A. Basic Information
We appreciate your interest in our online offering. Protecting your privacy is very important to us. We attach great importance to the protection of your personal data and your right to informational self-determination. Below, we provide information about the collection and processing of personal data when using our website or our online offering at gos-implant.com. Personal data refers to all data that can be personally related to you, e.g., name, address, email address, and user behavior.
Responsible for data protection pursuant to Art. 4 No. 7 of the EU General Data Protection Regulation (GDPR):
Göttinger OP-Simulationssysteme
Dr. Thomas Bohne e.K.
Robert-Bosch-Straße 11
37154 Northeim
Tel. +49 55 51 / 99676-0
Fax +49 55 51 / 99676-20
Email: info@gos-implant.com
Further information and contact details, as well as additional legal notices, can be found in our Legal Notice.
We protect our website and other systems through technical and organizational measures against the loss, destruction, access, alteration, or distribution of your data by unauthorized persons. Access to customer accounts is only possible after entering a user ID and a personal password. You should always treat your login information confidentially and close the browser window when you have finished communicating with us, especially if you share your computer with others.
For secure communication with us, we offer encrypted communication via the SSL protocol as standard, which we use in particular to transmit your personal data in our online shop.
When you access our website, data that may allow identification (e.g., IP address) is temporarily stored on our servers for data and system security purposes, but generally for no longer than 30 days. The processing of potentially personal data for the purposes of data and system security is based on Art. 6 (1) (f) GDPR and our legitimate interest in securing our systems and preventing misuse.
Personal data is only processed for the period necessary to achieve the respective processing purpose, or if this is provided for in laws or regulations applicable to us, e.g., retention obligations under commercial or tax law. If a storage purpose no longer applies or a legally prescribed retention period expires, the personal data concerned will be routinely deleted in accordance with legal regulations, or its processing will be restricted, e.g., limited processing within the framework of commercial or tax law retention obligations.
The processing of personal data due to a legal obligation, namely the fulfillment of statutory retention obligations, is based on Art. 6 (1) Sentence 1 (c) GDPR. To the extent that personal data is processed for the purpose of preserving evidence in accordance with Art. 6 (1) Sentence 1 (f) GDPR, these processing purposes cease to apply after the expiry of the statutory limitation periods; the regular statutory limitation period is three years.
For further details on specific storage and deletion periods, please refer to individual service descriptions or information in this privacy policy.
If you simply use our website for informational purposes, i.e., if you do not register, purchase from our online store, or otherwise provide us with personal information, we may collect personal data that your browser transmits to our server.
When you visit our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure the stability and security of our online offering:
IP address
Date and time of the request
Time zone difference to Greenwich Mean Time (GMT)
Content of the request (specific page)
Access status/HTTP status code
Amount of data transferred in each case
Website from which the request originates
Browser
Operating system and its interface
Language and version of the browser software.
The legal basis for this collection and processing is Art. 6 (1) (f) GDPR. Our legitimate interest lies in providing a functional website offering and its system security.
In the context of operating this website and the associated processes, technical service providers (e.g., web hosts, IT service providers) may support us. To the extent that personal data is processed by the relevant service providers in this context, this is done on our behalf and in accordance with our instructions (contract processing).
Our website uses cookies. Cookies are small text files that are placed and stored on a computer system via an internet browser.
Many websites and servers use cookies. Cookies often contain a so-called cookie ID. This ID is a unique identifier for the cookie and consists of a character string that websites and servers can use to assign it to a specific internet browser in which the cookie was stored. Such cookies make it possible to distinguish your individual browser from other internet browsers that contain other cookies. A specific internet browser can therefore be recognized and identified via a unique cookie ID.
By using cookies, we can provide you with more user-friendly services that would not be possible or would only be possible to a limited extent without cookies. Cookies enable us to recognize users of our website. The purpose of this recognition is to make it easier for users of our online offering to use the service. A clear example is the shopping cart function in an online shop, for which a cookie ensures that the shopping cart “remembers” the items placed in the shopping cart by the user during a session.
The use of cookies is based on Art. 6 (1) Sentence 1 (f) GDPR. Our legitimate interest lies in providing and optimizing a functional and convenient online offering. If cookies are used for analysis or tracking purposes (see Section 3), we also follow a consent concept (Art. 6 (1) Sentence 1 (a) GDPR) using a “cookie banner” as a precautionary measure. To integrate this cookie banner, we use “Cookie Consent” from Silktide Ltd. Further information about Silktide Ltd. and its data protection policy can be found at https://silktide.com/about/ or https://silktide.com/privacy-policy/.
You can prevent cookies from being set by adjusting your Internet browser settings, thereby permanently denying them. You can also delete cookies that have already been set using an Internet browser or other software programs. Please note, however, that if you deactivate cookies in your Internet browser, you may not be able to use all the features of our website and other online services.
This website uses Google Analytics, a web analysis service provided by Google Inc. (“Google”). Google Analytics uses “cookies,” which are text files placed on your computer, to help the website analyze how users use the site. For information about the type, scope, and functionality of cookies, please refer to the general explanations above regarding cookies. The information generated by the cookie about your use of the website is generally transferred to a Google server in the United States and stored there. However, if IP anonymization is activated on this website, your IP address will be shortened beforehand by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the United States and shortened there.
This website uses Google Analytics with the extension “_anonymizeIp().” This means that IP addresses are processed in a shortened form, thus preventing any personal identification. To the extent that the data collected about you contains any personal reference, this will be immediately excluded and the personal data will be deleted immediately.
On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity, and to provide the website operator with other services related to website activity and internet usage. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
We use Google Analytics to analyze and regularly improve the use of our website. The statistics obtained enable us to improve our offering and make it more interesting for you as a user. Our legitimate interest in data processing also lies in these purposes. The legal basis for the use of Google Analytics is Art. 6 (1) (f) GDPR. Furthermore, as a precautionary measure, we pursue a consent concept (Art. 6 (1) (a) GDPR) using a “cookie banner.” Please refer to the general information on cookies above (Section 2).
The data we send and linked to cookies is automatically deleted after 14 months. For the exceptional cases in which personal data is transferred to the USA, Google has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
You can prevent cookies from being saved by selecting the appropriate settings in your browser; however, please note that if you do this, you may not be able to use all of the features of this website to their full extent. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
As an alternative to the browser plug-in, especially for browsers on mobile devices, you can prevent Google Analytics from collecting data by clicking here. Clicking on this link will set an “opt-out cookie” that prevents your data from being collected when you visit this website in the future. Please note that if you remove the cookies stored in your browser, this website’s Google Analytics deactivation cookie will also be deleted. Furthermore, if you use a different computer, mobile device, or web browser, you will need to go through the deactivation process again.
Third-party information: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001.
Terms of Use: http://www.google.com/analytics/terms/de.html
Privacy Overview: http://www.google.com/intl/de/analytics/learn/privacy.html
Google Privacy Policy: http://www.google.de/intl/de/policies/privacy
We use Google Maps on our website to visually display geographical information. In order for third-party providers such as Google to display the map on our website, they must recognize your IP address, as they send the relevant data to the browser using your IP address. In this context, we endeavor to only transmit data that is absolutely necessary for the delivery of the content. The legal basis for this is Art. 6 (1) (f) GDPR. Our legitimate interest within the meaning of this standard lies in the delivery and display of the content offered on our website. Privacy Policy: https://www.google.com/policies/privacy/. Google Maps Terms of Use: https://www.google.com/intl/de_US/help/terms_maps.html.
We use “YouTube” from Google LLC on our website to embed their videos and make them available to you on our website. In order for third-party providers such as Google to display the videos on our website, they must recognize your IP address, as they send the relevant data to the browser using your IP address. In this context, we endeavor to only transmit data that is absolutely necessary for the delivery of the content. The legal basis for this is Art. 6 (1) Sentence 1 (f) GDPR. Our legitimate interest within the meaning of this standard lies in the delivery and presentation of the content offered on our website. Privacy Policy: https://www.google.com/policies/privacy/.
We use so-called social plugins (“plugins”) from the social network facebook.com on our website (see the blue box with the Facebook logo and a white “f” in the product descriptions in our online shop). The plugins are operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”).
Facebook is certified under the Privacy Shield Agreement and thus guarantees compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).
To increase the protection of your data when you visit our website, the plugins are integrated into the page using a so-called “2-click solution.” This integration ensures that no connection to Facebook’s servers is established when you access a page on our website that contains such plugins. Only when you activate the plug-in and thus consent to the data transfer does your browser establish a direct connection to the Facebook servers. The content of the respective plug-in is then transmitted directly from Facebook to your browser and integrated into the page. By integrating the plug-in, Facebook receives the information that your browser has accessed the corresponding page of our website, even if you do not have a Facebook profile or are not currently logged in. This information (including your IP address) is transmitted directly from your browser to a Facebook server in the USA and stored there. According to Facebook, only an anonymized IP address is stored in Germany.
If you are logged in to Facebook, Facebook can directly associate your visit to our website with your Facebook profile. If you interact with the plug-in, for example, by clicking the “Like” button, the corresponding information is also transmitted directly to a server of the provider and stored there. The information is also published on Facebook and displayed to your contacts there. The legal basis is Art. 6 (1) Sentence 1 (f) GDPR. Our legitimate interest lies in analyzing and optimizing the operation of our online offering.
For information about the purpose and scope of data collection, the further processing and use of data by the providers, as well as your rights and settings options for protecting your privacy, please refer to Facebook’s privacy policy: http://www.facebook.com/policy.php.
If you do not want Facebook to directly assign the data collected via our website to your profile on the respective service, please do not click the button described above or log out of the respective service before activating the plug-in.
Personal data is collected and processed when you communicate with us when ordering goods or registering in our online shop, or when using the contact options provided (e.g., via our contact form).
When you shop in our online shop, we primarily process your personal contact details, order details, and payment details.
Orders
If you wish to order from our online shop, it is necessary for the conclusion of the contract that you provide your personal data, which we need to process your order. Mandatory information required for contract processing is marked separately; further information is voluntary. We process the data you provide to process your order. The legal basis for data processing for the purpose of order execution and processing is Art. 6 (1) Sentence 1 (b) GDPR.
Customer Account
You can voluntarily create a customer account, through which we can save your data for future purchases. In your online account, you can, among other things, create wish lists of products for future orders and receive an overview of previously placed orders and their status. Registration requires your billing address for subsequent shipping, as well as your email address and password for online registration. After submitting your data, you will receive a registration confirmation from us to the email address you provided. The legal basis for this data processing is Art. 6 (1) Sentence 1 (b) GDPR.
Data Transfer
Your data will only be transferred to third parties if this is necessary to provide the respective service. For example, your data will be transferred to the shipping company commissioned with the delivery or to the financial service provider commissioned with the payment processing to the extent necessary for order processing. The legal basis for this data processing is Art. 6 (1) Sentence 1 (b) and (f) GDPR. Data processing is carried out to execute and process orders and to protect our legitimate interests in efficient shipping and payment processing.
Storage and Data Deletion
In the case of orders placed via our website, we are obliged to store your address, payment, and order data for a period of ten years due to commercial and tax law requirements. The legal basis for the corresponding data processing is Art. 6 (1) (c) GDPR. However, we generally restrict processing after three years, i.e., your data will only be used to comply with legal obligations, unless processing of your personal data is necessary for other purposes and is covered by another legal basis (e.g., for managing your customer account, etc.).
On our website, we offer you various options for contacting us and sending us messages. You can contact us, in particular, by telephone, email, or using the contact form provided.
If you contact us, the data you provide (e.g., your email address, your name, and your telephone number, if applicable) will be stored and processed by us in order to process your request. The legal basis for this is Art. 6 (1) (b) GDPR. If you use our contact form to contact us, the following data will also be stored at the time the completed contact form is sent, on the legal basis of Art. 6 (1) (f) GDPR: the IP address of the accessing computer, the date and time of sending. Our legitimate interest lies in preventing misuse of our services and, where applicable, in ensuring traceability of inquiries, as well as in the efficient and structured recording and processing of customer inquiries. We delete the data once storage is no longer required or restrict processing if statutory retention periods apply.
We are happy to inform you about your rights under the GDPR as a “data subject.” You are entitled to the following rights with regard to your personal data:
Right to information (Article 15 (1) and (2) GDPR)
Right to rectification (Article 16 GDPR) or erasure (Article 17 GDPR)
Right to restriction of processing (Article 18 GDPR)
Right to data portability (Article 20 GDPR)
Right to object to processing (Article 21 GDPR)
Right of withdrawal (Article 7 (3) GDPR)
Right to lodge a complaint with a supervisory authority (Article 77 GDPR)
In addition, we summarize the key points of the data subject’s rights under the GDPR as follows. This presentation does not claim to be exhaustive, but merely addresses the basic principles of the data subject’s rights under the GDPR:
Right to information
(including the right to confirmation and the right to data provision)
The data subject has the right to obtain confirmation from the controller that to request whether personal data concerning them are being processed.
The data subject has the right to access personal data concerning them and to the following information:
the purposes of the processing;
the categories of personal data being processed;
the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations;
where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
the existence of a right to request from the controller rectification or erasure of personal data concerning them or restriction of processing of the personal data concerning them or to object to such processing;
the existence of a right to lodge a complaint with a supervisory authority;
where the personal data are not collected from the data subject, all available information as to their source;
the existence of automated decision-making, including profiling, pursuant to Article 22 (1) and (4) GDPR and, at least in these cases, meaningful information about the logic involved, as well as the significance and envisaged consequences of such processing for the data subject;
where personal data are transferred to a third country or to an international organization, to be informed of the appropriate safeguards pursuant to Article 46 GDPR in connection with the transfer.
With regard to the personal data concerning him or her that are subject to processing, the data subject has the right to be provided with a copy of the personal data.
Right to rectification
The data subject has the right to request the controller to rectify inaccurate personal data concerning him or her without undue delay. Taking into account the purposes of the processing, the data subject has the right to have incomplete personal data completed, including by means of providing a supplementary statement.
Right to Restriction of Processing
The data subject has the right to request the controller to restrict processing if one of the following conditions applies:
the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data;
the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead;
the controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject to assert, exercise, or defend legal claims; or
the data subject has objected to processing pursuant to Art. 21 (1) GDPR, pending the verification whether the legitimate grounds of the controller override those of the data subject.
Right to erasure
The data subject has the right, in principle and subject to the legally required necessity of data processing (see Article 17 (3) GDPR for the exception), to request the controller to erase personal data concerning him or her without undue delay, provided one of the following reasons applies:
The personal data are no longer necessary for the purposes for which they were collected or otherwise processed.
You can contact us at any time to exercise your data subject rights or for general questions about data protection.
Göttinger OP-Simulationssysteme
Dr. Thomas Bohne e.K.
Robert-Bosch-Straße 11
37154 Northeim
Tel. +49 55 51 / 99676-0
Fax +49 55 51 / 99676-20
Email: info@gos-implant.com