Data Privacy
This privacy policy explains the type, scope and purpose of the collection and use of personal data on the website https://dimedis.io/ (hereinafter referred to as the“website”) by dimedis GmbH (hereinafter referred to as“we” or“us”). We are the responsible party for all personal data collected on the website, unless this privacy policy contains different information.
Personal data is information that can be used to identify a person, i.e. information that can be traced back to a person. Typically, this includes a name, email address or telephone number. However, purely technical data that can be assigned to a person is also to be regarded as personal data.
Contact details of the controller:
dimedis GmbH
Vogelsanger Straße 78
50823 Cologne
Germany
Tel.: +49 221 921 260 52
E‑mail: datenschutz@dimedis.de
Website: http://www.dimedis.io
Contact details of the data protection officer:
Polymnia Georiadou
secAdair GmbH
Wolfsstraße 16
50667 Cologne
Germany
Phone: 0221 921 260 909
E‑mail address: datenschutz@dimedis.de
Your rights
You have the right to request information about the personal data stored about you free of charge. In addition, you have the right to rectification of inaccurate data, the right to request the restriction of processing of data that has been processed too extensively, and the right to erasure of personal data that has been processed unlawfully or stored for too long (provided that this does not conflict with any legal obligation to retain data or any other reasons under Art. 17 (3) GDPR). In addition, you have the right to transfer all the data you have provided to us in a common file format (right to data portability), provided that you have provided the data to us as part of a declaration of consent or to fulfill a contract.
If we process your personal data on the basis of a legitimate interest, you have the right to object to the processing of your personal data at any time for reasons arising from your particular situation (right of objection, Article 21 of the GDPR). The data will then no longer be processed unless we can prove compelling reasons for the processing worthy of protection that outweigh your interests, rights and freedoms, or if the processing serves to assert, exercise or defend legal claims.
Consent given can be revoked at any time with effect for the future.
To exercise your rights, simply send an e‑mail to datenschutz@dimedis.de.
Furthermore, you have the right to file a complaint with a data protection supervisory authority. A list of German and European data protection officers and their contact details can be found at the following link:
https://www.bfdi.bund.de/DE/Infothek/Anschriften _Links/anschrift_links-nodes.html
Voluntary nature of the information provided
The provision of your personal data on this website is generally neither legally nor contractually required. You are not obliged to provide personal data on this website. Nevertheless, the provision of some of the functions of this website requires the processing of your personal data.
Existence of automated decision-making
We do not use automatic decision-making including profiling in accordance with Art. 22 GDPR.
Recipients of data
We do not pass on personal data unless we expressly mention this in this data protection declaration. However, the website is hosted by our service provider Host Europe GmbH, Hansestrasse 111, 51149 Cologne. Host Europe GmbH will also automatically process the above-mentioned personal data in this context. This is done exclusively in accordance with our instructions and on our behalf in accordance with an order processing contract pursuant to Art. 28 GDPR.
The transfer of personal data to the above-mentioned service provider is based on Art. 6 (1) point f GDPR. This provision allows the processing of personal data in our“legitimate interest”, except where such interests are overridden by your fundamental rights, freedoms or interests in not processing the data. Our legitimate interest lies in the use of specialized service providers who can provide the corresponding hosting more efficiently than we can. However, you can object to this data processing at any time if there are reasons that exist in your particular situation and that speak against the transfer of personal data to a server service provider. To do so, simply send an e‑mail to datenschutz@dimedis.de.
General information about cookies and similar technologies
We use cookies and similar technologies on our platform. Cookies are small text files that are stored on your device by the browser you are using when you access our website. This enables individual services of a website to recognize you and remember the settings you have made. On the one hand, this serves to make websites more user-friendly and thus helps users (e.g. by storing login data). On the other hand, cookies are typically used to collect statistical data on website usage and to use the data obtained for analysis and advertising purposes. We use cookies in various ways, which we explain in more detail below.
Some cookies are automatically deleted from your device as soon as you leave the website (so-called session cookies). Other cookies are stored for a certain period of time, which in each case does not exceed two years (persistent cookies). We also use so-called third-party cookies, which are managed by third parties to offer certain services.
You can influence the use of cookies. Most browsers have an option that restricts or completely prevents the storage of cookies. However, it should be noted that the use and in particular the user comfort are restricted without cookies.
We use cookies and similar technologies that are essential for the provision of the platform without a declaration of consent. We only use non-essential cookies and similar technologies if you have given your consent. You give your consent in the cookie banner that appears on the screen when you access the platform (see section 3). In the context of the data processing procedures listed below, each procedure that uses cookies explains the legal basis on which the processing is based, whether (and if so, which) third parties receive data via cookies and how long we store the personal data collected using cookies in this context. Further details on the cookies used can be found at the following link [please insert link into the 2nd layer of the consent management platform].
Overview of the procedures
Personal data is processed on this website as part of the following procedures:
- Server log files
- Use of the consent management platform “Cookiebot”
- Contacting us
- Subscribing to our newsletter
- Newsletter tracking
- Google Analytics
- Friendlychapter
- SalesViewer
- Social media plugins
- Using the chat tool
- Additional information for the applicant tool on our website
Server log files
We automatically collect a range of technical data, which is personal data, every time the website is accessed.
This data includes:
- IP address of the user
- Name of the website or file accessed
- Date and time of access
- Volume of data transferred
- Report on successful retrieval
- Browser type and version
- User’s operating system
- User’s device used, including MAC address
- referrer URL (the previously visited page)
These data are not combined with other personal data that you actively provide on the website. We collect server log files for the purpose of administering the website and to detect and prevent unauthorized access.
Legal basis
The personal data in log files are processed on the basis of Art. 6 Sect. 1 lit. f GDPR. This legal basis permits the processing of personal data in the context of the controller’s“legitimate interest”, except where such interest is overridden by your fundamental rights, freedoms or interests. Our legitimate interest lies in facilitating administration and in the possibility of detecting and prosecuting hacking. You can object to this data processing at any time if there are reasons that exist in your particular situation and that speak against the data processing. To do so, simply send an e‑mail to datenschutz@dimedis.de.
What are IP addresses?
IP addresses are assigned to each device (e.g. smartphone, tablet, PC) that is connected to the internet. Which IP address this is depends on which internet access your device is currently connected to the internet with. It may be the IP address that your internet provider has assigned to you, for example if you are connected to the internet via your Wi-Fi at home. However, it may also be an IP address that your mobile phone provider has assigned to you or the IP address of a public or private Wi-Fi or other Internet access provider. In its most common form at present (IPv4), the IP address consists of four blocks of numbers. In most cases, you as a private user will not use a static IP address, as your provider will only assign it to you temporarily (so-called“dynamic IP address”). In the case of a permanently assigned IP address (so-called“static IP address”), a clear assignment of the user data is in principle easier. Except for the purpose of prosecuting unauthorized access to our website, we do not use this data in a personal way, but only evaluate on an anonymous basis which of our websites are favored, how many daily accesses occur and similar information.
Duration of data storage
The server log files with the above-mentioned data are automatically deleted after 365 days. We reserve the right to store the server log files for a longer period of time if there are facts that suggest the assumption of unauthorized access (such as an attempt at hacking or a so-called DDoS attack).
Use of the consent management platform “Cookiebot”
We use the consent management platform (also known as cookie banner) “Cookiebot” from Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark (hereinafter “Cookiebot”) on our website. The consent management platform enables us to obtain your consent to the processing of various cookies and to provide you with comprehensive information about the purposes of the various cookies. At the same time, you can also adjust the set cookies here at any time and revoke your consent at any time for the future. When you make a setting on the consent management platform, the following data is sent to Cookiebot and stored and processed there:
- The end user’s IP number in anonymized form (the last three digits are set to ‘0’).
- Date and time of consent.
- User agent of the end user’s browser.
- The URL from which the consent was sent.
- An anonymous, random and encrypted key.
- The end user’s consent status, which serves as proof of consent.
For more information, please consult the Data Privacy Policy of Cookiebot at the following link: https://www.cookiebot.com/de/privacy— policy/
Legal basis
The personal data collected by Cookiebot is processed on the basis of Art. 6 Sect. 1 lit. c and Art. 6 Sect. 1 lit. f GDPR. Pursuant to Art. 6 lit. c GDPR, the processing of data is permitted if it is necessary to fulfill a legal obligation of the controller. The controller is legally obliged to be able to provide proof of consent. The legal basis of Art. 6 para. 1 lit. f DSGVO permits the processing of personal data in the context of the “legitimate interest” of the controller, insofar as your fundamental rights, freedoms or interests do not prevail. Our legitimate interest consists in the most customer-friendly, efficient and legally secure operation of the website. You can object to this data processing at any time if there are reasons that exist in your particular situation and that speak against the data processing. To do so, simply send an e‑mail to datenschutz@dimedis.de.
Duration of data storage
The personal data stored by Cookiebot is deleted after 24 months. For more information on the storage period, please refer to Cookiebot’s privacy policy, which you can access via the following link: https://www.cookiebot.com/de/p….
Contact
When you contact us (e.g. by email or by using the contact form), the information you provide will be stored for the purpose of processing your request and in the event that follow-up questions arise.
Legal basis
The information provided when contacting us is processed on the basis of Art. 6 Sect. 1 lit. f GDPR. This legal basis permits the processing of personal data within the scope of the controller’s“legitimate interest”, unless your fundamental rights, freedoms or interests prevail. Our legitimate interest lies in processing the contact. You can object to this data processing at any time if there are reasons that exist in your particular situation and that speak against the data processing. To do so, simply send an e‑mail to datenschutz@dimedis.de.
Duration of data storage
The personal data stored in the context of establishing contact will be deleted when the request associated with establishing contact has been fully resolved and it is not to be expected that the specific contact will become relevant again in the future.
Subscription to our newsletter
On our website, you have the option of subscribing to our company’s newsletter. For this purpose, we use the service provider BHM Media Solutions GmbH, Universitätsstr. 62, 35037 Marburg (“Umnion”). The newsletter informs users about new offers from our company. The following personal data must be entered in the input mask to order: name, e‑mail address.
When registering for the newsletter, we also store the IP address of the computer system assigned by the Internet service provider and used by the data subject at the time of registration, as well as the date and time of registration. The collection of this data is necessary in order to understand the (possible) misuse of the e‑mail address of a data subject at a later date, and it therefore serves the aim of the legal protection of the controller.
Our company’s newsletter can only be received by the data subject if (1) the data subject has a valid e‑mail address and (2) the data subject registers to receive the newsletter. For legal reasons, a confirmation e‑mail will be sent to the e‑mail address entered by a data subject for the first time for the newsletter dispatch using the double opt-in procedure. This confirmation email is used to check whether the owner of the email address has authorized the receipt of the newsletter as the data subject.
Legal basis
This data processing is based on the consent described above, which you granted when registering for the newsletter. Pursuant to Art. 6 (1) point a GDPR, data processing is lawful if you have granted consent for the data processing for one or more specific purposes. When you subscribed to the newsletter, you provided a declaration of consent in which you confirmed that you would like to receive the selected newsletter. You can unsubscribe at any time free of charge. To do so, simply use the unsubscribe link in the respective newsletter or send us an e‑mail to datenschutz@dimedis.de.
Duration of data storage
The personal data stored in the context of the newsletter registration will be deleted when you have successfully unsubscribed from the newsletter.
Newsletter tracking
Our newsletters contain so-called tracking pixels. A tracking pixel is a miniature graphic embedded in emails sent in HTML format to enable log file recording and log file analysis. This allows a statistical analysis of the success or failure of online marketing campaigns. Based on the embedded tracking pixel, we can recognize if and when an e‑mail was opened and which links in the e‑mail were accessed. All this happens without recourse to the personal data of the individual. Only anonymized statistical information is collected.
The non-personal data collected by the tracking pixels contained in the newsletters is stored and analyzed by the controller in order to optimize the delivery of the newsletter and to better adapt the content of future newsletters to the interests of the data subject.
Legal basis
As described above in section 5, the consent given during the subscription in the double opt-in procedure is in accordance with Art. 6 para. 1 lit. a. GDPR is the legal basis for data processing. You have the right to revoke the separate declaration of consent provided via the double opt-in procedure at any time. After a revocation, this personal data will be deleted by the person responsible for processing. We automatically interpret a cancellation of the newsletter as a revocation.
Duration of data storage
Personal data is only stored by us in the form of anonymized statistics.
Google Analytics
This website uses Google Analytics, a web analysis service provided by Google Ltd. (“Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland), with the involvement of the US parent company Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, to analyze and regularly improve the use of this website. The statistics obtained enable us to improve our services and make them more interesting for you as a user.
Insofar as the storage and/or processing of personal data involves the transmission of personal data from the EEA, Switzerland or the United Kingdom to a third country that is not covered by an adequacy decision under European data protection law, the EU standard contractual clauses shall be deemed to have been agreed between us as the operator (as data exporter) and Google LLC (as data importer). All transfers are subject to these standard contractual clauses and Google ensures that Google LLC meets its obligations under the agreed EU standard contractual clauses in relation to such data transfers. Google’s current standard contractual clauses can be found at the following link: .
Google Analytics sets several cookies (see [please insert link into the 2nd layer of the Consent Management Platform]) to identify your browser and to enable an analysis of your use of the website. The information generated by the cookies about your use of this website is usually transferred to a Google server in the USA and stored there.
However, we have activated the IP anonymization feature on this website, so your IP address will be shortened by Google within the European Union or other parties to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the US and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of our website, to compile reports on website activity and to provide other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google unless you have allowed this in your Google Account.
Further details and information can be found in Google’s privacy policy at https://policies.google.com/privacy?hl=de
Legal basis
The processing of Google Analytics is carried out in accordance with Art. 6 (1) point a GDPR on the basis of the consent you have given. You can prevent the data generated by cookies about your use of the website (incl. your IP address) from being passed to Google, and the processing of these data by Google, by downloading and installing the browser plugin available at the following link: install the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
In addition, you can revoke your consent at any time with effect for the future by preventing the storage of cookies through a corresponding setting in your browser software. However, we would like to point out that in this case you may not be able to use all the functions of this website to their full extent.
In addition, you can individually adjust and change the cookie settings at any time in the consent management platform. You can find the link to the consent management platform at any time on the website.
Duration of data storage
The personal reference is immediately removed by the partial deletion of the IP addresses, so that only statistical data is stored.
Friendlychapter
On our website, we use the tool“Friendlychapter” from Friendly Chapter GmbH, Am Anger 3 – 5, 82237 Wörthersee. This tool is used to check whether data is actually entered by a natural person or by machine/automated programs (so-called“bots”).
For this purpose, Friendlychapter collects the following personal data
- The request headers User-Agent, Origin and Referer.
- The puzzle itself, which contains information about the account and the website key to which the puzzle relates.
- The version of the widget.
- A timestamp.
Friendlycaptcha does not use cookies. Further information on data processing by Friendlycaptcha can be found at the following link: https://friendlycaptcha.com/de…
Legal basis
Data processing is carried out on the basis of Art. 6 Sect. 1 lit. f GDPR. The website operator has a legitimate interest in protecting its website from abusive automated crawling and from SPAM.
Duration of data storage
We do not store any personal data in connection with the use of Friendlychapter.
Use of SalesViewer® technology:
This website uses SalesViewer® technology from SalesViewer® GmbH to collect and store data for marketing, market research and optimization purposes based on the legitimate interests of the website operator (Art. 6 para. 1 lit.f DSGVO).
For this purpose, a javascript-based code is used to collect company-related data and the corresponding usage. The data collected using this technology is encrypted using a non-reversible one-way function (so-called hashing). The data is immediately pseudonymized and is not used to personally identify the visitor to this website.
The data stored by Salesviewer is deleted as soon as it is no longer required for its intended purpose and the deletion does not conflict with any statutory retention requirements.
You can object to the collection and storage of data at any time with effect for the future by clicking on this link https://www.salesviewer.com/opt‑out to prevent SalesViewer® from collecting data from this website in the future. This stores an opt-out cookie for this website on your device. If you delete your cookies in this browser, you will have to click on this link again.
Link to social media site (LinkedIn)
We link to our social media sites, such as LinkedIn, on our website. When you visit our website, no data is transmitted to LinkedIn until you actively click on the link to our LinkedIn profile.
The following categories of data are processed by the respective social network:
- IP address
- Date, time
- Website visited
If you are logged into your user account when you access our LinkedIn channel, LinkedIn may be able to assign the information collected during the specific visit to your personal account (see https://de.linkedin.com/legal/…).
Storage period of the data
We do not store any personal data ourselves by setting links to social media platforms.
You can find more information about the duration of storage by LinkedIn in the data protection declaration at:
https://de.linkedin.com/legal/….
Use of the chat function
We use the Userlike chat tool on our website. The provider of this service is Userlike UG, Probsteigasse 44 – 46, 50670 Cologne. This is a live chat tool that allows you to send us messages directly when you visit our website and to communicate with us in real time. We receive all personal data that you provide to us during the chat (e.g. your name, contact information, etc.) and the following personal data:
- Date and time of access,
- browser type/version,
- IP address,
- operating system used
- URL of the previously visited website.
We have concluded an order processing contract with Userlike in accordance with Art. 28. Further information on data processing by Userlike can be found at: https://www.userlike.com/de/data— privacy and https://userlike.com/de/terms#…
Legal basis
The use of Userlike and the storage of chat data are based on Art. 6 Sect. 1 lit. f GDPR. We have a legitimate interest in communicating with you in the most expedient and reliable manner possible and efficiently processing your inquiries. This additionally allows us to ensure the quality of customer communications.
Duration of Data Storage
We store messages that you send to us until you request that we delete them or until your request has been processed. If you would like to have a message or chat history deleted, you can write to us at datenschutz@dimedis.de.
LinkedIn Insight Tag
On this website, we use the tool“LinkedIn Insight Tag” from LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. With your consent, the LinkedIn Insight Tag creates a unique LinkedIn browser cookie in your browser and allows us to collect the following data for this cookie: URL, referrer URL, IP address, device and browser properties (user agent) and timestamp. The IP address is shortened or hashed by LinkedIn.
Direct member identifiers are removed by LinkedIn within seven days to pseudonymize the data. This remaining pseudonymized data is then deleted by LinkedIn within 180 days.
LinkedIn does not share any personally identifiable information, but only provides reports and communications (in which members are not identified) about the website audience and ad performance.
In addition, LinkedIn offers retargeting for website visitors, so that you receive targeted advertising outside of our website with the help of this data, without being identified. dimedis processes the data from LinkedIn in order to optimize the online service and marketing measures. With the LinkedIn Insight Tag, we recognize that you have come to our website via a LinkedIn ad and what actions you are taking. We use this to measure the success of individual advertising measures and to adapt our advertising offer more individually to your needs. The LinkedIn Insight Tag is only used if you have given your consent. If consent is obtained, the above-mentioned service is used on the basis of Art. 6 para. 1 a) GDPR and § 25 TTDSG. You can revoke your consent at any time here (link to the cookie banner).
LinkedIn transfers your Insight tag data, including member pseudonym, IP address, device and browser characteristics, timestamps, URL, outside the EEA. The data transfer is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.linkedin.com/legal/l/dpa. We have concluded an order processing contract (AVV) for the use of the above-mentioned service with the specified service provider. This is a contract required by data protection law that ensures that the service provider processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.
LinkedIn members can control the use of their personal data for advertising purposes in their account settings.
Additional information for the application tool on our website
We collect and process the personal data of applicants for the purpose of conducting the application process. The processing may also be carried out electronically. This is particularly the case if an applicant submits the relevant application documents to us electronically, for example by email (bewerbung@dimedis.de) or via a web form on the website.
We then use and store the transmitted personal data for the purpose of carrying out the application process (e.g. job interview, etc.). If we conclude an employment contract with an applicant, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions.
As a rule, personal data is collected directly from you as part of the application process, either in response to a specific job advertisement or as an unsolicited application. In addition, we may also have received data from third parties if you have applied to us via a corresponding platform (e.g. job portals). We may also process personal data that we have legitimately obtained from publicly available sources (e.g. professional social networks). We also work with the HR solution Kenjo, Kenjo GmbH, Urbanstraße 71, 10967 Berlin (“Kenjo”), for the purpose of personnel administration. This tool supports us in managing personal data. We have concluded an order processing contract with Kenjo in accordance with Art. 28 GDPR. You can find more information about data protection here:https://www.kenjo.io/de/legal/….
In order to accept and evaluate your application and depending on the data you provide, we may process personal data such as the following:
- Name
- Contact details
- E‑mail address
- Telephone number
- Date and place of birth
- application photo
- files and documents, such as references and certificates, that you send us in connection with your application.
The data that you provide to us during the application process will not be passed on to third parties.
Legal basis
The processing of the data that you have provided to us as part of the application process is carried out on the basis of Art. 6 Para. 1 S.1 lit. b, Art. 88 GDPR in conjunction with § 26 Para. 1 BDSG. In the event of your consent, the legal basis is Art. 6 Para. 1 S.1 lit. a DSGVO. You can revoke your consent at any time with effect for the future; an e‑mail to datenschutz@dimedis.de is sufficient.
Storage duration
Your personal data will be deleted no later than six months after completion of the application process. This does not apply if you have given us your express consent to store your data in our applicant pool for a possible later job offer and thus later consideration. In the event of recruitment, we will include the data provided in our personnel file.
