1. General

The protection of your privacy and your personal data is particularly important to us, medical systems Beratungsgesellschaft mbH, Kärntnerring 5-7/D4, 1010 Vienna, when processing data.

We collect, process and use your personal data only with your consent or mandate for the purposes agreed with you or if another legal basis exists. Personal data is therefore processed by us exclusively on the basis of the data protection and civil law provisions (in particular DSGVO, DSG, TKG).

In principle, you can visit our website www.medsys.at without leaving personal data. In this regard, we refer you to point 7 (“Cookies and web analysis tools”) of this data protection declaration.

However, in order to use our services of our website www.medsys.at, which are described in detail below, it is necessary to disclose personal data which will subsequently be processed by us. If it is necessary to process personal data and there is no legal basis for such processing, we will generally obtain your consent.

The purpose of this data protection declaration is primarily to inform you of this,

  1. for what purpose which of your personal data is collected and processed when you visit the www.medsys.at website, and
  2. what your rights are, how you can exercise them and how we support you in exercising your rights.

We ask you to read this privacy policy carefully. If you do not agree with the use of your personal data as described in this privacy policy, please do not provide us with your personal data. Please note that you may then not be able to access or use all of our services.

Our services are intended for users from the age of 18 years.

2. Name and address of the person responsible

We are always available to answer your questions regarding data protection or to exercise your rights.

The person responsible for processing your personal data is

            medical systems Beratungsgesellschaft mbH

            Kärntner Ring 5-7/D4, 1010 Vienna

            Tel: +43 (0) 664 336 1177

            E-Mail: info@medsys.at

            Website: www.medsys.at

A data protection officer was not appointed.

3. Personal data

Personal data are all data containing details of personal or factual circumstances and relating to an identified or identifiable natural person (the “data subject”, e.g. name, address, e-mail address, telephone number, date of birth, age, sex, video recordings, photographs, voice recordings of persons). Sensitive data such as health data, data relating to criminal proceedings or biometric data such as fingerprints may also be included.

This list of personal data is demonstrative. The personal data just listed are therefore not necessarily processed by us on this website.

Processing is any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organisation, organisation, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

4. Contact

You have the possibility to contact us by e-mail to info@medsys.at or by phone (phone number: 0664 336 1177)

If you contact us by e-mail, we will save your personal data that you provide us with in the e-mail, in any case therefore your e-mail address. If you contact us by telephone, you will be asked to provide your name, your request and your contact details (e-mail address and/or telephone number). These data will be stored by us.

We use this data exclusively to contact you in order to answer your request. Your personal data will not be shared with or made available to third parties.

The legal basis for the processing of personal data collected in the context of contact enquiries via contact form or e-mail is Art 6 Paragraph 1 lit f DS-GVO (legitimate interests of the person responsible). Our legitimate interest in processing these personal data is to initiate and intensify business relations with existing and potential customers.

Should your contacting us result in an assignment of our law firm, your personal data will be required and used for the processing of the assignment. You will receive more detailed information on how your personal data will be processed by us in the event that you commission our firm.

In all other cases, i.e. if your enquiry does not lead to our firm being commissioned, the personal data collected will be stored by us for one year from the time your enquiry is completed, as we have a legitimate interest in being able to trace enquiries made within this period.

You will find an overview of all rights to which you are entitled in point 9 (“Your rights”) of this privacy policy.

5. LogFiles

When you call up our website, technical information is automatically transmitted by your browser to the web server of our hosting service provider and temporarily stored in a server log file by our hosting service provider in our name and order.

Until automatic deletion, your IP address from which you access the website, date and time of access, name and URL of the accessed data, website from which you came to our website, which pages you accessed on our website, the browser used and, if applicable, your operating system and the name of your access provider are recorded in log files.

This data is stored and used by us on the basis of Art. 6 para. 1 lit f DSGVO (legitimate interest). Our legitimate interest in the collection of this data is (i) to ensure a smooth connection of the website, (ii) to ensure a comfortable use of our website, (iii) to be able to guarantee the security of our website and (iv) to evaluate the logs in order to be able to investigate possible security breaches.

6. Cookies andWeb-Analyse-Tools

6.1. General

Cookies are small text files that are sent to your PC by the web server of medical systems Beratungsgesellschaft mbH and stored on your hard disk. Cookies do not become part of your system and cannot cause any damage.

You can delete cookies that have been set at any time by deleting the relevant cookies in the settings of your Internet browser. Deletion of the cookies by us is not technically possible.

You can also surf the www.medsys.at website without any cookies being set: To do this, you must completely prevent the setting of cookies in the settings of your Internet browser (“deactivate cookies”). However, this may result in restrictions to the functionality of this website and other websites.

The cookies and web analysis and tracking tools listed in detail below are used by us on the basis of Art 6 Paragraph 1 S 1 lit f DSGVO to ensure that our website is designed to meet your needs and is continuously optimised; also to record the use of our website statistically and to evaluate it for the purpose of optimising our offer for you.

You will find an overview of all rights to which you are entitled in point 9 (“Your rights”) of this privacy policy.

6.2. Session cookies

We use session cookies on our website, which are created each time you visit our website. Session cookies contain a randomly generated, unique identification number that is assigned to your terminal device. When you close the browser, the cookie expires without further action.

We use session cookies to support the functionality of our website and to learn more about how visitors use our website (e.g. which pages are called up). No personal data is collected by session cookies.

6.3. Web-Analyse- andTracking-Tools

6.3.1. Google Analytics

We use Google Analytics, a web analytics service provided by Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereinafter referred to as “Google”), for the purpose of designing our website to meet your needs and continuously optimizing it.

Google Analytics generates information about the use of our website, namely when you visit our website, type and version of the browser used, operating system used, which website the user came from, which sub-pages of the website are accessed, how often and for how long, the IP address of the person concerned (the IP address is only collected in abbreviated form with the extension “_anonymizeIp() so that there is no direct personal reference) In this context, pseudonymized user profiles are created and cookies are used.

The data is collected by Google LLC, our order data processor, and transferred to a Google server in the USA and stored there. Google is certified under the Privacy-Shield-Agreement and thus guarantees to comply with the European data protection law.

The information is used to evaluate the use of the website, to compile reports on the website activities and to provide further services connected with the use of the website and the Internet for the purposes of market research and the design of this website in line with requirements. Google may also transfer this information to third parties where required to do so by law or where such third parties process the information on Google’s behalf.

If you wish to completely prevent the collection of data generated by the cookie and related to your use of the website and the processing of this data by Google, you can download and install a browser add-on that will completely disable Google Analytics in the future. You can find the add-on at https://tools.google.com/dlpage/gaoptout?hl=de.

Instead of the browser add-on, you can also prevent Google Analytics from collecting data by setting an opt-out cookie. You can find this at https://tools.google.com/dlpage/gaoptout?hl=de. Please note that this will set an opt-out cookie that is only valid in the browser you are using and only for our website. If you delete all cookies in that browser, you will need to set the opt-out cookie again.

Further information on data protection in connection with Google Analytics can be found at https://support.google.com/analytics/answer/6004245?hl=de.

6.3.2. Google AdWords

We use “Google AdWords” from Google LLC for online marketing (for more details about Google LLC, please see the preceding section of this privacy policy) and use it to place ads on the Google advertising network.

These ads are displayed to users who are interested in ads based on their search query, for example. This enables companies and also us to display advertisements only to those users who are potentially interested in our offer.

When a user clicks on an ad placed by us on the Google advertising network, a cookie is placed on their terminal device. This cookie expires after 30 days. The cookie does not allow us to personally identify the user.

Every Adwords customer receives a different cookie. Cookies can therefore not be tracked through the websites of different Adwords clients. The information collected through the conversion cookie is used to compile conversion statistics for Adwords clients who have opted for conversion tracking. The Adwords customers are told the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, they do not receive any information that can be used to personally identify users.

If you do not wish to participate in the tracking process, you can also refuse the necessary setting of a cookie – for example, by changing your browser settings to generally disable the automatic setting of cookies. You can also disable cookies for conversion tracking by setting your browser to block cookies from the www.googleadservices.com domain.

Further information on data protection at Google can be found at https://policies.google.com/privacy?hl=de&gl=at

6.3.3. Matomo (Piwik)

We also use Matomo (formerly: Piwik) of InnoCraft Ltd, 150 Willis St. 6011 Wellington, New Zealand on our website. This is an open-source web analysis tool that collects and stores data for marketing and optimization purposes.

This data can be used to create pseudonymised user profiles, for which we use 1st-party cookies. The cookies enable the recognition of the internet browser and an analysis of the user behaviour during the user’s visit to our website (pages visited including duration of stay etc.).

7. Your rights

7.1. General:

You can exercise your rights by sending us an appropriate request by letter to Kärntner Ring 5-7/D4, 1010 Vienna or by e-mail to info@medsys.at.

We may ask you to provide proof of your identity to ensure that the request was sent by you.

We will respond within one month of receiving your request, but reserve the right to extend this period by two months if there are good reasons to do so. In any event, we will contact you within one month of receiving your request if we decide to extend the processing period.

The assertion of your rights is basically free of charge for you. Only in the case of obviously unfounded applications or an excessive number of applications can these be subject to a fee.

The rights you are entitled to are:

7.2. Information about personal data

You have the right to request information about which personal data we process about you. You also have the right to request a copy of the data if we process personal data relating to you.

In the context of a request for information, we will inform you, among other things, about the processing purposes and the categories of personal data that are processed.

7.3. Correction of personal data

You have the right to request the rectification of incorrect personal data or, taking into account the purposes of the processing, the integration of incomplete personal data concerning you.

7.4. Deletion

You have the right to request the deletion of personal data concerning your person.

If you request us to delete your personal data, we will immediately delete all of your personal data, unless there is a legal right or obligation to keep records.

We will also delete all personal data if you withdraw your consent or if we are legally obliged to do so.

7.5. Restriction of processing

You have the right to request the restriction of the processing of personal data concerning you.

You can request a restriction on the processing of your personal data if

  • you dispute the accuracy of the data.
  • the processing is unlawful, but you do not wish the data to be deleted.
  • the data are not necessary for the purposes of processing, but we need them for the assertion, exercise or defence of legal claims.
  • you lodge an objection and it is not yet clear whether justified reasons for further processing of the data prevail.

In case of a limitation of the processing, we will reduce the processing of your personal data to the necessary minimum (storage) and, if necessary, use it only to establish, exercise or enforce legal claims or to protect the rights of other natural or legal persons or for other limited reasons provided for by applicable law. If the restriction is lifted and we process your personal data again, you will be informed immediately.

7.6. Opposition

You have the right to object to the processing of personal data concerning you at any time for reasons arising from your particular situation.

We no longer process personal data in the event of an objection, unless we can prove compelling reasons for processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

If we process personal data for the purpose of direct marketing, you have the right to object at any time to the processing of personal data for the purpose of such marketing. If you object to our processing for direct marketing purposes, we will no longer process your personal data for these purposes.

To exercise your right of opposition, you can use the contact details given in point 2. You are also free to exercise your right of objection in connection with the use of Information Society services by means of automated procedures involving technical specifications.

7.7. Data transferability

You have the right to receive personal data concerning you in a structured, common and machine-readable format. You also have the right to request the transfer of personal data relating to you directly from us to another responsible party.

We will comply with a request to transfer your personal data to another responsible party, provided that the rights or freedoms of third parties are not violated and provided that the transfer is technically feasible.

7.8. Complaint to the competent data protection authority

You have the right to lodge a complaint about the processing of personal data carried out by us.

Please address this complaint:

Österreichische Datenschutzbehörde

Wickenburggasse 8

1080 Vienna

Telefon: +43 1 52 152-0

E-Mail: dsb@dsb.gv.at

8. Automated decisions / Profiling

Due to the current legal situation, we are obliged to inform you whether we use automated decision-making or profiling processes.

Currently, there are no automated decision making or profiling processes in place that will affect you legally or otherwise.

9. Up-to-dateness and modification of this privacy policy; disclaimer

This privacy policy is currently valid and has the status May 2018.

Due to the further development of our website and offers above or due to changed legal or official requirements it may become necessary to change this data protection declaration. The current data protection declaration can be called up and printed out at any time on our website.

We assume no liability for damages arising in direct or indirect connection with the information on the website.

We accept no responsibility for the topicality or accuracy of the content and information on the website.

Any use of this website or any link pages connected to it, as well as their content, is at the user’s own risk.

Links to other providers are always recognizable as such.