Notice of Liability

The following data protection statement has been created with the greatest possible care. However, we expressly point out that we provide no warranty or assume any other responsibility for the accuracy, timeliness or completeness of the information provided. We reserve the right to make changes to the information without prior notification. The data protection statement has been created by the authors on the basis of literature currently available. The data protection statement serves as an initial model. It should be noted that many of the problems raised have not yet been resolved by supreme court case law, which is why different views are still being expressed on some points. No liability for correctness and completeness is assumed. It should also be noted that each case should be reviewed on an individual basis and that this model does not replace any individual legal advice.

PRIVACY STATEMENT

SECTION I. – General Information

Information

We appreciate your interest in our company and our services. We consider it our primary task to protect the confidentiality of the personal data you provide and to protect it from unauthorised access. We therefore take the utmost care and apply state-of-the-art security standards to ensure maximum protection of your personal data. To this end we have adopted technical and organisational measures, which ensure that the data protection regulations are observed both by us and also by our external service providers. Please read these regulations to familiarise yourself with the nature, scope and aim of the processing of personal data by us as the providers of this website. The lawful basis on which we process your personal data is provided under Regulation (EU) 2016/679 General Data Protection Regulation.

– hereinafter referred to as the “GDPR” –

Enhanced regulatory provisions apply in Germany under the Federal Data Protection Act [Bundesdatenschutzgesetz], in supplement to the provisions of the GDPR.

– hereinafter referred to as the “BDSG” –

To the extent that no other information is provided in the future, you are neither required by law nor by contract to provide your personal data to us, nor is it absolutely necessary to conclude a contract with us. You are not fundamentally obliged to provide your personal data. Refusal to provide your personal data has no consequences for you as a user when viewing our website.
This applies only where no other information is given in the subsequent processing operations.

SECTION II. – Definitions

Definitions

Legislation requires personal data to be processed lawfully, in good faith and in a manner that is reasonable for the Data Subject. In order to ensure this, we hereby inform you of the individual legal definitions which are also used in this data protection statement. This data protection statement is based on terms similar to those used by the European Commission when adopting the General Data Protection Regulation (GDPR). The terms used here are presented in abbreviated form, correspondingly and without any claim to their completeness or the legal certainty of the wording. For further information please refer to Regulation (EU) 2016/679 of the European Parliament and of the Council dated 27 April 2016, in so far as this description does not sufficiently clarify the definitions or explain the legal form.

We use the following terminology in our data protection statement, including but not limited to:

“Personal data”
Personal data is all the information, which relates to an (see Article 4(1) of the GDPR) identified or identifiable natural person
– hereinafter referred to as the “Data Subject” or “personal data” –

“Processing”
Processing is any process or series of processes carried (see Article 4(2) of the GDPR) out in the context of personal data.

“Restriction”
A restriction on processing is the marking of stored (see Article 4(3) of the GDPR) personal data with the aim of limiting its future processing.

“Profiling”
Profiling is any type of automated processing in which personal data (see Article 4(4)of the GDPR) is used to evaluate certain personal aspects relating to a natural person.

“Pseudonymisation”
Pseudonymisation is the processing of personal data in such a way that (see Article 4 Para. 5 GDPR) this can no longer be assigned to a Data Subject without the need for additional information.

“Data Controller”
A data controller is the natural or legal person, who alone or (see Article 4(7) of the GDPR) together with others decides on the purposes and means of processing.

“Processor”
A processor is a natural or legal person who (see Article 4(8) of the GDPR) processes data on behalf of the Data Subject.

“Recipient”
A recipient is a natural or legal person, authority, institution (see Article 4(9) of the GDPR) or other body to whom personal data is disclosed, regardless of whether it involves a third party or not.

“Third party”
A third party is a natural or legal person, who, under the direct (see Article 4(10) of the GDPR) authority of the Data Controller, is authorised to process personal data.

“Consent”
Consent is each expression of will unequivocally given by the Data Subject voluntarily for a particular (see Article 4(11) of the GDPR) case in the form of a declaration or a unique action of confirmation.

SECTION III. – Data Controller

a. Data Controller
The Data Controller in the sense of the European General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG), as well as any other data protection laws and other regulations on data protection in the Member States of the European Union:

Ovesco Endoscopy AG
Friedrich-Miescher-Str. 9
72076 Tuebingen (Germany)

Phone: +49 (0) 7071 96528 160
Fax: +49 (0) 7071 96528 260

E-mail: service@ovesco.com
Web: https://www.ovesco.com

b. Data protection supervisor
The data protection officer of the Data Controller for processing is:

DDSB GmbH
Andreas Peter Mückl
Untere Dornäcker 21
72379 Hechingen (Germany)

Phone: +49 (0) 7471 50101 00
Fax: +49 (0) 7471 50101 90

E-mail: datenschutz@ddsb.de
Web: https://www.ddsb-datenschutz.de

c. DATA PROTECTION SUPERVISORY AUTHORITY
Responsible supervisory authority:

The State Commissioner for Data Protection
and the Freedom of Information for Baden-Württemberg
[Landesbeauftragte für den Datenschutz
und die Informationsfreiheit Baden-Württemberg]

Postfach 102932
70025 Stuttgart (Germany)

Phone: +49 (0)711 61554 10
Fax: +49 (0)711 61554 115

E-mail: poststelle@lfdi.bwl.de
Web: https://www.baden-wuerttemberg.datenschutz.de

d. COMPANIES INVOLVED IN THE CORPORATE GROUP
The corporate group includes:

Ovesco Endoscopy AG
Dorfackerstraße 26
72074 Tübingen (Germany)

Ovesco Endoscopy USA Inc.
120 Quade Drive
Cary, NC 27513 (USA)

The Ovesco Endoscopy AG is the parent company of the group.

SECTION IV. – Use and Purpose of the processing and its Lawful Bases

a. Use and Purpose of the Processing
We process personal data that we receive directly from our customers in the course of our business relationship. In addition, we process personal data that we collect from other companies, to carry out orders, to fulfil contracts or on the basis of consent we have received from you, for example. We also process personal data that we have legitimately gained and are permitted to process from publicly available sources, such as commercial registers, the press, the media or the internet. The personal data provided by you will be processed according to the applicable regulations on personal data protection, only for the purposes communicated by you and for which you have given consent for its use. In particular, for:

  • initiation or performance of the contract with you;
  • being able to process and answer your enquiries adequately and effectively;
  • tailoring services and offers to you;
  • processing your requests and orders;
  • providing particular information or offers to you;
  • maintaining legitimate business interests, in terms of customer service and customer care.

Your personal data is not disclosed to third parties without your express consent.

b. Lawful Basis for the Processing of Personal Data
The processing of personal data is only lawful if there is a lawful basis for the processing. The lawful basis for the processing may, in accordance with Article 6(1)(a) to (f) of the GDPR, in particular be:

  1. the Data Subject has given their consent to the processing of personal data concerning them for one or more specific purposes;
  2. the processing is necessary for the fulfilment of a contract to which the Data Subject is a contractual party or in order to fulfil contractual requirements at the request of the Data Subject;
  3. the processing is necessary to fulfil a legal obligation to which the Data Controller is subject;
  4. the processing is necessary to protect the vital interests of the Data Subject or another natural person;
  5. the processing is necessary for the performance of a task in the public interest or in the exercise of public authority conferred on the Data Controller;
  6. the processing is necessary to safeguard the legitimate interests of the Data Controller or a third party, unless the interests or fundamental rights and freedoms of the Data Subject, which require the protection of personal data, prevail, in particular where the Data Subject is a child.

SECTION IV. – Collection of Personal Data

1. Server Log Files
With each visit to our website, whether by a Data Subject or via an automated system, a set of general data and information is collected for the maintenance and safe operation of our website. This general data and information is stored in the log files of the server. This data is collected only to the extent that it is technically necessary. The data remains anonymous and is evaluated exclusively for statistical purposes to improve our websites and online services. The data collected is used solely for statistical evaluations and to improve the website. We reserve the right, however, to review the server log files subsequently, in the event that concrete and valid evidence indicates an illegal use of our website.

2. Acquisition and Processing of the Data Types in Server Log Files
Where the website is used for information purposes only, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website to you and to guarantee its stability and security. These items are:

  • websites visited
  • time of access
  • amount of data sent in bytes
  • source/reference from which you accessed the page
  • information about the internet service provider of the accessing system
  • browser type used and its version
  • operating system used for browser access
  • IP address used (anonymised)
  • website from which an accessing system reaches our website (the referrer)
  • the sub-pages that are controlled via an access system on our website
  • other similar data and information used for risk prevention in the case of attacks on our information technology systems.

When using this general data and information, the Ovesco Endoscopy AG does not draw any conclusions about the Data Subject. Rather, this information is needed to

  • correctly deliver the content on our website;
  • optimise the contents and advertising of our website;
  • ensure the functionality of our information technology systems and the technology of our website;
  • provide law enforcement authorities with the information necessary for law enforcement in the event of a cyber-attack.

This data and information collected anonymously are therefore statistically evaluated by the Ovesco Endoscopy AG with the aim of increasing data protection and data security in our company in order to ultimately ensure an optimal level of protection for the personal data processed by us.

The anonymous data from the server log files is stored separately from all personal data given by a Data Subject and, therefore, does not provide any conclusions about individual persons. This means that your personal data is protected at all times. This data is processed based on Article 6(1)(f) of the GDPR under the legitimate interest in the provision and secure operation of our website. You have the right at any time to object to the processing of your personal data, for reasons arising from your particular situation, based on Article 6(1)(f) of the GDPR. To exercise this right, you may contact us at any time, as the Data Controller or our data protection officer, using the contact details provided in this statement.

3. Cookies
Our website uses cookies. Cookies are small text files that are stored in the web browser or by the web browser on a user’s computer system. If a user visits our website, a cookie may be stored on the user’s operating system. This cookie contains a distinctive character string that enables the browser to be uniquely identified when the website is accessed again. We use cookies to make our website more user-friendly, effective and secure. Cookies also enable our systems to recognise your browser after changing sites and to offer you services. Our sites use “session cookies” to remember your:

  • language settings
  • display settings
  • login information

Session cookies will be deleted from your computer when you close your browser.

We also use a limited number of persistent cookies. These remain on your computer until you delete them or until they expire after a period of up to a year, as a general rule.

Persistent cookies contain the following information:

  • status (hidden or expanded) of some menus and widgets
  • selected tab in the widgets.

The purpose of using technically necessary cookies is to simplify use of websites for users. Some features of our website will not be available without the use of cookies. In this case, it is necessary to identify the browser even after changing the page. The lawful basis for the processing of personal data using technically necessary cookies is Article 6(1)(f) of the GDPR. You have the right at any time to object to the processing of your personal data, for reasons arising from your particular situation, based on Article 6(1)(f) of the GDPR. To exercise this right, you may contact us at any time, as the Data Controller or our data protection officer, using the contact details provided in this statement. We require cookies for the following applications:

  • applying language settings
  • remembering search terms.

We also use cookies on our website to analyse user surfing behaviour. The following data can be transmitted in this way:

  • search terms entered
  • frequency of page views
  • use of website functions.

When accessing our website, users are informed about the use of cookies for analytical purposes and their consent to the processing of personal data used for that purpose is obtained. In this context, reference is also made to this data protection statement. The lawful basis for the processing of personal data using cookies for analytical purposes where the user provides their consent in this regard is Article 6(1)(a) of the GDPR. You may revoke your consent at any time by notifying us, without affecting the lawfulness of processing carried out on the basis of consent until the time of revocation.

The user data collected by cookies is not used to create user profiles. The data collected from you in this way is pseudonymised by technical means. We are therefore unable to relate this data to you personally. The data is not stored together with your other personal data. These cookies help us to gather reliable information about website usage. In this way, we can measure how well the website complies with the requirements of its users, and, if necessary, make improvements.

The analysis cookies are used to improve the quality of our website and its content. By using analysis cookies, we learn how the site is used and can constantly optimise our service. The data that we have collected about your surfing behaviour on our website is stored under absolutely secure conditions. These cookies are used only for the purposes described here.

You can manage and/or delete cookies as you wish. You can delete any cookies that are already on your computer and you can set most browsers so that they are not placed on your computer. If you do this, however, you may have to manually adjust some preferences every time you visit a site, and some services and functions may not work.

You can easily accept or reject the cookies on this page. However, you can reject only persistent cookies, which are not strictly necessary. Some cookies are needed because they make certain functions available. Flash cookies cannot be prevented in the browser settings, but by changing the Flash Player settings.

4. Contact Options
On the basis of statutory regulations, the Ovesco Endoscopy AG website contains information that enables customers to quickly contact us electronically, as well to communicate with us directly, which also includes a general e-mail address.

If a Data Subject contacts us by e-mail or any other means of contact, the personal data transmitted by the Data Subject will be automatically stored. We process your personal data which you provide to us by e-mail contact form, etc. to answer and fulfil your requests. You are not obliged to provide your personal data. But if you do not provide us your e-mail address we cannot reply by e-mail. Personal data submitted on a voluntary basis to us is stored for purposes of processing the request and contacting the Data Subject.

This personal data is not transmitted to third parties.

By sending your message, you consent to the processing of the data transferred. This data is processed on the basis of Article 6(1)(a) of the GDPR with your consent.

You may revoke your consent at any time by notifying us, without affecting the lawfulness of processing carried out on the basis of consent until the time of revocation. We will only use your e-mail address to respond to your enquiry. Your data will then be deleted, taking into account statutory and, in particular, tax and commercial law retention periods, unless you have consented to further processing and use.

5. Communication by E-mail
Your personal data is stored using all possible technical and organisational measures so that it is not accessible to third parties. As the recipient, we cannot guarantee complete data security for e-mail communication, so we recommend that you send confidential information by post. This data is processed on the basis of Article 6(1)(a) of the GDPR with your consent. You may revoke your consent at any time by notifying us, without affecting the lawfulness of processing carried out on the basis of consent until the time of revocation.

6. Form Function
Where there is the possibility of entering personal data on our website, data is disclosed on an expressly voluntary basis. Of course, this data will be handled confidentially by us.

By submitting your data, you consent to the processing of the data transferred. This data is processed on the basis of Article 6(1)(a) of the GDPR with your consent.

You may revoke your consent at any time by notifying us, without affecting the lawfulness of processing carried out on the basis of consent until the time of revocation.

7. Contact Form
When contacting us via our contact form, we only collect the personal data (name, e-mail address and message text) provided by you. This processing serves to contact you and respond to your request.

Your data is processed on the basis of Article 6(1)(f) of the GDPR. You have the right to object to the data processing under Article 6(1)(f) of the GDPR on the basis of legitimate interest and not for the purpose of direct marketing for reasons that arise from your particular situation at any time. To exercise this right, you may contact us at any time, as the Data Controller or our data protection officer, using the contact details provided in this statement.

This personal data collected is not disclosed to third parties, unless such disclosure is required by law or serves for the legal defence of the Data Controller. We delete the data arising in this context after storage is no longer necessary, or processing is restricted, unless statutory retention obligations prevent this.

8. Newsletter Subscription

On the Ovesco Endoscopy AG website, users are given the opportunity to subscribe to our company’s newsletter. The personal data transmitted to us when a request to subscribe to the newsletter is received results from the input form used for this purpose.

You can give your consent to receive our newsletter, in which we inform you of our current offers.

To subscribe to our newsletter, we use the double opt-in procedure. This means that after your request is received, an e-mail is sent to the specified e-mail address, in which we ask you to confirm that you would like to receive the newsletter. If you do not confirm your registration within 24 hours, your information will be blocked and automatically deleted after one month.

Ovesco Endoscopy AG uses its newsletter to inform its customers and business partners at regular intervals about offers by the company. Our company’s newsletter may be received only by the Data Subject, if:

  1. the Data Subject has a valid e-mail address;
  2. the Data Subject has registered to receive the newsletter.

When registering for the newsletter, we also store the IP address of the computer system used by the Data Subject assigned by the Internet Service Provider (ISP) at the time of registration;the date and time of the registration.

This data is collected in order to trace any misuse of the e-mail address of the Data Subject at a later point and therefore provides legal protection for the Data Controller. The personal data collected when registering for the newsletter will be used exclusively to send our newsletter.

In addition, subscribers to the newsletter may be notified by e-mail, if this is necessary for the operation of or registration for the newsletter service, as might be the case in the event of changes to the newsletter or technical changes.

The only information we require to send the newsletter is your e-mail address. The provision of further, separately marked data is voluntary and is used to be able to address you personally. After your confirmation, we will save your e-mail address in order to send the newsletter. The lawful basis is Article 6(1)(1)(a) of the GDPR.

The processing is based on the lawful basis under Article 6(1)(a) of the GDPR with your consent. You may revoke your consent at any time by notifying us, without affecting the lawfulness of processing carried out on the basis of your consent until the time of revocation. You will find a link in every newsletter for the purpose of revoking your consent. It is also possible at any time to unsubscribe directly from the newsletter on the Data Controller’s website or by informing the Data Controller in any other way.

9. Newsletter Tracking
The Ovesco Endoscopy AG newsletter contains tracking pixels. A tracking pixel is a miniature graphic that is embedded in e-mails that are sent in HTML format to enable log file recording and analysis. This allows the success or failure of online marketing campaigns to be statistically evaluated.

Using the embedded tracking pixel, Ovesco Endoscopy AG can detect whether and when an e-mail was opened by the Data Subject and which links in the e-mail were accessed by the Data Subject. Such personal data collected by the tracking pixels contained in the newsletters is stored and evaluated by the Data Controller in order to optimise the newsletter distribution and to better adapt the content of future newsletters to the interests of the Data Subject.

This personal data will not be disclosed to third parties. This data is processed on the basis of Article 6(1)(a) of the GDPR. Data Subjects are entitled at any time to revoke the separate declaration of consent given for this through the double opt-in procedure. After revocation, this personal data will be deleted by the Data Controller. Ovesco Endoscopy AG automatically interprets unsubscribing from the newsletter as a revocation.

10. Newsletter Distribution
Irrespective of the contract execution, we use your e-mail address exclusively for marketing purposes, in order to send you the newsletter, provided that you have given your express consent. Your data is passed to a service provider for e-mail marketing to process the request. Your data will not be transmitted to other third parties.

This data is processed on the basis of Article 6(1)(a) of the GDPR with your consent.

You may revoke your consent at any time by notifying us, without affecting the lawfulness of processing carried out on the basis of your consent until the time of revocation. You can unsubscribe at any time to by using the link in the newsletter or by informing us otherwise. Your e-mail address will then be deleted from the mailing list.

SECTION VI – Use and Processing

1. Information
We only store and process data which you voluntarily provide to us. If you make use of services, generally only data that we absolutely need to provide the services and to safeguard our own legitimate business interests is collected. If we ask you for further information, you are under no obligation to provide it.

If the processing of personal data is necessary and there is no lawful basis for such processing, we generally obtain consent for the processing the data of the Data Subject. Personal data is always processed in accordance with the European General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG), and in accordance with the state-specific data protection provisions applicable to Ovesco Endoscopy AG.

Ovesco Endoscopy AG has implemented numerous technical and organisational measures as the Data Controller in order to ensure that all personal data processed via this website is protected as best as possible. Nevertheless, internet-based data transmissions can by their very nature have security gaps, so absolute protection cannot be 100% guaranteed. For this reason, every Data Subject is free to transmit personal data to us by alternative means, for example by telephone or post.

2. Consent
If it is necessary to obtain personal data, the processing of which is permitted or provided for on a lawful basis, we collect this from the Data Subject before processing in the form of voluntary consent. You may revoke your consent at any time by notifying us, without affecting the lawfulness of processing carried out on the basis of consent until the time of revocation.

3. Legitimate Interest
If the processing is absolutely necessary to maintain a legitimate interest of our company or a third party, and it must be ensured that the interests are proportionate and the fundamental rights and freedoms of the Data Subject do not prevail, then we conduct the processing on the basis of Article 6(1)(f) of the GDPR in a considered assessment of risks related to this and in full awareness of our fiduciary duty according to strict assessment criteria, which otherwise are not included in any of the above mentioned lawful bases. You have the right at any time to object to the processing of your personal data, for reasons arising from your particular situation, based on Article 6(1)(f) of the GDPR. To exercise this right, you may contact us at any time, as the Data Controller or our data protection officer, using the contact details provided in this statement.

We are, in particular, allowed to carry out such processing procedures that sometimes become necessary because they have been specifically provided for in EU legislation. In this regard this maintains the condition that, for example, a legitimate interest could be assumed if the Data Subject is a customer of the Data Controller. (see Recital 47(2) of the GDPR).

4. Direct Marketing
We use your e-mail address, which we have obtained within the framework of a personal contact or in connection with an agency/project undertaking or in connection with a service delivery/claim or in connection with the sale/purchase of a good/product, for the electronic transmission of marketing for our own offers, products or services, which are similar to those that you have already ordered with us, if you have not objected to such use. This data is processed on the basis of Article 6(1)(f) of the GDPR on the basis of the legitimate interest in direct marketing. You have the right at any time to object to the processing of your personal data, without giving any reasons, based on Article 6(1)(f) of the GDPR. To exercise this right, you may contact us at any time, as the Data Controller or our data protection officer, using the contact details provided in this statement. You can also use the dedicated link in the promotional e-mail. There are no other costs involved in sending this notification other than the transmission costs in accordance with the basic tariffs.

5. Credit Check
We wish to point out that we are entitled to send all relevant data concerning outstanding claims made on the basis of non-contractual behaviour to credit agencies, in compliance with the statutory requirements.

If we make advance outlays, for example, if you pay on account or on credit, we reserve the right to obtain a credit rating. To do this, we submit the personal data required for a credit check to a credit agency. We use the information obtained about the statistical probability of default for making a balanced decision with respect to the conclusion, execution or termination of the contract. Your legitimate interests will be taken into account in accordance with the legal requirements.

This data is processed on the basis of Article 6(1)(f) of the GDPR on the basis of the aforementioned legitimate interest. You have the right at any time to object to the processing of your personal data, for reasons arising from your particular situation, based on Article 6(1)(f) of the GDPR. To exercise this right, you can contact us at any time, as the Data Controller. The credit information can contain probability values (score values), which are calculated on the basis of scientifically recognised mathematical-statistical methods.

6. Processing of Personal Data
When creating a quotation or offer acceptance, we collect and use personal data only as necessary to generate, fulfil and process quotes and/or contracts, as well as to process requests in this regard. This data must be provided in order to conclude the contract.

This data is processed on the basis of Article 6(1)(b) of the GDPR and is necessary to conclude and execute a contract with you. Service providers employed by us and acting on our behalf (order processors, see Article 28 GDPR) can process data for purposes mentioned in Section IV, Part A.

Existing services which the contractor generally uses with third parties as an ancillary service, in support of its operation or its business in the context of order processing, also fall within the sense of this statement. In such cases, personal data is processed by the operator under contract in accordance with Article 28 of the GDPR in connection with Section of the 62 BDSG.

Inasmuch as ancillary services also need to be used for the processing, the processing is based on Article 6(1)(f) GDPR on the basis of the legitimate interest in maintaining business operations. You have the right at any time to object to the processing of your personal data, for reasons arising from your particular situation, based on Article 6(1)(f) of the GDPR. To exercise this right, you may contact us at any time, as the Data Controller or our data protection officer, using the contact details provided in this statement. These include ancillary services to ensure the confidentiality, availability, integrity and capacity of the computer hardware and software used and called upon by the contractor, such as:

  • telecommunications providers as part of maintenance and services
  • cleaning and/or security services
  • auditors in the context of certifications
  • waste disposal services
  • data centre services
  • postal/transportation services
  • IT service providers for system maintenance and user service.

7. Data Transfer
Your data is not disclosed to third parties, who then process it under their own responsibility, without your express consent. Only our service partners which we need to conduct the contractual relationship or service providers we use in the course of order processing are excluded from this. The scope of the disclosure of data is limited to a minimum. In all cases, we assure you that when choosing our service providers which we use in individual cases, we select these carefully and in good faith, in terms of their suitability and reliability, ensuring that they satisfy our own requirements and standards.

8. Transmissions
Personal data is transmitted to authorised national institutions and authorities only within the framework of relevant laws or unless we are required by a court decision to do so. This data is processed on the basis of Article 6(1)(e) of the GDPR. We may transmit your personal data to the companies referred to under Section II. A. and to companies affiliated with us, to the extent permitted by the purposes set out in Section IV. A. and the lawful bases referred to in Section IV. B.

9. Data Transfer to a Third Country
We do not envisage transmitting your data to a third country. If our service providers or partners are located in a country outside the European Economic Area (EEA), we will inform you of the consequences of this in the description of the relevant offer.

10. Categories of Recipients
Within Ovesco Endoscopy AG only those persons who receive your data and are entrusted with processing the contract or handling your request. Otherwise, personal data is processed on our behalf, on the basis of contracts pursuant to Article 28 of the GDPR in conjunction with Section 62 of the BDSG. In addition to the recipient named in the respective provisions of this data protection statement, this may be to recipients in the following categories:

  • commercial agencies
  • shipping providers
  • payment service providers
  • enterprise resource planning service providers
  • logistics providers
  • cloud and IT service providers
  • tax and business consultants.

The recipients can be also our affiliates, insofar as this is allowed for within the purposes set forth in this statement and lawful bases.

11. Duration of Storage
The Data Controller processes and stores the personal data of the Data Subject only for the period that is necessary to achieve the purpose of the storage. After completion of the contract, the data is first stored for the duration of the warranty period; then, taking into account any legal and, in particular, tax and commercial retention periods, your data is stored and then deleted after this period, unless you have agreed to further processing and use or unless this is otherwise determined by the European Commission or any other laws or regulations to which the Data Controller is subject.

12. Confidentiality and Data Protection
Our employees and the service companies commissioned by us are contractually bound to confidentiality and to comply with data protection, in accordance with regulations of the German Federal Data Protection Act.

13. Children and/or Young People
Our offer is essentially aimed at adults. Persons below the age of 18 should not transmit personal data to us without the consent of their parents or legal guardians.

We generally require no personal data from a child or children or a young person or young people, and we do not collect and or disclose such data to third parties. Nevertheless, in special circumstances, we may need and request such personal data to process an application, under our legitimate interest in the application for the establishment of a possible employment relationship.

In such cases, personal data is processed on the basis of Article 6(1)(f) of the GDPR, for the legitimate interest of the aforementioned purpose and to obtain the necessary written consent of one or more parents or guardians in the processing.

The parents or guardians may revoke their consent at any time by notifying us, without affecting the lawfulness of processing carried out on the basis of consent until the time of revocation. You have the right at any time to object to the processing of your personal data, for reasons arising from your particular situation, based on Article 6(1)(f) of the GDPR. To exercise this right, you may contact us at any time, as the Data Controller or our data protection officer, using the contact details provided in this statement.

If the Data Controller concludes an employment or placement contract with an applicant, the data to be transmitted will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions. This data is processed on basis of Section 26(1) in conjunction with (8)(2) of the BDSG in the course of employment.

14. Job Applications
Insofar as the application is necessary to fulfil a contract with the applicant or to carry out pre-contractual measures, the lawful basis for processing the data is based on Article 6(1)(b) of the GDPR.

If this is a speculative application, the data is processed based on Article 6(1)(a) GDPR, with the consent of the applicant.

You can revoke consent provided under the lawful basis of Article 6(1)(a) of the GDPR at any time by informing us, without affecting the lawfulness of the processing carried out on the basis of consent until the time of revocation.

Insofar as ancillary services are to be used for processing, the processing is carried out on the basis of Article 6(1)(f) of the GDPR, based on the legitimate interest in the handling of the application process. You have the right at any time to object to the processing of your personal data, for reasons arising from your particular situation, based on Article 6(1)(f) of the GDPR. To exercise this right, you may contact us at any time, as the Data Controller or our data protection officer, using the contact details provided in this statement.

The lawful basis for processing the data beyond any other lawful basis is in any case the consent of the applicant in accordance with Article 6(1)(a) of the GDPR.

As part of the application process, we obtain the consent of the applicant. You can revoke consent provided under the lawful basis of Article 6(1)(a) of the GDPR at any time by informing us, without affecting the lawfulness of the processing carried out on the basis of consent until the time of revocation.

If the processing of personal data is necessary and there is no lawful basis for such processing, we generally obtain consent for the processing the data of the Data Subject. You can revoke consent provided under the lawful basis of Article 6(1)(a) of the GDPR at any time by informing us, without affecting the lawfulness of the processing carried out on the basis of consent until the time of revocation.

As far as employment between you and us is concerned, we may process the personal data already obtained from you for employment purposes. The lawful basis flows from Section 26(1) in conjunction with (8)(2) of the BDSG if this is necessary for the creation, implementation or termination of the employment relationship or for exercising or fulfilling the rights and obligations of the employees resulting therefrom.

Otherwise, the application process ends with the receipt of the rejection by the applicant.

In the event that an employment relationship between you and us does not come into effect, we may also continue to store data based on Article 6(1)(f) of the GDPR to the extent necessary to defend against possible legal claims. You have the right at any time to object to the processing of your personal data, for reasons arising from your particular situation, based on Article 6(1)(f) of the GDPR. To exercise this right, you may contact us at any time, as the Data Controller or our data protection officer, using the contact details provided in this statement.

For additional information about careers, data protection in the application process and applicant data protection using our online application portal, please refer to the additional statements that have been prepared by us and should be considered cumulative to this general data protection statement, for reasons of transparency and clarity of important regulations.
These are used for data protection in the application process, in addition to the data protection statement when using the online application platform in conjunction with the terms of use currently in force.
These additional statements, which are specific to these topics, form a legal part of this data protection statement. These can be found at the end of this statement in a foldable area.

15. Processing in the Employment Context
Data is processed on the basis of Article 88 of the GDPR in conjunction with Section 26 of the BDSG.

SECTION VII. – Technical and Organisational Measures

We have taken technical and organisational security measures to protect your personal information against loss, destruction, manipulation and unauthorised access. Our security measures are continuously updated in accordance with technological development and the state of the art, as far as economically viable and acceptable, so as to keep the confidentiality, integrity, availability and resilience of our systems and services always at the highest level
1. SSL Encryption
To best protect your transmitted data, we use SSL encryption on our websites. You can recognise encrypted connections by the prefix “https://” in the page link in the address line of your browser. Unencrypted pages are identified by “http://”. All data that you send to these SSL websites – such as inquiries or logins – cannot be read by third parties thanks to SSL encryption.

2. Organisational Measures
All of our employees and all persons involved in data processing are contractually obliged to observe the data protection laws and provisions and are also bound to the confidential handling of personal data as well as to data protection and confidentiality.

3. Automated Decision-Making
As a responsible company, we do not use automatic decision-making.

4. Profiling
Profiling is carried out only for logistical reasons to process your order within our enterprise resource planning system.

SECTION VIII. – Rights of Data Subjects

You have the following rights pursuant to the statutory requirements under Article 15 to 21 and Article 77 of the GDPR in connection with Section 29 of the BDSG. If you wish to avail yourself of any of the following rights, you may contact our data protection officer or us, as the Data Controller, at any time using the contact details provided in this statement.

  • Information about your data which we store and how we process it
  • Correction of incorrect personal data
  • Deletion of your data which we store, or limitation of data processing, if we are not yet allowed to delete your data due to legal obligations
  • Objection to your data being processed by us
  • Data portability, if you have consented to data processing or have concluded a contract with us.
  • If you have given us your consent, you can revoke it with future effect at any time.

Right to objection under Article 21 of the GDPR
Any Data Subject has the right granted by the European Commission, for reasons arising from their particular situation, to object to the processing of personal data relating to them at any time, which is processed on the basis of Article 6(1)(e) or (f) of the GDPR. This also applies to profiling based on these provisions.

Ovesco Endoscopy AG will no longer process personal data in the event of an objection, unless we can prove there are compelling reasons to continue the processing which outweigh the interests, rights and freedoms of the Data Subject, or that the processing serves to assert, exercise or defend legal claims.

If Ovesco Endoscopy AG processes personal data for direct mailing purposes, the Data Subject has the right to object to the processing of personal data for the purpose of such marketing at any time. This also applies to any profiling connected with such direct marketing.

If the Data Subject objects to Ovesco Endoscopy AG’s processing for direct marketing purposes, Ovesco Endoscopy AG may no longer process the personal data for these purposes.
The Data Subject has the right, for reasons arising from his/her particular situation, to object to the relevant processing of personal data which Ovesco Endoscopy AG carries out for scientific or historical research purposes or for statistical purposes, in accordance with Article 89(1) of the GDPR, unless such processing is necessary for the performance of a task in the public interest.

The Data Subject is also free to exercise their right of objection in relation to the use of services of an information company, notwithstanding Directive 2002/58/EC, by means of automated procedures using technical specifications.

Without prejudice to any other administrative or judicial remedy, you have the right, in accordance with Article 77 of the GDPR in conjunction with Section 29 of the BDSG, to contact the supervisory authority if you believe that the processing of your personal data is not lawful.

The competent supervisory authority varies depending on your country of residence, your work or the nature of the alleged infringement. A list of supervisory authorities (for the non-public sector) and their addresses can be found (in German) at: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

You also have the right to an effective judicial remedy if you consider that your rights under this regulation have been infringed as a result of processing of your personal data in breach of this regulation.

SECTION IX. – Integrated Processing Components

Google Analytics
On our web pages we use Google Analytics, a web analysis service of Google Inc. (https://www.google.de/intl/en/about/) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter “Google”). In this context, pseudonymised user profiles are created and cookies (see section 4) are used. The information generated by the cookie about your use of this site such as

  1. browser type/version,
  2. the operating system used,
  3. referrer URL (the previously visited page),
  4. host name of the accessing computer (IP address),
  5. time of the server request,

are transferred to a Google server in the USA and stored there. The information is used to evaluate the use of the website, to compile reports on website activities and to provide other services related to website and Internet use for market research purposes and to design these Internet pages in line with requirements. This information may also be transferred to third parties if this is required by law or if third parties process this data on behalf of third parties. Under no circumstances will your IP address be merged with other Google data. The IP addresses are anonymized so that an assignment is not possible (IP masking).
You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.
You have given your consent to this via our opt-in cookie banner within the meaning of Article 6(1)(a) GDPR.
You can also prevent the collection of data generated by the cookie and relating to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=en).
As an alternative to the browser add-on, especially for browsers on mobile devices, you can also prevent Google Analytics from capturing data by clicking the following link: Disable Google Analytics. An opt-out cookie is set to prevent your data from being collected in the future when you visit this website. The opt-out cookie applies only in this browser and only to our website and is placed on your device. If you delete the cookies in this browser, you must set the opt-out cookie again.
Further information on data protection in connection with Google Analytics can be found in the Google Analytics help (https://support.google.com/analytics/answer/6004245?hl=en).

Section X. – Statutory or Contractual Provisions

1. Provision of Personal Data
We inform you that the provision of personal data can partly be required by law (e.g. tax regulations) or may also result from contractual regulations (e.g. information on the contractual partner).

2. Consequences of Failure to Provide Personal Data
A failure to provide personal data can mean that a contract cannot be concluded with you. Before providing any data, you are welcome to contact our data protection officer if you have any questions. They will inform you whether the provision of personal data is legally or contractually determined and whether it is absolutely necessary for the conclusion of the contract with you or whether there is an obligation to provide personal data and what the consequences of a failure to provide the personal data are.

3. Obligation to Provide Data
Sometimes you may be required to supply us with your personal data in order to conclude a contract, which must be processed by us as a result. For example, you are required to provide us with your personal data if our company wishes to enter into a contract with you.

4. Objection to Spam E-Mails
We hereby expressly object to the use of contact details for the purpose of sending unsolicited marketing and information material, which must be published within the scope of the imprint obligation. We expressly reserve the right to take legal action in the event of the unsolicited sending of marketing information, such as spam e-mails.

5. Links to Third Parties
If you use external links which appear on our website, then this data protection statement does not extend to these links. In so far as external links appear, we assure you that no breaches of the applicable data protection laws on the linked websites were identified at the time that the link was included. However, we have no influence on the compliance and implementation of the legal data protection regulations by other providers. Please visit the website of the respective provider to read its data protection policy and for details of its contact for data protection.

6. Responsibility for Contents
Under Section 7(1) of the German Telemedia Act [Telemediengesetz] (TMG), as a service provider we are responsible for our own content on this website in accordance with general legislation. According to Sections 8 to 10 to the TMG, as the operator of this website, we are not obliged to monitor information transmitted or stored on this site by third parties or to monitor the site for signs of illegal activity. Obligations to remove or block the use of information under general legislation remain unaffected.

The free and freely accessible contents of this website were produced with the utmost care. We however expressly point out that we accept no liability or other responsibility for the accuracy, timeliness or completeness of the content provided in this data protection statement. The contents do not serve as legal advice on which you can rely when complying with the legal regulations on data protection – in particular the GDPR – nor can this replace individual legal advice.

7. Liability
Liability claims against Ovesco Endoscopy AG which refer to damages of a material or intangible or immaterial nature caused by applying the content presented in this data protection statement or using potentially incorrect and incomplete or misleading content are excluded, provided that on the part of Ovesco Endoscopy AG no demonstrably intentional or grossly negligent fault exists.

8. Legal Effect and Choice of Jurisdiction
Insofar as sections or individual terms in this data protection statement are not, or are no longer or not fully, applicable to the legal situation in question, the content and validity of the remaining parts of the document remains unaffected. German law applies. For consumers, this choice of law applies only insofar as the protection provided is not revoked by mandatory provisions of the laws of the state in which the consumer has their habitual residence (favourability principle).

9. Other Provisions
Changes to the law or to our internal processes may required this data protection statement to be modified. In the event of such a change, we will inform you of this, insofar as possible, six weeks before the changes enter into force. You should read this policy every now and then to stay up to date on how we protect your data and continuously improve our website’s content. If we make material changes to the collection, use and/or disclosure of your personal data that you make available to us, we will advise you in a clear and prominent notification on the website.

You generally have a right of withdrawal with respect to the consent you have granted. Please note that unless you exercise your right of withdrawal), the current version of the privacy policy applies.

In the course of the development of legal provisions, Ovesco Endoscopy AG expressly reserves the right to amend parts of the statement or the statement in its entirety without separate announcement, to supplement it, to delete it or to cease publication temporarily or permanently. In addition, due to our lack of intention to be legally bound, no contractual relationship between us and you as the user of this content is created by obtaining this freely accessible content. For questions and suggestions on the topic of data protection at Ovesco Endoscopy AG, please contact: datenschutz@ddsb.de

We will update this data protection statement when needed, based on the current circumstances, such as changes to legal requirements. The version published here applies.

This data protection statement was created by DDSB GmbH.
Last updated 09/2018

 

-Information under articles 13, 14 and 21 of the basic Data Protection Regulation (GDPR)-

 

Dear Applicant,

In the following we inform you about the processing of your personal data according to art. 4 para. 2 GDPR in connection with your application.

Section I. – General Information

We only store and process data that you voluntarily provide to us. If you make use of our services, we will usually only process the data that we voluntarily provide you with in the course of our service provision and urgently need to protect your own legitimate business interests.

As far as we ask you for further data, this is voluntary information which is not a legal claim.

The processing of personal data is always carried out in accordance with the European Data Protection Basic Regulation (GDPR) and the National Federal Privacy Act (BDSG), in accordance with the Ovesco Endoscopy AG Applicable country-specific data protection regulations.

Processing can also be done electronically. Ovesco has implemented numerous technical and organizational measures as a controller in order to ensure as complete a protection as possible of the personal data to be processed.

However, Internet-based data transmissions can generally have security vulnerabilities, so absolute protection cannot be guaranteed to a hundred percent.

For this reason, each person concerned is free to transmit personal data to us on alternative routes, for example, in person, by fax or by post.

A. Responsible

Responsible in the sense of the European Data Protection Basic Regulation (GDPR) and the National Federal Privacy Act (BDSG), as well as other data protection laws in the Member States of the European Union and other provisions with data privacy Legal character:

Ovesco Endoscopy AG

Dorfackerstr. 26
72074 Tübingen (Germany)

Phone: + 49 (0) 7071 96528 160
Business Fax: + 49 (0) 7071 96528 260
E-mail:  applications@ovesco.com
Web:     https://www.ovesco.com

B. Data protection supervisor

The data protection officer, the controller:

DDSB GmbH

Andreas Peter Mückl
Untere Dornäcker 21
72379 Hechingen (Germany) 

Phone: + 49 7471 5010 100
Business Fax: + 49 7471 5010 190

Web:     Https://www.ddsb-datenschutz.de

Section II. – Use and purpose binding of the processing and legal bases

A. Earmarking of processing in the application process

We process personal data about you for the purpose of applying for an employment relationship, as far as this is necessary for the decision on the justification of an employment relationship with us. The personal data provided by you will be processed in accordance with the applicable regulations for the protection of personal data, only for the purposes notified to you or used for its use. This, in particular, to

  • Initiation of the contract with you or for its settlement;
  • To be able to process or answer your inquiries effectively and qualitatively;
  • Their needs-appropriate design of services and offers;
  • Processing of your requests and orders;
  • Access, certain information or offers;
  • Protection of legitimate business interests, with regard to advice and support

B. Use of processing in the application process and its legal bases

Insofar as the application for the fulfilment of a contract with the applicant or for the implementation of pre-contractual measures is necessary, the legal basis for the processing of the data is based on article 6 (1) lit. b) GDPR.

If this is an initiative application, the processing is based on article 6 (1) lit. A) GDPR, by consent of the applicant. You may consent to the legal basis of article 6 (1). A) GDPR is based on the consent of the applicant, at any time by notice to us revoked without the legality, which is affected by the consent to the revocation of processing.

In so far as ancillary services are to be used for processing, processing is carried out on the basis of article 6 (1) lit. f) GDPR, from the legitimate interest in the processing of the application procedure.

You have the right, for reasons arising out of your particular situation, at any time against it on article 6 para 1 lit. f) GDPR based processing of any personal data relating to them. You can contact us at any time, as the controller or our data protection officer, under the contact data referred to in section I. A and B or in the imprint.

The legal basis for processing the data beyond other legal basis is, in any case, the consent of the applicant in accordance with article 6 (1) lit. a) GDPR.

In the context of the application process, we void the consent of the applicant.

If the processing of personal data is necessary and there is no legal basis for such processing, we generally collect the consent of the person concerned.

You may consent to the legal basis of article 6 (1). A) GDPR is based on the consent of the applicant, at any time by notice to us revoked without the legality, which is affected due to consent until the revocation of processing.

As far as there is an employment relationship between you and us, we may continue to process the personal data you have already received for the purposes of the employment relationship.

The legal basis is derived from § 26 para 1 I. v. M. para. 8 s 2. BDSG, if this is necessary for the establishment, implementation or termination of the employment relationship or for the exercise or fulfilment of the rights and obligations of employees is required.

Otherwise, the application process ends with the receipt of the rejection by the applicant.

In the event that there is no employment relationship between you and us, we may also provide data on the basis of article 6 (1) lit. f) GDPR further save as far as this is necessary in order to defend against possible legal claims. You have the right, for reasons arising out of your particular situation, at any time against it on article 6 para 1 lit. f) GDPR based processing of any personal data relating to them. You can contact us at any time, as the controller or our data protection officer, under the contact data referred to in section I. A and B or in the imprint.

Section III. – Data privacy rights in the application process

A. Rights of the person concerned

If the legal requirements are met, you are entitled to the following data privacy rights under article 7 (3) GDPR and articles 15 to 22 GDPR art. 77 GDPR I. V.  M. § 29 BDSG to:

  • Right of withdrawal,
  • Right to information,
  • Right to rectification,
  • Right to delete,
  • Right to limitation of processing,
  • Right to Data transferability,
  • Right to automated decisions in individual cases including profiling.

In addition, pursuant to article 21 (1) GDPR, you are entitled to object to the processing, which is based on article 6 (1). f) GDPR are based on reasons arising from their particular situation and against processing for the purpose of direct marketing. You can contact us at any time, as the controller or our data protection officer. The contact details can be found in section I. A and B of this declaration.

B. Right of appeal to the supervisory authority

According to art. 77 GDPR I. V.  M. § 29 BDSG the right to complain to the supervisory authority if they believe that the processing of their personal data is not lawful.

Section IV. – The Origin and nature of the applicant data and the beneficiaries

A. from which sources do personal data originate?

We process personal data that we receive from you as part of the application process. This data is either from

  • From the application forms that you have to fill out yourself;
  • From the files sent to us by e-mail (application documents, cover letter, passport, CV, testimonials, etc…);
  • From the information you have personally provided to us (by telephone and personal interviews);
  • From the documents you have sent to us by fax or by post.

Furthermore, technical usage data are processed when using and/or visiting the website.

B. Which categories of personal data do we process?

We process data relating to your application. This may be general data on your person (such as name, address and contact details), information about your professional qualification and education, or information on continuing vocational training or other information that you provide to us in connection with your application Let.

In addition, we may process professional-related information that you make publicly available, such as a profile for professional social media networks. In addition, for a successful mediation, we need all the information as they are usually in a CV and those that are necessary for a successful placement in individual cases, such as

  • Personal data (name, first name, date of birth, address, contact details, passport). If you are listed as a candidate in your CV (date of birth, place, country, nationality, marital status, if any),
  • Data of your Professional development (Your current professional situation, your desired location, your availability)
  • Your Professional Wishes, information on how they became aware of the job offer, the reason for the desired employment relationship, etc…),
  • Data for your Education (Beginning and end of school education, type of school, type of graduation, total GPA of the last certificate (without top notes), notes of the last certificate in Subjects mathematics, German, English, business Administration, accounting),
  • Training data (School, university, distance learning, in-company training, apprenticeships, courses, seminars),
  • Data on extra-professional Interests (Hobbies, voluntary engagement),
  • Data on the content of past and current Employment (Work items, performance data, filled items),
  • Data for your Career (Curriculum vitae, professional experience, continuing education, work tasks of past employment relationships, work tasks of current employment relationships),
  • Knowledge And Qualifications (Knowledge, qualifications, certificates, etc…)
  • Official approvals (Driving licence, forklift license, Passenger transport certificate, residence certificate, declaration confirmation, severely disabled certificate, police certificate, health certificate, Social Security card),
  • Communications (called website, date and time of retrieval, amount of data sent in bytes, source/reference from which you reached the page, information about the Internet service provider of the accessing system, the type of browser used and its version name, Operating system used in browser access, the IP address used in anonymized form),
  • Self-generated data (we assign a separate application number to each applications, characteristics and notes that we assign to you in the application process)
  • Other types of data (data that is incurred in the course of communication with you, declaration of consent for the processing of personal data which you have voluntarily left us in the application procedure or which you have uploaded to us or which you have sent us otherwise, Application letter, etc…).

C. What categories of recipients will receive my data?

Within the Ovesco Endoscopy AG only those who are responsible for the preparation and implementation of the application process will receive their data. These are the employees in the Human resources department as well as the departments in which a job is to be occupied, the executives and the potential supervisors. Also, service providers employed by us (so-called order processors, cf. art. 28 GDPR) may process data for purposes mentioned in section II.

We may transmit your personal data to companies affiliated with us as far as this is permissible within the scope of the purposes and legal bases set out in section II. In addition, personal data may be INSB on our behalf, on the basis of contracts under article 28 GDPR. By host provider or provider of Management systems to which we serve ourselves.

In so far as ancillary services are to be used for processing, processing is carried out on the basis of article 6 (1) lit. f) GDPR, from the legitimate interest of the execution of the application procedure. In principle, they have the right to object at any time to the processing of personal data relating to GDPR, based on article 6 (1), for reasons arising out of their particular situation. This also includes ancillary services which are used by the contractor to ensure the confidentiality, availability, integrity and resilience of the hardware and software of data processing equipment, such as

  • Telecommunications providers in the context of maintenance and services,
  • Cleaning and/or security services,
  • Auditors in the framework of certifications,
  • Disposal service Providers,
  • Data center Services,
  • Postal/transport Services,
  • IT service provider for plant maintenance and User Service.

As for the purposes of this Declaration, already existing services are included, which the contractor generally makes use of in third parties as a ancillary service to support his operation or his trade in the context of an order processing. In these cases, personal data are processed by the respective operator on behalf of us.

Your data will not be passed on to third parties, who will process them on your own responsibility.

Section V. – Provisions

A. To what extent are my data used for profiling?

Your data will not be used to profile. Profiling is any kind of automated processing of personal data, which consists in the use of this data to analyze or predict certain personal aspects.

B. Is it intended to be transmitted to a third country or to an international organization?

It is not intended to be transferred to a third country or to an international organization within the scope of the application procedure.

C. How long will your data be stored?

No later than 6 months after receipt of the cancellation, the data will be anonymized. This does not apply to the extent that the processing and storage of your personal data is necessary in the specific case for the assertion, exercise or defense of legal claims.

If necessary, you will receive an invitation for a so-called “talent pool” for future job vacancies, despite a rejection in a specific application process Ovesco Endoscopy AG. In case of your consent your application data will be stored for three more months. Once every three months, you will have to re-agree that you want to remain in the applicant pool.

If you do not respond to this demand within 14 days, your documents will be deleted after a further 6 months if no other legitimate interests of the Controller conflict with the deletion. In any case, the data will be deleted as soon as it is no longer necessary to achieve the purpose of its collection. This is the case during the application process for the performance of a contract or for the implementation of pre-contractual measures, if the data are no longer necessary for the implementation of the contract or for the implementation of pre-contractual measures.

Even after the conclusion of the contract, a requirement to store personal data may exist in order to comply with contractual or legal obligations. A deletion may be requested by the person responsible under section II. (a), indicating their full name.

If the data are required for the performance of a contract or for the implementation of pre-contractual measures, a premature deletion of the data is only possible if no contractual or statutory obligations are contrary to deletion.

D. What is the need to provide personal data?

As part of your application, you should only provide us with the personal data necessary for the admission and implementation of the application process. The provision of personal data is neither legally nor contractually required, nor is it obligated to provide personal data.

E. What are the consequences of non-provision of personal data?

Without providing any meaningful data or information about yourself, we will unfortunately have to reject your inclusion in the application process.

F. Is there an automated decision-making process?

No automated decision is taken in individual cases within the meaning of article 22 GDPR, i.e. the decision on your application is not based solely on automated processing.

_