Privacy policy
Privacy policy
(1) Data protection at a glance
The following information provides a simple overview of what happens to your personal data when you visit our website. Personal data is any data that can be used to identify you personally. Detailed information on the subject of data protection can be found in our data protection declaration listed below this text.
Data collection on our website
Who is responsible for data collection on this website?
Contact details of the person responsible
The following company is responsible for data processing on this website:
MÖLLER Medical GmbH
Wasserkuppenstraße 29-31
D-36043 Fulda
Telephone: +49 661 941 950
Fax: +49 (0)661 94195 850
Email: info@moeller-medical.com
Contact details of the data protection officer
Mr. Möller is responsible for data protection in our company and can be contacted as follows:
SK-Consulting Group GmbH
Osterweg 2
D-32549 Bad Oeynhausen
Email: datenschutz@sk-consulting.com
For further information, information and revocation of consent to data processing, please contact: datenschutz@sk-consulting.com or info@moeller-medical.com
(2) General notes and mandatory information
The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.
We would like to point out that data transmission over the Internet (e.g. when communicating by e-mail) may be subject to security vulnerabilities. Complete protection of data against access by third parties is not possible.
SSL or TLS encryption
This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
(3) Processed personal data
We collect, store and process the following categories of personal data when you visit our website:
“Log data”: When you visit our website, the provider of the site automatically stores and collects information in so-called server log files, which your browser automatically transmits to us. These are Browser type and browser version, operating system used, website or file requested, device type used, referrer URL, host name of the accessing computer, time of the server request, IP address, search term if the search request was made via Google or Bing.
Use of collected data in statistics:
Our website provider provides us with the following anonymized statistics. We do not use or evaluate the statistics and cannot currently deactivate the creation of statistics:
- Visitor numbers: Visitors, sessions, page views and search engine robots.
- Visitor behavior: Duration per session, page views per session and bounce rate.
- Page analysis: entry pages, exit pages, error pages, most visited pages, pages
- with a high bounce rate and search terms.
- Pages of origin: All source pages and referring pages.
- Visitor locations
- Browsers & systems: Browsers, browser versions, operating systems and operating system versions.
- File download
“ Contact form data “: when using our contact form, the data transmitted through it is processed (surname and first name, company, e-mail address and the time of transmission).
“ Registration data“: when registering for our services, the data required to create a user account is transmitted and processed (surname and first name, company/employer, e-mail address, etc.)
„Newsletter data“: the data you provide for the newsletter is transmitted and processed for the purpose of sending information relating to the current status of the individual learning units. (first name and e-mail address)
(4) Purpose and legal basis of data processing
We process the personal data specified above in accordance with the provisions of the GDPR, the other relevant data protection regulations and only to the extent necessary.
The processing of log data serves statistical purposes and to improve the quality of our website, in particular the stability and security of the connection (legal basis is Art. 6 para. 1 sentence 1 lit. a or lit. f GDPR).
The processing of contact form data is carried out to process customer inquiries (legal basis is Art. 6 para. 1 sentence 1 lit. b or lit. f GDPR).
The processing of registration data is carried out for the performance of a contractual relationship concluded with your employer (legal basis is Art. 6 para. 1 sentence 1 lit. b GDPR)
The processing of newsletter data is based on your consent. (Legal basis is Art. 6 para. 1 sentence 1 lit. a GDPR)
If processing takes place outside the listed processing operations, this is done on the basis of,
- Consent pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR, consent exists if you have been informed about the processing in a transparent manner and consequently consent to the processing. This can also be implied through active action on your part, e.g. if you send us your contact details in an email.
- Legitimate interest pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR, in which case we also process personal data to protect our legitimate business interests, those of our customers and, if applicable, the interests of third parties. This may be necessary, for example, to ensure IT security and IT operations, to fulfill accountability and/or verification obligations towards our business partners / customers or supervisory authorities, to prevent and investigate criminal offenses / breaches of the law, to safeguard domiciliary rights and for sales and marketing purposes. In doing so, we must weigh up whether your interests or fundamental rights and freedoms outweigh our legitimate interest.
- Fulfillment of legal obligations pursuant to Art. 6 para. 1 sentence 1 lit. c GDPR We process personal data insofar as this is necessary to fulfill legal obligations to which we are subject, e.g. in connection with the fulfillment of retention obligations under the German Commercial Code and the German Fiscal Code.
(5) Recipients, storage duration, etc.
Who can receive the data from me?
In order to process your request, we will pass on your data to employees of our company and, in individual cases, to processors who are subject to special data protection obligations. In individual cases, it may be necessary for us to pass on your data to companies within our group of companies in order to process your request.
Will you transfer data from me to countries outside the European Union (so-called third countries)?
As part of our business relationships, your personal data may be passed on or disclosed to third-party companies. These may also be located outside the European Economic Area (EEA), i.e. in third countries. Such processing takes place exclusively to fulfill contractual and business obligations and to maintain your business relationship with us (legal basis is Art. 6 para. 1 lit. b or lit. f in each case in conjunction with Art. 44 ff. GDPR). We will inform you about the respective details of the transfer at the relevant points below. The European Commission certifies that some third countries have data protection standards comparable to the EEA standard by means of so-called adequacy decisions (a list of these countries and a copy of the adequacy decisions can be found here:
https://ec.europa.eu/info/law/law-topic/dataprotection/international-dimension-data-protection/adequacy-decisions_en). However, in other third countries to which personal data may be transferred, there may not be a consistently high level of data protection due to a lack of legal provisions. If this is the case, we ensure that data protection is adequately guaranteed. This is possible via binding corporate rules, standard contractual clauses of the European Commission for the protection of personal data pursuant to Art. 46 para. 1, 2 lit. c GDPR. Certificates or recognized codes of conduct. Please contact our data protection officer (see under General) if you would like more information on this.
Do I have to provide my data?
In order for you to use our services, it is necessary for you to provide us with personal data. For a (planned) conclusion and implementation of the online offer with you, the provision is mandatory and also required by law. If you do not provide it, we will not be able to make our online offer available to you.
Automated decision-making / profiling?
We do not intend to use personal data collected from you for automated decision-making (including profiling).
(6) Cookies
We use cookies on our websites. Cookies are small text files that are assigned to the browser you are using and stored on your hard disk by means of a characteristic string of characters and through which certain information flows to the site that sets the cookie. Cookies cannot execute programs or transfer viruses to your computer and therefore cannot cause any damage. They serve to make the Internet offer more user-friendly and effective overall, i.e. more pleasant for you. Cookies may contain data that makes it possible to recognize the device used. In some cases, however, cookies only contain information on certain settings that are not personally identifiable. However, cookies cannot directly identify a user.
The legal basis for cookies that are absolutely necessary to provide you with the expressly requested service is Section 25 (2) No. 2 TDDDG. Any use of cookies that is not absolutely technically necessary for this purpose constitutes data processing that is only permitted with your express and active consent in accordance with Section 25 (1) TDDDG in conjunction with Art. 6 (1) sentence 1 lit. a GDPR. This applies in particular to the use of performance, advertising, targeting or sharing cookies. In addition, we only pass on your personal data processed by cookies to third parties if you have given your express consent to this in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.
You can find more information about which cookies we use and your consent status in our cookie policy:
(7) Appearances on social media platforms
We maintain online presences on various social media platforms. If we have included links to our social media platforms on our website, these are pure links and not so-called plugins (requiring consent). When you click on the links, you will be redirected to the websites of the respective social media platforms.
However, we, as users of the various social media platforms, have no influence on the processing of your data by the providers of the social media platforms. It cannot be ruled out that the providers of the social media platforms may use your data for their own purposes and/or pass it on to third parties. This may concern your habits, personal relationships, preferences and other aspects. We would also like to point out that your data may also be processed outside the European Union, which may make it more difficult or even impossible to enforce your rights. Only access our social media platforms if you are aware of these effects and are willing to accept the aforementioned risks.
We operate a public profile on Instagram, also known as a feed. On our website, a hyperlink to Instagram is indicated by a logo at the bottom of the website. After clicking on the logo, the Instagram website opens in a new browser tab. We share photos and videos via Instagram to draw your attention to current trends, products and services from us.
Instagram is a product of Meta. We have no influence on the means and purposes of the processing of personal data by Meta, insofar as these are collected in connection with a visit to the Instagram website and on our Instagram profile. Only the
Meta Platforms Ireland Ltd.
4 Grand Canal Square
Grand Canal Harbour
Dublin 2
Ireland
is to be named here as the responsible party. You can find the Instagram privacy policy at the following link
https://www.facebook.com/help/instagram/519522125107875.
Please also note:
Your data may also be transferred to the USA. When personal data is transferred, there are risks under data protection law for the person whose data is transferred to the USA. US authorities (in particular intelligence agencies) are entitled to examination rights (in particular pursuant to Section 702 of the Foreign Intelligence Surveillance Act (FISA 702) and Executive Order 12 333) without EU citizens being able to object. These US legal bases allow data access to electronic communications services of non-US citizens even without a court order and legal protection.
As far as judicial protection is concerned, EU citizens do not have the same legal options (legal remedies) as American citizens to defend themselves against the processing of personal data by American authorities.
The United States carries out mass data processing without guaranteeing protection equivalent to that guaranteed by Art. 7 (respect for private and family life) and Art. 8 (protection of personal data) of the EU Charter of Fundamental Rights. Since 2018, there has also been the Cloud Act, which allows US authorities to access data stored by American companies (and their subsidiaries in Europe) that is not stored in the USA.
Information on data protection at Meta and other products offered by Meta can be found at www.facebook.com/policy in Meta’s Data Policy.
Meta (formerly Facebook)
We operate a company page (“Facebook Fanpage”) on META Platforms Ireland Ltd (formerly Facebook Ireland Ltd). On our website, a hyperlink to Facebook is indicated by a logo at the bottom of the website. After clicking on the logo, the Facebook website opens in a new browser tab. The joint controllers for the operation of the fan page within the meaning of the GDPR and other data protection regulations are:
META Platforms Ireland Ltd. (subsequent „META” or „Facebook”)
4 Grand Canal Square
Grand Canal Harbour
Dublin 2
Irland
and
Möller Medical GmbH
Wasserkuppenstraße 29-31
36043 Fulda
The following data is transmitted, among others:
For visitors who are not logged in/registered with Facebook:
IP address: Facebook automatically determines the user’s IP address when a fan page is accessed.
Cookies: If you visit our fan page, technically necessary cookies are automatically set by Facebook on your IT system. We are currently only aware of the so-called datr cookie. According to Facebook, it is used to identify the web browser that establishes the connection to the Facebook page and plays a key role in protecting the social network from “malicious activities”. The datr cookie is valid for two years, but can be deleted via the browser settings.
Cookies: A datr cookie is also set by Facebook in this case (see above). If you are a Facebook member and are logged in with your Facebook profile when you visit our fan page, the c_user cookie will also be set. Facebook links the visit to the company page with your personal user account. This enables Facebook to track your user behavior.
The use of cookies for Facebook products is beyond our control. The number and description of the cookies mentioned above reflect our current state of knowledge.
To our knowledge, Facebook currently processes user data for the following purposes:
- Advertising, analysis, creation of personalized advertising
- Creating user profiles
- Marketing research
- improve their own products
- to develop new products
When you visit our Facebook fan page, Facebook automatically stores information in a log file that your browser transmits to Facebook. We expressly point out that we have no knowledge of the scope and content of the data collected by Facebook, nor of its processing and use or, if applicable, transmission to third parties by Facebook.
Facebook also provides fan page operators with the “Facebook Insights” tool, which can be used to retrieve statistical information (= non-personal data) about the use of their pages. This includes, for example, the total number of page views and “likes”, page activities, post interactions, video views, post reach, comments, shared content, responses, proportion of men and women, origin in relation to country and city, language and possibly other information.
If you are a Facebook member and do not want Facebook to collect data about you via our fan page and link it to your member data+B14 stored on Facebook, you must:
- log out of Facebook before visiting our fan page,
- then the on the device existing
In this way, all Facebook information that can be used to identify you will be deleted, according to Facebook.
You can assert your data subject rights under the GDPR primarily with Facebook Ireland or with us. In accordance with the judgment of the ECJ, the fan page is operated under joint responsibility between Facebook and us in accordance with Article 26 GDPR (see Page Controller Addendum at https://www.facebook.com/legal/terms/page_controller_addendum). You must be logged in to Facebook to view the content of the link.
We use the “LinkedIn” platform for the purpose of presenting our company there and drawing your attention to current trends, products and services from us via posts and videos. The following information also serves as data protection information for our online presence there.
The services for the EU are provided by LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland. The headquarters of LinkedIn Inc. is located in Sunnyvale, California, USA. The company belongs to Microsoft. A hyperlink to LinkedIn is integrated into our website and identified by a logo. Clicking on the logo opens the LinkedIn website.
When you access LinkedIn services, LinkedIn may receive personal data from you.
Details can be found in LinkedIn’s privacy policy at the following link:
https://www.linkedin.com/legal/privacy-policy
You can find LinkedIn’s cookie policy at the following link:
https://www.linkedin.com/legal/cookie-policy
As part of the maintenance of our basic company profile, we have limited access to statistical evaluations from LinkedIn, e.g. about the number of page views of our online presence. LinkedIn makes this data available in aggregated and anonymized form for certain periods of time, but does not allow any conclusions to be drawn about identifiable visitors to our company page.
We have no influence on the means and purposes of the processing of personal data by LinkedIn, insofar as these are collected in connection with a visit to the LinkedIn website and our LinkedIn online presence. We would like to point out that you use LinkedIn and its functions on your own responsibility. If we process your personal data, this is done on the basis of our legitimate interest (Art. 6 para. 1 lit. f GDPR), as we assume that your fundamental rights to the protection of your personal data do not prevail here.
According to LinkedIn, the data centers for your members (who, like us, are registered with LinkedIn and have an account) are located in the USA. The USA is considered a third country without an adequacy decision, which therefore does not guarantee a level of data protection equivalent to that of the EU. LinkedIn services require data to be transferred from the European Union (EU) to the United States of America (USA) and back. This also applies to you as a visitor if you use LinkedIn services and certain functions, e.g. if you leave a comment on one of our posts.
The data transfer to the USA is based on standard contractual clauses. You can find information from LinkedIn on this under the following links:
https://de.linkedin.com/legal/l/dpa
The LinkedIn user agreement (applies to members and visitors) can be found at the following link:
https://de.linkedin.com/legal/user-agreement.
Please note the following when using LinkedIn:
Your data will be transferred to the USA. When personal data is transferred, there are risks under data protection law for the person whose data is transferred to the USA. US authorities (in particular intelligence agencies) are entitled to examination rights (in particular pursuant to Section 702 of the Foreign Intelligence Surveillance Act (FISA 702) and Executive Order 12 333) without EU citizens being able to defend themselves against this. These US legal bases allow data access to electronic communications services of non-US citizens even without a court order and legal protection.
As far as judicial protection is concerned, EU citizens do not have the same legal options (legal remedies) as American citizens to defend themselves against the processing of personal data by American authorities.
The United States carries out mass data processing without guaranteeing protection equivalent to that guaranteed by Art. 7 (respect for private and family life) and Art. 8 (protection of personal data) of the EU Charter of Fundamental Rights. Since 2018, there has also been the Cloud Act, which allows US authorities to access data stored by American companies (and their subsidiaries in Europe) that is not stored in the USA.
YouTube
We use YouTube on our website. This is a video portal of YouTube LLC, 901 Cherry Ave, 94066 San Bruno, CA, USA, hereinafter referred to as “YouTube”. YouTube is a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereinafter referred to as “Google”.
Service provider
The company providing the service in the European Economic Area and Switzerland is Google Ireland Limited, a company incorporated and operated under the laws of Ireland (registration number: 368047) with its registered office at Gordon House, Barrow Street, Dublin 4, Ireland (referred to as “YouTube”, “we”, “us” or “our”). References in these Terms of Use to the “affiliated companies” of YouTube refer to the companies of the Alphabet Inc. group of companies pursuant to Sections 15 et seq. German Stock Corporation Act.
We use YouTube in connection with the “extended data protection mode” function in order to be able to show you videos. The legal basis is Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in improving the quality of our website. According to YouTube, the “Enhanced Privacy Mode” function means that the data described in more detail below is only transmitted to the YouTube server when you actually start a video. Without this “extended data protection”, a connection to the YouTube server in the USA is established as soon as you access one of our Internet pages on which a YouTube video is embedded. This connection is necessary in order to be able to display the respective video on our website via your Internet browser. In the course of this, YouTube will at least record and process your IP address, the date and time and the website you have visited. In addition, a connection to Google’s “DoubleClick” advertising network is established. If you are logged in to YouTube at the same time, YouTube will assign the connection information to your YouTube account. If you wish to prevent this, you must either log out of YouTube before visiting our website or make the appropriate settings in your YouTube user account. For the purpose of functionality and analysis of user behavior, YouTube permanently stores cookies on your end device via your Internet browser. If you do not agree to this processing, you have the option of preventing the storage of cookies by changing the settings in your Internet browser. You can find more information on this above under “Cookies”. Further information about the collection and use of data as well as your rights and protection options in this regard can be found in Google’s privacy policy available at https://policies.google.com/privacy.
(8) Rights of data subjects
You can assert your rights as a data subject with regard to your processed personal data at any time by contacting us using the contact details provided at the beginning under (1). As the data subject, you have the right to:
- Right to access / information
to request information about your data processed by us in accordance with Art. 15 GDPR. In particular, you can request information about the purposes of processing, the category of data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data if it was not collected by us, and the existence of automated decision-making including profiling and, if applicable, meaningful information about its details;
- Right to rectification
in accordance with Art. 16 GDPR, to immediately request the correction of incorrect data or the completion of your data stored by us;
- Right to erasure
in accordance with Art. 17 GDPR, to demand the deletion of your data stored by us, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
- Right to restriction
in accordance with Art. 18 GDPR, to demand the restriction of the processing of your data if the accuracy of the data is disputed by you or the processing is unlawful;
- Right to data portability
in accordance with Art. 20 GDPR, to receive your data that you have provided to us in a structured, commonly used and machine-readable format or to request that it be transmitted to another controller (“data portability”);
- Right to object
pursuant to Art. 21 GDPR to object to the processing if the processing is based on Art. 6 para. 1 sentence 1 lit. e or lit. f GDPR. This is particularly the case if the processing is not necessary for the performance of a contract with you. If it is not an objection to direct advertising, we ask you to explain the reasons why we should not process your data as we have done when exercising such an objection. In the event of your justified objection, we will examine the situation and either discontinue or adapt the data processing or point out to you our compelling reasons worthy of protection on the basis of which we will continue the processing;
- Right of withdrawal of consent
in accordance with Art. 7 (3) GDPR, to withdraw your consent once given – i.e. your voluntary, informed and unequivocal expression of your consent to the processing of the personal data concerned for one or more specific purposes by means of a statement or other unequivocal affirmative act – at any time, if you have given such consent. The consequence of this is that we may no longer continue the data processing based on this consent in the future and
- Right to complain
in accordance with Art. 77 GDPR, to complain to a data protection supervisory authority about the processing of your personal data in our company, for example to the data protection supervisory authority responsible for us:
Our head office is located in the federal state of Hesse. Therefore, the responsible data protection supervisory authority is:
The Hessian Commissioner for Data Protection and Freedom of Information
P.O. Box 3163
65021 Wiesbaden
Telephone: 0611/ 14080
Email: poststelle@datenschutz-hessen.de-mail.de
The information, notifications and measures to be provided in accordance with the GDPR, including “the exercise of data subjects’ rights, are generally provided free of charge. Only in the case of manifestly unfounded or excessive requests are we entitled to charge a reasonable fee for processing or to refrain from taking action (Art. 12 (5) GDPR).
If there is reasonable doubt about your identity, we may request additional information from you for the purpose of identification. If we are unable to identify you, we are entitled to refuse to process your request. If we are unable to identify you, we will inform you separately if possible. (see Art. 12 para. 6 and Art. 11 GDPR).
(9) Changes to the data protection notice
As part of the further development of data protection law and technological or organizational changes, our data protection information is regularly reviewed to determine whether it needs to be adapted or supplemented. You will be informed of any changes in particular on our website at: https://academy.moeller-medical.com/de/academy/datenschutzerklaerung/.
This data protection notice was last updated in June 2024.