Privacy Policy
We are pleased that you are visiting our website. The protection and security of your personal information when you use our website is very important to us. We would therefore like to take this opportunity to inform you about which of your personal data we collect when you visit our website and for what purposes it is used.
This privacy policy applies to the Internet offer of OSCOMED GmbH, which can be accessed under the domain oscomed.de and the various subdomains ("our website").
Who is responsible and how do I contact you?
Responsible for the processing of personal data within the meaning of the EU General Data Protection Regulation (GDPR)
OSCOMED GmbH
Am Lindenbach 3
96515 Sonneberg
Tel.: +49 3675 4 39 70 – 0
E-Mail: datenschutzkoordinator@oscomed.de
If you have any questions, please contact:
Pöllinger GmbH
Dresdner Str. 38
92318 Neumarkt
Phone: 09181 – 2705770
E-Mail: datenschutz@datenschutz-poellinger.de
Our duty to provide information in accordance with Art. 13 and 14 GDPR can be found here:
Customers / Prospects
Suppliers
Applicant
What is it about?
This privacy policy complies with the legal requirements for transparency in the processing of personal data. This is any information relating to an identified or identifiable natural person. This includes, for example, information such as your name, age, address, telephone number, date of birth, email address, IP address or user behaviour when visiting a website. Information for which we cannot (or only with disproportionate effort) establish a reference to your person, e.g. through anonymization, is not personal data. The processing of personal data (e.g. collection, querying, use, storage or transmission) always requires a legal basis and a defined purpose.
Stored personal data will be deleted as soon as the purpose of the processing has been achieved and there are no lawful grounds for further storage of the data. We will inform you about the specific storage periods or criteria for storage in the individual processing operations. Irrespective of this, we store your personal data in individual cases for the assertion, exercise or defence of legal claims and in the event of statutory retention obligations.
Who gets my data?
We only pass on your personal data that we process on our website to third parties if this is necessary for the fulfilment of the purposes and is covered by the legal basis (e.g. consent or safeguarding legitimate interests) in the individual case. In addition, we pass on personal data to third parties in individual cases if this serves to assert, exercise or defend legal claims. Possible recipients can then be, for example, law enforcement agencies, lawyers, auditors, courts, etc.
Insofar as we use service providers for the operation of our website who process personal data on our behalf in the context of order processing in accordance with Art. 28 GDPR, these may be recipients of your personal data. You can find more information on the use of processors and web services in the overview of the individual processing operations.
Do you use cookies?
Cookies are small text files that are sent by us to the browser of your device during your visit to our website and stored there. As an alternative to the use of cookies, information may also be stored in the local storage of your browser. Some functions of our website cannot be offered without the use of cookies or local storage (technically necessary cookies). Other cookies, on the other hand, enable us to carry out various analyses, so that we are able, for example, to recognise the browser you are using when you return to our website and to transmit various information to us (non-necessary cookies). With the help of cookies, we can, among other things, make our website more user-friendly and effective for you, for example by tracking your use of our website and changing your preferred settings (e.g. Country and language settings). If third parties process information via cookies, they collect the information directly via your browser. Cookies do not cause any damage to your device. They cannot run programs and cannot contain viruses.
We provide information about the respective services for which we use cookies in the individual processing operations.
What rights do I have?
Under the conditions of the legal provisions of the General Data Protection Regulation (GDPR), you as a data subject have the following rights:
- Information in accordance with Art. 15 GDPR about the data stored about you in the form of meaningful information on the details of the processing as well as a copy of your data.
- Correction in accordance with Art. 16 GDPR of incorrect or incomplete data stored by us.
- Deletion in accordance with Art. 17 GDPR of the data stored by us, insofar as the processing is not necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the assertion, exercise or defence of legal claims.
- Restriction of processing in accordance with Art. 18 GDPR if the accuracy of the data is disputed, the processing is unlawful, we no longer need the data and you reject its deletion because you need it to assert, exercise or defend legal claims or you have objected to the processing in accordance with Art. 21 GDPR.
- Data portability in accordance with Art. 20 GDPR, insofar as you have provided us with personal data within the framework of consent in accordance with Art. 6 (1) (a) GDPR and § 25 (1) TTDSG or on the basis of a contract in accordance with Art. 6 (1) (b) GDPR and these have been processed by us using automated processes. You will receive your data in a structured, commonly used and machine-readable format or we will transmit the data directly to another controller, insofar as this is technically feasible.
- Objection pursuant to Art. 21 GDPR to the processing of your personal data, insofar as this is carried out on the basis of Art. 6 para. 1 lit. e, f GDPR and there are reasons for this that arise from your particular situation or the objection is directed against direct marketing. The right to object does not exist if predominantly compelling and protectable reasons for the processing are proven or if the processing is carried out for the assertion, exercise or defence of legal claims. If the right to object does not exist in the case of individual processing operations, this is stated there.
- Revocation pursuant to Art. 7 para. 3 GDPR of your consent with effect for the future.
- Complaint pursuant to Art. 77 GDPR to a supervisory authority if you believe that the processing of your personal data violates the GDPR. As a rule, you can contact the supervisory authority of your usual place of residence, your workplace or our company headquarters.
How is my data processed in detail?
In the following, we inform you about the individual processing operations, the scope and purpose of the data processing, the legal basis, the obligation to provide your data and the respective storage period. Automated decision-making in individual cases, including profiling, does not take place.
Provision of the website
Type and scope of processing
When you access and use our website, we collect the personal data that your browser automatically transmits to our server. The following information is temporarily stored in a so-called log file:
- IP address of the requesting computer
- Date and time of access
- Name and URL of the retrieved file
- Website from which access is made (referrer URL)
- Browser used and, if applicable, the operating system of your computer, as well as the name of your access provider
Our website is not hosted by us, but by a service provider who processes data on our behalf for the above-mentioned purposes in accordance with Art. 28 GDPR.
Purpose and legal basis
The processing is carried out to safeguard our overriding legitimate interest in displaying our website and to ensure security and stability on the basis of Art. 6 (f) GDPR. The collection of data and storage in log files is absolutely necessary for the operation of the website. There is no right to object to processing due to the exception under Art. 21 (1) GDPR. Insofar as the further storage of the log files is required by law, the processing is carried out on the basis of Art. 6 para. 1 lit. c GDPR. There is no legal or contractual obligation to provide the data, but it is not technically possible to access our website without providing the data.
Storage period
The aforementioned data will be stored for the duration of the display of the website and, for technical reasons, for a maximum of 7 days.
Contact
Type and scope of processing
On our website, we offer you the opportunity to contact us via a form provided. The information collected via mandatory fields is necessary to be able to process the request. In addition, you may voluntarily provide additional information that you believe is necessary to process the contact request.
When using the contact form, your personal data will not be passed on to third parties.
Purpose and legal basis
The processing of your data by using our contact form is carried out for the purpose of communication and processing of your request on the basis of your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG. Insofar as your enquiry relates to an existing contractual relationship with us, the processing for the purpose of fulfilling the contract is carried out on the basis of Art. 6 (1) (b) GDPR. There is no legal or contractual obligation to provide your data, but it is not possible to process your request without providing the information in the mandatory fields. If you do not wish to provide this data, please contact us by other means.
Storage period
If you use the contact form on the basis of your consent, we will store the data collected from each request for a period of three years, starting with the completion of your request or until your consent is withdrawn.
If you use the contact form as part of a contractual relationship, we will store the data collected from each request for a period of three years from the end of the contractual relationship.
Google Fonts
Type and scope of processing
We use Google Fonts from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, as a service to provide fonts for our online offering. To obtain these fonts, connect to Google Ireland Limited servers, where your IP address will be transmitted.
Purpose and legal basis
The use of Google Fonts is based on your consent in accordance with Art. 6 para. 1 lit. a. GDPR and § 25 para. 1 TTDSG.
We intend to transfer personal data to third countries outside the European Economic Area, in particular the USA. The data transfer to the USA takes place in accordance with Art. 45 (1) GDPR on the basis of the adequacy decision of the European Commission. The participating US companies and/or their US subcontractors are certified according to the EU-U.S. Data Privacy Framework (EU-U.S. DPF).
In cases where there is no adequacy decision from the European Commission (including US companies that are not certified according to EU-U.S. DPF), we have agreed with the recipients of the data other appropriate safeguards within the meaning of Art. 44 et seq. GDPR. Unless otherwise stated, these are standard contractual clauses of the EU Commission in accordance with Implementing Decision (EU) 2021/914 of 4 June 2021. A copy of these Standard Contractual Clauses can be viewed at https://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32021D0914&from=DE.
In addition, before such a third-country transfer, we obtain your consent in accordance with Art. 49 (1) sentence 1 lit. a. GDPR, which you give via consent in the Consent Manager (or other forms, registrations, etc.). We would like to point out that there may be risks that are unknown in detail in the case of third-country transfers (e.g. data processing by security authorities of the third country, the exact scope and consequences of which we do not know for you, over which we have no influence and of which you may not become aware).
Storage period
The specific storage period of the processed data cannot be influenced by us but is determined by Google Ireland Limited. For more information, please see the privacy policy for Google Fonts: https://policies.google.com/privacy.
Google Maps
Type and scope of processing
We use the Google Maps map service to create driving directions. Google Maps is a service of Google Ireland Limited, which displays a map on our website.
When you access this content on our website, you connect to servers of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, where your IP address and, if applicable, browser data are transmitted as your user agent. This data is processed exclusively for the purposes mentioned above and to maintain the security and functionality of Google Maps.
Purpose and legal basis
The use of Google Maps is based on your consent in accordance with Art. 6 para. 1 lit. a. GDPR and § 25 para. 1 TTDSG.
We intend to transfer personal data to third countries outside the European Economic Area, in particular the USA. The data transfer to the USA takes place in accordance with Art. 45 (1) GDPR on the basis of the adequacy decision of the European Commission. The participating US companies and/or their US subcontractors are certified according to the EU-U.S. Data Privacy Framework (EU-U.S. DPF).
In cases where there is no adequacy decision from the European Commission (including US companies that are not certified according to EU-U.S. DPF), we have agreed with the recipients of the data other appropriate safeguards within the meaning of Art. 44 et seq. GDPR. Unless otherwise stated, these are standard contractual clauses of the EU Commission in accordance with Implementing Decision (EU) 2021/914 of 4 June 2021. A copy of these Standard Contractual Clauses can be viewed at https://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32021D0914&from=DE.
In addition, before such a third-country transfer, we obtain your consent in accordance with Art. 49 (1) sentence 1 lit. a. GDPR, which you give via consent in the Consent Manager (or other forms, registrations, etc.). We would like to point out that there may be risks that are unknown in detail in the case of third-country transfers (e.g. data processing by security authorities of the third country, the exact scope and consequences of which we do not know for you, over which we have no influence and of which you may not become aware).
Storage period
The specific storage period of the processed data cannot be influenced by us but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google Maps: https://policies.google.com/privacy.