Privacy Policy

Thank you for your interest in medi1one medical GmbH ("medi1one"). Protecting your privacy is important to us. We would like to inform you about how we process your personal data, which types of data we collect and how this data is used.

 

We would like to point out that our websites contain links to external pages, to which this privacy policy does not apply. Your visit to such websites will be subject to the respective privacy policies of those websites.

 

We collect and use your data

 

We can collect and use your personal data in the following situations:

 

By visiting our website

 

As is the case for most websites, we gather specific data during your visit on our website. We do this to display the website, which is optimised for the device you are using, with all its functions or to save your preferences for your current or future browser sessions. The following internet protocol data is routinely recorded when visiting our website:

 

  • The name of your service provider (IP address)
  • The website that led you to our website
  • The pages visited and the quantity of data transferred
  • Your operating system and your internet browser type (language, version)
  • HTTP status code
  • Time and duration of your visit

 

Newsletters

 

In our free electronic newsletter, we inform you about the latest innovations and our products, events, etc. If you would like to subscribe to your newsletter, you must enter a valid e-mail address. If you subscribe to the newsletter, you are agreeing to receive the newsletter and to the processes explained. We send our newsletter using our service provider mailingwork GmbH, D-09569 Oederan, www.mailingwork.de. Information on the data protection policy of our e-mail distributor can be found here (in German): https://mailingwork.de/datenschutz.

 

With each newsletter that you receive from us, you have the option of changing your data or unsubscribing from the newsletter.

 

Cookies

 

We use cookies in some areas of our website. Click here for more information about the use of cookies.

 

When you actively provide us with personal data due to a query or survey

 

We process personal data that you actively provide us with, for example, while completing online forms, in our online shop or in surveys or when contacting us using other means of communication such as e-mail, telephone or post. In the case of online forms, the purpose of providing us with your personal data can be found on the form itself.

 

If you contact us using our website, we will store personal data such as:

 

  • your surname, first name, address, e-mail address, telephone number, fax number
  • company, occupation
  • VAT number and for pharmacies, we will store the name of the owner.
  • type of query and possible further information to answer your query

 

 

We do this on the basis of your previous consent or on other legal bases that establish legality of processing. We do not use the personal data as a basis for further contact, unless you provide us with your explicit consent. Your contact details will be stored for up to six months after the completion of the query or survey, unless there is a legal obligation to store the data for a longer period of time. Information in online forms is processed with the help of an encrypted connection to protect the personal data against manipulation or unauthorised access. Please note that regular (unencrypted) e-mail correspondence is not secure.

 

We share your data

 

Your data is not shared with third countries (countries outside the European Economic Area). To be able to process your query, we forward the query along with the personal data that you provide to your local contact person. If a local contact of this type is based in a third country, we will transfer your data based on your consent.

 

We will not forward your personal data to government agencies, unless legally required to do so. Our employees, agencies and sales partners are obliged to respect the confidentiality of your personal data and your data protection.

 

Requests, queries and complaints

 

You have the right to obtain information at any time about your personal data that we process, including but not restricted to the origin and recipient of your data and the purpose of processing. You can also request access to your data, get a copy of your collected data, have your data corrected and request the deletion of your personal data, provided it is not required for storage according to other legal requirements or you can lodge a complaint (where permitted by law). In the latter case, we will immediately confirm and investigate any complaint regarding the type and manner in which we manage personal data.

 

You have the right to withdraw your consent at any time or have your personal data deleted; in this case please contact us using the contact details listed below.

 

You have the right to lodge a complaint with the competent supervisory authority in Germany or with our data protection officer.

 

If you have any concerns regarding data protection, wish to access or correct your personal data, please contact our company data protection officer at the following address: dataprotectionofficer@fresenius-kabi.com. Please note that our data protection officer cannot answer your product-related questions.

 

 

Privacy Statement for Customer, Supplier and Business Partner Data

 

As a valued customer, supplier, prospect, interested business contact or otherwise representative of an organization we interact with, medi1one gmbh,Steinbeisstr. 15, 70636 Fellbach (“we”) as part of the Fresenius Kabi group, will collect and use certain personal data from you. Protecting your privacy is important to us and we would like to inform you on how we collect personal data, what type of information we collect and explain to you how that information is used. Processing of personal data by us is governed by the General Data Protection Regulation of the European Union (“GDPR”).

 

How we collect your data

 

We collect your personal data when you contact us, order our products and services or enter into a contract with us for the supply of goods and services. We also collect and use personal data about you and your role in your company that is published in publicly accessible trade registers, websites, blogs, print media and data that is published by competent authorities and trade associations.

 

Furthermore, we process data that is provided to us by service providers under a contract or competent authorities (rating agencies, financial solvency and risk information, financial service institutions, government or supranational agencies, in particular tender authorities or procurement agencies).

 

Such personal data may include your company’s name, your name, contact information, your company’s bank accounts, your profession and qualifications, professional identifiers, organizational details, affiliation details of your company, certifications and quality statements issued by your company’s officers, representatives or auditors, percentage of shares held, details related to public filings, trade registers and professional boards, details related to published transactions of your company including tenders and financial arrangements, previous interactions with Fresenius Kabi and any of our subsidiaries.

 

Why we collect and use your data

 

We collect and use these data for the purposes of assessing a potential business relationship or maintaining our business relationship with you, this general purpose in particular includes:

 

  • the manufacturing, provision and delivery of products and services;
  • the exchange of information related to existing contracts or possible contracts with you;
  • the procurement of products and services from you;
  • the management of our relationship with you or the company you are working for (e.g. customer relationship management, supplier management, investor relations management);
  • the fulfillment of compliance requirements related to a business transaction (e.g. conflict checks, business partner due diligence, sanction list screening, anti-money laundering laws, secure supply chain requirements, customs and export law requirements, tracing requirements for products);
  • vendor assessment and qualification (e.g. whether you and your organization meets certain quality and certification requirements);
  • marketing (e.g. informing you about products and services or related information);
  • the assessment whether you are a suitable contact for specific business needs (e.g. when we look for an expert in a certain field or specific products);
  • collection of payments due to us including the re-financing of debts;
  • the assessment of your company’s financial solvency and credit risk.
  • a potential acquisition, divestiture or joint venture transaction with us or any Fresenius Kabi affiliate;

 

Legal basis for processing

 

We process your personal data on one of the following legal bases:
the processing of your personal data is necessary in order to carry out the contract concluded between you and us (Art. 6.1 b GDPR).

 

  • the processing of your personal data is necessary for us in order to comply with a legal obligation we are subject to e.g. laws on anti-money laundering, customs and export, secure supply chain requirements, product tracing requirements, statutory disclosure and notification requirements or similar compliance requirements that might require us to process certain of your personal data (Art. 6.1 c GDPR).
  • processing is necessary for purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data (Art. 6.1 f GDPR). These legitimate interests are:
    • Fulfilling our contract with the company you are working for, including the enforcement of any rights we may have under such contract;
    • Gather information on knowledge management related to internal processes, products and services;
    • Development, optimization and improvement of our products and services;
    • Optimization of internal communication;
    • Optimization of administration;
    • Carrying out research work;
    • Organizational management;
    • Risk Management: safeguarding against e.g. financial / reputational risks;
    • Maintenance of the IT infrastructure, IT security, guarantee of IT support and the detection and correction of errors; and
    • Complying with legal requirements outside the EEA.
  • Where you have been informed about the intended processing of your personal data, your consent (Art. 6.1 a GDPR).

 

You can always withdraw your consent. You can withdraw your consent to all processing or for individual purposes of your choice. The withdrawal of consent will not affect the lawfulness of processing based on your consent before the withdrawal. You can withdraw your consent by sending an email to our privacy officer.

 

We share your data

 

We transmit your personal data in parts or as a whole to other entities.
Recipients are:

 

  • Other group companies if such a transfer of personal data is required for the specific purpose (Please refer to the overview of the locations in which Fresenius Kabi group companies are active) ;
  • Service providers who process personal data on our behalf but have to follow our instructions on such processing; these service providers will not be allowed to use your personal data for other than our purposes;
  • IT-service providers who host the data or provide maintenance services;
  • Authorities, who we are obliged to provide your personal data to, e.g. tax and customs authorities, regulatory authorities and their delegated bodies, financial market authorities; public registers; and
  • Auditors or similar external consultants like lawyers or tax advisers.

 

International data transfers

 

We may transfer your personal data in parts or as a whole to Fresenius group recipients in countries, which are not member states of the European Union or international organizations, for the purposes listed above. Please refer to the overview of the locations in which Fresenius Kabi is active.

 

The European Commission has determined an adequate level of data protection to be in place that matches the level of data protection within the European Union for the following countries / international organizations in which Fresenius entities are established: Argentina, Canada, New Zealand, Switzerland or Uruguay. With regards to such international data transfers to third countries, for which the European Commission has not decided that an adequate level of data protection exists, we have provided appropriate safeguards in order to secure your personal data to a degree that equals the level of data protection in the European Union.
These safeguards are:

 

  • Standard Contractual Clauses that have been issued by the European Commission.
  • Commiseration in the EU-US-Privacy Shield.

 

You can obtain a copy of these Standard Contractual Clauses online, or upon request.

 

How long do we retain the data

 

Generally, we store your personal data for one of the following periods of time:

 

  • As long as we have a duty to retain the data in line with applicable laws (e.g. because we are obliged to store the data for tax purposes);
  • If there is no legal retention applicable, at least for the term of the contractual relationship with you or the company you are working for;
  • If we have a legitimate interest to process your personal data outside of such a contractual relationship, we process it for as long as we still have a legitimate interest in processing this data. The exact period depends on the company you are working for and your position in the company.

 

If the legal retention period is longer than for the other above mentioned ones, we aim to block the data until the end of the respective retention period and then erase it.

 

Requests, inquiries and complaints
Depending on the situation, you have the following rights with respect to your personal data:

 

Right of access
You have the right to request at any time which personal data about you we process.

 

Right to rectification of incorrect data
If your personal data are inaccurate, you have the right to get them corrected without undue delay.

 

Right to erasure
In certain situations, you have the right to request the erasure of your personal data. In particular, you may ask us to erase personal data, if:

 

  • it is no longer needed for the purposes for which it was collected or otherwise processed,
  • the personal data has been unlawfully processed,
  • you object to the processing (see 'Right to object') and there are no overriding legitimate grounds for the processing,
  • the personal data has to be erased due to compliance with a legal obligation in Union or Member State law to which we are subject or
  • you withdraw your consent on which the processing is based and there is no other legal ground for the processing.

 

Right to restriction of processing
You have the right to obtain from us restriction of processing, where one of the following applies:

 

  • The accuracy of the personal data is contested by you, processing will be restricted for a period enabling us to verify the accuracy of the personal data,
  • The processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead,
  • We no longer need the personal data for the purposes of the processing, but are required by you to keep them for the establishment, exercise or defense of legal claims or
  • You have objected to processing (see 'Right to object') and the verification whether our legitimate interests override yours is pending.

 

Right to data portability
According to Art. 20 GDPR you have the right to receive a copy the personal data about you, which you have provided to us, in a structured, commonly used and machine-readable format.

 

Right to object
In line with Art. 21 GDPR, you have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on our legitimate interest (Art. 6.1 f GDPR). We will no longer process your personal data unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or the processing serves the purpose of establishing, exercising or defending legal claims. In all of the above cases, please use the contact form or send your request to the postal or email address stated above.

 

Right to lodge a complaint
You also have the right to lodge a complaint with a supervisory authority. The responsible supervisory authority for Fresenius Kabi is:

 

Der Hessische Beauftragte für Datenschutz und Informationsfreiheit
Presse- und Öffentlichkeitsarbeit
Gustav-Stresemann-Ring 1
65189 Wiesbaden

 

Requirements to provide personal data
You may need to provide your personal data to us for the purpose of fulfilling a contract with you or the company you are working for, e.g. we might require your contact details if you are our business contact at a supplier. If you fail to provide your personal data, we might not be able to enter into the respective contractual relationship.

 

Automated decision making
An automated decision making (Art. 22.1, 2 GDPR) occurs according to our obligation to conduct a sanction-control-procedure. This is also necessary for entering into, or performance of, a contract between you and us. The consequence of this can be the refusal to enter into a contractual relationship with you.

 

Further information for specific situations and contact
We might process your personal data also in different contexts, e.g. when you visit our website or when you receive compensation for your services as a healthcare professional. Please see the specific information on the processing of your personal data in these situations.
If you have any questions on data protection at Fresenius Kabi, please contact us at dataprotectionofficer@fresenius-kabi.com

 

Controller and contact

 

 

Controller:

 

The controller and responsible entity for processing of personal data is:
Fresenius Kabi AG
Else-Kröner-Straße 1
61352 Bad Homburg
Germany
contact mail@fresenius-kabi.com

 

Data protection officer:
We have designated a data protection officer. You can contact our data protection officer for all requests and questions concerning your personal data via:

 

Fresenius Kabi AG
Data Protection Officer
Else-Kröner-Straße 1
61352 Bad Homburg
Germany
E-mail: dataprotectionofficer@fresenius-kabi.com

 

Changes to this data protection information
As our collection and processing of your data may change over time, we might also modify this Data Protection Information to always correctly reflect our data processing practices. We encourage you to review it from time to time.

 

 

© 2020 medi1one

 

Last update: 27.01.2020