Privacy Policy

Data privacy Declaration

We, the company SCHLUMBOHM Medizin-Labor-Technologie-Hamburg GmbH, thank you for your visit to our homepage. As a supplier of medical products, the secure handling of your data is of special importance to us. We would therefore like to provide you with detailed information on the use of your data when you visit our website. The owner of this website treats the protection of your personal data with the greatest seriousness. We treat your personal data in confidence and conform with the statutory data privacy regulations and this Data Privacy Declaration. Various items of personal data are collected when you visit this website. Personal data are deemed to be data with which you can be identified in person. This Data Privacy Declaration explains which data we collect and what we use them for. It also provides information on how and to what purpose this is carried out. We wish to point out that the data transfer on the Internet (e.g. when communicating by email) can result in security gaps. An absolute protection of the data against third party access is not possible.

The controller or your point of contact respectively

Please contact the following direct should you have questions concerning the obtaining, processing or use of your personal data or in connection with rights of access, rectification, restriction or the erasure of data in addition to the revocation of any consent you have granted or the objecting to a particular use of your data:

Controller

SCHLUMBOHM Medizin-Labor-Technologie-Hamburg GmbH

Grenzkehre 1

21079 Hamburg, Germany

Telephone: +49 (0) 40 – 76 91 50 -0

Fax: +49 (0) 40 – 76 91 50 -26

Email: info@schlumbohm-medlab.com

Data Protection Officer at SCHLUMBOHM Medizin-Labor-Technologie-Hamburg GmbH

Mario Barthel

Business address: INNAVIS Treuhand GmbH

Gutenbergstraße 1

26632 Ihlow-Riepe, Germany

Tel: +49 (0)4928/84 84 85

Mail: barthel@innavis.de

You are also entitled to lodge a complaint with the responsible supervisory authority, the Hamburg Data privacy and Freedom of Information:

Data Privacy Supervisory Authority

Der Hamburgische Beauftragte für Datenschutz und Informationsfreiheit

Kurt-Schumacher-Allee 4, 20097 Hamburg, im 6. Obergeschoss (as from 5 June 2018)

Tel.: +49 (0)40 / 428 54 – 4040

Fax: +49 (0)40 / 428 54 – 4000

Email: mailbox@datenschutz.hamburg.de

  1. Definitions

The SCHLUMBOHM Medizin-Labor-Technologie-Hamburg GmbH Data Privacy Declaration is based on the definitions that were used by the European Directives and Regulations Regulator when it issued the General Data Protection Regulation (GDPR). Our Data Privacy Declaration should be legible and comprehensible both for our customers and our business partners. In order to assure this, we would like to explain the used definitions in advance.

We use the following terms in this Data Privacy Declaration that are explained in the GDPR (https://dsgvo-gesetz.de/art-4-dsgvo/):

  • Personal data
  • Data subject
  • Processing
  • Restriction of processing
  • Profiling
  • Pseudonymisation
  • Controller or person responsible for the processing
  • Processor
  • Recipient
  • Third party
  • Consent
  1. rights of the data subjects

Under the conditions of the statutory provisions of the General Data Protection Regulation (DSGVO), you have the following rights as a data subject:

  • -Information pursuant to Art. 15 DSGVO about the data stored about you in the form of meaningful information about the details of the processing, as well as a copy of your data;
  • Correction pursuant to Art. 16 DSGVO of incorrect or incomplete data stored by us;
  • Erasure pursuant to Art. 17 DSGVO of the data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the assertion, exercise or defence of legal claims;
  • Restriction of processing pursuant to Art. 18 DSGVO, insofar as the accuracy of the data is disputed, the processing is unlawful, we no longer need the data and you object to their deletion because you need them for the assertion, exercise or defence of legal claims or you have objected to the processing pursuant to Art. 21 DSGVO.
  • Data portability pursuant to Art. 20 DSGVO, insofar as you have provided us with personal data within the scope of consent pursuant to Art. 6 Para. 1 lit. a DSGVO or on the basis of a contract pursuant to Art. 6 Para. 1 lit. b DSGVO and these have been processed by us with the aid of automated procedures. You will receive your data in a structured, common and machine-readable format or we will transfer the data directly to another responsible party, insofar as this is technically feasible.
  • You have the right to object to the processing of your personal data pursuant to Art. 21 of the German Data Protection Act (DSGVO), insofar as this is carried out on the basis of Art. 6 Para. 1 lit. e, f DSGVO and there are reasons for this which arise from your particular situation or the objection is directed against direct advertising. The right to object does not exist if overriding compelling legitimate grounds for the processing can be demonstrated or the processing is carried out for the assertion, exercise or defence of legal claims. Where the right to object does not exist for individual processing operations, this is indicated there.
  • Revocation pursuant to Art. 7 (3) DSGVO of your granted consent with effect for the future.
  • Complaint pursuant to Art. 77 of the GDPR to a supervisory authority if you are of the opinion that the processing of your personal data violates the GDPR. As a rule, you can contact the supervisory authority of your usual place of residence, your place of work or our company headquarters.
  1. Data storage

Each time the SCHLUMBOHM Medizin-Labor-Technologie-Hamburg GmbH website is accessed by a data subject or an automated system, it records a set of general data and information. This general data and information is stored in the log files of the server. The following can be recorded:

  1. the used browser types and their versions,
  2. the operating system that is used by the accessing system,
  3. the website that a system accesses our website from (referred to as a referrer),
  4. the sub-websites that are driven to our website using an accessing system,
  5. the date and time the website is accessed,
  6. an Internet Protocol address (IP address),
  7. the Internet service provider of the accessing system and
  8. other similar data and information that serve as defence against risks resulting from attacks being launched against our information technology systems.

SCHLUMBOHM Medizin-Labor-Technologie-Hamburg GmbH does not draw any conclusions regarding the data subject when using this general data and information. This information is in fact required in order to

  1. provide the contents of our website correctly,
  2. the optimisation of our website and the advertising of this,
  3. ensure the perfect functionality of our information technological systems and our website technology and
  4. in order to provide criminal prosecution authorities with the required information in the event of a cyber-attack being launched.

This anonymously obtained data and information is therefore statistically analysed by SCHLUMBOHM Medizin­Labor-Technologie GmbH in addition to this being carried out with the aim of enhancing the data privacy and data security in our company so that we can last but not least, ensure an optimal level of protection for the personal data that we process. The anonymous data in the server log files are stored separate from all of the personal data that a data subject has provided

  1. Statutory or contractual regulations regarding the provision of personal data; necessity for the conclusion of a contract; obligation of the data subject to provide the personal data; possible consequences of such not being provided.

We hereby inform you that the provision of personal data is statutory stipulated in some cases (e.g. fiscal provisions) or this can result from contractual provisions (e.g. data regarding the contractual partner). From time to time, it could be possible in connection with the conclusion of a contract that a data subject provides us with personal data that we need to process subsequently. The data subject is for example obliged to provide us with personal data should our company conclude a contract with the said person. A non-provision of the personal data has the consequence that the contract cannot be concluded with the data subject. The data subject is to contact our Data Protection Officer before he or she provides the personal data. Our Data Protection Officer shall then inform the data subject on a case by case basis, whether the provision of the personal data is a statutory or a contractual requirement or whether the personal data are to be provided for the conclusion of the contract, whether there is an obligation to provide the personal data and the consequences should the personal data not be provided.

  1. Use of data when registering for the email newsletter

On the website of the SCHLUMBOHM Medizin-Labor-Technologie-Hamburg GmbH, users are given the opportunity to subscribe to our enterprise’s newsletter. The personal data transmitted to the controller when the newsletter is ordered is specified in the input mask used for this purpose.

The SCHLUMBOHM Medizin-Labor-Technologie-Hamburg GmbH informs its customers and business partners at regular intervals by means of a newsletter about enterprise offers. The newsletter of our enterprise can basically only be received by the data subject, if

  1. the data subject has a valid e-mail address, and
  2. the data subject registers for the newsletter mailing.

For legal reasons, a confirmation e-mail will be sent to the e-mail address entered by a data subject for the first time for the newsletter dispatch using the double opt-in procedure. This confirmation email serves to check whether the owner of the email address as the data subject has authorised the receipt of the newsletter. If you do not confirm the registration within [XX hours], it will automatically expire and the data will not be processed for the newsletter dispatch.

When registering for the newsletter, we also store the IP address of the computer system used by the data subject at the time of registration, as assigned by the Internet service provider (ISP), as well as the date and time of registration. The collection of this data is necessary in order to be able to trace the (possible) misuse of a data subject’s email address at a later date and therefore serves as a legal safeguard for the controller.

The personal data collected in the context of a registration for the newsletter are used exclusively for sending our newsletter. Furthermore, subscribers to the newsletter could be informed by e-mail if this is necessary for the operation of the newsletter service or a related registration, as could be the case in the event of changes to the newsletter service or changes in the technical circumstances. No personal data collected as part of the newsletter service will be passed on to third parties. The subscription to our newsletter can be cancelled by the data subject at any time. The consent to the storage of personal data, which the data subject has given us for the newsletter dispatch, can be revoked at any time. For the purpose of revoking consent, a corresponding link can be found in each newsletter. Furthermore, it is also possible to unsubscribe from the newsletter mailing directly on the website of the controller at any time or to inform the controller of this in another way.

  1. Newsletter tracking

The SCHLUMBOHM Medizin-Labor-Technologie-Hamburg GmbH newsletters include so-called tracking pixels. A tracking pixel is a miniature graphic that is integrated in such emails that are sent in HTML format in order to enable a log file recording and log file analysis to be carried out. This enables a statistical analysis to be performed of the success or lack of success of online marketing campaigns.  SCHLUMBOHM Medizin-Labor-Technologie-Hamburg GmbH can use an integrated tracking pixel in order to detect whether an email has been opened by a data subject and if so, when this was carried out in addition to whether the links in the email were used by the data subject.

Personal data that is collected via the tracking pixel in the newsletters are stored and evaluated by the processor in order to optimise the sending of the newsletter and adapt the contents of the future newsletters to the interests of the data subject to a better extent. These personal data are not forwarded to third parties. The data subjects are entitled at all times to withdraw the declaration of consent that is provided using the double opt-in procedure in this regard. After a withdrawal has been declared, the processer deletes this personal data. A deregistration from the newsletter is automatically construed by SCHLUMBOHM Medizin¬Labor-Technologie GmbH as being a withdrawal.

  1. Contact possibility through the website

The website of the SCHLUMBOHM Medizin-Labor-Technologie-Hamburg GmbH contains legal requirements which enable a quick electronic contact to our enterprise, as well as direct communication with us, which also includes a general address of the so-called electronic mail (e-mail address). If a data subject contacts the controller by e-mail or by using a contact form, the personal data transmitted by the data subject will be stored automatically. Such personal data transmitted on a voluntary basis by a data subject to the controller will be stored for the purposes of processing or contacting the data subject. This personal data will not be disclosed to third parties..

  1. Use of Cookies

This website uses cookies. Cookies are text files that are stored in the Internet browser or on the computer system of the user by the Internet browser respectively. The cookies have a characteristic character string that provides an unambiguous identification of the browser when the website is accessed again. We use cookies in order to design our website in a user-friendly manner. Some of the functions on our website cannot be offered without the use of cookies.  This necessitates the browser also being identifiable after a page change.

The Cookies store and transfer the following data:

  • language settings
  • login information
  • articles in the shopping cart

We also use cookies on our website that enable an analysis to be conducted of the surfing conduct of the user. When our website is accessed, the user is informed of the use of cookies for analysis purposes and his consent is obtained to the processing of the personal data that are used in connection with this. Reference is also made to this Data Privacy Declaration in connection with this.

Possibility of deactivating or deleting cookies

Most of the browsers are set so that they automatically accept cookies. You can deactivate the storage of cookies in your browser but it is then possible that this shall impair the user-friendliness of our website.

The majority of the cookies we use (session cookies) are invalid at the end of the browser session. Permanent cookies remain on your terminal device and enable us to detect your browser the next time you access the site. This data are not used to personally identify the user of this website. Cookies are stored on the computer of the user before it transfers these to our website. This means that as the user, you have the full control over the use of the cookies. You can deactivate or restrict the transferring of cookies by changing the settings of your Internet browser. The website is already fully used.

  1. use of Google
    1. Google Analytics

Type and scope of processing

We use Google Analytics from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, as an analysis service for the statistical evaluation of our online offer. This includes, for example, the number of times our online offer is called up, sub-pages visited and the length of time visitors spend on the site.

Google Analytics uses cookies and other browser technologies to evaluate user behaviour and recognise users.

This information is used, among other things, to compile reports on website activity.

Purpose and legal basis

We process data with the help of Google Analytics for the purpose of optimising our website and for marketing purposes on the basis of your consent pursuant to Art. 6 para. 1 lit. a. DSGVO.

Storage period

The specific storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google Analytics: https://policies.google.com/privacy.

  1. Google Fonts

Nature and scope of processing

We use Google Fonts from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, as a service to provide fonts for our online offering. To obtain these fonts, you connect to servers of Google Ireland Limited, whereby your IP address is transmitted.

Purpose and legal basis

The use of Google Fonts is based on our legitimate interests, i.e. interest in a uniform provision as well as the optimisation of our online offer pursuant to Art. 6 para. 1 lit. f. DSGVO.

Storage period

The concrete storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google Fonts: https://policies.google.com/privacy.

  1. Google reCAPTCHA

Nature and scope of processing

We have integrated components of Google reCAPTCHA on our website. Google reCAPTCHA is a service of Google Ireland Limited and enables us to distinguish whether a contact request originates from a natural person or is automated by means of a program. When you access this content, you establish a connection to servers of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, whereby your IP address and possibly browser data such as your user agent are transmitted. Furthermore, Google reCAPTCHA records the user’s browsing time and mouse movements in order to distinguish automated requests from human ones. This data is processed exclusively for the above-mentioned purposes and to maintain the security and functionality of Google reCAPTCHA.

Purpose and legal basis

The service is used on the basis of our legitimate interests, i.e. for protection when submitting forms in accordance with Art. 6 (1) lit. f. DSGVO.

Storage period

The concrete storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google reCAPTCHA: https://policies.google.com/privacy?hl=en-US.

  1. Google Tag Manager

Nature and scope of processing

We use Google Tag Manager provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Tag Manager is used to manage website tags via an interface and allows us to control the precise integration of services on our website.

This allows us to flexibly integrate additional services to evaluate user access to our website.

Purpose and legal basis

Google Tag Manager is used on the basis of our legitimate interests, i.e. interest in optimising our services in accordance with Art. 6 para. 1 lit. f. DSGVO.

Storage period

The specific storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google Tag Manager: https://marketingplatform.google.com/about/analytics/tag-manager/use-policy/.

  1. Use of social media

We maintain so-called fan pages or accounts or channels on the networks mentioned below in order to provide you with information and offers also within social networks and to offer you further ways to contact us and to inform yourself about our offers. In the following, we will inform you about which data we or the respective social network process from you in connection with calling up and using our fan pages/accounts.

Data that we process from you

If you wish to contact us via messenger or direct message via the respective social network, we generally process your user name via which you contact us and, if applicable, store further data provided by you insofar as this is necessary to process/respond to your request.

The legal basis is Art. 6 para. 1 sentence 1 f) DSGVO (processing is necessary to protect the legitimate interests of the controller).

(Static) usage data we receive from social networks

We receive automatically provided statistics regarding our accounts via Insights functionalities. The statistics include, among other things, the total number of page views, likes, details of page activity and post interactions, reach, video views and details of the proportion of men/women among our fans/followers.

The statistics only contain aggregated data that cannot be related to individual persons. You are not identifiable to us through this.

What data the social networks process from you

In order to view the contents of our fan pages or accounts, you do not have to be a member of the respective social network and, in this respect, no user account is required for the respective social network.

Please note, however, that when you call up the respective social network, the social networks also collect and store data from website visitors without a user account (e.g. technical data in order to be able to display the website to you) and use cookies and similar technologies, over which we have no control. Details of this can be found in the data protection provisions of the respective social network (see the corresponding links above).

Insofar as you wish to interact with the content on our fan pages/accounts, e.g. comment on, share or like our postings/contributions and/or contact us via messenger functions, prior registration with the respective social network and the provision of personal data is required.

We have no influence on the data processing by the social networks within the scope of their use by you. To our knowledge, your data is stored and processed in particular in connection with the provision of the services of the respective social network, as well as for the analysis of user behaviour (using cookies, pixels/web beacons and similar technologies), on the basis of which advertising based on your interests is played both within and outside the respective social network. It cannot be ruled out that your data will be stored by the social networks outside the EU/EEA and passed on to third parties.

Information on, among other things, the exact scope and purposes of the processing of your personal data, the storage period/deletion as well as guidelines on the use of cookies and similar technologies in the context of registration and use of the social networks can be found in the data protection regulations/cookie guidelines of the social networks. There you will also find information on your rights and objection options.

  1. Facebook

When you visit our Facebook page, Facebook collects, among other things, your IP address and other information that is present on your PC in the form of cookies. This information is used to provide us, as operators of the Facebook pages, with statistical information about the use of the Facebook page. Facebook provides more detailed information on this under the following link: https://facebook.com/help/pages/insights.

It is not possible for us to draw conclusions about individual users by means of the statistical information transmitted. We only use this information to respond to the interests of our users and to continuously improve our online presence and ensure its quality.

We only collect your data via our fan page in order to make it available for communication and interaction with us. This collection usually includes your name, message content, comment content and the profile information you provide « publicly ».

The processing of your personal data for our above-mentioned purposes is based on our legitimate business and communicative interest in offering an information and communication channel pursuant to Art. 6 para. 1 f) DSGVO. Should you, as a user, have given your consent to the data processing vis-à-vis the respective provider of the social network, the legal basis of the processing extends to Art. 6 para. 1 a), Art. 7 DSGVO.

Due to the fact that the actual data processing is carried out by the provider of the social network, our access to your data is limited. Only the provider of the social network is authorised to fully access your data. Because of this, only the provider can directly take and implement appropriate measures to fulfil your user rights (information request, deletion request, objection, etc.). The assertion of corresponding rights is therefore most effective directly against the respective provider.

We are jointly responsible with Facebook for the personal content of the fan page. Data subject rights can be asserted with Facebook Ireland as well as with us.

The primary responsibility for the processing of Insights data lies with Facebook under the GDPR and Facebook fulfils all obligations under the GDPR with regard to the processing of Insights data, Facebook Ireland provides the essence of the Page Insights Supplement to data subjects.

We do not make any decisions regarding the processing of Insights data and all other information resulting from Art. 13 GDPR, including legal basis, identity of the controller and storage period of cookies on user terminals.

Further information can be found directly at Facebook (Supplementary Agreement with Facebook): https://www.facebook.com/legal/terms/page_controller_addendum.

  1. Twitter

We are jointly responsible with Twitter for the personal content of the fan page. Data subject rights can be asserted with Twitter Inc. as well as with us.

The primary responsibility under the GDPR for the processing of Insights Data lies with Twitter and Twitter complies with all obligations under the GDPR with regard to the processing of Insights Data, Twitter Inc. provides the essence of the Page Insights Supplement to data subjects.

We do not make any decisions regarding the processing of Insights data and all other information resulting from Art. 13 DSGVO, including legal basis, identity of the controller and storage period of cookies on user terminals.

Further information can be found directly at Twitter: Privacy Policy( https://twitter.com/de/privacy ).

You can request the Twitter usage concept on which the offer is based at our above-mentioned e-mail address with the keyword « Twitter usage concept ».

  1. LinkedIn

LinkedIn is a social network of LinkedIn Inc. based in Sunnyvale, California, USA, which enables the creation of private and professional profiles. Users can maintain their existing contacts and make new ones. Companies can create profiles on which photos and other company information are uploaded. Other LinkedIn users have access to this information and can write their own articles and share this content with others.

The focus is on professional exchange on specialist topics with people who have the same professional interests. In addition, LinkedIn is often used by companies and other organisations to recruit employees and present themselves as an interesting employer.

You can find more information on LinkedIn at: https://about.linkedin.com/

For more information on LinkedIn privacy, please visit: https://www.linkedin.com/legal/privacy-policy

We do not collect or process any personal data via our LinkedIn company page.

  1. XING

XING is a social network of XING SE based in Hamburg, Germany, which enables the creation of private and professional profiles. Users can maintain their existing contacts and make new ones. Companies can create profiles on which photos and other company information are uploaded. Other XING users have access to this information and can write their own articles and share this content with others.

The focus is on professional exchange on specialist topics with people who have the same professional interests. In addition, XING is often used by companies and other organisations to recruit employees and present themselves as an interesting employer.

You can find more information about XING at: https://corporate.xing.com/de/unternehmen/

For more information about data protection on XING, please visit: https://privacy.xing.com/de/datenschutzerklaerung .

We do not collect or process any personal data via our XING company page.

  1. Embedded videos and images from external websites

Some of our pages include embedded contents from YouTube or Instagram. Should you merely access a page from our Internet offer that includes embedded videos or images from our YouTube and/or Instagram channel, no personal data shall be transferred with the exception of the IP address. In the case of YouTube, the IP address is transferred to Google Inc., 600 Amphitheatre Parkway, Mountain View, CA 94043, USA (”Google“) and in the case of Instagram, to Instagram Inc., 181 SouthPark Street, Suite 2, San Francisco, California 94107, USA (”Instagram“).

  1. Announcement of changes

Legislative amendments or changes made to our internal processes can result in amendments having to be made to this Data Privacy Declaration.

In the event of such an amendment or change being necessary, we shall provide you with notification six weeks before such come into force. In general terms (No. 6), you have the right to withdraw your consent in this regard.

Please note that (should you not assert your right to withdraw), the latest version of the Data Privacy Declaration has validity.

  1. Legal basis and purposes of the processing
  2. a) Provision of the web page

The processing is carried out to protect our overriding legitimate interest in displaying our website and guaranteeing security and stability on the basis of Art. 6 para. lit. f DSGVO. The collection of data and storage in log files is absolutely necessary for the operation of the website. There is no right to object to the processing due to the exception under Art. 21 (1) DSGVO. Insofar as the further storage of log files is required by law, the processing is carried out on the basis of Art. 6 para. 1 lit. c DSGVO. There is no legal or contractual obligation to provide the data, however, calling up our website is not technically possible without providing the data.

  1. b) Contact form

The processing of your data through the use of our contact form is carried out for the purpose of communication and processing your enquiry on the basis of your consent pursuant to Art. 6 (1) lit. a DSGVO. Insofar as your enquiry relates to an existing contractual relationship with us, the processing is carried out for the purpose of fulfilling the contract on the basis of Art. 6 para. 1 lit. b DSGVO. There is no legal or contractual obligation to provide your data, but the processing of your request is not possible without the provision of the information of the mandatory fields. Insofar as you do not wish to provide this data, please contact us by other means.

  1. c) Newsletter

We process your data for the purpose of sending the newsletter on the basis of your consent pursuant to Art. 6 para. 1 lit. a DSGVO. By unsubscribing from the newsletter, you can declare your revocation in accordance with Art. 7 (3) DSGVO at any time with effect for the future. There is no legal or contractual obligation to provide your data, but it is not possible to send the newsletter without providing your data.

OneSignal Push Notifications

Type and scope of processing

On our homepage we use the mobile marketing platform OneSignal. This is a us-based service provider (OneSignal 2850 S Delaware St #201, San Mateo, CA 94403, United States).

As this is a us company, your data will also be processed in the United States. Currently, there is no data protection agreement between the United States and the EU, as an existing agreement was declared null and void by the European Court of Justice in 2020 (so-called Schrems II ruling of 6 July 2020 (Case C-311/18 ). There is also no adequacy decision from the EU, as there is for other third countries. In the absence of an adequate level of protection, there may be risks to the lawfulness of the data processing but also to its security. The Patriot Act allows US law enforcement agencies to access platforms without the knowledge of third parties.

In order to nevertheless achieve a level of data protection with OneSignal that complies with the GDPR, corresponding standard contractual clauses must be concluded with OneSignal in accordance with Art. 46 (2) and (3) of the GDPR. These oblige OneSignal to maintain an appropriate level of data protection when processing data.

The EU Commission adopted these clauses by means of an implementing decision on 4 June 2021 (see https://germany.representation.ec.europa.eu/news/datentransfers-innerhalb-und-ausserhalb-der-eu-kommission-gibt-unternehmen-standardvertragsklauseln-2021-06-04_de) . You can find OneSignal’s data protection notice at: https://onesignal.com/privacy_policy .

Unsubscribe from your web push notifications: Please briefly read the description of our service provider and then unsubscribe in your browser.

Purpose and legal basis

The use of OneSignal is based on the user’s consent (Art. 6 para. 1 lit. a DSGVO) through the browser window. Furthermore, the service provider is used on the basis of our legitimate interests pursuant to Art. 6 para. 1 lit. f DSGVO.

Storage period

The concrete storage period of the processed data cannot be influenced by us, but is determined by OneSignal. Further information can be found in the data protection declaration at: https://onesignal.com/privacy_policy