Skip to main content

PRIVACY POLICY

Introduction

Thank you for your interest in our website. The protection of your personal data is important to us. Below you will find information about how we handle your data that is collected through your use of our website. Your data will be processed in accordance with the legal data protection regulations.

Controller within the meaning of data protection law

SPIGGLE & THEIS Medizintechnik GmbH

Burghof 14
51491 Overath

02206 9081-0

Data Protection Officer

Proliance GmbH / www.datenschutzexperte.de

Data Protection Officer
Leopoldstraße 21
80802 Munich

Note: When contacting our Data Protection Officer, please specify the company to which your request relates. Please refrain from enclosing sensitive information such as a copy of an identification document with your request.

Definitions

Our privacy policy should be simple and understandable for everyone. For this reason, our privacy policy generally uses the official terms of the General Data Protection Regulation (GDPR). The official definitions are explained in Art. 4 GDPR.

Access to and storage of information in terminal equipment

By using our website, access to information (e.g. IP address) or storage of information (e.g. cookies) in your terminal equipment may occur. This access or storage may involve further processing of personal data pursuant to the GDPR.

  • In cases where such access to information or such storage of information is strictly necessary for the technically error-free delivery of our services, this is done on the basis of § 25 para. 1 s. 1, para. 2 no. 2 TDDDG.
  • In cases where such a process serves other purposes (e.g. the needs-based design of our website), this will only be carried out on the basis of § 25 para. 1 TDDDG with your consent pursuant to Art. 6 para. 1 lit. a GDPR. The consent can be revoked at any time with effect for the future.
  • For more information on the processing of your personal data and the relevant legal basis in this context, please refer to the following sections on the specific processing activities on our website.

Specific Processing Activities

Web Hosting

This website is hosted by an external service provider (AD IT Systems GmbH) in Germany. Personal data collected on this website is stored on the hoster's servers. This may include, but is not limited to, IP addresses, contact requests, meta and communication data, web page accesses and other data generated by a website.

  • Purpose: To ensure a proper connection to the website and an error-free delivery of our services. The processing of this data is strictly necessary to make the website available to you.
  • Legal Basis: Our legitimate interest in the correct presentation and functionality of our website in accordance with Art. 6 Para. 1 lit. f GDPR.
  • Data Processor: We have concluded a Data Processing Agreement with the provider in accordance with Art. 28 GDPR.

Server- Logfiles

Once you visit our website, it is technically necessary that data is transmitted to our web server via your internet browser. The following data is recorded:

  • Date and time of the request
  • Name of the requested file
  • Page from which the file was requested
  • Access status
  • Web browser used and operating system used
  • (Full) IP address of the requesting computer
  • Transmitted amount of data
  • Purpose: To ensure a proper connection, error-free delivery of services, evaluation of system security and stability, and administrative purposes.
  • Legal Basis: Our legitimate interest in the protection and functionality of our website in accordance with Art. 6 para. 1 lit. f GDPR.
  • Storage Period: Temporarily stored for technical security. After about 7 days at the latest, the data is made anonymous by shortening the IP address at domain level. This data is not evaluated in anonymous form except for statistical purposes and is not combined with data from other data sources.

Cookies

Our website uses so-called “cookies”. Cookies are small text files that are either temporarily stored (session cookies) or permanently (permanent cookies) on your end device.

  • Function: Some are technically necessary (e.g. shopping basket, language settings); others are used to evaluate user behaviour or display advertising.
  • Legal Basis for Strictly Necessary Cookies: Legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR in the technically error-free delivery of our services.
  • Legal Basis for Other Cookies: Consent in accordance with Art. 6 para. 1 lit. a GDPR. Consent can be revoked at any time with effect for the future.
Cookie Settings Management

You can set your browser to:

  • be informed about the setting of cookies,
  • only allow cookies in individual cases,
  • exclude the acceptance of cookies for certain cases or generally,
  • activate the automatic deletion of cookies when the browser is closed.

Cookie settings can be managed via the following browser links:

  • Google Chrome
  • Mozilla Firefox
  • Edge (Microsoft)
  • Safari
  • Opera

You can also manage advertising-related cookies individually using tools at https://www.aboutads.info/choices/ or http://www.youronlinechoices.com/uk/your-ad-choices.

Most browsers offer a "do-not-track function". Information and instructions on how to edit this feature are available for your respective browser:

  • Google Chrome
  • Mozilla Firefox
  • Edge (Microsoft)
  • Safari
  • Opera

Additionally, you can prevent the loading of so-called scripts by default using tools like "NoScript".

Note: Please note that if you disable cookies, the functionality of our website may be limited.

Change cookie settings

You can revoke or change your cookie settings at any time. To do so, access the cookie settings again via our integrated thumbprint (bottom left of our website).

Cloudflare CDN

We use the Content Delivery Network (CDN) of Cloudflare Inc. to increase the security and delivery speed of our website. Your browser must connect to Cloudflare's servers, which means Cloudflare obtains knowledge that our website was accessed via your IP address. Cloudflare may process personal data in the form of server log files, including browser information, IP address, and referrer URL.

  • Legal Basis: Our legitimate interest pursuant to Art. 6 (1) lit. f GDPR to increase the security and delivery speed of our website.
  • Storage Period: Generally less than 24 hours for user-level data; most server log files are deleted within 24 hours. Some anonymized data is stored indefinitely as permanent logs.
  • Data Transfer (USA): Cloudflare Inc. is based in the USA. An adequacy decision of the EU Commission pursuant to Art. 45 (1) GDPR applies, as Cloudflare Inc. is certified under the EU-U.S. Data Privacy Framework.
  • Contract: We have concluded a data processing agreement with Cloudflare.
  • Further Information: Cloudflare GDPR and Cloudflare Privacy Policy.

Contact form and contact by email

If you send us requests via our contact form or email, your details (including contact data) will be stored for the purpose of processing and in the event of follow-up questions. Provision of an email address is required; your name is optional. Data will not be passed on without your consent.

  • Legal Basis: Our legitimate interest in responding to your request pursuant to Art. 6 para. 1 lit. f GDPR and, if applicable, Art. 6 para. 1 lit. b GDPR (if the request aims at concluding a contract).
  • Storage Period: Deleted after final processing of your request, provided there are no legal storage obligations.
  • Right to Object: You can object to the processing of your personal data at any time in the case of Art. 6 para. 1 lit. f GDPR.

Google Analytics

We integrate the “Google Analytics” service from Google LLC (USA, provided in EU/EEA by Google Ireland Limited). “Google Analytics” creates usage profiles based on pseudonyms and usage data, collecting and analysing data such as:

  • Usage profiles (recognition features from cookies, device IDs, browser fingerprint)
  • Usage data (website content, referral links, browser, OS, IP address)
  • Demographic data (continent, age group, gender, interests)
  • Interaction data (search queries, ad clicks, website interactions)
  • Terminal device information and configuration
  • Purpose: To compile summary statistics to evaluate and analyze visitor origin, preferences, and interests to optimize online advertising and display tailored advertisements. We only receive summary statistics (aggregated data).
  • Legal Basis: Your consent, provided via our consent management platform. Use of cookies/similar technologies is based on Section 25 (1) TDDDG. Subsequent data processing is based on Art. 6 (1) (a) GDPR.
  • Right to Withdraw Consent: Consent is freely given and can be withdrawn at any time with effect for the future via the “Cookie settings” link at the bottom of the website.
  • Data Transfer (USA): Data is transmitted to Google LLC in the USA. An adequacy decision of the EU Commission applies, as Google LLC is certified under the EU-U.S. Data Privacy Framework.
  • Further Information: Google Privacy Policy.

External links to social media

External websites are solely embedded as a link to the respective service. User information will only be transferred after the redirection to the respective provider. Information regarding data use can be found in the privacy policies of the visited websites.

Data Transfer and Recipients

Your personal data is not transferred to third parties, unless:

  • We have explicitly pointed this out in the description of the respective data processing.
  • You have given your explicit consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.
  • The transfer pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR is necessary for the assertion, exercise or defence of legal claims and our legitimate interests are not overridden.
  • There is a legal obligation to transfer data pursuant to Art. 6 para. 1 sentence 1 lit. c GDPR.
  • Required by Art. 6 para. 1 sentence 1 lit. b GDPR for the execution of contractual relationships with you.

We use external service providers (e.g., web hosting, email dispatch, IT maintenance) who are carefully selected, commissioned in writing, bound by our instructions, and regularly monitored. Required data processing agreements pursuant to Art. 28 GDPR are concluded. Your personal data will not be transferred to third parties by our service providers.

Data security

We take appropriate technical and organizational measures to ensure a level of protection appropriate to the risk in accordance with Article 32 of the GDPR. This website uses SSL encryption for security reasons and to protect the transmission of confidential content.

Storage period

The storage period is determined by the relevant statutory storage periods (e.g. from commercial law and tax law). Data is deleted routinely upon expiry. If data is required for the fulfilment of a contract or if we have a legitimate interest in further storage, the data will be deleted if they are no longer required for these purposes or if you make use of your right of withdrawal or objection.

Your Rights (Data Subject Rights)

The current data protection law grants you the following rights against the controller concerning the processing of personal data:

  • Right to Information (Art. 15 GDPR): About your processed data, purposes, categories of data, recipients, storage period, existence of other rights, origin of data, automated decision-making.
  • Right to Rectification (Art. 16 GDPR): To obtain without undue delay the rectification of inaccurate personal data.
  • Right to Erasure ("Right to be Forgotten", Art. 17 GDPR): To request the erasure of your personal data, unless processing is necessary for exceptions (e.g., freedom of expression, legal obligation, legal claims).
  • Right to Restriction of Processing (Art. 18 GDPR): If accuracy is contested, processing is unlawful, data is no longer needed but required for legal claims, or an objection has been filed.
  • Right to Data Portability (Art. 20 GDPR): To receive the personal data concerning you in a commonly used and machine-readable format and the right to transmit those data to another controller.
  • Right to Withdraw Consent (Art. 7 para. 3 GDPR): To withdraw your given consent with effect in the future at any time.
  • Right to Lodge a Complaint (Art. 77 GDPR): With a supervisory authority, particularly in the Member State of your habitual residence, place of work.

To exercise your right of withdrawal or any of your other rights, simply send an e-mail to .

Right to object (Art. 21 GDPR)

If your personal data is processed by us based on legitimate interests pursuant to Art. 6 para. 1 lit. f GDPR, you have the right to object at any time to the processing of your personal data on grounds relating to your particular situation. If the objection is directed against processing for the purpose of direct marketing, you have a general right of objection without the requirement of stating a particular situation.

Necessity of providing personal data

The provision of personal data for the decision on the conclusion of a contract, the fulfilment of the contract or for the implementation of pre-contractual measures is voluntary. However, we can only proceed with contractual measures if you provide the necessary personal data.

Automated decision making

Automated decision making or profiling according to Art. 22 GDPR does not take place.

Subject to change

We reserve the right to adapt or update this privacy policy, if necessary, in compliance with the applicable data protection regulations. The most current version applies to your visit.

Status of this privacy policy

Status: 10-06-2025