We take privacy seriously
Protecting your privacy during the processing of personal data is an important concern for us. When you visit our website, our web servers automatically save the IP address of your Internet service provider, the website from which you visit us, the pages on our website that you visit, and the date and duration of your visit. This information is necessary for the technical functionality of the webpages and the secure operation of the server. A personalised evaluation of this data is not carried out.
If you send us information via the contact form, this data will be stored on our servers in the course of data backup. Your data will be used by us exclusively to process your request. Your data will be handled in a strictly confidential manner. Your data will not be passed on to third parties.
medi UK Ltd.
HR4 0EL Hereford
Phone: 01432 373500
Fax: 01432 373510
Personal data are data about yourself. This includes your name, your address and your Email address. You are not obligated to disclose any personal data in order to visit our website. In some cases, we need your name and address as well as further information to be able to offer you the service you require.
The same applies if we supply you with informative material on request or if we answer your enquiries. We will always notify you in such cases. Otherwise, we only save data that you have automatically or voluntarily submitted to us.
When you use our services, we normally only collect data that are necessary to be able to offer you our services. We may ask you for further information on a voluntary basis. Whenever we process personal information, we do so in order to provide you with our services or to pursue our commercial interests.
Server log files
Website providers automatically collect and store information in so-called server log files, which your browser automatically transmits to us.
- Data and time of the request
- Name of the requested file
- Page from which the file was requested
- Access status (file transferred, file not found, etc.)
- the web browser and operating system used
- complete IP address of the computer making the request
- amount of data transmitted
This data is not combined with other data sources. The processing is carried out in accordance with Art. 6(1)(f) DSGVO on the basis of our legitimate interest in improving the stability and functionality of our website.
This data is stored by us for security reasons, especially with regard to the prevention of attempts to attack our web server. It is not possible for us to draw conclusions regarding individuals based on this data. The data remains on our web server for 21 days and on a log server for 6 months. The data is processed for statistical purposes only; it is not compared with other datasets or passed on to third parties, even in extracts.
A web service of Cybot A/S, Havnegade 39, 1058 Copenhagen (hereinafter: cookiebot.com) is reloaded on our website. We use this data to ensure full functionality of our website. Your browser or personal data is transferred to cookiebot.com in this context.
The legal basis for data processing is Art. 6 (1)(f) GDPR and Art. 6 (1)(c) GDPR.
The legitimate interest here is in trouble-free functioning of the website. The data is deleted as soon as the purpose of its collection has been fulfilled. You can find more information on handling of the transferred data in the Data Protection Statement of cookiebot.com under: www.cookiebot.com/de/privacy-policy/
Google Tag Manager
Google Analytics 4 with anonymisation functionality
We use Google Analytics 4, a web analytics service provided by Google Ireland Limited, hereinafter “Google”, on our website. Google Analytics 4 uses “cookies”, which are text files placed on your computer, to help the website analyse how users use the site. The information collected by means of these cookies about your use of this website is generally transferred to a Google server in the USA and stored there.
We use the User ID function. The User ID allows us to assign a unique, persistent ID to one or more sessions (and the activities during those sessions) and to analyse user behaviour across devices.
We use Google Signals. This allows Google Analytics 4 to collect additional information about users who have activated personalised ads (interests and demographics) and ads can be delivered to these users in cross-device remarketing campaigns.
The anonymisation of IP addresses is activated by default with Google Analytics 4. Due to IP anonymisation, your IP address will be truncated by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. According to Google, the IP address transmitted by your browser as part of Google Analytics 4 is not merged with other Google data.
During your visit to the website, your user behaviour is recorded in the form of “events”. Events may include:
- Page views
- First visit to the website
- Start of the session
- Your “click path”, interaction with the website
- Scrolls (whenever a user scrolls to the end of the page (90%))
- Clicks on external links
- Internal search queries
- Interaction with videos
- Downloaded files
- Ads seen / clicked
- Language settings
The following is also recorded:
- Your approximate location (region)
- Your IP address (in truncated form)
- Technical information about your browser and the end devices you use (e.g. language setting, screen resolution)
- Your internet provider
- The referrer URL (via which website/advertising medium you came to this website)
- User ID
- Demographic data
Google will use this information for the purpose of evaluating your usage of our website, compiling reports on website activities for us, and carrying out further services relating to website activity and Internet usage.
Google will transfer data to third parties only on the basis of statutory requirements or as part of contract data processing. Under no circumstances will Google combine your data with other data collected by Google. The data will only be passed on to Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA and Alphabet Inc, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA.
The data sent by us and linked to cookies are automatically deleted after 14 months. The deletion of data the retention period of which has been reached takes place automatically once a month.
The legal basis for this data processing is your consent pursuant to Art. 6 Para. 1 Sent. 1 lit. a GDPR.
If you visit our website from a mobile device (smartphone or tablet), you will need to click this link instead to prevent Google Analytics 4 from tracking you within this site in the future. This is also possible as an alternative to the above browser Add-On. By clicking the link, an opt-out cookie is set in your browser and is valid only for this browser and this domain. If you delete the cookies in this browser, the opt-out cookie will also be deleted, so you will have to click the link again.
If you’ve agreed that Google may link your web and app browsing history to your Google Account and use information from your Google Account to personalise ads, Google will use your information in conjunction with Google Analytics data to create target audience lists for remarketing purposes across multiple devices. Google Analytics 4 will first collect your Google-authenticated ID on our website, which is linked to your Google account (i.e. personal data). Google Analytics will then temporarily associate your ID with your Google Analytics 4 data to optimise our target audiences.
If you do not agree, you can turn it off via the corresponding settings in the “My Account” section of your Google Account.
For further information on the use of “cookies” on our website and on revocation, please refer to the last section “Cookies”.
Google will transfer data to third parties only on the basis of statutory requirements or as part of contract data processing. Under no circumstances will Google combine your data with other data collected by Google.
In addition, you can prevent Google from collecting and processing the data generated by the cookies, as well as the data related to your use of the webpages, by downloading and installing the browser plug-in available under the following link under the item DoubleClick deactivation extension. Alternatively, you can disable Doubleclick cookies with this opt-out.
We use the provider Vimeo for the integration of videos, among others things. Vimeo is operated by Vimeo, LLC headquartered at 555 West 18th Street, New York, New York 10011.
On some of our webpages, we use plugins of the provider Vimeo. If you access the webpages of our website with such a plugin – for example, our media library – a connection to the Vimeo servers will be established, and the plugin will be displayed. By doing so, the Vimeo server will be informed which of our webpages you have visited. If you are logged in as a member of Vimeo, Vimeo will assign this information to your personal user account. When using the plugin, e.g., clicking the start button of a video, this information is also assigned to your user account. You can prevent this assignment by logging out of your Vimeo user account before using our website and deleting the corresponding cookies from Vimeo.
Further information on data processing and privacy at Vimeo can be found at https://vimeo.com/privacy.
YouTube in Privacy-Enhanced Mode
We use the YouTube embedding function to display and play videos from the provider YouTube (hereinafter “YouTube”), which belongs to Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter “Google”).
The privacy-enhanced mode is used here, in which, according to the provider, the storage of user information is only triggered when the video(s) is/are played. If the playback of embedded YouTube videos is started, the provider uses YouTube cookies or comparable recognition technologies to collect information about user behaviour. According to information from YouTube, these are used for purposes including the collection of video statistics, the improvement of user-friendliness and the prevention of abusive behaviour. The YouTube server is informed about which of our pages you have visited. If you are logged in to Google, your data will be directly assigned to your account when you click on a video. If you do not want your data to be assigned to your YouTube profile, you must log out before activating the button. Google stores your data (even for users who are not logged in) as user profiles which it then evaluates. Such an evaluation is carried out according to Art. 6 (1)(f) GDPR on the basis of Google's legitimate interests in the display of personalised advertising, market research and/or the needs-based design of its website. You have the right to object to the creation of these user profiles. You must contact YouTube to exercise this right.
You can object to YouTube’s analysis of user behaviour and targeted advertising by clicking on the following link: https://tools.google.com/dlpage/gaoptout?hl=en
We operate a Facebook page (“fanpage”) on Facebook, a service provided by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.
Facebook collects and uses data to provide analysis services (“Page Insights”) to page operators in order to offer them insights into how people interact with their pages and the content associated with them. This data includes information about the types of content users view or interact with, or the actions they take, as well as information about the devices users use, such as IP addresses, the operating system, browser type, language settings and cookie data.
We are jointly responsible with Facebook Ireland Ltd. for the collection and processing of data from visitors to our fanpage. The legal basis is our legitimate interest in this information for advertising purposes, Art. 6 (1)(1)(f) GDPR. That is why we have entered into a shared responsibility agreement with Facebook in relation to the processing of your data in accordance with Art. 26 GDPR. The agreement with Facebook also stipulates in particular which security measures Facebook must observe and that Facebook must comply with the rights of data subjects.
You can find further information on page insights and on how to assert your data subject rights in “Information on page insights”. Click here to view the terms of the contract concluded with Facebook.
We have taken technical and administrative security precautions to protect your personal data against loss, destruction, manipulation and unauthorised access. All our employees and service providers working for us are obliged to comply with the applicable privacy laws.
Whenever we collect and process personal information, it is encrypted before it is transmitted. This means that your data cannot be misused by third parties. Our security precautions are subject to a continuous improvement process and our privacy policies are constantly being revised. Please make sure that you have the latest version.
Data transfers to third countries
If we process data in countries outside the European Economic Area (“EEA”), we protect it based on an adequacy decision of the EU Commission Art. 45 (1) GDPR or use the standard contractual clauses of the EU Commission in accordance with Art. 46 (2)(c) GDPR when structuring contractual relationships with recipients in third countries.
We will store your data,
- if you have consented to the processing thereof, only until you withdraw your consent;
- if we need the data to perform a contract, only for as long as the contractual relationship with you exists;
- if we use the data on the basis of a legitimate interest, only as long as your interest in deletion or anonymisation does not outweigh this legitimate interest;
- if statutory retention obligations exist, until the end of the retention periods.
Social Buttons of Facebook, Instagram, YouTube, Twitter, Pinterest, LinkedIn
On our website, we use social buttons from social media networks. These are merely integrated as HTML links into the website, meaning that when you call up our website, no connection is established with the servers of the respective provider. If you click on one of the buttons, the website of the respective social network opens in a new window of your browser. There you can press the like or share button, for example.
You have the right at any time to request information, correction, deletion or restriction of the processing of your stored data; a right to object to the processing; as well as the right to data portability and to lodge a complaint in accordance with the requirements of privacy law.
Right of access:
You can request information from us as to whether and to what extent we process your data.
Right to rectification:
If we process your data that is incomplete or inaccurate, you may request that we correct or supplement it at any time.
Right to erasure:
You can demand that we delete your data if we process it unlawfully or if the processing disproportionately interferes with your justifiable protection interests. Please note that there may be reasons that prevent an immediate erasure, e.g., in the case of legally stipulated retention obligations.
Irrespective of the exercise of your right to deletion, we will delete your data immediately and completely, insofar as there is no contractual or statutory obligation to retain data in this respect.
Right to restrict processing:
You can ask us to restrict the processing of your data if
- you dispute the accuracy of the data for a period of time that allows us to verify the accuracy of the data,
- the processing of the data is unlawful, but you decline to delete it and instead demand a restriction on the use of the data,
- we no longer need the data for the intended purpose, but you still need this data to file or defend legal claims, or
- you have objected to the processing of the data.
Right to data portability:
You may request that we provide you with the information you have provided to us in a structured, standard and computer-readable format and that you may provide that information to another representative without interference from us, provided that we process this data on the basis of an agreement given and revocable by you or for the fulfilment of a contract between us, and that such processing is carried out using automated procedures. If technically feasible, you may request us to transfer your data directly to another representative.
Right to object:
If we process your data for legitimate reasons, you may object to such processing at any time. We will then no longer process your data unless we can prove compelling and protection-worthy grounds for the processing which outweigh your interests, rights and freedoms or if the processing serves the assertion, exercise or defence of legal claims. You can object to the processing of your data for the purpose of direct marketing at any time without giving reasons.
Right to appeal:
If you are of the opinion that we have violated German or European data protection law when processing your data, please contact us so that we can clarify any questions you may have. Of course, you also have the right to contact the competent regulatory authority for you, the respective regional office for data protection supervision.
If you wish to exercise any of the aforementioned rights against us, please contact our data protection officer. In case of any doubt, we may request additional information to confirm your identity.
Are you an applicant, customer, specialist dealer or supplier? You will find our privacy notice here.
All interested parties and visitors to our website can contact us with questions about privacy at:
represented by Prof. Dr. Christoph Bauer
Große Bleichen 21