Privacy Policy

1. Data privacy at a glance

General

The following gives a simple overview of what happens to your personal data when you visit our website. Personal data is any information that allows an individual to be identified. For more information on data privacy, please read our Privacy Policy below.

Data collection on our website

Who is responsible for data collection on this website?

The data collected on this website is processed by the website operator. The operator’s contact details can be found in the Legal Notice section of this website.

How do we collect your data?

Firstly, we collect data that you share with us, e.g. by entering it into a contact form.

Other data is collected automatically by our IT systems when you visit our website. This is mainly technical data, such as which web browser or operating system you are using, or the time of your visit. This data is collected automatically as soon as you access our website.

What do we use your data for?

Some of your data is collected to ensure that our website functions properly and to create a better user experience for you. Other data may be used to analyze how you use the site.

What rights do you have regarding your data?

You have the right, at any time and at no cost, to obtain access and information about the origin, recipient and purpose of storing your personal data. You also have the right to request that it be rectified, blocked or erased. If you wish to exercise your rights or ask us any other questions regarding data privacy, you can contact us at any time using the address provided in the Legal Notice section of this website. You also have the right to lodge a complaint with the relevant supervisory authority.

Furthermore, you have the right to limit the way in which we use your personal data in specific circumstances. For more information, please read the “Right to restriction of processing” section of our Privacy Policy.

„Recht auf Einschränkung der Verarbeitung“.

 

Analytics and third-party tools

When visiting our website, statistical analyses may be made of your surfing behavior. This happens primarily using cookies and analytics. The analysis of your surfing behavior is usually anonymous, i.e. we will not be able to identify you from this data. You can object to this analysis or prevent it by not using certain tools. Detailed information can be found in our Privacy Policy below.

You can object to this analysis. We will inform you below about how to exercise your options in this regard.

2. General and mandatory information

Data privacy
The operators of this website take the privacy of your personal data very seriously. We treat your personal data confidentially and will only ever use it in accordance with the legal data protection regulations and this Privacy Policy.

When you use this website, we will collect certain personal data about you. Personal data is any information that can be used to identify you or that we can link to you. This Privacy Policy sets out the categories of personal data that we collect and what we do with that information. It also explains how we collect it and for what purposes. Please note that data transmitted via the Internet (e.g. via email communication) may be subject to security breaches. Complete protection of your data from third-party access is not possible.

Name and contact details of Controller

Controller responsible for data processing is:

VITRUVIA AG
Markus A. Bertschin
Kesselackerstrasse 18
CH-5611 Anglikon

Phone: + 41 44 915 33 78
E-Mail: welcome@vitruvia-med.com

Controller or controller responsible for the processing is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data (e.g. names, email addresses, etc.).

Withdrawal of your consent to data processing

Many data processing activities are only permitted with your express consent. You have the right to withdraw your consent at any time. All you need to do is send us a message by email. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent.

Right to object to data processing in certain circumstances and to direct marketing (Article 21 GDPR)

You have the right to object, on grounds relating to your particular situation, at any time to the processing of your personal data which is based on point (e) or (f) of Article 6 (1) GDPR (General Data Protection Regulation), including profiling based on those provisions. The relevant legal basis for processing personal data is set out in this Privacy Policy. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims (objection pursuant to Article 21 (1) GDPR).

Where your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing, which includes profiling to the extent that it is related to such direct marketing. If you object, your personal data will no longer be processed for such purposes (objection pursuant to Article 21 (2) GDPR).

Right to lodge a complaint with the competent supervisory authority

Every data subject has the right to lodge a complaint with a supervisory authority, in particular in the Member State of his or her habitual residence, place of work or place of the alleged infringement if the data subject considers that the processing of personal data relating to him or her infringes this Regulation. The right to lodge a complaint exists without prejudice to any other administrative or judicial remedy.

Right to data portability

Where processing of your personal data is based on your consent or necessary for the performance of a contract with you and processing is carried out by automated means, you have the right to receive the personal data concerning you in a commonly used and machine-readable format or to have your personal data transmitted directly to another controller, where technically feasible.

SSL or TLS encryption

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or requests you send to us as a site operator. You can recognize an encrypted connection by the fact that the address line in the browser changes from “http://” to “https://” and by the lock symbol in the browser address bar.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Information, blocking, erasure and rectification

Under applicable legal regulations, you have the right, at any time and at no cost, to obtain information about the personal data stored about you, its origin and recipients, the purpose of data processing and, if necessary, a right to request that it be rectified, blocked or erased. If you wish to exercise your rights or ask us any other questions regarding data privacy, you can contact us at any time using the address provided in the Legal Notice section of this website.

Right to restriction of processing

  • You have the right to obtain from us the restriction of processing your personal data. If you wish to exercise your right, you can contact us at any time using the address provided in the Legal Notice section. The right to restriction of processing exists where one of the following applies:
  • If you contest the accuracy of the personal data that we store, we generally require time to verify this. Processing of this data will be restricted until the accuracy of the personal data has been verified.
  • If the processing of your personal data was / is unlawful and you request the restriction of its use instead of erasure.
  • If we no longer need your personal data but you require it to establish, exercise or defend a legal claim, you may request the restriction of its use instead of erasure.
  • If you have objected to the processing of your personal data pursuant to Article 21 (1) GDPR. Processing of this data will be restricted for the duration of the investigation into whether our legitimate grounds override yours.

If you have restricted the processing of your personal data, such data will, with the exception of storage, only be processed with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or of a Member State.

Rejection of promotional emails

We hereby reject the use by third parties of data published in accordance with our legal obligation to provide contact information in order to send us advertising material and information that we have not explicitly requested. The operators of this website expressly reserve the right to take legal action against the unsolicited sending of advertising material such as spam emails.

3. Data Protection Officer

Mandatory Data Protection Officer

We have appointed a Data Protection Officer (DPO) to oversee compliance with this Privacy Policy:

(Lawyer) Torsten Cejka
Germaniastraße 18-20
12099 Berlin / Germany

Phone: +49 (0) 30 588 00 57-0
Email: cejka@vitruvia-med.com

4. Data collection on our website

Cookies

We use cookies on our website. Cookies do not harm your computer and do not contain viruses. Cookies are designed to make our online services more user-friendly, effective and secure. Cookies are small files that are automatically generated by your browser and stored on your device when you visit our website.

We primarily use ‘session cookies’ that will be deleted automatically after you leave our website. Other cookies are stored on your computer until they expire or you remove them. These are used to recognize you when you return to our website.

You can prevent cookies from being stored on your computer by configuring your browser’s cookie settings to notify you before websites try to set cookies or to opt out of certain or all cookies, and to automatically delete cookies when a tab or the browser is closed. However, please note that if you disable cookies, you may not be able to access all or parts of our website.

Cookies that are required for electronic communication or provision of specific features you wish to use (e.g. shopping cart) are stored on the basis of Article 6 (1) (f) GDPR. The website operator has a legitimate interest in storing cookies to provide optimized services free of technical issues. If other cookies (e.g. cookies that analyze your browsing behavior) are stored, this will be addressed separately in this Privacy Policy.

Server log files

The provider of this website automatically collects and stores information in server log files, which your browser transmits to us automatically. These files contain the following information:

  • Browser type and version

  • Operating system

  • Referrer URL

  • Host name of the computer used to access the website

  • Time of the server request

  • IP address

This data is not merged with other data sources.

The legal basis for such processing is set out in Article 6 (1) (f) GDPR. The website operator has a legitimate interest in the functionality and optimized usability of the website—server log files help us gather the required information.

Contact form

Should you send us queries via the contact form, we will collect the data entered on the form, including the contact details you provide, to answer your queries and any follow-up questions. We do not share this information without your consent.

We will, therefore, process any data you enter onto the contact form only with your consent (Article 6 (1) (a) GDPR). You have the right to withdraw your consent at any time. All you need to do is send us a message by email. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent.

We will retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the data is no longer necessary in relation to the purposes for which it was collected or otherwise processed (e.g. once we have dealt with your request). This does not affect any mandatory legal provisions, especially those concerning data retention periods.

5. Plugins and tools

Google Maps

This website uses Google Maps API to visually display geographical information. This service is provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

To enable the use of Google Maps features, your IP address must be stored. This information is usually transmitted to and stored on a Google server in the USA. The provider of this site has no influence on this data transmission. We use Google Maps in the legitimate interest of providing an attractive online service and making it easier for our visitors to find the addresses provided on our website. The data is collected and stored on the basis of Article 6 (1) (f) GDPR.

If you’d like to know more about how Google handles user information, please read the Google privacy policy at: https://www.google.de/intl/de/policies/privacy/.

Google Analytics

This website uses Google Analytics, a web analytics service provided by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics uses “cookies”, which are text files placed on your computer to help analyze the use of our website. The information generated by the cookies about your use of our website is usually transmitted to and stored on a Google server in the USA.

The storage of Google Analytics cookies and the use of this analytics tool are based on Article 6 (1) (f) GDPR. The website operator has a legitimate interest in analyzing how users interact with our website, to keep the website updated and relevant, and to inform our marketing strategy.

IP anonymization

We use Google Analytics with an IP anonymization feature on our website. This means that Google will truncate your IP address within Member States of the European Union or in other contracting parties to the Agreement on the European Economic Area before transmission to a Google server in the USA. Only in exceptional cases will your full IP address be transmitted to a Google server in the USA and truncated there. Google will use this information to analyze your use of the website, to create website activity reports for the website operators and to provide further services related to website and Internet usage. The IP address transmitted from your browser as part of Google Analytics will not be merged with any other data held by Google.

Browser plug-in

You may refuse the use of cookies by selecting the appropriate settings on your browser; however, if you do so, you may not be able to use all features of this website. In addition, you can prevent Google’s collection and use of data (cookies and IP address) by downloading and installing the browser plug-in available under: https://tools.google.com/dlpage/gaoptout?hl=de.

Objection to data collection

You may prevent the collection of data by Google Analytics by clicking the following link. This link creates an opt-out cookie which prevents future data collection when visiting our website:  Disable Google Analytics..

For more information about how Google Analytics handles user data, see Google’s privacy policy: https://support.google.com/analytics/answer/6004245?hl=de .

Commissioned data processing

We have signed a commissioned data processing agreement with Google and fully implement the strict requirements of the German data protection authorities for the use of Google Analytics.

Google Analytics demographics

This website uses the “Demographics” feature of Google Analytics. It generates reports containing information about the age, gender and interests of website users. This data is sourced from Google advertisements that relate to your interests and from third-party visitor data. Data of this nature cannot be traced back to a specific person. You can deactivate this function at any time via the advertising settings in your Google account or prevent your data from being collected by Google Analytics in general by following the instructions under ‘Objection to data collection’.

Data retention

Google Analytics user and event data associated with cookies, user identifiers (e.g., User ID) and advertising identifiers (e.g., DoubleClick cookies, Android’s Advertising ID) is anonymized or deleted after 14 months. More information on Google Data Retention can be found via this link:  https://support.google.com/analytics/answer/7667196?hl=en