Language

OT medical - Innovative Präzision made in Germany

Data protection instructions in accordance with the EU General Data Protection Regulation (GDPR)

Area of coverage
Below is an overview of the processing of personal data through the company and the associated rights from the data protection law. Herewith you will find information regarding the nature, scope and purpose of the collection and use of data.

1. Responsibility for data processing
OT medical GmbH
Consul-Smidt-Straße 8b
28217 Bremen
Telephone: 0421 5571610
Fax: 0421 55716195
E-mail address: info@ot-medical.de

Privacy

2. Data and data sources
We process personal data that we receive in the course of our business from our customers or potential customers, suppliers, applicants and third parties. In addition, we process personal data that we legitimately receive from other companies or other third parties. This data is required for the processing of orders, the execution of contracts or for the sending of offers and information about our products and services by mail.

Relevant personal data (master data) are:
- First and Last Name
- Title, academic degree
- Address
- Other contact information such as phone, email address, date of birth, gender, profession
- Names of employees, insofar as they are entrusted with the order processing or processing of our products

3. Collecting of general information on our website
- With each access, information is automatically collected by us or the web space provider. This information, also known as server log files, is general in nature and does not allow any conclusions to be drawn. Included are: name of the website, file, date, amount of data, web browser and web browser version, operating system, the domain name of your Internet provider, the so-called Referrer URL (the page from which you accessed our site) and the IP address.

Without this data, it would not be technically possible to deliver and display the contents of the website. In this respect, the collection of data is imperative. In addition, we use the anonymous information for statistical purposes. They help us to optimize the offer and the technology. In addition, we reserve the right to subsequently inspect the log files in case of suspected illegal use of our site. - If you contact the company via the online form or by e-mail, we will save the information you have provided in order to answer your request and to ask possible follow-up questions. - Our website uses so-called cookies. These are text files that are stored on the computer from the server. They contain information about the browser, the IP address, the operating system and the Internet connection. We do not disclose this information to third parties or link it to personal data without their consent.

Cookies fulfill two main tasks. They help us to facilitate the navigation through our offer and enable the correct presentation of the website. They are not used to inject viruses or launch programs. Users have the opportunity to access our site without cookies. For this purpose, the corresponding settings must be changed in the browser. Please refer to the help function of the browser function, how cookies are deactivated. However, please be aware that this may interfere with some features of this website and reduce its ease of use. The http://www.aboutads.info/choices/ (US) and http://www.youronlinechoices.com/uk/your-ad-choices/ (Europe) sites allow you to manage online ad cookies 4. Purpose of the data processing
We process the personal data mentioned under 2. in accordance with the DSGV.

4.1 For the fulfillment of contractual obligations (Article 6 (1b) DSGV)
The processing of personal data takes place in order to fulfill orders and inquiries, orders placed by us and other business correspondence.

4.2 In the context of the balance of interests (Article 6 (1f) GDPR)
If necessary, we process the personal data beyond the actual fulfillment of the contract for the protection of legitimate interests of us or third parties.
- Data exchange with credit bureaus
- Advertising (eg form letters to agencies)
- Ensure IT security
- processing in the context of the accounts

4.3 On the basis of consent (Article 6 (1a) GDPR)
As far as we have the consent, personal data can be passed on for specific purposes (course planning, exchange of interests among customers, ...)

4.4 Due to legal regulations (Article 6 paragraph 1 c DSGVO) or in the public interest (Article 6 paragraph 1e GDPR)
As a manufacturer of medical devices, we are subject to various legal obligations and legal requirements. This concerns the obligation to report according to §3 of the MPSV as well as the inspection of the documentation of the QMS by auditors, notified bodies or competent authorities.

5. Data transfer
Internally, those entities have access to personal information they need to fulfill their contractual obligations and obligations. Service providers and vicarious agents, which are used by us, can receive data for this purpose, after they have submitted to a confidentiality agreement or are have a legal obligation of secrecy. Personal data will be passed on to the shipping company responsible for the delivery of the contract. Payment details are forwarded to the responsible credit institution as part of the payment process, if this is necessary for the payment process.

6. Data transfer to a third country
Data transfer to countries outside the EU only takes place in accordance with an incident or recall of medical devices according to the provisions of the MPSV (Medizinische Sicherheitsplanverordnung), to the provisions of the FDA, 21 CFR 803, Medical Device Reporting and the Canadian Medical Device Regulatioins SOR/98-282, sections 59 – 65, Mandatory Problem Reporting and Recall.

7. How long do we save the data?
Personal data is stored for as long as required by the contractual obligation or as required by legal obligations. As a rule, the business relationship with our customers is permanent and therefore spans several years.

If data is no longer required for the fulfillment of contractual or legal obligations, it will be deleted. Legal obligations under commercial and tax retention periods, Council Directive 93/42 / EEC on medical devices and the MPSV must be observed.

8. Privacy Rights
Each data subject has the right to information under Article 15 GDPR, the right to a correction under Article 16 GDPR, the right to cancellation under Article 17 GDPR, the right to restriction of processing under Article 18 GDPR, the right to object from Article 21 DSGVO and the right of transferability under Article 20 GDPR. With regard to the right to information and the right to erase, restrictions under § 34 and §35 BDSG apply. In addition, there is a right of appeal to a data protection supervisory authority pursuant to Article 77 DSGVO i. V. m. §19 BDSG.

9. Duty to provide data
The personal data required for entering into and carrying out a business relationship as well as for compliance with legal requirements must be provided. In particular, the fulfillment of legal regulations (i.e. traceability of a medical device) is binding.

10. Automated decision-making (including profiling)
As a matter of principle, we do not use fully automated decision-making in accordance with the principles of our business relationship. Article 22 GDPR. Profiling is only used if we want to inform a particular occupational group (dentists, dental technicians) about new products or training opportunities.

11. Change of our privacy policy
In order to ensure that our privacy policy always complies with current legal requirements, we reserve the right to make changes at any time. This also applies in the event that the privacy policy has to be adapted due to new or revised services, for example new services. The new privacy policy replaces the previous one.

Information on the right of objection under Article 21 GDPR

1. Case-specific right of objection
For special personal reasons, the processing of personal data pursuant to Article 6 (1e) of the GDPR (Data Processing in the Public Interest) and Article 6 (1) of the GDPR (data processing based on a balance of interests) may be objected to at any time. This also applies to profiling i based on this determination. P.D. Article 4 (4) GDPR. We will no longer process your personal data following opposition filed, unless we can demonstrate compelling legitimate grounds for processing that outweigh the opponent's rights, or the processing is for the purpose of soliciting, exercising or defending legal claims.

2. Right to object to the processing of data for advertising purposes
To a lesser extent, we process personal data for direct mail (i.e. newsletters). Against this processing can be contradicted at any time. This also applies to advertising related to profiling. Once a contradiction has been filed, we will no longer use the personal data for these purposes. The objection can be made form-free, by phone call (Tel. 0421 55716150), Email: info@ot-medical.de, but also by letter or personally to an employee



Data Protection Instructions as of 25th May 2018