Privacy Statement – PAROMED

We are happy about you visiting our website and your interest in the subject of data protection. To inform you about when we collect personal data and how we use them, please take a note of the information below.

Responsible body 

The responsible body according to art. 4 sec. 7 EU General Data Protection Regulation (GDPR) is 

paromed GmbH & Co. KG
Hubertushof - Heft 8
83115 Neubeuern

Telephone: +49 (0) 80/ 35 - 90 39 0
Fax: +49 (0) 80/ 35 - 90 39 39
Email: info@paromed.de

Managing director: Roland B. Leyerer

Data protection officer 

You can reach our data protection officer at the following contact data:

Veit Krahl
QT-Development GmbH
Schlierachstraße 32
83734 Hausham
E-Mail: v.krahl@qtd.de

Collection, processing and use of personal data 

The legal basis for the collection, storage and processing of personal data can be found, in particular, in the General Data Protection Regulation (GDPR) and in the Federal Data Protection Law (BDSG). Personal data is information referring to an identified or identifiable natural person (art. 4 no. 1 GDPR). In particular, this includes names, address data, telephone numbers or email addresses. But information on preferences, memberships or e.g. websites visited in the past can also represent personal data.

Server log files

At the occasion of every access to our website by a user, information is saved by our hosting provider in a log file. These log files contain information about the date and the time of the website access, accessed files/pages, status codes and system information such as browser, operating system and language and version of the browser interface. These data do not allow for any direct conclusion with respect to the concrete person.

Besides, IP addresses are also saved in log files. For us, it is not possible to attribute them to any particular person without further aid.

If you want to view our website, we collect the above-mentioned data, which are technically required for us to show you the website and to ensure stability and security. The legal basis for the processing is the necessity in order to preserve our justified interests according to art. 6 sec. 1 f) GDPR.

Taking contact

As far as you contact us (e.g. per email), the data transmitted by you will be saved to process your inquiry and possibly to process any subsequent questions. The legal basis for the processing is the necessity for the execution of pre-contractual measures according to art. 6 sec. 1 b) GDPR. The data collected in this context will be deleted by us after their storage is no longer required, or their processing is limited by us if there are any legal retention duties.

Your rights 

Vis-à-vis us, you have the following rights with respect to the personal data concerning you:

  • right to information,
  • right to correction or deletion,
  • right to restriction of processing,
  • right to objection to processing,
  • right to data portability.

In addition, you have the right to complain about the processing of your personal data by us to a data protection supervisory authority.

Objection to or revocation of the processing of your data 

Please note that you can revoke any granted approval for the processing of your data anytime. From the moment of being informed about your revocation, the admissibility of the processing of your personal data is impacted.

As far as we found the processing of your personal data on a weighting of interests within the meaning of art. 6 sec. 1 f) GDPR, you can object to the processing. This is the case, in particular, if the processing is not necessary to fulfil a contract with you (you can find the legal bases of the individual cases of data processing in this privacy statement). When exercising such an objection, we ask you to explain the respective reasons. In case of a justified objection, we will check the facts and will either stop / adapt the data processing or explain our compulsory reasons worthy of protection to you on the basis of which we continue the processing.

Besides, you can object to the processing of your personal data for purposes of advertising and data analysis anytime. You can inform us on your advertising objection using the above-mentioned contact data.

Forwarding to third parties 

We forward your personal data to third parties only as far as this is necessary to fulfil contracts (e.g. address data to our logistic service providers). The legal basis for the transmission is the necessity for the fulfilment of a contract according to art. 6 sec. 1 b) GDPR. No personal data will be forwarded to any third parties for purposes of marketing or advertising without your express consent.

Use of cookies

Our website uses so-called cookies. These are small files that are deposited on your access device (computer, smartphone, tablet or the like) and saved by your browser. They serve to increase the user-friendliness, effectiveness and security of our website. Besides, cookies can be used to collect statistical data on website usage and to improve the offering. Cookies do not contain any viruses and do not cause any harm on your access device.

You can block the storage of cookies in your browser. Most of the web browsers allow for a certain control over most of the cookies via the browser settings. You can find additional information about blocking cookies on http://www.allaboutCookies.org. Please note, however, that after the blocking, certain functions of our website might not or not be fully available to you anymore.

To delete/disable all cookies saved on your computer, most browsers offer you the option to completely block the use of cookies or to delete cookies created by specific domains/websites. You can find the corresponding instructions on the help page of your browser:

Newsletter

This website uses CleverReach to send newsletters. The supplier is CleverReach GmbH & Co. KG, Mühlenstr. 43, 26180 Rastede. CleverReach is a service which organizes and analyzes the distribution of newsletters. The data you provide (e.g. your email address) to subscribe to our newsletter will be stored on CleverReach servers in Germany.

Sending our newsletters with CleverReach enables us to analyze the behavior of newsletter recipients. Among other things, we can find out how many recipients have opened the email containing the newsletter and how often various links contained therein are clicked. With the help of conversion tracking, we can also analyze whether a predefined action (such as the purchase of a product on our website) takes place after clicking on the link in the newsletter. For more information on how data is analyzed by CleverReach, please visit https://www.cleverreach.com/de/funktionen/reporting-und-tracking/.

Data processing is based on Art. 6 (1) (a) DSGVO. You may revoke your consent at any time by unsubscribing to the newsletter. The data processed before we receive your request may still be legally processed.

If you do not want your usage of the newsletter to be analyzed by CleverReach, you will have to unsubscribe from the newsletter. For this purpose, we provide a link in every newsletter we send. You can also unsubscribe from the newsletter directly on the website.

The data provided when registering for the newsletter will be used to distribute the newsletter until you cancel your subscription when said data will be deleted from our servers and those of CleverReach. Data we have stored for other purposes (e.g. email addresses for the members area) remains unaffected.

For more information, see the privacy policy of CleverReach at https://www.cleverreach.com/de/datenschutz/.
Completion of an outsourced data processing contract

We have entered into an agreement with CleverReach for the outsourcing of our data processing and fully implement the strict requirements of the German data protection authorities when using CleverReach.

Web analysis with Google (Universal) Analytics

Our website uses Google (Universal) Analytics, a web analysis service provided by Google Inc. (www.google.de). Google (Universal) Analytics uses methods which enable them to analyse the use of our website like, for example, so-called “Cookies” - text files which are saved onto your computer. The information generated about your use of this website is usually transmitted to a Google server in the USA and stored there. Upon activating IP anonymisation on this Website, your IP address is abbreviated before being transmitted within European Union member states or other states which are part of the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. Anonymised IP addresses which Google Analytics transmits from your browser will not be combined with other data from Google. 

We use Google Analytics to analyse the use of our website and to make regular improvements to it. With the statistics that we obtain, we can improve our offer and make it more interesting for you as the user. For the exceptional cases in which personal data is transferred to the USA, Google has agreed to comply with the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

You may prevent any data created by the cookie and relating to your usage of the website (including your IP address) from being recorded and processed by Google by downloading and installing the browser plug-in available at the link below:
http://tools.google.com/dlpage/gaoptout?hl=de

Alternatively, you can click on this >> Link to prevent Google Analytics from recording your data from this website in the future. In this case, an opt-out cookie will be installed on your access device. If you delete your cookies, you must click the link again..

The legal basis for the processing is the necessity of safeguarding the interests of our data subjects in accordance with Art. 6 sec.1 f) of the GDPR, namely our interests in the statistical evaluation of the user behaviour of those who use our site.

Links to other websites

Our online offer may contain links to other websites. We have no influence on whether or not their operators comply with data protection regulations.
 

Our social media appearances

Data processing through social networks

We maintain publicly available profiles in social networks. The individual social networks we use can be found below.

Social networks such as Facebook, X etc. can generally analyze your user behavior comprehensively if you visit their website or a website with integrated social media content (e.g., like buttons or banner ads). When you visit our social media pages, numerous data protection-relevant processing operations are triggered. In detail:

If you are logged in to your social media account and visit our social media page, the operator of the social media portal can assign this visit to your user account. Under certain circumstances, your personal data may also be recorded if you are not logged in or do not have an account with the respective social media portal. In this case, this data is collected, for example, via cookies stored on your device or by recording your IP address.

Using the data collected in this way, the operators of the social media portals can create user profiles in which their preferences and interests are stored. This way you can see interest-based advertising inside and outside of your social media presence. If you have an account with the social network, interest-based advertising can be displayed on any device you are logged in to or have logged in to.

Please also note that we cannot retrace all processing operations on the social media portals. Depending on the provider, additional processing operations may therefore be carried out by the operators of the social media portals. Details can be found in the terms of use and privacy policy of the respective social media portals.

Legal basis

Our social media appearances should ensure the widest possible presence on the Internet. This is a legitimate interest within the meaning of Art. 6 (1) lit. f GDPR. The analysis processes initiated by the social networks may be based on divergent legal bases to be specified by the operators of the social networks (e.g., consent within the meaning of Art. 6 (1) (a) GDPR).

Responsibility and assertion of rights

If you visit one of our social media sites (e.g., Facebook), we, together with the operator of the social media platform, are responsible for the data processing operations triggered during this visit. You can in principle protect your rights (information, correction, deletion, limitation of processing, data portability and complaint) vis-à-vis us as well as vis-à-vis the operator of the respective social media portal (e.g., Facebook).

Please note that despite the shared responsibility with the social media portal operators, we do not have full influence on the data processing operations of the social media portals. Our options are determined by the company policy of the respective provider.

Storage time

The data collected directly from us via the social media presence will be deleted from our systems as soon as you ask us to delete it, you revoke your consent to the storage or the purpose for the data storage lapses. Stored cookies remain on your device until you delete them. Mandatory statutory provisions - in particular, retention periods - remain unaffected.

We have no control over the storage duration of your data that are stored by the social network operators for their own purposes. For details, please contact the social network operators directly (e.g., in their privacy policy, see below).

Your rights

You have the right to receive information about the origin, recipient and purpose of your stored personal data at any time and free of charge. You also have the right to object, the right to data portability and the right to file a complaint with the responsible regulatory agency. Furthermore, you can request the correction, blocking, deletion and, under certain circumstances, the restriction of the processing of your personal data.

Individual social networks

Facebook

We have a profile on Facebook. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (hereinafter Meta). According to Meta’s statement the collected data will also be transferred to the USA and to other third-party countries.

We have signed an agreement with Meta on shared responsibility for the processing of data (Controller Addendum). This agreement determines which data processing operations we or Meta are responsible for when you visit our Facebook Fanpage. This agreement can be viewed at the following link: https://www.facebook.com/legal/terms/page_controller_addendum.

You can customize your advertising settings independently in your user account. Click on the following link and log in: https://www.facebook.com/settings?tab=ads.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381.

Details can be found in the Facebook privacy policy: https://www.facebook.com/about/privacy/.

The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000GnywAAC&status=Active

Instagram

We have a profile on Instagram. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum, https://privacycenter.instagram.com/policy/ and https://de-de.facebook.com/help/566994660333381.

For details on how they handle your personal information, see the Instagram Privacy Policy: https://privacycenter.instagram.com/policy/.

The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000GnywAAC&status=Active