Data protection
With this privacy policy, we would like to inform you about the type, scope and purpose of the processing of personal data on our website. Personal data is all data that has a personal reference to you, e.g. name, address, e-mail address or user behavior.
§ 1 Responsible for data processing is
DatamedIQ GmbH
Dr. Dominique Ziegelmayer
Im Mediapark 4b
50670 Cologne
Germany
Phone: +49 221 999 895 00
Mail: info@datamediq.com
Web: http://www.datamediq.de/impressum
§ 2 Data protection officer
If you have any questions about our data protection measures, the processing of your data or the protection of your rights as a data subject, you can contact us and our data protection officer as follows:
External data protection officer
ePrivacy GmbH
represented by Prof. Dr. Christoph Bauer
Burchardstrasse 14
For all questions and concerns regarding your data, please contact datenschutz@datamediq.com.
If you wish to communicate directly with our data protection officer (for example, because you have a particularly sensitive request), please contact them by post, as communication by email can always have security gaps. Please state in your inquiry that your request relates to DatamedIQ.
§ 3 Processing of your data as part of the core activity of our company
We process your personal data transmitted to us as part of the contractual and pre-contractual relationships existing between us. The scope, type, purpose and necessity of the processing depends on the respective underlying contractual relationship. For this purpose, we store and process your data in the computer systems we use. The data processed by us includes all data provided by you for the purpose of using the contractual or pre-contractual services and which is required to process your inquiry or the contract concluded between us.
This may include the following data in particular:
– Name and address
– E-mail address and telephone number
– Contract data
The processing is limited to those data that are necessary and expedient for answering inquiries and/or for fulfilling a contract concluded between you and us.
Personal data will only be passed on to third parties if this is necessary for the purpose of providing the service or within the framework of the organization of our business for the processing of financial accounting and the fulfilment of legal obligations. In this case, only those data are transferred to external service providers that are necessary and expedient for these purposes. Processing by us is carried out in accordance with your instructions or the statutory provisions.
Legal basis: The processing of your personal data and the transfer to third parties is carried out in accordance with Art. 6 para. 1 lit. b) GDPR to bring about the conclusion of the contract between you and us and to fulfill the resulting obligations. Otherwise, we only pass on data to third parties if there is a legal obligation to do so, Art. 6 para. 1 lit. c) GDPR or if there is a legitimate interest in doing so, Art. 6 para. 1 lit. f. GDPR. This is the case, for example, if this is necessary to pursue our claims. Such a transfer of personal data will only take place after we have informed you about this data processing.
Deletion: Your data will be deleted as soon as it is no longer required to fulfill contractual or statutory duties of care and to deal with any warranty and comparable obligations. The statutory retention obligations remain unaffected by this. For example, commercial letters and invoices must be kept for six or ten years.
§ 4 Visiting our website
If you only use our website for information purposes, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that the browser you use transmits to our server. This is the following data:
– IP address, the date and time of access to our website
– time zone difference to Greenwich Mean Time (GMT)
– access status (HTTP status)
– the amount of data transferred
– the Internet service provider of the accessing system
– the browser type and version you are using
– the operating system you are using
– the website from which you may have reached our website
– the pages or subpages you visit on our website
The aforementioned data is stored as log files on the servers of our internet service provider. This is necessary in order to display the website on the device you are using and to ensure stability and security.
Legal basis: Data processing is based on our legitimate interest in the efficient and secure provision of our website, Art. 6 para. 1 lit. f) GDPR.
Duration: The above data for the provision of our website is stored for a period of 7 days and then deleted.
§ 5 Cookies
Our website uses cookies. Cookies are small text files consisting of a series of numbers and letters that are stored on the device you are using. Cookies neither transmit viruses nor can they execute programs. Rather, they are primarily used to exchange information between the device you are using and our website in order to make our website more user-friendly and effective for you. A distinction must be made between temporary (transient) cookies and persistent cookies. Transient cookies include session cookies in particular. These store a so-called session ID, with which various requests from your browser can be assigned to the joint session. This allows our website to recognize your computer when you return to our website. The session cookies are deleted when you log out or close your browser. Persistent cookies are automatically deleted after a specified period, which may vary depending on the cookie. You have the option of deleting these cookies at any time in the security settings of your browser.
Cookies are used to make our website more user-friendly. Some elements of our website require that the accessing browser can be identified even after a page change. In particular, information on language settings or log-in information may be stored in these cookies.
As the cookies are stored on your computer, you as the user also have full control over the use of cookies. You have the option of using your browser’s security settings to determine whether cookies are stored at all. For example, you can choose not to accept cookies from the outset or only accept them on request, or you can specify that cookies are deleted every time you close your browser. If cookies are deactivated for our website, it may no longer be possible to use all the functions of the website to their full extent.
If cookies are required to display our website, your personal data will be processed on the basis of our legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR. Other cookies are used exclusively on the basis of your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR, which you have given via the cookie banner and can revoke at any time with effect for the future.
Google Analytics
If you have given your consent via the cookie banner, this website uses functions of the web analysis service Google Analytics of Google Ireland Limited, Gordon House, 4 Barrow Street, Dublin, D04 E5W5, Ireland. Google Analytics uses cookies to help the website analyze how users use the site. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there.
The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. We have also added the code “anonymizeIP” to Google Analytics on this website. This guarantees that your IP address is masked so that all data is collected anonymously. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and truncated there.
Google will use this information on behalf of the operator of this website for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator.
We have concluded a Data Processing Agreement (DPA) with Google using the EU standard contractual clauses for the transfer of data to processors in third countries. This obliges Google to use the user data of our customers only within the framework of EU data protection standards exclusively for the processing of requests and not to pass them on to third parties.
You can also prevent the storage of cookies by setting your browser software accordingly or by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
§ 6 Storage period/deletion
We delete or block your personal data as soon as the purpose of storage has been achieved or no longer applies. Any further storage will only take place if we are required to do so by national or European regulations. In this case, the data will be blocked or deleted when the storage period prescribed in the respective regulations has expired, unless we need your data to fulfill a contract concluded between us or if this is necessary for the assertion, exercise or defense of legal claims. Details on the storage period and deletion can be found in the information on the respective data processing.
§ 7 Information on the contact options provided by us
If you contact us via e-mail, social media, telephone, fax, letter, our contact form or in any other way and provide us with personal data such as your name, telephone number or e-mail address or provide further information about yourself or your request, this data will be stored and processed by us to process your request.
Legal basis: If you make your request in the context of contractual or pre-contractual relationships with us, the legal basis for processing your data is Art. 6 para. 1 lit. b. GDPR. GDPR. If your request does not fall under the aforementioned category, your data will be processed on the basis of your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR or on the basis of our legitimate interest in answering your request properly and in your interest, Art. 6 para. 1 lit. f GDPR.
Deletion: The personal data collected by us will be deleted if it is no longer required. You can also object to data processing at any time or revoke your consent with effect for the future.
1. Microsoft 365 Bookings
If you use the contact form offered on our website and provide us with personal data, your personal data will be processed on the basis of your express consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. If you submit your request in the context of contractual or pre-contractual relationships with us, the processing is also carried out on the basis of Art. 6 para. 1 lit. b. GDPR. In connection with your request, we process your name, your e-mail address and the time and occasion of the appointment booking, as well as other data that you provide to us via the fields marked as “optional”.
We use the Microsoft 365 Bookings service from Microsoft Corporation, One Microsoft Way, Redmond, WA, 98052-6399, USA (“Microsoft”) to process inquiries sent to us via our contact form.
After you have submitted an inquiry via the contact form, this data is transferred to Microsoft servers to process your inquiry, where it is stored and processed further. We have agreed with Microsoft to process personal data exclusively on servers located in the EU. However, Microsoft also reserves the right to transfer data to servers in the USA. The personal data you enter via the contact form will only be processed for correspondence with you. Microsoft acts on our behalf on the basis of an order processing contract pursuant to Art. 28 para. 3 sentence 1 GDPR. We have also agreed standard data protection clauses with Microsoft in accordance with Art. 45 para. 2 lit. c GDPR
Information on the third-party provider:
Registered office within Germany: Microsoft Deutschland GmbH, Walter-Gropius-Straße 5, 80807 Munich, Germany
Privacy policy: https://privacy.microsoft.com/de-de/privacystatement
2. newsletters and electronic notifications
We only send newsletters and e-mails with the consent of the recipient. To subscribe to our newsletters, it is generally sufficient to provide your e-mail address. However, we may ask you to optionally provide a name for the purpose of addressing you personally in the newsletter or other information if this is necessary for the purposes of the newsletter.
– Double opt-in procedure: Registration for our newsletter is always carried out in a so-called double opt-in procedure. This means that we will send you an e-mail after you have registered in which we will ask you to confirm your registration. If you do not confirm your registration, your information will be blocked and automatically deleted after one month. This confirmation is necessary so that no one can register with other people’s e-mail addresses and to be able to prove the registration process in accordance with legal requirements. In addition to your e-mail address, we store the time of registration and confirmation as well as the respective IP addresses.
– Deletion and restriction of processing:We may store the unsubscribed e-mail addresses for up to three years on the basis of our legitimate interests in the preservation of evidence for the subsequent defense of legal claims before we delete them in order to be able to prove a previously given consent. The processing of this data is limited to the purpose of a possible defense against claims. An individual request for erasure is possible at any time, provided that the former existence of consent is confirmed at the same time. In the event of obligations to permanently observe objections, we reserve the right to store the e-mail address in a blacklist solely for this purpose, based on our legitimate interest in the preservation of evidence for the subsequent defense of legal claims due to the unauthorized sending of e-mails. The registration process is logged on the basis of our legitimate interests for the purpose of proving that it has been carried out properly. If we commission a service provider to send emails, this is done on the basis of an order processing agreement in accordance with Art. 28 GDPR.
– Notes on legal bases:The newsletter is sent on the basis of the consent of the recipient or, if consent is not required in exceptional cases, on the basis of our legitimate interests in direct marketing, if and to the extent that this is permitted by law, e.g. in the case of advertising to existing customers. The registration process is recorded on the basis of our legitimate interests in order to prove that it has been carried out in accordance with the law.
– Processed data types:Inventory data (e.g. names, addresses), Contact data (e.g. e-mail, telephone numbers), Meta/communication data (e.g. device information, IP addresses), Usage data (e.g. websites visited, interest in content, access times).
– Affected persons: Communication partners, customers, interested parties
– Purposes of processing:direct marketing (e.g. by e-mail).
– Legal basis:Consent (Art. 6 para. 1 sentence 1 lit. a GDPR), Legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR).
– Option to object (opt-out):You can unsubscribe from our newsletter at any time, i.e. revoke your consent(s). To do so, use the unsubscribe link at the end of each newsletter or contact marketing@datamedIQ.com or the contact details provided in the legal notice.
Services used and service providers:
HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland, Phone: +353 1 5187500. Further information on Hubspot can be found in section 5 of this paragraph.
3. google reCAPTCHA
We use “Google reCAPTCHA” (hereinafter referred to as “reCAPTCHA”) on our websites. The provider is Google Ireland Limited Gordon House, Barrow Street Dublin 4, Ireland (“Google”). The purpose of reCAPTCHA is to check whether the data input on our websites (e.g. in a contact form) is made by a human or by an automated program. For this purpose, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis begins automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, time spent on the website by the website visitor or mouse movements made by the user). The data collected during the analysis is forwarded to Google.
The reCAPTCHA analyses run completely in the background. Website visitors are not informed that an analysis is taking place. Data processing is carried out on the basis of our legitimate interest in protecting our website from abusive automated spying and SPAM and ensuring the availability of our services, Art. 6 para. 1 lit. f GDPR. Further information about Google reCAPTCHA and Google’s privacy policy can be found at the following links: https://www.google.com/intl/de/policies/privacy/and https://www.google.com/recaptcha/intro/android.html.
4. landing page and download form
We offer products on our website that we make available to you after you have filled out a download form and consented to the use of your personal data for the purpose of notifying you of current information on our products (newsletter). Downloading the products offered in this way is only possible after you have given your consent. Optionally, you can also give your consent to being contacted by e-mail and/or telephone.
We use the so-called double opt-in procedure to obtain your consent (both for the newsletter and for contacting you by email or telephone). This means that after you have registered, we will send you an e-mail and possibly also an SMS in which we will ask you to confirm your registration. If you do not confirm your registration, your information will be blocked and automatically deleted after one month. This confirmation is necessary in order to be able to prove the registration process in accordance with the legal requirements. In addition to your e-mail address and any other voluntary information such as telephone number, we store the time of registration and confirmation as well as the respective IP addresses.
The only mandatory information when using the download form is your e-mail address. The provision of further, separately marked data is voluntary and is used to address you personally or to be able to contact you optionally. After your confirmation, we store the information you have provided for the above-mentioned purposes. The legal basis is your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.
You can declare your revocation (also for the processing by integrated partner companies always named in the consent, such as appinio GmbH) by clicking on the link provided in each such e-mail or by e-mail to marketing@datamedIQ.com or by sending a message to the contact details given in the imprint.
Insofar as you have agreed in the declaration of consent that a partner company (e.g. appinio GmbH) may also use your contact data, the legal basis for such data transfer to the partner company concerned is also your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. You can also withdraw your consent in this regard at any time by following the above procedure (see previous paragraph).
5. hubspot
We use the HubSpot service on this website. HubSpot is a software company from the USA with a branch in Ireland. Contact: HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland, Phone: +353 1 5187500.
Hubspot is an integrated software solution that we use to cover various aspects of our online marketing. These include, among others:
Email marketing, social media publishing & reporting, reporting, contact management (e.g. user segmentation & CRM), landing pages and contact forms.
Our registration service allows visitors to our website to learn more about our company, download content and provide their contact information and other demographic information. This information and the content of our website is stored on the servers of our software partner HubSpot. It can be used by us to contact visitors to our website and to determine which of our company’s services are of interest to them. All information we collect is subject to this privacy policy. We use all information collected exclusively to optimize our marketing measures.
As part of the optimization of our marketing measures, the following data may be collected and processed via Hubspot:
– Geographical position
– Browser type
– Navigation information
– Reference URL
– Performance data
– Information on how often the application is used
– Mobile apps data
– Login information for the HubSpot subscription service
– Files that are displayed on site
– Domain names
– Pages viewed
– Aggregated use
– Version of the operating system
– Internet service provider
– IP address
– Device identifier
– Duration of the visit
– Where the application was downloaded from
– Operating system
– Events that occur within the application
– Access times
– Clickstream data
– Device model and version
In addition, we also use Hubspot to provide contact forms. Further information on this can be found in section 7 of this privacy policy.
The legal basis for the processing is your consent in accordance with Art. 6 para. 1 lit. a GDPR, which you have given when transmitting data via a contact form or when registering for the newsletter. If you do not want Hubspot to collect and process the aforementioned data, you can refuse your consent or revoke it at any time with effect for the future.
The personal data is stored for as long as it is required to fulfill the purpose of processing. The data will be deleted as soon as it is no longer required to achieve the purpose or if you withdraw your consent.
As part of processing via HubSpot, data may be transferred to the USA. The security of the transfer is ensured by so-called standard contractual clauses, which guarantee that the processing of personal data is subject to a level of security that corresponds to that of the GDPR. If the standard contractual clauses are not sufficient to establish an adequate level of security, we can obtain your consent in accordance with Art. 49 para. 1 lit. a GDPR as the legal basis for the transfer to third countries.
More information about HubSpot’s privacy policy ” https://legal.hubspot.com/privacy-policy
More information from HubSpot regarding EU data protection regulations ” https://legal.hubspot.com/security
You can find more information about the cookies used by HubSpot here & here:
https://knowledge.hubspot.com/reports/what-cookies-does-hubspot-set-in-a-visitor-s-browser
https://knowledge.hubspot.com/account/hubspot-cookie-security-and-privacy
§ 8 Your rights under the GDPR
According to the GDPR, you are entitled to the rights listed below, which you can assert at any time with the controller named in section 1 of this privacy policy:
Right to information: In accordance with Art. 15 GDPR, you can request confirmation as to whether and which of your personal data we process. In addition, you can request information from us free of charge about the processing purposes, the categories of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint and the origin of your data if it was not collected by us. You also have the right to obtain information as to whether your personal data has been transferred to a third country or to an international organization. If this is the case, you have the right to obtain information about the appropriate guarantees in connection with the transfer.
Right to rectification: In accordance with Art. 16 GDPR, you can request the correction of incorrect or the completion of incomplete personal data stored by us and concerning you.
Right to erasure: In accordance with Art. 17 GDPR, you have the right to request the erasure of your personal data stored by us if we do not need to process it for the following purposes:
– to fulfill a legal obligation,
– to assert, exercise or defend legal claims,
– to exercise the right to freedom of expression and information or
– for reasons of public interest mentioned in Art. 17 para. 3 lit c and d GDPR.
Right to restriction: In accordance with Art. 18 GDPR, you can request the restriction of the processing of your personal data. In addition, we will restrict the processing of your personal data if we verify the accuracy of the personal data following a request pursuant to Art. 16 GDPR, if we no longer need the personal data for the purposes of the processing, but you need it for the establishment, exercise or defense of legal claims, if the storage is required by law or if we examine an objection to the processing of your data lodged pursuant to Art. 21 GDPR.
Right to information: If you have asserted the right to rectification, erasure or restriction of processing against us, we are obliged to inform all recipients to whom the personal data concerning you have been disclosed of the rectification or erasure of the data or the restriction of processing requested by you, unless this proves impossible or involves a disproportionate effort. You have the right to be informed by us about these recipients.
Right to data portability: In accordance with Art. 20 GDPR, you have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format or to request that it be transmitted to another controller.
Right to lodge a complaint: In accordance with Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority. To do so, you can contact the supervisory authority of your usual place of residence, your workplace or our company headquarters.
You can find the address under the following link on the Internet: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html
Right of withdrawal
In accordance with Art. 7 (3) GDPR, you have the right to withdraw your consent to the processing of your data at any time. The revocation declared by you does not change the legality of the processing of your personal data up to the revocation.
Right of objection
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on a balancing of interests (Art. 6 (1) (f) GDPR). This is particularly the case if the data processing is not necessary for the performance of a contract. If you make use of your right to object, we ask you to explain the reasons. We will then no longer process your personal data unless we can prove to you that compelling legitimate grounds for data processing outweigh your interests and rights.
Irrespective of the above, you have the right to object to the processing of your personal data for the purposes of advertising and data analysis at any time.
Please address your objection to the contact address of the controller given above.
§ 9 Online presence in social networks
We maintain company pages and accounts on the social networks LinkedIn and Xing to draw attention to our company and our products and to make it easier for you to contact our company. When you visit our profile pages, we cannot rule out the possibility that the platform providers may collect and process your personal data. We have no influence on the data collected and data processing procedures, nor are we aware of the scope of data collection, the purposes of processing or the storage periods. We also do not have complete information on the deletion of the data collected by the social network providers. In addition to data processing by the platform providers, we process other personal data when you contact us via social networks. The legal basis for the operation of these pages and the associated data processing is our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR in providing our customers and other interested parties with an opportunity to obtain information and make contact that is adapted to technical and contemporary standards. If the users are asked by the respective operators of the platforms for consent to the data processing described above, the legal basis for the processing is Art. 6 para. 1 lit. a), Art. 7 GDPR.
When accessing our company profiles, it cannot be ruled out that data will be processed outside the European Union or the European Economic Area (EEA).
We maintain a company page on LinkedIn under the name DatamedIQ GmbH. LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland is responsible for data processing in connection with our presence.
In addition to the data you enter, such as your name, user name, email address and telephone number, further data is collected by LinkedIn itself. Data is then processed regardless of whether you have an account with LinkedIn or not. This is used, for example, to better understand user behaviour and, conversely, to optimize and personalize use by LinkedIn. Some of the data is made available to us as the operator of a LinkedIn page in anonymized form or as statistical data. It is not possible for us to identify individual visitors to our site on the basis of this data. We can only determine the categories of data and visitors on the basis of which anonymized statistics are made available to us. Furthermore, we have no influence on the type and circumstances of data processing by LinkedIn and therefore have no control over it. It is also not possible for us to stop this data processing.
Further information can be found in LinkedIn’s privacy policy: http://www.linkedin.com/legal/privacy-policy.
We operate a company page on Xing under the name DatamedIQ GmbH. New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany, is responsible for data processing. If you have a Xing account and are logged into it when you visit our company page, we cannot rule out the possibility that Xing will use this data to create detailed user profiles. We have no influence on the data collected and data processing procedures, nor are we aware of the scope of data collection, the purposes of processing or the storage periods. We also have no complete information on the deletion of the data collected by Xing. It is also not possible for us to stop this data processing.
Further information can be found in Xing’s privacy policy at https://privacy.xing.com/de/datenschutzerklaerung.
§ 10 Safety measures
We also take state-of-the-art technical and organizational security measures to comply with the provisions of data protection laws and to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorized access by third parties.
Up-to-dateness and amendment of this privacy policy
We reserve the right to make changes to the data protection information for this website.