Zum Inhalt springen

Data protection

Letzte Aktualisierung: 02/02/24

csm csm medneo gmbh 99 Deutscher Roentgenkongress fd2ba86e89

Background and terms

This data protection declaration informs you about the type, scope and purpose of the processing of your personal data by the data protection officers in accordance with Art. 13 and 14 of the General Data Protection Regulation (DSGVO).

Scope and responsibility

This data protection declaration applies to the Internet offer of medneo GmbH, which can be reached under the domain https://www.medneo.com as well as the various subdomains.

The responsible party for data processing on this website is:

medneo GmbH
Reinhardtstraße 23-27
10117 Berlin

medneo Deutschland GmbH
Reinhardtstraße 23-27
10117 Berlin

medneo Schweiz AG
Poststrasse 9
6300 Zug

Data protection officer

We have appointed a data protection officer who can be reached at:

datenschutz@medneo.com

Processing of your data at medneo

How is your data processed in detail?

In the following, we inform you about the individual processing operations, the scope and purpose of the data processing, the legal basis, the obligation to provide your data and the respective storage period. An automated decision in individual cases, including profiling, does not take place.

Website

ProcessingWebsite display
Purpose
  • Provision of the website (multilingual)
  • Availability of associated services
  • efficient design of the website
  • Website security
Categories of processed data
  • the IP address (Internet Protocol address)
  • the Internet service provider of the accessing system
  • Date and time of access to the website,
  • browser type and version used
  • the operating system used by the accessing system,
  • the website from which an accessing system arrives at our website
Recipient categories
  • Website hoster
Third country data transfer
  • no
Storage period or its criteria
  • Duration of the display of the website
Legal basis
  • Art. 6 para. 1 b) DSGVO (contract performance)
  • Art. 6 para. 1 a) DSGVO (legitimate interest)
ProcessingContact form
Purpose
  • Contact
Categories of processed dataRequired fields:
  • First Name
  • Last Name
  • E-mail address
  • Type of insurance
  • Message

Voluntary information:

  • Telephone Number
Recipient categories
  • Employees of medneo
Third country data transfer
  • no
Storage period or its criteria
  • After expiry
Legal basis
  • Art. 6 para. 1) DSGVO (contract performance)
ProcessingRequest by e-mail, phone or fax
Purpose
  • Contact
Categories of processed data
  • Name
  • Request
Recipient categories
  • Employees of medneo
Third country data transfer
  • no
Storage period or its criteria
  • After expiry
Legal basis
  • Art. 6 para. 1 b) DSGVO (contract performance)
ProcessingConsent Management
Purpose
  • Service for obtaining consent from our website users for data processing
Categories of processed data
  • Your IP address (the last three digits will be set to ‚0‘).
  • Date and time of consent
  • Browser information URL from which the consent was sent
Recipient categories
  • Employees of mendneo
  • Employees of Usercentrics
Third country data transfer
  • No
Legal basis
  • Art. 6 para. 1 c) DSGVO (legal obligation)
ProcessingGoogle Ads
PurposeGoogle Ads uses cookies to make advertisements more targeted and effective.
Categories of processed data
  • Click data
  • Impression data
  • Conversion data
  • Geographical data
  • Device information
  • Browser information
  • IP addresses
Recipient categories
  • Employees of medneo
  • Google employees
Third country data transfer
  • Yes, certification under the EU-U.S. Data Privacy Framework is available.Google LLC
    1600 Amphitheatre Parkway
    Mountain View, CA 94043 USA
Legal basis
  • Art. 6 para. 1 a) DSGVO (consent)
Storage durationThe concrete storage period of the processed data cannot be influenced by us, but is determined by Google. Further information can be found in the privacy policy for Google Ads: https://policies.google.com/privacy .
ProcessingGoogle Analytics
PurposeGoogle Analytics uses cookies and other browser technologies to evaluate user behavior and recognize users.

This information is used, among other things, to compile reports on the activity of the website

Categories of processed data
  • Click data
  • Impression data
  • Conversion data
  • Geographical data
  • Device information
  • Browser information
  • IP addresses
daniCategories of recipients
  • Employees of medneo
  • Google employees
Third country data transfer
  • Yes, certification under the EU-U.S. Data Privacy Framework is available.

Google LLC
1600 Amphitheatre Parkway
Mountain View, CA 94043 USA

Legal basis
  • Art. 6 para. 1 a) DSGVO (consent)
Storage durationThe concrete storage period of the processed data cannot be influenced by us, but is determined by Google. Further information can be found in the privacy policy for Google Ads: https://policies.google.com/privacy .
ProcessingGoogle DoubleClick
PurposeDoubleClick is a brand of Google, under which mainly special online marketing solutions are marketed to advertising agencies and publishers. DoubleClick by Google transfers data to the DoubleClick server with each impression as well as with clicks or other activities.
Categories of processed data
  • Click data
  • Impression data
  • Conversion data
  • Geographical data
  • Device information
  • Browser information
  • IP addresses
Recipient categories
  • Employees of medneo
  • Google employees
Third country data transfer
  • Yes, certification under the EU-U.S. Data Privacy Framework is available.Google LLC
    1600 Amphitheatre Parkway
    Mountain View, CA 94043 USA
Legal basis
  • Art. 6 para. 1 a) DSGVO (consent)
Storage durationThe concrete storage period of the processed data cannot be influenced by us, but is determined by Google. Further information can be found in the privacy policy for Google Ads: https://policies.google.com/privacy .
ProcessingreCAPTCHA
PurposeGoogle reCAPTCHA enables us to distinguish whether a contact request originates from a natural person or is automated by means of a program.
Categories of processed data
  • IP address
  • Info about the operating system
  • Mouse and keyboard behavior
  • Date and language settings
  • All javascript objects
  • Screen resolution
Recipient categories
  • Employees of medneo
  • Google employees
Third country data transfer
  • Yes, certification under the EU-U.S. Data Privacy Framework is available. Google LLC,
    1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Legal basis
  • Art. 6 para. 1 a) DSGVO (consent)
Storage durationThe concrete storage period of the processed data cannot be influenced by us, but is determined by Google. Further information can be found in the privacy policy for Google Ads: https://policies.google.com/privacy .
ProcessinghCaptcha
PurposehCaptcha is a service provided by Intuition Machines, Inc. and allows us to distinguish whether a contact request originates from a natural person or is automated by means of a program.
Categories of processed data
  • IP address
  • Info about the operating system
  • Mouse and keyboard behavior
  • Date and language settings
  • All javascript objects
  • Screen resolution
Recipient categories
  • Employees of medneo
  • Employees of hCaptcha
Third country data transfer
  • Yes, certification under the EU-U.S. Data Privacy Framework is available.Machines, Inc, 350 Alabama St, San Francisco, CA 94110, United States
Legal basis
  • Art. 6 para. 1 a) DSGVO (consent)
Storage durationThe concrete storage period of the processed data cannot be influenced by us, but is determined by Google. Further information can be found in the privacy policy for Google Ads: https://policies.google.com/privacy .
ProcessingLiveChat
PurposeLiveChat Widget is a service of LiveChat, Inc. and provides us with the ability to communicate via chat with visitors to our website and provide targeted assistance with issues.
Categories of processed data
  • User identification
  • Communication data
  • Website usage data
  • Device information
  • Geographical data
Recipient categories
  • Employees of mendneo
  • Employees of LiveCha Inc.
Third country data transfer
  • Yes, certification under the EU-U.S. Data Privacy Framework is available.LiveChat Inc.
    101 Arch Street, 8th Floor, Boston MA 02110, United States of America
Legal basis
  • Art. 6 para. 1 a) DSGVO (consent)
Storage durationThe specific storage period of the processed data cannot be influenced by us, but is determined by LiveChat, Inc. For more information, please see the privacy policy for LiveChat Widget: https://www.livechatinc.com/legal/privacy-policy/.

Applications

ProcessingApplicant Management
PurposeReceiving applications in response to job advertisements and unsolicited applications, to review applications and make hiring or rejection decisions.
Categories of processed data
  • Contact details
  • Letter of motivation, if applicable
  • Resume
  • Qualifications
  • Proof of experience (references)
Recipient categories
  • Employees of mendneo
  • Employees of processors
Third country data transfer
  • no
Legal basis
  • Art. 6 para. 1 b) DSGVO (performance of contract
Storage durationIf hired: after transfer to personnel file and if rejected: 6 months after rejection.

Rights of the data subjects

If your personal data is processed, you are a data subject within the meaning of the GDPR. You are therefore entitled to the following rights vis-à-vis the controller:

RIGHT OF ACCESS, ART. 15 GDPR

Pursuant to Art. 15 DSGVO, you have the right to request confirmation from us as to whether we are processing personal data relating to you. If this is the case, you can request the following information from us: Processing purposes; Category of personal data processed; Recipients or categories of recipients to whom your data has been or will be disclosed; Planned storage period or, if concrete information on this is not possible, criteria for determining the storage period; Existence of a right to rectification, erasure, restriction of processing or objection; Existence of a right to lodge a complaint with a supervisory authority; Origin of your data, if it has not been collected by us; Existence of automated decision-making including „profiling“ and, if applicable. meaningful information on their details; transfer of the personal data to a third country or to an international organization; appropriate guarantees pursuant to Art. 46 DSGVO in connection with the transfer.

RIGHT OF RECTIFICATION

In accordance with Art. 16 DSGVO, you have the right to request the correction or completion of your personal data stored by us without delay.

RIGHT TO RESTRICT PROCESSING

Pursuant to Art. 18 DSGVO, you have the right to request the restriction of the processing of your personal data, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure and we no longer need the data, but you need it for the assertion, exercise or defense of legal claims or you have objected to the processing pursuant to Art. 21 DSGVO.

RIGHT TO DELETION

Pursuant to Art. 17 DSGVO, you have the right to request the deletion of your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the assertion, exercise or defense of legal claims.

RIGHT TO INFORMATION

If you have asserted the right to rectification, erasure or restriction of processing against medneo GmbH as the controller, we are obligated pursuant to Art. 19 DSGVO to notify all recipients to whom the personal data concerning you has been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort. You have the right against medneo GmbH to be informed about these recipients.

RIGHT TO DATA PORTABILITY

In accordance with Art. 20 DSGVO, you have the right to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request that it be transferred to another controller.

RIGHT OF OBJECTION

According to Art. 21 DSGVO, you have the right to revoke your consent at any time. We will then no longer process the personal data relating to you unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

If the personal data concerning you is processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to „profiling“ insofar as it is related to such direct marketing. If you object to the processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes.

RIGHT TO REVOKE THE DECLARATION OF CONSENT UNDER DATA PROTECTION LAW

Pursuant to Art. 7 (3) DSGVO, you have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

RIGHT TO COMPLAIN TO A SUPERVISORY AUTHORITY

Pursuant to Art. 77 DSGVO, you have the right to complain to a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence, workplace or the place of the alleged infringement.

We reserve the right to change our privacy policy if this should be necessary due to new technologies. Please make sure that you have the current version. If fundamental changes are made to this privacy statement, we will announce them on our website.

Current status: October 2023