Data Privacy Police
Thank you for visiting our website and for your interest in our company. For optimed, data privacy is a customer-oriented benchmark of quality. Protection of your personal data and personality rights is very important to us.
In general, use of our website is possible without the requirement to enter personal data. However, if you wish to use services of our company via our website, processing your personal data may be necessary.
The data automatically collected when you visit our website or entered by you when you use our services are processed in accordance with the current laws governing protection of personal data. In cases where processing of your personal data is necessary but no lawful basis applies to processing, we always request your consent to processing as necessary for the purpose.
As a company responsible for data processing, we have established technical and organizational measures to protect your personal data to the highest degree possible. However, please note that data transfer using the World Wide Web may always involve security risks as a matter of general principle.
If you wish to use services of our company but do not wish to transfer your personal data via World Wide Web, you may use the option of telephone contact.
1. Contact details of the data processing officer
Responsibility under the General Data Protection Regulation is held by:
Company: Creamedix GmbH
Königsberger Straße 2, 76356 Weingarten (Baden)
Tel.: +49(0)7244 - 60 82 65
2. Collecting general access information
Every time you access our website, we collect server log file information automatically transferred to us by your browser.
This information comprises:
1. IP (Internet Protocol) address of the computer accessing the website
2. The website from which you are visiting us (referrer)
3. Our website that you are visiting
4. The date and duration of your visit
5. Your browser type and browser settings
6. Your operating system
Please note that these data cannot be personally connected with any specific individual. We use these technical access data exclusively for the following purposes:
1. To increase the attractiveness and user-friendliness of our websites,
2. To identify technical problems on our website at an early stage,
3. To ensure the content of our website is correctly displayed,
4. and to provide prosecuting authorities with the necessary information for prosecution in the event of a cyberattack. As a technical precaution, the data are stored for a maximum of 7 days to protect our data processing systems against unauthorized access.
3. Collection and sharing of personal data
We use your personal data exclusively for the purposes listed on this data privacy information page. Our website contains the following input forms for collecting personal data:
3.1. Contact by email or the contact form
Our website offers the option of contacting us by email and/or a contact form. If you contact us by email or use a contact form to do so, the personal details you enter are automatically stored.
Voluntarily submitted personal data of this kind are stored for the purpose of processing your enquiry, sending information material or contacting you. These personal data are not transferred to third parties.
4. Cookie guidelines
44.1. What are cookies?
Cookies are small text files created by a website when you visit it. They save information that is useful for further navigation on the website. Your information is saved even after you move to a different page, enabling the way you use the website to be analysed. By visiting our website, you agree to the use and storage of cookies on your device. You can also visit our website without cookies. However, we recommend you activate cookies when visiting our site, as you may otherwise miss out on much useful information. Most browsers accept cookies automatically.
4.2. What are cookies used for?
Our webpages use “cookies” at various points. Cookies serve to make our website more user-friendly, more effective and more secure. Cookies are small text files that are created on your computer and stored by your browser. Most of the cookies we use are “session cookies”, which are automatically deleted after your visit. Cookies do not harm your device and do not contain viruses.
4.3. Managing cookies
You have the option of configuring your browser manually to manage and, if desired, prevent acceptance of cookies yourself.
Please note that changes to settings only apply to the individual browser in use at the time. If you use various browsers or change your device, you must repeat the changes to your browser settings. In addition, you can delete cookies from your storage medium at any time. For information on cookie settings, how to change them and how to delete cookies, consult the support function of your Web browser.
The following links explain the setting options for the most popular browsers:
4.4. Explanations of the commonest types of cookies for your information:
4.4.1. Session cookies
When you are active on a website, a session cookie containing a session ID is temporarily stored on your computer. This allows you to move to different webpages without needing to repeat the login procedure. Session cookies are automatically deleted when you log out and become invalid if your visit automatically times out.
4.4.2. Permanent or protocol cookies
A permanent or protocol cookie stores a file on your computer for the duration defined by the file‘s expiration date These cookies enable websites to remember your information and settings the next time you visit them. This speeds up your access and improves convenience; for example, you do not need to adjust your language settings for our portal every time. The cookie is automatically deleted once its expiration date is reached when you visit the website that generated the cookie.
4.4.3. Third Party Cookies
Third party cookies originate from a provider who is not the operator of the website.
They can be used to collect information for the purposes of advertising, user-defined content and web statistics.
5. Use of tracking and analysis tools
This website uses Google Analytics, a web analysis service by Google Inc. („Google“). Google Analytics uses „cookies“, text files that are saved on your computer and allow your use of the website to be analysed. The information about your visit collected by the cookie is generally transferred to a Google server in the USA and saved there. If this website has activated IP anonymization, Google first abbreviates your IP address within member states of the European Union or in other signatory states of the Agreement on the European Economic Area. The full IP address will only be transferred to a Google server in the USA and abbreviated there in exceptional cases. Google will use the information collected on behalf of the website operator to evaluate your use of the website, to compile reports about your activities within this site and to provide further services for the website operator related to use of the website and Internet use. Google will under no circumstances associate the IP address transmitted by your browser within the operations of Google Analytics with other Google data.
You can prevent cookies from being installed by entering the corresponding settings in your browser software. However, please note that in this case you may not be able to use the complete range of functions of this website to their full extent. You can also prevent Google from recording and processing the data related to your website visit (including your IP address) generated by the cookies by downloading and installing the browser plugin from the following link: tools. google.com/dlpage/gaoptout?hl=dePlease note that on this website Google Analytics has been extended by the code “gat._anonymizeIp();“ to ensure all IP address evaluation is anonymized (IP masking).“
6. Deletion, blocking and duration of storage of personal data
We only process and store your personal data for the period necessary for fulfilment of the purpose of storage or for compliance with the various retention periods required by law. If the purpose of storage no longer applies or after expiry of a statutory retention period, your personal data are automatically blocked or deleted as a matter of routine and in accordance with statutory regulations.
7. Data protection rights of data subjects
If you have questions concerning your personal data, you may contact us at any time. Under the GDPR, you have the following rights:
7.1 Right to information (subsection Art. 15 GDPR)
You have the right to request information at any time about what categories and information concerning your personal data are processed by us, for what purposes, how long and under what criteria the data are stored, and whether automated decision-making including profiling is applied in this context. In addition, you have the right to be informed of the recipients or categories of recipients to which your data have been or will be disclosed; this applies particularly where recipients in third countries or international organizations are involved. In this case you also have the right to be informed of appropriate guarantees concerning the transfer of your personal data.
In addition to your right to lodge a complaint with the responsible supervisory authority and your right of information concerning the concerning the origins of your data, you have the right to erasure and correction of your personal data as well as restriction of, and objection to, processing of your data.
In all the above-named cases, you have the right to request a free copy of your personal data processed by us from the data controller. We are entitled to charge an appropriate administration fee for all other copies you request or which extend beyond the data subject’s right to information.
7.2 Right to correction (Art. 16 GDPR)
You have the right to immediate rectification of any inaccurate
personal data and, taking into account the purposes of processing, to have any incomplete personal data completed, including by means of a supplementary statement. To exercise this right, you may contact our Data Protection Officer or data controller at any time.
7.3 Right to erasure (Art. 17 GDPR)
You have the right to require the erasure of your personal data (“right to be forgotten”) without undue delay, particularly where storage of the personal data is no longer necessary; where you withdraw your consent to processing your data; where your data have been processed or collected without lawful basis; and where there is a legal obligation to erase the data under EU or national law.
However, the right to be forgotten does not apply in cases where processing the data is necessary for exercising the right of freedom of expression and information; where storing the data is required for compliance with a legal obligation (e.g. retention obligation); where erasure is prevented for archiving purposes; or where storage of the data serves the establishment, exercise or defence of legal claims.
7.4 Right to restriction of processing (Art. 18 GDPR)
You have the right to require restriction of processing of your data from the data controller in cases where you contest the accuracy of your data; where processing is unlawful; where you oppose erasure of your personal data and request restriction of their use instead; where the personal data are no longer needed for the purpose of processing; or where you have objected to processing pursuant to Article 21 (1) pending verification of whether the legitimate grounds of the controller override your grounds.
7.5 Right to data portability (Art. 20 GDPR)
You have the right to receive the personal data which you have provided to our company in a commonly used format to enable you to transmit those data to another controller without hindrance (data portability), provided you have given consent and processing is performed by automated means.
7.6 Right to object (Art. 21 GDPR)
You have the right to object to the collection, processing or use of your personal data for purposes of direct marketing or market research and for general business data processing purposes, unless we can provide evidence of compelling legitimate grounds for processing your data which override your interests, rights and freedoms.
In addition, you may not exercise your right to object if collection, processing or use of the data is intended or required by a provision of a law.
7.7 Right to lodge a complaint with a supervisory authority (Art. 77 GDPR in conjunction with Section 19 BDSG)
You have the right to lodge a complaint with the responsible supervisory authority if you consider that the processing of your personal data infringes this Regulation.
7.8 Right to withdraw consent to processing of personal data (Art. 7 (3) GDPR)
You may withdraw your consent to processing your personal data at any time without specifying reasons. This also applies to withdrawal of statements of consent granted to us prior to the effective date of the EU General Data Protection Regulation.
8. Lawful basis of data processing
The lawful basis for our processing of personal data for which we obtain consent from the data subject is provided by Art. 6 (1) lit. a of the General Data Protection Regulation. The lawful basis for our processing of personal data which are required for the fulfilment of a contract and where the data subject is the contractual party is set forth in Art. 6 (1) lit. b of the General Data Protection Regulation. This provision also includes processing which is required for the fulfilment of pre-contractual measures. Where processing of personal data is required for the fulfilment of a legal obligation of our company, the lawful basis is provided by Art. 6 (1) lit. c GDPR.
Where processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party and such interests override the interests or fundamental rights and freedoms of the data subject, the lawful basis is provided by Art. 6 (1) lit. f GDPR. Justified interests of our company comprise performance of our business activities and analysis, optimization and maintenance of the security of our website.
9. Transfer of data to third parties.
We only transfer data where there is a legal obligation to do so, for example where state institutions (e.g. prosecuting authorities) submit written requests for information or where a court order is in place.
Personal data is not transferred to third countries, i.e. countries outside the EU/EEA.
10. Statutory or contractual regulations concerning provision of personal data and potential consequences of non-provision
We hereby advise that provision of personal data is required by law in specific cases (e.g. tax regulations) or may arise from a contractual regulation (e.g. provision of information about / by contractual party). For example, for due conclusion of a contract the data subject / contractual party may be required to provide personal data to allow us to process his/her request (e.g. order). An obligation to provide personal data primarily occurs in contract signings. If no personal data are provided in this case, the contract cannot be concluded with the contractual party. Prior to providing personal data, the data subject can contact our Data Protection Officer or data controller. The Data Protection Officer or data controller will then inform the data subject whether provision of the requested personal data is required by law or by the terms of the contract or is necessary for conclusion of the contract; whether the concern of the data subject constitutes an obligation to provide personal details; and whether non-provision of the requested personal data incurs consequences for the data subject, giving details of said consequences.
11. Use of automated decision-making
As a responsible company, we do not apply automated decision-making or profiling in our business relations.
Creamedix GmbH, Weingarten, May 2018