Gold Standard Diagnostics Frankfurt GmbH, Waldstrasse 23 A6, 63128 Dietzenbach, Germany is the controller (Art. 26 GDPR) of the website https://clinical.goldstandarddiagnostics.com/ (the “Website”).
We appreciate your interest in our company and our products. Protecting your personal data is very important to us. In this Privacy Policy, we explain how we collect personal data, what we do with it, for what purposes and on what legal basis we process it and what rights you have (the “Privacy Policy”).
The party responsible for this Website is:
Gold Standard Diagnostics Frankfurt GmbH
Waldstrasse 23 A6
63128 Dietzenbach
Germany
Phone: +49 6074 23698-0
Email: info@eu.goldstandarddiagnostics.com
Our data protection officer can be reached at the following contact details:
Manfred Schlitt
Data Protection Officer
Email: Privacy.Frankfurt@eu.goldstandarddiagnostics.com
1. Visit of our Website
Whenever you visit our Website the browser you use automatically sends information to the server of our Website. This information is temporarily stored in a so-called log file. The following information is collected and stored until automated deletion:
We process the aforementioned personal data to ensure a smooth connection and user-friendly experience of the website, to ensure network and information security, to evaluate system security and stability, and for administrative purposes. The legal basis for processing the data is Art. 6 para 1 lit. f) GDPR. Our legitimate interest follows from the aforementioned purposes of processing the data. We do not use data to draw conclusions about you as an individual.
In addition, we use cookies for the website. You can find more details in section H of this Privacy Policy.
2. Contract performance
For the performance of contracts with you we process the following personal data:
The legal basis for our personal data processing is Art. 6 para 1 lit. b) GDPR. Personal data is processed so as to be able to identify you as our customer and to fulfil our contractual obligations, to correspond with you, to issue invoices and to establish, exercise or defend legal claims.
3. Contact form or other contact with us
If you use our contact form offered on our Website or contact us in any other way, the following data is collected by us:
All other information is provided voluntarily and is not required for processing the request. The collection of the personal data is based on your consent according to Art. 6 para 1 lit. a) GDPR. You can revoke your consent at any time with effect for the future. To do so, please send us an e-mail using our above-mentioned e-mail address. Revoking your consent has the consequences that we will no longer continue the data processing based on this consent for the future and will delete the data unless there is another legal basis or there are statutory retention obligations.
4. Newsletter
If you would like to receive our newsletter, we require a valid email address as well as information that allows us to verify that you are the owner of the specified email address and that you agree to receive this newsletter. If you subscribe to our newsletter, the following data will be collected, stored and processed by us:
The personal data from the newsletter is processed for the purpose of sending the newsletter, you consent to the processing of personal data. The legal basis for this is Art. 6 para 1 lit. a) GDPR. You can revoke your consent at any time due future effect of your data and email address as well as their use for sending the newsletter at any time, e.g., through the "unsubscribe" link in the newsletter.
The data provided when registering for the newsletter will be used to distribute the newsletter until you cancel your subscription when said data will be deleted. Data we have stored for other purposes (e.g. email addresses for the members area) remain unaffected.
5. Application
If you apply for a job, we process the following categories of personal data from you:
All personal data is processed exclusively for the following purpose:
If you have provided "special categories of personal data" as defined by Art. 9 GDPR in your application (e.g. a photograph showing your ethnic origin or your eyesight, information on being severely disabled, marital status), this is done on the basis of your consent according to Art. 9 para 2 lit. a) GDPR. However, we would like to evaluate all applicants on the basis of their qualifications only, therefore we kindly ask that such information be omitted from the application if possible.
Your data will only be passed on to companies within the group of companies, unless we are legally obliged to pass on your data to other bodies.
We will not disclose your personal data to third parties, unless
If we process your personal data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or if this is done in the context of using third-party services or disclosing or transferring data to third parties, this is only done to fulfil our (pre-)contractual obligations, on the basis of your consent, due to a legal obligation or on the basis of our legitimate interests. If there are no legal permissions, we only allow data to be processed in a third country if the special requirements of Art. 44 et GDPR are met.
Your personal data will be deleted or blocked as soon as the purpose or legal basis for the storage no longer applies.
However, storage may take place beyond the specified time in the event of a (threatened) legal dispute with you or other legal proceedings or if storage is provided for by legal regulations to which we as the responsible party are subject to. If the storage period prescribed by the statutory provisions expires, the personal data will be blocked or deleted unless further storage by us is necessary and there is a legal basis for this.
You have the right:
Der hessische Beauftragte für Datenschutz und Informationsfreiheit
Gustaf-Stresemann-Ring 1
65189 Wiesbaden
Telephone: +49 611 1408 – 0
E-Mail: poststelle@datenschutz.hessen.de
Where your personal data is processed for the purpose of legitimate interests under Art. 6 para 1lit. f) GDPR you have the right under Art. 21 GDPR to object to the processing of your personal data on grounds relating to your particular situation or where the objection is levelled at direct marketing. In the latter case you have a general right to object which will be implemented by us without a particular situation having to be specified.
If you should wish to exercise your right to object or ask for rectification, we kindly ask you to send us an email to the above specified email address.
When our website is visited, we use the SSL method (Secure Socket Layer) in conjunction with the highest level of encryption that is supported by your browser. This will generally be 256-bit encryption. If your browser should not support 256-bit encryption we will have recourse to 128-bit v3 technology. You can see whether a particular page of our website is transmitted encrypted from the closed-form display of the key or padlock icon in the bottom status bar of your browser. We also apply appropriate technical and organisational security measures to safeguard your personal data from accidental or deliberate manipulation, complete or partial loss, destruction or access by unauthorised third parties. Our security measures are continually being improved in line with technological progress.
Cookies are small, simple text files that your computer or mobile device stores when you use our website. Because we guarantee your privacy and want to improve the user-friendliness of your visit or visits to our website, we think it is important that you know why we use cookies. By setting cookies you do not have to enter the same information over and over again and can, for example, complete your CV at a later date. They also help us to understand how you use the website and how we can make the website more user-friendly. Cookies (from third parties) are also used for marketing or analysis purposes.
A distinction is made between session cookies, which are deleted as soon as you close your browser, and permanent cookies, which are stored beyond the individual session. With regard to their function, a distinction is made between cookies:
Any use of cookies that is not technically necessary constitutes personal data processing that is only permitted with the express and active consent of the user in accordance with Art. 6 para 1 lit. a) GDPR. This applies in particular to the use of advertising, targeting or sharing cookies. In addition, we will only pass on the user's personal data processed by cookies to third parties if you have given your express consent in accordance with Art. 6 para 1sentence 1 lit. a) GDPR.
For more information about cookies we use and how you can manage your cookie settings and disable certain types of tracking, please click on the "Cookie settings" button which can be found in the website's footer section.
We use the “Cloudflare” service provided by Cloudflare Inc., 101 Townsend St., San Francisco, CA 94107, USA. (hereinafter referred to as “Cloudflare”).
Cloudflare offers a content delivery network with DNS that is available worldwide. As a result, the information transfer that occurs between your browser and our website is technically routed via Cloudflare’s network. This enables Cloudflare to analyze data transactions between your browser and our website and to work as a filter between our servers and potentially malicious data traffic from the Internet. In this context, Cloudflare may also use cookies or other technologies deployed to recognize Internet users, which shall, however, only be used for the herein described purpose.
The use of Cloudflare is based on our legitimate interest in a provision of our website offerings that is as error free and secure as possible (Art. 6(1)(f) GDPR).
Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details and further information on security and data protection at Cloudflare can be found here: https://www.cloudflare.com/privacypolicy/.
The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link: https://www.dataprivacyframework.gov/participant/5666.
Google Fonts (local embedding)
This website uses so-called Google Fonts provided by Google to ensure the uniform use of fonts on this site. These Google fonts are locally installed so that a connection to Google’s servers will not be established in conjunction with this application.
For more information on Google Fonts, please follow this link: https://developers.google.com/fonts/faq and consult Google’s Data Privacy Declaration under: https://policies.google.com/privacy?hl=en.
Google reCAPTCHA
We use “Google reCAPTCHA” (hereinafter referred to as “reCAPTCHA”) on this website. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
The purpose of reCAPTCHA is to determine whether data entered on this website (e.g., information entered into a contact form) is being provided by a human user or by an automated program. To determine this, reCAPTCHA analyzes the behavior of the website visitors based on a variety of parameters. This analysis is triggered automatically as soon as the website visitor enters the site. For this analysis, reCAPTCHA evaluates a variety of data (e.g., IP address, time the website visitor spent on the site or cursor movements initiated by the user). The data tracked during such analyses are forwarded to Google.
reCAPTCHA analyses run entirely in the background. Website visitors are not alerted that an analysis is underway.
Data are stored and analyzed on the basis of Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the protection of the operator’s websites against abusive automated spying and against SPAM. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TDDDG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TDDDG. This consent can be revoked at any time.
For more information about Google reCAPTCHA please refer to the Google Data Privacy Declaration and Terms Of Use under the following links: https://policies.google.com/privacy?hl=en and https://policies.google.com/terms?hl=en.
The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link: https://www.dataprivacyframework.gov/participant/5780.