Border Image

Data protection

 

§1 Information on the collection of personal data

(1) In the following, we provide information about the collection of personal data when using our website. Personal data is all data that can be related to you personally, e.g. name, address, e-mail addresses, user behaviour.

(2) The controller pursuant to Art. 4 (7) of the EU General Data Protection Regulation (GDPR) is Cardisio GmbH, represented by Managing Director Meik Baumeister, The Squaire 12, 60549 Frankfurt/Main (see our legal notice).

(3) When you contact us by e-mail or via a contact form, the data you provide (your e-mail address, your name and telephone number if applicable) will be stored by us in order to answer your questions. We delete the data arising in this context after storage is no longer necessary, or restrict processing if there are statutory retention obligations.

(4) If we use contracted service providers for individual functions of our offer or would like to use your data for advertising purposes, we will inform you in detail below about the respective processes.

 

§2 Legal basis for the processing of personal data

(1) Insofar as we obtain the consent of the data subject for the processing of personal data, Art. 6 para. 1 lit. a EU General Data Protection Regulation (GDPR) serves as the legal basis for the processing of personal data.

(2) When processing personal data that is necessary for the fulfilment of a contract to which the data subject is a party, Art. 6 para. 1 lit. b GDPR serves as the legal basis. This also applies to processing operations that are necessary for the performance of pre-contractual measures.

(3) Insofar as the processing of personal data is necessary to fulfil a legal obligation to which our company is subject, Art. 6 para. 1 lit. c GDPR serves as the legal basis.

(4) In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 para. 1 lit. d GDPR serves as the legal basis.

(5) If the processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the former interest, Art. 6 para. 1 lit. f GDPR serves as the legal basis for the processing.

 

§3 Data erasure and storage duration

Your personal data will be deleted or blocked as soon as the purpose of storage no longer applies. Data may also be stored if this has been provided for by the European or national legislator in EU regulations, laws or other provisions to which the controller is subject. The data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or fulfilment of a contract.

 

§4 Your rights

(1) You have the following rights vis-à-vis us with regard to your personal data:

– Right to information,

– Right to rectification or erasure,

– Right to restriction of processing,

– Right to object to the processing,

– Right to data portability.

(2) You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us.

 

§5 Collection of personal data when visiting our website

(1) When using the website for information purposes only, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure stability and security (legal basis is Art. 6 para. 1 sentence 1 lit. f GDPR):

– IP address

– Date and time of the enquiry

– Time zone difference to Greenwich Mean Time (GMT)

– Content of the request (specific page)

– Access status/HTTP status code

– Amount of data transferred in each case

– Website from which the request comes

– Browser

– Operating system and its interface

– Language and version of the browser software.

The data is deleted as soon as it is no longer required to fulfil the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.

(2) In addition to the aforementioned data, cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard drive assigned to the browser you are using and through which certain information flows to the body that sets the cookie (in this case, us). Cookies cannot execute programmes or transfer viruses to your computer. They are used to make the website more user-friendly and effective overall.

(3) Use of cookies:

  1. a) This website uses the following types of cookies, the scope and function of which are explained below:

– Transient cookies (see b)

– Persistent cookies (see c).

  1. b) Transient cookies are automatically deleted when you close the browser. These include session cookies in particular. These store a so-called session ID, with which various requests from your browser can be assigned to the joint session. This allows your computer to be recognised when you return to our website. The session cookies are deleted when you log out or close the browser.
  2. c) Persistent cookies are automatically deleted after a specified period, which may vary depending on the cookie. You can delete cookies at any time in the security settings of your browser.
  3. d) You can configure your browser settings according to your wishes and, for example, refuse to accept third-party cookies or all cookies. Please note that you may not be able to use all the functions of this website.

 

§6 Further functions and offers on our website

(1) In addition to the purely informational use of our website, we offer various services that you can use if you are interested. To do so, you must generally provide additional personal data that we use to provide the respective service and for which the aforementioned data processing principles apply.

(2) In some cases, we use external service providers to process your data. These have been carefully selected and commissioned by us, are bound by our instructions and are regularly monitored.

(3) Furthermore, we may pass on your personal data to third parties if we offer participation in promotions, competitions, contract conclusions or similar services together with partners. You will receive more detailed information on this when you provide your personal data or in the description of the offer below.

(4) If our service providers or partners are based in a country outside the European Economic Area (EEA), we will inform you of the consequences of this circumstance in the description of the offer.

 

§7 Objection or revocation against the processing of your data

(1) If you have given your consent to the processing of your data, you can revoke it at any time. Such a revocation affects the permissibility of the processing of your personal data after you have given it to us.

(2) Insofar as we base the processing of your personal data on the balancing of interests, you can object to the processing. This is the case if, in particular, the processing is not necessary for the fulfilment of a contract with you, which is described by us in the following description of the functions. When exercising such an objection, we ask you to explain the reasons why we should not process your personal data as we have done. In the event of your justified objection, we will examine the situation and will either discontinue or adapt the data processing or show you our compelling reasons worthy of protection on the basis of which we will continue the processing.

(3) Of course, you can object to the processing of your personal data for advertising and data analysis purposes at any time. You can inform us of your objection to advertising using the contact details given above.

 

§8 Integration of Google Web Fonts

(1) We use Google Web Fonts on this website. This means that when you access the website, your browser will load the required web fonts into your browser cache so that texts and fonts can be displayed correctly.

(2) In order to load the required data, your browser does not need to establish a connection to Google’s servers. The required data is stored locally. This means that Google is not informed that this website has been accessed via your IP address. If your browser does not support web fonts, you will be shown a standard font. The legal basis for the use of Google Web Fonts is Art. 6 Para. 1 S.1 lit f GDPR.

 

§9 Integration of Google Maps

(1) We use the Google Maps service on this website. This allows us to show you interactive maps directly on the website and enables you to use the map function conveniently.

(2) By visiting the website, Google receives the information that you have accessed the corresponding subpage of our website. In addition, the data mentioned under § 5 of this declaration will be transmitted. This takes place regardless of whether Google provides a user account through which you are logged in or whether no user account exists. If you are logged in to Google, your data will be assigned directly to your account. If you do not wish your data to be associated with your Google profile, you must log out before activating the button. Google stores your data as usage profiles and uses them for the purposes of advertising, market research and/or customising its website. Such an analysis is carried out in particular (even for users who are not logged in) to provide customised advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact Google to exercise this right.

(3) The legal basis for the processing of your data is Art. 6 para. 1 sentence 1 lit. f GDPR. Further information on the purpose and scope of data collection and its processing by the plug-in provider can be found in the provider’s privacy policy. There you will also find further information on your rights in this regard and setting options to protect your privacy: http://www.google.de/intl/de/policies/privacy. Google also processes your personal data in the USA. The data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details at https://privacy.google.com/businesses/controllerterms/mccs/.

 

§10 Use of Google Analytics

(1) This website uses Google Analytics, a web analytics service provided by Google Inc (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyse how users use the site. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. However, if IP anonymisation is activated on this website, your IP address will first be truncated by Google within member states of the European Union or in other signatory states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. On behalf of the operator of this website, Google will use this information to analyse your use of the website, to compile reports on website activity and to provide the website operator with other services relating to website activity and internet usage.

(2) The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

(3) You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.

(4) This website uses Google Analytics with the extension “_anonymiseIp()”. This means that IP addresses are further processed in abbreviated form, so that they cannot be linked to a specific person. If the data collected about you is personally identifiable, it is immediately excluded and the personal data is deleted immediately.

(5) We use Google Analytics to analyse and regularly improve the use of our website. We can use the statistics obtained to improve our offer and make it more interesting for you as a user. The legal basis for the use of Google Analytics is Art. 6 para. 1 sentence 1 lit. f GDPR.

(6) Information from the third-party provider: Google Dublin, Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001. user conditions: http://www.google.com/analytics/terms/de.html, overview of data protection: http://www.google.com/intl/de/analytics/learn/privacy.html, as well as the privacy policy: http://www.google.de/intl/de/policies/privacy. Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found at https://privacy.google.com/businesses/controllerterms/mccs/.

 

§11 Use of Google Ads

(1) We use Google Ads to draw attention to our attractive offers with the help of advertising material on external websites. We can determine how successful the individual advertising measures are in relation to the advertising campaign data. We are interested in showing you adverts that are of interest to you, making our website more interesting for you and achieving a fair calculation of advertising costs.

(2) These adverts are delivered by Google via so-called “ad servers”. For this purpose, we use ad server cookies, through which certain parameters for measuring success, such as the display of adverts or clicks by users, can be measured. If you access our website via a Google advert, Google Ads will store a cookie on your PC. These cookies generally lose their validity after 30 days and are not intended to identify you personally. The unique cookie ID, number of ad impressions per placement (frequency), last impression (relevant for post-view conversions) and opt-out information (marking that the user no longer wishes to be addressed) are usually stored as analysis values for this cookie.

(3) These cookies enable Google to recognise your internet browser. If a user visits certain pages of an Ads customer’s website and the cookie stored on their computer has not yet expired, Google and the customer can recognise that the user clicked on the ad and was redirected to this page. A different cookie is assigned to each Ads customer. Cookies can therefore not be tracked via the websites of Ads customers. We ourselves do not collect and process any personal data in the aforementioned advertising measures. We only receive statistical analyses from Google. These analyses allow us to recognise which of the advertising measures used are particularly effective. We do not receive any further data from the use of the advertising material; in particular, we cannot identify users on the basis of this information.

(4) Due to the marketing tools used, your browser automatically establishes a direct connection with the Google server. We have no influence on the scope and further use of the data collected by Google through the use of this tool and therefore inform you according to our level of knowledge: Through the integration of ads, Google receives the information that you have accessed the corresponding part of our website or clicked on an advert from us. If you are registered with a Google service, Google can assign the visit to your account. Even if you are not registered with Google or have not logged in, there is a possibility that the provider will find out your IP address and store it.

(5) You can prevent participation in this tracking process in various ways: a) by setting your browser software accordingly; in particular, the suppression of third-party cookies means that you will not receive ads from third-party providers; b) by deactivating cookies for tracking by setting your browser to block cookies from the domain “www.googleadservices.com”, https://www.google.de/settings/ads, whereby this setting will be deleted if you delete your cookies; c) by deactivating the interest-based ads of the providers that are part of the “About Ads” self-regulation campaign via the link http://www.aboutads.info/choices, whereby this setting will be deleted if you delete your cookies; d) by permanent deactivation in your Firefox, Internet Explorer or Google Chrome browsers under the link http://www.google.com/settings/ads/plugin. We would like to point out that in this case you may not be able to use all the functions of this website to their full extent.

(6) The legal basis for the processing of your data is Art. 6 para. 1 sentence 1 lit. f GDPR. Further information on data protection at Google can be found here: http://www.google.com/intl/de/policies/privacy and https://services.google.com/sitestats/de.html. Alternatively, you can visit the website of the Network Advertising Initiative (NAI) at http://www.networkadvertising.org Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found at https://privacy.google.com/businesses/controllerterms/mccs/.

 

§12 Use of Google Tag Manager

(1) This website uses the Google Tag Manager of the provider Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The Tag Manager is a tool that allows us to integrate tracking or statistical tools and other technologies on our website. The Tag Manager itself does not create any user profiles, does not store any cookies and does not carry out any independent analyses. It is only used to manage and display the tools integrated via it. However, the Tag Manager records your OP address, which may also be transmitted to Google’s parent company in the USA.

(2) The Tag Manager is used on the basis of Art. 6 para. 1 lit. f GDPR, as we have a legitimate interest in the fast and uncomplicated integration and management of the tools we use on this website. The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found at https://privacy.google.com/businesses/controllerterms/mccs/.

 

§13 Use of reCAPTCHA

(1) This website uses the service of the provider reCAPTCHA of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. With reCAPTCHA, we can determine whether the person accessing the website is actually a human user or spam software. By spam we mean any unsolicited information that is sent to us electronically. It is therefore necessary for you as the user to confirm that you are a human by ticking the box.

(2) By inserting reCAPTCHA, data (see § 5) is transferred from you to the Google server. Data from other Google services will not be merged unless you are logged in to your Google account. If you wish to prevent the data from being merged, you must log out of Google completely and delete all Google cookies before visiting our website and using reCAPTCHA.

(3) As we want to optimise our online presence and protect it against harmful effects, we have a legitimate interest in the use of reCAPTCHA. The legal basis for this is Art. 6 para. 1 lit. f GDPR. Further information about reCAPTCHA technology can be found at https://developers.google.com/recaptcha/. Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found at https://privacy.google.com/businesses/controllerterms/mccs/.

 

§14 Use of social media plug-ins

(1) We currently use the following social media plug-ins: LinkedIn and YouTube. We use the so-called two-click solution. This means that when you visit our website, no personal data is initially passed on to the providers of the plug-ins. You can recognise the provider of the plug-in by the marking on the box above its initial letter or the logo. We give you the option of communicating directly with the provider of the plug-in via the button. Only if you click on the marked field and thereby activate it will the plug-in provider receive the information that you have accessed the corresponding website of our online offering. In addition, the data mentioned under § 5 of this declaration will be transmitted. By activating the plug-in, your personal data is therefore transmitted to the respective plug-in provider and stored there (in the case of US providers in the USA). As the plug-in provider collects data via cookies in particular, we recommend that you delete all cookies via your browser’s security settings before clicking on the greyed-out box.

(2) We have no influence on the data collected and data processing procedures, nor are we aware of the full scope of data collection, the purposes of processing or the storage periods. We also have no information on the deletion of the data collected by the plug-in provider.

(3) The plug-in provider stores the data collected about you as usage profiles and uses these for the purposes of advertising, market research and/or customising its website. Such an evaluation is carried out in particular (even for users who are not logged in) to display customised advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact the respective plug-in provider to exercise this right. We offer you the opportunity to interact with the social networks and other users via the plug-ins so that we can improve our offering and make it more interesting for you as a user. The legal basis for the use of the plug-ins is Art. 6 para. 1 sentence 1 lit. f GDPR.

(4) The data transfer takes place regardless of whether you have an account with the plug-in provider and are logged in there. If you are logged in with the plug-in provider, your data collected by us will be assigned directly to your existing account with the plug-in provider. If you click the activated button and, for example, link the page, the plug-in provider also saves this information in your user account and shares it publicly with your contacts. We recommend that you log out regularly after using a social network, but especially before activating the button, as this will prevent you from being assigned to your profile with the plug-in provider.

(5) Further information on the purpose and scope of data collection and its processing by the plug-in provider can be found in the data protection declarations of these providers provided below. There you will also find further information on your rights in this regard and setting options to protect your privacy.

(6) Address of the respective plug-in providers and URL with their data protection notices:

LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA; http://www.linkedin.com/legal/privacy-policy.

Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland

 

§15 Use of LinkedIn Insight Tag

(1) This website uses the LinkedIn Insight Tag, a web analysis service of LinkedIn Inc (“LinkedIn”). LinkedIn Insight Tag uses “cookies”, which are text files placed on your computer, to help the website analyse how users use the site. The information generated by the cookie about your use of this website is usually transferred to a LinkedIn server in the USA and stored there. However, if IP anonymisation is activated on this website, your IP address will first be truncated by LinkedIn within member states of the European Union or in other signatory states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a LinkedIn server in the USA and truncated there. On behalf of the operator of this website, LinkedIn will use this information to analyse your use of the website, to compile reports on website activity and to provide the website operator with other services relating to website activity and internet usage.

(2) The IP address transmitted by your browser as part of LinkedIn Insight Tag will not be merged with other LinkedIn data.

(3) You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to LinkedIn and the processing of this data by LinkedIn by downloading and installing the corresponding browser plug-in from the provider.

(4) We use LinkedIn Insight Tag to analyse and regularly improve the use of our website. We can use the statistics obtained to improve our offering and make it more interesting for you as a user. There is a standard contractual clause for the exceptional cases in which personal data is transferred to the USA. The legal basis for the use of LinkedIn Insight Tag is Art. 6 para. 1 sentence 1 lit. f GDPR.

(5) Information from the third-party provider: LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA; http://www.linkedin.com/legal/privacy-policy. The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found at https://de.linkedin.com/legal/l/dpa.

 

§16 Use of YouTube

(1) This website embeds videos from the YouTube website. The operator is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

(2) When you visit one of our websites on which YouTube is integrated, a connection to the YouTube servers is established. The YouTube server is informed which of our websites you have visited. Furthermore, YouTube can store various cookies on your end device or use comparable technologies to recognise you. In this way, YouTube receives information about visitors to this website. This information is used, among other things, to record video statistics, improve user-friendliness and prevent fraud attempts.

(3) If you are logged into your YouTube account, you enable YouTube to assign your surfing behaviour directly to your personal profile. You can prevent this by logging out of your YouTube account before visiting the website.

(4) The use of YouTube is in the interest of an appealing presentation of our online offers, which constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit f. GDPR. Further information on the handling of user data can be found in YouTube’s privacy policy at https://policies.google.com/privacy?hl=de. Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found at https://privacy.google.com/businesses/controllerterms/mccs/.

 

§17 Use of Meta Pixel (Facebook Pixel)

(1) This website uses the visitor action pixel from Meta (Facebook) to measure conversions. The provider is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. The data collected is also transferred by the provider to the parent company Meta in the USA and other third countries.

(2) Pixel technology can be used to track the behaviour of site visitors after they have been redirected to this website by clicking on a Facebook ad. This allows the effectiveness of Facebook ads to be evaluated and optimised for statistical and market research purposes.

(3) The data collected is anonymous for us, i.e. we cannot draw any conclusions about the identity of the user. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes in accordance with its data usage guidelines (https://de-de.facebook.com/about/privacy/). As the site owner, we cannot influence this use of the data.

(4) The use of this service is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR. Consent can be revoked at any time. Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found at https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381.

 

§18 Use of borlabs

(1) This website uses Borlabs Cookie consent technology to obtain your consent to the storage of certain cookies in your browser or to the use of certain technologies and to document these in compliance with data protection regulations. The provider is Borlabs GmbH, Rübenkamp 32, 22305 Hamburg.

(2) When you enter our website, a cookie is stored in your browser in which the consent you have given or the revocation of this consent is stored. This data is not passed on to the provider. The data collected will be stored until you ask us to delete it or delete the cookie yourself or until the purpose of the data storage no longer applies, whereby mandatory statutory retention periods remain unaffected.

(3) The Borlab cookie is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 para. 1 lit. c GDPR. Further information on data processing by Borlabs can be found at https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/.