Data protection

§ 1 Information regarding the collection of personal data

(1) Below we inform you about the collecting of personal data upon utilisation of our website. Personal data area any and all data that can be attributed to you personally, i.e., for example, name, address, e-mail addresses, user behaviour.

(2) Controller in accordance with Art. 4 Par. 7 EU General Data Protection Regulation (GDPR) is the firm Cardisio GmbH, managing directors Meik Baumeister, The Squaire 12, 60549 Frankfurt am Main, Germany, info@cardis.io (see our Impressum). You can reach our data protection officer at info@cardis.io or at our postal address with the addition “the Data Protection Officer”.

(3) When you are establishing contact with us via e-mail or via a contact form, we store the data you have communicated to us (your e-mail address; where applicable, your name and your phone number) to respond to your questions. We delete the data incurred in this context once its storage is no longer necessary, or we restrict the processing if statutory storage obligations exist.

(4) If we rely on contracted service providers for select functions of our offer, of if we want to use your data for advertising purposes, we will inform you below in detail about the respective processes.

§ 2 Legal basis for the processing of personal data

(1) To the extent that we obtain a declaration of consent of the data subject for the processing operations of personal data, Art. 6 Par. 1 Lit. a of the EU General Data Protection Regulation (GDPR) serves as legal basis for the processing of personal data.

(2) In case of the processing of personal data that is required for the fulfilment of a contract to which the data subject is a contractual party, Art. 6 Par. 1 Lit. b GDPR serves as legal basis. This shall also apply to processing operations that are necessary for the carrying out of pre-contractual measures.

(3) To the extent that a processing of personal data is required for the fulfilment of a contractual obligation that our company is subject to, Art. 6 Par. 1 Lit. c GDPR serves as legal basis.

(4) In case vital interests of the data subject or of another natural person make a processing of personal data necessary, Art. 6 Par. 1 Lit. d GDPR serves as legal basis.

(5) If the processing is necessary for maintaining a legitimate interest of our company or of a third party and if the interests, basic rights, and basic freedoms of the data subject do not outweigh the aforementioned interest, Art. 6 Par. 1 Lit. f GDPR serves as legal basis for the processing.

§ 3 Data erasure and duration of storage

Your personal data will be erased or restricted as soon as the purpose of storage no longer exists. A storage can, furthermore, be performed if this is provided for by the European or national legislatures in rules, laws, or other regulations under European Union law applicable to the Controller. A restriction or erasure of the data is also performed if a storage period prescribed by the specified standards expires unless a necessity exists for further storage of the data for conclusion or fulfilment of a contract.

§ 4 Your rights

(1) You have the following rights towards us with respect to the personal data concerning you:
– Right to be provided with information,
– Right to rectification or erasure,
– Right to restriction of processing,
– Right to object to the processing,
– Right to data portability.

(2) You, furthermore, have the right to lodge a complaint with a supervisory data protection authority regarding our processing of your personal data.

§ 5 Collection of personal data in case of a visit to our website

(1) In case of a merely informational utilisation of the website, i.e., if you do not register with us or transmit information to us otherwise, we only collect the personal data that your browser transmits to our server. If you want to view our website, we collect the following data that is technically required to display our website to you and that ensures stability and security (the legal basis is Art. 6 Par. 1 S. 1 Lit. f GDPR):
– IP address
– Date and time of the request
– Time zone difference to Greenwich Mean Time (GMT)
– Content of the request (specific page)
– Access status / HTTP status code
– Respective volume of data transmitted
– Website from which the request comes
– Browser
– Operating system and its user interface
– Language and version of the browser software.
The data will be erased as soon as they are no longer necessary for achieving the purpose for which they were collected. In case of collection of the data for provision of the website, this is the case once the respective session has ended.

(2) In addition to the aforementioned data, cookies are stored on your computer upon your utilisation of our website. Cookies are small text files that are stored on your hard drive assigned to the browser you are using through which the authority that is setting the cookie (in this case us) is provided with certain information. Cookies cannot execute programs nor transfer viruses to your computer. They serve for making the Internet presence more user-friendly and effective, overall.

(3) Use of cookies:
a) This website uses the following types of cookies, the scope and function of which are explained below:
– Transient cookies (see b)
– Persistent cookies (see c).
b) Transient cookies are deleted automatically when you close the browser. These include, in particular, the session cookies. These store a so-called session ID with which different requests by your browser can be linked to the joint session. This way, your computer can be recognised again when you return to our website. The session cookies are deleted when you log out or close the browser.
c) Persistent cookies are deleted automatically after a specified period of time that can differ from cookie to cookie. You can delete cookies at any time in the security or privacy settings of your browser.
d) You can configure your browser settings according to your preferences and, for example, reject the acceptance of third party cookies or all cookies. We would like to point out to you that you may not be able to use all functions of this website as a result.

§ 6 Additional function and offers of our website

(1) In addition to the purely informational utilisation of our website, we also offer various services you may use, if interested. Typically, you have to provide additional personal data for this which we use for providing the respective service and to which the aforementioned principles regarding data processing apply.

(2) In part, we utilise external service providers for the processing of your data. These were carefully selected and contracted by us, are bound by our directions and are inspected at regular intervals.

(3) Furthermore, we may pass your personal data on to third parties if we offer participations in campaigns, prize games, conclusions of contracts or similar services jointly with partners. You will receive more detailed information regarding this upon providing your personal data as well as in the description of the offer below.

(4) If our service providers or partners are headquartered in a state outside the European Economic Area (EEA), we inform you of the consequence of this circumstance in the description of the offer.

§ 7 Objection to or withdrawal of consent to the processing of your data

(1) If you have provided your consent to the processing of your data, you may withdraw it at any time. Such a withdrawal has an impact on the permissibility of the processing of your personal data once you have pronounced it towards us.

(2) If we base the processing of your personal data on the balancing of interests, you may object to the processing. This is the case if the processing is, in particular, not necessary for the fulfilment of a contract with you, which is indicated by us in each case in the following description of the functions. When exercising such an objection, we kindly request presentation of reasons why your personal data should not be processed as done by us. In case of your justified objection, we will check the facts of the matter and will either cease and/or adjust the data processing or indicate to you’re the compelling legitimate grounds based on which we continue the processing.

(3) You may, of course, object at any time to the processing of your personal data for the purposes of advertising and data analysis. You may inform us of your objection to advertising at the above contact data.

§ 8 Utilisation of Google Analytics

(1) This website uses Google Analytics, a web analysis service of Google Inc. (“Google”). Google Analytics uses so-called “cookies”, which are text files that are stored on your computer, and which allow for an analysis of your utilisation of the website. The information that the cookie generates about your utilisation of this website is generally transferred to and stored on a server operated by Google in the USA. In case of an active IP anonymization, your IP address will be shortened first by Google within member states of the European Union or in other contracting states of the Treaty on the European Economic Area. Only in exceptional circumstances will the complete IP address be transferred to a server of Google in the USA and then shortened there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activities and for providing other services relating to website utilisation and internet usage to the operator of the website.

(2) The IP address transmitted by your browser as part of “Google Analytics” is not combined with other data of Google.

(3) You can prevent the storage of the cookies through an appropriate setting in your browser software; we would, however, like to point out that in this case it may not be possible to make full use of all functions on this website. You can, furthermore, prevent the recording of the data generated by the cookie and related to your use of the website (incl. your IP address) to Google as well as the processing of this data by Google by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=en.

(4) This website is using Google Analytics with the “_anonymizeIp()” extension. As a result, IP addresses are processed in a shortened form so that a correlation with individual persons can be excluded. To the extent that the data collected regarding you feature a relation to your person, said relation is therefore immediately excluded and the personal data thereby deleted immediately.

(5) We use Google Analytics to be able to analyse and regularly improve the utilisation of our website. Via the statistics gained, we can improve our offer and design it more interestingly for you as the user. For exceptional cases in which personal data is transmitted to the USA, Google has subjected itself to the EU-US Privacy Shield Framework, https://www.privacyshield.gov/EU-US-Framework. Legal basis for the usage of Google Analytics is Art. 6 Par. 1 S.1 Lit. f GDPR.

(6) Information of the third party provider: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001. Terms & conditions of use: http://www.google.com/analytics/terms/gb.html and privacy policy: https://policies.google.com/privacy?hl=en.

§ 9 Integration of Google Web Fonts

(1) On this website, we use the offer of Google Web Fonts. As a result, your browser will lot the respective needed web fonts into your browser cache when calling up the website so that text and fonts can be displayed correctly.

(2) To be able to load the respective necessary data, your browser has to establish a connection to the servers of Google. As a result, Google obtains knowledge of the fact that this website was called up via your IP address. If your browser does not support web fonts, a standard font will be presented to you. Legal basis for the usage of Google Web Fonts is Art. 6 Par. 1 S.1 Lit f GDPR.

(3) For additional information regarding the purpose and scope of the data collection and its processing by the plug-in provider, see the privacy policies of said provider. There, you also receive additional information regarding your respective rights and configuration options for the protection of your privacy: https://policies.google.com/privacy?hl=en Google is also processing your personal data in the USA and has subjected itself to the EU-US Privacy Shield Framework, https://www.privacyshield.gov/EU-US-Framework.

§ 10 Integration of Bootstrap CDN

(1) On this website, the JavaScript code of StackPath, 2021, McKinney Ave., Suite 1100, Dallas, TX, USA (hereinafter referred to as “Bootstrap CDN”) is being loaded. To the extent that JavaScript is activated in your browser and you do not have a JavaScript blocker installed and activated, your browser will transmit personal data within the meaning of § 5 of this policy to Bootstrap CDN. Legal basis for the usage of Bootstrap CDN is Art. 6 Par. 1 S.1 Lit f GDPR.

(2) For additional information regarding the purpose and scope of the data collection and its processing by the plug-in provider, see the privacy policies of said provider. There, you also receive additional information regarding your respective rights and setup options for the protection of your privacy: https://www.stackpath.com/legal/privacy-statement/. Bootstrap CDN is also processing your personal data in the USA and has subjected itself to the EU-US Privacy Shield Framework, https://www.privacyshield.gov/EU-US-Framework.

§ 11 Integration of Cloudflare CDN

(1) On this website, the JavaScript code of Cloudflare Inc., 101 Townsend Street, San Francisco, CA 94107, USA (hereinafter referred to as “Cloudflare CDN”) is being loaded. To the extent that JavaScript is activated in your browser and you do not have a JavaScript blocker installed and activated, your browser will transmit personal data within the meaning of § 5 of this policy to Cloudflare CDN. Legal basis for the usage of Cloudflare CDN is Art. 6 Par. 1 S.1 Lit f GDPR.

(2) For additional information regarding the purpose and scope of the data collection and its processing by the plug-in provider, see the privacy policies of said provider. There, you also receive additional information regarding your respective rights and configuration options for the protection of your privacy: http://www.cloudflare.com/security-policy/. Cloudflare CDN is also processing your personal data in the USA and has subjected itself to the EU-US Privacy Shield Framework, https://www.privacyshield.gov/EU-US-Framework.