This Website is operated by EPOS Health Management GmbH (hereafter in this text often abbreviated as EPOS or "we") as described in our imprint. We place high priority on the protection of your personal data and treat your privacy in compliance with the General Data Protection Regulation (GDPR) of the European Union and the applicable national legislation on personal data protection.
Our personal data processing activities are governed by the General Data Protection Regulation (Regulation (EU) 2016/679).
'Personal data' is any information that can be used to identify you, including your name, e-mail address, IP address, or any other data that could reveal your physical, physiological, generic, mental, economic, cultural or social identity.
For the purpose of the GDPRs, we are the 'Data Controller' of all personal data obtained by us as set out in this Policy, because we ultimately determine how your personal data will be handled by us or our sub-contractors, who would be our 'Data Processors'.
Name and address of the data controller
The responsible controller of your personal data is
Data protection officer
You as data subject may, at any time, contact our Data Protection Officer directly with all questions and suggestions concerning data protection. The contact data of our Data Protection Officer is
Personal data on this website
It is possible for you to use this website without providing your personal data. Whenever we collect personal data you will be asked for consent, and you will be again informed about your rights in terms of protection of your personal data. We will only process your personal data in accordance with notices set out in this Policy, or as provided to you at the time we collect your personal data (if necessary for the intended processing).
Elements of this website which involve collecting of personal data from you are: (a) an email contact to our staff, (b) our contact form, and (c) the registration form for our newsletter. You can find more details on these web forms and how we process the personal data collected below under the respective section headers.
Besides the data collected through these web forms, we store your current IP address, a few cookies, and some usage statistics in order to enhance the security and usability of this website. You can find more details on this functionality and the respective treatment of your personal data further below under the header Data collected for technical purposes.
a) Email contact
The user of this website can use the general company email address or the other email addresses presented to get in contact with the respective staff. In this case we will store the personal data transmitted by this email. The data are used exclusively for processing the conversation with you (purpose) and are not transmitted to any third party.
b) Contact form
Our website contains a contact form for your direct electronic communication with us. If you contact us by this form we store the information that you entered, i.e. your name, email address and your message text. The purpose is to respond to your message, to process your request and to reply to you. There is no transfer of this personal data to any third party.
We offer the possibility to register for receiving our newsletter by using the respective web form on our website. To register for this newsletter you have to provide your name, email address and the desired formatting (text, html) of the information that will be sent to you. We use this information for the mere purpose to send our newsletter to you and do not transfer this information to any other third party.
Legal basis for data processing
The legal basis for the processing of data is Art. 6 para. 1 lit. a GDPR in case the user has given his consent to the processing.
The legal basis for the processing of personal data in the course of sending an email is Art. 6 para. 1 lit. f GDPR. If the e-mail contact aims at the conclusion of a contract, then additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR.
Rights of the data subject in terms of data protection
You have the following rights in relation to your personal data:
- Right to confirmation - you can ask us to confirm whether we are processing personal data concerning you.
- The right to be informed - this is information on the personal data we are processing and the purpose for which we are processing them.
- The right of access - you have the right to be provided with copies of your personal data that we are processing.
- The right to rectification - if you think the personal data that we hold on you is inaccurate or incomplete you can request us to correct this.
- The right to erasure - if you want us to delete the personal data we are holding for you then you can request us to do so.
- The right to restrict processing - if you oppose the way how we are processing your personal data then you have the right to inform us accordingly and we will restrict the processing on the basis of your right.
- The right to data portability - if you want us to forward your personal data to a different organisation or person then you have the right to inform us and we will transfer your personal data respectively (without adversely affecting the rights of others).
- The right to withdraw your consent - you can withdraw your previously given consent to the processing of your personal data at any time by contacting us using the contact form provided.
If you want to exercise one or more of these rights, please contact one of our staff or use the general contact form provided on this website. You can request your rights free of charge unless your request is clearly unfounded, repetitive or excessive. Alternatively, in these circumstances we may refuse to comply with your request. In accordance with the GDPR, we will try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
In addition to the above rights, as a data subject you have the right to lodge a complaint with your local data protection authority within the European Union. Please note that you can use whichever local data protection authority within the EEA that is most convenient for you.
Transfer of personal data
We are not transmitting any personal data collected from you through emails, the contact form or the newsletter registration form of this website to any other third party on a regular basis, in particular not to third parties established outside the European Union or outside the European Economic Area (EEA). If you contact our staff during their potential business trips outside the EU, the staff is receiving your email through a secure connection, so that your data is not transmitted to a third party, but remains within the sphere of influence of our company.
If we are forwarding or copying a message that we have received by email or our contact form to persons outside our company, we will first ask you for your consent to do so, unless you have informed us explicitly about your consent already when you were writing your email to us.
Automated decision making and profiling
As a responsible company, we neither use automatic decision-making nor profiling.
Data collected for technical purposes
We are using cookies to help us make your use of the website better. Cookies are small text files placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently. We are using functional cookies to support your Internet browser in generating our web pages, which is essential to the running of the website but does not contain any personal data.
You may, at any time, prevent the setting of cookies by our website by means of a corresponding setting in your Internet browser and, thus, permanently deny the setting of cookies. Furthermore, you can delete cookies already set at any time via an Internet browser or other software programs. If you deactivate the setting of cookies in your Internet browser not all functions of our website may be entirely usable.
Data protection with regard to web services used on this website
a) Google Analytics
We are using the web analytics service Google Analytics on our website. The purpose of the Google Analytics component is to analyse the traffic on our website and to use this information for improving the usability of our website. Legal basis for using Google Analytics is Art. 6 Abs. 1 lit. a GDPR. The operator of the Google Analytics component is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, United States of America (USA). Google uses the collected data and information, inter alia, to evaluate the use of our website and to provide online reports, which show the activities on our websites, and to provide other services concerning the use of our Internet site for us. This includes, inter alia, data about the website from which a visitor has come, which sub-pages of our website are visited, or how often and for what duration a sub-page is viewed. Google Analytics is using a cookie that enables Google to analyse the use of our website. The cookie is used to store personal information, such as your access time and the frequency of your visits to our website. With each visit to our Internet site, such data will be transmitted to Google in the United States of America where they are stored by Google. Google may pass these personal data collected to third parties.
You may prevent the setting of the Google Analytics cookie by our website at any time by means of a corresponding setting in your Internet browser and, thus, permanently deny the setting of this cookie. In addition, cookies already in use by Google Analytics may be deleted at any time via a web browser or other software programs.
Further information and the applicable data protection provisions of Google may be found at https://www.google.com/intl/en/policies/privacy/ and http://www.google.com/analytics/terms/us.html. Google Analytics is further explained here: https://www.google.com/analytics/.
b) Google Maps
Deleting personal data
We delete your personal data on a regular basis in accordance with the requirements of the GDPR.
After you have contacted us through email or by the contact form of our website, we are deleting your personal data as soon as the relevant communication with you is concluded, unless (i) you have provided us with separate consent to store your personal data longer, (ii) we still need your personal data to fulfil a contractual obligation, or (iii) statutory retention obligations require us to retain your personal data for a longer period.
If you have registered for the reception of our newsletter we will keep your registration data until you unsubscribe or until the newsletter cannot be delivered anymore to the email address you have shared with us (delivery error). Then we delete your registration data. For unsubscribing from our newsletter you can use the respective link below the original registration form, i.e. at the same web address where you previously registered.
The session cookies stored while you were using our website will be deleted when your browsing session ends. The IP addresses logged on our server will be deleted after one month.
Changes to this Policy