Information on the data processing carried out for this website as per art. 13 EU General Data Protection Regulation (GDPR) on the collection of personal data from data subjects.
FormMed HealthCare AG is the controller of this website. As the provider of a teleservice, at the beginning of your visit, it has to inform you of the type, extent and purpose of the collection and use of personal data in a transparent, comprehensible and easily accessible form, using clear, simple language. This content must always be available to you.
We give great importance to the security of your data and compliance with data protection regulations. The processing of personal data is subject to the provisions of the current European and national legislation.
With the below data protection regulation, we want to show you how we handle your personal data and how you can get in touch with us:
FormMed HealthCare AG
Schönberger Weg 13
60488 Frankfurt am Main
Commercial registry No.: HRB 89952
Board: Dr. med. Martin Lemperle, Jan Moch
Telephone: +49 (0)69 / 76805698-22
Our data protection officer:
Alissa Lenz / Sven Lenz
Datenschutzkanzlei Lenz GmbH & Co. KG
For data protection questions or additional data protection requests, you can send an email to the following address: email@example.com
This data protection declaration has been written, as far as possible, using gender-neutral language. For definitions of the terms “personal data” and “processing”, see art. 4 GDPR.
The personal data processed by this website include
- Basic data (e.g. customer names and addresses),
- Contractual data (e.g. services used, payment information),
- User data (e.g. pages visited on our website) and
- Content data (e.g. entries in online forms).
Data protection information
We guarantee that we will only process the data you provide in connection with handling your queries, for internal purposes or to render or provide the services and content you have requested.
Legal basis of data processing
We only process your personal data in compliance with the relevant data protection provisions. The legal reasons are:
- To render our contractual services
- Processing is a legal requirement
- You have given consent electronically (e.g. by subscribing to the newsletter)
- To exercise our legitimate interest
We will be happy to show you where the above legal principles are set out.
Processing in order to render our services and implement contractual measures:
Art. 6 para. 1 b) GDPR
Processing to fulfill our legal obligations:
Art. 6 para. 1 c) GDPR
Art. 6 para. 1 a) and art. 7 GDPR
Processing to exercise our legitimate interest:
Art. 6 para. 1 f) GDPR
Data transfer to third parties
We are obliged to make it known that data transfer to third parties does take place.
Transfer of your data to third parties only takes place within the framework of the legal regulations in force. We only transfer your data if this is necessary for contractual purposes or on the basis of legitimate interests in the economic and effective continuation of our business operations.
If we use subcontractors to provide our services, we take suitable legal precautions and implement technical and organizational measures to ensure the protection of personal data in accordance with the legal regulations.
Data transfer to third countries or international organizations
Third countries are those where the GDPR is not directly applicable. This fundamentally covers all countries outside the EU and European Economic Area.
No data transfer takes place to third countries or international organizations without a legal reason being given.
Duration of storage of your personal data
We stand by the principles of data avoidance and data minimization. This means we only store your data for the length of time necessary to achieve the purposes described here or in accordance with the retention limits set out by the legislature. If the purpose is no longer valid, your data will be restricted or deleted in accordance with the legal provisions.
To this end, we have created an internal concept to make sure this happens.
Means of contact
If you get in touch with us via the website, you consent to electronic communication. During electronic contact with us, your personal data will be processed. The information you give will only be used in order to process your request and stored only for potential subsequent queries.
We are happy to inform you of the legal basis for this:
- processing in order to render our services and implement contractual measures as per art. 6 para. 1 b) GDPR
We draw attention to the fact that emails in transit can be read or altered by unauthorized persons. We would also like to draw your attention to the fact that we use software to filter out undesired emails (spam filter). The spam filter may mean emails are rejected if incorrectly identified as spam.
What are your rights?
a) Right of access
You have the right to information about the data stored relating to you. On request, we will tell you in writing which of your personal data we have stored. This will also include the origin and recipients of your data and the purpose of the data processing.
b) Right to rectification
You have the right to correct any incorrect data we hold about you. Here, you can also demand restriction of processing, say, if you challenge the correctness of your personal data.
c) Right to restriction of processing
You can also have your data restricted. So the data restriction is respected, the data must be held in a locked file for control purposes.
d) Right to erasure
You can request the erasure of your personal data if there is no legal reason for it to be retained. If such an obligation exists, we will restrict your data on request. If suitable legal conditions are in place, we will delete your data without your requesting it.
e) Right to data portability
You are entitled to request us to send you the personal data you have provided to us in a format that allows its transfer to a different location.
f) Right to complain to a regulatory authority
You have the option to send a complaint to a responsible data protection authority.
The Data Protection and Freedom of Information Officer for the State of Hessen is:
Telephone: +49 (0)611 / 1408-0
Fax: +49 (0)611 / 1408-900
You can open the complaints form at the following link: datenschutz.hessen.de/service/beschwerde
Note: a complaint can be sent to any data protection authority within the EU.
g) Right to object
You have the right at any time to object to the processing of your data as per art. 6 para. 1 (e, f) GDPR for reasons relating to your personal situation; this also applies to profiling based on these provisions.
FormMed HealthCare AG will then not process your personal data any further, unless it can demonstrate compelling legally protected reasons for this processing that override your own, or if processing serves the establishment, exercise or defense of legal claims.
If your personal data are processed for the purposes of direct marketing, you have the right at any time to object to the processing of your personal data for such purposes; this also goes for profiling, inasmuch as it is connected to direct marketing. In the case of such an objection, we will no longer use your personal data for the purpose of direct advertising. Here, it is enough to send us an email in this regard.
h) Right to revocation
You have right at any time to withdraw consent you have given to the processing of your data with future effect and without giving reasons. By revocation, you incur no disadvantage. Here, it is enough to send us an email in this regard.
Such revocation does not affect the legality of any processing that took place on the basis of art. 6 para. 1 a) GDPR before it was issued.
To exercise your rights as a data subject, send an email to the following address: firstname.lastname@example.org
Protection of your personal data
We take the most up-to-date contractual, technical and organizational safety measures to ensure that data protection laws are complied with and thus to protect data against accidental or intentional tampering, loss, destruction or unauthorized access.
Our security measures include, in particular, the encrypted transfer of data between your browser and our server. To this end we use 256-bit SSL (AES 256) encryption.
In this, your personal data are protected in the following aspects (excerpt):
a) Guaranteeing the confidentiality of your personal data
To guarantee the confidentiality of your personal data which we store, we have taken numerous access control measures.
b) Guaranteeing the integrity of your personal data
To guarantee the integrity of your personal data which we store, we have taken numerous transfer and input control measures.
c) Guaranteeing the availability of your personal data
To guarantee the availability of your personal data which we store, we have taken numerous order and availability control measures.
The security measures we use are constantly being improved to match technological developments. Despite these precautionary measures, because of the insecure nature of the internet, we cannot guarantee the security of the data you transfer to our website. Because of this, any data transfer to our website by you takes place at your own risk.
Data collection, third-party modules and analysis tools
Server log files
The provider of the pages collects and automatically stores information in so-called “server log files”, transmitted automatically to us by your browser. These include:
- browser type and version
- operating system used
- referrer URL
- host name of the computer making access
- time of server request
- IP address
No collation of these data with other sources is carried out.
The basis for this data processing is our legitimate interest as per art. 6 para. 1 f) GDPR.
Cookies are small text files stored locally in the temporary storage of your internet browser. These cookies allow, say, your browser to be recognized again. The files are used to help the browser navigate through the website and make use of all functions to the fullest extent.
Cookies required for the execution of electronic communications processes or to provide certain functions desired by you (e.g. basket function) are stored on the basis of art. 6 para. 1 f) GDPR. The website operator has a legitimate interest in the storage of cookies for the technically flawless and optimized provision of services. If other cookies (e.g. cookies to analyze your surfing behavior) are stored, these will be specially treated in this data protection declaration.
Accordingly, we can store cookies on your device if these are absolutely necessary for the operation of our website. For all other cookie types, we require your consent.
Our website uses various types of cookies. Some cookies are placed by third parties who provide content to our sites.
You can alter or revoke your consent at any time on our website.
Please enter your consent ID and the date if you wish to contact us regarding your consent.
Your consent applies to the following domains: www.formmed.de
Your current status: [placeholder_cookiebot_status]
Your consent ID: [placeholder_cookiebot_consentID]
Consent date: [placeholder_cookiebot_consentDate]
Change your consent | Revoke your consent
The cookie declaration was last updated on [placeholder_cookiebot_consentDate] by Cookiebot.
We use Cookiebot to display cookie banners. Cookiebot is a product of Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark, hereinafter Cybot.
- your anonymized IP address
- the date and time of your consent
- the user agent of your browser
- the provider's URL
- an anonymous, random, and encrypted key
- your cookie status which serves as proof of consent
The encrypted key and cookie status are stored by means of a cookie on your device to enable the corresponding cookie status to be restored when you return to our site. This cookie automatically deletes after 12 months.
The legal basis for this processing of data is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest is in the user-friendliness of the website and the fulfillment of the statutory requirements of GDPR.
You can prevent cookies from being installed and/or delete this cookie by adjusting the settings on your internet browser.
Our website uses Matomo, open-source software used to statistically evaluate visitor access and user behavior.
The provider of the Matomo software is InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand.
Matomo is deactivated when you first visit our website. Only if you actively consent will your usage behavior be anonymously recorded.
These data cannot be traced back to a particular person, as your IP address is immediately anonymized after processing and before storage.
Thus, you as a user remain anonymous. The information created by the cookie regarding your usage behavior is not transferred to third parties.
You have the option to prevent the storing of cookies by changing your browser settings.
We would like to draw your attention to the fact that certain settings may mean that you are no longer able to use all functions of this website.
You can find more information on the private sphere settings of Matomo software at: https://matomo.org/docs/privacy/.
Data erasure takes place as soon as the data are no longer necessary for our purposes. For us, this takes place automatically after 6 months.
The legal basis for the processing of personal data using cookies is art. 6 para. 1 (f) GDPR.
You can object in three different ways to the processing of data by Matomo: firstly, you can prevent the storage of cookies on your browser in toto. This will lead to your no longer being able to use certain functions of our website which require identification.
Secondly, you can activate the setting “do-not-track” in your browser to communicate to the website that you do not wish your user activity to be tracked. Matomo accepts and respects this setting.
Thirdly, you can object at any time to the storage and evaluation of data by Matomo. Simply click on Cookie settings and push the control button for the cookie category “statistics” to the left. Then click the button “accept selection”.