Data privacy statement of Beurer GmbH
We are delighted that you are interested in our company. Data protection is extremely important to the management team at Beurer GmbH. In principle, you can use the Beurer GmbH website without providing any personal data. However, if a data subject wishes to avail of specific services provided by our company via the website, some processing of personal data may be necessary. If it is necessary to process personal data, and in the absence of a legal basis for such processing, we generally request consent from the data subject.
Personal data such as the name, address, e-mail address or telephone number of a data subject is always processed in compliance with the General Data Protection Regulation and in compliance with the national data protection provisions applicable for Beurer GmbH. The purpose of this Data Protection Statement is for our company to inform the general public about the manner, scope, and purpose of the personal data that we collect, use, and process. In addition, this Data Protection Statement will explain the rights of data subjects.
Beurer GmbH, as the controller for processing, has implemented many technical and organisational measures to ensure that the personal data processed is protected to the greatest possible degree. However, online data transfers are by their nature associated with security vulnerabilities, meaning that absolute protection cannot be guaranteed.
1. The name and address of the controller responsible for processing, as well as the company Data Protection Officer
2. Collection and storage of personal data and nature and purpose of its use
a) Use of website (without purchase)
When you use the website, the browser you use on your end device automatically transmits information to the server. This information is stored temporarily in what is known as a log file. The following information is collected without any action on your part, and stored until it is automatically deleted:
- date and time of access,
- name and URL of file accessed,
- website from which the information was accessed (referrer URL),
- browser used and possibly your computer's operating system and the name of your access provider
We process this data for the following purposes:
- to ensure a seamless connection to the website can be established
- to ensure convenient use of our website
- to evaluate system security and stability and
- for other administrative purposes.
The legal basis for data processing is Article 6, Para. 1 Sentence 1 f GDPR. Our legitimate interest arises from the purposes outlined above for data collection and ensuring the functional reliability of the website. Under no circumstances will we use the data collected for the purposes of drawing conclusions about you. The data will be stored for 3 months.
b) If you register for our newsletter
If you have explicitly consented for us to do so in accordance with Article 6, Para. 1, Sentence 1 a) GDPR, we will use your email address to regularly send you our newsletter for marketing purposes. Providing us with an email address is sufficient for receiving the newsletter.
You can unsubscribe at any time, for example by using the link provided at the end of each newsletter. Alternatively, you are also welcome to email an unsubscribe request to firstname.lastname@example.org at any time.
You will receive the letter only until you revoke consent. You have the right to revoke your future consent at any time. You may subsequently receive one more issue of the newsletter from us for technical reasons.
The data recipients are the technical operator and hosting service provider for our website (see above under C.) and the newsletter service provider Mailchimp commissioned by us.
Currently (as of January 2019), data is stored in multiple MTAs, placed in different world-class data centers around the United States. Some of the data centers are located in:
- Georgia, United States
- New York, United States
- Texas, United States
- Virginia, United States
c) Contact form
You may contact us to submit an enquiry. Should you do so, the following data will be collected:
You may also choose to share further data with us.
The legal basis for data processing is Article 6, Para. 1 Sentence 1 a) GDPR (Consent).
The purpose of the data collection is to respond adequately to your enquiry.
The data will be stored for 1 month.
3. Disclosure of data
Within Beurer GmbH, entities that require access to data to fulfil contractual and legal obligations receive access to the data.
Beurer GmbH's external service providers may also receive this data. These service providers may be:
- affiliated companies, where these are required for the fulfilment of the contract
- service providers for processing customer service enquiries
- IT service providers, hosting service providers, and service providers for operating the IT system
- Service providers for newsletter dispatch, following the provision of consent
5. Rights of the data subject
You have the right:
- pursuant to Article 15 GDPR to request information about your personal data that we process. In particular, you may request information about the purposes of processing, category of personal data, categories of recipients to whom your data has been or will be disclosed, the planned duration of storage, the existence of a right to rectification, erasure, restriction of processing or objection, the right to lodge a complaint, the origin of your data if we have not collected it, and about the existence of automated decision-making including profiling, and where applicable meaningful information about the details thereof;
- pursuant to Article 16 GDPR, immediately request the rectification of inaccurate or incomplete personal data relating to you stored by us;
- pursuant to Article 17 GDPR, request the erasure of personal data relating to you stored by us, unless processing is required for the exercising of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of the public interest, or for the establishment, exercise, or defence of legal claims;
- pursuant to Article 18 GDPR, to request the restriction of processing of your personal data in the event that you dispute the accuracy of the data; processing is unlawful but you decline its erasure and we no longer need the data but you require it for the establishment, exercise, or defence of legal claims; or you have submitted an objection to processing pursuant to Article 21 GDPR;
- pursuant to Article 20 GDPR, to receive the personal data relating to you that you have provided to us in a structured, established, and machine-readable format, or to request the transfer of the same to another controller;
- pursuant to Article 7, Para. 3 GDPR, to at any time revoke any consent you have provided to us. This will result in us no longer being permitted to continue the data processing that this consent relates to in the future, and
- pursuant to Article 77 GDPR, to lodge a complaint to a supervisory authority. Generally, you can contact the supervisory authority for your usual place of residence or the registered headquarters of our company for this purpose.
6. Right to object
If your personal data is processed based on legitimate interests pursuant to Article 6, Para. 1, Clause 1, lit. f GDPR, you have the right to submit an objection to the processing of your personal data pursuant to Article 21 GDPR, provided that there are reasons to do so arising from your particular situation, or if the objection relates to direct advertising. In the latter case, you have a general right to object, which we will implement without requiring a particular situation to be stated.
If you would like to exercise your right to revoke consent or to object, it is sufficient to send an e-mail to email@example.com to do so.
7. Data security
During your visit to our website, we use the popular SSL (Secure Socket Layer) process in conjunction with the highest level of encryption supported by your browser. This is generally 256-bit encryption. If your browser does not support 256-bit encryption, we will use 128-bit v3 technology instead. You can verify that information is being transmitted in encrypted format on the individual pages of our website by checking for the closed padlock icon in the bottom status bar of your browser.
We also use appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or full loss, destruction or unauthorised access by third parties. Our security measures are continually being improved in line with technological developments.
8. Obligation to make data available
In the context of using the website, you are required to make available personal data that is essential for service provision. Without this data, we are not able to provide the service.