Legal basis in Austria:

General Data Protection Regulation EU GDPR, the Data Protection Amendment Act 2018 and the Data Protection Regulation Act 2018

Purpose of data processing:

The processing of business relationships, such as inquiries or orders and marketing activities for our own purposes, including contact management and newsletters

Legal basis for processing the data.

• Contract/contract initiation
• Statutory / legal obligation

Marketing activities:

Marketing in general: Legitimate interest: The legitimate interest is the company's interest in initiating business and intensifying the business relationship with existing and potential customers

Newsletter: This consent can be revoked at any time, e.g. by telephone or e-mail(office@hofer-medical.com) or by letter. You can find the information on data protection for the newsletter here (link to text)

As the data subject, you have the following rights:

• Right to information, Art. 15
• Right to rectification, Art. 16
• Right to erasure, Art. 17
• Right to restriction, Art. 18
• Right to data portability, Art. 20
• Right to object, Art. 21

In principle, you have the rights to information, correction, deletion, restriction, data portability, revocation and objection. You can assert the above-mentioned data subject rights either by email to office@hofer-medical.com or in writing by letter to the company address.

Categories of recipients of the personal data

• Banks
• Tax consultant
• External service providers, e.g. IT service providers, web hosting, mail service providers

The data from the processing activity business relationship, marketing activities (general) and newsletters are usually not transmitted to recipients in third countries.

Storage period (deletion periods):

In Austria, the statutory retention periods apply for a period of 7 years.

• UGB (Austrian Commercial Code)
• BAO (Federal Fiscal Code)
• MPG (Medical Devices Act)
• Directive 92/42/EEC
• Marketing data (up to 3 years after the last contact) Statutory/legal retention obligations or contractual obligations, e.g. towards customers arising from warranty or compensation or towards contractual partners, are a basis for continuing to store the personal data. (Art. 6 para. 1 lit c GDPR - basis for the lawfulness of processing: statutory/legal obligation). Data may only be stored in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the data are processed; personal data may be stored for longer periods insofar as the personal data are processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Art 89(1) GDPR, subject to the implementation of appropriate technical and organizational measures required by this Regulation to safeguard the rights and freedoms of the data subject ("storage limitation"); (see Art 5(1)(e) GDPR)

Rights of the data subjects:

• Right to information, Art. 15
• Right to rectification, Art. 16
• Right to erasure, Art. 17
• Right to restriction, Art. 18
• Right to data portability, Art. 20
• Right to object, Art. 2

In principle, you have the rights to information, correction, deletion, restriction, data portability, revocation and objection. You can assert the above-mentioned data subject rights either by email to office@hofer-medical.com or in writing by letter to the company address.

Right to lodge a complaint with Hofer GMBH & Co Kg. or the supervisory authority The data subjects must identify themselves and contribute to the identification in order to ensure that the data subject is actually addressed when responding to the exercise of the respective right. Data subjects can exercise all rights by sending an email to office@hofer-medical.com or by contacting us personally (e.g. by telephone), by sending a message, by post or by fax (+43 3382 53093)!

Right to lodge a complaint with a supervisory authority If you believe that your rights as a data subject have been violated, you can lodge a complaint with the supervisory authority. The supervisory authority in Austria is the Austrian Data Protection Authority Wickenburggasse 8-10, 1080 Vienna, phone +43 (0)1 52152-0 or send an email to dsb@dsb.gv.at. 

However, you may also lodge a complaint with any other supervisory authority, in particular with the authority in the Member State of your habitual residence, place of work or place of the alleged infringement (see in particular Art. 77 GDPR).

Information on data processing

Your data processed when using our website will be deleted or blocked as soon as the purpose of storage no longer applies, the deletion of the data does not conflict with any statutory retention obligations and no other information is provided below on individual processing procedures.

Google reCAPTCHA

We use Google reCAPTCHA in the contact form on our website to check and prevent automated access by so-called bots. This is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter referred to as "Google".

During the reCAPTCHA check, website operators and therefore Google collect a range of data from the website visitor. Among other things, Google collects information about the page that integrates reCAPTCHA, the referrer URL (page from which the user comes), the user's IP address, device settings (language, browser, location), length of visit, mouse movements and keyboard strokes, screen and window resolution, time zone and installation of browser plug-ins.

In addition, Google reCAPTCHA also checks whether a cookie has already been set in the visitor's browser. If this is not the case, Google sets a cookie. This enables Google to track users across pages.

The legal basis is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in the security of our website and in the prevention of unwanted, automated access in the form of spam or similar.

Google offers further information on the general handling of your user data at https://policies.google.com/privacy.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Server data

For technical reasons, in particular to ensure a secure and stable Internet presence, data is transmitted to us or to our web space provider by your Internet browser. With these so-called server log files, the type and version of your Internet browser, the operating System, the website from which you have switched to our Internet presence (referrer URL), the website(s) of our Internet presence that you visit, the date and time of the respective access and the IP address of the Internet connection from which the use of our Internet presence takes place are collected, among other things.

The data collected in this way is stored temporarily, but not together with other data about you.

This storage takes place on the legal basis of Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in the improvement, stability, functionality and security of our website.

The data will be deleted after seven days at the latest, unless further storage is required for evidence purposes. Otherwise, all or part of the data will be excluded from deletion until an incident has been finally clarified.

Cookies

Session cookies

We use so-called cookies on our website. Cookies are small text files or other storage technologies that are placed and stored on your end device by the Internet browser you use. These cookies process certain information from you, such as your browser or location data or your IP address, to an individual extent.  

This processing makes our website more user-friendly, effective and secure, as the processing enables, for example, the reproduction of our website in different languages or the offer of a shopping basket function.

The legal basis for this processing is Art. 6 para. 1 lit. b.) GDPR, insofar as these cookies process data for contract initiation or contract fulfilment.

If the processing does not serve to initiate or fulfil a contract, our legitimate interest lies in improving the functionality of our website. The legal basis in this case is Art. 6 para. 1 lit. f) GDPR.

These session cookies are deleted when you close your Internet browser.

Third-party cookies

Our website may also use cookies from partner companies with whom we work for the purposes of advertising, analysing or the functionalities of our website.

Please refer to the following information for details, in particular the purposes and legal basis for processing such third-party cookies.

Possibility of elimination

You can prevent or restrict the installation of cookies by changing the settings in your Internet browser. You can also delete cookies that have already been saved at any time. However, the steps and measures required for this depend on the specific Internet browser you are using. If you have any questions, please use the help function or documentation of your Internet browser or contact its manufacturer or support. In the case of so-called Flash cookies, however, processing cannot be prevented via the browser settings. Instead, you must change the settings of your Flash player. The steps and measures required for this also depend on the specific Flash player you are using. If you have any questions, please also use the help function or documentation of your Flash player or contact the manufacturer or user support.

However, if you prevent or restrict the installation of cookies, this may mean that not all functions of our website can be used to their full extent.

Google Analytics and Google Tag Manager

We use Google Analytics and Google Tag Manager on our website. These are web analytics services provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter referred to as "Google".

The Google Analytics and Google Tag Manager services are used to analyse the usage behaviour of our website. The legal basis is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in the analysis, optimisation and economic operation of our website.

Usage and user-related information, such as IP address, location, time or frequency of visits to our website, is transmitted to a Google server in the USA and stored there. However, we use Google Analytics and Google Tag Manager with the so-called anonymisation function. This function allows Google to truncate the IP address within the EU or EEA.

The data collected in this way is in turn used by Google to provide us with an evaluation of the visit to our website and the usage activities there. This data can also be used to provide other services related to the use of our website and the use of the Internet.

Google Tag Manager is an auxiliary service and processes personal data itself only for technically necessary purposes. The Google Tag Manager ensures that other components are loaded, which in turn may collect data. The Google Tag Manager does not access this data.
You can find more information about Google Tag Manager in Google's privacy policy.

Google states that it will not associate your IP address with any other data. In addition, Google keeps

https://www.google.com/intl/de/policies/privacy/partners

We provide you with further information on data protection law, for example on the options for preventing the use of data.

Google also offers

https://tools.google.com/dlpage/gaoptout?hl=de

a so-called deactivation add-on along with further information on this. This add-on can be installed with the most common Internet browsers and offers you further control over the data that Google collects when you visit our website. The add-on informs the JavaScript of Google Analytics and Google Tag Manager that information about your visit to our website should not be transmitted to Google. However, this does not prevent information from being transmitted to us or to other web analysis services. Of course, you can also find out whether and which other web analysis services we use in this privacy policy.

Contact details:

Hofer GmbH & Co KG
Hofer medical

Jahnstraße 10-12
8280 Fürstenfeld, Austria
T: +43 3382 53388
F: +43 3382 53093
E: office@hofer-medical.com

No data protection officer has been appointed, as this is not required by law.

Data protection officer at Hofer GMBH & Co KG Contact details:
Ms. Christina Lechner, Tel. +32 3382 53388, E: christina.lechner@hofer-medical.com

STATUS May 2018