Thank you for visiting our websites. Below you will find information about how we handle your data, in accordance with Art. 12-14 of the General Data Protection Regulation (GDPR).
The data controller for the data processing described below is OD-OS GmbH.
Address: Warthestraße 21, 14513 Teltow, Germany
Telephone number: 03328 31282100
Email address: firstname.lastname@example.org
When you visit our websites, so-called usage data are stored temporarily on our web server as a log for statistical purposes, in order to improve the quality of our websites. This data set consists of
- the page from which the file was requested
- the name of the file
- the date and time of the request
- the data volume transferred
- the access status (file transferred, file not found)
- a description of the type of web browser used
- the IP address of the requesting computer, truncated in such a way that no connection can be made with an individual.
The specified log data are stored in anonymized form.
Usercentrics Consent Management Platform
The data processing takes place for the purpose of complying with legal obligations and for storing the preferences of the users, including the consent and is based on Article 6 Article 6(1) sentence 1 point c) GDPR.
The following data is collected through the use of the service:
• Device information
• Browser information
• Anonymized IP address
• Opt-in and opt-out dates
• Date and time of the visit
• Request URLs of the website
• Page path of the website
• Geographical location
The place of processing is the European Union (consent database is located in Belgium).
The consent data (consent and revocation of consent) are stored for three years. The data will then be deleted immediately or, on request, passed on to the responsible person in the form of a data export.
We have concluded a data processing agreement with Usercentrics in accordance with Art. 28 GDPR. Further information on the processing of your data can be found in the Usercentrics data protection declaration at: usercentrics.com/privacy-policy/
We use the web analysis tool "Google Analytics" to design our websites according to your needs. Google Analytics creates user profiles based on pseudonyms. For this purpose, permanent cookies are stored on your end device and accessed out by us. In this way we are able to recognize and measure returning visitors.
The Google Analytics tool is provided by Google Ireland Limited and Google LLC. (USA) („Google“) who support us as data processors according to Art. 28 GDPR. The data processing can therefore also take place outside the EU or EEA. With regard to Google LLC (USA), no adequate level of data protection can be assumed due to the processing in the USA. There is a risk that authorities may access the data for security and surveillance purposes without you being informed or having the right to appeal.
Please take this into account if you decide to give your consent to our use of Google Analytics. We have also concluded standard contractual clauses with Google in accordance with Article 46 (2) (c) GDPR.
The legal basis for this data processing is your consent if you have given your consent via our consent banner according to Art. 6(1) sentence 1 point a), § 25 (1) TTDSG.
You can withdraw your consent at any time. Please click on cookie settings and make the appropriate settings via our cookie banner.
We use the Google reCaptcha service to establish whether a specific input on our contact form has been made by a person or a computer. Google checks by means of the following data whether you are a person or a computer: IP address of the end device used, the page of our website that you are visiting and into which reCaptcha is integrated, the date and duration of your visit, the recognition data for the browser and operating system used, your Google account if you are logged into Google, the mouse movements over the reCaptcha areas in which you have to identify images. The legal basis for the data processing described is Art. 6(1) point (f) of the General Data Protection Regulation We have an interest in ensuring the security of our websites.
You have the option to make contact with us by electronic mail, on the telephone or via our contact form if you have a question about navigated laser therapy. We need your email address and your message to be able to answer your inquiry. We use your title, your first name and surname to address you personally. The data about you is processed only to reply to your inquiry. The legal basis for the data processing is Art. 6(1) point (f) GDPR. We have a legitimate interest in making contact with the users of our website, in answering any questions posed and in sending out information. We usually delete your inquiry as soon as it has been answered and provided that its erasure does not contravene any statutory retention periods. If your inquiry relates to the area of activity of OD-OS Inc. or the OD-OS partners, we will be happy to pass your inquiry on to the relevant recipient. We require your consent for this (Art. 6(1) sentence 1 point a) GDPR).
Commissioned data processors
We transfer your data in the context of commissioned data processing pursuant to Art. 28 GDPR to service providers who support us in operating our website and the associated processes. Our service providers are strictly bound by our instructions and are under corresponding contractual obligations.
In some cases, we also transfer personal data to third countries outside the EU in this context. In doing so, we always ensure that there is an appropriate level of data protection:
We conclude the standard contractual clauses with service providers in third countries. These provide suitable guarantees for the protection of your data with service providers in third countries. You can request a copy of this data protection agreement using the contact details given above.
We take technical and organizational steps to protect your data as fully as possible against unauthorized access. We use an encryption process on our pages. Your details are transmitted from your computer to our server and vice versa
over the internet using TLS encryption. You can recognize this by the fact that the lock symbol on the status bar of your browser is closed and the address line begins with http://https://.
Your rights as a user
When your personal data is processed, the GDPR gives you certain rights as the user of a website:
1. Right to information (Art. 15 GDPR):
You have the right to obtain confirmation as to whether or not personal data concerning you are being processed; and, where that is the case, you have the right to information about those personal data and to the information listed specifically in Art. 15 GDPR.
2. Right to rectification and erasure (Art. 16 and 17 GDPR):
You have the right to demand immediate rectification of incorrect personal data about you and, where appropriate, completion of incomplete personal data.
You have the right to demand that personal data about you are erased immediately if one of the grounds listed specifically in Art. 17 GDPR applies, e.g. if data are no longer required for the stated purpose.
3. Right to restriction of processing (Art. 18 GDPR):
You have the right to demand restriction of processing if one of the conditions specified in Art. 18 GDPR is met, e.g. if you have objected to processing in accordance with Art. 21 GDPR or for the duration of any period in which the precedence of our legitimate interests over your interests as the data subject is being verified.
4. Right to data portability (Art. 20 GDPR):
In certain cases that are listed specifically in Art. 20 GDPR, you have the right to receive personal data about you in a structured, commonly used and machine readable format or to demand transmission of those data to a third party.
5. Right to withdraw consent (Art. 7(3) GDPR):
If you have given us your consent, you may withdraw it at any time. In withdrawing your consent, the lawfulness of the processing carried out up to the point of withdrawal is not affected.
6. Right to object (Art. 21 GDPR):
If data are collected on the basis of Art. 6(1) sentence 1 point (f) GDPR (data processing to protect legitimate interests), you have the right to object to processing at any time for reasons resulting from your particular situation. We will then no longer process the personal data unless there are demonstrable, compelling, legitimate reasons for processing that override your interests, rights and freedoms, or if the purpose of processing is to assert, exercise or defend against legal claims.
7. Right to lodge a complaint with a supervisory body
Pursuant to Art. 77 GDPR, you have the right to lodge a complaint with a supervisory body if you believe that processing of the data about you breaches the provisions of data protection law. The right to lodge a complaint may be exercised, in particular, with a supervisory authority in the Member State of your place of residence, place of work or the location of the alleged breach.
Contact details of the Data Protection Officer
Our Data Protection Officer will be happy to provide you with information and suggestions on the topic of data protection:
datenschutz nord GmbH