medicalfly stories – check out our latest testimonials from medicalfly

Datenschutz

General

As the operator of this website and as a company, we come into contact with your personal data. This refers to all data that provides information about you and with which you can be identified. In this privacy policy, we would like to explain to you in what manner, for what purpose, and on what legal basis we process your data.

Responsible for data processing on this website and in our company is

medicalfly GmbH
EmsstraรŸe 9
48282 Emsdetten
Germany

Telefon: 030 โ€“ 857 434 84
E-Mail: info@medicalfly.de

General Information

SSL and TLS Encryption

When you enter your data on websites, place online orders, or send emails over the internet, you always need to be aware that unauthorized third parties may access your data. Complete protection from such access is not possible. However, we do everything we can to protect your data and close security gaps as much as possible.

An important protection mechanism is the SSL or TLS encryption of our website, which ensures that data you transmit to us cannot be read by third parties. You can recognize the encryption by the padlock icon before the entered internet address in your browser and by the fact that our internet address begins with https:// and not with http://.

How long do we store your data?
At some points in this privacy policy, we inform you about how long we or the companies that process your data on our behalf retain your data. If such information is missing, we store your data until the purpose of data processing no longer applies, you object to the data processing, or you withdraw your consent to data processing.

In the event of an objection or withdrawal, we may still process your data if at least one of the following conditions applies:

  • We have compelling legitimate grounds for continuing the data processing that outweigh your interests, rights, and freedoms (only in the case of objections to data processing; if the objection is against direct marketing, we cannot present any legitimate grounds).

  • Data processing is necessary to establish, exercise, or defend legal claims (does not apply if your objection is against direct marketing).

  • We are legally required to retain your data.

In such cases, we will delete your data as soon as the condition(s) no longer apply.

Data Transfer to the USA
We also use tools on our website from companies that transfer your data to the USA, store it there, and potentially further process it. The European Commission has adopted an adequacy decision for the EU-U.S. Privacy Shield Framework. This decision establishes that the USA provides an adequate level of protection for personal data from the EU transferred to U.S. companies. This decision is based on new guarantees and measures introduced by the USA to meet data protection requirements. The adequacy decision includes, among other things, restrictions and guarantees regarding U.S. intelligence services’ access to the data. Binding guarantees have been introduced to limit U.S. intelligence services’ access to what is necessary and proportionate to protect national security. Additionally, increased oversight of U.S. intelligence services’ activities has been established to ensure compliance with surveillance activity restrictions. An independent legal remedy has also been established to handle and resolve complaints from European citizens regarding access to their data. Thus, the EU-U.S. Privacy Shield Framework allows European companies to transfer data to certified U.S. companies without having to implement additional data protection guarantees. You can view a list of all certified companies at the following link: https://www.dataprivacyframework.gov/s/participant-search

A change in the European Commission’s decision cannot be ruled out.

Your Rights
Objection to Data Processing
IF YOU READ IN THIS PRIVACY POLICY THAT WE HAVE LEGITIMATE INTERESTS IN PROCESSING YOUR DATA AND THEREFORE RELY ON ART. 6 PAR. 1 SENTENCE 1 LIT. F) GDPR, YOU HAVE THE RIGHT UNDER ART. 21 GDPR TO OBJECT TO THIS. THIS ALSO APPLIES TO PROFILING BASED ON THE MENTIONED PROVISION. THE CONDITION IS THAT YOU PROVIDE REASONS FOR THE OBJECTION ARISING FROM YOUR PARTICULAR SITUATION. A REASON IS NOT REQUIRED IF THE OBJECTION IS AGAINST THE USE OF YOUR DATA FOR DIRECT MARKETING.

THE CONSEQUENCE OF AN OBJECTION IS THAT WE ARE NO LONGER PERMITTED TO PROCESS YOUR DATA. THIS DOES NOT APPLY IF ONE OF THE FOLLOWING CONDITIONS IS MET:

  • WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING THAT OVERRIDE YOUR INTERESTS, RIGHTS, AND FREEDOMS.

  • THE PROCESSING IS NECESSARY TO ESTABLISH, EXERCISE, OR DEFEND LEGAL CLAIMS.

EXCEPTIONS DO NOT APPLY IF YOUR OBJECTION IS AGAINST DIRECT MARKETING OR PROFILING RELATED TO IT.

Additional Rights
Withdrawal of Your Consent to Data Processing

Many data processing operations are based on your consent. For example, you give consent by checking a box on online forms before submitting them or by allowing certain cookies when you visit our website. You can withdraw your consent at any time without providing reasons (Art. 7 Par. 3 GDPR). From the moment of withdrawal, we are no longer allowed to process your data. The only exception is if we are legally required to retain the data for a certain period. Such retention periods are particularly applicable under tax and commercial law.

Right to Complain to the Competent Supervisory Authority

If you believe that we are violating the General Data Protection Regulation (GDPR), you have the right under Art. 77 GDPR to file a complaint with a supervisory authority. You can contact a supervisory authority in the member state of your residence, your workplace, or the place where the alleged violation occurred. This right to complain exists in addition to administrative or judicial remedies.

Right to Data Portability

We must provide you or a third party with data that we process based on your consent or in fulfillment of a contract in a commonly used, machine-readable format if you request it. We can only transfer the data to another controller if it is technically feasible.

Right to Access, Erasure, and Rectification of Data

Under Art. 15 GDPR, you have the right to obtain information free of charge about which personal data we have stored about you, where the data comes from, to whom we transmit the data, and the purpose for which it is stored. If the data is incorrect, you have the right to rectification (Art. 16 GDPR), and under the conditions of Art. 17 GDPR, you may request that we delete the data.

Right to Restriction of Processing

In certain situations, you may request under Art. 18 GDPR that we restrict the processing of your data. The data may then be processed only in the following ways, aside from storage:

  • With your consent
  • For the establishment, exercise, or defense of legal claims
  • To protect the rights of another natural or legal person
  • For reasons of significant public interest of the European Union or a member state

The right to restriction of processing exists in the following situations:

  • You dispute the accuracy of your personal data stored with us, and we need time to verify it. This right exists for the duration of the verification.
  • The processing of your personal data is unlawful or was unlawful in the past. This right exists as an alternative to the deletion of the data.
  • We no longer need your personal data, but you need it for the exercise, defense, or assertion of legal claims. This right exists as an alternative to the deletion of the data.
  • You have lodged an objection under Art. 21 Par. 1 GDPR, and now a balance must be struck between your and our interests. This right exists as long as the outcome of the balancing has not yet been determined.

Hosting and Content Delivery Networks (CDNs)
External Hosting

Our website is hosted on a server provided by the following internet service provider (host):

Host Europe GmbH
HansestraรŸe 111
51149 Cologne

Has a data processing agreement been concluded with the host, or are standard contractual clauses (SCCs) used?

Yes

How do we process your data?

The host stores all data from our website. This includes all personal data that is collected automatically or through your input. This may include, in particular: your IP address, visited pages, names, contact details and inquiries, as well as meta and communication data. In data processing, our host adheres to our instructions and processes the data only to the extent necessary to fulfill the service obligation to us.

On what legal basis do we process your data?

Since we use our website to attract potential customers and maintain contact with existing customers, the data processing by our host is for the purpose of contract initiation and fulfillment and is therefore based on Art. 6 Par. 1 lit. b) GDPR. Additionally, as a company, it is our legitimate interest to provide a professional internet service that meets the necessary requirements for security, speed, and efficiency. Therefore, we also process your data based on Art. 6 Par. 1 lit. f) GDPR.

Data Collection on This Website
Use of Cookies

Our website places cookies on your device. These are small text files used for various purposes. Some cookies are technically necessary for the website to function properly (necessary cookies). Others are needed to perform specific actions or functions on the site (functional cookies). For example, without cookies, it would not be possible to use the benefits of a shopping cart in an online shop. Other cookies are used to analyze user behavior or optimize advertising measures. When we use third-party services on our website, such as for processing payments, these companies may also place cookies on your device when you visit the website (so-called third-party cookies).

How Do We Process Your Data?

Session Cookies
Session cookies are stored on your device only for the duration of a session. Once you close the browser, they are automatically deleted. Permanent cookies, on the other hand, remain on your device unless you delete them yourself. This can lead, for example, to a permanent analysis of your user behavior. You can influence how your browser handles cookies through its settings:

  • Do you want to be informed when cookies are set?
  • Do you want to exclude cookies generally or for specific cases?
  • Do you want cookies to be automatically deleted when the browser is closed?

If you disable or do not allow cookies, the functionality of the website may be limited.

If we use cookies from other companies or for analytical purposes, we will inform you about this in the privacy policy. We will also ask for your consent in this regard when you visit our website.

On What Legal Basis Do We Process Your Data?

We have a legitimate interest in ensuring that our online services can be used by visitors without technical problems and provide all desired functionalities. Therefore, the storage of necessary and functional cookies on your device is based on Art. 6 Par. 1 lit. f) GDPR. All other cookies are used based on Art. 6 Par. 1 lit. a) GDPR, provided you give us the corresponding consent. You can withdraw this consent at any time with effect for the future. If you consented to the placement of necessary and functional cookies, the storage of these cookies is also based solely on your consent.

Cookie Consent with Borlabs Cookie
What is Borlabs Cookie?

A cookie plugin for GDPR and ePrivacy compliance.

Who Processes Your Data?

Only we do, not the provider of Borlabs Cookie.

Where Can You Find More Information About Data Protection with Borlabs Cookie?
https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/

How Do We Process Your Data?

We use Borlabs Cookie to obtain your consent for storing cookies on your device. When you visit our website and close the cookie window from Borlabs Cookie with the consent query, a Borlabs cookie with the following contents is stored in your browser:

  • Cookie lifetime
  • Cookie version
  • Domain and path of the website
  • Consents
  • A randomly generated ID

This data is not transmitted to the provider of Borlabs Cookie.

We store the data until the purpose of data storage no longer applies, you delete the Borlabs Cookie, or you request us to delete the data. This does not apply if we are legally required to retain the data.

On What Legal Basis Do We Process Your Data?

We are legally required to obtain the consent of our website visitors for the use of certain cookies. To fulfill this obligation, we use Borlabs Cookie. The legal basis for data processing is thus Art. 6 Par. 1 lit. c) GDPR.

Server Log Files

Server log files record all requests and accesses to our website and document error messages. They also include personal data, particularly your IP address. However, the provider anonymizes this data shortly after collection, so we cannot assign it to an individual person. The data is automatically transmitted from your browser to our provider.

How Do We Process Your Data?

Our provider stores the server log files to track activities on our website and identify errors. The files contain the following data:

  • Browser type and version
  • Operating system used
  • Referrer URL
  • Hostname of the accessing computer
  • Time of the server request
  • IP address (if applicable, anonymized)

We do not merge this data with other data but use it solely for statistical evaluation and to improve our website.

On What Legal Basis Do We Process Your Data?

We have a legitimate interest in ensuring that our website runs smoothly. It is also our legitimate interest to obtain an anonymized overview of access to our website. Therefore, data processing is lawful under Art. 6 Par. 1 lit. f) GDPR.

Contact Form

You can send us a message via the contact form on this website.

How Do We Process Your Data?

We store your message and the information from the form to process your inquiry, including follow-up questions. This also includes the contact details you provided. Without your consent, we do not share the data with other individuals.

How Long Do We Store Your Data?

We delete your data as soon as one of the following occurs:

  • Your inquiry has been fully processed.
  • You request us to delete the data.
  • You withdraw your consent to storage.

This does not apply if we are legally required to retain the data.

On What Legal Basis Do We Process Your Data?

If your inquiry is related to our contractual relationship or serves to implement pre-contractual measures, we process your data based on Art. 6 Par. 1 lit. b) GDPR. In all other cases, it is our legitimate interest to effectively handle inquiries addressed to us. The legal basis for data processing is thus Art. 6 Par. 1 lit. f) GDPR. If you consented to the storage of your data, Art. 6 Par. 1 lit. a) GDPR is the legal basis. In this case, you can withdraw your consent at any time with effect for the future.

Inquiries by Email, Phone, or Fax

You can send us a message by email or fax or call us.

How Do We Process Your Data?

We store your message and the contact information you provided or the phone number you sent us to handle your inquiry, including follow-up questions. Without your consent, we do not share the data with other individuals.

How Long Do We Store Your Data?

We delete your data as soon as one of the following occurs:

  • Your inquiry has been fully processed.
  • You request us to delete the data.
  • You withdraw your consent to storage.

This does not apply if we are legally required to retain the data.

On What Legal Basis Do We Process Your Data?

If your inquiry is related to our contractual relationship or serves to implement pre-contractual measures, we process your data based on Art. 6 Par. 1 lit. b) GDPR. In all other cases, it is our legitimate interest to effectively handle inquiries addressed to us. The legal basis for data processing is thus Art. 6 Par. 1 lit. f) GDPR. If you consented to the storage of your data, Art. 6 Par. 1 lit. a) GDPR is the legal basis. In this case, you can withdraw your consent at any time with effect for the future.

Communication via WhatsApp
What is WhatsApp?

An instant messaging service.

Who Processes Your Data?

WhatsApp Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

Has a Data Processing Agreement Been Concluded with WhatsApp?

Yes.

Where Can You Find More Information About Data Protection with WhatsApp?
https://www.whatsapp.com/legal/#privacy-policy

On What Basis Do We Transfer Your Data to the USA?

On the basis of the European Commission’s adequacy decision and the company’s corresponding certification.

How Do We Process Your Data?

For communication with our customers and other individuals outside our company, we use the instant messaging service WhatsApp in the “WhatsApp Business” variant.

Communication is conducted through end-to-end encryption (peer-to-peer). This prevents WhatsApp or any other third parties from accessing the content of the communications. We have also set up our accounts to ensure that there is no automatic synchronization with the address book on the used smartphones. However, WhatsApp has access to the metadata of the communication process (e.g., sender, recipient, and time of communication) and, according to their statements, shares this data with Meta, their parent company based in the USA.

How Long Do We Store Your Data?

We delete your data as soon as one of the following occurs:

  • The purpose of data processing no longer applies.
  • You request us to delete the data.
  • You withdraw your consent to storage.

This does not apply if we are legally required to retain the data.

On What Legal Basis Do We Process Your Data?

If our exchange via WhatsApp is related to our contractual relationship or serves to implement pre-contractual measures, we process your data based on Art. 6 Par. 1 lit. b) GDPR. In all other cases, it is our legitimate interest to effectively handle inquiries addressed to us and to maintain business contact with other individuals. The legal basis for data processing is thus Art. 6 Par. 1 lit. f) GDPR. If you consented to the storage of your data, Art. 6 Par. 1 lit. a) GDPR is the legal basis. In this case, you can withdraw your consent at any time with effect for the future.

Zoho CRM
What is Zoho CRM?

A platform for customer relationship management (CRM), managing customer relationships in marketing, sales, and service areas.

Who Processes Your Data?

Zoho Corporation Pvt. Ltd., Estancia IT Park, Plot No. 140 151, GST Road, Vallancherry Village, Chengalpattu Taluk, Kanchipuram District 603 202, India.

Has a Data Processing Agreement Been Concluded with Zoho?

Yes.

Where Can You Find More Information About Data Protection with Zoho?
https://www.zoho.com/privacy.html and https://www.zoho.com/gdpr.html

On What Basis Do We Transfer Your Data to India?

Zoho adheres to the Standard Contractual Clauses of the European Commission (see https://www.zoho.com/privacy.html).

How Do We Process Your Data?

We use Zoho CRM to capture, sort, and analyze customer interactions across various channels such as email, social media, and phone. The collected personal data is evaluated, used for communication with (potential) customers or marketing activities, such as newsletter mailings. Additionally, Zoho allows us to capture and analyze the behavior of our website visitors.

On What Legal Basis Do We Process Your Data?

We have a legitimate interest in efficient customer management and communication. Therefore, data processing is based on Art. 6 Par. 1 lit. f) GDPR. If you consented to the storage of your data, Art. 6 Par. 1 lit. a) GDPR is the sole legal basis. In this case, you can withdraw your consent at any time with effect for the future.

ProvenExpert
What is ProvenExpert?

A rating seal and online service for collecting customer feedback.

Who Processes Your Data?

Expert Systems AG, Quedlinburger Str. 1, 10589 Berlin, Germany.

Has a Data Processing Agreement Been Concluded with ProvenExpert?

Yes.

Where Can You Find More Information About Data Protection with ProvenExpert?
https://www.provenexpert.com/de-de/datenschutzbestimmungen/

How Do We Process Your Data?

Our website features a rating seal from ProvenExpert. Through this seal, customer reviews of our company are displayed and made accessible to other visitors of the website. When you visit our website, the provider of ProvenExpert becomes aware of the visit through your IP address due to the embedded seal. ProvenExpert also captures the language settings on your device to display the seal in the appropriate local language.

On What Legal Basis Do We Process Your Data?

We have a legitimate interest in promoting our offers with a verifiable display of customer reviews. Thus, the data processing is based on Art. 6 Par. 1 lit. f) GDPR. If you consented to the data processing, we process your data solely based on Art. 6 Par. 1 lit. a) GDPR. You can withdraw your consent at any time with effect for the future.

Gravity Forms

The forms on our online offering use the service โ€œGravity Forms.โ€ This is provided by Rocketgenius, Inc., 1620 Centerville Turnpike #102, Virginia Beach, VA 23464, USA. The use is based on our legitimate interests according to Art. 6 Par. 1 lit. f) GDPR, as we aim for a user-friendly design of our online offering, which also includes a contact form for easy contact.

Submitted form data is sent to us, the website operator, via email and thus stored on our self-hosted mail server. Additionally, storage is carried out for documentation purposes in the WordPress database.

Within the documentation area of the company website, it is confirmed that the plugin is GDPR-compliant: https://docs.gravityforms.com/wordpress-gravity-forms-and-gdpr-compliance/. There is no forwarding and storage on Rocketgenius, Inc. servers or on the gravityforms.com website! Further information about the collection and use of data by Gravity Forms can be found in the privacy notices of Rocketgenius, Inc.: https://www.gravityforms.com/privacy/.

Analysis Tools and Advertising

We use the following tools to analyze the behavior of our website visitors and to show you advertisements.

Google Tag Manager
What is Google Tag Manager?

A tag management system for embedding tracking codes and conversion pixels of Google Ireland Ltd.

Who Processes Your Data?

Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland.

Where Can You Find More Information About Data Protection with Google Tag Manager?
https://policies.google.com/privacy

On What Basis Do We Transfer Your Data to the USA?

On the basis of the European Commission’s adequacy decision and the company’s corresponding certification.

How Do We Process Your Data?

We use Google Tag Manager. The tool helps us to embed, manage, and deploy tracking codes and conversion pixels on our website. Google Tag Manager does not create user profiles, place cookies on your device, or analyze your user behavior. However, it does capture your IP address and transmits it to Google servers in the USA.

On What Legal Basis Do We Process Your Data?

We have a legitimate interest in a quick and straightforward integration and management of various tools on our website. Therefore, the use of Google Tag Manager is lawful under Art. 6 Par. 1 lit. f) GDPR. If you consented to the transfer of your IP address, we process your data solely based on Art. 6 Par. 1 lit. a) GDPR. You can withdraw your consent at any time with effect for the future.

Google Analytics
What is Google Analytics?

A tool for analyzing user behavior from Google Ireland Ltd.

Who Processes Your Data?

Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland.

Has a Data Processing Agreement Been Concluded with Google Analytics?

Yes.

Where Can You Find More Information About Data Protection with Google Analytics?
https://support.google.com/analytics/answer/6004245?hl=de

On What Basis Do We Transfer Your Data to the USA?

On the basis of the European Commission’s adequacy decision and the company’s corresponding certification.

How Can You Prevent Data Collection?

Among other methods, using a browser plugin: https://tools.google.com/dlpage/gaoptout?hl=de

How Do We Process Your Data?

We are always interested in optimizing our web offerings for our visitors and placing advertisements effectively. Google Analytics helps us by analyzing user behavior and providing the necessary data for adjustments. Through the tool, we obtain information about the origin of our visitors, their page views, the duration of their stay on the pages, and the operating system they use.

Standard Processing

To capture the data, Google Analytics uses cookies, device fingerprinting, or other technologies to recognize users. The data is transmitted to Google servers in the USA and combined into a profile using the captured IP address, which can be attributed to you or your device.

You can prevent Google from processing your data by installing a browser plugin provided by Google: https://tools.google.com/dlpage/gaoptout?hl=de.

IP Anonymization

We have activated the “IP anonymization” feature within Google Analytics. This means that Google will shorten your IP address (from the EU or EEA) before sending it to the USA. Only in exceptional cases will Google transmit the full IP address to servers in the USA and shorten it there.

Demographic Features

We use the “demographic features” function of Google Analytics to display relevant advertisements to visitors of our website within the Google advertising network. Consequently, reports can be created that include information about the age, gender, and interests of our website visitors. This data comes from Google’s interest-based advertising and third-party visitor data. It is not possible to assign the collected data to specific individuals.

You can disable this feature in your Google account settings.

How long do we store your data?

User and event-level data linked with cookies, user IDs, or advertising IDs are deleted or anonymized by Google after 14 months (see https://support.google.com/analytics/answer/7667196?hl=de).

On what legal basis do we process your data?

As a website operator, we have a legitimate interest in analyzing user behavior to optimize our web offering and the advertising placed there. Therefore, data processing is lawful under Art. 6 (1) lit. f) DSGVO. If you, for example, consented to the storage of cookies or otherwise consented to the data processing by Google Analytics, then Art. 6 (1) lit. a) DSGVO is the legal basis. You can revoke your consent at any time with future effect.

Google Ads

What is Google Ads?

Online advertising program of Google Ireland Ltd.

Who processes your data?

Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland

Was a contract for data processing concluded with Google Ads?

Yes

Where can you find more information about data protection at Google Ads?

https://policies.google.com/privacy?hl=de&gl=de

On what basis do we transfer your data to the USA?

On the basis of the European Commission’s adequacy decision and the company’s corresponding certification.

How do we process your data?

We use Google Ads. Googleโ€™s advertising program allows us to display ads in the Google search engine or on third-party websites when visitors to our site enter certain search terms (keyword targeting). Furthermore, we can place targeted ads based on existing user data (e.g., location data and interests) from Google (audience targeting). We analyze the collected data quantitatively, such as which search terms led to the display of our ads and how many ads led to clicks.

On what legal basis do we process your data?

As a website operator, we have a legitimate interest in placing and evaluating ads. Therefore, data processing is lawful under Art. 6 (1) lit. f) DSGVO. If you, for example, consented to the storage of cookies or otherwise consented to data processing by Google, then Art. 6 (1) lit. a) DSGVO is the legal basis. You can revoke your consent at any time with future effect.

Google Conversion Tracking

What is Google Conversion Tracking?

Tool for analyzing user behavior by Google Ireland Ltd.

Who processes your data?

Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland

Was a contract for data processing concluded with Google Conversion Tracking?

Yes

Where can you find more information about data protection at Google Conversion Tracking?

https://www.google.de/intl/de/policies/privacy/

On what basis do we transfer your data to the USA?

On the basis of the European Commission’s adequacy decision and the company’s corresponding certification.

How do we process your data?

We are always interested in optimizing our web offering and placing ads effectively. For this purpose, we also use Googleโ€™s Conversion Tracking. With its help, we can track whether and how often visitors click on specific buttons on our site and which products are frequently viewed and purchased (conversion statistics). In the course of data collection and storage, we do not receive information that allows us to personally identify individual visitors. Google itself uses cookies or similar recognition technologies for identification.

On what legal basis do we process your data?

As a website operator, we have a legitimate interest in analyzing user behavior to optimize our web offering and the ads placed there. Therefore, data processing is lawful under Art. 6 (1) lit. f) DSGVO. If you, for example, consented to the storage of cookies or otherwise consented to data processing by Google Conversion Tracking, then Art. 6 (1) lit. a) DSGVO is the legal basis. You can revoke your consent at any time with future effect.

Plugins and Tools

Google Web Fonts (local hosting)

We use fonts from the US company Google on our website. The fonts are installed locally, so no connection is made to Googleโ€™s servers when you visit our site.

For more information on Google Web Fonts, see https://developers.google.com/fonts/faq and in Google’s privacy policy: https://policies.google.com/privacy?hl=de.

Google Maps

What is Google Maps?

Map service by Google Ireland Ltd.

Who processes your data?

Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland

Where can you find more information about data protection at Google?

https://policies.google.com/privacy?hl=de

On what basis do we transfer your data to the USA?

On the basis of the European Commission’s adequacy decision and the company’s corresponding certification.

How do we process your data?

On our website, we use Google Maps. To use all the features of the map service, Google stores your IP address on one of its servers in the USA.

On what legal basis do we process your data?

The maps from Google Maps ensure that the locations provided on our website are easier to find for visitors. As a company, we have a legitimate interest in this. Therefore, data processing is lawful under Art. 6 (1) lit. f) DSGVO.

If you consented to the data processing, we process your data exclusively based on Art. 6 (1) lit. a) DSGVO. You can revoke your consent at any time. From the moment of revocation, we are no longer allowed to process your data.

Friendly Captcha

What is Friendly Captcha?

Test tool to distinguish between humans and computers.

Who processes your data?

Friendly Captcha GmbH, Am Anger 3-5, 82237 Woerthsee, Germany

Where can you find more information about data protection at Friendly Captcha?

https://friendlycaptcha.com/de/privacy/

How do we process your data?

With Friendly Captcha, we check whether data entered into forms on our website comes from a human or a computer. This means that the test tool analyzes your behavior as a visitor to our website based on various characteristics. The analysis begins not only when you use the test tool but already when you access our website. Various data are collected, such as IP address, time spent on our website, and mouse movements.

On what legal basis do we process your data?

As a company, we have a legitimate interest in protecting our web offerings from spam and abusive data scraping. Therefore, data processing is lawful under Art. 6 (1) lit. f) DSGVO.

If you consented to the data processing, we process your data exclusively based on Art. 6 (1) lit. a) DSGVO. You can revoke your consent at any time. From the moment of revocation, we are no longer allowed to process your data.

ย 

Sucuri

To protect the IT of medicalfly.de and its customers (Article 6 (1) lit. f DSGVO), we use a web application firewall from the affiliated company Sucuri (https://sucuri.net) on our website. This serves as a filter between our servers and potentially malicious traffic from the internet. It protects against fraudulent activities such as SQL injections and cross-site scripting. Information about the personal data required for this service can be found here: https://blog.sucuri.net/2018/05/sucuri-gdpr.html. The Sucuri privacy policy can be viewed here: https://sucuri.net/privacy. Compliance with data protection at Host Europe is ensured by a data processing agreement and suitable guarantees for data transfers to third countries, including the USA.

eCommerce

Customer and Contract Data

How do we process your data?

When we enter into a contract with you, we need certain personal data from you. We collect, process, and use this data only to the extent necessary to establish, structure, or modify our legal relationship. If you can only use our services through our website or if the services are billed through the website, we also collect usage data if necessary to enable you to use our offering or to bill the services used.

How long do we store your data?

We store your data until our legal relationship ends, unless we are legally required to retain the data for a longer period.

On what legal basis do we process your data?

We store your data to fulfill the contract with you or to carry out pre-contractual measures. The basis for data processing is thus Art. 6 (1) lit. b) DSGVO.

Data Transmission When Using Services and Digital Content

How do we process your data?

For processing payments, we transmit your data to a payment service provider or the credit institution tasked with processing payments. We only transmit data that is strictly necessary for the payment process. If we want to pass on data beyond this, we will obtain your consent.

On what legal basis do we process your data?

We transmit your data to fulfill the contract we have with you. Therefore, the basis for data processing is Art. 6 (1) lit. b) DSGVO. If you consented to the transmission of your data, the data processing is based on Art. 6 (1) lit. a) DSGVO. You can revoke your consent at any time with future effect.

Audio and Video Conferences

As a company, we are in contact with many people: customers, business partners, service providers, etc. For communication, we use various means, including online conference tools. Privacy-relevant information about the providers of the tools we use can be found at the end of this section. When you communicate with us through such a tool, both we and the provider of the respective tool process your personal data.

How do we process your data?

Online conference tools capture and store various personal data to enable participation in an online conference and its smooth operation. This includes registration, conference, and technical data as well as certain communication contents.

Registration data: Your email address and/or phone number and possibly other data you provide when registering for the conference.

Conference data: Start, end, and duration of your participation in the conference, the number of participants, and other metadata related to the conference.

Technical data: IP address, MAC address, device ID, device type, operating system and version, client version, camera type, microphone or speakers, and connection type.

Communication contents: Cloud recordings, chat/instant messages, voicemails, uploaded photos and videos, files, whiteboards, and other information shared during the use of the service.

Details on data processing can be found in the privacy statements of the respective conference tool providers.

How long do we store your data?

As your communication partner, we delete your data from our systems as soon as one of the following occurs:

  • The purpose of data processing ceases to apply.
  • You request us to delete the data.
  • You withdraw your consent to storage.

This does not apply if we are legally required to retain the data.

Cookies remain on your device until you delete them.

Conference tool providers also store your data for their own purposes. For information on how long your data is stored, please inquire directly with the providers.

On what legal basis do we process your data?

If we are already contractually connected or if you wish to enter into a contract with us, we use conference tools to fulfill the contract or to inform you about our services or products. Data processing is thus based on Art. 6 (1) lit. b) DSGVO. Otherwise, the use of conference tools serves simple and rapid communication, without which we could not efficiently operate our company. Therefore, we also have a legitimate interest in data processing according to Art. 6 (1) lit. f) DSGVO. Another legal basis may be your consent. In this case, Art. 6 (1) lit. a) DSGVO applies. This basis ceases to apply for the future if you withdraw your consent.

Which Online Conference Tools Do We Use?

Zoom

What is Zoom?

Communication platform for video meetings, voice communication, webinars, and chats via desktop computers, phones, mobile devices, and conference room systems.

Who processes your data?

Zoom Communications Inc., 55 Almaden Boulevard, Suite 600, San Jose, CA 95113, USA

Was a contract for data processing concluded with Zoom?

Yes

Where can you find more information about data protection at Zoom?

https://zoom.us/de-de/privacy.html

On what basis do we transfer your data to the USA?

Zoom Communications Inc. adheres to the Standard Contractual Clauses of the European Commission (see https://zoom.us/de-de/privacy.html).

Microsoft Teams

What is Microsoft Teams?

A communication platform for team collaboration.

Who processes your data?

Microsoft Corp., One Microsoft Way, Redmond, WA 98052-6399, USA

Has a data processing agreement been concluded with Microsoft Teams?

Yes

Where can you find more information about data protection at Microsoft Teams?

https://privacy.microsoft.com/de-de/privacystatement

On what basis do we transfer your data to the USA?

On the basis of the European Commission’s adequacy decision and the company’s corresponding certification.

Google Meet

What is Google Meet?

A video conferencing service by Google Ireland Ltd.

Who processes your data?

Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland

Has a data processing agreement been concluded with Google Meet?

Yes

Where can you find more information about data protection at Google Meet?

https://policies.google.com/privacy?hl=de

On what basis do we transfer your data to the USA?

On the basis of the European Commission’s adequacy decision and the company’s corresponding certification.

Own Services / Miscellaneous

Handling of Applicant Data

If you wish to work for us, we are happy to accept your application. All personal data submitted will be treated as strictly confidential, including data collected later in the application process.

How do we process your data?

All data collected during the application process is stored and used to the extent necessary for deciding on the establishment of an employment relationship. This includes contact and communication data as well as application documents, such as notes made during interviews. We only share your data within our company with those involved in processing your application.

If your application is successful, we store the data necessary for carrying out the employment relationship in our data processing systems.

If we currently do not have a suitable position, we are happy to add your data to our applicant pool with your consent. This allows us to contact you if a position matching your profile becomes available.

How long do we store your data?

If we cannot offer you a position, you reject an offer, or you withdraw your application, we reserve the right to retain your documents and other application data for up to 6 months after the end of the application process. The reason is that we may need the data for evidence in the event of a legal dispute. After this period, we delete the data and destroy the documents. If a legal dispute is imminent or already pending, we delete the data and documents as soon as they are no longer needed for evidence purposes.

Data in the applicant pool is deleted no later than 2 years after consent is given. If you withdraw your consent before this period expires, we will delete the data earlier.

The deletion of your data always depends on whether we are not legally required to retain it longer.

On what legal basis do we process your data?

We process applicant data based on ยง 26 BDSG-new (preparation of an employment relationship) and Art. 6 (1) lit. b) DSGVO (general contract preparation).

The same applies if your application is successful.

If we cannot offer you a position, you reject an offer, or you withdraw your application, we have a legitimate interest in using your data for evidence purposes in a potential legal dispute. Data processing is therefore based on Art. 6 (1) lit. f) DSGVO.

If you have explicitly consented to the storage of your data, we process your data based on Art. 6 (1) lit. a) DSGVO. You can revoke your consent at any time with future effect.

Data Processing on Social Media

What is Social Media?

Social media refers to social networks where we have created publicly accessible profiles. The specific networks are listed below.

Who processes your data?

The respective operators of the social networks. You can find the individual operators listed below for each network.

How is your data processed?

Operators of social networks typically have the ability to collect and evaluate comprehensive data about the behavior of visitors and users of the network. We cannot fully trace all processing operations on the social networks we use, so there may be additional processing operations not listed here that are carried out by the operators of the social networks. For more information, please refer to the terms of use and privacy policies of the respective social networks.

Data processing may occur when you visit the social network’s website or our profile page there. Even if you visit a website that uses content from the network, such as like or share buttons, data may be transferred to the network operators. If you are a user of the social network and logged into your user account, your visit to our profile page may be associated with your account by the network operator. Even if you do not have a user account or are not logged in, the network operator may still collect your personal data, such as your IP address or by setting cookies. With this data, operators can create user profiles tailored to your behavior and interests and show you targeted advertising within and outside the network. If you are a registered user of the network, targeted advertising may also be displayed on all devices where you are or have been logged in.

On what legal basis is your data processed?

Our profiles on social networks aim to ensure a comprehensive presence of our company on the internet. We have a legitimate interest in this as a company. Therefore, data processing is lawful under Art. 6 (1) lit. f DSGVO.

Data processing operations and analyses performed by the operators of social networks themselves may be based on other legal grounds. These must be specified by the operators of the social networks.

Who is responsible for processing your data and how can you exercise your rights?

When you visit one of our profiles on social networks, we, together with the operator of the respective network, are responsible for the data processing triggered by this visit. You can generally assert your rights both with us and with the operator of the respective network.

Despite the joint responsibility with the operators of social networks, our influence on the data processing operations of the respective operator is limited and primarily follows the operator’s guidelines.

How long is your data stored?

When we collect data through our profiles on social networks, this data is deleted from our systems as soon as the purpose of its storage ceases, you request deletion, or you withdraw your consent to storage. Stored cookies remain on your device until you delete them. Mandatory legal requirementsโ€”especially retention periodsโ€”remain unaffected.

We have no influence over how long the operators of social networks store the data they collect for their own purposes. For information on this, please contact the respective network operator directly, such as in their privacy policy.

Which Social Media Do We Use?

Facebook

What is Facebook?

A social network.

Who processes your data?

Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland

Is your data transferred to third countries?

Yes, to the USA and other third countries.

Where can you find more information about data protection at Facebook?

https://www.facebook.com/about/privacy/

Where can you adjust your ad settings as a Facebook user?

As a registered Facebook user, you can adjust your ad settings in your user account. Click the following link and log in: https://www.facebook.com/settings?tab=ads.

X

What is X?

A social network in the form of a microblogging platform.

Who processes your data?

X Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA

Is your data transferred to third countries?

Yes, to the USA.

Where can you find more information about data protection at X?

https://x.com/de/privacy

Where can you adjust your privacy settings as a X user?

As a registered X user, you can adjust your privacy settings in your user account. Click the following link and log in: https://x.com/personalization.

Instagram

What is Instagram?

A social network specializing in photos and videos.

Who processes your data?

Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland

Is your data transferred to third countries?

Yes.

Where can you find more information about data protection at Instagram?

https://help.instagram.com/519522125107875/?helpref=hc_fnav&bc[0]=Instagram-Hilfebereich&bc[1]=Richtlinien%20und%20Meldungen

Where can you adjust your privacy settings as a user?

As a registered Instagram user, you can adjust your privacy settings in your user account. Click the following link and log in: https://www.instagram.com/accounts/privacy_and_security/

LinkedIn

What is LinkedIn?

A social network for business contacts.

Who processes your data?

LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland

Is your data transferred to third countries?

Yes.

Where can you find more information about data protection at LinkedIn?

https://de.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy

Where can you adjust your privacy settings as a user?

As a registered LinkedIn user, you can adjust your privacy settings in your user account. Click the following link and log in: https://www.linkedin.com/psettings/

YouTube

What is YouTube?

A social network in the form of an online video portal.

Who processes your data?

Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland

Is your data transferred to third countries?

Yes.

Where can you find more information about data protection at YouTube?

https://policies.google.com/privacy?hl=de

Where can you adjust your privacy settings as a user?

https://policies.google.com/privacy?hl=de#infochoices

ย 

TikTok

What is TikTok?

A social network specialized in photos and videos.

Who processes your data?

TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland.

Is your data transferred to third countries?

Yes.

Where can you find more information about data protection at TikTok?

https://www.tiktok.com/legal/privacy-policy-eea?lang=de

Where can you adjust your privacy settings as a user?

https://www.tiktok.com/legal/tiktok-website-cookies-policy?lang=de

Scroll to Top

Choose a category from our Blog

7
Weight Loss Surgery
3
Dentistry
3
Hairtransplant
11
Testimonials
11
Plastic Surgery
8
Events
1
Intimate Surgery
18
Informations
4
Press
4
Press
Offener Chat
๐Ÿ’ฌ Brauchen Sie Hilfe?
medicalfly
Hallo๐Ÿ‘‹
Wie kann ich Ihnen helfen?