Privacy at a glance

We take privacy seriously

Protecting your privacy during the processing of personal data is an important concern for us. When you visit our website, our web servers automatically save the IP address of your Internet service provider, the website from which you visit us, the pages on our website that you visit, and the date and duration of your visit. This information is necessary for the technical functionality of the webpages and the secure operation of the server. A personalised evaluation of this data is not carried out.

If you send us information via the contact form, this data will be stored on our servers in the course of data backup. Your data will be used by us exclusively to process your request. Your data will be handled in a strictly confidential manner. Your data will not be passed on to third parties.

Responsible party:
medi UK Ltd.
Plough Lane
Hereford HR4 OEL
Great Britain
phone: +44 1432 37 35 00
fax: +44 1432 37 35 10
e-mail: enquiries@mediuk.co.uk

Personal data

Personal data are data about yourself. This includes your name, your address and your Email address. You are not obligated to disclose any personal data in order to visit our website. In some cases, we need your name and address as well as further information to be able to offer you the service you require.

The same applies if we supply you with informative material on request or if we answer your enquiries. We will always notify you in such cases. Otherwise, we only save data that you have automatically or voluntarily submitted to us.

When you use our services, we normally only collect data that are necessary to be able to offer you our services. We may ask you for further information on a voluntary basis. Whenever we process personal information, we do so in order to provide you with our services or to pursue our commercial interests.

Stored data

Server log files

Server log files

Website providers automatically collect and store information in so-called server log files, which your browser automatically transmits to us. 


These are:

  • Data and time of the request
  • Name of the requested file
  • Page from which the file was requested
  • Access status (file transferred, file not found, etc.)
  • The web browser and operating system used
  • Complete IP address of the computer making the request
  • Amount of data transmitted


This data is not combined with other data sources. The processing is carried out in accordance with Art. 6(1)(f) DSGVO on the basis of our legitimate interest in improving the stability and functionality of our website. 


This data is stored by us for security reasons, especially with regard to the prevention of attempts to attack our web server. It is not possible for us to draw conclusions regarding individuals based on this data. The data remains on our web server for 21 days and on a log server for 6 months. The data is processed for statistical purposes only; it is not compared with other datasets or passed on to third parties, even in extracts.

Cookies

Cookies

When you visit our website, we may store information on your computer in the form of cookies. Cookies are small files that are transferred from an Internet server to your browser and stored on your hard drive. The information stored in the cookies allows you to be automatically recognised the next time you visit our website, which will make it easier for you to use the site. The legal basis for the use of cookies is your consent in accordance with Art. 6 (1)(a) GDPR or, for necessary cookies, our legitimate interest in accordance with Art. 6 (1)(f) GDPR. Our legitimate interests are in maintaining the functionality and security of the website, protection against misuse and improving our service.


Of course, you can also visit our website without accepting cookies. If you do not want your computer to be recognised the next time you visit, you can also refuse the use of cookies by changing the settings in your browser to “refuse cookies”. The respective procedure can be found in the settings of your browser. If you reject the use of cookies, however, there may be restrictions on the use of some areas of our website.

Cookiebot

Cookiebot

A web service of Cybot A/S, Havnegade 39, 1058 Copenhagen (hereinafter: cookiebot.com) is reloaded on our website. We use this data to ensure full functionality of our website. Your browser or personal data is transferred to cookiebot.com in this context.


The legal basis for data processing is Art. 6 (1)(f) GDPR and Art. 6 (1)(c) GDPR. 


The legitimate interest here is in trouble-free functioning of the website. The data is deleted as soon as the purpose of its collection has been fulfilled. You can find more information on handling of the transferred data in the Data Protection Statement of cookiebot.com under: www.cookiebot.com/de/privacy-policy/

Google

Google Tag Manager

This website uses Google Tag Manager. The Tag Manager does not collect personal data. The tool activates other tags, which may collect data. Google Tag Manager does not access this data. If you have made a deactivation at the domain or cookie level, it will continue to persist for all tracking tags implemented with Google Tag Manager. You can find Google’s privacy policy for this tool at: https://www.google.com/analytics/terms/tag-manager/

Google Analytics with anonymisation functionality 

On our website, we use Google Analytics, a web analysis service by Google Ireland Limited hereinafter referred to as “Google”. Google Analytics uses so-called “Cookies”, which are text files that are saved on your computer that enable an analysis of your use of the website.


The information generated by these cookies, such as time, location and frequency of your visits to the website, including IP address, are transmitted to Google and saved there.


On our website, we use Google Analytics with the “_gat._anonymizeIp” tag. Through this, your IP address will already be truncated by Google within member states of the European Union or in other member states that are party to the Agreement on the European Economic Area.


Only in exceptional cases will the full IP address be transmitted to a Google Inc. server in the USA and anonymised there. 


Google will use this information for the purpose of evaluating your usage of our website, compiling reports on website activities for us, and carrying out further services relating to website activity and Internet usage. Google may also pass this information on to third parties where required to do so by law, or where such third parties process the information on Google’s behalf.


Google will not, according to its own account, associate your IP address with any other data held by Google. 


For more information on the use of cookies and your consent withdrawal options on our website, please refer to the “Cookies” section.


Google also offers an opt-out add-on for the most popular browsers, which gives you more control over what information Google collects about the websites you visit. The add-on indicates to the JavaScript (ga.js) of Google Analytics that no information about the website visit should be transmitted to Google Analytics. However, the Google Analytics opt-out browser add-on does not prevent information from being transmitted to us or to other web analytics services we may use. For further information on installing the browser Add-On, please click on the following link: https://tools.google.com/dlpage/gaoptout?hl=en-GB


If you visit our website from a mobile device (smartphone or tablet), you will need to click this link instead to prevent Google Analytics from tracking you within this site in the future. This is also possible as an alternative to the above browser Add-On. By clicking the link, an opt-out cookie is set in your browser and is valid only for this browser and this domain. If you delete the cookies in this browser, the opt-out cookie will also be deleted, so you will have to click the link again.


If you’ve agreed that Google may link your web and app browsing history to your Google Account and use information from your Google Account to personalise ads, Google will use your information in conjunction with Google Analytics data to create target audience lists for remarketing purposes across multiple devices. Google Analytics will first collect your Google-authenticated ID on our website, which is linked to your Google account (i.e. personal data). Google Analytics will then temporarily associate your ID with your Google Analytics data to optimise our target audiences.


If you do not agree, you can turn it off via the corresponding settings in the “My Account” section of your Google Account.

Google Ads Conversion Tracking

We use the online advertising programme “Google Ads” on our website and, in this context, conversion tracking. Google Conversion Tracking is an analytical service provided by Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”). If your usual residence is in the European Economic Area or Switzerland, Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is the controller of your data. Google Ireland Limited is therefore the Google affiliate responsible for processing your data and complying with the applicable data protection laws. The cookie for “conversion tracking” is placed on your computer when you click on an ad displayed by Google. These cookies remain valid for a limited period, do not contain any personal data and are therefore not used for personal identification. If you visit certain pages of our website and the cookie has not yet expired, we and Google can recognise that you have clicked on the ad and been redirected to this page. Each Google Ads client receives a different cookie. There is thus no possibility for cookies to be tracked through the websites of Ads clients. The information obtained with the help of the conversion cookie is used to create conversion statistics. This tells us the total number of users who have clicked on one of our ads and been redirected to a page that has a conversion tracking tag. However, we do not receive any information that personally identifies users. Your data may under certain circumstances be transferred to the USA. The data processing, in particular the placing of cookies, is carried out with your consent on the basis of Art. 6 1(a) GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on your prior consent until the point of its withdrawal.


Further information and the Google privacy policy can be found at: https://www.google.com/intl/en/policies/privacy/


For more information on the use of cookies on our website and your right to withdraw consent, please refer to the “Cookies” section. 

Google Web Fonts

Google Web Fonts are used to improve the visual presentation of various items of information on our website. (http://www.google.com/webfonts/). The web fonts are transferred to the browser’s cache when the site is accessed so that they can be used for the display. If the browser does not support Google Web Fonts or does not allow access, the text will be displayed in the default font. When the site is accessed, no cookies are stored for the website visitor. Data transmitted in connection with the site access is sent to resource-specific domains such as fonts.googleapis.com or fonts.gstatic.com. It will not be associated with data that may be collected or used in connection with the parallel use of authenticated Google services such as Gmail. You can set your browser so that the fonts are not loaded by the Google servers (e.g. by installing add-ons like NoScript or Ghostery for Firefox). If your browser does not support Google Fonts or if you block access to the Google servers, the text will be displayed in the default font of the system.


For information about Google Web Fonts’ privacy policy, please visit the following page: https://developers.google.com/fonts/faq#Privacy


For information about Google’s privacy policy and Google’s general terms and conditions, please visit Google directly: https://policies.google.com/privacy?hl=en-gb

Google reCaptcha

We use the reCaptcha service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter “Google”).


This query enables us to determine whether the entry has been created by a human or fraudulently by means of automated machine processing. The service includes the sending to Google of the IP address and, if necessary, additional data required by Google for the reCAPTCHA service. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 (1)(a) GDPR; this consent can be withdrawn at any time. The legality of any and all data processing operations previously carried out will not be affected by your withdrawal of consent. 


Otherwise, in accordance with Art. 6 (1)(f) GDPR, the use is based on our legitimate interest in establishing individual responsibility on the Internet and preventing misuse and spam. If the data processing is based on our legitimate interest, you can object to the processing at any time with future effect.  In the event that IP anonymisation is activated on this website, your IP address will, however, previously be truncated by Google within member states of the European Union or in other states that are party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. Google will use this information on behalf of the operator of this website to evaluate your use of this service. The IP address of your browser transmitted in the reCaptcha process will not be combined with other data by Google. This data is subject to the deviating Google data protection provisions.


You can find out more about the Google privacy policy at: https://www.google.com/intl/en/policies/privacy/.


For more information on the use of cookies on our website and your right to withdraw consent, please refer to the “Cookies” section.

Google Optimize

Our website uses the web analysis and optimisation service “Google Optimize”, which is provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter “Google Optimize”). We use Google Optimize to increase the attractiveness, content and functionality of our website by playing new functions and content to a percentage of our users and statistically evaluating the change in usage. Google Optimize is a sub-service of Google Analytics (see Google Analytics section).


Google Optimize uses cookies which make it possible to optimise and analyse your use of our website. The information generated by these cookies about your use of our website will generally be transferred to a Google server in the USA and stored there. We use Google Optimize with IP anonymisation activated so that your IP address is previously truncated by Google within member states of the European Union or in other states that are party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. Google will use this information to evaluate your use of our website, compile reports on the optimisation tests and related website activities and provide us with other services relating to website and Internet usage.


For more information on the use of cookies on our website and your right to withdraw consent, please refer to the “Cookies” section. 


You can prevent the storage of cookies by setting your Internet browser accordingly. In addition, you can prevent Google from collecting and processing the data generated by the cookie and the data related to your use of our website (incl. your IP address) by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en. You can find more detailed information on data collection and processing by Google in Google's privacy policy, which you can access at http://www.google.com/policies/privacy.

Google Doubleclick

Doubleclick by Google is a service by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). Doubleclick by Google uses cookies to show you advertisements that are relevant to you. A pseudonymous identification number (ID) is assigned to your browser in order to check which ads were displayed in your browser and which ads were accessed. The cookies contain no personal information. The use of DoubleClick cookies only allows Google and its affiliates to display ads based on previous visits to our or other websites. The information generated by the cookies is transferred by Google to a server in the United States for evaluation and is stored there.


Google will transfer data to third parties only on the basis of statutory requirements or as part of contract data processing. Under no circumstances will Google combine your data with other data collected by Google.


For more information about the use of cookies on our site, please see the section "Cookies".


In addition, you can prevent Google from collecting and processing the data generated by the cookies, as well as the data related to your use of the webpages, by downloading and installing the browser plug-in available under the following link under the item DoubleClick deactivation extension. Alternatively, you can disable Doubleclick cookies with this opt-out.

Social Media

Facebook Social Plugins

This website uses social media plugins provided by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. You can recognise these by the “thumbs up” button or the “f” logo with the blue background.

If you visit a page of our website that contains such a plugin, Facebook will be informed that your browser has visited the corresponding page of our website. If you are logged in to Facebook, Facebook can assign your visit to our website to your Facebook profile. If you interact with the plugins, for example by clicking the “Like” button or posting a comment, this information will also be transmitted directly to Facebook. The legal basis for the processing of your data is your consent, Art. 6 (1)(a) GDPR.

We have entered into a shared responsibility agreement with Facebook in relation to the processing of your data in accordance with Art. 26 GDPR, the terms of which you can view here.

You can withdraw your consent at any time with future effect:

  1. by deactivating the corresponding selection on our consent management platform;
  2. if you do not want Facebook to assign the data collected via our website directly to your Facebook profile, you can log out of Facebook before visiting our website;
  3. You can also completely prevent the loading of Facebook plugins with add-ons for your browser, e.g. for Mozilla Firefox: https://addons.mozilla.org/de/firefox/addon/facebook-blocker/

for Opera: https://addons.opera.com/en/extensions/details/facebook-blocker/?display=en
for Chrome: https://chrome.google.com/webstore/detail/facebookblocker/chlhacbfddknadmnmjmkdobipdpjakmc?hl=de

For more information on the use of cookies on our website, please refer to the “Cookies” section.
For more information about how Facebook processes personal data, including how to assert your rights as a data subject against Facebook Ireland, please refer to Facebook’s privacy policy at https://www.facebook.com/about/privacy. Other information on data collection: http://www.facebook.com/help/186325668085084, http://www.facebook.com/about/privacy/your-info-on-other#applications and http://www.facebook.com/about/privacy/your-info#everyoneinfo.

Twitter Plugin

Functions of the Twitter service have been integrated into our website and app. These features are offered by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. When you use Twitter and the “Retweet” function, the websites you visit are connected to your Twitter account and made known to other users. In doing so, data will also be transferred to Twitter. We would like to point out that, as the provider of these pages, we have no knowledge of the content of the data transmitted or how it will be used by Twitter. For more information on Twitter's privacy policy, please go to https://twitter.com/privacy. Your privacy preferences with Twitter can be modified in your account settings at https://twitter.com/account/settings.

Pinterest Plugin

Our website contains functions of the Pinterest social network, operated by Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, USA.


When you visit a page containing the Pinterest social plugin, your browser establishes a direct connection to the Pinterest servers. The plugin transmits this log data to Pinterest servers in the United States. This log data may include your IP address, the address of the websites visited, which also includes Pinterest features, browser type and settings, the date and time of the request, how you use Pinterest, and cookies.
More information about the purpose, scope and further processing and use of data by Pinterest, as well as your rights and options to protect your privacy, can be found in the privacy notices of Pinterest: https://about.pinterest.com/de/privacy-policy.

Visual Website Optimizer 

Visual Website Optimizer (VWO)


Our website uses the Visual Website Optimizer, an A/B test tool/web analysis service from Wingify, 14th Floor, KLJ Tower North, Netaji Subhash Place, Pitam Pura, Delhi 110034, India (hereinafter "Wingify").

Wingify uses cookies that enable analysis of your use of our website, shops and app. The information generated by the cookie about the use of our website, shops and app, along with your IP address, will be transmitted to a Wingify server in India and stored there. Wingify uses this information on our behalf to evaluate your use of the website and to optimise our webpages accordingly.

Further information on the cookies used can be found at this link: https://help.vwo.com/hc/en-us/articles/360033990873

Details on how your personal data is handled can be found at the following link: https://vwo.com/privacy-policy/.

For more information on the use of cookies on our website, please refer to the “Cookies” section.

Vimeo-Plugin

Vimeo-Plugins


We use the provider Vimeo for the integration of videos, among other things. Vimeo is operated by Vimeo, LLC headquartered at 555 West 18th Street, New York, New York 10011.

On some of our webpages, we use plugins of the provider Vimeo.

If you access the webpages of our website with such a plugin – for example, our media library – a connection to the Vimeo servers will be established, and the plugin will be displayed. By doing so, the Vimeo server will be informed which of our webpages you have visited. If you are logged in as a member of Vimeo, Vimeo will assign this information to your personal user account. When using the plugin, e.g., clicking the start button of a video, this information is also assigned to your user account. You can prevent this assignment by logging out of your Vimeo user account before using our website and deleting the corresponding cookies from Vimeo.

Further information on data processing and privacy at Vimeo can be found at https://vimeo.com/privacy.

For more information on the use of cookies on our website, please refer to the “Cookies” section.

Trusted Shops Badge

Trusted Shop Badge

The Trusted Shops Trustbadge is integrated into this website so that we may display our Trusted Shops seal of approval and any ratings we have collected and to offer Trusted Shops products to buyers after they have placed an order.

This serves to protect our legitimate interests in the best possible marketing, which prevail in the context of a balancing of interests, by enabling secure shopping in accordance with Art. 6 (1)(1)(f) GDPR. The Trustbadge and the services advertised with it are an offer of Trusted Shops GmbH, Subbelrather Str. 15C, 50823 Cologne. The Trustbadge is provided in the context of contract data processing by a CDN (content delivery network) provider.

More information about privacy at Trusted Shops GmbH can be found here.

When the Trustbadge is viewed, the web server automatically stores a server log file, which also contains your IP address, the date and time of the request, the amount of data transferred and the requesting ISP (access data). The web server also documents the request itself. Individual access data is stored in a security database for the analysis of security anomalies. The log files are automatically deleted no later than 90 days after their creation.

Further personal data will be transferred to Trusted Shops GmbH if, after completing an order, you decide to use Trusted Shops products or have already registered to use them. The contractual agreement between you and Trusted Shops shall apply. Personal data is automatically collected from the order data for this purpose. A neutral parameter (the email address hashed by cryptographic one-way function) is used to automatically check whether you are already registered for product use as a buyer. Before it is transmitted, the email address is converted into this hash value, which cannot be decrypted by Trusted Shops. After checking for a match, the parameter is automatically deleted.

This is necessary so that we and Trusted Shops can fulfil our overriding legitimate interests in the provision of buyer protection for the specific order in each case and of the transactional rating services in accordance with Art. 6 (1)(1)(f) GDPR. Further details, also regarding your right to object, can be found in the Trusted Shops privacy policy, a link to which can be found above and in the Trustbadge.

Payment

PayPal

PayPal

The controller has integrated PayPal components into this website. PayPal is an online payment service provider. Payments are processed via PayPal accounts, which are virtual private or business accounts. PayPal can also process virtual payments by credit card if a user does not have a PayPal account. A PayPal account is managed via an email address, which is why no traditional account number exists. PayPal enables online payments to be made to third parties or received. PayPal also performs fiduciary functions and offers buyer protection services.


The European operating company of PayPal is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal L-2449, Luxembourg.


If the data subject selects “PayPal” as a payment option during the ordering process in our online shop, data relating to the data subject will be automatically transmitted to PayPal. By selecting this payment option, the data subject consents to the transmission of the personal data required to process the payment. Data processing is necessary for our contract with you to be processed.


Cookies are placed when the service is used. For more information on the use of cookies on our website, please refer to the “Cookies” section.


PayPal's current privacy policy can be found at https://www.paypal.com/uk/webapps/mpp/ua/privacy-full.

Computop

Computop

On our website we offer payment via Giropay, Paypal, Visa and MasterCard, among others. The provider and technical payment provider for payment processing for the payment services is Computop Wirtschaftsinformatik GmbH, Schwarzenbergstr. 4, D-96050 Bamberg, Germany (hereinafter “Computop”).


When you make a payment using the above payment methods, Computop collects various transaction data for forwarding to the bank with which you are registered. In addition to the data required for payment, Computop may collect other data, such as the delivery address or individual items in the shopping basket, in the course of processing the transaction.


Computop then authenticates the transaction using the bank’s authentication procedure. The payment amount will then be transferred from your account to ours. Neither we nor third parties have access to your account details.


Data processing is necessary for our contract with you to be processed.


For details on payment with Computop, please refer to the Terms and Conditions and the data protection provisions of Computop at: https://computop.com/uk/tos.

AmazonPay

We use the service of Amazon Payments Europe s.c.a (5 Rue Plaetis, L 2338 Luxembourg) to offer you the option to pay via Amazon Pay. Upon payment, your payment details will be shared with Amazon Payments Europe s.c.a. and Amazon EU SARL, Amazon Services Europe SARL and Amazon Media EU SARL. All three are located at 5, Rue Plaetis L 2338, Luxembourg. Amazon Payments reserves the right to conduct a credit check. If you do not want to be forwarded to Amazon Payments Europe, please choose another payment method.


Where personal data is processed during the described transfers, the processing is carried out for the purpose of payment processing in accordance with Art. 6 (1)(b) GDPR.


Further information can be found at: pay.amazon.co.uk/help/201751600.


Cookies are placed when the service is used. For more information on the use of cookies on our website, please refer to the “Cookies” section.

Pepperjam

 

We use the plugin from Pepperjam LLC, 7 South Main Street, 3rd Floor, Wilkes Barre, PA 18701 on our website. Pepperjam Pixel plugin creates a small HTML snippet placed on the WooCommerce order confirmation/”thank you” page after a successful transaction. The HTML snippet sends the information into the dynamic commissioning System.


Find out more about Pepperjam at https://www.pepperjam.com.
The privacy policy and the imprint can be found here: https://www.pepperjam.com/legal

More information

Customer Account

Customer Account

We set up a password-protected direct-access to the user data (customer account) stored by us for each customer who registers accordingly. Here you can view data about your completed, open and recently shipped orders and manage your address information, bank details and the newsletter. You undertake to treat the personal access-data confidentially and not to make them accessible to unauthorised third parties. We cannot assume any liability for misused passwords, unless we are responsible for the misuse.


The legal basis for this processing activity is art. 6 (1) (b) GDPR.


We would like to make your visit to our website as pleasant as possible with the function “Stay logged in”. This function allows you to use our services without having to log in again each time. For security reasons, however, you will be asked to enter your password again if, for example, you need to change your personal data or you wish to place an order. We recommend that you do not use this feature if the computer is used by multiple users. We would like to point out that the “Stay logged in" function is not available if you use a setting that automatically deletes stored cookies after each session.


For more information about the use of cookies on our site, please see the section "Cookies".

Newsletter

Newsletter

We use the service of Inxmail GmbH, Wentzingerstrasse 17, 79106 Freiburg, Germany, to send the newsletter.


We use the double opt-in procedure. The newsletter service will only be activated after you have expressly confirmed to us that you wish to receive it.


If you would like to receive the newsletter offered on the website, we require an e-mail address from you, which allows us to check that you are the owner of the e-mail address provided and that you agree to receive our newsletter. We will then send you a notification e-mail and ask you to confirm that you wish to receive our newsletter by clicking on a link contained in that email.


When you subscribe to our newsletter, we will store your IP address and the date of registration. Further data will not be collected (or only on a voluntary basis). This storage serves solely as proof in the event that a third-party misuses your e-mail address to register you without your knowledge or your authorisation to receive the newsletter.


The data entered in the newsletter registration form will be processed exclusively on the basis of your consent (Art. 6 [1a] GDPR).


You can revoke your consent to the storage of your data, e-mail address and its use for sending the newsletter at any time with effect for the future, for example, by clicking on the “unsubscribe” link in the newsletter. The legality of any and all data processing operations previously carried out shall not be affected by your revocation.


The data you provide us with for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter and then deleted after you cancel the newsletter. Data stored by us for other purposes (e.g. e-mail addresses for the Member’s Area) shall remain unaffected. 


For more information about privacy at Inxmail, please visit https://www.inxmail.com/data-conditions

 

Security

Security

We have taken technical and administrative security precautions to protect your personal data against loss, destruction, manipulation and unauthorised access. All our employees and service providers working for us are obliged to comply with the applicable privacy laws.


Whenever we collect and process personal information, it is encrypted before it is transmitted. This means that your data cannot be misused by third parties. Our security precautions are subject to a continuous improvement process and our privacy policies are constantly being revised. Please make sure that you have the latest version.

Data transfer to third countries

Data transfer to third countries

If we process data in countries outside the European Economic Area (“EEA”), we protect it based on an adequacy decision of the EU Commission Art. 45 (1) GDPR or use the standard contractual clauses of the EU Commission in accordance with Art. 46 (2)(c) GDPR when structuring contractual relationships with recipients in third countries.

Storage period

Storage period

We will store your data,

  • if you have consented to the processing thereof, only until you withdraw your consent;
  • if we need the data to perform a contract, only for as long as the contractual relationship with you exists;
  • if we use the data on the basis of a legitimate interest, only as long as your interest in deletion or anonymisation does not outweigh this legitimate interest;
  • if statutory retention obligations exist, until the end of the retention periods.

Your rights

You have the right at any time to request information, correction, deletion or restriction of the processing of your stored data; a right to object to the processing; as well as the right to data portability and to lodge a complaint in accordance with the requirements of privacy law.

Right of access

Right of access

You can request information from us as to whether and to what extent we process your data.

Right to rectification

Right to rectification

If we process your data that is incomplete or inaccurate, you may request that we correct or supplement it at any time.

Right to erasure

Right to erasure

You can demand that we delete your data if we process it unlawfully or if the processing disproportionately interferes with your justifiable protection interests. Please note that there may be reasons that prevent an immediate erasure, e.g., in the case of legally stipulated retention obligations.


Irrespective of the exercise of your right to deletion, we will delete your data immediately and completely, insofar as there is no contractual or statutory obligation to retain data in this respect.

Right to restrict processing

Right to restrict processing

You can ask us to restrict the processing of your data if

  • you dispute the accuracy of the data for a period of time that allows us to verify the accuracy of the data,
  • the processing of the data is unlawful, but you decline to delete it and instead demand a restriction on the use of the data,
  • we no longer need the data for the intended purpose, but you still need this data to file or defend legal claims, or
  • you have objected to the processing of the data.

Right to data portability

Right to data portability

You may request that we provide you with the information you have provided to us in a structured, standard and computer-readable format and that you may provide that information to another representative without interference from us, provided that we process this data on the basis of an agreement given and revocable by you or for the fulfilment of a contract between us, and that such processing is carried out using automated procedures. If technically feasible, you may request us to transfer your data directly to another representative.

Right to object

Right to object

If we process your data for legitimate reasons, you may object to such processing at any time. We will then no longer process your data unless we can prove compelling and protection-worthy grounds for the processing which outweigh your interests, rights and freedoms or if the processing serves the assertion, exercise or defence of legal claims. You can object to the processing of your data for the purpose of direct marketing at any time without giving reasons.

Right to appeal

Right to appeal

If you are of the opinion that we have violated German or European data protection law when processing your data, please contact us so that we can clarify any questions you may have. Of course, you also have the right to contact the competent regulatory authority for you, the respective regional office for data protection supervision.


If you wish to exercise any of the aforementioned rights against us, please contact our data protection officer. In case of any doubt, we may request additional information to confirm your identity.

Changes to this Privacy Policy

We reserve the right to change our privacy policy if necessary due to new technologies. Please make sure that you have the latest version. If substantial changes are made to this privacy statement, we will post them on our website.


All interested parties and visitors to our website can contact us with questions about privacy at:

ePrivacy GmbH
Prof. Dr. Christoph Bauer
Große Bleichen 21
20354 Hamburg
Deutschland
E-Mail: datenschutz@medi.de

Contact us! We're here to help

Service hotline

Reception time

Mon-Fri, 09.00 - 17.00