General information about the processing of your data

We are required by law to inform you about the processing of your personal data (hereinafter “data”) when you use our website. This data protection notice informs you about the details of the processing of your data and about your legal rights in this regard. For terminology such as “personal data” or “processing”, the legal definitions from Art. 4 DSGVO are authoritative. We reserve the right to adapt the data protection declaration with effect for the future, in particular in the event of further development of the website, the use of new technologies or changes to the legal basis or the relevant case law. We recommend that you read the privacy policy from time to time and take a printout or copy for your records.

Scope

The data protection declaration applies to all pages of www.botiss.com. It does not extend to any linked websites or Internet presences of other providers.

Responsible

Responsible for the processing of personal data within the scope of this privacy policy is:

botiss biomaterials GmbH
Hauptstr. 28
15806 Zossen
Germany

Tel.: +49 33769 / 88 41 985
E-mail: datenschutz@botiss.com

Questions about data protection

If you have any questions about data protection with regard to our company or our website, you can contact our data protection officer:

Damir Tadic
botiss biomaterials GmbH
Hauptstr. 28
15806 Zossen
E-mail: datenschutz@botiss.com

Security

We have taken comprehensive technical and organizational precautions to protect your personal data from unauthorized access, misuse, loss and other external interference. To this end, we regularly review our security measures and adapt them to the state of the art.

Your rights

You have the following rights with respect to personal data concerning you, which you may exercise against us:

  • Right of access: You can request information in accordance with Art. 15 DSGVO about your personal data that we process.
  • Right to rectification: If the information concerning you is not (or no longer) accurate, you can request a rectification in accordance with Art. 16 DSGVO. If your data is incomplete, you can request that it be completed.
  • Right to erasure: You may request the erasure of your personal data in accordance with Art. 17 DSGVO.
  • Right to restriction of processing: In accordance with Art. 18 DSGVO, you have the right to request restriction of the processing of your personal data.
  • Right to object to processing: You have the right to object at any time, on grounds relating to your particular situation, to the processing of your personal data which is carried out on the basis of Article 6 (1) sentence 1 lit. e) or lit. f) DSGVO, in accordance with Article 21 (1) DSGVO. In this case, we will not further process your data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms. Further processing will also take place if the processing serves the assertion and exercise of or defense against legal claims (Art. 21 (1) DSGVO). In addition, according to Art. 21 (2) DSGVO, you have the right to object at any time to the processing of your personal data for the purposes of direct marketing; this also applies to any profiling, insofar as it is related to such direct marketing. We refer you to the right of objection in this privacy policy in connection with the respective processing.
  • Right to withdraw your consent: If you have given your consent for processing, you have a right of withdrawal in accordance with Art. 7 (3) DSGVO.
  • Right to data portability: You have the right to receive the personal data concerning you that you have provided to us in a structured, common and machine-readable format (“data portability”) as well as the right to have this data transferred to another data controller if the prerequisite of Art. 20 (1) lit. a, b DSGVO are met (Art. 20 DSGVO).

You may exercise your rights by notifying the contact details listed in the “Responsible party” section or the data protection officer appointed by us.

If you believe that the processing of your personal data violates data protection law, you also have the right to complain to a data protection supervisory authority of your choice pursuant to Art. 77 DSGVO. This includes the data protection supervisory authority responsible for the controller:

Brandenburg State Commissioner for Data Protection and for the Right to Inspect Files, Stahnsdorfer Damm 77, 14532 Kleinmachnow, phone: 033203/356-0, e-mail: Poststelle@LDA.Brandenburg.de, https://www.lda.brandenburg.de.

Use of our website

In principle, you can use our website for purely informational purposes without disclosing your identity. When you call up the individual pages of the website in this sense, only access data is transmitted to our web space provider so that the website can be displayed to you. The following data is processed in this process:

  • Browser type/ browser version,
  • operating system used,
  • Language and version of the browser software,
  • Date and time of access,
  • Host name of the accessing end device,
  • IP address,
  • Content of the request (concrete web page),
  • Access status/HTTP status code,
  • Websites that are accessed via the website,
  • Referrer URL (the previously visited website),
  • Message whether the call was successful and
  • Amount of data transferred.

The temporary processing of this data is necessary to technically enable the course of a website visit and a delivery of the website to your end device. The access data is not used to identify individual users and is not merged with other data sources. Further storage in log files takes place in order to ensure the functionality of the website and the security of the information technology systems. The legal basis for the processing is Art. 6 para. 1 p. 1 lit. f) DSGVO. Our legitimate interests lie in ensuring the functionality of the website and the integrity and security of the website. Storing access data in log files, in particular the IP address, for a longer period of time enables us to detect and ward off misuse. This includes, for example, the defense against requests that overload the service or any bot use. The access data is deleted as soon as it is no longer required to achieve the purpose of its processing. In the case of the collection of data for the provision of the website, this is the case when you end your visit to the website. The log data are generally stored directly and exclusively accessible to administrators and deleted after seven days at the latest. After that, they are only indirectly available via the reconstruction of backup tapes (backups) and are finally deleted after a maximum of one year.

You may object to the processing. Your right to object exists for reasons arising from your particular situation. You can send us your objection via the contact details mentioned in the section “Person responsible”.

End device information

In addition to the aforementioned access data, technologies are used when using the website that store information in your terminal equipment (e.g. desktop PC, laptop, tablet and smartphone) or access information that is already stored in your terminal equipment. These technologies may be, for example, so-called cookies, pixels, LocalStorage, SessionStorage, IndexedDB or browser fingerprinting technologies. These technologies can be used to recognize you across devices and websites.

Pursuant to Section 25 (1) TTDSG, we generally require your consent to use these technologies. According to Section 25 (2) TTDSG, such consent is only not required if the technologies either enable the transmission of a message via a public telecommunications network or if they are absolutely necessary to provide a telemedia service expressly requested by you:

Technically necessary terminal device information

Some elements of our website serve the sole purpose of transmitting a message (Section 25 (2) No. 1 TTDSG) or are absolutely necessary to provide you with our website or individual functionalities of our website (Section 25 (2) No. 2 TTDSG):

  • Language settings and
  • Log-in information.

The elements are deleted after the storage is no longer necessary.

You can prevent processing by making the appropriate settings in your browser software. For elements whose storage duration is not limited to the session, you can delete the elements in the settings of your browser software after your session has expired.

Technically unnecessary terminal device information

We also use elements on the website that are not technically necessary. We use these technologies in accordance with legal requirements only with your consent. Information on the individual technologies and functions can be found in our “Privacy settings” and sorted by the individual functions in the following information .

Consent Management Platform Borlabs Cookie

To request consent on our website for the processing of your terminal information and personal data by means of cookies or other tracking technologies, we use the consent tool “Borlabs Cookie”. Borlabs Cookie” gives you the opportunity to consent or refuse the processing of your terminal information and personal data using cookies or other tracking technologies for the purposes listed in the “Borlabs Cookie”. Such processing purposes may include, for example, the integration of external elements, integration of streaming content, statistical analysis, reach measurement, individualized product recommendations or individualized advertising. You can use “Borlabs Cookie” to give or refuse your consent for all processing purposes or to give or refuse your consent for individual purposes or individual third-party providers. The settings you make can also be changed by you afterwards. The purpose of the integration of “Borlabs Cookie” is to leave the decision about the setting of cookies and similar functionalities to the users of our website and, in the course of the further use of our website, to offer the possibility to change settings already made. In the course of using “Borlabs Cookie”, personal data as well as information of the end devices used will be processed by us. In the process, your data will also be sent to “Borlabs Cookie” (Borlabs GmbH, Hamburger Str. 11, 22083 Hamburg, Germany). The information about the settings you have made will also be stored on your end device. The legal basis for the processing is Art. 6 para. 1 p. 1 lit. c) DSGVO in conjunction with. Art. 7 (1) DSGVO, insofar as the processing serves to fulfill the legally standardized obligations to provide evidence for the granting of consent. Otherwise, Art. 6 (1) p. 1 lit. f) DSGVO is the relevant legal basis. Our legitimate interests in the processing lie in the storage of user settings and preferences in relation to the use of cookies and the evaluation of consent rates. At the end of twelve months after the user settings have been made, the consent is queried again. The user settings made will then be stored again for this period, unless you yourself delete the information about your user settings in the terminal device capacities provided for this purpose beforehand.

You may object to the processing insofar as the processing is based on Art. 6 (1) p. 1 lit. f) DSGVO. Your right to object exists for reasons arising from your particular situation. You can send us your objection via the contact details listed in the “Responsible party” section.

Contacting our company

When contacting our company, e.g. by e-mail or via the contact form on the website, the personal data you provide will be processed by us in order to answer your inquiry. Mandatory for the processing of requests via the contact form is the specification of a first and last name and a valid e-mail address. Furthermore, at the time of sending the message to us, your IP address and the date and time of registration are processed. The legal basis for the processing is Art. 6 para. 1 p. 1 lit. f) DSGVO or Art. 6 para. 1 p. 1 lit. b) DSGVO, if the contact is aimed at the conclusion of a contract. If the request is aimed at concluding a contract, the provision of your data is required and mandatory. If the data is not provided, it will not be possible to conclude or execute a contract or to process the inquiry. The other data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems. We delete the data accrued in this process after processing is no longer necessary – usually two years after the end of the communication – or, if necessary, restrict the processing to compliance with the existing legally mandatory retention obligations.

You may object to the processing. Your right to object exists for reasons arising from your particular situation. You can send us your objection via the contact details mentioned in the section “Person responsible”.

Processing for contractual purposes

We process your personal data if and insofar as this is necessary for the initiation, establishment, execution and/or termination of a legal transaction with our company. The legal basis for this results from Art. 6 para. 1 p. 1 lit. b) DSGVO. The provision of your data is necessary for the conclusion of the contract and you are contractually obliged to provide your data. If you do not provide your data, it will not be possible to conclude and/or perform the contract. After the purpose has been achieved (e.g. contract execution), the personal data will be blocked for further processing or deleted, unless we are authorized to process it further on the basis of a consent granted by you (e.g. consent to process the e-mail address for sending electronic advertising mail), a contractual agreement, a legal authorization (e.g. authorization to send direct advertising) or on the basis of legitimate interests (e.g. retention for the enforcement of claims).

The transfer of your personal data to third parties occurs insofar as

  • it is necessary for the establishment, implementation or termination of legal transactions with our company (e.g. in the case of the transfer of data to a payment service provider/shipping company for the processing of a contract with your person), in accordance with Art. 6 para. 1 sentence 1 lit. b) DSGVO, or
  • a subcontractor or vicarious agent that we use exclusively in the course of providing the offers or services you request requires such data (such agents are, unless you are expressly notified otherwise, only authorized to process the data to the extent necessary to provide the offer or service), or
  • there is an enforceable official order (Art. 6 (1) p. 1 lit. c) DSGVO), or
  • there is an enforceable court order (Art. 6 (1) p. 1 lit. c) DSGVO), or
  • we are obliged to do so by law (Art. 6 (1) p. 1 lit. c) DSGVO), or
  • processing is necessary in order to protect the vital interests of the data subject or of another natural person (Art. 6 (1) p. 1 lit. d) DSGVO), or
  • it is necessary for the performance of a task carried out in the public interest or in the exercise of official authority (Art. 6 (1) p. 1 lit. e) DSGVO), or
  • we can rely on our overriding legitimate interests or those of a third party for disclosure (Art. 6 (1) p. 1 lit. f) DSGVO).

Any further transfer of your personal data to other persons, companies or bodies will not take place unless you have effectively consented to such a transfer. The legal basis of the processing is then Art. 6 para. 1 p. 1 lit. a) DSGVO. We point out the respective recipients in the context of this data protection information in relation to the respective processing operation.

Order form for doctors and physicians

If you would like to place an order as a physician, you have the option of doing so via the order form on our website. In doing so, the personal data you provide will be processed by us in order to be able to process your order. It is mandatory for the processing of orders via the order form to provide the name of the practice, a first and last name of the doctor, an address, a telephone number, a valid e-mail address and a VAT identification number. Furthermore, at the time of sending the order to us, your IP address and the date and time of registration are processed. We process your data for order processing and for this purpose will in particular forward payment data to the payment service provider selected by you or to our house bank.

The legal basis for the processing is Art. 6 para. 1 p. 1 lit. b) DSGVO. The provision of your data is necessary and mandatory for the conclusion or execution of the contract. If the data is not provided, the conclusion or execution of the contract and the processing of the order is not possible.

To prevent unauthorized third parties from accessing your personal data, the ordering process on the website is encrypted using SSL technology.

The other data processed during the submission process is used to prevent misuse of the order form and to ensure the security of our information technology systems.

You can voluntarily create a customer account, in which we store your data for future visits to the website. When creating a customer account, the data you provide will be processed. You can edit or delete all other data independently in the customer account after successful registration.

We delete the data accruing in this context after the storage is no longer required or restrict the processing if there are statutory retention obligations. Due to mandatory commercial and tax regulations, we are obliged to retain your address, payment and order data for a period of up to ten years. Two years after termination of the contract, we restrict processing and reduce processing to compliance with existing legal obligations.

Online store

If you wish to purchase a product in our online store, it is necessary and obligatory for the initiation and conclusion of the contract that you provide personal data, such as your first and last name, your address and your e-mail address. In addition, information from your shopping cart will be processed. We process your data for order processing and, for this purpose, will in particular forward payment data to the payment service provider selected by you or to our house bank. The legal basis for the processing is Art. 6 para. 1 p. 1 lit. b) DSGVO. The provision of your data is necessary and mandatory for the conclusion or execution of the contract. If you do not provide your data, it will not be possible to conclude and/or execute a contract. To prevent unauthorized third parties from accessing your personal data, the data transfer in the course of the ordering process on the website is encrypted according to the state of the art. You can voluntarily create a customer account, in which we store your data for future visits to the website. When you create a customer account, the data you provide will be processed. You can edit or delete all further data independently in the customer account after successful registration. We delete the data accruing in this context after the storage is no longer necessary or restrict the processing if there are legal obligations to retain data. Due to mandatory commercial and tax regulations, we are obliged to store your address, payment and order data for a period of up to ten years. Two years after fulfillment of the contract, we restrict processing and reduce processing to compliance with existing legal obligations.

Store system WooCommerce

We process your data to carry out orders via the store system “WooCommerce” of Automattic, Inc. (60 29th Street #343, San Francisco, CA 94110-4929, USA; hereinafter: “WooCommerce”), so that the data provided as part of the order, such as first and last name, address, email address and information from your shopping cart are also processed by “WooCommerce”. The legal basis for the use of “WooCommerce” is Art. 6 para. 1 p. 1 lit. f) DSGVO. Our legitimate interests in the use of “WooCommerce” lie in offering a customer-friendly and speedy order processing. This data processed in this context will be deleted as soon as it is no longer necessary for the processing purpose. “WooCommerce ” also processes the data in part in the USA. An adequacy decision of the EU Commission exists for a data transfer to the USA. Automattic, Inc. is certified within the scope of this. The elements are deleted after the storage is no longer necessary. For more information on data protection with “WooCommerce”, please visit: https://woocommerce.com/de-de/document/marketplace-privacy/.

You may object to the processing. Your right to object exists for reasons arising from your particular situation. You can send us your objection via the contact details mentioned in the section “Responsible party”.

Customer account

To create a customer account independently of an order, you must register with the following information:

  • E-mail address,
  • self-selected password,
  • First and last name,
  • Username and
  • Address.

There is no obligation to use your real name, you are free to use it pseudonymously. Furthermore, at the time of registration, your IP address and the date and time of registration are processed.

We use the double opt-in procedure for registration. After you have submitted the data required for registration, you will receive an e-mail with an activation link. Only after successful activation of the link by clicking on it, the access to your customer account is created and the registration is successfully completed. For subsequent registrations (logins), the access data (user ID and password) selected by you during the first registration must be entered. If confirmation of the transmitted link is not received within 24 hours, we will block the information transmitted to us and automatically delete it after one month at the latest. Otherwise, your data will be deleted as soon as they are no longer necessary to achieve the purpose of the processing. This is the case for the data collected during the registration process when the registration on the website is cancelled or modified.

The following functions are available in the login area:

  • Change your profile data,
  • Viewing orders placed and
  • Manage, modify or cancel newsletter subscription.

Insofar as you use the login area of the website, e.g. to edit your profile data or to view orders placed, we also process the personal data required to initiate or fulfill the contract, in particular address data and information on the method of payment.

The legal basis for the processing is Art. 6 para. 1 p. 1 lit. b) DSGVO. The provision of your data is necessary and mandatory for the conclusion or execution of the contract. If you do not provide your data, you will not be able to register or use the login area, i.e. it will not be possible to conclude and/or execute a contract.

Your data will be deleted as soon as they are no longer required for the purpose of processing. This is the case after deletion of the customer account, unless we are required by law to retain the data. In this case, we restrict the processing. Due to mandatory commercial and tax regulations, we are obliged to store your address, payment and order data for a period of up to ten years.

Comment function of blog posts

You can comment on blog posts on the website. You are required to provide your name or pseudonym or user name and your e-mail address. Your comment will be published under the name or pseudonym you provided. Your entry will be checked by us before publication for the purpose of preventing spam. We reserve the right to remove entries at any time if they are found to be illegal. Furthermore, we would like to be able to contact you if your rating on the website is found to be unlawful, and to defend ourselves against complaints or claims that may be brought against us as a result of your rating. For this purpose, we also process your IP address and the date and time of submission of the rating in the log files. We delete the log files after three months. We process your contact details as long as your comment continues to exist on the website or we are dealing with the comment in the context of a legal dispute. If you wish to delete your rating, you can send us a message, using the contact details provided in the “Responsible party” section. If the comment is deleted, we will process your contact data and other voluntary information until the expiry of the statutory limitation periods for the aforementioned prevention and defense reasons, but will restrict the processing of this data after six months. The legal basis of the processing is Art. 6 para. 1 p. 1 lit. f) DSGVO. Our legitimate interest lies in the verification of the testimonials as well as in the legal defense.

You may object to the processing. Your right to object exists for reasons arising from your particular situation. You can send us your objection via the contact details mentioned in the section “Person responsible”.

Akismet Anti-Spam Plugin

In order to check your comments from blog posts on the website before publication for the purpose of preventing spam, we use the Akismet plugin from Automattic, Inc. (60 29th Street #343, San Francisco, CA 94110-4929, USA; hereinafter: “Akismet”). With the help of this plugin, comments from real people are distinguished from spam comments. “Akismet” uses so-called cookies, which are stored on your terminal device. With the help of the cookies, “Akismet” processes the information generated about the use of our website by your end device – e.g. that you have called up a certain website – and processes, among other things, the data mentioned in the section “Use of our website”, in particular your IP address, browser information, the website previously visited and the date and time of the server request. Furthermore, the name entered, the e-mail address and the comment content are forwarded to “Akismet”. The aforementioned data is analyzed on the servers of “Akismet” and stored for four days for comparison purposes. If a comment has been classified as spam, the data will be stored beyond this time. The legal basis is Art. 6 para. 1 p. 1 lit. f) DSGVO. Our legitimate interests lie in the prevention of spam comments. “Akismet” also processes the data in part in the USA. An adequacy decision of the EU Commission exists for a data transfer to the USA. Automattic, Inc. is certified within the scope of this. The elements are deleted after the storage is no longer necessary. For more information on data protection at “Akismet”, please visit: https://akismet.com/privacy/.

You may object to the processing. Your right to object exists for reasons arising from your particular situation. You can send us your objection via the contact details mentioned in the section “Person responsible”.

Payment options within the scope of orders

Purchase on account

We offer you the possibility of payment via “purchase on account”. In this case, we reserve the right to forward your data, which you provide when ordering, to external companies (e.g. Verband der Vereine Creditreform e.V., Hellersbergstraße 12, D-41460 Neuss) for the purpose of carrying out a credit check. The legal basis for the processing is Art. 6 para. 1 p. 1 lit. f) DSGVO. Our legitimate interests lie in fraud prevention and the avoidance of default risks, because we make advance payments in the “purchase on account”.

We process the data transmitted to us by your credit institution as part of the “purchase on account” payment processing for the purpose of invoice verification. The legal basis for this processing is Art. 6 para. 1 p. 1 lit. b) DSGVO. The provision of your payment data is necessary and mandatory for the conclusion or execution of the contract. If the payment data is not provided, it will not be possible to conclude and/or execute a contract by means of a “purchase on account”. We delete the data accruing in this context after the storage is no longer required or restrict the processing if there are statutory retention obligations. Due to mandatory commercial and tax regulations, we are obliged to store your address, payment and order data for a period of up to ten years. Two years after termination of the contract, we restrict processing and reduce processing to compliance with existing legal obligations.

You may object to the processing insofar as the processing is based on the legal basis of Art. 6 (1) p. 1 lit. f) DSGVO. Your right to object exists for reasons arising from your particular situation. You can send us your objection via the contact details listed in the “Responsible party” section.

Legal enforcement / address determination / debt collection

We reserve the right, in the event of non-payment, to pass on the data provided with the order to a lawyer and/or external companies (e.g. Verband der Vereine Creditreform e.V., Hellersbergstraße 12, D-41460 Neuss) for the purposes of address determination and/or legal enforcement. The legal basis for the processing is Art. 6 para. 1 p. 1 lit. f) DSGVO. Our legitimate interests lie in fraud prevention and the avoidance of default risks. In addition, we will share your data, if necessary, to ensure the exercise of our rights, as well as the rights of our affiliated companies, our cooperation partners, our employees and/or the users of our website and the processing is necessary to that extent. Under no circumstances will we sell or rent your data to third parties. The legal basis for the processing is Art. 6 para. 1 p. 1 lit. f) DSGVO. We have a legitimate interest in processing for law enforcement. We delete the accruing data after the storage is no longer necessary or restrict the processing if there are legal retention obligations.

You may object to the processing. Your right to object exists for reasons arising from your particular situation. You can send us your objection via the contact details mentioned in the section “Person responsible”.

Email marketing

Newsletter

You have the possibility to subscribe to our e-mail newsletter on the website, with which we will inform you regularly about the following contents:

  • Interesting offers from our portfolio, especially on bone substitute, collagen & barrier and botissCARE,
  • Special offers/temporary offers,
  • Invitations to events to present our products,
  • Information about new features on our website and ordering options ,
  • Sending our catalog,
  • Questions about special requests,
  • Information on how to get there by public transport and
  • Customer Feedback / Customer Satisfaction Requests.

To receive the newsletter, you must provide your name or pseudonym and a valid e-mail address and select a country. We process the e-mail address for the purpose of sending our e-mail newsletter and as long as you have subscribed to the newsletter. We use an external e-mail marketing service to send the newsletter. For more information about these service providers, please see the section “Email marketing service”.

The legal basis of the processing is Art. 6 para. 1 p. 1 lit. a) DSGVO.

You can revoke your consent to the processing of your e-mail address for the receipt of the newsletter at any time, either by clicking directly on the unsubscribe link in the newsletter or by sending us a message via the contact details provided under “Person responsible”. This does not affect the lawfulness of the processing that took place on the basis of the consent until the time of your revocation.

Within the scope of the newsletter registration, we use the online form service “Gravity Forms” of Rocketgenius, Inc. (1620 Centerville Turnpike, Unit 102, Virginia Beach, VA 23464, USA; hereinafter: “Gravity Forms”). If you have filled out the form, your personal data provided there, such as your name and e-mail address, as well as partly the data mentioned in the section “Use of our website” will be transmitted to “Gravity Forms”. “Gravity Forms” also processes the data in part in the USA. So-called standard contractual clauses have been concluded with Rocketgenius, Inc. in order to commit Rocketgenius, Inc. to an appropriate level of data protection. We store your data until the survey is completed. Further information on the purpose and scope of processing and the storage period at “Gravity Forms” can be found at https://docs.gravityforms.com/wordpress-gravity-forms-and-gdpr-compliance/.

You may object to the processing. Your right to object exists for reasons arising from your particular situation. You can send us your objection via the contact details mentioned in the section “Person responsible”.

In order to document your newsletter registration and to prevent the misuse of your personal data, the registration for our e-mail newsletter takes place in the form of the so-called double opt-in procedure. After entering the data marked as mandatory, we will send you an e-mail to the e-mail address you provided, in which we ask you to explicitly confirm your subscription to the newsletter by clicking on a confirmation link. In doing so, we process your IP address, the date and time of your subscription to the newsletter and the time of your confirmation. In this way, we ensure that you really want to receive our e-mail newsletter. We are legally obliged to prove your consent to the processing of your personal data in connection with the registration for the newsletter (Art. 7 (1) DSGVO). Due to this legal obligation, the data processing is based on Art. 6 para. 1 p. 1 lit. c) DSGVO.

You are not required to provide your personal data during the registration process. However, if you do not provide the required personal data, we may not be able to process your subscription or not completely. If no confirmation of the newsletter subscription is received within 24 hours, we will block the information transmitted to us and automatically delete it after one month at the latest. After your confirmation, your data will be processed as long as you have subscribed to the newsletter.

In the event of unsubscribing by exercising the revocation of consent, we process your data, in particular your e-mail address, to ensure that you do not receive any further newsletters from us. For this purpose, we add your email address to a so-called “block list“, which makes it possible that you do not receive any further newsletters from us. The legal basis for data processing is Art. 6 (1) p. 1 lit. c) DSGVO in order to comply with our obligations to provide evidence, otherwise Art. 6 (1) p. 1 lit. f) DSGVO. In this case, our legitimate interests are to reliably no longer send you newsletters.

You may object to the processing. Your right to object exists for reasons arising from your particular situation. You can send us your objection via the contact details mentioned in the section “Person responsible”.

In addition, we process the aforementioned data for the establishment, exercise or defense of legal claims. The legal basis for the processing is Art. 6 para. 1 lit. c) DSGVO and Art. 6 para. 1 lit. f) DSGVO. In these cases, our legitimate interest is the assertion or defense of claims.

You may object to the processing. Your right to object exists for reasons arising from your particular situation. You can send us your objection via the contact details mentioned in the section “Person responsible”.

We also statistically evaluate newsletter opening rates, the number of clicks on included links and the reading duration, measure the reach of our newsletters and adapt the offers and information sent to your personal interests. For this purpose, the usage behavior on our websites as well as within the newsletters sent by us is evaluated on the basis of end device-specific information (e.g. e-mail client used and software settings). For this analysis, the emails sent contain so-called web beacons or tracking pixels, which are single-pixel image files that are also embedded on our website.

For the purpose of measuring reach, we measure the number of visitors who have reached our websites by clicking on links and who carry out certain actions there to order products. Depending on the reading behavior, we also form target groups to which we send newsletter content tailored to the identified user interest. In order to be able to adapt our newsletter even better to your interests, we assign your e-mail address or your user profile to other user profiles within our database.

The legal basis for the processing is Art. 6 para. 1 p. 1 lit. a) DSGVO. We delete your data when you terminate the newsletter subscription.

You can revoke your consent at any time, either by sending us a message (see the contact details in the “Person responsible” section) or by directly clicking on the unsubscribe link contained in the newsletter. This does not affect the lawfulness of the processing that took place on the basis of the consent until the time of your revocation.

Email marketing service

We use the email marketing service Mailchimpof the provider Intuit Inc. (2700 Coast Ave, Mountain View, CA 94043, USA; hereinafter: “Mailchimp“); Mailchimpalso processes your data in the USA. No adequacy decision of the EU Commission exists for a data transfer to the USA. Standard data protection clauses have been concluded with Intuit Inc. to commit Intuit Inc. to an adequate level of data protection. You can view a copy of the standard data protection clauses at “Mailchimp” at https://mailchimp.com/de/legal/data-processing-addendum/#2._Rollen_und_Verantwortlichkeiten. For more information, please see the Intuit Inc. privacy policy at: https://www.intuit.com/privacy/statement/.

If you have signed up for the newsletter, the data provided during registration and the data processed during the use of our newsletter service will be processed on the servers of our aforementioned email marketing service. The email marketing service acts as our processor and is contractually limited in its authority to use your personal data for purposes other than providing services to us in accordance with the applicable data processing agreement.

The legal basis of the processing is Art. 6 para. 1 p. 1 lit. f) DSGVO. Our legitimate interests in using an external email marketing service lie in the optimization and more targeted control and monitoring of our newsletter content.

You may object to the processing if it is based on Art. 6 (1) p. 1 lit. f) DSGVO. Your right to object exists for reasons arising from your particular situation. You can send us your objection via the contact details listed in the “Responsible party” section.

Hosting

We use external hosting services provided by Kinsta, Inc. (8605 Santa Monica Blvd, West Hollywood, CA 90069, USA; hereinafter: “Kinsta”), which are used to provide the following services: Infrastructure and Platform Services, and Storage Resources and Database Services. For these purposes, all data – including the access data mentioned under the item “Use of our website” – that are necessary for the operation and use of our website are processed. The legal basis for the processing is Art. 6 para. 1 p. 1 lit. f) DSGVO. By using external hosting services, we pursue an efficient and secure provision of our web offer. “Kinsta” processes your data partly in the USA. There is no adequacy decision of the EU Commission for a data transfer to the USA. So-called standard contractual clauses have been concluded with Kinsta, Inc. in order to commit Kinsta, Inc. to an adequate level of data protection. A copy of the standard contractual clauses can be obtained by contacting “Kinsta”. For more information on data protection and the storage period at “Kinsta”, please visit: https://kinsta.com/de/legal/datenschutzpolitik/.

You may object to the processing. Your right to object exists for reasons arising from your particular situation. You can send us your objection via the contact details mentioned in the section “Person responsible”.

WordPress Plugins

As part of the operation of the website, various plugins are set by “WordPress” (Automattic, Inc., 60 29th Street #343, San Francisco, CA 94110-4929, USA; hereinafter: “WordPress”) for the purpose of optimized and secure playout of our website content. This includes in particular the following plugins:

  • Wordfence Security: Wordfence firewall and malware scanner to detect cyber attacks early and defend against them effectively.
  • WPML Multilingual CMS: WPML multilingual CMS plugin allows running fully multilingual websites with WordPress and facilitates translation of WordPress pages, posts, tags, categories and themes.
  • All 404 Redirect to Homepage: The plugin redirects website visitors to the homepage if they have previously clicked on a non-existent link. Only the last 20 incorrect links and the subsequent personal data stored in this regard are saved. The saved links are overwritten continuously.

Through the above plugins, your IP address, date and time of access and the data mentioned under “Use of our website” are processed on the servers of “WordPress”. The legal basis for the processing is Art. 6 para. 1 p. 1 lit. f) DSGVO. Our legitimate interests lie in the optimization of the playout and in the more targeted control and monitoring of our website content. “WordPress” processes the data partly also in the USA. An adequacy decision of the EU Commission exists for a data transfer to the USA. Automattic, Inc. is certified within the scope of this. The elements are deleted after the storage is no longer necessary. For more information on data protection at “WordPress”, please visit https://wpml.org/documentation/support/browser-cookies-stored-wpml/ and https://www.wordfence.com/help/general-data-protection-regulation/.

You may object to the processing. Your right to object exists for reasons arising from your particular situation. You can send us your objection via the contact details mentioned in the section “Person responsible”.

Content Delivery Network

Cloudflare

In addition, we use the services of the Content Delivery Network (hereinafter: “CDN”) of “Cloudflare” (Cloudflare Germany GmbH, Rosental 7, 80331 Munich and Cloudflare, Inc., 101 Townsend St., San Francisco, CA 94107, USA; hereinafter: “Cloudflare”) on our website for the purpose of faster retrieval of our online offer. When you visit the website, a library from the “CDN” is temporarily stored on your end device to prevent the content from being reloaded. In the process, your IP address is transmitted to the provider in the USA. There is no adequacy decision of the EU Commission for a data transfer to the USA. So-called standard contractual clauses have been concluded with Cloudflare, Inc. in order to commit Cloudflare, Inc. to an adequate level of data protection. You can view a copy of the standard contractual clauses at https://www.cloudflare.com/cloudflare-customer-dpa/. The legal basis for the processing is Art. 6 para. 1 p. 1 lit. f) DSGVO. With the use of “Cloudflare”, we pursue the legitimate interest of faster retrievability as well as a more effective and improved presentation of our online offer. Further information on data protection and the storage period for “Cloudflare” can be found at: https://www.cloudflare.com/de-de/privacypolicy/.

You may object to the processing if it is based on Art. 6 (1) p. 1 lit. f) DSGVO. Your right to object exists for reasons arising from your particular situation. You can send us your objection via the contact details listed in the “Responsible party” section.

Integration of third party content

Third-party content, such as videos, from other websites are integrated on the website. This integration always requires that the providers of this content (“third-party providers”) perceive the IP addresses of the users. This is because without the IP address they cannot send the content to the browser of the respective user. The IP address is thus required for the display of this content. In the following, we inform you about the services of external providers currently used on our website as well as about the respective processing in individual cases and about your existing objection or revocation options:

Friendly Captcha

We use “Friendly Captcha” on our website. Provider of the service is Friendly Captcha GmbH (Am Anger 3-5, 82237 Woerthsee; hereinafter: “Friendly Captcha”). The purpose of “Friendly Captcha” is to check whether the data entry on the website (e.g. in a contact form) is made by a human or by an automated program. For this purpose, we have integrated a program code of “Friendly Captcha” into our website. Your end device thereby establishes a connection to the servers of “Friendly Captcha” in order to receive a “calculation task” from “Friendly Captcha”. Your end device solves the calculation task and sends the calculation result to our web server. The server contacts the “Friendly Captcha” server via an interface and receives a response stating whether the end device solved the calculation correctly. Depending on the result, we can apply security rules to requests via our website and thus, for example, process or reject them. In this process, some of the data mentioned in the section “Use of our website” is processed and transmitted to “Friendly Captcha”. In particular, the IP address is provided with a hash value. This type of one-way encryption makes it more difficult to identify the data subject and thus represents an additional security mechanism. The data processing takes place on the basis of Art. 6 para. 1 p. 1 lit. f) DSGVO. We have a legitimate interest in protecting our web offers from abusive automated spying and from unwanted contact (spam). Your data in connection with “Friendly Captcha” will be deleted after 30 days at the latest. Further information on data processing and the storage period of the data with “Friendly Captcha” can be viewed at https://friendlycaptcha.com/de/legal/privacy-end-users/.

You may object to the processing. Your right to object exists for reasons arising from your particular situation. You can send us your objection via the contact details mentioned in the section “Person responsible”.

Google Tag Manager

We use the “Google Tag Manager” from “Google” (Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland and Google, LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA; hereinafter: “Google” and “Google Tag Manager”) on our website. “Google Tag Manager” is a solution that allows website tags and other third-party elements to be managed through one interface.

On the one hand, when the website is called up with Google Tag Manager, an http request is sent to “Google”. This transmits end device information and personal data such as your IP address and information about your browser settings to Google. We use the “Google Tag Manager” for the purpose of facilitating electronic communication by transferring information to third-party providers via programming interfaces, among other things. In the “Google Tag Manager”, the respective tracking codes of the third-party providers are implemented without us having to make any elaborate changes to the source code of the website ourselves. Instead, the integration is carried out by a container that places a so-called “placeholder” code in the source code. In addition, the “Google Tag Manager” allows us to exchange the data parameters of the users in a certain order, especially by ordering and systematizing the data packets. Your data is also occasionally transferred to the USA. There is no adequacy decision of the EU Commission for a data transfer to the USA. So-called standard contractual clauses have been concluded with Google, LLC in order to commit Google, LLC to an adequate level of data protection. You can obtain a copy of the standard contractual clauses at https://cloud.google.com/terms/sccs. The legal basis for the data processing is Art. 6 para. 1 p. 1 lit. f) DSGVO. Our legitimate interests in processing lie in facilitating and carrying out electronic communication by identifying communication endpoints, control options to exchange data elements in a specified order, and identifying transmission errors. The “Google Tag Manager” does not initiate any data storage. Further information on data protection at “Google” can be found at: http://www.google.de/intl/de/policies/privacy.

You may object to the processing if it is based on Art. 6 (1) p. 1 lit. f) DSGVO. Your right to object exists for reasons arising from your particular situation. You can send us your objection via the contact details listed in the “Responsible party” section.

You can prevent the processing by deleting the history and website data in the settings of your browser software or by opening the browser you are using in “private mode”.

On the other hand, the “Google Tag Manager” e.g. third-party tags such as tracking codes or counting pixels are installed on our website. The tool triggers other tags, which in turn collect your data; we will inform you about this separately in this privacy policy. An evaluation of the end device information and personal data of the users collected by the tags does not take place through the “Google Tag Manager” itself. Rather, your data is forwarded to the respective third-party service for the purposes stated in our consent management tool. We have aligned the “Google Tag Manager” with our consent management tool in such a way that the triggering of certain third-party services in the “Google Tag Manager” is made dependent on your selection in our consent management tool, so that only those third-party tags trigger data processing for which you have given consent. The use of the “Google Tag Manager” is covered by the consent for the respective third-party service. The legal basis for the processing is your consent pursuant to Art. 6 (1) p. 1 lit. a) DSGVO. “Google” also processes the data in part in the USA. No adequacy decision of the EU Commission exists for a data transfer to the USA. So-called standard contractual clauses have been concluded with Google, LLC in order to commit Google, LLC to an adequate level of data protection. You can obtain a copy of the standard contractual clauses at https://cloud.google.com/terms/sccs. The storage period of your data can be found in the following descriptions of the individual third-party services. Further information on data protection at “Google” can be found at: http://www.google.de/intl/de/policies/privacy.

Revocation of your consent to processing is possible at any time by pushing back the slider in the “Privacy settings” of the Consent Tool for the respective third-party provider. The lawfulness of the processing remains unaffected until you exercise the revocation.

YouTube videos

We use plug-ins of the video platform “YouTube.de” or “YouTube.com” on the website, a service of YouTube, LLC (headquarters at 901 Cherry Avenue, San Bruno, CA 94066, USA; hereinafter: “YouTube”), for which “Google” (Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland and Google, LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA; hereinafter: “Google”) is the responsible party within the meaning of data protection law. By processing data through the plug-ins, we pursue the purpose of integrating visual content (“videos”) that we have published on “Youtube.de” or “Youtube.com” also on this website. While playing videos on our website, “YouTube” receives the information that you have accessed the corresponding sub-page of our website. In addition, some of the data mentioned in the section “Use of our website” is transmitted to “Google”. This occurs regardless of whether “YouTube” provides a user account through which you are logged in or whether no user account exists. If you are logged in to “Google”, your data will be directly assigned to your account. If you do not want the assignment with your profile at “YouTube”, you must log out before activating the button. “YouTube” stores your data as usage profiles and processes them independently of the existence of a user account with “Google” for purposes of advertising, market research and/or needs-based design of its website. With regard to the storage of and access to information in your terminal device, your consent is the legal basis pursuant to Section 25 (1) TTDSG; for further processing, your consent is also the legal basis pursuant to Article 6 (1) sentence 1 lit. a) DSGVO. “Google” also processes the data in part in the USA. There is no adequacy decision of the EU Commission for a data transfer to the USA. So-called standard contractual clauses have been concluded with Google, LLC in order to commit Google, LLC to an adequate level of data protection. You can obtain a copy of the standard contractual clauses at https://cloud.google.com/terms/sccs. For more information on the purpose and scope of processing by “YouTube” and the storage period at “YouTube” and “Google”, respectively, please refer to the privacy policy of “Google” at https://policies.google.com/privacy.

Revocation of your consent to processing is possible at any time by pushing back the slider in the “Privacy settings” of the Consent Tool for the respective third-party provider. The lawfulness of the processing remains unaffected until you exercise the revocation.

Vimeo

We use the plug-ins of “Vimeo” of Vimeo, Inc. (555 West 18th Street, New York 10011, USA; hereinafter: “Vimeo”) for the integration of videos on our website. By means of the processing of data through the plug-ins, we pursue the purpose of displaying visual content (“videos”) that we publish on https://www.vimeo.com , also on this website. When you call up one of our web pages with the “Vimeo” plug-in, a connection is established to the servers of “Vimeo”. “Vimeo” uses so-called cookies, which are stored on your terminal device. In this process, the information about which website you have visited is transmitted to the server of “Vimeo”. In addition, some of the data mentioned in the section “Use of our website” is transmitted. This occurs regardless of whether you are logged into your user account of “Vimeo” or whether no user account exists. If you are logged in as a member of “Vimeo”, “Vimeo” assigns this information to your personal user account. When using the plug-in, such as playing a video by activating the play button, this information is also assigned to your user account. “Vimeo” stores your data as usage profiles and processes them independently of the existence of a user account with “Vimeo” for the purposes of advertising, market research and/or demand-oriented design of websites. With regard to the storage of and access to information in your terminal device, your consent is the legal basis pursuant to Section 25 (1) TTDSG; for further processing, your consent is also the legal basis pursuant to Article 6 (1) sentence 1 lit. a) DSGVO. “Vimeo” also processes your data on servers in the USA. No adequacy decision of the EU Commission exists for a data transfer to the USA. So-called standard contractual clauses have been concluded with Vimeo, Inc. in order to commit Vimeo, Inc. to an adequate level of data protection. A copy of the standard contractual clauses can be obtained by request at niedermeier@db5.io. Further information on data protection as well as the storage period at “Vimeo” can be found at https://vimeo.com/privacy.

Revocation of your consent to processing is possible at any time by pushing back the slider in the “Privacy settings” of the Consent Tool for the respective third-party provider. The lawfulness of the processing remains unaffected until you exercise the revocation.

Services for statistics and analysis and marketing purposes

We use third-party services for statistical, analysis and marketing purposes. In this way, it is possible for us to provide you with a user-friendly, optimized use of the website. The third-party providers use cookies, pixels, browser fingerprinting or other tracking technologies to control their services. In the following, we inform you about the services of external providers currently used on our website as well as about the respective processing in individual cases and about your existing revocation options.

Hubspot CRM

We use Hubspot CRM on this website. The provider is Hubspot Inc. 25 Street, Cambridge, MA 02141 USA (hereinafter Hubspot CRM).

Hubspot CRM enables us, among other things, to manage existing and potential customers and customer contacts. With the help of Hubspot CRM, we are able to record, sort and analyze customer interactions via email, social media or telephone across various channels. Hubspot CRM also enables us to make appointments with customers. The personal data collected in this way can be analyzed and used for communication with the potential customer or for marketing measures (e.g. newsletter mailings). With Hubspot CRM, we are also able to record and analyze the user behavior of our contacts on our website.

The use of Hubspot CRM is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the most efficient customer management and customer communication possible. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user’s end device (e.g. device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.

Details can be found in Hubspot’s privacy policy: https://legal.hubspot.com/de/privacy-policy.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here: https://www.hubspot.de/data-privacy/privacy-shield.

Google Analytics 4

In order to be able to optimally adapt our website to user interests, we use “Google Analytics”, a web analysis service from “Google” (Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland and Google, LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA; hereinafter: “Google” and “Google Analytics 4”). “Google Analytics 4” uses so-called “cookies”, which are stored on your end device for recognition purposes, as well as similar tracking methods for end device recognition such as tracking pixels, device fingerprinting and programming interfaces (e.g. APIs and SDKs) to process information from your end device. For this purpose, your end device is assigned a randomly generated identification number (cookie ID/device ID).

With the help of these technologies, “Google” processes the information generated about the use of our website by your end device as well as access data for the purpose of statistical analysis – e.g. call-up of a specific web page, number of unique visitors, entry and exit pages, dwell time, click, wipe and scroll behavior, activation of buttons, registration for the newsletter, bounce rate and similar user interactions. For this purpose, it can also be determined whether different end devices belong to you or your household. Access data includes, in particular, the IP address, browser and device information, cookie ID/device ID, the website previously visited, and the date and time of the server request.

In systems of “Google Analytics 4” no individual IP addresses are logged or stored. At the moment of IP address collection by Google in special local data centers in the EU, your IP address is used to determine location information. Subsequently, the IP address is deleted before the access data is stored in a data center or on a server for “Google Analytics”. In “Google Analytics 4”, no precise geographical location data is provided, only general location information such as the region and city of the end device’s location derived from the IP address. “Google” will process this information for the purpose of evaluating your use of the website, compiling reports on website activity for us and, where separately indicated, providing us with other services relating to website activity. If you are registered with a Google service, “Google” can assign the website visit to your user account and create and evaluate user profiles across applications.

In addition, a cross-platform analysis of user behavior is carried out on websites and apps that use “Google Analytics 4” technologies. This allows usage behavior in different environments to be recorded, measured and compared in equal measure. For example, scroll events of the user are automatically recorded, which should enable a better understanding of the use of websites and apps. For this purpose, different cookie IDs/device IDs are used for different end devices. Subsequently, we are provided with anonymized statistics on the use of the various platforms, compiled according to selected criteria.

With the help of “Google Analytics 4”, target groups are automatically created for specific cookie IDs/device IDs or mobile advertising IDs, which are later used for individualized advertising targeting. Target group criteria that can be considered are, for example: Users who have viewed products but not added them to a shopping cart or added them to a cart but not completed the purchase OR users who have purchased specific items. In this case, a target group includes at least 100 users. With the help of the “Google Ads” tool, interest-based advertisements can then be displayed in search results. Likewise, users of websites can be recognized on other websites within the “Google” advertising network (in Google search, on “YouTube”, so-called “Google Ads” or on other websites) and presented with tailored advertisements based on the defined target group criteria.

With regard to the storage of and access to information in your terminal device, your consent is the legal basis pursuant to Section 25 (1) TTDSG; for further processing, your consent is also the legal basis pursuant to Art. 6 (1) p. 1 lit. a) DSGVO. “Google” also processes the data in part in the USA. There is no adequacy decision of the EU Commission for a data transfer to the USA. So-called standard contractual clauses have been concluded with Google, LLC in order to commit Google, LLC to an adequate level of data protection. You can obtain a copy of the standard contractual clauses at https://cloud.google.com/terms/sccs. Your data in connection with “Google Analytics 4” will be deleted after 14 months at the latest. Further information on data protection at “Google” can be found at: http://www.google.de/intl/de/policies/privacy.

You can revoke your consent to processing at any time by moving the slider back in the “Privacy settings” of the Consent tool. In doing so, the lawfulness of the processing carried out on the basis of the consent until the revocation is not affected by the revocation.

Facebook Analytics

We use the “Facebook Analytics” tool from “Facebook” (provider is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland, and Meta Platforms Inc. 1601 Willow Rd, Menlo Park, California, USA; hereinafter: “Facebook” and “Facebook Analytics”). For the use of “Facebook Analytics”, we use the so-called “Facebook Pixel” to analyze the use of our website and internet presences, e.g. in social networks such as “Facebook” and “Instagram”, the interactions made by users on our website and internet presences as well as the reach measurement of our advertisements. With the help of the “Facebook pixel” – small graphics that are also integrated on our website, are automatically loaded when our website is called up and enable tracking of user behavior – your browser automatically establishes a direct connection with the “Facebook” server. By integrating the “Facebook Pixel”, “Facebook” uses cookies to process information generated about the use of our website by your end device – e.g. that you have called up a particular web page – and processes, among other things, the data mentioned in the section “Use of our website”, in particular your IP address, browser information, the website previously visited, the “Facebook ID” and the date and time of the server request, for the purpose of analyzing our website and internet presence, analyzing user interactions and measuring the reach of our advertisements. For these purposes, it can also be determined whether different end devices belong to you or your household. The information obtained with the help of the “Facebook pixel” is used solely for statistical purposes, is transmitted to us anonymously by “Facebook” as statistics and does not provide any information about the person of the user. If you are registered with a service of “Facebook”, “Facebook” can assign the collected information to your account. Even if a user is not registered with “Facebook” or is not logged in, it is possible that “Facebook” will learn and process the IP address and other identifying features. With regard to the storage of and access to information in your terminal device, your consent is the legal basis pursuant to Section 25 (1) TTDSG; for further processing, your consent is also the legal basis pursuant to Article 6 (1) sentence 1 lit. a) DSGVO. “Facebook” also processes the data in part in the USA. No adequacy decision of the EU Commission exists for a data transfer to the USA. Standard data protection clauses have been concluded with Meta Platforms Inc. in order to commit Meta Platforms Inc. to an adequate level of data protection. You can request a copy of the standard data protection clauses from Facebook at https://www.facebook.com/help/contact/341705720996035. The storage period of the information in the Facebook cookies is 180 days. Further information on data protection and the storage period at “Facebook” can be found at: https://www.facebook.com/privacy/explanation and https://www.facebook.com/policies/cookies/.

You can revoke your consent to processing at any time by moving the slider back in the “Privacy settings” of the Consent tool. In doing so, the lawfulness of the processing carried out on the basis of the consent until the revocation is not affected by the revocation.

Facebook Custom Audiences

Furthermore, the website uses the “Website Custom Audiences” function of “Facebook” (provider is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland, and Meta Platforms Inc. 1601 Willow Rd, Menlo Park, California, USA; hereinafter referred to as: “Facebook”). Via so-called web beacons, such as the “Facebook pixel”, information about your usage behavior on our website is collected, which is processed by “Facebook”. This enables users of the website and users of “Facebook” who belong to a comparable target group to be shown interest-based advertisements (“Facebook ads”) when they visit the “Facebook” social network. With the help of the “Facebook Pixel” (small graphics that are also integrated on our website and that are automatically loaded when our website is called up and allow user behavior to be tracked), your browser automatically establishes a direct connection with the “Facebook” server. By integrating the “Facebook Pixel”, “Facebook” processes the information generated with the help of cookies about the use of our website by your end device – e.g. that you have called up a certain web page – and processes, among other things, the data mentioned in the section “Use of our website”, in particular your IP address, browser information, the website previously visited, the “Facebook ID” and the date and time of the server request, for the purpose of playing out personalized advertisements. For this purpose, it can also be determined whether different end devices belong to you or your household. If you are registered with a “Facebook” service, “Facebook” can assign the collected information to your account. Even if you are not registered with “Facebook” or you are not logged in, there is a possibility that the provider will learn and process your IP address and other identifying features. With regard to the storage of and access to information in your terminal device, your consent is the legal basis pursuant to Section 25 (1) TTDSG; for further processing, your consent is also the legal basis pursuant to Article 6 (1) sentence 1 lit. a) DSGVO. “Facebook” also processes the data in part in the USA. No adequacy decision of the EU Commission exists for a data transfer to the USA. Standard data protection clauses have been concluded with Meta Platforms Inc. in order to commit Meta Platforms Inc. to an adequate level of data protection. You can request a copy of the standard data protection clauses from Facebook at https://www.facebook.com/help/contact/341705720996035. The storage period of the information in the Facebook cookies is 180 days. For more information on data protection and the storage period at “Facebook”, please visit: https://www.facebook.com/privacy/explanation and https://www.facebook.com/policies/cookies/.

Event booking

On our website, you have the option of booking both online and offline events for training purposes. When booking via the registration form, it is necessary and mandatory for the initiation and conclusion of the contract that you provide personal data, such as your first and last name. It is also mandatory to provide a billing address: Name of the practice, street, house number, postcode, city, telephone number and e-mail address. The mandatory details required for the booking and contract processing are marked separately, further details are voluntary. At the time the message is sent to us, your IP address and the date and time of registration are also processed. After registering for an event, you will receive a confirmation email and a preliminary invoice with the option of paying by bank transfer, credit card or PayPal. Once payment has been received, you will receive an invoice for your internal documentation. Shortly before the start of the event, you will receive another e-mail with all the important details about the event. After the event, you will also receive a certificate of participation.

We pass on your data to the respective local partner for the purpose of organising the event in the case of an on-site event.

The legal basis for the processing is Art. 6 para. 1 sentence 1 lit. b) GDPR. The provision of your data is necessary and mandatory for the conclusion or execution of the contract. If you do not provide your data, it will not be possible to conclude and/or fulfil the contract. The other data processed during the sending process of the registration form serve to prevent misuse of the registration form and to ensure the security of our information technology systems.

We delete the data collected in this context after storage is no longer required, or restrict processing if there are statutory retention obligations. Due to mandatory commercial and tax regulations, we are obliged to store your address, payment and booking data for a period of up to ten years. Two years after termination of the contract, we restrict processing and reduce processing to compliance with existing legal obligations.

Realisation of online events via “Zoom”

We use the provider “Zoom” (Zoom Video Communications, Inc., San Jose, California, 55 Almaden Blvd, Suite 600, USA; hereinafter referred to as “Zoom”) to organise online events via video conference. In order to participate in a video conference, you must enter a name or pseudonym in the provider’s input mask. As soon as you use the Zoom website or app, the provider Zoom is responsible for data processing. However, you only need to access the website to use Zoom in order to download the software for using Zoom. You can also use “Zoom” if you enter the respective meeting ID and any other access data for the meeting directly in the “Zoom” app. If you do not want to or cannot use the “Zoom” app, the basic functions can also be used via a browser version, which you can also find on the Zoom website. The chat logs are deleted after the conversation has ended. If you are registered with Zoom as a user, reports on the video conference (in particular meeting metadata, telephone dialling data) may be stored by Zoom for up to one month. “Zoom” may also process your data in the USA. In the event that the dial-in data is transmitted to you directly via our “Zoom” account, we have concluded so-called standard contractual clauses with Zoom Video Communications, Inc. in order to oblige “Zoom” to an appropriate level of data protection. You can view these at https://explore.zoom.us/docs/doc/Zoom_GLOBAL_DPA.pdf?_ga=2.251769289.195750321.1646675462-801897819.1598290790.

Registration for webinars

You can register on our website for free live webinars on topics relating to bone and tissue regeneration and product handling. We process your personal data for the purpose of conducting the respective webinar. You are required to enter your first and last name or a pseudonym and your e-mail address in the registration form. Optionally, you can specify the country from which you will be watching the webinar. The legal basis for processing is your consent in accordance with Art. 6 para. 1 sentence 1 lit. a) GDPR. Your data will be transmitted to the sales partner responsible for your country for the purpose of sending promotional e-mails; further information on data transmission to the respective sales partner can be found in the following section: “Data transmission to sales partners”. If you have not revoked your consent beforehand, we will delete the data collected in this context after storage is no longer required, or restrict processing if there are statutory retention obligations.

You can withdraw your consent at any time by sending us a message (see the contact details in the “Controller” section). This has no influence on the lawfulness of the processing that has taken place on the basis of your consent up to the time of your withdrawal.

Download whitepapers

You can download white papers, studies and similar information sheets on various topics relating to bone and tissue regeneration and product handling from our website.

To download the information provided by our company, you must provide your first and last name or a pseudonym and your e-mail address. At the time of the download, we also process your end device information (e.g. your IP address) as well as the date and time of your request. We process this data to fulfill your request or the download. The legal basis for the processing is your consent in accordance with Art. 6 para. 1 sentence 1 lit. a) GDPR. If you have not revoked your consent beforehand, we will delete the data collected in this context after storage is no longer necessary or restrict processing if there are statutory retention obligations.

You can withdraw your consent at any time, either by sending us a message (see the contact details in the “Controller” section) or by clicking directly on the unsubscribe link contained in the whitepaper. This will not affect the lawfulness of the processing carried out on the basis of your consent up to the time of your withdrawal.

Data transmission to sales partners

After the respective webinar has been held or information material has been downloaded, the sales partner responsible for your country will receive your first and last name, your e-mail address and the country you may have specified for the purpose of sending you promotional e-mails about the products and services presented. You can find an overview of the sales partners at https://botiss.com/distributors/ The legal basis for the transmission is your consent pursuant to Art. 6 para. 1 sentence 1 lit. a) GDPR. We have no influence on the data processing by the respective sales partner. If you have not revoked your consent beforehand, we will delete the data collected in this context after storage is no longer necessary or restrict processing if there are statutory retention obligations.

You can withdraw your consent at any time by sending us a message (see the contact details in the “Controller” section). This has no influence on the lawfulness of the processing that has taken place on the basis of your consent up to the time of your withdrawal.

You can revoke your consent to processing at any time by moving the slider back in the “Privacy settings” of the Consent tool. In doing so, the lawfulness of the processing carried out on the basis of the consent until the revocation is not affected by the revocation.