1. Collection and Archiving of Personal Data During Visits to Our Website
Whenever you access our website, your device's browser automatically sends information to our website server. This information is temporarily stored in what we call a logfile. The following information will be stored automatically and archived until it is deleted:
- The IP address of the accessing computer
- Type of browser / version of browser
- User's operating system
- The name of your access provider
- The website from which you are accessing our site (referrer URL)
- Host name of the accessing computer
- Date and time of the server request
- Content of the request (actual page)
- Access status / HTTP status code
- Data volume transferred in each case
We process the mentioned data to allow for the establishment of a smooth connection and the convenient use of our website and to analyse the security and stability of our system with the aim of improving both. We also use this data for statistical purposes.
The legal basis for the processing of data is Art. 6 Par. 1 S. 1 lit. f GDPR. Our legitimate interest is based on the above-listed data collection purposes. Under no circumstances shall we use the data we collect for purposes that allow us to identify you as an individual. The IP address will be deleted after seven days.
In some cases, this website uses so-called cookies. Cookies are small text files that are placed on your computer and stored by your browser. Information is archived in the cookies we use, which is generated in conjunction with the specific device you use. At a minimum, a cookie ID is stored. However, this does not mean that we acquire direct knowledge of your identity.
The data processed by cookies are required for the mentioned purposes to protect our legitimate interest as well as that of third parties pursuant to Art. 6 Par. 1 S. 1 lit. f GDPR.
You can adjust the settings of your browser in such a manner that you are notified when cookies are placed, that you allow the placement of cookies only on a case-by-case basis, exclude the acceptance of cookies for certain cases or overall, and to ensure that cookies are automatically deleted when the browser is closed. The functions of this website may be limited if cookies are deactivated. The help pages of most browsers will provide explanations as to how to make the above-mentioned adjustments to your browser. Moreover, usually, the help pages will also provide you with insights as to what you have to do to ensure that your browser notifies you of the receipt of new cookies and how you can turn off or delete all cookies.
3. Contact Form / Other Means of Contacting Us
If you submit enquiries via the contact form or the e-mail address provided on our website (or any other means of getting in touch with us), your information, including any contact data you provide, will be stored by us for the processing of your enquiry and to enable us to answer questions and issues you might have.
If you get in touch with us to enter into a contract with us, the data will be processed pursuant to Art. 6 Par. 1 S. 1 lit. b GDPR. In all other cases, the data will be processed by us pursuant to Art. 6 Par. 1 S. 1 lit. a GDPR on the basis of your voluntary statement of consent. You may revoke your consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
When the enquiry you submitted has been taken care of, the personal data you provided will be deleted, unless you have given us your consent for further processing by us or if a contractual relationship has been established between our company and you or the company you work for. If the data is processed based on your voluntary consent, we will delete any personal data communicated via e-mail upon receipt of your revocation of consent.
However, we reserve the right to always archive data as long as this is required to meet statutory purposes or to claim, exercise or defend legal entitlements (legitimate interests pursuant to Article 6 Par. 1 lit. f GDPR).
4. Tools for Analysis / Google Analytics
Pseudonymised user profiles are generated in conjunction with the use of Google Analytics. The pseudonymised user profiles are not merged with personal data related to the holder of the pseudonym in the absence of the holder's express consent, also not with the IP address communicated by your browser.
The legal basis for the use of Google Analytics is Art. 6 Par. 1 S. 1 lit. f GDPR (legitimate interest).
You can prevent the storage of these cookies by making corresponding adjustments to your browser software settings. Moreover, you can prevent the recording of the data generated by the cookies by Google and the processing of this data by Google, by downloading and installing the browser plug-in available at: http://tools.google.com/dlpage/gaoptout?hl=de.
5. Online Presence
6. Transfer of Data to Third Parties
We will share your personal data with third parties only if you have given us your express consent to do so pursuant to Art. 6 Par. 1 S. 1 lit. a GDPR; if the sharing of such data is required for the processing of the contractual relationship pursuant to Art. 6 Par. 1 S. 1 lit. b GDPR; if the sharing is required to meet a statutory obligation pursuant to Art. 6 Par. 1 S. 1 lit. c GDPR or if the sharing is required to protect our legitimate rights pursuant to Art. 6 Par. 1 S. 1 lit. f GDPR.
We reserve the right to – within the scope of what is permitted under the law – commission service providers to process personal data (including the provision of server capacities and hosting services), notably as so-called contract processors.
7. Transfer of Data to Recipients in a Non-EU Country
If we should share personal data with third parties domiciled outside of the EU, we shall ensure that the recipients either have in place adequate data protection levels or you have expressly consented to such sharing. Currently we do share data with our parent company, Cantel Medical Corporation, and its business segments, which may be domiciled in the United States. In such cases, please note that such entities have in place adequate data protection levels through self-certification in compliance with the EU-US Privacy Shield. You may request from us an overview of recipients in non-EU countries and a copy of the warranties in place to safeguard the presence of adequate data protection levels. To request this information, please use the contact information provided under that section or consult our Privacy Shield Policy here: http://www.cantelmedical.com/privacy-shield-policy.
8. Your Rights
You are entitled to the following:
- Pursuant to Art. 15 GDPR, you have the right to demand information about your personal data we process,
- Pursuant to Art. 16 GDPR, you have the right to demand the prompt correction of incorrect data or the completion of incomplete personal data stored by us,
- Pursuant to Art. 17 GDPR, you have the right to deletion of personal data stored by us,
- Pursuant to Art. 18 GDPR, you have the right to demand a restriction of the processing of your personal data,
- Pursuant to Art. 20 GDPR, you have the right to receive your personal data, which you have provided to us, in a structured, commonly used and machine readable format or demand that we send such information to a different controller,
- Pursuant to Art. 7 Par. 3 GDPR, you may revoke any consent you have given to us at any time. As a result, we will no longer be permitted to process the data that we had processed based on your consent in the future, and
- Pursuant to Art. 77 GDPR, you have the right to file a grievance with a supervisory agency.
If your personal data is being processed on the basis of legitimate interests pursuant to Art. 6 Par. 1 S. 1 lit. f GDPR, you have the right to file an objection against such processing pursuant to Art. 21 GDPR, if there are reasons arising from your specific situation or if the objection targets direct advertising. In the latter case you have a general objection right, which shall be implemented even if you do not provide information regarding a special situation.
If you have any questions or if you want to exercise your rights, you can reach us at the following address:
Cantel (Germany) GmbH
Heerdter Lohweg 35
We also encourage you to contact our Data Privacy Officer (e-mail firstname.lastname@example.org or, via regular mail, to our postal address with the addition of c/o Data Privacy Officer).
As of: May 2018