Data Privacy Policy.
We take the protection of your personal data very seriously. When you visit our website, personal data ("data") is processed by you. Below we would like to inform you about these processing operations.
1. Controller
The controller within the meaning of Art. 4 No. 7 of the General Data Protection Regulation (hereinafter referred to as GDPR) is:
Löwenstein Medical SE & Co. KG
Arzbacher Straße 80
56130 Bad Ems, Germany
Phone: +49 (0) 2603 9600 0
eMail: info@loewensteinmedical.com
2. Data Protection Officer
If you have any questions regarding the processing of your personal data, please contact our external data protection officer directly at:
Löwenstein Medical SE & Co. KG
- Data Protection Officer -
Arzbacher Straße 80
56130 Bad Ems, Germany
Phone:
+49 2603 9600-4497
via eMail to:
datenschutzbeauftragter@loewensteinmedical.com
3. Cookies
We use so-called "cookies" on our website. Cookies are text files that are stored on your computer, for example, to enable convenient use or to recognize the end user's device and save settings. Entries can be saved in these cookies so that they do not have to be re-entered when you visit the site again.
You can restrict or completely prevent the setting of cookies through your browser settings. Likewise, the automated deletion of cookies can be set in your browser. By preventing the setting of technically necessary cookies, the website may not be displayed or may not be displayed correctly.
You can find more information about the individual cookies or processing procedures, as well as the cookie banner, here.
Right of withdrawal: If you have given consent for a processing operation, you can withdraw this consent at any time and without giving reasons via the cookie banner.
4. Processing operations on this website
In the following section we inform you about the individual processing procedures on our website.
a) Log-Files
When you visit our website, a connection to the hosting server is required so that you can call up the website. This technically requires the transmission of your IP address. During your visit, our hosting provider Timme Hosting GmbH & Co. KG, Ovelgönner Weg 43, 21335 Lüneburg, Germany, creates so-called server log files. The following personal data is processed:
- your IP address;
- referrer (page from whose link you arrived at this website),
- search terms (for search engines as referrer);
- browser, operating system, installed plug-ins and screen resolution;
- time spent on the pages.
The processing of server log files is based on Art. 6 para. 1 lit. f) GDPR, our legitimate interest. Our legitimate interest is to address a broad audience with our website and to protect our website.
The server log files are processed for the following purposes:
- maintaining system integrity (e.g. protection against attacks, protection against overloads so-called DDOS attacks);
- ensuring a smooth connection of the Internet presence;
- ensuring a comfortable use of our Internet presence;
- evaluation of system security and stability; and
- for other administrative purposes.
The server log files are deleted as soon as they are no longer required to achieve the purpose, but at the latest after 30 days. If illegal use of our systems is detected, the data will be stored for a correspondingly longer period.
You are neither legally nor contractually obligated to provide your personal data. If you do not provide your personal data, you will not be able to access this website.
b) Contact form / contact us
For questions of any kind, we offer you the possibility to contact us via a form provided on the website, by phone or by email. The contact form allows you to make a preselection so that we can categorize you correctly to make the contact efficient.
When you use the contact form, the processing of your personal data is based on the category you specify. Accordingly, we process the following data from you:
Patient
Mandatory information:
- first name
- last name
- email adress
- your massage
Optional information:
- salutation
- title
- date of birth
- patient no.
- phone
- adress
- county
Professionals
Mandatory information:
- first name
- surname
- email adress
- your message
Oprtional information:
- salutation
- title
- phone
- company/hospital
- position
- department
- address
- country
Specialist dealer
Mandatory information:
- company name
- first name of the contact person
- last name of the contact person
- email-adress of the contact person
- your message
Optional information:
- customer number
- company address
- company country
- salutation
- title
- phone
- position
- department
In addition, we also process the following data for technical reasons:
- IP-Address;
- time stamp.
If you contact us by telephone, we process the following personal data:
- your phone number.
When you contact us by e-mail, we process the following per-sonal data:
- Your email address.
The legal basis for the processing of your data is Art. 6 para. 1 lit. f) GDPR, our legitimate interest is to enable you to communicate with us. If you make business inquiries via the contact form, we process your data on the basis of the implementation of pre-contractual measures in accordance with Art. 6 para. 1 lit. b) GDPR. The legal basis covers the transfer of your data to a company within the Löwenstein Group, if this is necessary for correspondence.
We store your data for as long as is necessary to answer your inquiry. Your IP address as well as the time stamp will be deleted immediately after sending the contact request.
You are neither legally nor contractually obligated to provide your personal data. If you do not provide your personal data, it will not be possible to contact you via the contact form.
c) Web analysis using Matomo
We use the software "Matomo" (www.matomo.org) on this website, an open source software for statistical analysis of visitor access. The software sets a cookie (a text file) on your computer, which allows an analysis of the use of our website. The following data is processed:
- IP address of the user, shortened by the last two bytes;
- the sub-page called up and the time of the call;
- the page from which the user accessed our website (referrer);
- which browser with which plug-ins, which operating system and which screen resolution are used;
- time spent on the website;
- pages visited from the sub-page accessed;
- campaign tracking.
The data collected with Matomo is stored on our own servers. It is not passed on to third parties.
The legal basis on which we process personal data using Matomo is your consent in accordance with Art. 6 (1) a) of the GDPR, which you can give in the cookie banner. Matomo is used exclusively with your consent and for the purpose of improving the quality of our website and its content. In this way, we learn how the website is used and can thus constantly optimize our offer. The data will never be used to personally identify the user of the website and will not be merged with other data. Personal data such as the IP address is anonymized in Matomo immediately after it arrives and is evaluated by zeroing out the last 2 triplets. No storage of personal data takes place.
The data is deleted when it is no longer needed for our purposes. For more information on retention periods, please see the cookie banner.
You are neither legally nor contractually obligated to provide your personal data. If you do not provide your personal data, this will have no effect.
d) Mapbox
On our website, we use the Mapbox API of Mapbox Inc, 740 15th Street NW 5th Floor, Washington, DC 20005, USA (hereinafter "Mapbox"). Mapbox is an online mapping tool that is accessed via an interface (API). We used the Mapbox API to display the interactive maps. In the process, the following personal data is processed:
- identifiers (randomly generated billing ID, session ID & feedback ID if applicable, and IP address);
- commercial information: application ID, Mapbox customer's ac-count ID, Mapbox product name / version;
- internet or other electronic network activity: Timestamp of data elements received and the fact that an end user leaves a particular navigation route or uses an alternative navigation route;
- geolocation: e.g., latitude, longitude, altitude, horizontal and vertical accuracy (an IP address is not associated with such location data and the session ID is deleted within 24 hours);
- connectivity and device data: Device model and browser information, operating system, and content of an API or SDK request.
By using this tool, among other things, your IP address is transmitted to Mapbox. The collected data is stored and processed on servers of the Mapbox company. For security reasons, your IP address is stored for 30 days and then deleted. Randomly generated IDs (no personal data) that analyze the use of the APIs are deleted after 36 months.
The use is based on Art. 6 para. 1 lit. f) GDPR. We have a legitimate interest in ensuring the best possible online presence. If a corresponding consent has been obtained, the processing is carried out exclusively on the basis of Art. 6 Para. 1 lit. a) GDPR and § 25 Para. 1 TDDDG (germand law: Data Protection and Privacy in Telecommunications and Telemedia Act), insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) as defined by the TDDDG. The consent can be revoked at any time.
If you would like to learn more about the data processing by Mapbox, you can find the privacy policy of the company Mapbox here: www.mapbox.com/legal/privacy.
The third country transfer is based on the standard contractual clauses concluded with the provider.
You are neither legally nor contractually obliged to provide your personal data. If you do not provide your personal data, you will not be able to use the function.
e) Friendly Captcha
In certain cases, we use the "Friendly Captcha" service of the company Friendly Captcha GmbH (Am Anger 3-5, 82237 Woerthsee, Germany, hereinafter "Friendly Captcha") on the basis of Art. 6 (1) f) GDPR (legitimate interest) to ensure sufficient data security when submitting forms. This serves primarily to distinguish whether the input is made by a natural person or abusively by machine and automated processing. The following information is processed:
- hash value (one-way encryption) of the incoming IP address (the IP address is discarded, only the hash value is stored);
- HTTP request header data, especially user agent, origin and referrer;
- date/time of the request;
- version of the widget used;
- number of requests from the (hashed) IP address per time period;
- answer of the calculation task solved by the visitor's computer.
IP addresses are only stored in hashed (one-way encrypted) form and do not allow us and Friendly Captcha to draw any conclusions about an individual person. If personal data is collected, it will be deleted after 30 days at the latest. Friendly Captcha does not set or read any cookies on the end device of the visitor. The data is used exclusively to protect against spam and bots as described above.
Your data will be deleted immediately after the purpose has been achieved. For more information on the use of Friendly Captcha and the retention periods, please visit friendlycaptcha.com/legal/privacy-end-users/.
You are neither legally nor contractually obligated to provide your personal data. If you do not provide your personal data, you will not be able to send your contact request.
5. Social Media
We maintain (publicly accessible) profiles (so-called social media) in various social networks. Your visit to these profiles initiates a variety of data processing operations.
Below we give you an overview of the processing operations when you use these media.
You are not obliged to provide us with your personal data. However, this may be necessary for access or individual functionalities of our profiles in the respective social networks.
These functionalities may not be available to you or only to a limited extent if you do not provide us with your personal data.
Visiting social media sites redirects you to the respective provider platform. The provider processes data there. For details about the collection and storage of your personal data and about the type, scope and purpose of their use by the operator of the respective social network, please refer to the privacy statements of the respective operator:
- the privacy policy for the social network "Facebook" (by meta), which is operated by Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland, can be found at www.facebook.com/about/privacy/update, the joint controller agreement pursuant to Art. 26 GDPR can be found at https://www.facebook.com/legal/terms/page_controller_addendum;
the privacy policy for the social network "Instagram" from meta, which is operated by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (EU), or Instagram LLC, 1601 Willow Road, Menlo Park, CA 94025, USA, can be viewed at https://privacycenter.instagram.com/policy/?entry_point=ig_help_center_data_policy_redirect;
- the privacy policy for the social network "YouTube", which is operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, can be viewed at https://policies.google.com/privacy?hl=en;
- the privacy policy for the social network "XING", which is operated by New Work SE, Dammtorstraße 30, 20354 Hamburg, can be viewed at https://privacy.xing.com/en;
- the privacy policy for the social network "LinkedIn", which is operated by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland) can be viewed at www.linkedin.com/legal/privacy-policy; the joint controller agreement pursuant to Art. 26 GDPR can be found at: https://legal.linkedin.com/pages-joint-controller-addendum.
a) Facebook
We maintain a so-called Facebook fan page for company presentation purposes, on which we provide information about Löwenstein Medical. Visiting the page triggers processing operations.
The controller within the meaning of Art. 4 (7) GDPR in conjunction with Art. Art. 26 GDPR are jointly
Meta Platforms Ireland Limited
Merrion Road
Dublin 4, D04X2K5, Ireland
and
Löwenstein Medical SE & Co. KG
Arzbacher Straße 80
56130 Bad Ems, Germany.
You can reach Facebook's data protection officer at the following link: https://www.facebook.com/help/contact/540977946302970.
Meta thereby assumes the obligations of the GDPR when you visit the Facebook platform. This concerns in particular the following obligations:
- information obligations (e.g. Art. 13 GDPR);
- you can assert your data subject rights (see below) directly against Facebook, such as the right to information;
- Facebook ensures that your data is protected by technical and organizational measures.
For more information on Meta's obligations, please visit: https://www.facebook.com/legal/terms/page_controller_addendum.
Visiting our Facebook fan page
When you visit our Facebook fan page, Meta processes the following personal data under its own responsibility:
- Network and connections (IP address or connection speed, mobile or internet provider name, language, time zone, cell phone number, information about other devices located nearby or on your network, if applicable);
- Cookie Data (authentication; security; website and product content; advertising, recommendations; insights and measurements; website features and services; performance; analytics and research; third party websites and apps);
- "Information and content provided by you";
- "Networks and Connections";
- "Your Usage";
- "Information about Transacti-ons performed on our Products";
- "Activities of others and information they provide about you";
- Device information (type of device, such as computer, phone, connected TV and other devices;
- Device attributes (operating system, hardware and software versions, battery level, signal strength, available storage, browser type, app and file names and types, and plug-ins); and
- Operations on the device;
- Identifiers (device IDs and other identifiers);
- Device signals (Bluetooth and Wi-Fi (access) points, beacons, and nearby cell towers).
If you have a Facebook account and are logged in to it during the fan page visit, the following personal data will also be processed by Facebook:
- Facebook user ID.
To collect the data, Facebook regularly uses so-called cookies (small text files that are stored on your device), which are stored on your end device when you visit our fan page, even if you do not have your own Facebook profile or are not logged into it during your visit to our fan page. These cookies allow Facebook to create user profiles based on your preferences and interests and to show you advertising tailored to these preferences (within and outside of Facebook). Cookies regularly remain on your terminal device until you delete them.
For more information about the cookies used by Facebook, please visit: https://www.facebook.com/policies/cookies/.
Page Insights
As the operator of a Facebook fan page, we can only view the information stored in your public Facebook profile, and only if you have such a profile and are logged in to it while accessing our fan page. In addition, Meta provides us with anonymized usage statistics (so-called page insights), which we use to improve the user experience when visiting our fan page. We do not have access to the usage data that Meta collects to create these statistics. Meta has committed to us to assume primary responsibility under the GDPR for the processing of this data, to comply with all obligations under the GDPR with respect to this data, and to provide the data subjects with the essence of this obligation.
Further information on Meta's obligations can be found at: https://www.facebook.com/legal/terms/page_controller_addendum.
This data processing serves our legitimate interest in presenting ourselves as an attractive employer and to improve the user experience when visiting our fan page on the platform in line with the target group. The legal basis for the data processing is thus Art. 6 (1) f) GDPR our overriding legitimate interest.
Details on the individual processing operations by Meta can be found in Facebook's privacy policy at the following link: https://www.facebook.com/about/privacy/update?ref=old_policy.
EU - USA and Switzerland - USA data protection agreements (EU - U.S. / Swiss - US Data Privacy Framework).
When visiting the Facebook platform, there is a possibility that your data will be processed outside the European Union, in particular the USA. Meta Platforms, Inc. is certified by the U.S. Department of Commerce and participates in the EU-US Privacy Framework: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000GnywAAC&status=Active.
For more information on data transfer by Meta, please visit: https://www.facebook.com/privacy/policies/data_privacy_framework.
Contacting us via Facebook
If you use our Facebook fan page to contact us (e.g. by sending us private messages), the data you provide us with (including your user name and the information you transmit to us) will be processed by us solely for the purpose of communicating with you.
The legal basis for the data collection is therefore Art. 6 para. 1 lit. b) GDPR in the case of a contract initiation, or Art. 6 para. 1 lit. f) GDPR in the case of general questions or comments. We delete stored data 7 days after completion, as soon as their storage is no longer necessary or you request us to delete them; in the case of legal storage obligations, we limit the processing of the stored data accordingly.
b) Instagram
We maintain a presence on Instagram from meta, where we provide information about Löwenstein Medical. Visiting the site triggers processing operations by the platform operator Meta. "Instagram from Meta" is a social media platform of Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland.
Visit our Instagram presence
Visiting our Instagram page triggers processing operations at Instagram (Meta). Instagram creates so-called Custom Audience statistics. Löwenstein Medical receives these statistics in anonymized form. We have no influence on the underlying parameters.
In this case, Meta provides various documents. Where there is joint responsibility with Meta, the agreement on joint responsibility applies: https://www.facebook.com/legal/terms/page_controller_addendum.
In this agreement, Meta undertakes to assume primary responsibility for the processing operations covered.
In addition, Meta may consider further processing operations as commissioned processing. Facebook provides corresponding documents for this purpose: https://www.facebook.com/legal/terms/dataprocessing.
To find out which specific processing operations are considered joint controllership or commissioned processing for Facebook, please contact Meta's data protection officer. You can contact Meta's data protection officer via the following link and select the relevant product (such as Facebook or Instagram): https://www.facebook.com/help/contact/540977946302970.
If you access our Instagram page, Instagram will process at least the following personal data under its own responsibility:
- Network and connections (IP address or connection speed, name of mobile phone or Internet provider, language, time zone, cell phone number, information about other devices nearby or in your network, if applicable)
- Cookie data (authentication; security; website and product integrity; advertising, recommendations; insights and measurements; website functions and services; performance; analysis and research; third-party websites and apps)
- "Information and content provided by you"
- "Networks and connections"
- "Your use"
- "Information about transactions carried out on our products"
- "Activities of others and information they provide about you"
- Device information (type of device, such as computer, telephone, connected TV and other devices
- Device attributes (operating system, hardware and software versions, battery level, signal strength, available storage space, browser type, app and file names and types as well as plugins)
- Processes on the device
- Identifiers (device IDs and other identifiers)
- Device signals (Bluetooth and WLAN (access points), beacons and radio cell towers in the vicinity)
Instagram uses so-called cookies, which are stored on your device when you visit our website, even if you do not have your own Instagram profile or are not logged in to your profile while visiting our website. These cookies allow Meta to create user profiles based on your preferences and interests and to show you customized advertising (within and outside the Meta platforms). Cookies are regularly stored on your end device until you delete them yourself.
We receive anonymous statistics from the above-mentioned data collected and processed by Instagram. We can use this data to understand the interest in our presence on the respective platform.
Further information on the processing operations and cookies can be found at: https://privacycenter.instagram.com/policy/.
The legal basis for processing by Instagram may be your consent in accordance with Art. 6 para. 1 lit. a) GDPR, which you may have given to the service provider when registering. You can revoke this consent to Facebook at any time in accordance with Art. 7 para. 3 sentence 1 GDPR.
When visiting the Instagram platform, there is a possibility that your data will be processed outside the European Union, in particular in the USA. This may make it more difficult or impossible to enforce your rights.
Facebook-Instagram complies with the standard contractual clauses of the European Commission in the event of a transfer to the USA or is Meta-certified: https://de-de.facebook.com/help/566994660333381; https://de-de.facebook.com/help/190589997655465/?helpref=related_articles.
The list of Privacy Framework certified companies is available at: https://www.dataprivacyframework.gov/list.
"Follow" function of our Instagram presence
If you follow our Instagram channel, we can track your Instagram username. We process this data exclusively for moderation purposes. The legal basis for the processing is our legitimate interest pursuant to Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in maintaining channel integrity.
Löwenstein Medical uses the Instagram channel exclusively passively for information purposes. Please do not post any personal data, especially sensitive data, on our channel.
The data will be stored for as long as your Instagram profile exists.
c) LinkedIn
We maintain a LinkedIn company page for company presentation purposes, on which we provide information about Löwenstein Medical. Visiting the page triggers various processing operations. "LinkedIn" is a service of LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland.
Calling up our company page (registered / not registered).
When you visit our LinkedIn company page, LinkedIn processes at least the following personal data under its own responsibility:
- Technical information: Device ID, device data such as ad ID, IP address, operating system and browser data).
LinkedIn regularly uses so-called cookies (small text files that are stored on your device) to collect the data, which are stored on your end device when you visit our company page even if you do not have your own LinkedIn profile or are not logged into it during your visit to our company page. These cookies allow LinkedIn to create user profiles based on your preferences and interests and to show you advertising tailored to these. Cookies regularly remain on your terminal device until you delete them.
For more information on the cookies used by LinkedIn, please visit: https://de.linkedin.com/legal/cookie-policy?.
Setting options for non-members:https://www.linkedin.com/psettings/guest-controls?trk=homepage-basic_footer-guest-controls.
If you have a LinkedIn account and are logged in to it during your visit to our company website, the following personal data will also be processed:
- registration: name, email address, your cell phone number if applicable, password, payment and billing information if you use the Premium service;
- profile: depending on your information, e.g. education, work experience, photo, location or region, knowledge confirmation;
- publishing and uploading: Content that you upload and publish yourself;
- information from Others: LinkedIn receives information from others about you when you use certain synchronization features. LinkedIn may then receive contact and calendar information from you.
LinkedIn Insights
The responsible party within the meaning of Art. 4 (7) GDPR in conjunction with Art. 26 GDPR for the "LinkedIn Insights" are jointly
LinkedIn Ireland Unlimited Company Wilton Place Dublin 2, Ireland
and
Löwenstein Medical SE & Co. KG Arzbacher Straße 80 56130 Bad Ems, Germany.
According to the agreement with LinkedIn, LinkedIn assumes all obligations of the GDPR when you visit the LinkedIn platform and when creating LinkedIn Insights, this concerns in particular (not exhaustively) the following obligations:
- information obligations (e.g. Art. 13 GDPR);
- you assert your data subject rights (Art. 12 - 22) directly against LinkedIn, such as the right to information;
- LinkedIn ensures that your data is protected by technical and organizational measures.
To exercise your data subject rights, please contact LinkedIn directly: https://www.linkedin.com/help/linkedin/ask/cp-master?lang=de.
You can also find more information at: https://security.linkedin.com/.
For information on LinkedIn's joint controllership and obligations in particular, please visit: https://legal.linkedin.com/pages-joint-controller-addendum.
LinkedIn creates anonymized statistics (so-called Insights) from the personal data that LinkedIn collects. The In-sights provided to us consist of aggregated data. We do not receive any data that has a personal reference. We do not have access to the usage data that LinkedIn collects to create the statistics.
As the operator of the LinkedIn company site, we can only view the information on your LinkedIn profile that you make public through your settings, and only if you have such a profile and are logged in to it when you access our presence.
This data processing serves our legitimate interest in improving the user experience when visiting our fan page according to the target group. The legal basis for the data processing is therefore Art. 6 (1) f) GDPR.
When visiting the LinkedIn platform, there is a possibility that your data will be processed outside the European Union, in particular the USA. The enforcement of your rights may thus be more difficult or not possible.
EU - U.S. and Switzerland - U.S. Data Privacy Framework (EU - U.S. / Swiss - US Data Privacy Framework).
Microsoft Corp. as operator of LinkedIn is certified according to the Privacy Framework: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000KzNaAAK&status=Active.
Details on the individual processing operations by LinkedIn can be found in LinkedIn's privacy policy, at the following link: https://us.linkedin.com/legal/privacy-policy?src=direct%2Fnone&veh=direct%2Fnone#data.
Contacting us via LinkedIn
If you use our LinkedIn company page to contact us (e.g. by sending us private messages), the data you provide us with (including your name and the information you have voluntarily transmitted to us) will be processed by us solely for the purpose of being able to communicate with you.
The legal basis for the data collection is therefore Art. 6 para. 1 lit. b) GDPR in the case of a contract initiation, or Art. 6 para. 1 lit. f) GDPR in the case of general questions or comments. We delete stored data after data 7 days after completion, as soon as their storage is no longer required or you request us to delete them; in the case of statutory retention obligations, we limit the processing of stored data accordingly.
d) XING
We maintain a XING company page for company presentation purposes, on which we make information about Löwenstein Medical available to interested parties. Visiting the page triggers various processing operations. "XING" is a service of New Work SE, Am Strandkai 1, 20457 Hamburg, Germany.
Visiting our company page (registered / not registered)
When you visit our XING company page, XING processes your personal data under its own responsibility.
For more information about the processing operations, please visit: https://privacy.xing.com/en.
There you will also find details of XING's data protection officer and information on how to assert your rights as a data subject.
XING Recruiter Insights
XING creates anonymized statistics (so-called Recruiter Insights) from the personal data that XING collects under its own responsibility. The Insights provided to us consist of aggregated data. We do not receive any data that is personally identifiable. We do not have access to the usage data that XING collects to create the statistics.
As the operator of the XING Company Page, we can only view the information on your XING profile that you make public through your settings, and only if you have such a profile and are logged in to it while you access our presence.
This data processing serves our legitimate interest in improving the user experience when visiting our company website in line with the target group. The legal basis for the data processing is therefore Art. 6 (1) f) GDPR.
When visiting the XING platform, it is possible that your data will be processed outside the European Union, in particular in the USA. This may make it more difficult or not possible to enforce your rights. You can find information on possible third country transfers at: https://privacy.xing.com/en.
Contacting us via XING
If you use our XING company page to contact us (e.g. by sending us private messages), the data you provide us with (including your name and the information you have voluntarily transmitted to us) will be processed by us solely for the purpose of communicating with you.
The legal basis for the data collection is therefore Art. 6 para. 1 lit. b) GDPR in the case of a contract initiation, or Art. 6 para. 1 lit. f) GDPR in the case of general questions or comments. We delete stored data after data 7 days after completion, as soon as their storage is no longer required or you request us to delete them; in the case of statutory retention obligations, we limit the processing of stored data accordingly.
e) YouTube
We maintain a presence on YouTube where we provide information about Löwenstein Medical to interested parties. Visiting the presence triggers processing operations. "YouTube" is a service of Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland, which is a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA.
Embedded Videos
We use videos from Youtube on our website, which we embed via an iFrame, cookies are also used. A connection to Youtube is only established after you have given your consent. You can give this via the cookie banner, or directly via the video. You can find more information about the processing procedures in the cookie banner.
The Youtube videos are also integrated via the extended data protection mode, data transmission only takes place when the video is played.
The legal basis is your express consent in accordance with Art. 6 para. 1 lit. a) GDPR. as well as § 25 para. 1 TDDDG (german federal law).
Information on the storage period of the cookies used can be found in the cookie banner.
Visiting our YouTube channel
If you visit our YouTube presence, your personal data will be processed by YouTube. Löwenstein Medical itself does not process any personal data from you and does not receive this from YouTube or Google. We are only provided with anonymized data. This data includes various usage statistics that do not allow us to draw any conclusions about individuals.
YouTube processes the following personal data when you visit the platform:
- your apps, browsers, and devices (e.g., data from your device to dim the screen when the battery is low, unique device identifiers: IP, crash report, system activity, and the date, time, and referring URL of your request);
- terms you search for;
- videos you watch;
- content and advertisements you view and interact with;
- voice and audio data when you use audio features;
- people with whom you communicate or share content;
- activity on third-party websites and apps that use our Services;
- chrome browsing history that you have synced with your Google account;
- location data (possibly GPS, IP address, sensor data on your device, information about objects near your device, such as Wi-Fi access points, cell towers and Bluetooth-enabled devices (you can deactivate the location history via your terminal!).
From this data, we only receive an anonymized aggregation of personal data.
The legal basis for processing by YouTube may be your consent pursuant to Art. 6 (1) a) GDPR, which you may have given to the service provider upon registration. You can revoke this consent from YouTube at any time in accordance with Art. 7 (3) p. 1 GDPR. For more information about YouTube's processing, handling, and management of your data and how to exercise your data subject rights, please visit: policies.google.com/privacy.
You can exercise your data subject rights or manage your data via your Google account.
When visiting the YouTube platform, there is a possibility that your data will be processed outside the European Union, in particular the USA. The enforcement of your rights may therefore be more difficult or not possible.
Data Protection Agreement EU - USA and Switzerland - USA (EU - U.S. / Swiss - US Data Privacy Framework).
Google LLC. as operator of Youtube is certified according to the Privacy Framework: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active.
Subscribing to our YouTube channel
If you subscribe to our YouTube channel, we can track your YouTube username. We process this date exclusively for moderation purposes. The legal basis for the processing is our legitimate interest pursuant to Art. 6 para. 1 lit. f) GDPR. Our legitimate interest is to maintain channel integrity.
Löwenstein Medical uses the YouTube channel exclusively passively for information purposes. Please do not post any personal data, especially sensitive data.
The data will be stored as long as your YouTube profile exists.
6. Technical and organizational measures
We take appropriate technical and organizational measures to protect the data, taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the processing, as well as the different probabilities of occurrence and the extent of the threat to the rights and freedoms of natural persons.
Our measures relate to safeguarding the confidentiality, integrity and availability of data through, among other things, access controls to physical equipment, as well as digital backups. Furthermore, procedures are in place to protect your rights as a data subject.
SSL encryption (https): Data that you transmit to the website, e.g. through a contact form, is SSL-encrypted so that this data cannot be readily viewed by third parties. You can recognize SSL-encrypted pages by the addition "https" in the address line, non-encrypted pages are displayed as "http".
7. Automated decision-making / Profiling
Automated decision-making or profiling does not take place on our website.
8. Rights of the data subjects
According to the GDPR, you as a data subject are entitled to the following rights according to Art. 15ff:
- Art. 15 GDPR: right of access;
- Art. 16 GDPR: right to rectification;
- Art. 17 GDPR: right to erasure (‘right to be forgotten’);
- Art. 18f. GDPR: right to restriction of processing;
- Art. 20 GDPR: right to data portability;
Right to object: In addition, you have the right to object at any time in accordance with Art. 21 GDPR for reasons arising from your particular situation, provided that the processing is based on Art. 6 Ans. 1 lit. e) or f) GDPR. In the event of processing for the purpose of direct marketing, you have the right to object at any time; this also applies to profiling based on this purpose.
- Right of withdrawal: In accordance with Art. 7 (3) GDPR, you have the right to withdraw your consent at any time without giving reasons. The revocation applies to the future and does not affect the legality until the revocation.
To exercise these rights, please contact:
Löwenstein Medical SE & Co. KG
Arzbacher Straße 80, 56130 Bad Ems, Germany
Phone: +49 (0) 2603 9600 0
eMail: info@loewensteinmedical.com
Furthermore, you have the right to complain to a supervisory authority pursuant to Art. 77 (1) GDPR. The supervisory authority responsible for us: The State Commissioner for Data Protection and Freedom of Information Rhineland-Palatinate, P.O. Box 30 40, 55020 Mainz; Phone: + 49 (0) 6131 8920-0; Fax: + 49 (0) 6131 8920-299, eMail: poststelle@datenschutz.rlp.de.
9. Other
We reserve the right to adapt this data protection declaration so that it always complies with the current legal requirements or to implement changes to our services in the data protection declaration, e.g. when introducing new services. The currently displayed data protection information always applies to your visit.
If changes require your cooperation (e.g. renewal of consent), we will inform you or notify you.
Terms used herein are not gender-specific.
Status: October 2023