Privacy policy

We are pleased that you are interested in our company and our products and services and would like you to feel secure when visiting our website with regard to the protection of your personal data. We want you to know when we store which data and how we use it. We are subject to the provisions of the European General Data Protection Regulation (GDPR) and the supplementary regulations of the German Federal Data Protection Act (FDPA). To ensure that the regulations on data protection are observed both by us and by service providers commissioned by us, we have taken appropriate technical and organizational measures.

This data protection information applies to our online offers. This includes our websites, their functions and content as well as external online presences, such as our presences in social media. This general data protection information also serves to inform you about further processing of your personal data and our fulfillment of the information obligations towards you.

The terms used in this privacy notice, such as data controller or personal data, are used in accordance with the definitions of the GDPR. For reasons of readability and thus also in the sense of a comprehensible provision of information, the naming of individual articles, paragraphs or the like is generally omitted.

Data Controller

The responsible party within the meaning of the GDPR and other national data protection laws of the member states as well as other data protection regulations is the

Resuscitec GmbH
BioTechPark Freiburg
Engesserstr. 4a
79108 Freiburg im Breisgau
Phone: +49 761 557769-0
Email: info@resuscitec.de

Data protection officer

The responsible party has appointed a data protection officer. His contact details are

Holger Hermann
Bechtle GmbH IT System House Freiburg
79108 Freiburg im Breisgau
Email: privacy@resuscitec.de

For questions, suggestions or comments on the subject of data protection and to enforce your rights listed below, please contact our data protection officer.

General information on data processing

Legal basis for the processing of personal data

Within the framework of data protection law, the processing of personal data is generally not permitted unless there is a legally permissible reason for processing. We are obliged to inform you about the legal basis for data processing.

If we obtain your consent for processing operations of personal data, this serves as the legal basis.

When processing personal data that is necessary for the performance of a contract to which you are a party, the performance of the contract serves as the legal basis. This also applies to processing operations that are necessary for the performance of pre-contractual measures.

Insofar as processing of personal data is necessary for compliance with a legal obligation to which we are subject, this serves as the legal basis.

In the event that vital interests of the data subject or another natural person make processing of personal data necessary, this serves as the legal basis. If the processing is necessary to protect a legitimate interest of our company or a third party and if these interests, your fundamental rights and freedoms do not override, this serves as the legal basis for the processing.

Data transfer to third countries

The GDPR ensures a uniformly high level of data protection within the European Union (EU) and the European Economic Area (EEA). When selecting our service providers and cooperation partners, we therefore rely on European partners wherever possible if your personal data is to be processed.

If we have your data processed in a third country – i. e. outside the EU/EEA – this is always done in accordance with the legal requirements.

In addition to your express consent or contractually or legally required transfer, we only have your data processed in third countries with a recognized level of data protection, through a contractual obligation by so-called standard contractual clauses of the EU Commission, in the presence of certifications or binding corporate rules.

Existence of automated decision making

We do not use automated decision making.

Recipients of the data / categories of recipients

Within our company, we ensure that only those persons receive your data who need them to fulfill contractual and legal obligations.

In some cases, we use carefully selected external service providers to process your data. If data is passed on to service providers to be processed on our behalf, this is done within the framework of the requirements of the GDPR. Our processors are carefully selected, bound by our instructions and are checked at regular intervals. We only commission processors who offer sufficient guarantees that appropriate technical and organizational measures are taken in such a way that the processing is carried out in accordance with the requirements of GDPR and FDPA and ensures the protection of your rights.

Disclosure of personal data to third parties

As a matter of principle, we do not pass on any personal data to third parties without your express consent. If, in the course of processing, we nevertheless disclose your data to third parties, transmit it to them or otherwise grant them access to the data, this will also take place exclusively on the basis of one of the aforementioned legal grounds.

For example, we transmit data to payment service providers or suppliers if this is necessary for the performance of the contract. If we are obliged to do so by law or by court order, we must transfer your data to the respective authorities entitled to receive the information.

Use of our online services

In principle, you can use our online services without disclosing your identity. In this section, we explain when and in what context we process data when you use our online offers, which offers from service providers we have implemented, how they work and what happens to your data.

Children

Our offer is basically aimed at adults. Persons under 16 years of age may not transmit any personal data to us without the consent of their parents or legal guardians.

Transport encryption

To protect your transmitted data in the best possible way, we use a so-called transport encryption. To ensure the security of your data during the transmission process, we use a state-of-the-art SSL/TLS encryption process.

Data collection when visiting our websites

If you use our websites for information purposes only, i. e. you do not register for an offer, conclude a contract with us or otherwise disclose information to us, we only collect the personal data that your browser transmits to our servers.

When you call up our websites, we collect the following data, which is technically necessary for us to be able to display our websites to you and to ensure stability and security:

This data is temporarily stored in the log files of our system for a maximum of seven days. Storage beyond this period is possible, but in this case the IP addresses are shortened or alienated so that it is no longer possible to assign the calling client. In this context, the log files are not stored together with other personal data relating to you. The legal basis for these processing operations is our legitimate interest.

Since the collection of data to display the websites and the storage of the data in log files is absolutely necessary for the operation of our websites and the maintenance of IT security, you have no possibility to object in this respect.

Inquiries to us

If you send us an inquiry via our website – for example, by using the contact form – your personal data will be processed in order to respond to your inquiry.

Use of cookies

General information on the use of cookies

In addition to the previously mentioned data, cookies are stored on your terminal device when you use our websites. Cookies are data records that can be sent from a website to the browser, which stores them and sends them back again. Different data can be stored in cookies, which are read by the body that sets the cookie. They usually contain a characteristic string of characters (ID) that enables the browser to be uniquely identified when the website is called up again or when a page is changed. Their primary purpose is to make our online services more user-friendly and effective overall. The user data collected in cookies is pseudonymized by technical precautions, which means that it is generally no longer possible to assign the data to a specific user. Insofar as an identifiability is given, such as in the case of a login cookie, whose session ID is necessarily linked to the user’s account, we will point this out to you at the appropriate place.

We use different types of cookies:

In addition to so-called “first-party cookies” that are set by us as the data controller, “third-party cookies” that are offered by other providers, are also used.

Information about services used
Cookie Management Tool

We use a cookie management tool. This allows you to manage the cookies we use as well as the consents you have given, to find out more information about data processing using cookies and to view the purpose and storage period of the cookies used.

Information on data processing by third parties
Google Analytics

If you have given your consent, Google Analytics is used on this website. This is a web analytics service provided by Google LLC, Gordon House, Barrow Street, Dublin 4, Ireland, (hereinafter referred to as Google). This makes it possible to assign data, sessions and interactions across multiple devices to a pseudonymous user ID and thus analyze the activities of a user across devices.

Google Analytics uses cookies that enable an analysis of your use of the website. The information generated by the cookie about your use of the website will be transmitted to and stored by Google on servers in the United States. In the event that IP anonymization is activated on this website, however, your IP address will be truncated beforehand by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area.

We have extended Google Analytics on this website with a so-called IP anonymization to ensure only a shortened collection and transmission of IP addresses. The IP address transmitted by your browser as part of Google Analytics is not merged with other data from Google. However, we would like to expressly point out at this point that Google generally processes data for its own purposes, in particular also for the purpose of providing its web analysis and tracking service. Within the scope of Google Analytics, further usage data is collected that is to be assessed as personal data, such as identification features of the individual users, which also allow a link to an existing Google account, for example.

The following usage data is evaluated on our site by Google Analytics:

On our behalf, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity for our website operators.

The legal basis for the use of Google Analytics is your voluntarily given consent.

You can find more information about Google’s terms of use and data protection here and here.

Recipients / categories of recipients

The recipients / categories of recipients of the collected data can be found in our Cookie Management Tool.

Duration of data storage

You can find out how long the cookies are stored on your terminal device from our Cookie Management Tool.

Online services in social media

We offer online services on various platforms in order to provide information there and to be able to contact you.

We have no influence on the processing of personal data by the respective platform operator. As a rule, when you visit our offers there, cookies are stored in your browser by the platform operator, in which your usage behavior or interests are stored for market research and advertising purposes.

The usage profiles obtained in this way – usually across devices – are used by the platform operators to display personalized advertising to you. Data processing may also affect persons who are not registered as users with the respective platform. Under certain circumstances, your data may be processed outside the area of the European Union, which may make it more difficult to enforce your rights. However, when selecting such platforms, we make sure that the operators undertake to comply with EU data protection standards.

The processing of your personal data when visiting one of our offers on social media is based on our legitimate interests in a diverse external presentation of our company and the use of an effective information opportunity and communication with you.

Detailed information about data processing in connection with the use of our offers on these platforms, objection options and the assertion of information rights can be obtained from the privacy policy of the relevant platform operator.

YouTube

Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland

Privacy policy of the provider

LinkedIn

LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland.

Agreement on the joint processing of personal data in accordance with the requirements of the GDPR.

Privacy policy of the provider

Xing

XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany.

Privacy policy of the provider

Commercial and business services

We process data of our contractual and business partners, e.g., suppliers, customers and interested parties (hereinafter referred to as business partners) within the scope of contractual or comparable legal relationships as well as related measures and within the scope of communication with our business partners.

We process this data to fulfill our contractual obligations, to secure our rights and for the purposes of related administrative tasks as well as our business organization. We disclose the data of our business partners to third parties within the framework of applicable law only to the extent that this is necessary for the aforementioned purposes or for the fulfillment of legal obligations or with the consent of the data subjects (e.g. to participating telecommunications, transport and other auxiliary services as well as subcontractors, banks, tax and legal advisors, payment service providers or tax authorities). Contractual partners will be informed about other forms of processing, e.g. for marketing purposes, as part of this data protection notice.

We inform our business partners which data is required for these purposes before or in the course of data collection or personally.

Deletion of data and storage period

As soon as the purpose for processing ceases to apply, we delete or block your personal data. However, data may be stored beyond this period if this is required by legal regulations to which we are subject. This applies in particular to data that must be retained for legal archiving reasons (e.g. for commercial law reasons usually for 6 years or for tax law reasons usually for 10 years).

Processed data:

Inventory data (e.g. names, addresses), payment data (e.g. bank details, invoices, payment history), contact data (e.g. e-mail, telephone numbers), contract data (e.g. subject of contract, term)

Purposes of processing:

Provision of contractual services and customer service, contact requests and communication, internal organizational procedures, administration and response to requests

Legal bases:

Contract performance/pre-contractual inquiries, Legal obligation, legitimate interests

Applications

When you apply for a job with us, the data you provide – such as your contact details and qualifications – will be used exclusively to process the application procedure.

We use an online application portal to organize applications. When using this online portal, the following personal data is processed (title, first name, last name, street and house number, postal code and city, e-mail address, telephone/mobile number, free field for application letters, attachment upload for application letters and documents). The transmission of the data is encrypted.

Your data will be forwarded internally to the responsible department heads. We process your personal data for the purpose of your application for an employment relationship, insofar as this is necessary for the decision on the establishment of an employment relationship with us.

Furthermore, we may process personal data about you insofar as this is necessary for the defense of asserted legal claims against us arising from the application process.

Your data will generally be deleted 6 months after completion of the application process, unless otherwise agreed with the applicant (see, among other things, inclusion in the applicant pool). If your application is followed by the conclusion of an employee contract, the data will be included in the personnel file.

How long will your data be stored?

We store your personal data for as long as is necessary for the decision on your application. Insofar as an employment relationship between you and us does not come about, we may continue to store data beyond this, insofar as this is necessary for the defense against possible legal claims. In this case, the application documents will be deleted 6 months after notification of the rejection decision, unless longer storage is required due to legal disputes.

Inclusion in the applicant pool

We will be happy to include your application in an applicant pool. Your consent is required for this. You can give this consent by activating the corresponding option before sending your application.

If your application documents in the applicant pool are not used by us within one year, your application documents will be automatically deleted.

No automated decision making

No automated decision-making takes place in individual cases, which means that the decision about your application is not based exclusively on automated processing.

Your rights as a data subject

As a data subject, you are entitled to various rights, which we would like to inform you about below. Depending on the reason and type of processing of your personal data, you are entitled to the rights described in the following sections.

Your right to information

As a data subject, you have the right to know from us whether we are processing personal data about you and, if so, what personal data we are processing about you.

You also have the right to request from us a copy of your personal data that is the subject of processing.

Your right to rectification

You have the right to request that we correct any personal data that you consider to be inaccurate without undue delay.

You also have the right to request us to complete such personal data that you consider incomplete.

Your right to deletion

If the legal requirements are met, you can request the deletion of your personal data.

This is the case, for example, if we process your data based on your consent and you revoke it.

However, we may not delete data, for example, if we have to store it due to legal retention periods. We also cannot comply with your deletion request if it is necessary for us to process your personal data in order to assert, exercise or defend legal claims.

Your right to restriction of processing

Under certain conditions, you as a data subject have the right to demand that we restrict the processing of your personal data.

One of these conditions is, for example, that you dispute the accuracy of your personal data. Or also the case in which we no longer need your personal data, but you need this data to assert, exercise or defend legal claims.

Your right to object

If we process your personal data, on the basis of a legitimate interest, you have the right to object to this processing if this arises due to your particular personal situation.  However, this right of objection does not exist insofar as there is a compelling public interest in the processing which outweighs your interest, a legal provision obliges us to process or the processing serves the assertion, exercise or defense of legal claims.

If we use your personal data for direct marketing, then you have the right to object at any time to processing for the purpose of such marketing. If you object to processing for this purpose, your personal data will no longer be processed for this purpose.

If we process your data based on your consent, then you have the right to revoke your consent at any time with effect for the future. Your revocation does not affect the lawfulness of the processing that took place until the revocation.

Your right to data portability

You only have this right with regard to personal data that you have provided to us yourself. You have the right to request that we transfer this personal data directly to another controller.

Alternatively, you have the right to request that we provide you with your data in a machine-readable format. However, this only applies if we process your personal data on the basis of your consent or on the basis of a contract and the processing is carried out with the help of automated processes.

Complaint to the supervisory authority

You also have the right to lodge a complaint with a supervisory authority if you believe that the processing of personal data concerning you violates data protection laws.

Changes

This privacy policy will be adjusted from time to time. These adjustments are made, for example, when changes occur due to technical progress, legal requirements or other influences.

Version status: May 2021