Data privacy statement
We are happy about your interest in our website and would like to ensure you, that the security of your data is very important to us. Therefore, we process your data according to the legal data protection regulations. The following references will give you a plain overview over what happens with your personal data when you visit our website.
Responsible for the data procession on this website:
Mr. Peter Grassl
Eisenbahnstrasse 65-67
78604 Rietheim-Weilheim
Germany
Tel.: +49 (0)7461 966 17 – 0
Fax: +49 (0)7461 966 17 – 70
E-Mail: sales@ackermannsurgical.com
Data protection officer
You can reach our data protection officer at:
Nadine Ackermann
Tel.: +49 (0)7461 966 17 – 0
Eisenbahnstrasse 65-67
78604 Rietheim-Weilheim
Germany
E-Mail: sales@ackermannsurgical.com
Protection of your data
There’s no 100% protection
Data processing via the internet is always prone to security flaws.
This is why we make an effort of securing your data from unauthorised access and notice of third parties according to the best available technology and as far as it is viable for us.
SSL- respectively TLS-encryption
One of those security measures is the TLS-encryption (also known under the old designation „SSL“) of our website. Encryption secures your data during the data procession from unauthorised access by third parties. An active encryption can be recognised by the „https://” in your browsers address line and by the lock symbol in the browser line.
Security monitoring and auditing
For reasons of security monitoring and auditing, we compile a data protocol about how our website is used by those who have or want to gain access to it. This information will be collected by us for security and auditing reasons and is stored for 30 days.
This includes:
IP-address of the user, logging on and off of a user, changing content and files, errors when trying to log in, manually locked users as well as trying to access content that is non-existent.
To protect from so-called Brute-Force-Attacks, the IP-Address is sent to spammer databases to check data.
The information recorded will only be retrieved by administrators of the website and saved in the database of the website. They won’t be processed to third parties, except from law enforcement agencies.
Those data are stored because we have a legitimate interest in protecting our website from attacks and because we want to ensure the integrity, confidentiality and availability of your data processed via this website (Art. 6 para. 1 lit. f GDPR).
Data collection on our website
Collection of general information
By using our website, you consent to the collection, processing and use of data as described below. Our website can generally be visited without registration. In the process, data such as pages called up or the name of the file called up, date and time are stored on the server for statistical purposes without this data being directly related to your person. Personal data, in particular name, address or e-mail address are collected as far as possible on a voluntary basis. Without your consent, the data will not be passed on to third parties.
We expressly point out that data transmission over the Internet (eg communication by e-mail) security gaps and can not be completely protected against access by third parties.
The use of the contact data of our imprint for commercial advertising is expressly not desired, unless we had previously given our written consent or a business relationship already exists. The provider and all persons named on this website hereby object to any commercial use and disclosure of their data.
Personal data
You can visit our website without providing personal data. Insofar as personal data (such as name, address or e-mail address) is collected on our pages, this is done, as far as possible, on a voluntary basis. This data will not be passed on to third parties without your express consent. If a contractual relationship is to be established between you and us, or its content is to be developed or changed, or if you send us an inquiry, we collect and use personal data from you to the extent necessary for these purposes (inventory data). We collect, process and use personal data to the extent necessary to enable you to use the website (usage data). All personal data will only be stored as long as it is necessary for the stated purpose (processing your request or processing a contract). In this context, retention periods under tax and commercial law are taken into account. By order of the competent authorities, we may provide information about this data (inventory data) in individual cases, insofar as this is necessary for the purposes of criminal prosecution, to avert danger, to fulfill the statutory tasks of the constitution protection authorities or the Military Counter-Intelligence Service or to enforce intellectual property rights.
Registration on our website/contact form
As a rule, your data is collected when you voluntarily provide it to us.
In some cases, however, your data is also collected automatically when you call up the website. Some of this data is collected so that the website can be provided as error-free as possible.
Other automatically collected data is used for analysis and compilation of statistics. As far as possible, these are stored and processed anonymously, so that it is not possible to draw conclusions about your person.
Server Log Files
The provider where we host this website collects and saves the following information about visitors of this website automatically in the so-called server log files. Those files render useful services to recognise security incidents or problems with system operation. They are also helpful at audits and forensic investigations.
The following data are collected and stored:
- Type and version of the browser
- Operating system
- Referrer URL
- Hostname of the accessing computer
- Time of the server inquiry
- IP-Adress
These data are processed particularly for the following reasons:
- Securing a smooth connection establishment of the website
- Securing a smooth usage of our website
- Evaluation of system security and stability and
- Further administrative purposes.
There will be no combination of this data with other data sources. These data won’t be used to draw conclusions about your person but maybe for statistical analysis by us to optimise our internet presence and the technology behind it.
These data will be deleted when they are no longer needed for surveying. Data that are used for providing this website are usually deleted after finishing a session.
Basis for the data processing is the processing for fulfilling a contract or arrangements precedent to a contract (Art. 6 para 1 lit. b GDPR) and because we have legitimate interest in a secure and stable service of our website (Art. 6 para 1 lit. f GDPR).
If you send us an e-mail
Note: Data processing via the internet (including e-mails) is always prone to security flaws. A complete protection of data from third parties is therefore not possible.
If you send us an e-mail, we store these data as long as it is necessary for this purpose. The statutory retention period – which is six years for business letters (including e-mail and fax) according to § 256 HGB – is not affected by this.
Of course, we take care that your data is protected from unauthorised access and information by third parties according to the best available technology.
Contact form
If you contact us via the contact form, the processed data for handling your request and possible further questions are stored by us.
They will be stored untill the reason for data storage is dispensed or untill you request their deletion. Statutory retention periods are not affected by this.
Of course, we don’t forward those data to third parties without your consent.
Basis for this data processing is our legitimate interest in ensuring a straightforward way for contacting us (Art. 6 para 1 lit. f GDPR) as well as the processing for fulfilling a contract or arrangements precedent to a contract (Art. 6 para 1 lit. b GDPR) and because we have legitimate interest in a secure and stable service of our website (Art. 6 para 1 lit. f GDPR).
Requesting a catalogue
If you request catalogues from us via the order form, the processed data for handling your request, sending the catalogues and possible further questions are stored by us.
They will be stored untill the reason for data storage is dispensed or untill you request their deletion. Statutory retention periods are not affected by this.
Of course, we don’t forward those data to third parties without your consent.
Basis for this data processing is our legitimate interest in ensuring a straightforward way for contacting us (Art. 6 para 1 lit. f GDPR) as well as the processing for fulfilling a contract or arrangements precedent to a contract (Art. 6 para 1 lit. b GDPR) and because we have legitimate interest in a secure and stable service of our website (Art. 6 para 1 lit. f GDPR).
Job applications
We provide you with the opportunity to send us job applications (e.g. via e-mail, mail or via the online application form). We assure you that the collection, processing and usage of your data is according to applicable data protection law and all further legal requirements, and that we keep your data as strictly confidential.
Extent and purpose of data collection
If you send us an application, we process your associated personal data (e.g. contact and communication data, application documents, notes from job interviews etc.) insofar this is necessary for a decision about the reason of an employment relationship.
Basis for this data processing is the initiation of an employment relationship (§ 26 BDSG-neu), the general arrangements precedent to a contract (Art. 6 para 1 lit. b GDPR) and – if you gave your permission – your permission (Art. 6 para 1 lit. a GDPR). A given permission can be withdrawn at any time in the future.
Your personal data will be given solely to individuals in our company who are part of handling your application.
Provided your application is successful, the data you handed in will be used for the implementation of the employment relationship (§ 26 BDSG-neu and Art. 6 para 1 lit. b GDPR) in our data processing systems.
Hosting
We are hosting the content of our website at the following provider:
External Hosting
This website is hosted externally. Personal data collected on this website are stored on the servers of the host. These may include, but are not limited to, IP addresses, contact requests, metadata and communications, contract information, contact information, names, web page access, and other data generated through a web site.
The external hosting serves the purpose of fulfilling the contract with our potential and existing customers (Art. 6(1)(b) GDPR) and in the interest of secure, fast, and efficient provision of our online services by a professional provider (Art. 6(1)(f) GDPR). If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6 (1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time.
Our host(s) will only process your data to the extent necessary to fulfil its performance obligations and to follow our instructions with respect to such data.
We are using the following host(s):
G B C Computersysteme GmbH
Steingrueble 9
72336 Balingen
Tel. 07433 / 99 26 -0
Fax. 07433 / 99 26 19
Data processing
We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract mandated by data privacy laws that guarantees that they process personal data of our website visitors only based on our instructions and in compliance with the GDPR.
Your rights
With regard to the processing of your personal data, you naturally have various rights of which we would like to inform you:
Information, correction, blocking, deletion and objection
You have the right at any time to inquire free of charge and without delay about the data collected about you. You also have the right to have your personal data corrected, blocked or, apart from the mandatory data storage for business processing, deleted. Please contact our data protection officer for this purpose. You will find the contact details at the very bottom.
To ensure that a block on data can be taken into account at any time, this data must be kept in a blocking file for control purposes. You can also request the deletion of data, unless there is a legal archiving obligation. If such an obligation exists, we will block your data upon request.
You can make changes or revoke consent by notifying us accordingly with effect for the future.
Deletion or blocking of the data
We adhere to the principles of data avoidance and data economy. We therefore only store your personal data for as long as is necessary to achieve the purposes stated here or as stipulated by the various storage periods provided for by law. After the respective purpose has ceased to exist or these periods have expired, the corresponding data is routinely blocked or deleted in accordance with the statutory provisions.
Complaint to a supervisory authority
You can file a complaint with the supervisory authority responsible for you at any time. Your competent supervisory authority depends on the federal state of your residence, your work or the alleged violation. You can find a list of supervisory authorities (for the non-public sector) with address at: https://www.bfdi.bund.de/EN/Home/home_node.html
The State Commissioner for Data Protection and Freedom of Information in Baden-Württemberg:
Königstr. 10 a
70173 Stuttgart
Phone: +49 (0) 711 615 541 – 0
Fax: +49 (0) 711 615 541 – 15
E-Mail: poststelle@lfdi.bwl.de
Legal basis for the use of cookies
The data processed by cookies, which are required for the proper functioning of the website, are thus necessary to protect our legitimate interests as well as those of third parties pursuant to Art. 6 (1) p. 1 lit. f DS-GVO.
For all other cookies, you must have given your consent to this via our opt-in cookie banner within the meaning of Art. 6 (1) lit. a DS-GVO.
Use of Google Analytics, Google Optimize, Google Search Console, Google Maps
On our websites, we use Google Analytics, a web analytics service provided by Google Ireland Limited (https://www.google.de/intl/en-GB/about/) (Gordon House, Barrow Street, Dublin 4, Ireland; hereinafter “Google”). In this context, pseudonymized usage profiles are created and cookies (see point “Cookies”) are used. The information generated by the cookie about your use of this website, such as 1. browser type/version, 2. operating system used, 3. referrer URL (the previously visited page), 4. host name of the accessing computer (IP address), 5. time of server request, is transmitted to a Google server in the USA and stored there. The information is used to evaluate the use of the website, to compile reports on website activity and to provide other services related to website and internet use for the purposes of market research and demand-oriented design of these Internet pages. This information may also be transferred to third parties if this is required by law or if third parties process this data on our behalf. Under no circumstances will your IP address be merged with other Google data. The IP addresses are anonymized so that an assignment is not possible (IP masking). You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. These processing operations are carried out exclusively when express consent is given in accordance with Art. 6 (1) lit. a DS-GVO. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing a browser add-on: Browser Add On to disable Google Analytics
As an alternative to the browser add-on, especially for browsers on mobile devices, you can also prevent the collection by Google Analytics by clicking on the following link:
An opt-out cookie is set that prevents future collection of your data when visiting this website. The opt-out cookie is only valid in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you must set the opt-out cookie again. Further information on data protection in connection with Google Analytics can be found, for example, in the Google Analytics help (https://support.google.com/analytics/answer/6004245?hl=en).
You can find Google’s privacy policy at the following link:
How Google uses Cookies – Privacy Polciy & Terms of Use – Google
Other cookies (e.g. cookies for analyzing your surfing behavior) that are stored are treated separately in this privacy policy.
You can set your browser so that you are either informed about the setting of cookies and thus allow cookies only in individual cases, exclude the acceptance of cookies for certain cases or generally or activate the automatic deletion of cookies when closing the browser. The deactivation of cookies can lead to the fact that the functionality of this website may be limited.
Consent with Borlabs Cookie
Our website uses the Borlabs consent technology to obtain your consent to the storage of certain cookies in your browser or for the use of certain technologies and for their data privacy protection compliant documentation. The provider of this technology is Borlabs GmbH, Rübenkamp 32, 22305 Hamburg, Germany (hereinafter referred to as Borlabs).
Whenever you visit our website, a Borlabs cookie will be stored in your browser, which archives any declarations or revocations of consent you have entered. These data are not shared with the provider of the Borlabs technology.
The recorded data shall remain archived until you ask us to eradicate them, delete the Borlabs cookie on your own or the purpose of storing the data no longer exists. This shall be without prejudice to any retention obligations mandated by law. To review the details of Borlabs’ data processing policies, please visit https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/
We use the Borlabs cookie consent technology to obtain the declarations of consent mandated by law for the use of cookies. The legal basis for the use of such cookies is Art. 6(1)(c) GDPR.
Configuration of cookie settings in the browser
Da jeder Browser sich in seinen Einstellungen etwas unterscheidet, stellen wir Ihren hier für die gängigen Browser Links zu den jeweiligen Anleitungen zur Verfügung:
- Chrome
https://support.google.com/accounts/answer/61416?hl=en
- Internet Explorer
https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies
- Edge
https://privacy.microsoft.com/en-gb/windows-10-microsoft-edge-and-privacy
- Firefox
https://support.mozilla.org/en-US/kb/clear-cookies-and-site-data-firefox
- Safari
https://support.apple.com/guide/safari/manage-cookies-sfri11471/mac
- Opera
https://help.opera.com/en/latest/security-and-privacy/
Data retention period
If we are unable to make you a job offer, you reject a job offer, withdraw your application, revoke your consent to data processing or request us to delete the data, the data you have provided, including any remaining physical application documents, will be stored or retained (retention period) for a maximum of 6 months after completion of the application process in order to be able to trace the details of the application process in the event of discrepancies (Art. 6 (1) f DSGVO).
YOU CAN OBJECT TO THIS STORAGE IF YOU HAVE LEGITIMATE INTERESTS THAT OUTWEIGH OUR INTERESTS.
After expiry of the retention period, the data will be deleted, unless there is a legal obligation to retain the data or another legal reason for further storage. If it is evident that it will be necessary to retain your data after the retention period has expired (e.g. due to an impending or pending legal dispute), the data will not be deleted until it has become irrelevant. Other statutory retention obligations remain unaffected.
Rights of the data subject
You have a right to information (according to Art. 15 DS-GVO) on the part of the responsible person about the personal data concerning you as well as to correction (Art. 16 DS-GVO), deletion (Art. 17 DS-GVO), and to restriction of processing (Art. 18 para. 1 DS-GVO). Furthermore, you have the right to object to processing (Art. 21 DS-GVO) and the right to data portability (Art. 20 DS-GVO).
If you would like to exercise your rights, please contact the above-mentioned data protection officer.
Third party services
Google Web Fonts
For granting a consistent type face, we use so called web fonts on our website which are provided by Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland).
When entering on of our websites, your browser loads the necessary web fonts to your browser cache to be able to display texts and fonts correctly. Therefore, a connection to the Google servers is established, which shows Google that out website was entered via your IP-address.
You can find further information about Google Web Fonts via https://developers.google.com/fonts/faq and in Googles data privacy statement: https://policies.google.com/privacy?hl=en.
The useage of Google Web Fonts is carried out because we have a legitimate interest in a consistent and appealing display of our online service (Art. 6 para 1 lit. f GDPR).
ManageWP
We administrate this website with the assistance of the ManageWP tool. The provider is GoDaddy.com WP Europe, Trg republike 5, 11000 Belgrade, Serbia (hereinafter referred to as ManageWP).
Among other things, ManageWP ensures that we can monitor the security and performance of our website as well as generate automatic backups. Consequently, ManageWP has access to all of the website’s content, including our databases. ManageWP is being hosted on the provider’s servers.
The use of ManageWP is based on Art. 6 (1)(f) GDPR. The website operator has a legitimate interest in a website(s) that work(s) as effectively and securely as possible. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time.
The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000TN9xAAG&status=Active
Data processing
We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract mandated by data privacy laws that guarantees that they process personal data of our website visitors only based on our instructions and in compliance with the GDPR.
Objection against unsolicited commercial e-mails
Due to the legal notice requirements according to § 5 TMG, we have published general contact data as well as an e-mail-address. We hereby object the use of this contact data for unsolicited consignment of information material, advertisements or spam mails which haven’t been explicitly requested by us.
Changes made to this data privacy statement
In the context of the imprint obligation according to § 5 TMG, we have on our website general contact data
Obligation to provide the personal data
You are not obligated to provide the data.
Automated decision making
There is no automated decision making or profiling.
Last revision: 20/09/2024