Privacy Policy

General

As the operators of this website and as a company, we come into contact with your personal data. Personal data refers to all information that can identify you, such as data that provides insight into who you are. In this Privacy Policy, we would like to explain how, for what purpose, and on what legal basis we process your data.

The entity responsible for data processing on this website and within our company is:

InMedi Service GmbH
Langer Acker 3
30900 Wedemark, Germany

Phone: +49 511 132 272-0
Email: info@inmedi-service.com

Disclaimer
This Privacy Policy has been translated into English to improve accessibility. However, only the original German version is legally binding. In case of discrepancies, differences in interpretation, or conflicts between the English and the German versions, the German version shall apply.

General Information

SSL/TLS Encryption

When you enter your data on websites, place online orders, or send emails over the internet, you should always be aware that unauthorized third parties might access your data. Complete protection against such access is not possible. However, we make every effort to protect your data as best as we can and to close security gaps wherever possible.

An important security measure is the SSL/TLS encryption of our website, which ensures that the data you transmit to us cannot be read by third parties. You can recognize encryption by the lock icon in front of the entered website address in your browser and by the fact that our web address begins with https:// instead of http://.

How Long Do We Store Your Data?

At certain points in this Privacy Policy, we inform you about how long we or companies processing your data on our behalf store your data. If no such information is provided, we store your data until the purpose of data processing no longer applies, you object to the data processing, or you withdraw your consent to the data processing.However, in the event of an objection or withdrawal, we may continue to process your data if at least one of the following conditions applies:

  • We have overriding legitimate reasons for continuing the data processing that outweigh your interests, rights, and freedoms (only in the case of objection to data processing; if the objection concerns direct marketing, we cannot present overriding legitimate reasons).
  • The data processing is necessary to establish, exercise, or defend legal claims (does not apply if your objection concerns direct marketing).
  • We are legally required to retain your data.

In this case, we will delete your data as soon as the condition(s) are no longer met.

Data Transfer to the USAWe also use tools on our website from companies that transmit and store your data in the USA and may process it further. This is particularly relevant for you because your data does not have the same level of protection in the USA as it does within the EU, where the General Data Protection Regulation (GDPR) applies. For example, US companies are required to disclose personal data to security authorities without you, as the data subject, being able to take legal action against this. Therefore, it is possible that US authorities (e.g., intelligence services) may process, analyze, and permanently store your data on US-based servers for surveillance purposes. We have no influence over these processing activities.

Your Rights

Objection to Data ProcessingIF YOU READ IN THIS PRIVACY POLICY THAT WE HAVE LEGITIMATE INTERESTS FOR PROCESSING YOUR DATA AND THEREFORE RELY ON ARTICLE 6(1)(F) GDPR, YOU HAVE THE RIGHT UNDER ARTICLE 21 GDPR TO OBJECT TO THIS. THIS ALSO APPLIES TO PROFILING BASED ON THE MENTIONED PROVISION. THE CONDITION FOR THIS IS THAT YOU PROVIDE REASONS FOR YOUR OBJECTION THAT ARISE FROM YOUR PARTICULAR SITUATION. NO JUSTIFICATION IS REQUIRED IF THE OBJECTION IS MADE AGAINST THE USE OF YOUR DATA FOR DIRECT MARKETING PURPOSES.

THE CONSEQUENCE OF AN OBJECTION IS THAT WE CAN NO LONGER PROCESS YOUR DATA. THIS DOES NOT APPLY IF ONE OF THE FOLLOWING CONDITIONS EXISTS:

  • WE CAN DEMONSTRATE MANDATORY PROTECTIVE INTERESTS FOR PROCESSING THAT OUTWEIGH YOUR INTERESTS, RIGHTS, AND FREEDOMS.
  • THE PROCESSING IS NECESSARY FOR THE ESTABLISHMENT, EXERCISE, OR DEFENSE OF LEGAL CLAIMS.
  • THE EXCEPTIONS DO NOT APPLY IF YOUR OBJECTION IS AGAINST DIRECT MARKETING OR PROFILING CONNECTED WITH IT.

Further Rights

Withdrawal of Your Consent to Data ProcessingMany data processing activities are carried out based on your consent. You grant this consent, for example, by ticking the appropriate box in online forms before submitting the form or by allowing certain cookies when visiting our website. You can withdraw your consent at any time without giving any reason (Article 7(3) GDPR). From the moment of withdrawal, we may no longer process your data. The only exception is if we are legally obligated to retain the data for a certain period. Such retention periods exist, particularly in tax and commercial law.

Right to Lodge a Complaint with the Competent Supervisory AuthorityIf you believe that we are violating the General Data Protection Regulation (GDPR), you have the right under Article 77 GDPR to lodge a complaint with a supervisory authority. You can contact the supervisory authority in the member state of your residence, your workplace, or the place where the alleged infringement occurred. The right to complain exists in addition to administrative or judicial remedies.

Right to Data PortabilityData that we process automatically based on your consent or in the performance of a contract must be provided to you or a third party in a commonly used, machine-readable format upon request. We can only transfer the data to another data controller if this is technically feasible.

Right to Access, Erasure, and Rectification of DataUnder Article 15 GDPR, you have the right to obtain free information about which personal data we have stored about you, where the data comes from, to whom we transfer the data, and the purpose for which it is stored. If the data is incorrect, you have the right to rectification (Article 16 GDPR). Under the conditions of Article 17 GDPR, you may request that we erase the data.

Right to Restriction of ProcessingIn certain situations, you can request that we restrict the processing of your data under Article 18 GDPR. The data may then only be processed as follows (except for storage):

  • With your consent,
  • For the establishment, exercise, or defense of legal claims,
  • To protect the rights of another natural or legal person,
  • For reasons of important public interest of the European Union or a member state.

The right to restriction of processing exists in the following situations:

  • You have disputed the accuracy of your personal data stored with us, and we need time to verify it. The right exists for the duration of the verification.
  • The processing of your personal data is unlawful or was unlawful in the past. The right exists as an alternative to the erasure of the data.
  • We no longer need your personal data, but you require it to establish, defend, or assert legal claims. The right exists as an alternative to the erasure of the data.
  • You have filed an objection under Article 21(1) GDPR, and we must now balance your and our interests. The right exists as long as the result of the balancing is not yet determined.

Hosting and Content Delivery Networks (CDN)

External Hosting

Our website is hosted on a server provided by the following internet service provider (host):

IONOS SE
Eigendorfer Str. 57
56410 Montabaur, Germany

How do we process your data?

The host stores all data related to our website. This includes all personal data that is automatically collected or provided by you. This can include, in particular: your IP address, pages accessed, names, contact details and inquiries, as well as meta and communication data. IONOS SE processes the data based on our instructions and only to the extent necessary to fulfill the performance obligations to us.

On what legal basis do we process your data?

Since we use our website to engage potential customers and maintain contact with existing customers, the data processing by our host serves the initiation and fulfillment of contracts and is therefore based on Article 6(1)(b) GDPR. Furthermore, it is our legitimate interest as a company to provide a professional online presence that meets the necessary requirements for security, speed, and efficiency. In this respect, we also process your data on the basis of Article 6(1)(f) GDPR.

 

Data Collection on This Website

Use of Cookies

Our website places cookies on your device. These are small text files that serve various purposes. Some cookies are technically necessary for the website to function at all (necessary cookies). Others are required to perform certain actions or functions on the site (functional cookies). For example, without cookies, it would not be possible to use the benefits of a shopping cart in an online store. Other cookies are used to analyze user behavior or optimize advertising efforts. If we use third-party services on our website, such as payment processing, these companies may also leave cookies on your device when you visit the website (so-called third-party cookies).

How do we process your data?

Session cookies are stored on your device only for the duration of a session. Once you close the browser, they automatically disappear. Permanent cookies, on the other hand, remain on your device until you delete them yourself. This can result in your user behavior being analyzed over time. You can control how your browser handles cookies through its settings:

  • Do you want to be informed when cookies are placed?
  • Do you want to exclude cookies generally or for specific cases?
  • Do you want cookies to be automatically deleted when you close your browser?

If you disable or do not allow cookies, the functionality of the website may be limited.If we use cookies from other companies or for analytical purposes, we will inform you about this in this privacy policy. We will also ask for your consent regarding cookies when you visit our website.

On What Legal Basis Do We Process Your Data?

We have a legitimate interest in ensuring that our online offerings can be used by visitors without technical issues and that all desired functions are available to you. The storage of necessary and functional cookies on your device is therefore based on Article 6(1)(f) GDPR. We use all other cookies based on Article 6(1)(a) GDPR, provided you give us your consent. You can revoke this consent at any time with effect for the future. If you consented to the placement of necessary and functional cookies, the storage of these cookies is also based solely on your consent.

Cookie Consent with UsercentricsWhat is Usercentrics?
Consent management platform (CMP) for obtaining, processing, and forwarding GDPR-compliant consents.

Who processes your data?
Usercentrics GmbH, Rosental 4, 80331 Munich, Germany

Where can you find more information about Usercentrics’ privacy practices?

https://usercentrics.com/de/datenschutzerklaerung/

How do we process your data?

We use the consent management platform Usercentrics to obtain your consent to store cookies on your device and to document this in compliance with data protection regulations. When you visit our website and close the Usercentrics cookie window requesting your consent, the following data is transmitted to the company:

  • Your consent(s) or withdrawal of your consent(s)
  • Your IP address
  • Information about your browser
  • Information about your device
  • The time of your visit to the website

Additionally, Usercentrics stores a cookie in your browser to associate the given consent(s) or withdrawal of consent(s) with your browser. All collected data is stored until the cookies are no longer needed, until you delete the Usercentrics cookie, or until you request the deletion of the data. This does not apply if we are legally required to retain the data.

On What Legal Basis Do We Process Your Data?We are legally required to obtain the consent of our website visitors for the use of certain cookies. To fulfill this obligation, we use Usercentrics. Therefore, the legal basis for data processing is Article 6(1)(c) GDPR.

Server Log FilesServer log files record all requests and accesses to our website and capture error messages. They also include personal data, in particular your IP address. However, this is anonymized by the provider after a short period, so we cannot assign the data to a specific person. The data is automatically transmitted to our provider by your browser.

How do we process your data?

Our provider stores the server log files to be able to trace activities on our website and identify errors. The files contain the following data:

  • Browser type and version
  • Operating system used
  • Referrer URL
  • Hostname of the accessing computer
  • Time of the server request
  • IP address (possibly anonymized)

We do not combine this data with other data; instead, we use it solely for statistical analysis and to improve our website.

On What Legal Basis Do We Process Your Data?

We have a legitimate interest in ensuring that our website operates without errors. It is also in our legitimate interest to obtain an anonymized overview of the accesses to our website. Therefore, the data processing is lawful according to Article 6(1)(f) GDPR.

Contact Form

You can send us a message via the contact form on this website.

How do we process your data?

We store your message and the information provided in the form to process your inquiry, including follow-up questions. This also includes the contact details you provided. We will not share your data with other parties without your consent.

How long do we store your data?

We delete your data as soon as one of the following occurs:

  • Your inquiry has been fully processed.
  • You request the deletion of your data.
  • You withdraw your consent to store the data.

This does not apply if we are legally obligated to retain the data.

On what legal basis do we process your data?

If your inquiry is related to our contractual relationship or serves to carry out pre-contractual measures, we process your data based on Article 6(1)(b) GDPR. In all other cases, it is our legitimate interest to effectively process inquiries directed to us. Therefore, the legal basis for data processing is Article 6(1)(f) GDPR. If you have consented to the storage of your data, Article 6(1)(a) GDPR is the legal basis. In this case, you can withdraw your consent at any time with effect for the future.

Inquiries via Email, Phone, or Fax

You can send us a message via email or fax, or contact us by phone.

How do we process your data?

We store your message as well as any contact information you provide, including the telephone number you submitted, to process your inquiry and any follow-up questions. We will not share your data with other parties without your consent.

How Long Do We Store Your Data?

We delete your data as soon as one of the following occurs:

  • Your inquiry has been fully processed.
  • You request the deletion of your data.
  • You withdraw your consent to store the data.

This does not apply if we are legally obligated to retain the data.

On What Legal Basis Do We Process Your Data?

If your inquiry is related to our contractual relationship or serves to carry out pre-contractual measures, we process your data based on Article 6(1)(b) GDPR. In all other cases, it is our legitimate interest to effectively process inquiries directed to us. Therefore, the legal basis for data processing is Article 6(1)(f) GDPR. If you have consented to the storage of your data, Article 6(1)(a) GDPR is the legal basis. In this case, you can withdraw your consent at any time with effect for the future.

Analysis Tools and Advertising

We use the following tools to analyze the behavior of our website visitors and show them advertisements.

Google Analytics

What is Google Analytics?
A tool for analyzing user behavior by Google Ireland Ltd.

Who processes your data?
Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland

Where can you find more information about data protection at Google Analytics?
https://support.google.com/analytics/answer/6004245?hl=en

On what basis do we transfer your data to the USA?
Based on the standard contractual clauses of the European Commission (https://privacy.google.com/businesses/compliance)

How can you prevent data collection?
Among other things, using a browser plugin: https://tools.google.com/dlpage/gaoptout?hl=en

How do we process your data?

We are constantly striving to optimize our website for our visitors and place advertisements effectively. Google Analytics helps us with this by analyzing user behavior and providing us with the necessary data for adjustments. The tool provides us with information about the source of our visitors, their page views, their time spent on the pages, and the operating system they are using.

Standard Processing

To collect the data, Google Analytics uses cookies, device fingerprinting, or other technologies to recognize users. The data is transmitted to Google servers in the USA and, using the collected IP address, is summarized in a profile that can be assigned to you or your device.

You can prevent Google from processing your data by installing a browser plugin provided by Google: https://tools.google.com/dlpage/gaoptout?hl=en.

IP Anonymization

We have activated the “IP anonymization” feature in Google Analytics. This means that Google truncates your IP address (from the EU or EEA) before transmitting it to the USA. Only in exceptional cases will Google transmit the full IP address to servers in the USA and truncate it there.

How long do we store your data?

Data stored at the user and event level, which is linked to cookies, user identifiers (e.g., user IDs), or advertising IDs, is deleted or anonymized by Google after 26 months, according to Google’s own information (https://support.google.com/analytics/answer/7667196?hl=en).

On What Legal Basis Do We Process Your Data?

As the website operator, we have a legitimate interest in analyzing user behavior to optimize our online offerings and the advertisements placed on the website. Therefore, data processing is lawful under Article 6(1)(f) GDPR. In the event that you, for example, have consented to the storage of cookies or otherwise consented to data processing by Google Analytics, the legal basis is exclusively Article 6(1)(a) GDPR. You can withdraw your consent at any time with effect for the future.

Newsletter and Direct Mail Advertising

Direct Mail Advertising

We send you advertisements via postal mail.

How do we process your data?

We store your name and address and use both for sending advertisements.

How long do we store your data?

We delete your data as soon as one of the following occurs:

  • The purpose of data processing no longer applies.
  • You request the deletion of the data.
  • You withdraw your consent to receive postal advertisements.

This does not apply if we are legally required to retain the data.

On what legal basis do we process your data?

As a company, we have a legitimate interest in sending direct mail advertising. The legal basis for data processing is therefore Article 6(1)(f) GDPR in conjunction with Recital 47. If you have consented to data processing, processing will be based solely on Article 6(1)(a) GDPR. You can withdraw your consent at any time for the future. If more specific regulations apply, we will inform you during data collection. These regulations will take precedence over those mentioned here.

Plugins and Tools

Google Web Fonts (Local Hosting)

We use fonts from the US-based company Google on our website. The fonts are locally installed, so no connection to Google’s servers occurs when you visit our website.

For more information on Google Web Fonts, please visit https://developers.google.com/fonts/faq and Google’s privacy policy: https://policies.google.com/privacy?hl=en.

MyFonts Web Fonts (Local Hosting)

This website uses web fonts from MyFonts to display fonts uniformly. These fonts come from MyFonts Inc, 600 Unicorn Park Drive, Woburn, Massachusetts, 01801 USA, and are loaded directly by your browser when you visit our website. This ensures consistent font presentation on the website. The fonts are locally installed, and no connection to MyFonts servers occurs. The use of these fonts is based on our legitimate interest in ensuring a consistent design for our website (according to Article 6(1)(f) GDPR).

Font Awesome (Local Hosting)

We use icons from the Font Awesome icon library on our website. The library is offered by Fonticons Inc. The icons are locally installed, so no connection to the company’s servers occurs when you visit our website.

For more information about Font Awesome, visit https://fontawesome.com/ and specifically their privacy policy: https://fontawesome.com/privacy.

Audio and Video Conferences

As a company, we are in contact with many people: customers, business partners, service providers, etc. For communication, we use various communication tools, including so-called online conference tools. For data protection-related information about the providers of the tools we use, please refer to the end of this section. When you communicate with us via such a tool, both we and, in particular, the provider of the respective tool process your personal data.

How do we process your data?

Online conference tools capture and store various personal data to enable participation in an online conference and ensure its smooth execution. In addition to registration, conference, and technical data, this also includes certain communication content.

  • Registration Data: Your email address and/or phone number, and possibly other data you provide during the registration for the conference.
  • Conference Data: Start, end, and duration of your participation in the conference, the number of participants, and other metadata related to the conference.
  • Technical Data: IP address, MAC address, device ID, device type, operating system and version, client version, camera type, microphone or speaker, and the type of connection.
  • Communication Content: Cloud recordings, chat/instant messages, voicemails, uploaded photos and videos, files, whiteboards, and other information shared during the use of the service.

For further details on data processing, please refer to the privacy policies of the respective conference tool providers.

How long do we store your data?

As your communication partner, we delete your data from our systems as soon as one of the following occurs:

  • The purpose of data processing no longer applies.
  • You request the deletion of the data.
  • You withdraw your consent to store the data.

This does not apply if we are legally obligated to retain the data.

Cookies remain on your device until you delete them.

The providers of the conference tools also store your data for their own purposes. For information about the duration of storage, please contact the providers directly.

On what legal basis do we process your data?

If we are already contractually bound or you wish to enter into a contract with us, we use conference tools to fulfill the contract or to inform you about our services or products. Data processing is based on Article 6(1)(b) GDPR. Otherwise, the use of conference tools serves simple and fast communication, without which we could not efficiently manage our business. We therefore also have a legitimate interest in data processing according to Article 6(1)(f) GDPR. Another legal basis could be your consent. In this case, Article 6(1)(a) GDPR applies. This basis is no longer valid for the future if you withdraw your consent.

Which Online Conference Tools Do We Use?

Microsoft Teams

What is Microsoft Teams?
A communication platform for collaboration in teams.

Who processes your data?
Microsoft Corp., One Microsoft Way, Redmond, WA 98052-6399, USA

Where can you find more information about data protection at Microsoft Teams?
https://privacy.microsoft.com/en-us/privacystatement

On what basis do we transfer your data to the USA?
Microsoft adheres to the standard contractual clauses of the European Commission (https://docs.microsoft.com/en-us/compliance/regulatory/gdpr)

Handling of Applicant Data

If you wish to work with us, we are happy to receive your application. All personal data submitted will be treated with strict confidentiality. This also applies to any data we may collect later during the application process.

How do we process your data?

All data collected during the application process will be stored and used to assess the potential establishment of an employment relationship. This includes contact and communication data as well as application documents, such as notes made during interviews. Your data will only be shared within our company with individuals involved in the processing of your application.

If your application is successful, we will store the data necessary for the employment relationship in our data processing systems.

If we currently cannot offer you a suitable position, we will, with your consent, add your data to our applicant pool. This way, we can contact you if a suitable position becomes available.

How long do we store your data?

If we cannot offer you a position, you decline an offer, or you withdraw your application, we reserve the right to retain your documents and other application data for up to 6 months after the end of the application process. The reason is that we may need the data for evidential purposes in case of a legal dispute. After this period, we will delete the data and destroy the documents. If a legal dispute is imminent or already pending, we will delete the data and documents as soon as they are no longer needed for evidential purposes.

Data in the applicant pool will be deleted no later than 2 years after the consent is given. If you withdraw your consent before this period expires, we will delete your data earlier.

The deletion of your data is always subject to the condition that we are not legally obligated to retain it for a longer period.

On what legal basis do we process your data?

We process your applicant data based on Section 26 of the Federal Data Protection Act (BDSG-new) (initiation of an employment relationship) and Article 6(1)(b) GDPR (general contract initiation).

The same applies if your application is successful.

If we cannot offer you a position, you decline an offer, or you withdraw your application, we have a legitimate interest in retaining your data for evidential purposes in a potential legal dispute. Therefore, the data processing is based on Article 6(1)(f) GDPR.

If you have explicitly consented to the storage of your data, we process your data based on Article 6(1)(a) GDPR. You can withdraw your consent at any time with effect for the future.

This GDPR-compliant privacy policy was created with the intelligent privacy generator of PRIVE Datenschutz-Software.