Data protection information for Internet visitors
We hereby inform you about the processing of your personal data by Merz Dental GmbH and/or affiliated companies on a reciprocal basis and the rights to which you are entitled to under data protection law. Which data we process in detail and how we use them depends largely on the prevailing circumstances or requested or agreed services.
2. Responsible body for data processing/ contact to the data protection officer
Merz Dental GmbH is responsible for the Internet presence and the resulting data collection:
Merz Dental GmbH
24321 Lütjenburg, Germany
Telephone: 04381 403-0
You can contact our data protection officer with the addition – data protection officer – at the above address or by e-mail email@example.com.
3. Purpose and legal basis of data processing
We process your personal data in accordance with the provisions of the EU General Data Protection Regulation (GDPR), the Federal Data Protection Act (Bundesdatenschutzgesetz, BDSG), the Money Laundering Act (AMLA), and other relevant laws.
When you visit our website, we process data to enable and optimise the functionality of the website. Whenever you visit this website or retrieve a file, access data about this process is stored on our server in a log file. In this process we do not store your personal data, these are anonymised and therefore stored without personal references. Information on the visit (page, date, time) and, if applicable, the links used by visitors to our pages are recorded. This is performed for data security purposes and for statistics in order to improve our web offers according to demand. The data are not disclosed to third parties.
In order to optimise our Internet offer, we use so-called cookies in several places. These allow a more comfortable management of your access and at the same time provide us with information that enables us to adapt and optimise our website to the needs and requirements of our visitors. You can prevent the installation of cookies at any time by setting your browser software accordingly. However, we would like to point out that in this case you may not be able to use all the functions of our website.
We also process personal data
- when you send an enquiry to us (or an intermediary) via one of our contact forms on our website / provide information in order to process your request and, if necessary, to be able to contact you with regard to queries;
- when you request our press releases/information, for the provision of documents electronically (by e-mail);
- to advertise our medical devices and our cooperation partners as well as for market and opinion surveys;
- to ensure IT security and IT operation;
- to assert legal claims and defence in legal disputes;
- for the prevention and investigation of criminal offences.
The data are processed for this purpose as you have voluntarily provided us with the data for one of these purposes and also on the basis of our legitimate interests pursuant to Art. 6 Sec. 1 lit. f) GDPR.
If processing is required to safeguard a legitimate interest, we shall ensure that the interests, fundamental rights and freedoms of the affected person do not prevail.
Insofar as we obtain consent for processing operations in accordance with Art. 6 Sec. 1 lit. a) GDPR for a specific processing purpose, the legality of this processing is given on the basis of this consent. A given consent can be revoked at any time. This also applies to the revocation of declarations of consent that were given to us prior to the validity of the EU General Data Protection Regulation, i.e. before 25 May 2018. A revocation is only effective for the future. Processing that was performed before the revocation is not affected by this.
As a company, we are subject to legal obligations which may require the processing of personal data. Legal requirements arise, for example, from the Money Laundering Act, the Securities Trading Act, tax laws and insurance supervisory requirements (e.g. the Federal Financial Supervisory Authority). The purposes of processing include identity and age verification, fraud and money laundering prevention, the fulfilment of tax control and reporting obligations as well as the assessment and control of risks in the company. The legal basis for this is Art. 6 Sec. 1 lit. c) e) GDPR.
If we wish to process your personal data for a purpose not mentioned above, we will inform you in advance, unless you already have this information (Article 13 Sec. 4 and Article 14 Sec. 5 GDPR) or information is not required by law (Article 14 Sec. 5 GDPR).
4. Individual bodies of recipients of personal data
4.1 Specialised companies of Merz Dental GmbH
are given access to your data, which they need to fulfil and process the services/offers you have used on our website. Insofar as these data are required to fulfil contractual and/or legal obligations, they will also be passed on.
4.2 External recipients
Recipients of personal data on behalf of Merz Dental GmbH may, for example, include:
Service providers and vicarious agents used by us may receive data for these purposes. Contractual agreements for data processing have been concluded with these bodies beforehand and their employees are obliged to maintain data secrecy. These are our agents and companies in the categories of IT services, logistics, printing services, telecommunications, debt collection, advice and consulting, reinsurance, trustees, auditors as well as sales and marketing. Public bodies and institutions (e.g. Federal Financial Supervisory Authority, tax authorities, law enforcement authorities) in the event of a legal or official obligation.
Further recipients of data may be those bodies for which you have given us your consent to the transfer of data.
5. Data transfer to a third country
5.1 Google Analytics
Our website uses Google Analytics, a web analysis service of Google Inc. (“Google”). Google Analytics uses so-called “cookies”, which are text files placed on your computer, to help analyse your use of the website. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. We have already activated IP anonymisation for Google Analytics. The last 8 digits of the IP address are not transmitted. This means that your IP address will be abbreviated and thus rendered anonymous. Only in exceptional circumstances will the full IP address be transmitted to a Google server in the USA and abbreviated there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on the activities on the website and to provide the operator of the website with further services associated with the use of the website and the Internet. The IP address transmitted by your browser in the context of Google Analytics is not merged with other Google data.
With regard to data protection on Google, please note the following data protection information of Google, Inc.: http://www.google.de/intl/de/policies/privacy/
5.2 Google+ and YouTube
The provider of the YouTube channel uses plugins which are provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, in the USA. Users of these services are hereby notified that the plugin establishes a connection to Google. In addition, when you use the site, data are forwarded to the Google servers, which contain information about your visits to our YouTube channel. We do not know exactly what data Google stores and uses. As a user of the site, you must therefore expect Google to store your actions on the site without any gaps. For details on the collection, transfer and use of your data, please refer to the data protection information of the respective provider of the site. We have no influence on this, as we are also only users of the provider’s pages. For logged in Google users it means that the usage data is assigned to their personal Google account. If you use features on the Internet that have embedded active Google features that Google offers (e.g. for giving a “like” or for comments you post), data that can be related to your Google account will be transmitted and published. You can only circumvent a direct reference to your Google account by logging out of your Google account beforehand. Together with other data and your real name, if you have entered it in your Google profile, Google could in addition determine your identity and habits under this profile. If you always log in to Google via this user profile, Google could in particular find out your preferences, contacts and lifestyle. As a user, before publishing your contributions and comments, you should check them to see if they contain information that you do not want to have published. Your contributions and topics can be recorded in search engines and thus be accessible worldwide. In our opinion, the enforcement of a claim for deletion or correction of such search engine entries against the provider is not guaranteed.
6. Duration of storage of your data
We delete your personal data as soon as they are no longer required for the above-mentioned purposes. It may be possible that personal data are stored for the period during which claims can be asserted against our company (statutory limitation period of three or up to thirty years). In addition, we store your personal data insofar as we are legally obliged to do so. The German Commercial Code, the Fiscal Code and the Money Laundering Act, among others, impose corresponding duties of proof and retention. According to these, the storage periods may extend up to ten years. Log files are kept for 2 months and then deleted. In connection with Google Analytics, we delete the anonymised data after 38 months. The retention or deletion period for your voluntarily provided data depends on the respective purpose of use.
7. Your data protection rights
You can request information about the data stored about your person at the above address. You may also demand that your data be corrected or deleted under certain circumstances. You may also have the right to restrict the processing of your data as well as the right to have the data provided by you handed to you in a structured, common and machine-readable format. You have the option of lodging a complaint with the above mentioned data protection officer or a data protection supervisory authority. Address:
Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein
Postfach 71 16
8. Obligation of the affected person to provide personal data; possible consequences of failure to provide such data
The provision of personal data may be necessary for the establishment, implementation and termination of a business relationship. The same applies if an affected person provides us with personal data which must subsequently be processed by us. For example, the affected person is obliged to provide us with personal data if our company concludes an (online) contract with him/her or requests an offer. Failure to provide the data would mean, for example, that a contract cannot be concluded or the execution of the order would have to be rejected. Prior to the provision of personal data by the affected person, the affected person can contact our data protection officer mentioned above and obtain information on a case-by-case basis as to whether the provision of the personal data is required by law or contract or is necessary for the relevant situation or conclusion of contract and what consequences the failure to provide the data would have.
9. Updating the data protection information
This data protection information may be adapted at a later date due to changes, e.g. legal regulations.
10. Information on your right of objection pursuant to Article 21 of the General Data Protection Regulation (GDPR) Right of objection in individual cases
You have the right to object at any time for reasons arising from your particular situation to the processing of personal data concerning you which is based on Article 6, Sec. 1 lit. e) GDPR (data processing in the public interest) and Article 6 Sec. 1 lit. f) GDPR (data processing on the basis of a balance of interests). If you object, we will no longer process your personal data, unless we can prove compelling reasons worthy of protection for the processing, which outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims. The objection may be lodged formally and shall be addressed to the competent responsible body referred to in Clause 2.
11. Right of objection to processing for direct marketing purposes
You have the right to object at any time to the processing of personal data concerning you which is based on Article 6, Sec. 1 lit.a) GDPR (data processing based on a consent) and Article 6 Sec. 1 lit. b) GDPR (data processing on the basis of a contract) for the purposes of direct marketing. In the event of an objection, your data will no longer be processed for these purposes.