Datenschutz & Haftungsausschluss

Data protection declaration for www.dii-healthcare.com

1 Name and contact details of the data controller and the data protection officer

This data protection declaration applies to data processed by:

Responsible person:

Data Information Intelligence GmbH

Schwägrichenstraße 9

D-04177 Leipzig, Germany

Email: welcome@dii-healthcare.com

Phone: +49 (0) 341 33395100

Fax: +49 (0) 341 33395500

Data protection officer:

Dr. Jürgen Fechner

Walter-Markov-Ring 42

D-04288 Leipzig, Germany

Email: info@fue-soft.de

Phone: +49 171 8266933

2 Collection and storage of personal data and the nature and purpose of their use

2.1 When visiting the website

When you visit our website www.dii-healthcare.com, the browser used by your device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file. The following information is collected without your intervention and temporarily stored until automated deletion:

  • IP address of the requesting computer,
  • Date and time of access,
  • Name and URL of the retrieved file,
  • Website from which the access is made (referrer-URL),
  • the browser used and, if applicable, the operating system of your computer as well as the name of your access provider.

This data will be processed by us for the following purposes:

  • to ensure a smooth connection to the website,
  • to ensure the comfortable use of our website,
  • to evaluate the system security and stability
  • as well as for other administrative purposes.

The legal basis for data processing is Art. 6 para. 1 sentence 1 f GDPR (legitimate interest). Our legitimate interest follows the purposes listed above for data collection. Under no circumstances do we use the collected data to draw personal conclusions about you..

In addition, we use cookies and analysis services when you visit our website. Detailed explanations are under sections 4 and 5 of this data protection declaration.

2.2 Registration to our newsletter

If you agreed to receive our newsletter according to Art. 6 para. 1 p. 1 lit. a GDPR, we will use your e-mail address to regularly send you our newsletter.

2.2.1 Notes on the newsletters and consents

The following notes will inform you about the content of our newsletter as well as the registration, dispatch and statistical evaluation procedures and your rights of objection. By subscribing to our newsletter, you agree to the receipt of the newsletter and the described procedures.

2.2.2 Content of the newsletters

We send newsletters, e-mails and other electronic notifications containing promotional information (hereinafter "newsletters") only with the consent of the recipients or a legal permission. If the contents of a newsletter are specifically described within the scope of the registration, they are decisive for the consent of the users. Our newsletters contain information on medical topics and current market studies, especially in the field of medical market research, as well as on our company. This may include references to blog entries, lectures or workshops, our services or online appearances.

2.2.3 Double-opt-in and documentation

Subscription to our newsletter takes place in a so-called double opt-in procedure. This means that after registration you will receive an e-mail asking you to confirm your registration. This confirmation is necessary so that no one can log in with other e-mail addresses.

Subscriptions to the newsletter are logged in order to be able to prove the registration process in accordance with legal requirements. This includes the storage of the login and confirmation time, as well as the IP address.

2.2.4 Use of the mailing service "MailChimp"

We send newsletters via "MailChimp", a mailing platform of the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA. The e-mail addresses of our newsletter recipients, as well as their further data later described in these notes, are stored on the servers of MailChimp in the USA. MailChimp uses this information to send and evaluate the newsletter on our behalf. Furthermore, MailChimp can use this data to optimize or improve its own services, e.g. to technically optimize the sending and presentation of the newsletter or for economic purposes, in order to determine from which countries the recipients come. However, MailChimp does not use the data of our newsletter recipients to write them on its own behalf or pass the data on to third parties.

We trust in the reliability and IT as well as data security of MailChimp. MailChimp is certified under the US-EU data protection agreement "Privacy Shield" and thus commits to comply with EU data protection regulations. Furthermore, we have concluded a data processing agreement with MailChimp. This is a contract in which MailChimp undertakes to protect the data of our users, to process them on our behalf in accordance with their data protection regulations and in particular not to pass them on to third parties. The data protection regulations of MailChimp can be viewed here.

2.2.5 Subscription Data/ User credentials

To subscribe to the newsletter, it is sufficient to enter your e-mail address. Optionally, we ask you to enter your first and last name and other data (name of your clinic, department, your position and your interests). This information is only used to personalize the newsletter and to adapt the contents of the newsletter to the interests of our readers.

2.2.6 Statistical evaluations and analysis

The newsletters contain a so-called "web-beacon", i.e. a pixel-sized file that is retrieved from the server of MailChimp when the newsletter is opened. Within the scope of this retrieval, technical information, such as information about the browser and your system, as well as your IP address and time of retrieval are initially collected. This information is used to technically improve the services based on the data of the target groups and their reading behavior.

Statistical evaluations also include determining if the newsletters are opened, when they are opened and which links are clicked.  For technical reasons, this information can be assigned to the individual newsletter recipients.  However, it is neither our desire nor that of MailChimp to observe individual users.  The evaluations serve to understand the reading habits of our users and to adapt our content or to send different content according to the interests of our users.

2.2.7 Online newsletter display and data management

There are cases where we direct the newsletter recipients to the website of MailChimp. For example, our newsletters could contain a link to read the newsletter online (e.g. in case of display problems in the e-mail program). Furthermore, newsletter recipients can correct their data, e.g. the e-mail address within MailChimp. Likewise, the privacy policy of MailChimp is only available on their site.

In this context we pointed out that the websites of MailChimp use Cookies. Thus personal data are processed by MailChimp, its partners and service providers (e.g. Google Analytics). We have no influence on this data collection. Further information can be found in the privacy policy of MailChimp. In addition, we would like to inform you about the possibilities of object to the collection of data for advertising purposes on the websites www.aboutads.info/choices/ and www.youronlinechoices.com (for the EU).

2.2.8 Cancellation

You can cancel the receipt of our newsletter at any time, i.e. revoke your consent. You will find a link to cancel the newsletter at the end of each newsletter. Alternatively, you can send your revocation request at any time to Welcome@dii-healthcare.com.

With your cancellation of the newsletter the statistical evaluations expires simultaneously. A separate cancellation of the newsletter via MailChimp and the statistical evaluation is not possible.

We would also like to point out that you can object to the future processing of your personaldata at any time in accordance with the statutory provisions of Art. 21 GDPR. The objection may be lodged in particular against processing for direct marketing purposes.

2.2.9 Legal Bases of the General Data Protection Regulation

In accordance with the provisions of the General Data Protection Regulation (GDPR) in force from 25 May 2018, we inform you that your consents to the sending of e-mail addresses are based on Art. 6 para. 1 lit. a, 7 GDPR and § 7 para. 2 no. 3 and para. 3 UWG. The use of the service provider MailChimp, carrying out statistical surveys and analyses as well as logging of the registration procedure, are based on our legitimate interests pursuant to Art. 6 Para. 1 lit. f GDPR. We are interested in using a user-friendly and secure newsletter system that serves both our business interests and the expectations of users.

2.3. When using our contact form

We offer you the opportunity to contact us using a form provided on our website. This form requires a valid e-mail address so that we know who sent the request and can respond to it. Further information can be provided voluntarily.

The data processing for the purpose of contacting us is in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR on the basis of your voluntary consent. If contact is made to carry out pre-contractual measures (e.g. request for an offer), the data will be processed on the basis of Art. 6 para. 1 sentence 1 lit. b GDPR.

The personal data collected by us for the purpose of using the contact form will be automatically deleted after your request has been processed, except if the request concerns business correspondence (received commercial letter - obligation to keep records in accordance with § 257 Paragraph 1 No. 2 HGB, obligation to keep records for commercial and business letters § 147 Paragraph 1 No. 2, Paragraph 3 AO for 6 years).

2.4. When being contacted for market research

After contacting you for the means of market research, our moderators store the following information in our project database: your name, your phone number, your email address. You have the right to object to the storing of this data. In case of incentive procedures after successfully done interviews, data information intelligence is obliged to store payment information like bank account data or private email addresses, tied to project information the incentive has been concerned with.

The results of all surveys are presented exclusively in anonymous form. No one can tell from the results by which person or institution the information was provided. Within the framework of our market and social research investigations, no personal data is passed on to third parties. Once the respective study has been completed, a personal reference can no longer be established. All employees of data information intelligence are contractually bound by data secrecy and social secrecy. The obligation to maintain secrecy shall continue to apply after the termination of the activity. In cases of doubt regarding data protection, the employee concerned must contact the office from which he received his order and the data protection officer of data information intelligence. Data information intelligence has installed various technical and organisational measures in accordance with Article 32 DS-GMO. An in-house data protection officer has been appointed.

2.5. When getting in touch with us via email

Your personal contact data will be electronically stored in our CRM when you provide it to us while having full knowledge of our intent. We will only use these data for our own advertising. You have the right to withdraw at any time. We will never provide your data to third parties unless we are legally obliged to do so.

3 Disclosure of Data to Third Parties

A transmission of personal data to third parties for purposes other than those listed below does not take place. We only disclose your personal data to third parties if:

  • you agreed that we can submit your personal data pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR,
  • disclosure pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR is required to assert, exercise or defend legal claims and there is no reason to assume that you have a predominantly legitimate interest in not disclosing your data,
  • disclosure pursuant to Art. 6 para. 1 lit. c GDPR has a legal obligation, and
  • it is legally permissible, according to Art. 6 para. 1 sentence 1 lit. b GDPR and required for the settlement of contractual relationships with you.

4 Cookies

We use cookies on our website. These are small files which your browser automatically creates and stores on your device (laptop, tablet, smartphone, etc.) when you visit our site. Cookies do no damage your device and do not contain viruses, Trojans or other malware.

Cookies store information in connection with the specifically used device. However, this does not mean that we immediately become aware of your identity. We use cookies to make our offer more pleasant for you. For example, we use so-called session cookies to recognize that you have already visited individual pages of our website. These cookies are automatically deleted after you leave our site. In addition, we also use temporary cookies that are stored on your device for a specified period of time to optimize user-friendliness. If you visit our site again, it will automatically recognize that you have already been at our website and which entries and settings you have made so that you do not have to enter them again.

The data processed by cookies is required for the aforementioned purposes in order to protect our legitimate interests and those of third parties pursuant to Art. 6 Para. 1 S. 1 lit. f GDPR. Most browsers automatically accept cookies. However, you can configure your browser so that no cookies are stored on your computer or a message always appears before a new cookie is created. However, the complete deactivation of cookies can lead to the fact that you cannot use all functions of our website.

 Possibility to object: If you do not want to use cookies or want to delete existing cookies, you can switch them off and remove them via your internet browser. For further information regarding the deletion or blocking of cookies, please refer to the help texts of your browser or the Internet, for example, under the search terms "disable cookies" or "delete cookies" (instructions for deletion in Mozilla Firefox, instructions for deletion in Microsoft Internet Explorer, instructions for deletion in Safari).

5 Your Rights as a Person Affected by This Data Processing

You have the right:

  • to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular you may obtain information about the purposes of processing, the category of personal data, the categories of recipients to whom your data have been or will be disclosed, the planned storage period, the existence of a right to rectification, deletion, restriction of processing or objection, the existence of a right of appeal, the origin of your data, if these have not been collected by us, and the existence of automated decision-making including profiling and, if applicable, the processing of your data.
  • to request the immediate correction of incorrect or incomplete personal data stored by us in accordance with Art. 16 GDPR,
  • to request the deletion of your personal data stored by us in accordance with Art. 17 GDPR, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
  • to request the restriction of the processing of your personal data in accordance with Art. 18 GDPR, if the accuracy of the data is disputed by you, the processing is unlawful, but you refuse its deletion, we no longer need the data, but you need it to assert, exercise or defend your legal claims, or if you have filed a cancellation in accordance with Art. 21 GDPR
  • to receive your personal data that you have provided to us in a structured and machine-readable format or to request transmission to another responsible person in accordance with Art. 20 GDPR,
  • to withdraw your consent at any time in accordance with Art. 7 para. 3 GDPR. As a result, we are no longer allowed to continue the data processing
  • to complain to a supervising authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervising authority of your usual place of residence or workplace or our office.

6 Right of Objection

If personal data are processed on the basis of legitimate interests pursuant to Art. 6 para. 1 sentence 1 f GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR, provided that there are reasons for this arising from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right of objection, which we will implement without specifying a particular situation. If you wish to exercise your right of objection, simply send an e-mail to welcome@dii-healthcare.com

7 Data Security / e-mail Communication

Our website uses the common SSL (Secure Socket Layer) method together with the highest level of encryption supported by your browser. Usually this is a 256 bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. Whether a single page of our website is transmitted in encrypted form is indicated by the closed display of the key or lock symbol in the lower status bar of your browser.

We also use suitable technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

Generally, E-mails that are sent over the Internet without additional security measures (encryption) are as non-confidential as a postcard. If you communicate with us by e-mail without additional security, we assume that you are aware of this technical circumstance and allow us to answer you also by simple e-mail.

7.1 Basic Encryption Between e-mail Providers

However, data security in our communication by e-mail is hugely important to us. Our provider automatically offers you secure e-mail communication via your e-mail provider.

Our German hosting provider builds email communication with you on additional security measures. Security depends on whether your email provider also offers you the same security measures. At dane.sys4.de you can test whether your e-mail provider uses the current security standards. If in doubt, we can discuss alternative security measures, e.g. the PGP email encryption mentioned below. Regarding the security measures used by our provider, the provider writes:

„Als Sicherungsmaßnahmen für die E-Mail-Kommunikation wurde DNSSEC (zur Funktionsweise siehe https://de.wikipedia.org/wiki/Domain_Name_System_Security_Extensions ) implementiert. Zudem wurde 2015 DANE (siehe zur Funktionsweise: https://de.wikipedia.org/wiki/DNS-based_Authentication_of_Named_Entities ) eingeführt, der nächste konsequente Schritt zu mehr Sicherheit. Das DANE-Netzwerkprotokoll (DNS-based Authentification of Named Entities) erweitert das im E-Mail-Verkehr häufig eingesetzte SSL/TLS-Transportprotokoll um eine zusätzliche Absicherung. Zertifikate werden unmittelbar mit speziellen DNS-Einträgen (TLSA-RR) einer Domain verknüpft und über DNSSEC gesichert. Damit wird sichergestellt, dass ein Zertifikat zwischenzeitlich nicht ausgetauscht wurde und die Echtheit bestätigt werden kann. Mailserver, die DANE unterstützen, können nun untereinander verschlüsselte Verbindungen erzwingen. Die Sicherheit beim Transport von E-Mails wird damit signifikant erhöht.“

7.2 PGP E-Mail Encryption

Better and therefore recommended encryption (cryptography) of data transmission is possible with asymmetric encryption after the exchange of public keys. We are happy to provide you with our public PGP key (PGP: Pretty Good Privacy).  You can use this key to encrypt messages. 

To communicate safely, you must install OpenPGP software on your computer. Here is a list of possible solutions for different operating systems:

Please import the public key into your local OpenPGP key management to encrypt a message to us.

8 Actuality and Changes of this Data Protection Declaration

This data protection declaration is currently valid and has the status 25.05.2018. 

Due to the further development of our website and offers or due to changed legal or official requirements, it may become necessary to change this data protection declaration. You can access and print out the current data protection declaration at any time on the website at https://www.dii-healthcare.com/contact/data-security-liability.html