. In this context, the operator of the social network provides the associated IT infrastructure and the website of the social network and is generally the primary point of contact when it comes to the processing of your data on the pages of the social network (e.g. information or deletion). However, you can also assert your legal rights against us. In this case, we will forward your requests to the operator of the social network.
b) Purpose and legal basis of data processing
The purpose we pursue in processing your data on our profile page on the respective social network is to provide information about our offers and services and to respond to any inquiries on our profile page. The legal basis for the processing is Art. 6 para. 1 f) GDPR. In this respect, public relations work is covered by our legitimate interests within the meaning of the provision.
c) Social networks used
Below you will find the contact details of the respective operators of the social networks we use as well as a link to the respective privacy policy for further information on data protection on the social networks:
Facebook:
Provider: Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2 D02 X525, Ireland
www.facebook.com/about/privacy/
Instagram:
Provider: Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2 D02 X525, Ireland
help.instagram.com/519522125107875
YouTube:
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4 D04 E5W5, Ireland
policies.google.com/privacy
LinkedIn:
Provider: LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland
en.linkedin.com/legal/privacy-policy
With the US providers Facebook, Google and LinkedIn, data is transferred to the USA. This provider obliges recipients located outside the European Union (EU) or the contracting states of the Agreement on the European Economic Area (EEA) to comply with an appropriate standard of data protection on the basis of so-called EU standard contractual clauses. Please note, however, that we cannot guarantee that these providers actually comply with the required data protection standard.
16. Data Transmission
We only pass on your personal data to third parties if:
You have given your express consent to this in individual cases in accordance with Art. 6 para. 1 lit. a) GDPR; this is legally permissible and necessary in accordance with Art. 6 para. 1 lit. b) GDPR or Art. 9 para. 2 lit. h) GDPR in conjunction with § 22 para. 1 no. 1 lit. b) BDSG for the fulfillment of a contractual relationship with you or the implementation of pre-contractual measures; pursuant to Art. 6 para. 1 lit. c) GDPR, there is a legal obligation for the disclosure (e.g. to authorities, social security institutions, health insurance companies, supervisory authorities and law enforcement authorities); the disclosure pursuant to Art. 6 para. 1 lit. f) GDPR is necessary to safeguard legitimate company interests and to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data (e.g. to debt collection service providers);we use external service providers (so-called processors) for processing in accordance with Art. 28 GDPR, who process data in accordance with our instructions and are obliged to handle your data carefully (e.g. in the areas of IT or marketing).
When transferring data to external bodies in third countries, i.e. outside the European Union (EU) or the contracting states of the Agreement on the European Economic Area (EEA), we ensure that these bodies treat your personal data with the same care as within the EU or the EEA. We only transfer personal data to third countries where the EU Commission has confirmed an adequate level of protection or where we can ensure the careful handling of personal data through contractual agreements or other suitable guarantees.
17. Data Security and Security Measures
We are committed to protecting your privacy and treating your personal data confidentially. To this end, we take extensive technical and organizational security precautions, which are regularly reviewed and adapted to technological progress. These include the use of recognized encryption methods (SSL or TLS). However, data that is disclosed without encryption, for example by unencrypted e-mail, may be read by third parties. We have no influence over this. It is the responsibility of the user to protect the data provided by them against misuse by means of encryption or in any other way.
18. Changes to the Privacy Policy
We reserve the right to update this statement at any time if necessary.
19. Your Legal Rights
Below you will find your legal rights in relation to your personal data. Details can be found in Articles 7, 15-22 and 77 GDPR. You can also contact us as the controller (section 2) or our data protection officer (section 3) in this regard.
a) Right to withdraw your consent under data protection law pursuant to Art. 7 para. 3 sentence 1 GDPR
You can withdraw your consent to the processing of your personal data at any time with effect for the future. However, this does not affect the lawfulness of the processing carried out up to the point of withdrawal.
b) Right to information in accordance with Art. 15 GDPR
You have the right to request confirmation as to whether we are processing personal data concerning you. If this is the case, you have the right to information about this personal data and to further information, e.g. the purposes of processing, the categories of personal data processed, the recipients and the planned duration of storage or the criteria for determining the duration.
c) Right to rectification and completion in accordance with Art. 16 GDPR
You have the right to request the rectification of inaccurate data without undue delay. Taking into account the purposes of the processing, you have the right to request the completion of incomplete data.
d) Right to erasure (“right to be forgotten”) pursuant to Art. 17 GDPR
You have the right to erasure if the processing is not necessary. This is the case, for example, if your data is no longer required for the original purposes, if you have revoked your declaration of consent under data protection law or if the data has been processed unlawfully.
e) Right to restriction of processing in accordance with Art. 18 GDPR
You have a right to restriction of processing, e.g. if you believe that the personal data is incorrect.
f) Right to data portability pursuant to Art. 20 GDPR
You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format.
g) Right to object pursuant to Art. 21 GDPR
You have the right to object at any time, on grounds relating to your particular situation, to the processing of certain personal data concerning you.
In the case of direct advertising, you as the data subject have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct advertising.
h) Automated decision-making in individual cases including profiling in accordance with Art. 22 GDPR
You have the right not to be subject to a decision based solely on automated processing - including profiling - except in the exceptional cases mentioned in Art. 22 GDPR.
A decision based solely on automated processing - including profiling - does not take place.
i) Complaint to a data protection supervisory authority pursuant to Art. 77 GDPR
You can also lodge a complaint with a data protection supervisory authority at any time, for example if you are of the opinion that the data processing does not comply with data protection regulations.
Responsible supervisory authority:
Bavarian State Office for Data Protection Supervision
P.O. Box 1349
91504 Ansbach
Germany
Telephone: +49 (0) 981 180093-0
Fax: +49 (0) 981 180093-800
E-mail: poststelle@lda.bayern.de
20. Analysis Tools and Advertising
Google Analytics
This website uses functions of the web analysis service Google Analytics. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Analytics enables the website operator to analyze the behavior of website visitors. In doing so, the website operator receives various usage data, such as page views, length of visit, operating systems used and origin of the user. This data is assigned to the user's end device. It is not assigned to a user ID.
We can also use Google Analytics to record your mouse and scroll movements and clicks, among other things. Google Analytics also uses various modeling approaches to supplement the collected data records and uses machine learning technologies for data analysis.
Google Analytics uses technologies that enable the recognition of the user for the purpose of analyzing user behavior (e.g. cookies or device fingerprinting). The information collected by Google about the use of this website is generally transmitted to a Google server in the USA and stored there.
The use of this service is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. Consent can be revoked at any time.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://privacy.google.com/businesses/controllerterms/mccs/.
The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA, which is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/participant/5780.
IP anonymization
Google Analytics IP anonymization is activated. This means that your IP address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. Google will use this information on behalf of the operator of this website for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
Browser plugin
You can prevent the collection and processing of your data by Google by downloading and installing the browser plugin available at the following link: tools.google.com/dlpage/gaoptout.
You can find more information on how Google Analytics handles user data in Google's privacy policy: support.google.com/analytics/answer/6004245.
Order processing
We have concluded an order processing contract with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.
21. Cookies
Our Internet pages use so-called ‘cookies’. Cookies are small data packets and do not cause any damage to your end device. They are stored on your device either temporarily for the duration of a session (session cookies) or permanently (permanent cookies). Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your end device until you delete them yourself or they are automatically deleted by your web browser.
Cookies may originate from us (first-party cookies) or from third-party companies (so-called third-party cookies). Third-party cookies enable the integration of certain services from third-party companies within websites (e.g. cookies for processing payment services).
Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g. the shopping basket function or the display of videos). Other cookies can be used to analyse user behaviour or for advertising purposes.
Cookies that are required to carry out the electronic communication process, to provide certain functions that you have requested (e.g. for the shopping basket function) or to optimise the website (e.g. cookies to measure the web audience) (necessary cookies) are stored on the basis of Art. 6 para. 1 lit. f GDPR, unless another legal basis is specified. The website operator has a legitimate interest in the storage of necessary cookies for the technically error-free and optimised provision of its services. If consent to the storage of cookies and comparable recognition technologies has been requested, the processing is carried out exclusively on the basis of this consent (Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG); consent can be revoked at any time.
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be restricted.
You can find out which cookies and services are used on this website in this privacy policy.
Consent with Cookiebot
Our website uses Cookiebot's consent technology to obtain your consent to the storage of certain cookies on your end device or to the use of certain technologies and to document this in accordance with data protection regulations. The provider of this technology is Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark (hereinafter referred to as ‘Cookiebot’).
When you enter our website, a connection is established to Cookiebot's servers in order to obtain your consent and other declarations regarding cookie use. Cookiebot then stores a cookie in your browser in order to be able to assign the consents given or their revocation to you. The data collected in this way is stored until you ask us to delete it, delete the Cookiebot cookie yourself or the purpose for data storage no longer applies. Mandatory statutory retention obligations remain unaffected.
Cookiebot is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 para. 1 lit. c GDPR.
Order processing
We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract prescribed by data protection law, which guarantees that it processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.