Data protection information

Data protection and liability limitation

Data Protection Policy

SIGNUS Medizintechnik as operators of these sites takes the protection of your personal data very seriously. We treat your personal data confidential and in accordance with the statutory regulations. With this Data Protection Policy, we inform you about the processing of your personal data by us as well as your inherent rights in accordance with the stipulations of the new General Data Protection Regulations (GDPR)

By using our website, you agree to the collection, processing and usage of data based on the following description. Our website can principally be visited without registration. In the process, data such as accessed sites and/or names of the accessed file, data and time are stored on the server for statistical purposes without this data being able to be allocated directly to your person. Personal data, particularly name, address or email address, are raised on a voluntary basis, if possible. The data is not transferred to third parties without your consent. The acknowledgement of the usage conditions can be revoked at any time.

1. Who is responsible for data processing and whom can I contact?

Controller: Signus Medizintechnik GmbH
Industriestraße 2
D – 63755 Alzenau
Phone: +49 (0) 6023 / 9166 - 0
Email: info@signus.com

Managing Director:
Uwe Siedler
Mareike Siedler

Contact data of Data Protection Controller
Signus Medizintechnik GmbH
Data protection controller
Industriestraße 2
D – 63755 Alzenau
Phone: +49 (0) 6023 / 9166 - 0
Email: datenschutz@signus.com

Responsible supervisory authority:
Bayerisches Landesamt für Datenschutzaufsicht (BayLDA) 
Promenade 27
91522 Ansbach
Phone: +49 (0) 981 / 53 – 1300
Email: poststelle@lda.bayern.de

2. Which sources and data do we use?

We process personal data received from your when you visit our website, in the context of an existing or initiating business relationship as well as at trade fairs and other contacts, if you participate in promotions or contact us via social media channels.

Data processed by us in this context can concern the following categories:
• Contact information (e.g. name, address, phone number, email address);
• Business-related information (e.g. title, division, company name);
• Other business information (e.g. experiences with our products, information in the context of complaints):
• Data of payment transactions (bank account, if applicable credit card information, invoice address):
• Shipping information (delivery address incl. contact person);
• Substantial information from the communication via social media channels (e.g. comments);
• Applicant data in the context of applications lodged online;
• Other information raised and stored in the context of the business relationship.

3. Social Media Buttons with Data Protection

We would like to comply with the request of many operators to be able to share articles on the official pages of www.signus.com quick, easy and uncomplicated on social medias such as Facebook, Twitter, Xing or LinkedIn. For this purpose, we have created options to use these services via Social-Media-Button - yet still protect your privacy. How do we do that?

Social-Media-Buttons with data protection (Shariff)
Normally, these social plugins lead to the fact that every visitor of a site is immediately registered by these services with his IP address, and his further activities on the Internet are logged. This happens even if the user does not click on any of the buttons.

In order to prevent that, www.signus.com uses the Shariff method. Our Social-Media-Button only establishes direct contact between social network and visitor when the visitor actively clicks on the ‘Share’ button. If the user is already registered with a social network, this occurs in Facebook and Google+ without another window. In case of Twitter, a pop-up window appears where one can still edit the text of the tweet.
Therefore, users can share the content of www.signus.com in social networks without those creating a complete surfing profile of the user. With the Shariff method, www.Signus.com considers the data protection interests of its visitors as far as this is possible in accordance with the latest state of technology. The Shariff method is already used by many websites to protect its users. The point of origin was an initiative of Heise.de, where you can find further information on the current status of the discussion.

4. What is the purpose and underlying legal basis of our processing of your data?

Objective of the company is the research and development as well as the distribution and trade of and with medical devices, apparatuses and devices of any type, with surgical instruments and medical consumer goods and consumables.

GDPR demands a legal basis for any processing of personal data. The legal basis for the processing your data is that
a) we have received your consent for it,
b) it is necessary to fulfil the contractual agreements concluded with you,
c) the processing is necessary to comply with statutory obligations,
d) the processing is in our legitimate interest and that this does not create disadvantages for the rights and freedoms of the affected person.

Signus Medizintechnik GmbH requires a series of personal data from your to process these business relationships. We hereby observe the principle of data minimisation and only process data concordant with the current legislation. This may involve:
• data to process the agreements concluded with you;
• information collected in the course of a business relationship; e.g. for the use of our products;
• data generated in the context of advertising campaigns or at trade fairs;
• statistical data recorded by visiting our website;
• data we received from you in the context of a job application.

5. Who receives your data?

The respective employees of our company involved in the supervision of our business relationships have access to your personal data recorded and stored for these purposes.

In the context of the business relationship, data is transferred to public authorities in the event of outranking statutory regulations. If the fulfilment of the agreement requires the engagement of external service providers, the transfer of this data is also subject to the regulations of GDPR, particularly Article 28 GDPR "Processor".

Signus Medizintechnik GmbH does not sell personal data to any external parties.

6. Is the data transmitted to a third country or an international organisation?

Data we have received directly from you in the context of our business relationship are never transferred to countries outside of the EU and/or EEA without your permission unless it is necessary to execute your orders and statutorily prescribed.

In accordance with the described Data Protection Policy for the use of Cookies, "Google analytics" personal data may be transferred to the specified companies and thus third countries for visitors to our website. For this reason, please use the Data Protection Policies and explanations for the protection of your personal data transfer to the servers of these providers for the individual applications.

You can opt out of Google Analytics analytics by:

1) click on this link: https://tools.google.com/dlpage/gaoptout?hl=en

2) Click on the blue button labeled "Get Google Analytics Opt-out Browser Add-on"

3) It will open a statement of agreement between you and Google for the Google Analytics service. Follow the instructions by clicking "Accept and Install"

4) You should restart the browser for the changes to take effect.

7. How long is your personal data being stored?

We process and store your personal data as required for the fulfilment of our contractual and statutory obligations. Once this data is no longer required for the fulfilment of contractually or statutory obligations, they are deleted.

If data is not affected by this, it is deleted as soon as the purpose for which they were raised no longer exists.

8. Which rights according to the Data Protection Act do you have?

Each affected person has
• the right of information according to Article 15 GDPR,
• the right to rectification according to Article 17 GDPR;
• the right of erasure according to Article 17 GDPR,
• the right to restriction of processing according to restriction of processing according to Article 18 GDPR,
• the right to objection according to Article 21 GDPR as well as
• the right to data portability according to Article 20 GDPR.

For the right of disclosure and erasure, the limitations according to §§ 34 and 35 BDSG (Federal Data Protection Act new version) apply. In addition, you have the right to lodge a complaint at a responsible Supervisory Data Protection Authority (Article 77 GDPR in connection with § 19 BDSG new version).

You can revoke the granted consent for our processing of your personal data at any time. This also applies for revocation of declarations of consent granted us prior to the application of GDPR, thus prior to 25 May 2018. Please note that the revocation only takes effect for the future. Processing which occurred prior to the revocation is not affected.

9. Are you obligated to provide data?

In the context of our business relationship, you only have to provide personal data required for the establishment, execution and termination of the business relationship or those we are required to raise by law.

Without the data it is possible that you cannot utilise offered service at all or only in a limited manner, or that we may have to decline the conclusion of the agreement or the execution of the order or that we are no longer able to execute an existing agreement and may have to terminate it.

10. To which extent are automated decisions made in individual cases?

In order to establish and execute the business relationship, we principally do not use automated individual decision-making according to Article 22 GDPR

11. To which extent is your data used for profiling?

We principally do not perform profiling according to Article 4 (4) GDPR.

12. Adaptation of our Data Protection Policy

We reserve the right to revise this Data Protection Policy in the context of our own responsibility at any time. The respectively current status is specified in the footer of this declaration. All changes are effective immediately upon publication of the revised Data Protection Policy and concern the entire access and the usage of this website.

13. References to external websites ("hyperlinks")

Furthermore, our website contains references ("hyperlinks") to third-party websites, which are naturally outside of our sphere of control. We are not responsible for these objects and information. According to § 7 (2) Telemedia Act, SIGNUS Medizintechnik GmbH is not obligated to constantly check the information referred to by the hyperlinks for changes, which would substantiate responsibility. The reference to this offer is only removed once SIGNUS Medizintechnik GmbH determines or is notified by others that a specific offer, for which SIGNUS Medizintechnik GmbH has provided a hyperlink, triggers civil or criminal liability (if technically possible and feasible). The technical possibility and feasibility is not affected by the fact that the illegal or criminal offer can be accessed from other servers also after the elimination of the access.

14. Contact us

Please contact us if you have questions regarding these rules applicable to data protection or the handling of your personal data.