Version from October 30, 2019
1. Person responsible
Responsible for the data processing, which we describe here, is Marc Huber, Business Development Mgr. of Dr. med. Aufdermaur AG. If you have data protection concerns, you can communicate these to the following contact address:
Dr. med. Aufdermaur AG
2. type of data processing
We primarily process the personal data that we receive from our customers and other business partners in the course of our business relationship with them and other persons involved in this relationship or that we collect from their users when operating our websites, apps and other applications.
To the extent permitted, we also take certain data from publicly accessible sources (e.g. land registers, commercial register, press, Internet, debt enforcement register), from authorities and other third parties. In addition to the data that you provide us directly, the categories of personal data that we receive about you from third parties include information from public registers, information that we obtain in connection with official and judicial proceedings, information in connection with your professional functions and activities (so that we can, for example with your help we can conclude and process business transactions with your employer), information about you in correspondence and meetings with third parties, creditworthiness information (insofar as we process business transactions with you personally), information about you which persons from your environment (family, consultants, legal representatives, etc.) give us so that we can conclude or process contracts with you or with your involvement (e.g. References, your address for deliveries, powers of attorney, information on compliance with legal requirements such as money laundering prevention and export restrictions, information from banks, insurance companies, distribution and other contractual partners of us for the use or provision of services by you (e.g. payments made, purchases made), information from the media and Internet about your person (as far as this is appropriate in the specific case, e.g. e.g. in the context of a job application, press review, marketing/sales, etc.), your addresses and, if applicable, interests and other socio-demographic data (for marketing purposes), data in connection with the use of the website (e.g. IP address, MAC address of the smartphone or computer, details of your device and settings, cookies, date and time of the visit, pages and contents called up, functions used, referring website, location details).
3. Purposes of data processing and legal basis
We use the personal data collected by us primarily to conclude and execute our contracts with our customers and business partners, in particular within the scope of communication services for our customers and the purchase of products and services from our suppliers and subcontractors, as well as to comply with our legal obligations at home and abroad. If you work for such a customer or business partner, you may of course also be affected by this in this capacity with your personal data.
In addition, we also process personal data of you and other persons, as far as permitted and as we deem appropriate, for the following purposes in which we (and sometimes third parties) have a legitimate interest corresponding to the purpose:
Offering and further developing our offers, services and websites, apps and other platforms on which we are present;
Communication with third parties and processing of their inquiries (e.g. applications, media inquiries);
Examination and optimization of procedures for needs analysis for the purpose of direct customer contact as well as the collection of personal data from publicly accessible sources for the purpose of customer acquisition;
Advertising and marketing (including the organization of events), unless you have objected to the use of your data (if we send you advertising as an existing customer, you can object to this at any time; we will then put you on a blacklist against further advertising mailings);
Market and opinion research, media monitoring;
Assertion of legal claims and defence in connection with legal disputes and official proceedings;
Prevention and clarification of criminal offences and other misconduct (e.g. conducting internal investigations, data analysis to combat fraud);
Warranties of our operations, especially IT, our websites, apps and other platforms;
Video surveillance to safeguard the right to the premises and other measures for IT, building and plant security and protection of our employees and other persons and assets belonging to or entrusted to us (e.g. access controls, visitor lists, network and mail scanners, telephone recordings);
Purchase and sale of business units, companies or parts of companies and other transactions under company law and the associated transfer of personal data as well as measures for business management and, to the extent necessary to comply with legal and regulatory obligations and internal regulations of Dr. med. Aufdermaur AG.
If you have given us your consent to process your personal data for specific purposes (for example, when you register to receive newsletters or perform a background check), we will process your personal data within the scope of and based on this consent, unless we have another legal basis and we require such a basis. Consent that has been granted can be revoked at any time, but this has no effect on data processing that has already taken place.
4. Cookies, tracking and other technologies related to the use of our website
We typically use "cookies" and similar techniques on our websites and apps to identify your browser or device. A cookie is a small file that is sent to your computer or automatically stored on your computer or mobile device by the web browser you use when you visit our website or install App. It allows us to recognize you when you return to this website or use our app, even if we do not know who you are. In addition to cookies that are only used during a session and are deleted after your visit to the website (session cookies), cookies can also be used to store user settings and other information for a certain period of time (e.g. two years) (permanent cookies). However, you can set your browser to reject cookies, to save them only for one session or to delete them prematurely otherwise. Most browsers are preset to accept cookies. We use permanent cookies so that we can better understand how you use our offers and content. Certain cookies are set by us, certain cookies are also set by contractual partners with whom we work together. If you block cookies, it is possible that certain functionalities such as language selection, shopping cart, order processes may no longer work.
In our newsletters and other marketing e-mails, we also incorporate visible and invisible image elements to some extent and as far as permitted. By retrieving these elements from our servers, we can determine whether and when you have opened the e-mail, so that we can also measure and better understand how you use our offers and tailor them to you. You can block this in your e-mail program; most are preset to do so.
By using our websites, apps and by agreeing to receive newsletters and other marketing emails, you agree to the use of these techniques. If you do not wish to do so, you must set your browser or e-mail program accordingly, or uninstall the app if this cannot be done via the settings.
We use Google Analytics (Google LLC USA, www.google.com) to measure and evaluate the use of our websites. Permanent cookies are also used for this purpose, which are set by the service provider. The service provider does not receive any personal data from us, but can track your use of the website, combine this information with data from other websites that you have visited and which are also tracked by service providers, and use this information for its own purposes (e.g. controlling advertising). If you have registered with the service provider yourself, the service provider also knows you. The processing of your personal data by the service provider is then carried out under the responsibility of the service provider in accordance with its data protection regulations. The service provider only informs us how our respective website is used (no information about you personally).
You have two options to prevent the recording by Google Analytics:
You have two options to stop the recording by Google Analytics:
1. deactivate Google Analytics for this website (opt-out)
2. browser add-on to deactivate Google Analytics
We also use so-called plug-ins from social networks such as Facebook, Twitter, Youtube, Google+, Pinterest or Instagram on our websites. This is always visible to you (typically via corresponding symbols). We have configured these elements so that they are deactivated by default. If you activate them (by clicking on them), the operators of the respective social networks can register that you are on our website and where and can use this information for their purposes. The processing of your personal data is then the responsibility of this operator in accordance with their data protection regulations. We do not receive any information about you from him.
Clever Elements is used as newsletter software. Your data will be transmitted to Clever Elements GmbH. Clever Elements is prohibited from selling your data and from using it for any other purpose than for sending newsletters. Clever Elements is a German, certified provider, which was selected according to the requirements of the Data Protection Basic Regulation and the Federal Data Protection Act.
Personal data submitted via contact form will only be processed for the purpose stated therein, e.g. for further information about our company or to order specific services. The collected data will not be kept longer than necessary for the fulfilment of the order.
5. data transfer and data transmission abroad
In the course of our business activities and for the purposes set out in section 3, we also disclose various data to third parties, where permitted and where it seems appropriate to us, either because they process it for us or because they want to use it for their own purposes. This concerns in particular the following positions:
service providers of us (such as banks, insurance companies), including order processors (such as IT providers);
dealers, suppliers, subcontractors and other business partners;
domestic and foreign authorities, official agencies or courts;
the public, including visitors to websites and social media;
competitors, industry organizations, associations, organizations and other bodies;
purchasers or parties interested in acquiring business units, companies or other parts of Dr. med. Aufdermaur AG;
other parties in possible or actual legal proceedings.
These recipients are partly in Germany, but may be anywhere in the world. If we transfer data to a country without adequate legal data protection, we will ensure an adequate level of protection as required by law by using appropriate contracts (namely on the basis of the so-called Standard Contractual Clauses of the European Commission, which are available here, here and here) or so-called Binding Corporate Rules or rely on the legal exceptions of consent, contract execution, the establishment, exercise or enforcement of legal claims, overriding public interests, the published personal data or because it is necessary to protect the integrity of the data subjects. You can obtain a copy of the contractual guarantees mentioned above at any time from the contact person mentioned under point 1, unless it is not available under the link above. However, we reserve the right to blacken copies for reasons of data protection or confidentiality or to supply only extracts.
6. Duration of the retention of personal data
We process and store your personal data as long as it is necessary for the fulfilment of our contractual and legal obligations or otherwise for the purposes pursued with the processing, i.e. for the duration of the entire business relationship (from the initiation, processing to the termination of a contract) and, in addition, in accordance with the legal storage and documentation obligations. It is possible that personal data may be retained for the time during which claims may be asserted against our company and insofar as we are otherwise legally obliged to do so or legitimate business interests require it (e.g. for evidence and documentation purposes). As soon as your personal data is no longer required for the above-mentioned purposes, it will be deleted or made anonymous as far as possible. For operational data (e.g. system protocols, logs), generally shorter retention periods of twelve months or less apply.
7. Data security
We take appropriate technical and organizational security precautions to protect your personal data from unauthorized access and misuse.
8. Obligation to provide personal data
Within the scope of our business relationship, you must provide us with the personal data required for the establishment and execution of a business relationship and the fulfillment of the associated contractual obligations (as a rule, you do not have a legal obligation to provide us with data). Without this data, we will generally not be able to conclude or execute a contract with you (or the body or person you represent). Also, the website cannot be used if certain information to secure data traffic (such as IP address) is not disclosed.
We process your personal data partly automatically with the aim of evaluating certain personal aspects (profiling). We use profiling in particular to provide you with targeted information and advice on products. In doing so, we use evaluation instruments that enable us to provide communication and advertising tailored to your needs, including market and opinion research.
In principle, we do not use fully automated automatic decision making (as regulated in Art. 22 DSGVO) for the establishment and execution of the business relationship or otherwise. Should we use such procedures in individual cases, we will inform you separately, provided this is required by law and inform you of the rights associated with this.
10. rights of the data subject
Within the framework of the data protection law applicable to you and to the extent provided for therein (such as in the case of the DSGVO), you have the right to information, correction, deletion, the right to limit data processing and otherwise to object to our data processing and to surrender certain personal data for the purpose of transfer to another body (so-called data portability). Please note, however, that we reserve the right to assert the restrictions provided for by law, for example if we are obliged to store or process certain data, if we have an overriding interest in doing so (insofar as we are entitled to invoke this) or if we need them for the assertion of claims. We will inform you in advance if any costs are incurred by you. We have already informed you about the possibility of revoking your consent in section 2. Please note that the exercise of these rights may conflict with contractual agreements and that this may have consequences such as premature termination of the contract or cost consequences. In this case we will inform you in advance where this is not already contractually regulated.
The exercise of such rights usually requires that you clearly prove your identity (e.g. by means of a copy of your identity card, where your identity is otherwise not clear or cannot be verified). In order to assert your rights, you can contact us at the address given in section 1.
Furthermore, every data subject has the right to enforce his or her rights in court or to file a complaint with the competent data protection authority. The competent data protection authority in Switzerland is the Federal Data Protection and Information Commissioner (http://www.edoeb.admin.ch).