ProCon X-Ray GmbH

Privacy Policy

This privacy policy explains to you the purpose and scope of the processing of personal data (hereinafter generally referred to as "data") within our website and the systems connected to it (hereinafter generally referred to as "online offer"). Unless otherwise stated, the use of terms is based on Art. 4 of the General Data Protection Regulation (GDPR).

Data subjects

Visitors to our online offer (hereinafter generally referred to as "users")

Purpose of the data

  • Content and functional provision of the online offer
  • Communication with the user (e.g. by responding to contact enquiries)
  • Defence against threats
  • Reach measurement and marketing activities Marketing

Types of data processed

  • Content data (e.g. text input, multimedia data)
  • Usage data (e.g. websites visited, access times)
  • Meta/communication data (e.g. browser information, IP addresses)
  • Contact data (e.g. name, address, email, telephone number)

Legal foundations

In accordance with Art. 13 GDPR, the legal basis for data processing is stated in the privacy policy. If this does not apply in a particular case, the legal bases are set out in Article 6(1) and Article 7 GDPR.

Cooperation with processors and third parties

If we grant other persons or companies (processors or third parties) access to the data for the purpose of specific processing in our interest, this is done on the basis of a legal obligation, a legal permission (e.g. to fulfil a contract in accordance with Art. 6 para. 1 lit. b GDPR), on the basis of your consent or on the basis of our legitimate interest (e.g. use of agencies/web hosts).

If third parties are commissioned to process data, this is done on the basis of an order processing contract in accordance with Art. 28 GDPR.

Transfers to third countries

Data is only processed in a third country (outside the European Union and outside the European Economic Area) for the purpose of fulfilling (pre)contractual obligations, on the basis of your consent, on the basis of legal obligations or on the basis of our legitimate interests. The processing of the data takes place under the conditions specified in Article 44 et seq. GDPR specified conditions. This takes place, among other things, on the basis of special guarantees, such as the officially recognised determination of a level of data protection corresponding to the EU (e.g. through the "EU-US Data Privacy Framework") or through officially recognised special contractual obligations ("standard contractual clauses").

User rights

In accordance with Art. 15 GDPR, users are granted rights to confirmation of the processing of data concerning them and to information about this data.

In accordance with Art. 16 GDPR, you have the right to request the completion or correction of the data concerning you.

Furthermore, Art. 17 GDPR guarantees you the right to demand that data concerning you be deleted immediately or, alternatively (e.g. if statutory retention obligations prevent this), that its processing be restricted in accordance with Art. 18 GDPR.

You have the right to receive data concerning you in accordance with Art. 20 GDPR.

Finally, you have the right to lodge a complaint with the competent supervisory authority in accordance with Art. 77 GDPR.

Revocation and objection

In accordance with Art. 7 (3) GDPR, you have the right to withdraw your consent with future effect.

Furthermore, you can object to the future processing of data concerning you at any time in accordance with Art. 21 GDPR. In particular, you may object to processing for direct marketing purposes.

Cookies

Our website uses cookies. Cookies are small text files that are stored on your computer when you visit our website. Cookies can contain information about you and your interests. They are also used to save the user's details during or after a visit. Furthermore, cookies do not allow any conclusions to be drawn about your identity. When you access the website, a message appears informing you that the website uses cookies and that a cookie may be created with your consent. If you do not wish to receive cookies, please deactivate or delete the storage of cookies in your browser settings. Session cookies are deleted when you leave the website by closing the browser. Persistent cookies have a variable lifespan that can extend beyond the browser session, so that login status or other information that optimises your use of the online offering can be stored here. Third-party cookies are cookies that are set by providers other than the person responsible for the online offer. The use of the respective cookies is explained in the privacy policy. The exclusion of cookies can lead to functional restrictions.

Deletion of data

Unless otherwise stated in this privacy policy, the data stored by us will be deleted as soon as it is no longer required for its intended purpose and there are no legal obligations to retain it. Depending on the type, these retention obligations generally vary between 6 and 10 years (see Section 257 (1) HGB and Section 147 (1) AO).

Hosting

We use various hosting services (infrastructure, computing capacity, storage space, security, maintenance) in order to be able to offer you the online service. In this context, both we and our hosting service provider process content data, usage data, meta/communication data and contact data of visitors to this online offering on the basis of our legitimate interest in the secure and professional provision of the online offering in accordance with Art. 6 para. 1 lit. f GDPR and Art. 28 GDPR.

Netlify

Our website is hosted by Netlify. When you visit one of our websites, your browser establishes a connection to a server of Netlify, Inc, 610 22nd Street, Suite 315, San Francisco, CA 94107, USA. Further details about data processing by Netlify are available in their privacy policy. The legal basis for data processing is (Art. 6 para. 1 sentence 1 lit. f) GDPR. The basis for the third country transfer is the EU-US Data Privacy Framework (DPF).

Privacy policy of the provider: https://www.netlify.com/privacy/
Data processing agreement: https://www.netlify.com/pdf/netlify-dpa.pdf

Collection of access data and logfiles

Our hosting provider stores within the meaning of Art. 6 para. 1 lit. f. GDPR data from each user access to the server on which the online offer is located (server log files). The following access data is collected: Name of the website accessed, file, date, time of access, amount of data transferred, messages about successful access, browser type, user's operating system, referrer URL, IP address and the requesting provider. The server log file information is used for the stable provision of the online offer as well as for hazard prevention and detection, is only stored for a certain period of time and then deleted. If further storage of the data is required for evidence purposes, it will not be deleted until the incident has been finally clarified.

Contacting us

If contact is made (e.g. via email, contact form, telephone or social media), the user's details are processed in accordance with Art. 6 para. 1 lit. b GDPR in order to process the contact enquiry. The information about the user may be stored in a customer relationship management system ("CRM system") or comparable management software.

Enquiry data is deleted if it is no longer required. The necessity is reviewed at regular intervals (usually every two years). In addition, statutory archiving obligations may apply.

Google Analytics

As a company, we use the web analysis service on the basis of our legitimate interests. This means that we use this service to analyse data for the purpose of optimising our online offering and its operation. This is done within the meaning of Art. 6 para. 1 lit. f. GDPR. Google Analytics also uses cookies. This stored data is usually transferred to a Google server in the USA and stored there. The basis for the third country transfer is the EU-US Data Privacy Framework (DPF).

Google uses this information on our behalf to analyse the use of our online services. The information is also used to compile reports on the use of this online offering and to provide other related services. Pseudonymised user profiles can be created from the processed user data.

Google Analytics does not store individual IP addresses for EU users. The storage of cookies can also be prevented. To do this, appropriate browser software can be installed to prevent the storage of user data. To do this, a specific browser plugin can be downloaded and installed via the following link:
http://tools.google.com/dlpage/gaoptout?hl=de.

If you require further information on the use of data by Google and the setting and objection options, you can find out more on the following page: https://www.google.com/intl/de/policies/privacy/partners. Here you can find out more about the use of data by Google when using websites or apps. If you would like to find out more about the use of data and the management of advertising purposes, please follow these two links: http://www.google.com/policies/technologies/ads, http://www.google.de/settings/ads 

Integration of third-party services and content

On the basis of our legitimate interest (e.g. interest in optimising the economic operation of the online offer through analysis techniques in accordance with Art. 6 para. 1 lit. f. GDPR), we use content or service offers from third-party providers within our online offer. GDPR) content or service offers from third-party providers in order to enrich our online offer, e.g. by integrating fonts or maps.

As a result, it is technically necessary for the display that the third-party provider can, for example, recognise the IP address of the user by means of standard browser communication.

Although not generally intended by us, third-party providers may deliver invisible graphics (pixel tags) for statistical or marketing purposes. This may generate data about visitors to the online offering (e.g. name of the website accessed, file, date, time of access, amount of data transferred, notification of successful access, browser type, user's operating system, referrer URL, IP address and the requesting provider) and may be linked to other sources not known to us, e.g. via cookies.

Wistia

The online offering uses videos from the "Wistia" platform of Wistia, Inc, 120 Brookline Street Cambridge, MA 02139, USA.

Privacy policy of the provider: https://wistia.com/privacy