(Last updated: August 2022)
Information on the Collection of Personal Data
(1) In the following passages, we have provided information on the collection of personal data when you use our website www.fritzhuber.de. Personal data is all data that can be related to you personally, for example your name, address, email addresses, and user behavior.
(2) The controller as defined by the General Data Protection Regulation (GDPR) is:
Fritz Huber Chirurgische Instrumente GmbH & Co. KG
Commercial register: Stuttgart District Court, company reg. no. HRA 738357
Legall represented by its general partner
evonos Verwaltungs GmbH
Commercial register: Stuttgart District Court, company reg. no. HRB 739473
Managing directors: Ingolf Diez, Jörg Mans
(3) If you contact us by email or via a contact form, the data that you have disclosed (your email address and possibly your name and telephone number) will be stored by us so that we can respond to your queries. We will erase the data generated in this context after storage is no longer required or restrict processing if it is subject to statutory retention requirements.
(4) The processing of personal data may be based on the following legal grounds in particular:
- Article 6 (1) (a) GDPR for processing operations, for which we obtain your consent in advance for a specific processing purpose;
- Article 6 (1) (b) GDPR to the extent that the processing of personal data is necessary for the performance of a contract. The same applies in respect of processing operations that are necessary for carrying out pre-contractual measures, for example when inquiries are made about our products;
- Article 6 (1) (c) GDPR to the extent that we are subject to a legal obligation requiring the processing of personal data, for example to comply with tax or accounting obligations;
- Article 6 (1) (f) GDPR on the basis of our legitimate interests unless your interests, fundamental rights and freedoms override our interests.
(1) Your personal data will only be processed and stored for the period necessary to fulfill the purpose of storage and/or as provided by law. After this purpose has ceased to exist or has been fulfilled, your personal data will be erased or blocked.
(2) If your data is blocked, it will be erased as soon as there are no other storage periods to the contrary, there is no reason to assume that erasure would impair your legitimate interests, and erasure would not involve a disproportionate amount of effort due to the special nature of the storage.
Collaboration with Processors
(1) For the provision of our website and services, we sometimes use external service providers (e.g. for sending newsletters or for analysis). These processors will only act on our instructions and have been contractually obligated, in accordance with Article 28 GDPR, to comply with the provisions of data protection law.
(2) If personal data about you is disclosed by us to our subsidiaries or is disclosed to us by our subsidiaries (e.g. for advertising purposes), this is carried out on the basis of existing order processing relationships.
Collection of Personal Data When You Visit our Website
(1) If you use our website purely for information purposes, that is, if you do not register with us or provide us with information in any other way, then we will only collect the personal data that your browser transmits to our server. If you wish to view our website, we will collect the following data:
- IP address
- Date and time of the request
- Time zone difference from Greenwich Mean Time (GMT)
- Content of the request (specific page)
- Access status/HTTP status code
- Quantity of data transmitted
- Website from which the request originates
- Operating system and its interface Language and version of the browser software.
(2) The collection of this data is technically necessary for us in order to display our website to you and to ensure stability and security. The legal basis is Article 6 (1) (f) GDPR.
(2) Cookies may contain data allowing us to recognize the device you are using. In some cases, cookies only contain information about certain settings that cannot be related to a specific person. However, cookies cannot directly identify a user.
(3) A distinction is made between session cookies, which are deleted as soon as you close your browser, and permanent cookies, which are stored beyond the individual session. With regard to their function, we again differentiate between the following types of cookies:
- Technical cookies: These are absolutely necessary to enable you to navigate the website and use basic functions, and to ensure the security of the website. They do not collect information about you for marketing purposes, nor do they store information about any other websites you have visited;
- Performance cookies: These collect information about how you use our website, which pages you visit and, for example, whether errors occur during your use of the website. They do not collect information that could identify you – all information collected is anonymous and is used only to improve our website and to find out what interests our users;
- Advertising cookies, targeting cookies: These are used to offer the website user tailored advertising on the website or offers from third parties and to measure the effectiveness of these offers;
- Sharing cookies: These are used to improve the interactivity of our website with other services (e.g. social networks).
(5) You can configure your browser settings according to your preferences and refuse to accept third-party cookies, for example, or all cookies. However, please note that you may not then be able to use all of this website’s features.
(1) When you contact us by phone or email, the data you provide will be stored by us on the basis of Article 6 (1) (a) GDPR in order to answer your inquiry. We will erase the data generated in this context when the respective conversation with you has ended and the matter in question has been conclusively resolved.
(2) For concluding and processing contracts or for implementing pre-contractual measures on the basis of Article 6 (1) (b) GDPR and depending on the individual case, we will require contact details such as your name, delivery and billing address, and email address, as well as information on the type of payment method you have chosen.
(3) Based on Article 6 (1) (c) and (f) GDPR, we use and store your personal data to the extent that we are legally obliged to do so, for example due to regulatory or judicial orders. We also use and store your personal data in order to exercise our rights and claims as well as for legal defense purposes.
(1) We use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss or destruction, and against unauthorized access by third parties, taking into account the state of the art, implementation costs and the nature, scope, context and purpose of the processing, as well as the existing risks of a data breach (including its probability and impact) for the data subject. Our security measures are continuously improved in line with technological developments.
(2) We will be happy to provide you with more information on request. Please contact us at email@example.com.
If your personal data is processed, you are the ‘data subject’ for the purposes of the GDPR. You have the following rights with regard to the personal data concerning you:
- Under Article 15 GDPR, you have the right to request information about the personal data stored about you. Under Article 16 GDPR, you have the right to request that personal data concerning you be corrected and/or completed without undue delay.
- Under Article 17 GDPR, you have the right to request the erasure of your personal data stored by us unless it is necessary to exercise the right of freedom of expression and information, the processing is required for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise or defense of legal claims.
- Under Article 18 GDPR, you have the right to request the restriction of the processing of your personal data if the accuracy of the data is contested by you, if the processing is unlawful and you oppose its erasure, if we no longer need the data but you need it for the establishment, exercise or defense of legal claims, or if you have objected to the processing. Under Article
- 20 GDPR, you have the right to have personal data that you have provided to us handed over to you or to a third party in a structured, commonly used, and machine-readable format. If you request the direct transfer of the data to another controller, this will only be done to the extent that it is technically feasible.
- Under Article 21 GDPR, you have the right to object to processing at any time, provided that your personal data is processed on the basis of legitimate interests pursuant to Article 6 (1) (f) GDPR.
(2) You have the right to withdraw your consent regarding the collection of data at any time with effect for the future. The data collected until your withdrawal of consent becomes legally effective remains unaffected by this.
(3) If you wish to exercise any of the above rights, a simple message to us will suffice. To do so, you can use the contact details provided or email us at firstname.lastname@example.org.
(4) Regardless of any other legal remedy under administrative law or by means of the courts, you have the right to lodge a complaint with a supervisory authority, particularly in the member state of your residence, your place of work, or the location of the supposed infringement if you take the view that the processing of the personal data involving you is in breach of the GDPR. As the complainant, you will be informed of the status and outcome of the complaint, including the possibility of a judicial remedy under Article 78 GDPR, by the supervisory authority to which the complaint was submitted.