Data privacy statement of Beurer GmbH

We are delighted that you are interested in our company. Data protection is extremely important to the management team at Beurer GmbH. In principle, you can use the Beurer GmbH website without providing any personal data. However, if a data subject wishes to avail of specific services provided by our company via the website, some processing of personal data may be necessary. If it is necessary to process personal data, and in the absence of a legal basis for such processing, we generally request consent from the data subject.

Personal data such as the name, address, e-mail address or telephone number of a data subject are always processed in compliance with the General Data Protection Regulation and in compliance with the national data protection provisions applicable for Beurer GmbH. The purpose of this data privacy statement is for our company to inform the general public about the nature, scope, and purpose of the personal data that we collect, use, and process. In addition, this data privacy statement will explain the rights of data subjects.

Beurer GmbH, as the controller for processing, has implemented many technical and organisational measures to ensure that the personal data processed is protected to the greatest possible degree. However, online data transfers are by their nature associated with security vulnerabilities, meaning that absolute protection cannot be guaranteed.

1. The name and address of the controller responsible for processing, as well as the company Data Protection Officer

Controller:
Beurer GmbH
Söflinger Straße 218
89077 Ulm
Germany
Tel.: +49 (0)731-3989-0

E-mail: [email protected] 
Website: www.beurer.com 

Company Data Protection Officer
Datenschutzbeauftragte/r
Beurer GmbH
Söflinger Straße 218
89077 Ulm
Germany
Tel.: +49 (0)731/3989-0

E-mail: [email protected] 
Website: www.beurer.com 

2. Collection and storage of personal data and the nature and purpose of its use

a) Use of website (without purchase)

When you use the website, the browser you use on your end device automatically transmits information to the server. This information is stored temporarily in what is known as a log file. The following information is collected without any action on your part, and stored until it is automatically deleted:

  • Domain of the requesting computer
  • IP address of the requesting computer
  • User agent (web browser used, operating system and access provider)
  • Requests (name and URL of file accessed)
  • Website from which the information was accessed (referrer URL)
  • Timestamp (date and time of access)
  • Status code indicating whether the request was successfully made

We process this data for the following purposes:

  • to ensure a seamless connection to the website can be established
  • to ensure convenient use of our website
  • to evaluate system security and stability and
  • for other administrative purposes.

The legal basis for data processing is Article 6, Para. 1 f) GDPR. Our legitimate interest arises from the purposes outlined above for data collection and ensuring the functional reliability of the website. Under no circumstances will we use the data collected for the purposes of drawing conclusions about you. The data will be stored for 7 days.

b) If you register for our newsletter

If you have explicitly consented in accordance with Article 6, Para. 1 a) GDPR, we will use your e-mail address to regularly send you our newsletter for marketing purposes and to track your usage behaviour. Providing us with an e-mail address is sufficient for receiving the newsletter. Optionally, the user can also supplement title, first name, surname and date of birth.

If you use our newsletter, we will track your personal usage behaviour based on your consent pursuant to Article 6, Para. 1 a) GDPR. This enables us to determine, for example, whether you have received and opened the newsletter and what content you have clicked on there. Based on your user behaviour, we will send you advertising content tailored to your needs.

You can unsubscribe at any time, for example by using the link provided at the end of each newsletter. Alternatively, you are also welcome to e-mail an unsubscribe request to [email protected] at any time.

You will receive the newsletter only until you revoke consent. You have the right to revoke your consent with future effect at any time. You may subsequently receive one more issue of the newsletter from us for technical reasons.

The data recipients are the technical operator and hosting service provider for our website and the newsletter service provider, salesforce.com EMEA Limited (located in London), commissioned by us.

The data is currently stored in one of the data centres of Salesforce listed here:
• Chicago, Illinois, United States (USA)
• Dallas, Texas, United States (USA)
• Frankfurt, Germany (GER)
• Kobe, Japan (JPN)
• London, United Kingdom (UK): London, UK (North) & London, UK (West)
• Paris, France (FRA)
• Phoenix, Arizona, United States (USA)
• Tokyo, Japan (JPN)
• Washington, DC, United States (USA)
Additional information on this can be found at: https://help.salesforce.com/articleView?id=000257307&language=en_US&type=1

Use of Facebook Custom Audiences, e-mail lists

If you use our newsletter, we will use Facebook Custom Audiences (e-mail lists) with your explicit consent (Article 6, Para. 1 a) GDPR). With Facebook Custom Audiences, we can show you targeted advertising content on Facebook when you use and spend time on Facebook. We compare your e-mail address in encrypted form (as a "hash value") with Facebook Ireland Limited. If you use Facebook with the same e-mail address, we can show you Beurer advertising on Facebook to give you the best possible user experience. Facebook Ireland Limited will send your hashed e-mail address to Facebook, Inc. in the USA. Facebook stores your e-mail address for a maximum of 180 days. If you do not have a Facebook account or use Facebook with a different e-mail address, your e-mail address will no longer be used by Facebook and will be deleted. You will then also not receive any personalised Beurer advertising on Facebook. Facebook also compares your Facebook usage behaviour with the usage behaviour of similar customers (known as "Lookalike Customers") to also display Beurer advertising to these Lookalike Customers on Facebook.

Further information is available here: https://www.facebook.com/about/privacy/ and https://en-gb.facebook.com/business/a/custom-audiences.

You can revoke your consent at any time with future effect here: https://www.facebook.com/settings/?tab=ads#_= or by sending us an e-mail with the subject line "Revocation of Custom Audiences of Facebook".

Google Custom Match

In connection with the use of our newsletter, we use Google Customer Match based on your consent (Article 6, Para. 1 a) GDPR). We upload encrypted e-mail addresses to a Google portal in order to personalise advertising for our customers who are also Google users. For this purpose, the addresses are encrypted locally on our systems, i.e. converted ("hashed") into a combination of different letters and numbers, and transferred to Google. Google compares these hash values with all Google users and can thus determine which of our customers also use Google products. We can then place advertisements in Google searches, Gmail, YouTube and what is known as the Display Network. When placing advertisements, Google takes into account other information linked to your Google account, which can also be obtained on third-party websites. The advertisements also enable us to reach new people who are likely to be interested in our products as they are similar to our existing customers. You can prevent the collection of the data generated by the cookies and related to your use of this website, as well as the processing of this data by Google, by calling up the Google advertising settings and setting the personalisation option to "Off".

c) Contact form

You may contact us to submit an enquiry. Should you do so, the following data will be collected:

  • First name
  • Surname
  • Country
  • E-mail address
  • Content of the message you are sending us
  • You may also choose to share further data with us.

The legal basis for data processing is Article 6, Para. 1 a) GDPR (Consent).
The purpose of the data processing is to respond adequately to your enquiry.
The data will be stored for 1 month.

2d) Sending of advertising material/initial business contact

If you provide us with your contact details, e.g. through a business card, we will process the data it contains, for example:

  • Name
  • Address
  • Telephone number
  • Fax number
  • E-mail address
  • Mobile phone number (if available)
  • Title/professional title/job title

The legal basis for data processing is Article 6, Para. 1 a) GDPR.

The purpose of the processing of this data is to provide you with information about Beurer GmbH and its products.

Data is stored for the following period of time:
- In the case of sending information material: 12 weeks
- In the case of initial business contact: Section 257 HGB (German Commercial Code)

2e) My-Fonts-Counter

This webpage uses webfonts provided by the company MyFonts Inc. for the consistent presentation of fonts. When accessing the page, the following data is collected:

  • IP address,
  • date and time of retrieval,
  • amount of data transferred and
  • requesting provider.

The legal basis is Article 6, Para. 1 lit. a GDPR.
The purpose of the data processing is for counting the number of page access instances and for the MyFonts invoicing based on these page counts.
The data is stored until the purpose has been fulfilled.

3. Disclosure of data

Entities within Beurer GmbH that require access to data in order to fulfil contractual and legal obligations receive access to the data.
Beurer GmbH's external service providers may also receive these data. These service providers may be:

  • Affiliated companies, where these are required for the fulfilment of the contract
  • Service providers for processing customer service enquiries
  • IT service providers, hosting service providers, and service providers for operating the IT system
  • Service providers for newsletter dispatch, following the provision of consent
  • In the case of 2e): MyFonts Inc., 500 Unicorn Park Drive, Woburn, MA 01801, USA

4. Cookies

The website uses cookies. Cookies are text files which are transmitted to a computer system via an Internet browser and stored there. 

 

4.1. Salesforce

We use salesforce.com EMEA Limited, a supplier of cloud computing solutions for companies, which is located in London. Salesforce uses cookies. In doing so, actions and movements on the website are collected.

The data is processed on the basis of your consent (Article 6, Para. 1 a) GDPR) if you consent to the processing of marketing cookies. You can revoke your consent at any time with future effect by accessing the cookie settings and changing your selection there.

On our behalf, Salesforce and the service providers used process the information collected via the cookie in order to evaluate your usage of our website, to compile reports about website activities and to render additional services linked with the website and Internet usage to us.

The information generated via the cookie about your usage of our website is generally transferred to a server of Salesforce and stored there.

The data is currently stored in one of the data centres of Salesforce listed here:

• Chicago, Illinois, United States (USA)
• Dallas, Texas, United States (USA)
• Frankfurt, Germany (GER)
• Kobe, Japan (JPN)
• London, United Kingdom (UK): London, UK (North) & London, UK (West)
• Paris, France (FRA)
• Phoenix, Arizona, United States (USA)
• Tokyo, Japan (JPN)
• Washington, DC, United States (USA)

Additional information on this can be found at: https://help.salesforce.com/articleView?id=000257307&language=en_US&type=1

The data is provided for evaluation to the service provider used by us, PARX Consulting GmbH, An der Alster 62, 20099 Hamburg, Germany.

The duration of storage is 12 months.

4.2. Google Analytics

If you have given your consent, Google Analytics – a web analysis service of Google LLC – is used on this website. The responsible service provider in the EU is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). Google Analytics uses cookies that enable an analysis of your use of our websites. The information collected by means of cookies about your use of this website is generally transferred to a Google server in the USA, where it is stored.

We use the "anonymizeIP" function (so-called IP masking): Because IP anonymisation is activated on this website, your IP address will be shortened by Google within European Union Member States or in other states party to the Agreement on the European Economic Area. The full IP address is only transferred to a Google server in the USA and shortened there in exceptional circumstances. The IP address transferred within the scope of Google Analytics from your browser is not linked with other Google data.

During your visit to the website, the following data will be collected, for example:

  • The pages you have accessed; your "click path"
  • Achievement of "website targets" (conversions, e.g. newsletter subscriptions, downloads, purchases)
  • Your user behaviour (e.g. clicks, length of stay, bounce rates)
  • Your approximate location (region)
  • Your IP address (in shortened form)
  • Technical information about your browser and the end devices you use (e.g. language setting, screen resolution)
  • Your Internet provider
  • The referrer URL (the website/advertising via which you accessed this website)

On behalf of Beurer, Google will use this information to evaluate your (pseudonymous) use of the website and to compile reports on website activity. The reports provided by Google Analytics serve to analyse the performance of our website and the success of our marketing campaigns.
The recipient of the data is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland as the processor. We have concluded a data processing agreement with Google for this purpose. Google LLC located in California, USA and, if applicable, US authorities can access the data stored by Google. A transfer of data to the USA cannot be ruled out.

The data sent by us and linked to cookies are automatically deleted after 14 months. Data whose retention period has been reached are automatically deleted once a month.
Furthermore, you can prevent Google from gathering data produced by the cookie and relating to your use of the website (incl. your IP address), as well as the processing of this data by Google, by

not giving your consent to the setting of the cookie, or
downloading and installing the browser add-on for deactivating Google Analytics HERE.
You can also prevent the storage of cookies by configuring the corresponding setting in your browser software. However, if you configure your browser to reject all cookies, the functionality of this and other websites may be restricted.

The legal basis and possibility of revocation for this data processing is your consent pursuant to Article 6, Para. 1 a) GDPR. You can revoke your consent at any time with future effect by accessing the cookie settings and changing your selection there.

Further information on the terms of use of Google Analytics and data protection at Google can be found at https://marketingplatform.google.com/about/analytics/terms/us/ and https://policies.google.com/?hl=us.

4.3. YouTube

Beurer has integrated YouTube components on this website. YouTube is an Internet video portal that enables video publishers to upload video clips free of charge and other users to view, rate and comment on these videos.

The operating company of YouTube is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. YouTube, LLC is a subsidiary of Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

We have enabled privacy-enhanced mode on our website. YouTube's functionalities and data transfers are only enabled once you have consented to the use of marketing cookies. Activating a video automatically causes the Internet browser on your device to download the corresponding YouTube component from YouTube. As part of this process, your IP address and other personal data will be transmitted to Google in the USA. YouTube and Google thus gain knowledge of which specific subpage of our website you are visiting. Further information on YouTube can be found at www.youtube.com/yt/about/de/.

If you are logged into YouTube at the same time, this information will be assigned to your respective YouTube account by YouTube and Google. If you do not wish this information to be transmitted to YouTube and Google, you can prevent the transmission by logging out of your YouTube account before accessing our website.

The data protection provisions published by YouTube, which are available at https://policies.google.com/privacy?hl=us&gl=us, provide information on the collection, processing and use of personal data by YouTube and Google.

4.4. AB Tasty

With your consent, our website uses the AB Tasty web analysis service from AB TASTY SAS. This service uses cookies to identify a visitor's browser and to analyse the use of our website. The data processing is based on your consent pursuant to Article 6, Para. 1 a) GDPR if you consent to the use of AB Tasty cookies. You can revoke your consent at any time with future effect by accessing the cookie settings and changing your selection there.

More information about how AB Tasty processes your data can be found at https://www.abtasty.com/gdpr-compliance/ 

4.5. Integration of SEMKNOX product search

a) General information about data processing
To support the product search function on this website, we use a service provided by SEMKNOX GmbH, Webergasse 1, 01067 Dresden, which enables us to display product results matching the search terms you have entered in the search field. SEMKNOX uses cookies for this purpose. These are text files that are stored on your computer/end device and enable you to successfully use the search function. When using the product search, the following data is then processed:

  • Your IP address
  • The content of your search query
  • Session ID
  • Query ID

b) Scope and purposes of data processing
The information about your use of the search function as generated by the cookie, i.e. the content of your search query and the assigned session ID, is processed by SEMKNOX on our behalf in order to respond to your search query. The last query ID assigned by the SEMKNOX search service is then stored in the cookie generated. The IP address also transmitted when this data is transmitted is processed by SEMKNOX exclusively for data security purposes.

c) Data transfer/recipient
The recipient of the data is SEMKNOX GmbH, Webergasse 1, 01067 Dresden.

d) Duration of storage
The set SEMKNOX cookie contains the assigned query ID and is stored for 24 hours. The transmitted IP address is deleted by SEMKNOX after 30 days. The content of the search query is permanently stored by SEMKNOX with no reference to your person. The session ID is stored by SEMKNOX until its purpose has been fulfilled and is then erased.

e) Legal basis for processing
The data processing is carried out on the basis of our interest in the needs-based design of our website. According to our weighing up of interests, this legitimate interest is not in opposition to +++prevailing interests or basic rights and basic freedoms of data subjects (Article 6, Para. 1 f) GDPR). On request we will provide you with additional information on our weighing up of interests.

f) Right to object
You have the right to object at any time to this processing for reasons relating to your particular situation. We will then stop processing the data for these purposes unless we are able to prove compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing is intended for the establishment, exercise or defence of legal claims. You can submit your objection to us via the contact details listed above under 1. Alternatively, in your browser settings, there is the option to prevent cookies from being set. If you do not accept the use of functional cookies, this can result in restrictions to the functionality of our website.

5. Rights of the data subject

You have the right:

  • Pursuant to Article 15 GDPR to request information about your personal data that we process. In particular, you may request information about the purposes of processing, category of personal data, categories of recipients to whom your data have been or will be disclosed, the planned duration of storage, the existence of a right to rectification, erasure, restriction of processing or objection, the right to lodge a complaint, the origin of your data if we did not collect them ourselves, and about the existence of automated decision-making including profiling, and where applicable meaningful information about the details thereof;
  • Pursuant to Article 16 GDPR to immediately request the rectification of inaccurate or incomplete personal data relating to you stored by us;
  • Pursuant to Article 17 GDPR to request the erasure of personal data relating to you stored by us, unless processing is required for the exercising of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of the public interest, or for the establishment, exercise, or defence of legal claims;
  • Pursuant to Article 18 GDPR to request the restriction of processing of your personal data insofar as you dispute the accuracy of the data, or processing is unlawful and you decline their erasure and we no longer need the data but you require them for the establishment, exercise, or defence of legal claims, or you have submitted an objection to processing pursuant to Article 21 GDPR;
  • Pursuant to Article 20 GDPR to receive the personal data relating to you that you have provided to us in a structured, commonly used and machine-readable format, or to request the transfer of the same to another controller;
  • Pursuant to Article 7, Para. 3 GDPR to at any time revoke any consent you have provided to us. This will result in us no longer being permitted to continue the data processing that this consent relates to in the future, and
  • Pursuant to Article 77 GDPR to lodge a complaint to a supervisory authority. Generally, you can contact the supervisory authority for your usual place of residence or the registered headquarters of our company for this purpose.

6. Right to object

If your personal data is processed based on legitimate interests pursuant to Article 6, Para. 1, Sentence 1 f) GDPR, you have the right to submit an objection to the processing of your personal data pursuant to Article 21 GDPR, provided that there are reasons to do so arising from your particular situation, or if the objection relates to direct advertising. In the latter case, you have a general right to object, which we will implement without requiring a particular situation to be stated.

If you would like to exercise your right to revoke consent or to object, it is sufficient to do so by sending an e-mail to [email protected] 

7. Data security

During your visit to our website, we use the popular SSL (Secure Socket Layer) process in conjunction with the highest level of encryption supported by your browser. This is generally 256-bit encryption. If your browser does not support 256-bit encryption, we will use 128-bit v3 technology instead. You can verify that information is being transmitted in encrypted format on the individual pages of our website by checking for the locked padlock/key icon in the bottom status bar of your browser.

We also use appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or full loss, destruction or unauthorised access by third parties. Our security measures are continually being improved in line with technological developments.

8. Obligation to make data available

In the context of using the website, you are required to make available personal data that are essential for service provision. Without these data, we are not able to provide the service.