Data protection
1. Definitions of Terms
Kyberg Vital GmbH’s privacy policy is based on the definitions of terms used in the European Directives and European Regulations when adopting the GDPR. Our Privacy Policy is intended to be easy to read and understand for our customers and business partners, as well as for the general public, so we explain in advance the definitions of terms as they are used below in the text of the Privacy Policy.
Personal Data is any information relating to an identified or identifiable natural person (hereinafter data subject). An identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Data subject is any identifiable or identified natural person whose personal data are processed by the controller.
Processing is any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organization, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Pseudonymization is the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that this additional information is kept separate and is subject to technical and organizational measures to ensure that the personal data is not attributed to an identified or identifiable natural person.
Controller (or person responsible for processing) is the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data.
Processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the Controller.
Third Party is a natural or legal person, public authority, agency or other body other than the data subject, the controller, the processor and the persons who are authorized to process personal data under the direct responsibility of the Controller or the Processor.
Recipient is a natural or legal person, public authority or agency or other body to which personal data are disclosed, whether or not it is a third party. However, public authorities that may receive personal data in the context of a specific investigative mandate under EU Community law or Member State law are not considered recipients.
Consent is, according to Art. 6 I P.1 a GDPR, any expression of will in the form of a declaration or other unambiguous affirmative action, given voluntarily and actively by the data subject for the specific case before the processing in an informed manner and unambiguously, by which the data subject indicates that they consent to the processing of personal data relating to them.
‘Health data’ means personal data relating to the physical or mental health of a natural person, including the provision of health care services, revealing information about their state of health.
2. Basic information
This data protection declaration informs you about which personal data is processed, i.e. collected, processed, stored and used, by Kyberg Vital GmbH within the meaning of Art. 4 No. 2 GDPR. We also inform you about your options to choose / object and about your rights as a data subject with regard to your personal data according to Art. 12 to 23 GDPR.
We have taken the necessary organizational and technically appropriate measures to protect the rights and freedoms of the data subject affected by the processing of personal data, in order to comply with the current statutory provisions, among others, on data protection pursuant to Art. 24 in conjunction with. Art. 25 GDPR, the BDSG, the BayDSG and the TMG.
3. Controller
Controller according to Art. 13 I a GDPR
Kyberg Vital GmbH
Keltenring 8
82041 Oberhaching
Represented by the managing directors:
Mr. Thomas Lix / Mr. Stephan Lix
Contact:
Tel: +49 89 – 613 809 3300
Fax: +49 89 – 613 809 3399
E-Mail: info(at)kyberg-vital.de
(see imprint)
4. Data Protection Officer (according to Art. 13 I b GDPR)
You can reach our data protection officer at datenschutz(at)kyberg.de or via our postal address with the addition ‘data protection officer’ to Kyberg Vital GmbH, Attn: Data Protection Officer, Keltenring 8, 82041 Oberhaching.
5. Your rights as a data subject under the GDPR
a) Your rights: as a data subject, you have the following rights vis-à-vis us as the controller with regard to the personal data concerning you:
aa) Right to information in the case of direct collection pursuant to Art. 13 GDPR in conjunction with. Art. 12 GDPR or in case of collection from a non-data subject pursuant to Art. 14 GDPR in conjunction with. Art. 12 GDPR
bb) Right to information Art. 15 GDPR
cc) Right to rectification Art. 16, 19 GDPR in conjunction with Art. 12 GDPR or deletion Art. 17, 19 GDPR in conjunction with. Art. 12 GDPR
dd) Right to restriction of processing Art. 18 GDPR in conjunction with Art. 12 GDPR.
ee) Right to object to processing Art. 21, 22 DS-GVO in conjunction with Art. 12 GDPR.
ff) Right to data portability Art. 20 GDPR in conjunction with Art. 12 GDPR.
b) Information, correction, blocking, deletion: We process personal data in accordance with the currently applicable national and community laws and legal requirements, in particular in compliance with Art. 6 I GDPR in conjunction with Art. 9 II GDPR and Art. 9 II GDPR. Art. 9 II GDPR and taking into account the transparency requirement from Art. 5 I GDPR and your rights from Art. 12 ff GDPR.
The personal data of the data subject will be deleted or blocked as soon as the purpose of storage ceases to apply. Storage may also take place if this has been provided for by the European or national legislator in Union regulations, laws or other regulations to which we are subject as the responsible party/controller. Data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or performance of a contract. We are required by commercial and tax law to store your address, payment and order data for a period of ten years. The legal basis for this is Art. 6 I P.1 lit. c GDPR. If you give us your consent pursuant to Art. 6 I P. 1 lit. a GDPR in connection with Art. 4 No. 1 GDPR, we may also inform you by e-mail about other interesting products and offers from our range of products and services.
At your request as a data subject, Kyberg Vital GmbH will inform you at any time and free of charge about your stored personal data in accordance with Art. 13f to 22 GDPR in conjunction with Art. 12 GDPR and inform you in accordance with Art. 15 GDPR about the processing, the origin, the recipient and the purpose of the data processing, restrict the processing of the personal data free of charge, correct, delete, block and/or transfer the data. Please contact the data protection officer with your request: datenschutz(at)kyberg.de or via our postal address with the addition of ‘data protection officer’ to Kyberg Vital GmbH, Attn: Data Protection Officer, Keltenring 8, 82041 Oberhaching.
c) Complaint: You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us.
You can reach the supervisory authority responsible for us at:
Bavarian State Office for Data Protection Supervision
represented by the President
Home address: Promenade 27, 91522 Ansbach
Postal address: P.O. Box 606, 91511 Ansbach
Online: https://www.lda.bayern.de/de/beschwerde.html
6. Objection to or revocation of the processing of your data
a) If you have given your consent to the processing of your data pursuant to Art.6 I 1 a GDPR,
you can revoke this at any time free of charge and without reasons. This also applies to consent that you gave us before the GDPR came into force. Your revocation will only take effect for the future. It does not affect the lawfulness of the data processing until the revocation.
Please contact the data protection officer with your request in this regard by mail to: datenschutz(at)kyberg.de or via our postal address with the addition ‘Data Protection Officer’ to Kyberg Vital GmbH, Attn: Data Protection Officer, Keltenring 8, 82041 Oberhaching.
b) Insofar as we base the processing of your personal data on the balance of interests pursuant to Art. 6 I1f GDPR, the processing is not directly necessary for the performance of a contract with you. However, in this case, the processing is based on a legitimate interest of ours or a third party. We disclosed this legitimate interest in the processing of the data to you when collecting the data and informed you of this. As a data subject, you can object to the processing at any time. Your objection to the processing of your personal data is justified if your interest in not having the processing carried out in accordance with Art. 21 I GDPR outweighs our interest in processing your data. In order to be able to carry out this balancing of interests, it is necessary that you explain to us your reasons for the objection in the objection, i.e. describe your interests or your fundamental rights or freedoms which you as the data subject consider to be violated by the processing. By stating the grounds for your objection, you facilitate our balancing of interests.
In the event of your justified objection, we will cease or adjust data processing in accordance with the facts of the case and, if necessary, delete stored data. Please contact the data protection officer with your request at: datenschutz(at)kyberg.de or via our postal address with the addition ‘Data Protection Officer’ to Kyberg Vital GmbH, Attn: Data Protection Officer, Keltenring 8, 82041 Oberhaching.
c) We use your personal data for advertising purposes and for data analyses,
insofar as we are permitted to do so under the GDPR, primarily under Art. 6 I P.1a, b or f GDPR. Of course, you can object to the processing of your personal data for purposes of advertising and data analysis in accordance with Art. 21 II in conjunction with IV GDPR at any time and, if consent has been given, revoke it. You can reach our data protection officer at: datenschutz(at)kyberg.de or via our postal address with the addition of ‘Data Protection Officer’ to Kyberg Vital GmbH, Attn: Data Protection Officer, Keltenring 8, 82041 Oberhaching.
d) Further information on the objection
aa)Objection for the individual case
As a data subject, you have the right to object to the processing of your personal data at any time for reasons arising from your specific situation, unless the data processing is carried out in accordance with Art. 6 I S.1 e GDPR (public interest) and/or Art. 6 I S.1 f GDPR (balancing of interests).
If you object, your personal data will no longer be processed as of the objection, unless there are compelling legitimate grounds for the data processing that override your interests, rights and fundamental freedoms or if the data processing serves to assert, exercise or defend our legal claims.
bb) Objection to direct marketing
In individual cases, we process your personal data to conduct direct marketing. You have the right to object to this data processing at any time. In the event that you object to data processing for the purpose of direct advertising, we will no longer process your personal data for this purpose. Please contact the data protection officer with your request in this regard at: datenschutz(at)kyberg.de or via our postal address with the addition ‘Data Protection Officer’ to Kyberg Vital GmbH, Attn: Data Protection Officer, Keltenring 8, 82041 Oberhaching.
7. Access to personal data by employees
At Kyberg Vital GmbH, only those employees have access to your data who need this in order to fulfill contractual obligations or due to a legal obligation. The employees are bound to secrecy.
8. Data transfer or access by third parties
a) Service providers
Within the scope of our activities, we are also dependent on external help, such as IT service providers for the provision and maintenance of our hardware and software, printing service providers, debt collection or other service personnel. In the course of this involvement, our external service providers may also become aware of personal data, which is why we oblige our external service providers to maintain confidentiality and data secrecy and limit their access to personal data to a minimum. In doing so, we also state the specified criteria for the storage period. The service providers have been carefully selected and commissioned by us, are bound by our instructions and are regularly monitored. Other data recipients may be those entities for which you have given us express consent to transfer data at the time of data collection in accordance with Art. 13, 14 GDPR or to which we are authorized to transfer personal data on the basis of a balancing of interests.
b) Processing of payment transactions and data transfer to Kyberg Pharma Vertriebs-GmbH
Kyberg Vital GmbH has assigned the processing of payments to Kyberg Pharma Vertriebs-GmbH, Keltenring 8, 82041 Oberhaching (https://www.kyberg-pharma.de/index.php/impressum.html). Kyberg Pharma Vertriebs-GmbH processes the data transferred by Kyberg Vital GmbH within the framework of the specifications of the contract for order processing with Kyberg Vital GmbH. The data protection declaration of Kyberg Pharma Vertriebs-GmbH (https://www.kyberg-pharma.de/index.php/datenschutz.html) regulates the processing of data in accordance with these specifications from the contract on order processing with Kyberg Vital GmbH.
In the form for issuing the basic SEPA direct debit, Kyberg Vital GmbH informs the data subject of his/her rights and that Kyberg Pharma Vertriebs-GmbH collects the receivables on behalf of Kyberg Vital GmbH as part of order processing. With the issuance of the basic SEPA direct debit by the data subject, Kyberg Pharma Vertriebs-GmbH is authorized to process the data. A transfer of the personal data of the data subject to third parties by Kyberg Pharma Vertriebs-GmbH will only take place if this is necessary for payment processing, e.g. transfer of customer data to the house bank or, if applicable, a collection agency. The processing of the data is based on Art. 6 I P. 1 a, b or f GDPR. The storage of customer data is only carried out as long as it is legally required according to Art. 17 III GDPR.
9. Collection of personal data
a) Contact by you
When you contact us by fax, by mail, by e-mail or via a contact form on our website, the data you provide (your e-mail address, your name and your telephone number, if applicable) will be processed by us in accordance with Art. 6 I P.1 b GDPR in order to answer your questions. We delete the data accruing in this context after the processing is no longer necessary or restrict the processing if there are legal obligations to retain data.
The input into the contact form and the transmission to us is done via SSL encryption to protect confidential data. You can recognize an encrypted connection by the fact that the address line of the browser shows ‘https://’ and by the lock symbol in the browser line. As long as the encrypted connection exists, your information cannot be read by third parties.
b) We publish job advertisements with contact addresses on our website
. In this way, you can apply to us for a specific job advertisement, submit a speculative application or have yourself included in our pool of applicants. You can revoke the consent you have given us to use your data in the application process or for inclusion in the applicant pool at any time by sending an email to personalabteilung(at)kyberg.de . In this case, your application data will be deleted immediately, unless it is required for the fulfillment of a contract or pre-contractual measures.
10. Collection of personal data when you visit our website
a) Log files
When you visit/use our website purely for information purposes, i.e. if you do not register or otherwise transmit information to us (e.g. contact form, e-mail), we only collect the personal data that your browser transmits to our server. If you view our website for informational purposes, we collect the following data pursuant to Art. 6 I1 f GDPR, which is technically necessary for us to display our website to you and to ensure stability and security:
aa) IP address
bb) date and time of the request
cc) time zone difference to Greenwich Mean Time (GMT)
dd) content of the request (concrete page)
ee) access status/HTTP status code
ff) amount of data transferred in each case
gg) Website from which the request comes
hh) Browser
ii) Operating system and its interface
jj) Language and version of the browser software
This data is not merged with other data sources. The log data is deleted after 7 days.
b) Cookies
In addition to the above-mentioned data, cookies are stored on your computer when you use our website in accordance with Art. 6 I P1. f GDPR or Art. 6 I S. 1 b GDPR. Cookies are small text files that are stored on your hard drive assigned to the browser you are using and through which the body that sets the cookie (in this case us) receives certain information. Cookies cannot execute programs or transfer viruses to your computer and do not cause any damage. They are used to make the website as a whole more user-friendly and effective. Our website uses functional session cookies, which are automatically deleted after you close the browser or log out. Session cookies store a so-called session ID, with which various requests of your browser can be assigned to the common session. This allows your computer to be recognized when you return to our website. You can configure your browser settings according to your preferences and, for example, refuse to accept third-party cookies or all cookies. However, you may then not be able to use all the functions of this website.
11. Data collection through additional functions and offers on our homepage
If you visit our website not only for information purposes, but also want to use additional functions and offers on it, such as the specialist group login (academy) or subscribe to the newsletter, you must provide additional personal data beyond points 9 and 10 so that we can offer you our extended functions and offers. If we require further personal data from you, the fields for mandatory data are marked with an asterisk. All other fields are voluntary information from you, which is not necessary to use the functions and offers provided by us. We collect the mandatory data in accordance with Art. 6 I P.1 b, a or f GDPR.
a) Use of our specialist group login (academy) and specialist group portal
aa) If you wish to use our specialist group login (academy), you must register by providing your email address, telephone number, a password of your choice, name, address and your freely selectable user name and proof that you belong to the medical specialist group. The provision of the aforementioned data is mandatory; you can provide all other information voluntarily by using our specialist group portal.
We use the so-called double-opt-in procedure for registration (login), i.e. your registration is only completed once you have confirmed your registration by clicking on the link contained in a confirmation email sent to you for this purpose and we have positively verified your membership of the medical community. Only then you will be approved for the use of the portal. There is no legal claim for the approval to the medical circle portal.
bb) If you use our specialist group portal, we store the personal data required for your use of our specialist group portal in accordance with Art. 6 I P.1 b GDPR or Art. 6 P.1 I f GDPR until you finally delete your access and thus cease to use the portal. We also store the voluntary data you provide for the duration of your use of the portal, insofar as these have not previously been deleted by you or us pursuant to Art. 17 GDPR. You can manage and change all information in the protected portal area.
cc) Insofar as you have given us consent pursuant to Art. 6 I P. 1 lit. a GDPR for the collection of data, we may also inform you about other interesting products, offers from our range of products and services on the communication channel specified by you. The legal basis for this is Art. 6 I S.1 lit a GDPR, Art. 4 No. 1 GDPR. You can revoke this consent at any time with effect for the future. To do so, please contact the data protection officer: datenschutz(at)kyberg.de or via our postal address with the addition ‘data protection officer’ to Kyberg Vital GmbH, Attn: Data Protection Officer, Keltenring 8, 82041 Oberhaching.
dd) To prevent unauthorized access to your personal data by third parties, this site uses SSL encryption already at log-in to protect confidential data.
You can recognize an encrypted connection by the fact that the address bar of the browser shows ‘https://’ and by the lock symbol in the browser bar. As long as the encrypted connection exists, your information cannot be read by third parties.
ee) If you receive a rejection to our specialist group portal, your data will be automatically deleted.
b) Newsletter
aa) With your consent according to Art. 6 I S.1 lit. a GDPR, you can subscribe to our newsletter, with which we inform you about our current interesting offers, our service portfolio and news. We have selected the service provider CleverReach to handle the order and subscription of our newsletter. If you subscribe to newsletters, CleverReach will necessarily store your registration data to ensure data protection compliant delivery. For the analysis of the usage behavior of our newsletter, cookies are set by CleverReach based on your consent. The legal basis is Art. 6 para. 1 lit. a GDPR.
bb) The only mandatory information for sending the newsletter is your email address. There is no requirement to use a real name. The provision of further data in the fields not marked as mandatory is voluntary. For the registration to our newsletter we use the so-called double opt-in procedure, i.e. after your registration we will send you an email to the email address given in the registration, in which we ask you to confirm that you wish to receive the newsletter. If you do not confirm your registration by clicking on the link in the confirmation email, your information will be blocked and deleted after an appropriate period of time. In addition, we store in each case your IP addresses used and times of registration and confirmation. The purpose of this procedure is to enable us to prove your registration and consent in accordance with Art. 6 I p. 1 lit. a GDPR, Art. 16 I ePrivacy-VO-E, Art. 95 GDPR and, if necessary, to clarify a possible misuse of your personal data.
cc) You can revoke your consent to the sending of the newsletter at any time in accordance with Art. 7 III GDPR and unsubscribe from the newsletter. You can revoke by clicking on the link provided in the newsletter, by email to: datenschutz(at)kyberg.de or via our postal address with the addition ‘Data Protection Officer’ to Kyberg Vital GmbH, Attn: Data Protection Officer, Keltenring 8, 82041 Oberhaching.
c) Doc-Check
On our website, we also provide you with the option of logging in to Doc-Check using your Doc-Check access data. This is a link and redirection to Doc-Check. You enter your access data on the Doc-Check website. Doc-Check collects log data (IP address, access date, access time, referrer URL, information about hardware and software used, such as browser characteristics, device information such as resolution). This data is not used to draw conclusions about your usage, but only to grant you the function of the site. More detailed information is available at http://info.doccheck.com/de/privacy/
d) Amazon
On our website, we present you with topic-related literature and also a purchase option at Amazon. We would like to point out that this is also a redirect to a third-party website and that you are not purchasing any Kyberg Vital GmbH products here. You enter your access data and other data on the website of the source of supply. Kyberg Vital GmbH has no contractual relationship with this source of supply. Kyberg Vital GmbH does not evaluate other possible sources of supply either directly or indirectly.
c) We collect and process your personal data only to the extent necessary for the use of the mobile app on your mobile device.
When using the mobile app, the following personal data is collected (IP address, date and time of the request, time zone difference (GMT), content of the request and the website from which the request comes, access status/http, amount of data transferred, browser, operating system and the interface, language and version of the browser software). This is done for reasons of functional security and stability of the system in accordance with Art. 6 I P. 1 f GDPR. In addition, we record the device identification, unique number of the terminal (IMEI), unique number of the network subscriber (IMSI), mobile phone number (MSISDN), MAC address for WLAN use, name of your mobile terminal, email address).
13. Google Analytics
a) If you have given your consent, Google Analytics, a web analytics service provided by Google LLC, is used on this website. The responsible service provider in the EU is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). The legal basis for this data processing is your consent (Art. 6 I P. 1 a GDPR), which you can revoke at any time with effect for the future.
b) The IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google.
c) You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
d) This website uses Google Analytics with the extension ‘_anonymizeIp()’. The IP addresses are therby processed shortened, a personal reference can thus be excluded and thus personal data is deleted immediately.
e) We use Google Analytics to analyze and regularly improve the use of our website. The statistics obtained enable us to improve our offer and make it more interesting for you as a user. For the exceptional cases in which personal data is transferred to the USA, Google has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework. The legal basis for the use of Google Analytics is Art. 6 para. 1 P. 1 lit. f GDPR.
f) Third-party provider information:
Google Dublin, Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001.
User terms and conditions: http://www.google.com/analytics/terms/de.html
Overview of data protection: http://www.google.com/intl/de/analytics/learn/privacy.html
Privacy policy: http://www.google.de/intl/de/policies/privacy.
g) This website also uses Google Analytics for cross-device analysis of visitor flows, which is performed via a user ID. You can deactivate the cross-device analysis of your usage in your customer account under ‘My Data’, ‘Personal Data’.
14. Google AdWords
a) We use the offer of Google Adwords, to draw attention to our attractive offers with the help of advertising media (so-called Google Adwords) on external websites. We can determine how successful the individual advertising measures are in relation to the data of the advertising campaigns. In this way, we pursue the interest of displaying advertising that is of interest to you, making our website more interesting for you and achieving a fair calculation of advertising costs.
b) These advertising materials are delivered by Google via so-called ‘ad servers’. For this purpose, we use ad server cookies, through which certain parameters for measuring success, such as display of the ads or clicks by users, can be measured. If you access our website via a Google ad, Google Adwords will store a cookie on your PC. These cookies usually lose their validity after 30 days and are not intended to identify you personally. The unique cookie ID, number of ad impressions per placement (frequency), last impression (relevant for post-view conversions) and opt-out information (marking that the user no longer wishes to be addressed) are usually stored as analysis values for this cookie.
c) These cookies enable Google to recognize your Internet browser. If a user visits certain pages of the website of an Adwords customer and the cookie stored on their computer has not yet expired, Google and the customer can recognize that the user clicked on the ad and was redirected to this page. A different cookie is assigned to each Adwords customer. Cookies can therefore not be tracked via the website of Adwords customers. We ourselves do not collect and process any personal data in the aforementioned advertising measures. We only receive statistical evaluations from Google. Based on these evaluations, we can see which of the advertising measures used are particularly effective. We do not receive any further data from the use of the advertising media; in particular, we cannot identify users on the basis of this information.
d) Due to the marketing tools used, your browser automatically establishes a direct connection with the Google server.
We have no influence on the scope and further use of the data collected by Google through the use of this tool and therefore inform you according to our state of knowledge: Through the integration of AdWords Conversion, Google receives the information that you have called up the corresponding part of our website or clicked on an ad from us. If you are registered with a Google service, Google can assign the visit to your account. Even if you are not registered with Google or have not logged in, there is a possibility that the provider may obtain and store your IP address.
e) You can prevent participation in this tracking process in various ways:
aa) by adjusting your browser software settings accordingly, in particular the suppression of third-party cookies will result in you not receiving ads from third-party providers;
bb) by deactivating cookies for conversion tracking by setting your browser to block cookies from the domain ‘www.googleadservices.com’, https://www.google.de/settings/ads, whereby this setting is deleted when you delete your cookies;
cc) by deactivating the interest-based ads of the providers that are part of the self-regulatory campaign ‘About Ads’ via the link http://www.aboutads.info/choices, with this setting being deleted when you delete your cookies;
dd) by permanently deactivating them in your Firefox, Internetexplorer or Google Chrome browsers via the link http://www.google.com/settings/ads/plugin. We would like to point out that in this case you may not be able to use all functions of this offer to their full extent.
f) The legal basis for the processing of your data is Art. 6 para. 1 P. 1 lit. f GDPR.
Further information on data protection at Google can be found here:
http://www.google.com/intl/de/policies/privacy
https://services.google.com/sitestats/de.html.
Alternatively, you can visit the Network Advertising Initiative (NAI) website at http://www.networkadvertising.org .
Google has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
15. Social media plug-ins
a) We currently use the following social media plug-ins:
Facebook, Twitter, Xing. We use the so-called two-click solution. This means that when you visit our website, no personal data is initially passed on to the providers of the plug-ins. You can recognize the provider of the plug-in by the check mark on the box with the initial letter or logo. You can communicate directly with the provider of the plug-in via the button. Only if you click on the marked box and thereby activate it, the plug-in provider receives the information that you have called up the corresponding website of our online offer. In addition, the data mentioned under c) are transmitted. In the case of Facebook and Xing, according to the respective providers in Germany, the IP address is anonymized immediately after collection. By activating the plug-in, personal data is therefore transmitted from you to the respective plug-in provider and stored there (in the case of US providers, in the USA). Since the plug-in provider collects the data in particular via cookies, we recommend that you delete all cookies via your browser’s security settings before clicking on the grayed-out box.
b) We have no influence on the data collected and data processing operations by the plug-in provider, nor are we aware of the full extent of the data collection, the purposes of the processing, the storage periods and the deletion modalities of the plug-in provider.
c) The plug-in provider stores the data collected about you as usage profiles and uses them for purposes of advertising, market research and/or demand-oriented design of its website. Such an evaluation is carried out in particular (also for users who are not logged in) for the display of needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact the respective plug-in provider to exercise this right. Via the plug-ins, we offer you the opportunity to interact with the social networks and other users so that we can improve our offer and make it more interesting for you as a user. The legal basis for the use of the plug-ins is Art. 6 para. 1 P. 1 lit. f GDPR.
d) Data processing at the plug-in provider takes place regardless of whether you have an account with the plug-in provider and are logged in there. If you are logged in to the plug-in provider, your data collected from us will be directly assigned to your account with the plug-in provider. If you click the activated button and link to the page, for example, the plug-in provider also saves this information in your user account and shares it publicly with your contacts. We recommend that you log out regularly after using a social network, but especially before activating the button. In this way, you can avoid an assignment to your profile with the plug-in provider.
e) For further information on the purpose and scope of data collection and processing by the plug-in provider, please refer to the data protection declarations of these providers provided below. There you will also receive further information on your rights in this regard and setting options for protecting your privacy.
f) Addresses of the plug-in providers and the URL with their privacy notices can be found below:
aa) Facebook
Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA; http://www.facebook.com/policy.php
further information on data collection:
http://www.facebook.com/help/186325668085084
http://www.facebook.com/about/privacy/your-info-on-other#applications
http://www.facebook.com/about/privacy/your-info#everyoneinfo
Facebook has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework
bb) Twitter
Twitter, Inc, 1355 Market St, Suite 900, San Francisco, California 94103, USA; https://twitter.com/privacy
Twitter has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework
cc) Xing
Xing AG, Gänsemarkt 43, 20354 Hamburg, DE;
https://privacy.xing.com/de/datenschutzerklaerung
16. Third Party Websites
Our website contains hyperlinks to and from third party websites. The linked sites were checked by Kyberg Vital GmbH for possible legal violations at the time of linking. Illegal content was not identifiable at the time of linking.
Kyberg Vital GmbH has no influence on the content, design and data protection conditions of these third-party websites and assumes no guarantee or responsibility for the correctness of the content on these sites.
Kyberg Vital GmbH cannot permanently monitor the linked pages and cannot reasonably be expected to do so without concrete evidence of a violation of the law. If Kyberg Vital GmbH becomes aware of any infringements of the law on or by these third-party websites, Kyberg Vital GmbH will remove these links immediately. Liability is possible at the earliest from the point in time at which a concrete infringement of the law becomes known.