For World Medic 24 Import Export, the handling of your personal data is a high priority. With the following information, we would like to let you know for what purposes, when and how we collect, store and process which data from you. This privacy statement applies to our web presence or websites and our online offerings.

In order to facilitate the implementation of new technologies and measures and to ensure that our data protection declaration always complies with legal requirements, we occasionally adapt it. We therefore ask you to regularly inform yourself about the content of our data protection declaration. We will inform you as soon as the changes require your cooperation (e.g. consent) or other individual notification.

Status: 01 October 2020 | Ver. 01.02 | – LEVEL 01 PUBLIC –

1. Foreword

2. Status, changes and updates to the data protection declaration

3. Basic definitions

4. Person responsible

5. Data protection officer (external)

6. Processing activities

7. Legal basis for processing

8. Security measures (TOMs)

9. Transfer and disclosure of data to third parties and service providers

10. Data processing in third countries

11. Use of cookies, analysis and marketing tools as well as your choice and objection option (cookie policy)

12. Contacting us

13. Provision of the website or website / web hosting

14. Business relationships

15. Applications

16. Retention obligations and deletion of data

17. Automated decision-making (including profiling)

18. Rights of the data subjects

“Processor”: means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

“Third party” means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons authorised to process personal data under the direct authority of the controller or processor.

“Recipient”: means a natural or legal person, public authority, agency or other body to which Personal Data is disclosed, whether a third party or not.

“Personal data”: refers to all information (hereinafter also “data”) that relates to an identified or identifiable natural person (hereinafter also “data subject”) (e.g. name, first name, e-mail address, IP address, etc.).

“Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

“Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

 

World Medic 24 Import Export

Mollerstrasse 40, 64289, Darmstadt

Telephone: +1234567890

Email: info@worldmedics24.com

 

In the following overview we have summarised the categories of personal data, purposes of processing and the categories of data subjects:

master data (e.g. names, addresses)

Contact details (e.g. email addresses, telephone numbers)

content information (e.g. text entries)

Usage data (e.g. websites visited)

Meta/communication data (e.g. IP addresses, device information)

Location data (e.g. data indicating the location of an end user’s device)

5.2 Purposes of processing

Provision of the online offer, its contents and functions

provision of contractual services, service and customer care

administration and response to inquiries

Statistical evaluation, analysis and tracking

(direct) marketing, advertising and market and opinion research

security measures

 

interested parties

Customers

service providers

suppliers

business and contractual partners

communication partner

users of the website (website visitors)

5.4 Special categories of personal data (Article 9 (1) GDPR)

No special categories of personal data are processed.

We process the aforementioned personal data in compliance with the applicable statutory data protection requirements, in accordance with the following legal bases of the General Data Protection Regulation (“GDPR”):

Based on your consent (Article 6, paragraph 1, letter a of the GDPR),

you have given us your consent to process your personal data for specific purposes. You can revoke your voluntarily given consent at any time with effect for the future.

To fulfill contractual obligations or to carry out pre-contractual measures (Article 6, paragraph 1, letter b of the GDPR)

We process your data so that we can fulfill our contractual obligations to provide services or to carry out pre-contractual measures that are carried out upon request.

Due to legal obligations (Art. 6 Para. 1 lit. c GDPR)

We are subject to various legal obligations, this means legal requirements (e.g. commercial and tax retention periods according to the Tax Code and the Commercial Code) according to which we must process your data.

Within the scope of legitimate interest / balancing of interests (Art. 6 Para. 1 lit. f GDPR)

We process your data to protect our legitimate interests or, if necessary, those of a third party, unless the interests or fundamental rights and freedoms of you which require the protection of personal data prevail.

National data protection regulations (BDSG)

In addition to the provisions of the GDPR, national regulations apply in Germany, which include in particular the Federal Data Protection Act (“BDSG”). These contain special data protection regulations at national level, according to which we process your data.

 

The security of your data is our highest priority. In accordance with legal requirements, taking into account the state of the art, implementation costs and the nature, scope, circumstances and purposes of processing as well as the different probabilities of occurrence and the extent of the threat to the rights and freedoms of natural persons, we take suitable technical and organizational measures (“TOMs”) to ensure a level of protection of your personal data appropriate to the risk.

The measures we have taken (according to Art. 32 GDPR) include in particular ensuring the confidentiality, integrity and availability of data. We ensure this through regular checks of physical and electronic access to data, access, input, forwarding and securing the availability and separation of or from data. Furthermore, we have set up procedures that ensure the exercise of data subject rights, the deletion of data and reactions to data threats. We take the protection of your personal data into account when developing or selecting hardware and software and when introducing new processes that affect personal data, through technical design and data protection-friendly default settings (according to Art. 25 GDPR).

Our security measures include, in particular, the encrypted transmission of data between your browser and our server. You can recognize the encrypted connection by the prefix https:// and the lock in the address line of your browser.

Third parties: Your data will not be transferred to third parties unless we are contractually entitled to do so, are legally obliged to do so or you have given us your consent.

If our website contains links to other websites or other providers, i.e. other responsible parties, this privacy statement does not extend to other websites outside our responsibility. If the use of other providers’ websites involves the collection, processing or use of personal data, please note the privacy statements of the respective providers.

Service providers: We commission carefully selected external service providers (in particular processors according to Art. 28 GDPR) with tasks such as hosting, marketing services and programming. We oblige all service providers to maintain confidentiality and to comply with legal requirements and regularly check and monitor compliance with the provisions of data protection laws.

 

An active transfer or disclosure and processing of personal data to third countries (i.e. outside the European Union (EU) or the European Economic Area (EEA)) to third parties only takes place if this is (pre)contractually necessary to execute your orders, if this is legally required or if you have given us your consent. Subject to any transfer and processing of your data in third countries, this only takes place on the basis of special guarantees, such as the officially recognized determination of a data protection level corresponding to that of the EU or compliance with officially recognized special contractual obligations (so-called “standard contractual clauses”).

Our cookie policy applies in addition to the privacy policy of our website (as of October 1, 2020) and gives you additional information on the type, scope and purposes of data processing for cookies used, statistical evaluations and tracking technologies. You can find our cookie policy in the footer of our website under the name “Cookie Policy”. Alternatively, you can click on the following link, which will take you directly to the cookie policy: View cookie policy .

web analysis through Google Analytics

 

We use the tool/service “Google Analytics” on our website, a web analysis service from Google (Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). Google Analytics uses statistics and marketing cookies that are stored on your computer and enable an analysis of usage. These are cookies from Google itself and so-called third-party cookies. The information generated by the cookies about your use of this website is usually transferred to a Google server in the USA and stored there. For data protection-compliant processing, we use the code “gat._anonymizeIp();” to ensure anonymous collection of IP addresses (so-called IP masking). When IP anonymization is activated on this website, your IP address is shortened beforehand by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide the website operator with other services relating to website activity and internet usage. Google may also combine your data with other data that it may have received from you elsewhere for its own purposes. We have no influence on the types of data transmitted.

 

We use the data to analyze the surfing behavior of users and to obtain information about the use of the individual components of the website. This enables us to continuously optimize the website and its user-friendliness as well as to improve the presentation of our products and services.

 

The legal basis on which we process personal data using Google Analytics is Art. 6 (1) (a) of the GDPR. We therefore only process your data with your express and voluntary consent. You can give, change or revoke your consent via our cookie consent banner. You can find more information here: View cookie policy .

 

users of the website (website visitors)

 

Usage data (e.g. websites visited, interest in content, access times)

Meta/communication data (e.g. device information, IP addresses)

Location data (e.g. data indicating the location of an end user’s device)

 

via our cookie consent banner. You can find more information here: View cookie policy

 

You can view the storage period of Google Analytics cookies in your browser in our cookie policy . The evaluation overviews that are anonymous to us are deleted immediately when they are no longer required for the above-mentioned purpose (after one year at the latest).

 

“Google Analytics”, a web analysis service from Google (Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA)

 

• Google

 

• Firefox
• Chrome
• Edge
• safari

If you contact us via the contact form, e-mail, etc. with questions or a request of any kind, your personal data will be collected, processed and stored. If you use the contact form, we require the following data from you (mandatory fields): company, street and house number, zip code, city, name (contact person), e-mail address and request (message). We require this data in particular for the legally required compliance check. We offer our products and services exclusively to companies (B2B). Providing further data (telephone number) is optional and voluntary. This data is stored and used exclusively to answer your request or to make contact and the associated technical administration. This data is generally not passed on to third parties unless it is necessary to pursue our claims or there is a contractual or legal obligation to do so or you have given us your consent.

 

The information you provide will be collected, processed and stored for the purpose of processing your request and for possible follow-up questions. If your contact is aimed at concluding a contract, the data will be processed for the contractual initiation and conclusion of the contract. If a contractual relationship already exists, the data will be processed to implement the contract.

 

The legal basis for processing the data is our legitimate interest in accordance with Art. 6 (1) (f) GDPR to answer your request and carry out the compliance check. If your contact is aimed at concluding a contract, Art. 6 (1) (b) GDPR (pre-)contractual measure is also the legal basis for processing.

 

• communication partner

• master data (e.g. names, addresses)
• Contact details (e.g. email addresses, telephone numbers)
• content information (e.g. text entries)

If you would like to request that the data relating to your request be deleted, you can contact us at any time (contact details can be found in point 4, “Responsible person”). However, we may then no longer be able to fully process your request.

 

Your data, which we have received as part of the contact, will be deleted as soon as it is no longer required to achieve the purpose for which it was collected, i.e. your request has been fully processed, no further communication with you is required or desired by you, no legal or contractual basis exists, no consent has been given and no retention obligations exist.

 

In order to provide our website https://worldmedic24importexport.com/ securely and efficiently , we have commissioned a carefully selected service provider with web hosting. A contract for data processing (“AV contract”) was concluded with this service provider in accordance with Art. 28 GDPR. Service providers in the areas of marketing services and programming are also used to design our website, who are obliged to maintain confidentiality or who have also concluded an AV contract. We regularly check these providers to prove that the data is protected.

When you visit our website/websites, data from all visitors is processed as part of the provision of the above-mentioned hosting, which is generated during communication with our servers and when you contact us directly. This includes in particular your IP address, which is technically necessary for establishing a connection. Further data is collected by us (or the commissioned (hosting) service providers) as so-called server log files (access log data from our servers). These include:

• IP address used (for the functionality of the website)
• Date and time of access
• Visited website (subpage)
• Amount of data sent in bytes
• Source/reference from which you came to the page
• browser used
• Operating system used and its interface

We use the services (servers, their associated infrastructure, security services and maintenance services) of our hosting service provider for the secure and efficient operation of our website https://worldmedic24importexport.com/ . Furthermore, this technical information is necessary in order to correctly deliver the website content you request. It is processed in particular for the following purposes:

• Ensuring a smooth connection between the websites,
• Ensuring smooth use of our websites,
• Evaluation of system security (e.g. defense against DDoS attacks, “cyber attacks”) and system stability as well as
• for further administrative purposes.

 

The processing of this personal data is based on our legitimate interest (according to Art. 6 Para. 1 lit. f GDPR) for the aforementioned purposes for data collection.

We do not use this data to draw conclusions about you personally.

 

• users of the website (website visitors)

• content information (e.g. text entries)
• Usage data (e.g. categories / areas visited)
• Meta/communication data (e.g. IP addresses, device information)

The server log files are deleted after 6 months. Should the security-relevant events mentioned above occur, we reserve the right, within the scope of our legitimate interest, to store this data for a longer period for the purposes mentioned above. If the stated purpose is achieved, the data will be deleted immediately.

 

As part of the use of our website and communication (e.g. inquiries via the contact form) with us, a contract may be initiated. Further communication for this purpose does not take place via our website, but via email, post, personal conversations, etc. In addition to our data protection declaration (which applies to the use of our website and the related services), we provide you with the information obligations pursuant to Art. 13 GDPR for interested parties, customers, service providers and suppliers at the following link:

 

Our website contains information about current job vacancies. Communication (e.g. applying for a position) does not take place via our website, but via email, post, personal interviews, etc., as stated in the respective job description. In addition to our data protection declaration (which applies to the use of our website and the associated services), we provide the information obligations in accordance with Art. 13 GDPR for applicants at the following link:

 

Your personal data will only be stored for as long as it is required to fulfil our contractual and legal obligations or until you revoke your consent(s). If your data is not deleted because it is required for other legal purposes, its processing will be restricted to these purposes, i.e. blocked. Further information on the deletion of your personal data can also be found in the individual data protection notices of this data protection declaration.

If the data is no longer required to fulfil contractual or legal obligations, as mentioned above, it will be deleted regularly. Unless a limited and limited further processing is required for the following purposes, among others:

 

• Compliance with commercial and tax retention periods: These include the German Commercial Code (HGB) and the German Fiscal Code (AO). The retention periods specified there are up to 10 years.
• Preservation of evidence within the framework of the statutory limitation periods. According to §§ 195 ff. of the German Civil Code (BGB), the regular limitation period is 3 years, under special circumstances up to 30 years.
• Compliance with telecommunications storage obligations according to the Telecommunications Act (TKG) and other laws.

As a general rule, we do not use  fully automated decision-making in accordance with  Article 22 GDPR to establish and conduct business relationships  . Should we use this procedure in individual cases, we will inform you separately if this is required by law.

 

• You have the following rights:
• – in accordance with Art. 7 Para. 3 GDPR, you have the right to revoke your consent at any time with future effect . This means that we may no longer continue the data processing based on this consent in the future;
• – in accordance with Art. 15 GDPR, you have the right to request information free of charge about the personal data we process about you;
• – in accordance with Art. 16 GDPR, the right to immediately request the rectification of inaccurate or completion of your personal data processed by us;
• – in accordance with Art. 17 GDPR, the right to request the erasure of your personal data stored by us, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
• – pursuant to Art. 18 GDPR, the right to request the restriction of the processing of your personal data if you contest the accuracy of the data, the processing is unlawful but you refuse to delete it and we no longer need the data, but you need it to assert, exercise or defend legal claims or you have objected to the processing pursuant to Art. 21 GDPR;
• – pursuant to Art. 20 GDPR, the right to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request that it be transmitted to another responsible party and
• – to complain to a supervisory authority in accordance with Art. 77 GDPR . As a rule, you can contact the supervisory authority of your usual place of residence or work or of our company.
• – In Hesse this is the Hessian Commissioner for Data Protection and Freedom of Information,
• Gustav-Stresemann-Ring 1, 65189 Wiesbaden
• – A list of supervisory authorities
• (for the non-public sector) with address can be found at: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html

If your data is processed to protect legitimate interests, you have the right to object to this processing at any time using the contact details provided above if there are reasons arising from your particular situation that conflict with this data processing. We will then stop this processing unless it serves overriding legitimate interests on our part.

 

In individual cases, we process your personal data to conduct direct advertising in our legitimate interest. You have the right to object to the processing of personal data concerning you for the purpose of such advertising at any time using the contact details provided above.

If you object to processing for direct marketing purposes, we will no longer process your personal data for these purposes in the future.