Help and contact
Medicon Extranet

Privacy policy

We are delighted that you have visited our website and would like to thank you for your interest in our company and our products. Safeguarding the privacy of personal data is our highest priority. As a result we would like to take this opportunity to advise you of the data which we collect and when this occurs, and of how we handle your personal data.

Privacy information for different users

General data privacy policy

Responsible party

The responsible party within the meaning of the data protection laws, in particular the EU General Data Protection Regulation (DSGVO), is:

Medicon eG, Chirurgiemechaniker-Genossenschaft
Gänsäcker 15, D-78532 Tuttlingen

Your data protection rights

You can use the contact details below for our data protection officer to exercise the following rights at any time:

  • Information about your data stored by us and its processing,
  • Correction of inaccurate personal data,
  • Deletion of your data stored with us,
  • Restriction of data processing if we are not yet allowed to delete your data due to legal obligations,
  • Disagree with the processing of your data with us and
  • Data portability, provided that you have consented to the data processing or have concluded a contract with us.

If you have given us consent, you can revoke this at any time with effect for the future.

You can file a complaint with the supervisory authority responsible for you at any time. Your competent supervisory authority depends on the federal state of your residence, your work or the alleged violation. A list of supervisory authorities (for the non-public sector) with address can be found at: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html

Purposes of data processing by the controller and third parties

We process your personal data only for the purposes stated in this privacy policy. A transfer of your personal data to third parties for purposes other than those mentioned will not take place. A processing of your personal data and a transfer to third parties will only take place if:

  • you have given your express consent to this,
  • the processing is necessary for the handling of an inquiry or a contract or an order with you,
  • the processing is necessary for compliance with a legal obligation,
  • the processing is necessary to protect legitimate interests and there is no reason to assume that you have an overriding legitimate interest in not disclosing your data.

the processing is necessary to protect legitimate interests and there is no reason to assume that you have an overriding legitimate interest in not disclosing your data.

Deletion or blocking of the data

We adhere to the principles of data avoidance and data economy. We therefore only store your personal data for as long as is necessary to achieve the purposes stated here or as stipulated by the various storage periods provided for by law. After the respective purpose has ceased to exist or these periods have expired, the corresponding data is routinely blocked or deleted in accordance with the statutory provisions.

Your rights to information, rectification, blocking, erasure and objection

You have the right to obtain information about your personal data stored by us at any time. You also have the right to have your personal data corrected, blocked or, apart from the mandatory data storage for business processing, deleted. Please contact our data protection officer for this purpose. You will find the contact details at the very bottom.

To ensure that a block on data can be taken into account at any time, this data must be kept in a blocking file for control purposes. You can also request the deletion of data, unless there is a legal archiving obligation. If such an obligation exists, we will block your data upon request.

You can make changes or revoke consent by notifying us accordingly with effect for the future.

Collection of general information when visiting our website

When you access our website, information of a general nature is automatically collected by means of a cookie. This information (server log files) includes, for example, the type of web browser, the operating system used, the domain name of your Internet service provider and the like. This is exclusively information that does not allow any conclusions to be drawn about your person.

This information is technically necessary in order to correctly deliver website content requested by you and is mandatory when using the Internet. In particular, it is processed for the following purposes:

  • Ensuring a smooth connection of the website,
  • Ensuring a smooth use of our website,
  • Evaluation of system security and stability, and
  • for other administrative purposes.

The processing of your personal data is based on our legitimate interest from the aforementioned purposes for data collection. We do not use your data to draw conclusions about your person. Recipients of the data are only the responsible entity and, if applicable, order processors.

Anonymous information of this kind is statistically evaluated by us, if necessary, in order to optimize our Internet presence and the technology behind it.

Cookies use

Like many other websites, we also use so-called “cookies”. Cookies are small text files that are transferred from a website server to your hard drive. Through this, we automatically receive certain data such as IP address, browser used, operating system and your connection to the Internet.

Cookies cannot be used to launch programs or transfer viruses to a computer. Based on the information contained in cookies, we can facilitate your navigation and enable the correct display of our web pages.

Under no circumstances will the data we collect be passed on to third parties or linked to personal data without your consent.

Of course, you can also view our website without cookies in principle. Internet browsers are regularly set to accept cookies. In general, you can deactivate the use of cookies at any time via your browser settings. Please use the help functions of your Internet browser to find out how to change these settings. Please note that individual functions of our website may not work if you have disabled the use of cookies.

Registration on our website

When registering to use our Medicon Extranet, some personal data is collected, such as name, address, contact and communication data such as telephone number and e-mail address. If you are registered with us, you can access content and services that we offer only to registered users. Registered users also have the option, if necessary, to change or delete the data provided during registration at any time. Of course, we will also provide you with information about the personal data we have stored about you at any time. We will also be happy to correct or delete this data at your request, provided that there are no legal obligations to retain data. To contact us in this context, please use the contact details provided at the end of this privacy policy.

SSL encryption

To protect the security of your data during transmission, we use state-of-the-art encryption methods (e.g. SSL) via HTTPS.

Newsletter

On the basis of your expressly granted consent, we will send you our newsletter or comparable information regularly by e-mail to your specified e-mail address.

To receive the newsletter, it is sufficient to provide your e-mail address. When registering to receive our newsletter, the data you provide will be used exclusively for this purpose. Subscribers may also be informed by e-mail about circumstances relevant to the service or registration (for example, changes to the newsletter offer or technical circumstances).

For an effective registration we need a valid e-mail address. In order to verify that a registration is actually made by the owner of an e-mail address, we use the “double-opt-in” procedure. For this purpose, we log the order of the newsletter, the sending of a confirmation email and the receipt of the response requested herewith. No further data is collected. The data is used exclusively for sending the newsletter.

You can revoke your consent to the storage of your personal data and its use for the newsletter dispatch at any time. You will find a corresponding link in each newsletter. In addition, you can unsubscribe at any time directly on this website or inform us of your wish to do so using the contact option provided at the end of this privacy policy.

The newsletters of Medicon eG contain so-called tracking pixels. A tracking pixel is a miniature graphic that is embedded in such emails that are sent in HTML format to enable log file recording and log file analysis. This allows a statistical evaluation of the success or failure of online marketing campaigns. Based on the embedded tracking pixel, the Medicon eG may see if and when an e-mail was opened by a data subject, and which links in the e-mail were called up by the data subject.

Such personal data collected via the tracking pixels contained in the newsletters are stored and evaluated by the controller in order to optimize the newsletter dispatch and to better adapt the content of future newsletters to the interests of the data subject. This personal data will not be passed on to third parties. Data subjects are entitled at any time to revoke the separate declaration of consent given in this regard via the double opt-in procedure. After a revocation, this personal data will be deleted by the controller. The Medicon eG automatically regards a withdrawal from the receipt of the newsletter as a revocation.

Contact form

If you contact us by e-mail or contact form regarding questions of any kind, you give us your voluntary consent for the purpose of contacting you. For this purpose, the following data is required.

  • Name
  • Company/Clinic
  • City
  • Land
  • E-Mail-Adresse

These are used for the assignment of the request and the subsequent response to the same. The specification of further data is optional. The information you provide will be stored for the purpose of processing the request and for possible follow-up questions.

Use of Matomo

This website uses Matomo (formerly Piwik), an open source software for statistical analysis of visitor traffic. Matomo uses so-called cookies, which are text files placed on your computer, to help the website analyze how users use the site.

The information generated by the cookie about your use of the website is stored on a server in Germany.

The IP address is anonymized immediately after processing and before it is stored. You have the option to prevent the installation of cookies by changing the setting of your browser software. We would like to point out that with the corresponding setting, not all functions of this website may be available.

You can decide whether a unique web analytics cookie may be placed in your browser to enable the website operator to collect and analyze various statistical data.

Embedded YouTube videos

We embed YouTube videos on some of our websites. The operator of the corresponding plugins is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. When you visit a page with the YouTube plugin, a connection to YouTube servers is established. YouTube is informed which pages you visit. If you are logged into your YouTube account, YouTube can assign your surfing behaviour to you personally. You can prevent this by logging out of your YouTube account beforehand.

When a YouTube video is started, the provider uses cookies that collect information about user behaviour.

If you have deactivated the storage of cookies for the Google Ad programme, you will not have to expect any such cookies when watching YouTube videos. However, YouTube also stores non-personalised usage information in other cookies. If you wish to prevent this, you must block the storage of cookies in your browser.

Further information on data protection at ‘Youtube’ can be found in the provider’s privacy policy at: https://www.google.de/intl/de/policies/privacy/

Change to our privacy policy

We reserve the right to adapt this data protection declaration so that it always complies with the current legal requirements or in order to implement changes to our services in the data protection declaration, e.g. when introducing new services. The new privacy policy will then apply to your next visit.

Questions to the data protection officer

If you have any questions about data protection, please email us at datenschutz@medicon.de or contact our data protection officer directly:

Edmund Hilt
hilt evolution
Nelkenstraße 36
D- 71272 Renningen
E-Mail: datenschutz@hilt-evolution.com
www.hilt-evolution.com

Data protection information for customers and interested parties

pursuant to EU General Data Protection Regulation (GDPR), Article 13, 14 and 21
Data protection is of utmost importance to us. The following information explains how we process your data and what your rights are.

1. Who is responsible for data processing and who can you contact?

Medicon eG
Chirurgiemechaniker-Genossenschaft
Gänsäcker 15
D-78532 Tuttlingen
Tel.: +49 (0) 74 62 / 20 09 – 0
Fax: +49 (0) 74 62 / 20 09 – 50
E-Mail: info@medicon.de

2. Contact details of the Data Protection Officer

Edmund Hilt
hilt evolution
www.hilt-evolution.com
datenschutz@medicon.de

3. Purpose of processing and legal basis

Your personal data shall be processed in accordance with the provisions of the EU General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG) and other relevant data protection regulations. The processing and use of the individual data depends on the agreed or requested service. Please find further details and additional information regarding processing purposes in our contractual documents, forms, declarations of consent and other information provided (e.g. on the website or in the Terms and Conditions).

3.1 Consent (GDPR, Art. 6(1)(a))

If you have given us consent to process your personal data, this consent shall serve as the legal basis for the processing specified therein. You may revoke your consent with future effect at any time.

3.2 Fulfilling contractual obligations (GDPR, Art. 6(1)(b)

We shall use your personal data for the purpose of fulfilling the contracts we enter into with you. Your personal data shall also be processed to implement measures and activities within the framework of pre-contractual relationships.

3.3 Fulfilling legal obligations (GDPR, Art. 6(1)(c))

We shall process your personal data if this is necessary for compliance with legal obligations (e.g. commercial and taxation laws). Furthermore, we shall process your data if necessary for the fulfilment of fiscal control and reporting obligations, the archiving of data for the purposes of data protection and data security as well as for auditing by tax authorities and other authorities. Disclosure of personal data may also become necessary in the course of official/judicial action for the purposes of gathering evidence, prosecution or enforcement of civil claims.

3.4 Legitimate interest on our part or on the part of third parties (GDPR, Art. 6(1)(f))

We may also use your personal data on the basis of a weighing of interests to protect the legitimate interests on our part or on the part of third parties. This shall apply with regard to the following purposes:

  • Advertising or market research, provided that you have not objected to the use of your data
  • For the collection of information and the exchange of data with credit agencies if this goes beyond our economic risk
  • For the limited storage of your data if deletion is not possible or only possible with disproportionately great effort on account of the special type of storage
  • For continuing development of services and products as well as existing systems and processes
  • For the assertion of legal claims and defence in legal disputes which are not directly attributable to the contractual relationship
  • For internal and external investigations and/or security audits
  • For safeguarding and exercising our property rights through appropriate measures (e.g. video surveillance)

4. Categories of personal data processed by us

The following data shall be processed:

  • Personal details (name, occupation/industry and comparable information)
  • Contact details (address, e-mail address, phone number and comparable information)
  • Confirmation of payment/cover for bank and credit cards
  • Customer history

5. Who receives your data?

We pass on your personal data within our company to those departments that require this data to fulfil their contractual and legal obligations, or to comply with our legitimate interest.

Moreover, the following bodies may receive your data:

  • Contract processors used by us (GDPR, Art. 28), providers of support services and other parties responsible pursuant to the GDPR, in particular in the areas of: IT services, logistics, courier services, printing services, external computer centres, support/maintenance of IT applications, archiving, document processing, bookkeeping and controlling, data destruction, purchasing/procurement, customer administration, letter shops, marketing, telephony, website management, tax consultancy, auditing services, credit institutions
  • Public bodies and institutions where there is a legal or official obligation requiring us to provide information, report or disclose data or where the disclosure of data is in the public interest
  • Bodies and institutions on the basis of our legitimate interest or the legitimate interest of the third party (e.g. to authorities, credit agencies, debt collection agencies, lawyers, courts, experts and supervisory bodies)
  • Other bodies for which you have given us your consent for the data transfer

6. Transfer of your data to a third country or an international organisation

Data processing shall not take place outside the EU or EEA.

7. How long do we store your data?

If required, we shall process your personal data for the duration of our business relationship, including the initiation and execution of a contract.

Furthermore, we are subject to various storage and documentation obligations, including those arising from the German Commercial Code (HGB) and the German Fiscal Code (AO). The periods for storage and documentation specified therein are up to ten years following termination of the business relationship or the pre-contractual legal relationship. Ultimately, the storage period shall also be determined by the statutory limitation periods, which pursuant to Sections 195 et seq. of the German Civil Code (BGB), for example, are generally three years; however, in certain cases, these may be as long as thirty years.

8. To what extent is there automatic decision-making in individual cases (including profiling)?

We do not use purely automated decision-making procedures in accordance with GDPR, Article 22. If we use these procedures in individual cases, we shall inform you separately of this, insofar as this is required by law.

9. Your privacy

You have the right of access to information under GDPR, Article 15, the right to correction under Article 16, the right to deletion under Article 17, the right to limitation of processing under Article 18, and the right to data transferability under Article 20. Furthermore, the right to appeal to a data protection supervisory authority shall apply pursuant to GDPR, Article 77. In accordance with GDPR, Article 21, the right to object to the processing of personal data by us shall always apply. However, this right of objection shall only apply in the case of very special circumstances in your personal situation, where the rights of our company may conflict with your right of objection. If you wish to exercise any of these rights, please contact our Data Protection Officer at datenschutz@medicon.de.

10. Extent of your obligations to provide us with your data

You shall only be required to provide data which is necessary for the establishment and performance of a business relationship or for a pre-contractual relationship with us or which we are legally obliged to collect. Without this data, we shall not usually be able to enter into or carry out our contract with you. This may also refer to data required later within the framework of the business relationship. If we request additional data from you, you shall be informed of the voluntary nature of the information separately.

11. Information regarding your right of objection GDPR, Art. 21

You have the right to object to the processing of your data at any time on the basis of GDPR, Art. 6(1)(f) (data processing on the basis of a weighing of interests) or GDPR, Art. 6(1)(e) (data processing in the public interest) if reasons exist relating to your particular situation. This shall also apply to profiling based on this provision as defined in GDPR, article 4(4).

If you object, we shall cease processing your personal data, unless we can provide compelling reasons for its processing worthy of protection, which outweigh your interests, rights and freedoms or if the processing serves to assert, exercise or defend legal claims. We may also process your personal data for the purpose of direct marketing. If you do not wish to receive advertising, you have the right to object at any time. This also applies to profiling in so far as it is related to this type of direct marketing. We shall take this objection into account for the future. We shall cease to process your data for direct marketing purposes if you object to such processing.

The objection may be sent informally to the address listed under point 1.

12. Your right to appeal to the competent supervisory authority

Pursuant to GDPR, Art. 77, you have the right to appeal to the data protection supervisory authority. The responsible supervisory authority is:

The State Commissioner for Data Protection and Freedom of Information (Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit)
Königstrasse 10 a
70173 Stuttgart

Data protection information for suppliers and service providers

pursuant to EU General Data Protection Regulation (GDPR), Article 13, 14 and 21
Data protection is of utmost importance to us. The following information explains how we process your data and what your rights are.

1. Who is responsible for data processing and who can you contact?

Medicon eG
Chirurgiemechaniker-Genossenschaft
Gänsäcker 15
D-78532 Tuttlingen
Tel.: +49 (0) 74 62 / 20 09 – 0
Fax: +49 (0) 74 62 / 20 09 – 50
E-Mail: info@medicon.de

2. Contact details of the Data Protection Officer

Edmund Hilt
hilt evolution
www.hilt-evolution.com
datenschutz@medicon.de

3. Purpose of processing and legal basis

Your personal data shall be processed in accordance with the provisions of the EU General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG) and other relevant data protection regulations. The processing and use of the individual data depends on the agreed or requested service. Please find further details and additional information regarding processing purposes in our contractual documents, forms, declarations of consent and other information provided (e.g. on the website or in the Terms and Conditions).

3.1 Consent (GDPR, Art. 6(1)(a))

If you have given us consent to process your personal data, this consent shall serve as the legal basis for the processing specified therein. You may revoke your consent with future effect at any time.

3.2 Fulfilling contractual obligations (GDPR, Art. 6(1)(b)

We shall use your personal data for the purpose of fulfilling the contracts we enter into with you. Your personal data shall also be processed to implement measures and activities within the framework of pre-contractual relationships.

3.3 Fulfilling legal obligations (GDPR, Art. 6(1)(c))

We shall process your personal data if this is necessary for compliance with legal obligations (e.g. commercial and taxation laws). Furthermore, we shall process your data if necessary for the fulfilment of fiscal control and reporting obligations, the archiving of data for the purposes of data protection and data security as well as for auditing by tax authorities and other authorities. Disclosure of personal data may also become necessary in the course of official/judicial action for the purposes of gathering evidence, prosecution or enforcement of civil claims.

3.4 Legitimate interest on our part or on the part of third parties (GDPR, Art. 6(1)(f))

We may also use your personal data on the basis of a weighing of interests to protect the legitimate interests on our part or on the part of third parties. This shall apply with regard to the following purposes:

  • Advertising or market research, provided that you have not objected to the use of your data
  • For the collection of information and the exchange of data with credit agencies if this goes beyond our economic risk
  • For the limited storage of your data if deletion is not possible or only possible with disproportionately great effort on account of the special type of storage
  • For continuing development of services and products as well as existing systems and processes
  • For the assertion of legal claims and defence in legal disputes which are not directly attributable to the contractual relationship
  • For internal and external investigations and/or security audits
  • For safeguarding and exercising our property rights through appropriate measures (e.g. video surveillance)

4. Categories of personal data processed by us

The following data shall be processed:

  • Personal details (name, occupation/industry and comparable information)
  • Contact details (address, e-mail address, phone number and comparable information)
  • Supplier history

5. Who receives your data?

We pass on your personal data within our company to those departments that require this data to fulfil their contractual and legal obligations, or to comply with our legitimate interest.

Moreover, the following bodies may receive your data:

  • Contract processors used by us (GDPR, Art. 28), providers of support services and other parties responsible pursuant to the GDPR, in particular in the areas of: IT services, logistics, courier services, printing services, external computer centres, support/maintenance of IT applications, archiving, document processing, bookkeeping and controlling, data destruction, purchasing/procurement, customer administration, letter shops, marketing, telephony, website management, tax consultancy, auditing services, credit institutions
  • Public bodies and institutions where there is a legal or official obligation requiring us to provide information, report or disclose data or where the disclosure of data is in the public interest
  • Bodies and institutions on the basis of our legitimate interest or the legitimate interest of the third party (e.g. to authorities, credit agencies, debt collection agencies, lawyers, courts, experts and supervisory bodies)
  • Other bodies for which you have given us your consent for the data transfer

6. Transfer of your data to a third country or an international organisation

Data processing shall not take place outside the EU or EEA.

7. How long do we store your data?

If required, we shall process your personal data for the duration of our business relationship, including the initiation and execution of a contract.

Furthermore, we are subject to various storage and documentation obligations, including those arising from the German Commercial Code (HGB) and the German Fiscal Code (AO). The periods for storage and documentation specified therein are up to ten years following termination of the business relationship or the pre-contractual legal relationship. Ultimately, the storage period shall also be determined by the statutory limitation periods, which pursuant to Sections 195 et seq. of the German Civil Code (BGB), for example, are generally three years; however, in certain cases, these may be as long as thirty years.

8. To what extent is there automatic decision-making in individual cases (including profiling)?

We do not use purely automated decision-making procedures in accordance with GDPR, Article 22. If we use these procedures in individual cases, we shall inform you separately of this, insofar as this is required by law.

9. Your privacy

You have the right of access to information under GDPR, Article 15, the right to correction under Article 16, the right to deletion under Article 17, the right to limitation of processing under Article 18, and the right to data transferability under Article 20. Furthermore, the right to appeal to a data protection supervisory authority shall apply pursuant to GDPR, Article 77. In accordance with GDPR, Article 21, the right to object to the processing of personal data by us shall always apply. However, this right of objection shall only apply in the case of very special circumstances in your personal situation, where the rights of our company may conflict with your right of objection. If you wish to exercise any of these rights, please contact our Data Protection Officer at datenschutz@medicon.de.

10. Extent of your obligations to provide us with your data

You shall only be required to provide data which is necessary for the establishment and performance of a business relationship or for a pre-contractual relationship with us or which we are legally obliged to collect. Without this data, we shall not usually be able to enter into or carry out our contract with you. This may also refer to data required later within the framework of the business relationship. If we request additional data from you, you shall be informed of the voluntary nature of the information separately.

11. Information regarding your right of objection GDPR, Art. 21

You have the right to object to the processing of your data at any time on the basis of GDPR, Art. 6(1)(f) (data processing on the basis of a weighing of interests) or GDPR, Art. 6(1)(e) (data processing in the public interest) if reasons exist relating to your particular situation. This shall also apply to profiling based on this provision as defined in GDPR, article 4(4).

If you object, we shall cease processing your personal data, unless we can provide compelling reasons for its processing worthy of protection, which outweigh your interests, rights and freedoms or if the processing serves to assert, exercise or defend legal claims. We may also process your personal data for the purpose of direct marketing. If you do not wish to receive advertising, you have the right to object at any time. This also applies to profiling in so far as it is related to this type of direct marketing. We shall take this objection into account for the future. We shall cease to process your data for direct marketing purposes if you object to such processing.

The objection may be sent informally to the address listed under point 1.

12. Your right to appeal to the competent supervisory authority

Pursuant to GDPR, Art. 77, you have the right to appeal to the data protection supervisory authority. The responsible supervisory authority is:

The State Commissioner for Data Protection and Freedom of Information (Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit)
Königstrasse 10 a
70173 Stuttgart

Data protection information for customers and interested parties

pursuant to EU General Data Protection Regulation (GDPR), Article 13, 14 and 21
Data protection is of utmost importance to us. The following information explains how we process your data and what your rights are.

1. Who is responsible for data processing and who can you contact?

Medicon eG
Chirurgiemechaniker-Genossenschaft
Gänsäcker 15
D-78532 Tuttlingen
Tel.: +49 (0) 74 62 / 20 09 – 0
Fax: +49 (0) 74 62 / 20 09 – 50
E-Mail: info@medicon.de

2. Contact details of the Data Protection Officer

Edmund Hilt
hilt evolution
www.hilt-evolution.com
datenschutz@medicon.de

3. Purpose of processing and legal basis

Your personal data shall be processed in accordance with the provisions of the EU General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG) and other relevant data protection regulations. The processing and use of the individual data depends on the agreed or requested service. Please find further details and additional information regarding processing purposes in our contractual documents, forms, declarations of consent and other information provided (e.g. on the website or in the Terms and Conditions).

3.1 Consent (GDPR, Art. 6(1)(a))

If you have given us consent to process your personal data, this consent shall serve as the legal basis for the processing specified therein. You may revoke your consent with future effect at any time.

3.2 Fulfilling contractual obligations (GDPR, Art. 6(1)(b)

We shall use your personal data for the purpose of fulfilling the contracts we enter into with you. Your personal data shall also be processed to implement measures and activities within the framework of pre-contractual relationships.

3.3 Fulfilling legal obligations (GDPR, Art. 6(1)(c))

We shall process your personal data if this is necessary for compliance with legal obligations (e.g. commercial and taxation laws). Furthermore, we shall process your data if necessary for the fulfilment of fiscal control and reporting obligations, the archiving of data for the purposes of data protection and data security as well as for auditing by tax authorities and other authorities. Disclosure of personal data may also become necessary in the course of official/judicial action for the purposes of gathering evidence, prosecution or enforcement of civil claims.

3.4 Legitimate interest on our part or on the part of third parties (GDPR, Art. 6(1)(f))

We may also use your personal data on the basis of a weighing of interests to protect the legitimate interests on our part or on the part of third parties. This shall apply with regard to the following purposes:

  • Advertising or market research, provided that you have not objected to the use of your data
  • For the collection of information and the exchange of data with credit agencies if this goes beyond our economic risk
  • For the limited storage of your data if deletion is not possible or only possible with disproportionately great effort on account of the special type of storage
  • For continuing development of services and products as well as existing systems and processes
  • For the assertion of legal claims and defence in legal disputes which are not directly attributable to the contractual relationship
  • For internal and external investigations and/or security audits
  • For safeguarding and exercising our property rights through appropriate measures (e.g. video surveillance)

4. Categories of personal data processed by us

The following data shall be processed:

  • Name, First name
  • Contact details (address, e-mail address, phone number and comparable information)
  • Komplette Bewerbungsunterlagen (wie z.B. Lebenslauf, Zeugnisse, Referenzen)
  • Social security data (e.g. date of birth, place of birth, birth name, social security number, health insurance fund, DEÜV data, marital status)
  • Payroll data (e.g. salary, wages, working hours, sick leave, holiday entitlement, bank details)

5. Who receives your data?

We pass on your personal data within our company to those departments that require this data to fulfil their contractual and legal obligations, or to comply with our legitimate interest.

Moreover, the following bodies may receive your data:

  • Contract processors used by us (GDPR, Art. 28), providers of support services and other parties responsible pursuant to the GDPR, in particular in the areas of: IT services, logistics, courier services, printing services, external computer centres, support/maintenance of IT applications, archiving, document processing, bookkeeping and controlling, data destruction, purchasing/procurement, customer administration, letter shops, marketing, telephony, website management, tax consultancy, auditing services, credit institutions
  • Public bodies and institutions where there is a legal or official obligation requiring us to provide information, report or disclose data or where the disclosure of data is in the public interest
  • Bodies and institutions on the basis of our legitimate interest or the legitimate interest of the third party (e.g. to authorities, credit agencies, debt collection agencies, lawyers, courts, experts and supervisory bodies)
  • Other bodies for which you have given us your consent for the data transfer

6. Transfer of your data to a third country or an international organisation

Data processing shall not take place outside the EU or EEA.

7. How long do we store your data?

If required, we shall process your personal data for the duration of our business relationship, including the initiation and execution of a contract.

Furthermore, we are subject to various storage and documentation obligations, including those arising from the German Commercial Code (HGB) and the German Fiscal Code (AO). The periods for storage and documentation specified therein are up to ten years following termination of the business relationship or the pre-contractual legal relationship. Ultimately, the storage period shall also be determined by the statutory limitation periods, which pursuant to Sections 195 et seq. of the German Civil Code (BGB), for example, are generally three years; however, in certain cases, these may be as long as thirty years.

8. To what extent is there automatic decision-making in individual cases (including profiling)?

We do not use purely automated decision-making procedures in accordance with GDPR, Article 22. If we use these procedures in individual cases, we shall inform you separately of this, insofar as this is required by law.

9. Your privacy

You have the right of access to information under GDPR, Article 15, the right to correction under Article 16, the right to deletion under Article 17, the right to limitation of processing under Article 18, and the right to data transferability under Article 20. Furthermore, the right to appeal to a data protection supervisory authority shall apply pursuant to GDPR, Article 77. In accordance with GDPR, Article 21, the right to object to the processing of personal data by us shall always apply. However, this right of objection shall only apply in the case of very special circumstances in your personal situation, where the rights of our company may conflict with your right of objection. If you wish to exercise any of these rights, please contact our Data Protection Officer at datenschutz@medicon.de.

10. Extent of your obligations to provide us with your data

You shall only be required to provide data which is necessary for the establishment and performance of a business relationship or for a pre-contractual relationship with us or which we are legally obliged to collect. Without this data, we shall not usually be able to enter into or carry out our contract with you. This may also refer to data required later within the framework of the business relationship. If we request additional data from you, you shall be informed of the voluntary nature of the information separately.

11. Information regarding your right of objection GDPR, Art. 21

You have the right to object to the processing of your data at any time on the basis of GDPR, Art. 6(1)(f) (data processing on the basis of a weighing of interests) or GDPR, Art. 6(1)(e) (data processing in the public interest) if reasons exist relating to your particular situation. This shall also apply to profiling based on this provision as defined in GDPR, article 4(4).

If you object, we shall cease processing your personal data, unless we can provide compelling reasons for its processing worthy of protection, which outweigh your interests, rights and freedoms or if the processing serves to assert, exercise or defend legal claims. We may also process your personal data for the purpose of direct marketing. If you do not wish to receive advertising, you have the right to object at any time. This also applies to profiling in so far as it is related to this type of direct marketing. We shall take this objection into account for the future. We shall cease to process your data for direct marketing purposes if you object to such processing.

The objection may be sent informally to the address listed under point 1.

12. Your right to appeal to the competent supervisory authority

Pursuant to GDPR, Art. 77, you have the right to appeal to the data protection supervisory authority. The responsible supervisory authority is:

The State Commissioner for Data Protection and Freedom of Information (Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit)
Königstrasse 10 a
70173 Stuttgart

Newsletter

Receive the latest information and offers from Medicon

Subscribe to newsletter
  • MEDICON eG, Chirurgiemechaniker-Genossenschaft

Gänsäcker 15, D-78532 Tuttlingen

MEDICON EVENTS

06/26
- 06/29/2025
IMRHIS
IMRHIS
09/25
- 09/27/2025
55. Jahrestagung DGPRÄC
55. Jahres...

Show all planned events

Company

Distribution partner

More offers

Service

Notification + return

Linkedin Instagram Youtube Facebook

2025 Medicon eG.

Business Unit

Nehmen Sie Kontakt zu einem Vertriebsmitarbeiter auf:

You can find information on the handling of your personal data in our privacy policy.

*Pflichtfelder

Persönliche Informationen: Vorname, Nachname
Ihre Organisation: Krankenhaus/Firma, Land
Ihre Kontaktdaten: E-Mail

Ihre Angaben helfen uns dabei Ihre Anfrage richtig zuzuordnen. Alternativ erreichen Sie uns auch per Mail an: sales@medicon.de.

Business Unit

Nehmen Sie Kontakt zu einem Vertriebsmitarbeiter auf:

Informationen zum Umgang mit Ihren personenbezogenen Daten finden Sie in unserer Datenschutzerklärung.

*Pflichtfelder

Persönliche Informationen: Vorname, Nachname
Ihre Organisation: Krankenhaus/Firma, Land
Ihre Kontaktdaten: E-Mail

Ihre Angaben helfen uns dabei Ihre Anfrage richtig zuzuordnen. Alternativ erreichen Sie uns auch per Mail an: sales@medicon.de.

Mandatory fields

Information on how we process your personal data can be found in our  privacy policy.

Pflichtfelder

Informationen darüber, wie wir Ihre personenbezogenen Daten verarbeiten, finden Sie in unserer Datenschutzrichtlinie.