Privacy policy

Dear visitor of our web site,

we are pleased about your visit to our website. In the following, we would like to inform you about how your data is handled per Article 13 of the General Data Protection Regulation (GDPR).

1. Privacy Policy

Controller

The person responsible for the following data collection and processing is the person named in the Imprint section of this website. 

Usage Data

When you visit our websites, usage data is temporarily stored as a logfile on our web server for statistical purposes and to improve the quality of our websites. This data consists of:

  • The page from which the file was requested
  • The name of the file
  • The date and time of the data request
  • The amount of data transmitted
  • The access status (file transfer, file not found etc.)
  • The name of the browser used
  • The IP address of the requesting computer, which is shortened so that it can’t be linked to an individual person 

The log data is stored exclusively in anonymised form.

2. Data Security

In order to protect your data from unwanted access as securely as possible, we take various technical and organisational measures. We use encryption on our websites. Your information is transferred from your computer to our server and vice versa via the internet using TLS encryption. You can recognise this by the fact that the lock symbol in the status bar of your browser is closed and the address bar begins with https:// .

3. Data Transfer to Third Parties

Per Article 28 of GDPR, we transfer your data for data processing by service providers who support us in the operation of our websites (e.g. website, hosting, tracking and newsletter service providers) and the associated processes. Our service providers are strictly bound by instructions we subject them to contractual obligations.

Transmission of Data to Third Countries

We sometimes transfer personal data to a third country outside the EU. In each case, we have taken care to ensure an appropriate level of data protection: 

In the cases of Google Analytics, Google+ and YouTube (USA), an appropriate level of data protection is ensured by the Privacy Shield Agreement (Article 45 (1) of GDPR): https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

In the case of Cloudflare (USA), an appropriate level of data protection is ensured by the Privacy Shield Agreement (Article 45 (1) of GDPR): https://www.privacyshield.gov/participant?id=a2zt0000000GnZKAA0&status=Active 

In the case of salesforce (USA), an appropriate level of data protection is ensured by the Privacy Shield Agreement (Article 45 (1) of GDPR): https://www.privacyshield.gov/participant?id=a2zt0000000KzLyAAK&status=Active

In the case of LinkedIn (USA), an appropriate level of data protection is ensured by the Privacy Shield Agreement (Article 45 (1) of GDPR): https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active  

In the case of Twitter (USA), an appropriate level of data protection is ensured by the Privacy Shield Agreement (Article 45 (1) of GDPR): https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active 

In the case of Facebook (USA), an appropriate level of data protection is ensured by the Privacy Shield Agreement (Article 45 (1) of GDPR): https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active  

We will forward your enquiry to our subsidiaries and sales companies within and outside the EU if further processing in one of these locations is necessary.

4. Hosting

We use hosting services as follows: Infrastructure and platform services, data processing power, storage space and database services, security services and technical maintenance services which we use for the purpose of operating this website.

We and/or our hosting provider process inventory data, contact data, content data, contract data, usage data, metadata and communication data relating to customers, interested parties and visitors to this website on the basis of our legitimate interests in the efficient and secure provision of this website in accordance with Article 6 (1)(f) of GDPR and Article 28 of GDPR (concluding data processing contracts).

5. Cloudflare’s Content Delivery Network

We use a Content Delivery Network (CDN) offered by Cloudflare, Inc., 101 Townsend St, San Francisco, CA 94107, USA. Cloudflare is certified under the Privacy Shield Agreement and thus offers a guarantee of compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000GnZKAA0&status=Active).

A CDN is a service which helps deliver website content, especially large media files such as graphics or scripts, more quickly. It does this with the help of regionally distributed servers connected via the internet. The processing of user data is carried out solely for the aforementioned purposes and to maintain the security and functionality of the CDN.

Our use of this service is based on our legitimate interests, i.e. interest in secure and efficient provision, analysis and optimisation of our website per Article 6 (1)(f) of GDPR.

For more information, please see Cloudflare’s privacy policy: https://www.cloudflare.com/security-policy.

    6. Cookies

    We use cookies on our websites. Cookies are small text files that can be stored and read on your device. A distinction is made between session cookies, which are deleted as soon as you close your browser, and permanent cookies, which are stored beyond an individual session. Cookies can contain data that makes it possible to recognise the device used. In some cases, however, cookies only contain information on certain settings that cannot be related to an individual person. 

    We use session cookies and permanent cookies on our websites. This data processing is based on Article 6 (1)(f) of GDPR and is done to make our website more user-friendly, effective and secure. 

    The following data and information are stored in the cookies:

    • Login information
    • Language settings
    • Search terms which have been entered
    • Information about the number of visits to our website and the use of individual website features

    You can set your browser so that it tells you when cookies are saved. This makes it clear to you how cookies are being used. You can also delete cookies at any time via your browser settings, and you can block the setting of new cookies. Please note that our web pages may then not be optimally displayed and some technical features may no longer be available.

    7. Tracking Tools

    Google Analytics

    In order to design our website according to user needs, we create pseudonymous user profiles with the help of Google Analytics. Google Analytics uses cookies which are stored on your device and which can be read by us. With this service, we can recognise and count returning visitors. Data processing is based on Article 6 (1)(f) of GDPR and Article 15 (3) of the German Teleservices Act. It is used in the interest of finding out how often our websites have been accessed by different users.

    The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA, where the cookie is then stored. However, because we have enabled IP anonymisation on this website, Google will truncate your IP address within European Union Member States before it is sent to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA (where there is an adequate level of data protection per Article 45 (1) of GDPR due to Google’s participation in the Privacy Shield) and shortened there. We have also concluded a contract with Google Inc. (USA) for data processing in accordance with Article 28 of GDPR. Google will therefore use all information strictly and only for the purpose of evaluating your use of our website and compiling reports on website activity.

    1. You may prevent cookies being stored by setting your browser software accordingly; however, we would like to point out to you that if you do this, you may not be able to use all functions of this website in their entirety.
    2. Furthermore, you can prevent the website usage data generated by the cookie (including your IP address) from being recorded by Google, and thus also the processing of such data by Google, by downloading and installing the browser plug-in available at the following link.
    3. You can also prevent Google Analytics from gathering your data by clicking on the following link. An opt-out cookie will be stored. This will permanently prevent the future collection of your data when you visit this website. Click here to prevent to the processing of your data by Google Analytics.

    Google Tag Manager

    Google Tag Manager is a service we use for managing website tags via an interface (and thus to integrate Google Analytics and other Google marketing services into our website). Tag Manager itself (which sets the tags) does not process any personal data. See the following information on Google services to find out more on processing of personal data. Terms of use: https://www.google.com/intl/de/tagmanager/use-policy.html.

    WiredMinds User Tracking

    Products and services from wiredminds (www.wiredminds.de) are used on this website for marketing and optimisation purposes. With these products and services, data is collected, processed and stored, and usage profiles are then created under a pseudonym. Where possible and useful, these usage profiles are completely anonymised. Cookies can be used for this purpose. Cookies are small text files that are stored in the visitor’s internet browser and serve to recognise the internet browser for future visits. The collected data, which may also contain personal data, will be transmitted to wiredminds or collected directly by wiredminds. wiredminds may use information created by visits to the websites to create anonymised usage profiles. Without the separate consent of the data subject, the data obtained will not be used to personally identify the visitor of this website and they will not be merged with personal data about the bearer of the pseudonym. If IP addresses are collected, they will be anonymised immediately after collection via deletion of the last number block. The collection, processing and storage of data may be objected to at any time with effect for the future.

    Siteimprove Analytics

    This website uses Siteimprove Analytics, a web analysis service from Siteimprove GmbH. Siteimprove Analytics uses cookies, i.e. text files that are stored on your computer and which allow analysis of how you use the website. The information generated by the cookies about your use of this website (including the user’s encrypted IP address) is transmitted to a Siteimprove server in Denmark and stored there. Siteimprove uses the information to evaluate the use of the website and to compile reports on website activity for the website operators. Siteimprove will not transfer this information to third parties. IP addresses are irreversibly anonymised before collected data can be viewed via Siteimprove Analytics. To block cookies, users can change their browser settings. In this case, however, not all features of this website can be used to their full extent. By using this website, you consent to the processing of data about you by Siteimprove in the manner and for the purposes set out above. You can prevent Siteimprove Analytics from gathering your data by clicking on the following link. An opt-out cookie will be stored. This will prevent the future collection of your data when you visit this website.

    Hotjar

    This website uses Hotjar, an analysis software from Hotjar Ltd (“Hotjar”) (http://www.hotjar.com, 3 Lyons Range, 20 Bisazza Street, Sliema SLM 1640, Malta, Europe). With Hotjar, it is possible to measure and evaluate usage behaviour (clicks, mouse movements, scroll heights, etc.) on our website. The information generated by the tracking code and cookie about your visit to our website is transmitted to and stored on Hotjar servers in Ireland. The tracking code collects the following information:

    Device-dependent data 

    The following information can be recorded via your device and browser:

    • The IP address of your device (collected and stored in an anonymous format)
    • Your email address and your first and last name, if you have provided this information to us via our website
    • Screen size of your device, device type and browser information
    • Geographical location (country only)
    • The preferred display language for our website

    Log Data 

    The following data is automatically generated by our servers when Hotjar is used:

    • Related domain
    • Pages visited
    • Geographical location (country only)
    • The preferred display language for our website
    • Date and time when the website was accessed

    Hotjar will use this information to evaluate your use of our website, to compile reports on use, and to provide other services relating to website use and internet evaluation of the website. Hotjar also uses third-party services such as Google Analytics and Optimizely to provide services. These third-party companies may store information that your browser sends when you visit the website, such as cookies or IP requests. For more information on how Google Analytics and Optimizely store and use data, please refer to their privacy policies.

    If you continue to use this website, you consent to the processing of your personal data by Hotjar and its third parties as described above in their privacy policies. The cookies that Hotjar uses have have varying lifetimes; some last up to 365 days, some only last until the end of the current visit. 

    You can prevent Hotjar from collecting data by clicking on the following link and following its instructions: https://www.hotjar.com/opt-out.

    8. Users’ Rights

    Your rights as a user

    When processing your personal data, GDPR grants you as a website user certain rights:

    1. Right to receive information (Article 15 of GDPR):
      You have the right at any time to request from us confirmation of whether we process your personal data; and if we do, you have the right to receive information about said personal data and the information specified in Article 15 of GDPR. 
    2. The right to rectification and deletions (Articles 16 and 17 of GDPR):
      You have the right to request the rectification without delay of incorrect personal data concerning you and, where appropriate, the completion of incomplete personal data.
      You also have the right to demand that personal data relating to you be deleted immediately if one of the reasons specified in Article 17 of GDPR applies, e.g. if the data is no longer required for the purposes being pursued. 
    3. Right to restriction of processing (Article 18 of GDPR):
      You have the right to demand the restriction of data processing if one of the conditions listed in Article 18 of GDPR is met, e.g. if you have lodged an objection against the processing for the duration of any examination. 
    4. Right to data portability (Article 20 of GDPR):
      In certain cases, which are listed in detail in Article 20 of GDPR, you have the right to receive the personal data concerning you in a structured, common and machine-readable format or to request the transfer of this data to a third party.  
    5. Right of objection (Article 21 of GDPR):
      If data is collected on the basis of Article 6 (1)(f) (processing for the purposes of legitimate interests), you have the right to object to such processing at any time for reasons arising from your particular situation. We will no longer process the personal data regarding you unless we there are compelling and demonstrably legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.
    6. Right to complain to a supervisory authority:
      Per Article 77 of GDPR, you have the right to lodge a complaint with a supervisory authority if you are of the opinion that the processing of the data concerning you violates data protection provisions. The right of appeal can be exercised before a supervisory authority in the Member State in which you live, at your place of work or at the place where the alleged infringement was committed.

    9. The data protection officer’s contact information

    Our company’s data protection officer will be happy to provide you with information or suggestions on the subject of data protection: privacy@aerzen.com

    10. Further privacy policy content

    10.1. Contact Form

    You can contact us via a web form. To use our contact form, we need your name, company name, postal address and email address. You can provide further information, but you do not have to. The user data may be stored in a customer relationship management system (CRM system) or comparable inquiry organisation system.

    The legal basis for the processing is Article 6 (1)(f) of GDPR. Your data will only be processed to answer your enquiry and deleted after the processing purpose has ceased to apply. This data is not passed on to third parties.

    10.2. Salesforce CRM system

    We use the CRM system provided by salesforce.com Germany GmbH, Erika-Mann-Str. 31, 80636 Munich, Germany to process user queries more quickly and efficiently (legitimate interest per Article 6 (1)(f) of GDPR).

    salesforce is certified under the Privacy Shield Agreement and thus offers an additional guarantee of compliance with European data protection law, to the extent that data is processed in the US (https://www.privacyshield.gov/participant?id=a2zt0000000KzLyAAK&status=Active)

    salesforce uses user data only for processing inquiries and does not pass it on to third parties. To use salesforce, you must provide at least a correct email address. You can use a pseudonym for this. In the course of processing service requests, it may be necessary to collect further data (name, address).

    If users do not consent to the collection and storage of data by salesforce’s external system, we will provide them with alternative contact options for submitting service requests by email, telephone, fax, or mail.

    For more information, users can consult salesforce’s privacy policy: https://www.salesforce.com/de/company/privacy/.

    10.3. CustomerNet Restricted Area

    If you would like to use our CustomerNet special customer service, you must first register. Data that you transmit to us for registration will only be used to the extent necessary for CostumerNet. You can change or delete your profile at any time within your account. The data will then be automatically removed from our system.

    10.4. Social Media Plugins

    On our website you will also find social media plug-ins. These are social network features you can use to share the content of our website with your friends in social networks or recommend this content to others. The responsibility for data-protection-compliant operation is to be guaranteed by the respective providers. For these plugins, we use the two-click method to protect visitors to our website in the best possible way. We currently use social plug-ins from the following providers:

    LinkedIn

    Our website uses features of the LinkedIn network. The oeprator is LinkedIn Corporation, 2029 Stierlin Court Mountain View, CA 94043, USA. Each time you access one of our pages that contains LinkedIn features, a connection is established to LinkedIn servers. LinkedIn will be informed that you have visited our website with your IP address. If you click the LinkedIn Recommend button and are logged into your LinkedIn account, LinkedIn will be able to associate your visit to our website with you and your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by LinkedIn. You can find more information about this in LinkedIn’s privacy policy: https://www.linkedin.com/legal/privacy-policy. Opt-Out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out. Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active

    Twitter

    Our website uses features from Twitter, Inc., 1355 Market St, Suite 900, San Francisco, CA 94103, USA. When you access our website with Twitter plug-ins, a connection is established between your browser and the Twitter servers. Data is transferred to Twitter at this point. If you have a Twitter account, this data can be linked to it. If you do not want this data to be associated with your Twitter account, please log out of Twitter before visiting our site. Interactions, especially clicking a retweet button, are also forwarded to Twitter. You can find more information about this in Twitter’s privacy policy: https://twitter.com/privacy. Opt-Out: https://twitter.com/personalization. Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active.

    YouTube

    Our website uses features from Youtube.de/Youtube.com, which – represented by Google Inc. – is operated by Youtube, LLC, Cherry Ave., USA. If you visit our website and the page you visit has one of these plugins, a connection to Youtube’s servers is established and the plugin is displayed on the webpage by notification to your browser. Information about the site you visited is then transmitted to the Youtube server. If you are logged in to Youtube, Youtube assigns this information to your personal user account on these platforms. When using these plugins, e.g. the click/start buttons for a video or leaving a comment, this information is assigned to your Youtube user account. You can only prevent this by logging out before using the plugin. You can find more information about this in YouTube’s privacy policy: https://www.google.com/policies/privacy/. Opt-Out: https://adssettings.google.com/authenticated.

    Xing

    Our website uses features provided by XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany. If you click the XING Social Share button from XING, you will be redirected to your XING account in a separate browser window – provided you are logged into your XING user account – and you can share the electronic publication stored on our website and add a comment. The plug-in establishes a direct connection between your browser and the XING server. XING receives the information that you have visited our website with your IP address. We would like to point out that we have no knowledge of the content of the transmitted (personal) data or its use by XING. For more information, please refer to XING's Privacy Policy: https://privacy.xing.com/en

    Facebook

    Our website uses features provided by Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA. When you click a Facebook Social Share button, Facebook automatically assigns your IP address to your user account and allows you to link to our Facebook website on your profile. This process can only take place if you are logged into Facebook at the same time. Unfortunately, we have no knowledge about the use and nature of the data collected. If you do not want Facebook to associate the data gathered via your visit to our website with your Facebook account, you must log out of Facebook before you visit our website. The purpose and scope of the data collection and the further processing and use of the data by Facebook, as well as your related rights and settings options for the protection of your privacy, can be found in Facebook’s privacy policy: www.facebook.com/policy.php

    Google +1

    Out website uses social media features provided by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. When you access our pages and they feature Google plug-ins, a connection is established between your browser and the Google servers. Data is transferred to Google at this point. If you have a Google account, this data can be linked to it. If you do not want this data to be associated with your Google account, please log out of Google before visiting our site. Interactions such as the use of a comment feature or clicking on a +1 or Share button are also passed on to Google. Further information on the use of data by Google, settings and opt-out options can be found in Google’s privacy policy (https://policies.google.com/technologies/ads) and in the settings for the display of advertising by Google (https://adssettings.google.com/authenticated). 

    10.5. Google Maps

    We use Google Maps, provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. The data processed may include users’ IP addresses and location data. This data is not collected without user consent (usually via the settings of their mobile devices). The data may be processed in the United States. Privacy Policy https://www.google.com/policies/privacy/. Opt-Out: https://www.google.com/settings/ads/plugin?hl=en

    10.6. Newsletter

    Via our website, you can subscribe to our newsletter. If you have given us explicit permission to inform you by email about our products and services, we will process your data per Article 6 (1)(a) of GDPR. We send newsletters, emails and other electronic notifications with advertising information (the “newsletter”) only with the consent of the recipient or a legal permit. We use the so-called double opt-in procedure to confirm your registration. This means that we will send you a confirmation email before the first newsletter is sent. In this email, you can confirm your newsletter subscription by clicking on the link provided. Only after confirmation will you receive our newsletter. 

    The newsletters contain a so-called “webbeacon”. This is a file the size of a pixel and which, when the newsletter is opened, is retrieved from our server (or, if we use a dispatch service provider, from its server). During this data retrieval, technical information such as information about the browser, your system, your IP address and time of retrieval are then collected.

    This information is used for the technical improvement of services on the basis of technical data or target groups and their reading behaviour on the basis of their retrieval points (which can be determined with the help of the IP address) or access times. Statistical data gathering also include determining whether newsletters are opened, when they are opened and which links are clicked. For technical reasons, this information can be assigned to the individual newsletter recipients. It is, however, neither our endeavour nor, if used, that of the shipping service provider to observe individual users. The evaluations are rather used by us to determine the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users. Opt-out of this performance measurement is unfortunately not possible; instead, the entire newsletter subscription must be cancelled.

    Your consent may be withdrawn at any time without prejudice to the lawfulness of the processing carried out to date. You can cancel the receipt of our newsletter at any time, i.e. revoke your consent. You will find a link to unsubscribe from the newsletter at the end of each newsletter. If the consent is revoked, we stop the corresponding data processing. 

    11. Further Privacy Policy Content

    11.1. Google Retargeting 

    Retargeting Technologies

    We use Google retargeting technologies to offer you advertising on other websites that is as tailored as possible to your interests. Data processing is based on your consent per Article 6 (1)(a) of GDPR. 

    When you visit our website, either identifiers are retrieved from your device or browser, your IP address is evaluated, or a recognition feature is stored as a small text file (e.g. so-called third party cookie) on your device. Your usage behaviour is recorded when you visit various websites. The identifiers are pseudonymous. If you are logged in to your Google account, these identifiers can be associated directly with your profile. Google may associate and store your visits to our websites with your identifiers to show you targeted advertising on other websites. Google can thus also see that you have previously visited our website. Your device and your browser can be recognised by Google in various ways, e.g. when you visit a page that displays advertising on behalf of Google. 

    Remarketing

    We can add keywords to our websites. These keywords contain statements about the content of the website, such as products offered. Google receives these keywords, which do not contain personal or sensitive information. If you visit a page with certain keywords about products, Google stores a record of your visit and matches it with your pseudonymous identifier. Google can use this link to determine whether our advertisements have been displayed to you, and if so, which ones.

    Cross Device Remarketing

    Google can link the pseudonymous identifiers on your devices (tablet, smartphone and email) with each other (cross device marketing). It is assumed that you have agreed to this data processing with Google in the past. This allows Google to target advertising campaigns to your various devices.

    Your data is transmitted to Google and stored in the USA. There is an adequate level of data protection per Article 45 (1) of GDPR due to Google’s participation in the Privacy Shield. We have also concluded a contract with Google Inc. (USA) for data processing in accordance with Article 28 of GDPR. Google will therefore use all information strictly and only for the purpose of evaluating your use of our website and compiling reports on website activity.

    Right to Object

    You can object to retargeting per Article 21 of GDPR at any time. Please click on the following link: https://adssettings.google.com/authenticated

    To opt out of cross device remarketing, please go to the Google website at https://support.google.com/ads/answer/2662922 and change your personalised advertising preferences. Please keep in mind that these settings may not affect all of your devices. If you use a device with your Google account, pseudonymous identifiers may be assigned to your account. If you do not want this to happen, please log out.

    11.2. Online Applications

    We process your personal data in accordance with the applicable data protection regulations and based on Article 26 of the German Data Protection Act. When you apply for a job with us online, we process the data that you disclose to us exclusively for the purpose of selecting applicants. Your data is not processed for any other purpose.

    You yourself decide how much data you wish to send us in your online application. Online applications are transferred electronically to our personnel department where they are processed as quickly as possible. All data transfer is encrypted. As a rule, applications are forwarded to the relevant heads of department in our company. Your data is not transferred to anyone else. Your data will be treated confidentially in our company. If your application is unsuccessful, your documents will be deleted after [6 months].

    If you want us to consider your application for other or future job opportunities, please include a note to this effect in your application. We will then process your data based on Article 6 (1)(a) of GDPR.

    12. Liability for Links

    Our website contains links to third-party websites over which we have no control. Accordingly, we are not liable for such third-party content. Sole liability for the content of linked websites rests with the relevant provider or operator. The linked pages have been checked for possible legal infringements present at the time the link first went online. No unlawful content was identified at the time the link was created. Nevertheless, we cannot reasonably be expected to exercise continuous scrutiny over external links unless there are concrete grounds for suspecting a violation of the law. If we become aware of any violations of the law, we will remove such links immediately.