Skip to content
Chevron Chevron

Privacy Policy

PRIVACY POLICY
This privacy policy explains the type, scope and purpose of the processing of personal data (hereinafter referred to as "data") in the context of the provision of our services and within our online offering and the associated websites, functions and content as well as external online presences, such as our social media profiles (hereinafter jointly referred to as "online offering"). With regard to the terms used, such as "processing" or "controller", we refer to the definitions in Art. 4 of the General Data Protection Regulation (GDPR).

RESPONSIBLE PERSON
Animus Medicus - Owner Wichard Lüdje
Richard-Wagner.Str. 5

93055 Regensburg

TYPES OF DATA PROCESSED
Inventory data (e.g., personal master data, names or addresses). Contact details (e.g., email, telephone numbers).
Content data (e.g., text entries, photographs, videos).
Usage data (e.g., websites visited, interest in content, access times).
Meta/communication data (e.g., device information, IP addresses).
CATEGORIES OF AFFECTED PERSONS
Visitors and users of the online offer (hereinafter we refer to the persons concerned collectively as “users”).

PURPOSE OF PROCESSING
- Provision of the online offer, its functions and contents.

- Answering contact requests and communicating with users.

- Security measures.

- reach measurement/marketing

TERMS USED
“Personal data” means any information relating to an identified or identifiable natural person (hereinafter referred to as “data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g. a cookie) or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

“Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means. The term is broad and covers virtually any handling of data.

‘Pseudonymisation’ means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

‘Profiling’ means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.

The “controller” means the natural or legal person, public authority, agency or other body which alone or jointly with others decides on the purposes and means of the processing of personal data.

“Processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

RELEVANT LEGAL BASIS
In accordance with Art. 13 GDPR, we inform you of the legal basis for our data processing. For users from the scope of the General Data Protection Regulation (GDPR), i.e. the EU and the EEC, the following applies if the legal basis is not mentioned in the data protection declaration:

The legal basis for obtaining consent is Art. 6 (1) (a) and Art. 7 GDPR;

The legal basis for processing to fulfill our services and carry out contractual measures as well as answering inquiries is Art. 6 Para. 1 lit. b GDPR;

The legal basis for processing to fulfill our legal obligations is Art. 6 (1) lit. c GDPR;

In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 (1) (d) GDPR serves as the legal basis.

The legal basis for the processing required to perform a task carried out in the public interest or in the exercise of official authority vested in the controller is Art. 6 (1) (e) GDPR.

The legal basis for processing to protect our legitimate interests is Art. 6 (1) lit. f GDPR.

The processing of data for purposes other than those for which they were collected is governed by the provisions of Article 6 (4) GDPR.

The processing of special categories of data (according to Art. 9 Para. 1 GDPR) is determined in accordance with the provisions of Art. 9 Para. 2 GDPR.

SAFETY MEASURES
In accordance with the legal requirements, taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the processing as well as the varying likelihood and severity of the risk to the rights and freedoms of natural persons, we take appropriate technical and organizational measures to ensure a level of protection appropriate to the risk.

The measures include in particular ensuring the confidentiality, integrity and availability of data by controlling physical access to the data, as well as access to it, input, transfer, ensuring availability and separation. Furthermore, we have set up procedures that ensure the exercise of data subject rights, deletion of data and response to data threats. Furthermore, we take the protection of personal data into account when developing or selecting hardware, software and processes, in accordance with the principle of data protection through technology design and through data protection-friendly default settings.

COOPERATION WITH CONTRACT PROCESSORS, JOINT CONTROLLER AND THIRD PARTIES
If, as part of our processing, we disclose data to other persons and companies (contract processors, joint controllers or third parties), transmit it to them or otherwise grant them access to the data, this will only be done on the basis of a legal permission (e.g. if transmission of the data to third parties, such as payment service providers, is necessary to fulfill the contract), users have consented, a legal obligation provides for this or on the basis of our legitimate interests (e.g. when using agents, web hosts, etc.).

If we disclose, transmit or otherwise grant access to data to other companies in our group of companies, this is done in particular for administrative purposes as a legitimate interest and, in addition, on a basis that complies with the statutory requirements.

TRANSFERS TO THIRD COUNTRIES
If we process data in a third country (i.e. outside the European Union (EU), the European Economic Area (EEA) or the Swiss Confederation) or if this occurs as part of the use of third-party services or disclosure or transmission of data to other persons or companies, this will only take place if it is necessary to fulfil our (pre)contractual obligations, on the basis of your consent, due to a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual permissions, we only process or have data processed in a third country if the legal requirements are met. This means that processing takes place, for example, on the basis of special guarantees, such as the officially recognised determination of a data protection level equivalent to that of the EU (e.g. for the USA through the “Privacy Shield”) or compliance with officially recognised special contractual obligations.

RIGHTS OF THE DATA SUBJECTS
You have the right to request confirmation as to whether or not data concerning you is being processed and to obtain information about this data as well as further information and a copy of the data in accordance with legal requirements.

In accordance with the statutory provisions, you have the right to request that the data concerning you be completed or that inaccurate data concerning you be corrected.

In accordance with the statutory provisions, you have the right to demand that the data in question be deleted immediately or, alternatively, to demand that the processing of the data be restricted in accordance with the statutory provisions.

You have the right to request that the data concerning you that you have made available to us be received in accordance with the statutory requirements and to request that it be transmitted to other responsible parties.

You also have the right to lodge a complaint with the competent supervisory authority in accordance with the statutory provisions.

RIGHT OF WITHDRAWAL
You have the right to revoke your consent with effect for the future.

RIGHT OF OBJECTION
You can object to the future processing of data concerning you at any time in accordance with the statutory provisions. The objection can be made in particular against processing for direct marketing purposes.

COOKIES AND RIGHT OF OBJECTION TO DIRECT MARKETING
“Cookies” are small files that are saved on users’ computers. Different information can be saved within cookies. A cookie is primarily used to save information about a user (or the device on which the cookie is saved) during or after their visit to an online service. Temporary cookies, or “session cookies” or “transient cookies”, are cookies that are deleted after a user leaves an online service and closes their browser. Such a cookie can save, for example, the contents of a shopping cart in an online shop or a login status. Cookies that remain saved even after the browser is closed are referred to as “permanent” or “persistent”. For example, the login status can be saved if users visit the site several days later.The interests of users can also be stored in such a cookie and used for reach measurement or marketing purposes. Cookies that are offered by providers other than the controller who operates the online service are referred to as "third-party cookies" (otherwise, if they are only their cookies, they are referred to as "first-party cookies").

We may use temporary and permanent cookies and explain this in our privacy policy.

If users do not want cookies to be stored on their computer, they are asked to deactivate the corresponding option in the system settings of their browser. Stored cookies can be deleted in the system settings of the browser. The exclusion of cookies can lead to functional restrictions of this online service.

A general objection to the use of cookies used for online marketing purposes can be made for a large number of services, especially in the case of tracking, via the US website http://www.aboutads.info/choices/ or the EU side http://www.youronlinechoices.com/ Furthermore, cookies can be blocked by deactivating them in the browser settings. Please note that in this case, not all functions of this website may be available.

DELETION OF DATA
The data we process will be deleted or restricted in accordance with legal requirements. Unless expressly stated in this privacy policy, the data stored by us will be deleted as soon as it is no longer required for its intended purpose and there are no legal retention periods that prevent deletion.

If the data is not deleted because it is required for other legally permissible purposes, its processing will be restricted. This means that the data will be blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax reasons.

CHANGES AND UPDATES TO THE PRIVACY POLICY
We ask you to regularly inform yourself about the content of our data protection declaration. We will adapt the data protection declaration as soon as changes to the data processing we carry out make this necessary. We will inform you as soon as the changes require your cooperation (e.g. consent) or other individual notification.

BUSINESS-RELATED PROCESSING
In addition, we process

- Contract data (e.g., subject matter of the contract, term, customer category).

- Payment data (e.g. bank details, payment history)

from our customers, interested parties and business partners for the purpose of providing contractual services, service and customer care, marketing, advertising and market research.

ORDER PROCESSING IN THE ONLINE SHOP AND CUSTOMER ACCOUNT
We process our customers' data as part of the ordering process in our online shop in order to enable them to select and order the selected products and services, as well as to pay for and deliver them or execute them.

The data processed includes inventory data, communication data, contract data, payment data and the persons affected by the processing include our customers, interested parties and other business partners. The processing is carried out for the purpose of providing contractual services in the context of operating an online shop, billing, delivery and customer services.We use session cookies to store the shopping cart contents and permanent cookies to store the login status.

The processing is carried out to fulfill our services and carry out contractual measures (e.g. carrying out order processes) and to the extent that it is required by law (e.g. legally required archiving of business transactions for trade and tax purposes). The information marked as required is necessary to establish and fulfill the contract. We only disclose the data to third parties in the context of delivery, payment or within the scope of legal permissions and obligations, as well as if this is done on the basis of our legitimate interests, about which we inform you in this data protection declaration (e.g. to legal and tax advisors, financial institutions, freight companies and authorities).

Users can optionally create a user account, in particular where they can view their orders. During registration, the required mandatory information is communicated to users. User accounts are not public and cannot be indexed by search engines. If users cancel their user account, their data relating to the user account will be deleted, unless retention is necessary for commercial or tax law reasons. Information in the customer account remains until it is deleted and then archived in the event of a legal obligation or our legitimate interests (e.g. in the event of legal disputes). It is the responsibility of users to back up their data in the event of cancellation before the end of the contract.

When registering and re-registering as well as using our online services, we save the IP address and the time of the respective user action. The data is saved on the basis of our legitimate interests, as well as the user's interests in protection against misuse and other unauthorized use. This data is generally not passed on to third parties unless it is necessary to pursue our legal claims as a legitimate interest or there is a legal obligation to do so.

Deletion occurs after expiry of statutory warranty and other contractual rights or obligations (e.g., payment claims or performance obligations from contracts with customers), whereby the necessity of retaining the data is reviewed every three years; in the case of retention due to statutory archiving obligations, deletion occurs after these expire.

EXTERNAL PAYMENT SERVICE PROVIDERS
We use external payment service providers through whose platforms users and we can carry out payment transactions (e.g., each with a link to the privacy policy, Paypal (https://www.paypal.com/de/webapps/mpp/ua/privacy-full), Klarna (https://www.klarna.com/de/datenschutz/), Skrill (https://www.skrill.com/de/fusszeile/datenschutzrichtlinie/), Giropay (https://www.giropay.de/rechtliches/datenschutz-agb/), Visa (https://www.visa.de/datenschutz), Mastercard (https://www.mastercard.de/de-de/datenschutz.html), American Express (https://www.americanexpress.com/de/content/privacy-policy-statement.html)

As part of the fulfillment of contracts, we use payment service providers on the basis of Art. 6 (1) (b) GDPR. In addition, we use external payment service providers on the basis of our legitimate interests in accordance with Art. 6 (1) (f) GDPR in order to offer our users effective and secure payment options.

The data processed by the payment service providers includes inventory data, such as name and address, bank details, such as account numbers or credit card numbers, passwords, TANs and checksums, as well as contract, sum and recipient-related information. The information is required to carry out the transactions. However, the data entered is only processed by the payment service providers and stored by them. This means:We do not receive any account or credit card-related information, only information confirming or rejecting the payment. The payment service provider may transmit the data to credit agencies. This transmission is for the purpose of checking identity and creditworthiness. Please refer to the terms and conditions and data protection notices of the payment service providers.

The terms and conditions and data protection notices of the respective payment service providers apply to payment transactions and can be accessed on the respective websites or transaction applications. We also refer to these for further information and to assert revocation, information and other rights of those affected.

CONTACT US
When you contact us (e.g. via contact form, email, telephone or via social media), the user's details will be processed to process the contact request and its handling in accordance with Art. 6 Paragraph 1 Letter b. (within the framework of contractual/pre-contractual relationships), Art. 6 Paragraph 1 Letter f. (other inquiries) GDPR. The user's details can be stored in a customer relationship management system ("CRM system") or comparable inquiry organization.

We delete the requests if they are no longer required. We check the necessity every two years; statutory archiving obligations also apply.

NEWSLETTER
With the following information we inform you about the contents of our newsletter as well as the registration, dispatch and statistical evaluation procedures as well as your right of objection. By subscribing to our newsletter, you agree to receive it and to the procedures described.

Content of the newsletter: We only send newsletters, emails and other electronic notifications with advertising information (hereinafter "newsletter") with the consent of the recipient or with legal permission. If the contents of the newsletter are specifically described when registering for the newsletter, they are decisive for the user's consent. In ad