Protecting your data and your privacy are very important to us.
We would like to use this Data Privacy Declaration to inform you of how your personal data is handled. This Declaration applies to the collection, processing, and use of personal data within the framework of STORZ & BICKEL GmbH & Co. KG websites, including its various shops, and within the framework of apps offered by STORZ & BICKEL for Android and iOS. We collect, process, and use personal data for purposes such as completing orders, offering services, and carrying out and further improving the contents and functions of our products and websites. We also collect, process, and use such data for the purposes of advertising and market research, if you have consented to such uses.
If you specifically consent to this Data Privacy Declaration (for instance by clicking a check box on a website referring to this Data Privacy Declaration), you consent for the responsible party to use the data collected on their websites for the purpose of advertising and market research on those websites.
This data privacy information applies to data processing by:
STORZ & BICKEL GmbH & Co. KG
In Grubenäcker 5–9
STORZ & BICKEL America Inc.
1078 60th St
CA 94608 Oakland
You are welcome to submit questions on data privacy to email@example.com at any time.
§ 2 Collecting and saving personal data, and the type and purpose of data usage
(1) When you visit our website:
When you access our website
information is automatically sent to our website servers by the browser you use on your device. This information is temporarily saved in a so-called log file. The following information is recorded without any action on your part, and is saved until it is automatically deleted, for a maximum of 24 hours:
- IP address of the requesting computer,
- Date and time of access,
- Name and URL of the accessed file,
- Website from which access occurred (referrer URL),
- Browser used and your computer’s operating system, if applicable, as well as the name of your access provider.
We process this data for the following purposes:
- To ensure we can provide a smooth connection to our website;
- To ensure uses can comfortably use our website,
- To assess system security and stability, as well as
- For further administrative purposes.
The legal basis for data processing is Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in data processing for the purposes listed above. We will never use collected data to draw conclusions about you personally. We reserve the right to review such data subsequently if we suspect our services have been used in an illegal manner.
(2) When you register for our newsletter:
If you have expressly consented to processing in accordance with Art. 6 para. 1 clause 1 GDPR, we will use your e-mail address to send you our newsletter regularly. All you need to provide to receive the newsletter is your e-mail address.
You may cancel your registration at any time, for instance by clicking the link at the end of the newsletter. Alternatively, you are also welcome to send your cancellation request to us at any time via e-mail to firstname.lastname@example.org.
(3) When using our RMA services for repairs and guarantees:
If you have support inquiries, you may contact us using the contact form provided on our website. You must provide a valid e-mail address when submitting an inquiry so we know who the inquiry comes from and can answer it. You must also provide information on the device used, the purchaser's mailing address, and on their purchase of the device. This information is required to process and review your support inquiry, for instance if we need to initiate a warranty claim. Further information may be provided voluntarily. Please see section 9 of this Data Privacy Declaration for more information on retention periods.
Data processing for the purpose of contact with us is completed according to Art. 6 para. 1 clause 1 GDPR based on your freely granted consent.
(4) When registering and/or placing an order in one of our online shops:
If you would like to place an order or register / create an account in one of our online shops, you may need to provide personal data such as your name, age, delivery and billing addresses, and contact and payment information. This information is required so we can ensure the ordering party is entitled to engage in the transaction, and because this data must be collected to carry out the purchasing agreement concluded. Data is only processed for the purpose for which it was collected. Please see section 9 of this Data Privacy Declaration for more information on retention periods.
(5) During an application process:
If you apply to a job advertisement or send in a prospective application, your application information and associated personal data will be used in a regulated application process. Data will only be collected and processed as part of applicant management and will never be transmitted to third parties. Please see section 9 of this Data Privacy Declaration for more information on retention periods.
Your personal data is never transmitted to third parties for reasons other than the following. We only transmit your personal data to third parties if:
- you have expressly granted your consent to transmission according to Art. 6 para. 1 clause 1 GDPR,
- transmission under Art. 6 para. 1 clause 1 GDPR is necessary to assert, exercise, or defend against legal claims, and there is no reason to assume that you would have an outweighing protected interest in not transmitting your data,
- if we have a legal obligation to provide data under Art. 6 para. 1 clause 1 GDPR, and
- if this is legally permitted and necessary under Art. 6 para. 1 clause 1 GDPR to carry out contractual relationships (such as to fulfill an agreement in case of customer orders, transmission of address data to transportation service providers).
Data processed using the cookies are required in order to safeguard our justifiable interests and those of third parties according to Art. 6 para. 1 clause 1 GDPR.
Most browsers accept cookies automatically. However, you can configure your browser so that no cookies will be saved on your computer, or so that you always receive notification before a new cookie is saved. If you completely deactivate all cookies, you may not be able to use all of the functions of our website.
Marketing cookies can be managed using the following tools:
(1) Tracking and analytic tools:
We use the following tracking measures based on Art. 6 para. 1 clause 1 GDPR. We use these tracking measures to design our website based around user needs and ensure ongoing optimization. In addition, we also use tracking measures to record and analyze statistical information and to optimize our services for you. These interests are considered legitimate in the sense of the above regulations. Please see the different tracking tools for the specific purposes of data processing and data categories. Our relationships with respective web analytics providers are based on the European Commission “Privacy Shield” for the USA.
(2) Google Analytics:
We use Google Analytics for the purpose of designing our website in line with user needs and ongoing optimizations, a web analytics service of Google Inc. www.google.de/intl/de/about/ (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter referred to as “Google”). Pseudonymized usage profiles are created and cookies are used in this context (see 4). The information generated by the cookie on your use of the website, such as
- Browser type / version,
- Operating system used,
- Referrer URL (page visited directly before),
- Host name of the accessing computer (IP address),
- Time of the server inquiry,
is transmitted to a Google server in the USA and saved there for a maximum of 26 months. This information is used to analyze use of the website, create reports on website activities, and provide further services associated with website use and internet use for the purpose of market research and to design these pages in line with user needs. This information may also be transmitted to third parties if legally required, or if these third parties process such data on a contract basis. Your IP address is never combined with other data by Google. IP addresses are anonymized to make it impossible to associated them with you (IP masking).
You can prohibit the installation of cookies by changing the settings in your browser software accordingly; we would, however, like to inform you that in this case you will not be able to use the full extent of all functions on our website. You can, additionally, prohibit the collection of the data created by cookies and related to your use of the website (incl. your IP address) and processing of this data by downloading and installing a browser add-on (tools.google.com/dlpage/gaoptout). This saves an opt-out cookie that prevents your data from being in collected in the future when you visit this website: The opt-out cookie will only be valid in this browser and only for our website, and will be saved on your device. If you delete cookies in this browser, you will have to install the opt-out cookie once again. Further information on data privacy in conjunction with Google Analytics is provided in the Google Analytics help section at (support.google.com/analytics/answer/6004245).
(3) Awin Affiliate Program:
Our website uses the affiliate network of Awin AG, Eichhornstraße 3, 10785 Berlin (www.awin.com/de/uber-uns). As part of its tracking services, Awin stores cookies (see Chapter 4) on the end-user devices of users who visit or use the websites or other online services of its customers in order to document transactions. These cookies serve the sole purpose of correctly allocating the success of an advertising medium and the corresponding billing within the framework of its network: Tracking enables Awin to track a consumer's journey (Customers Journey) through specific websites after viewing or clicking on an ad. The purpose of the tracking is to allocate a publisher’s sales and marketing costs to a specific transaction. This enables advertisers to pay publishers per transaction. In addition, corresponding reports can be made available to publishers and advertisers by Awin. To accomplish the tracking Awin uses:
- Tracking Domain Cookies,
- Journey Tags,
- Device Fingerprinting
All data tracked by Awin is pseudonymous, insensitive, as far as possible technical and does not relate to behavior, predictions or evaluations of consumer interests or personalities.
(1) Google Maps plug-in:
§ 7 Security & encryption
We use the common SSL process (secure socket layer) within your website visit, in conjunction with the highest level of encryption supported by your browser. Generally, this is 256 bit encryption. If your browser does not support 256 bit encryption, we will instead use 128 bit v3 technology. You can tell whether individual pages on our website are encrypted during transmission because a key or lock symbol will be displayed on the bottom status bar on your browser, and your browser line will switch from “http://” to “https://” when displaying encrypted content. Data encrypted via SSL cannot be read by third parties. Only transmit your confidential information (for instance in payment processes) when SSL encryption is active, and contact us if you have any concerns.
We also use suitable technical and organizational security measuress to protect your data against accidental or intentional manipulation, partial or complete loss, destruction, or unauthorized access by third parties. Our security measures are continuously improved in response to technological development.
§ 8 Rights of data subjects
You have the right:
(1) to request information on your personal data processed by us according to Art. 15 GDPR. In particular, you can request information on the purposes of processing, categories of personal information, categories of recipients to whom your data was or will be disclosed, planned storage terms, the existence of a right to correct, delete, restrict processing, or object to use of your data, the existence of a right to submit complaints, the origin of your data if we did not collect it, as well as regarding the use of automated decision-making processes and profiling, as well as detailed and specific information on any of these matters;
(2) you may request that incorrect or incomplete personal data saved by us be rectified promptly in accordance with Art. 16 GDPR;
(3) you may request that your personal data saved by us be deleted in accordance with Art. 17 GDPR unless processing is necessary to carry out a right to free expression and information, to fulfill a legal obligation, based on the public interest, or to assert, exercise, or defend against legal claims;
(4) you may request the restricted processing of your personal data according to Art. 18 GDPR if you dispute the correctness of your data, if processing is illegal, but if you reject deletion of data, and if we no longer need the data, but you require the data to assert, exercise, or defend against legal claims or you have objected to processing in accordance with Art. 21 GDPR;
(5) you have the right to receive the personal information you have provided to us in a structured, accessible, and machine-readable format or to request it be transmitted to another responsible entity in accordance with Art. 20 GDPR;
(6) you have the right according to Art. 7 para. 3 GDPR to revoke any consent you have granted to us at any time. If you do so, we will no longer be able to carry out data processing based on this consent in the future and
(7) you will not have the right to submit complaints with a supervising authority in accordance with Art. 77 GDPR. Typically, you can contact the supervising authority for your place of residence or your workplace, or our jurisdiction.
All data required for typically business transactions (such as orders, repairs, and processing guarantee claims) such as correspondence and commercial issues with customer data is archived before it may be destroyed in accordance with commercial and tax law regulations (HGB - German Commercial Code and Tax Code). Longer retention periods from the Medical Device Regulation (MDR) and country-specific requirements in permitted markets apply to information relevant to our medical products (Vapormed brand). Application documents are archived until the end of the application process, and for a maximum of three months, then deleted in accordance with data privacy law. Please contact email@example.com for further information.
If your personal data is processed based on a legitimate interest in accordance with Art. 6 para. 1 clause 1 GDPR, you have the right according to Art. 21 GDPR to object to processing of your personal data if there are grounds for doing so related to your personal situation or if the complaint is submitted against direct advertising. In the latter case, you have a general right to object and we must comply with your objection even if no special situation applies. If you would like to assert your right to object or right to submit complaints, please send an e-mail to: firstname.lastname@example.org.
§ 11 Updates and changes to this Data Privacy Declaration
This Data Privacy Declaration is the current valid version and was last updated in April 2018.
We may need to amend this Data Privacy Declaration due to further developments of our website and services, or due to changed legal or official regulations. You can always access and print out our current Data Privacy Declaration at the website www.storz-bickel.com/privacy/.