Welcome to our Internet pages!
Dieter Marquardt Medizintechnik GmbH in Spaichingen has attached great importance to compliance with data protection regulations, and not only since the introduction of the GDPR. This was also the case before that. Nevertheless, we will explain everything about data protection on this website, because we want you to feel secure during your online visit.
In principle, it is possible to visit our website without providing any personal data. However, if you wish to take advantage of special services which we make available on our Internet pages, it may be necessary to process personal data. If the processing of personal data is necessary and there is no legal basis for such processing, we will obtain your consent before processing.
The processing of your personal data, for example your name, address, e-mail address or telephone number, is always carried out in compliance with the Basic Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG), as well as in accordance with the country-specific data protection regulations applicable to us. In this data protection declaration, we inform you about the type, scope and purpose of the personal data processed by us during your visit to our website.
This is accompanied by the rights you are entitled to as a data subject of the data protection processing, about which we would also like to inform you.
As the body responsible, we have implemented numerous technical and organisational measures in advance to ensure that the personal data processed via this website is protected as completely as possible. Nevertheless, Internet-based data transmissions (e.g. e-mail) can generally have security gaps, so that absolute protection cannot always be guaranteed. This is especially true if the transmissions take place outside our sphere of influence. For this reason, you are always free to transmit personal data to us by alternative means, for example by telephone, post or even in person.
Data protection-specific terms
Our data protection declaration contains terms that are used by the European Directive and Regulation Giver when issuing the Data Protection Basic Regulation (GDPR).
Our data protection declaration should be comprehensible and understandable for you as a visitor to these Internet pages. In order to make this possible, we explain the terms used below on the basis of the extracts from Art. 4 GDPR:
a) personal data
Personal data is any information relating to an identified or identifiable natural person (hereinafter referred to as "data subject" or direct contact such as "you"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
b) data subject
Data subject means any identified or identifiable natural person whose personal data are processed by the controller.
Processing is any operation or set of operations, performed upon personal data, whether or not by automatic means, such as collection, recording, organisation, organisation, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
d) Restriction of processing
Restriction of processing is the marking of stored personal data with the aim of limiting their future processing.
Pseudonymisation is the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without additional information, provided that this additional information is kept separately and is subject to technical and organisational measures which ensure that the personal data is not attributed to an identified or identifiable natural person.
f) Responsible body
The responsible body or the controller is the natural or legal person, public authority, agency or any other body which alone or jointly with others determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union law or by the law of the Member States, provision may be made for the controller to be designated in accordance with Union law or the law of the Member States, or for the criteria for designation.
Processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
The recipient is a natural or legal person, public authority, agency or other body to whom personal data are disclosed, whether or not it is a third party. However, authorities which may receive personal data in the course of a specific investigation, in accordance with Union or national law, shall not be considered as recipients.
i) Third party
Third party means any natural or legal person, public authority, agency or body other than the data subject, the controller, the processor and the persons who, under the direct authority of the controller or the processor, are authorized to process the personal data.
Consent shall mean any freely given specific and informed expression of the data subject's will in an informed and unequivocal manner, in the form of a declaration or other unequivocal affirmative act taken on a voluntary basis by the data subject to signify his or her consent to the processing of personal data relating to him or her.
The responsible body within the meaning of the Basic Data Protection Regulation, other data protection laws applicable in the Member States of the European Union and other provisions of a data protection nature:
Dieter Marquardt Medizintechnik GmbH
Phone: +49 7424 9581 0
Data protection officer
Dieter Marquardt Medizintechnik GmbH has appointed an external data protection officer. You can reach him under:
Phone: 0761-76 99 25 50
If you send us enquiries via our central e-mail address, your details from the e-mail including the contact details you provide there will be stored by us for the purpose of processing the enquiry and in the event of follow-up questions. We will not pass on this data without your consent.
The processing of your transmitted personal data is thus exclusively based on your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time. All you need to do is send us an informal notification by e-mail. The legality of the data processing operations carried out up to the time of revocation shall remain unaffected by the revocation.
The data entered by you in the contact form will remain with us until you request us to delete it, revoke your consent to its storage or the purpose for which it was stored ceases to apply (e.g. after your enquiry has been processed). Mandatory legal provisions - in particular retention periods - remain unaffected.
If you enter into a contractual relationship with us, the personal data will be used after your consent in accordance with Art. 6 (1) lit. a) GDPR for the pre-contractual fulfilment obligations by us in accordance with Art. 6 (1) lit. b) GDPR.
Usually they contain a cookie ID. This is a unique identifier for the cookie and consists of a string of characters that can be used to associate Internet pages and servers with the Internet browser you are using in which the cookie was stored. This enables the Internet pages and servers visited to distinguish the individual browser of the person concerned from other Internet browsers that contain other cookies. A particular Internet browser can be recognized and identified by means of the unique cookie ID.
By using cookies, we can provide users of this website with more user-friendly services that would not be possible without the setting of cookies.
You can prevent the setting of cookies by our website at any time by means of a corresponding setting in the Internet browser used and thus permanently object to the setting of cookies. Furthermore, cookies that have already been set can be deleted at any time via an Internet browser or other software programs. This is possible in all common Internet browsers. If you deactivate the setting of cookies in the Internet browser used, it is possible that not all functions of our website can be used to their full extent.
Collection of general data and information about the website
When you visit our website, our system collects a number of general data and information. This general data and information is stored in the log files of the server. can be recorded:
- browser types and versions used
- the operating system used by the accessing system
- the website from which an accessing system reaches our website (so-called referrer)
- the sub-websites, which are accessed via an accessing system on our website
- the date and time of access to the website
- an Internet Protocol (IP) address
- the Internet service provider of the accessing system
- other similar data and information which serve to avert danger in the event of attacks on our information technology systems
When using this general data and information, we do not draw any conclusions about you as the person concerned. This information is rather required to
- to deliver the contents of our website correctly
- to optimise the contents of our website and the advertising for it
- to guarantee the permanent functionality of our information technology systems and the technology of our website
- to provide law enforcement authorities with the information necessary for law enforcement in the event of a cyber attack
This anonymously collected data and information is therefore evaluated by us on the one hand statistically and on the other hand with the aim of increasing data protection and information security in our company, in order to ultimately ensure an optimum level of protection for the personal data processed by us. The anonymous data of the server log files are stored separately from all personal data of the persons concerned.
We use SSL encryption on our Internet pages to protect your transmitted data (e.g. via the contact form) from unauthorised access by third parties in transit. Such a secure connection can be recognized by the prefix "https://" in the URL of your address line, e.g:
For unencrypted ones the prefix looks like this: http://
Deletion and blocking of personal data
We will only store your personal data for as long as it is necessary for the purpose of storage or as long as this is permitted by the European Directives and Regulations or a country-specific legislator in laws or regulations to which we are subject.
If the purpose of storage ceases to apply or if a storage period prescribed above expires, your personal data will be blocked or deleted in accordance with the statutory provisions.
Rights of the data subject
Right to information (Art. 15 GDPR)
You have the right to receive free information from us at any time about whether we store personal data about you.
Should this be the case, you have the right to the following information:
the purposes of the processing, the categories of personal data processed, the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular, in the case of recipients in third countries or international organisations, if possible, the envisaged duration for which the personal data will be stored or, if this is not possible, the criteria for determining this duration the existence of a right to rectify or erase the personal data concerning him or her or to have it processed by us restricted or refused the existence of a right of appeal to a supervisory authority if the personal data are not collected from the data subject: all available information on the origin of the data the existence of automated decision-making, including profiling in accordance with Article 22 (1) and (4) FADP, and, in these cases, meaningful information on the logic involved and the scope and intended effects of such processing on the data subject.
If you wish to exercise your right of access, you can contact one of our employees at any time.
Right of rectification (Art. 16 GDPR)
You have the right to demand the immediate correction of incorrect personal data concerning you. You also have the right to request the completion of incomplete personal data, also by means of a supplementary declaration, taking into account the purposes of the processing.
If you wish to exercise your right of rectification, you may contact one of our employees at any time.
Right of cancellation (Art. 17 GDPR)
You have the right to demand that we delete personal data concerning you immediately, provided that one of the following reasons applies and provided that the processing is not required by other legal regulations:
- If one of the above reasons applies and you wish to have personal data stored by us deleted, you can contact one of our employees at any time.
- If the personal data have been made public by us and if our company, as the responsible body pursuant to Art. 17 (1) GDPR, is obliged to delete the personal data, we will take reasonable measures, taking into account the technical possibilities available and the implementation costs, to inform other responsible persons (e.g. contract processors) who process your published personal data that you have requested these other responsible persons to delete your personal data, copies thereof or to have them deleted. This will be done unless the processing is required by other legal provisions.
- Your personal data has been collected or otherwise processed for purposes for which it is no longer necessary.
- You revoke your consent on which the processing was based pursuant to Art. 6 (1) lit. a) GDPR or Art. 9 (2) lit. a) GDPR, and there is no other legal basis for the processing.
- You object to the processing pursuant to Art. 21 (1) FADP and there are no legitimate reasons for the processing, or the data subject objects to the processing pursuant to Art. 21 (2) FADP.
- Your personal data have been processed unlawfully.
- Deletion of your personal data is necessary to comply with a legal obligation under Union law or the law of the Member States to which we are subject as the data controller.
- The personal data was collected in relation to information society services offered in accordance with Art. 8 (1) GDPR.
If you wish to exercise your right to delete your personal data, you can contact one of our employees at any time.
Right to restrict processing (Art. 18 GDPR)
You have the right to demand that we restrict processing if one of the following conditions is met:
- One of the above-mentioned conditions applies and you request the restriction of personal data stored with us.
- You contest the accuracy of the personal data, and you do so for a period of time which enables us, as the responsible body, to verify the accuracy of the personal data.
- The processing is unlawful, you refuse the deletion of your personal data and instead demand the restriction of the use of your personal data.
- We no longer need the personal data for the purposes of the processing, but you need your personal data for the assertion, exercise or defence of legal claims and want, for example, to prevent deletion.
- You have lodged an objection to the processing in accordance with Art. 21 (1) GDPR and it is not yet clear whether the justified reasons given by us as the responsible body outweigh those given by you as the data subject.
If you wish to exercise your right to restrict processing, you can contact one of our employees at any time.
Right to data transferability (Art. 20 GDPR)
You have the right to receive personal data relating to you that you have provided to us in a structured, common and machine-readable format.
You also have the right to have this data communicated to another controller without hindrance by us, provided that the processing is based on the consent pursuant to Art. 6 (1) lit. a) GDPR or Art. 9 (2) lit. a) DPA or on a contract pursuant to Art. 6 (1) lit. b) DPA, and provided that the processing is carried out by means of automated procedures, unless the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
Furthermore, you have the right to data transfer in accordance with Art. 20 (1) GDPR and may request that your personal data be transferred directly from us to another responsible party without hindrance or disadvantage, insofar as this is technically feasible and provided that this does not affect the rights and freedoms of other persons.
If you wish to exercise your right to data transmission, you can contact one of our employees at any time.
Right of appeal (Art. 21 GDPR)
You have the right to object at any time, for reasons arising from your particular situation, to the processing of personal data concerning you that is carried out pursuant to Art. 6 (1) lit. e) or f) GDPR. This also applies to profiling based on these provisions.
In the event of an objection, we will no longer process your personal data unless we can demonstrate compelling reasons for processing which are worthy of protection and which outweigh your interests, rights and freedoms, or unless the processing serves to assert, exercise or defend legal claims.
If we process personal data for the purpose of direct marketing, you have the right to object at any time to the processing of your personal data for the purpose of such marketing. This also applies to profiling, insofar as it is related to such direct marketing. If you object to the processing for direct marketing purposes, we will no longer process your personal data for these purposes.
Furthermore, you have the right to object, for reasons arising from your particular situation, to the processing of personal data concerning you which is carried out by us for scientific or historical research purposes or for statistical purposes in accordance with Art. 89 (1) GDPR, unless such processing is necessary for the performance of a task carried out in the public interest.
To exercise the right of objection, you may contact one of our employees directly. You are also free to exercise your right of objection in connection with the use of information society services, notwithstanding Directive 2002/58/EC, by means of automated procedures involving technical specifications.
Right to revoke consent under data protection law (Art. 7 (3) GDPR)
You have the right to revoke your consent to the processing of your personal data at any time.
If you wish to exercise your right to revoke your consent, you can contact one of our employees at any time.
Right of appeal to the competent supervisory authority (Art. 77 GDPR)
Without prejudice to any other administrative or judicial remedy, you have the right to submit a complaint to a supervisory authority, in particular in the Member State in which you are resident or in which you work or in which the alleged infringement occurred, if you consider that the processing of personal data relating to you is being carried out in breach of this Regulation.
Integration of Vimeo videos
On our website, we integrate the videos of the platform "Vimeo" of the provider Vimeo Inc., Attention: Legal Department, 555 West 18th Street New York, New York 10011, USA.
Opt-out options for Google Analytics can be found under this link: http://tools.google.com/dlpage/gaoptout?hl=de.
You can configure Google's settings for the use of data for marketing purposes under the following link: https://adssettings.google.com/.
We are also represented on Instagram. The profile was integrated via a text link. This means that no data of the internet pages of our visitors can be read out.
PERSONAL DATA WITHIN THE APPLICATION PROCESS
If you send us an application, we process your personal data for the purpose of handling the application procedure. The processing can also be done electronically. This is particularly the case if an applicant submits the relevant application documents to us electronically, for example by e-mail or via a web form on the website. If a contract of employment is concluded with an applicant, the data transmitted will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions.
If no employment contract is concluded with the applicant, the application documents will be deleted six months after notification of the rejection decision, provided that no other legitimate interests of the controller conflict with deletion. Other legitimate interests in this sense are, for example, the storage of documents for the purpose of the duty of proof in proceedings under the General Equal Treatment Act (AGG).
General legal basis for the processing
The following legal bases, which allow us to process personal data, may apply, unless we have explicitly mentioned them in the preceding paragraphs:
- for processing operations for which we obtain consent for a specific processing purpose, the legal basis is Art. 6 (1) lit. a) GDPR.
- If the processing of personal data is necessary for the performance of a contract to which you are a party (e.g. as a buyer of products in an online shop), the legal basis for the processing is based on Art. 6 (1) lit. b) GDPR. The same applies to such processing operations that are necessary for the implementation of pre-contractual measures, for example in cases of inquiries about our products or services.
- If our company is subject to a legal obligation which makes it necessary to process personal data, for example to fulfil tax obligations, the processing is governed by Art. 6 (1) lit. c) GDPR.
- In rare cases, the processing of personal data may become necessary to protect the vital interests of the data subject or another natural person. This would be the case, for example, if a visitor to our company were to be injured and his or her name, age, health insurance details or other vital information had to be passed on to a doctor, hospital or other third party. In this case, the processing would be carried out on the basis of Art. 6 (1) lit. d) GDPR.
- Furthermore, processing operations may be necessary to safeguard a legitimate interest of our company or a third party, provided that your interests, fundamental rights and freedoms do not prevail. A legitimate interest of our company could be assumed if you, as a data subject, are our customer (see also recital 47 sentence 2 GDPR). Thus, the processing is based on Art. 6 I lit. f) GDPR. Such a legitimate interest is, for example, the continuation of our business activities for the benefit of the welfare of all our employees and our shareholders.
Duration for which the personal data are stored
The criterion for the duration of storage of personal data is the respective legal retention period. Two common regulations are listed below as examples:
- 6 years in accordance with § 257 (1) HGB (commercial books, inventories, opening balance sheets, annual financial statements, commercial letters, accounting vouchers, etc.)
- 10 years according to § 147 (1) AO (books, records, management reports, accounting vouchers, commercial and business letters, documents relevant for taxation, etc.)
After the expiry of this period, the corresponding data is routinely deleted, provided that it is no longer required for the fulfilment or initiation of the contract.
If there are no retention periods or other legal regulations governing the storage of your personal data, they will be deleted or blocked as soon as the purpose of the processing is fulfilled
Legal or contractual provisions making the personal data available; necessity for the conclusion of the contract; obligation of the data subject to provide the personal data; possible consequences of not providing the data
We would also like to inform you that the provision of personal data may be required by law (e.g. tax regulations) or may result from contractual arrangements (e.g. information on the contractual partner).
Sometimes it may be necessary for the conclusion of a contract that you, as the data subject, provide us, as the responsible party, with data that must subsequently be processed by us. For example, you are obliged to provide us with personal data if our company concludes a contract with you. Failure to provide us with personal data would mean that the contract could not be concluded with you.
Before you provide us with personal data, you must contact one of our employees. Our employee will inform you on a case-by-case basis whether the provision of personal data is required by law or contract or is necessary for the conclusion of the contract, whether there is an obligation to provide the personal data and what the consequences would be if the personal data were not provided.