1. scope of application
The protection of personal data is very important to us. With the following information on data protection, we would like to explain to you which personal data we process for which purposes while you are using our website.
The following information applies to all contents of the websitehttps://www.reviderm.com/ (hereinafter referred to as "offer").
The legal basis for data protection can be found in the EU General Data Protection Regulation (hereinafter referred to as DSGVO) and the Federal Data Protection Act.
"Personal data" means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g. cookie) or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
"Processing" means any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organisation, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
3. types of personal data
Access data is data about each access to the server on which our website is located. Access data includes the name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider.
Cookies are small files that make it possible to store specific, device-related information on the access device.
If you register with us as a customer, fill out the contact form on our website or contact us by other means (e.g. telephone, e-mail), we process the personal data that you enter in the respective form or provide to us by other means (e.g. surname, first name, e-mail address, address).
4. purposes of the processing
Our hosting provider collects access data on our behalf for security reasons to control fraud and abuse and for statistical recording of website usage. The legal basis for the processing is Art. 6 para. 1 sentence 1 f DSGVO. For processing of the IP address by third-party providers, see section.
When you use our institute finder, your position data (geographical coordination data) may be collected. Further information on this can be found in section 6.
If you register as a customer, we use your personal data for the administration of your account (legal basis Art. 6 para. 1 sentence 1 b DSGVO). If you use our contact form or provide us with your personal data by other means, we will use it to process your request (legal basis Art. 6 para. 1 sentence 1 a, f DSGVO). If you communicate with us via e-mail, your e-mails and the personal data communicated therein will be transported on our behalf to the servers of our e-mail provider Space.Net AG in order to be stored on our servers (legal basis Art. 6 para. 1 sentence 1 a, f DSGVO).
Our legitimate interest in collecting data within the meaning of Art. 6 para. 1 f DSGVO follows from the fact that we cannot process your request (registration, contact, order processing) without your data.
5. data processing by third parties
Our website is operated on the servers of the hosting provider Space.Net AG. This company processes the personal data mentioned under point 3 on our behalf for the operation of our website as well as for abuse control. The legal basis for this is Art. 6 para. 1 sentence 1 f DSGVO.
Plug-Ins, usage analysis
We integrate various services and content from third-party providers on our website. The integration may result in the processing of your personal data. In addition, the integration of third-party content may result in the transfer of data to countries outside the EU. You can find more information on this under point 6.
The legal basis for the integration of the services and content is Art. 6 para. 1 sentence 1 f DSGVO. Our legitimate interest for data processing follows from the fact that we use the services of third parties for the purpose of user-friendliness of our website and optimisation of our offers.
6. Google Analytics, Institute Finder, Google Maps, Google Tag Manager and Remarketing
This website uses Google Analytics, a web analytics service provided by Google, Inc ("Google").
If, when visiting our website, you click on "Confirm" at the bottom of the cookie bar without changing the settings regarding Google Analytics on the Cookie Settings page, you consent within the meaning of Art. 49 (1) sentence 1 a) DSGVO to your data (IP address, timestamp, user behaviour on our website, if applicable) being transmitted to Google in the USA and processed there. The ECJ considers the USA to be a country with a level of data protection that is not adequate by European standards. There is a risk of access by US authorities. In addition, we do not know exactly how Google processes your data. The legal basis for the use of Google Analytics is Art. 6 para. 1 sentence 1a DSGVO.
Institutsfinder and Google Maps
You can use our institute finder to find a Reviderm store near you. To do this, you can either click on the "Institute near me" button. You will then be asked if we may collect your location data. If you agree, this data will be collected by Google Maps and you will be shown the Reviderm store closest to your position. You can also click on the interactive map on the https://www.reviderm.com/institute/institutsfinder.html page or enter the country and postcode/city in the input field. The nearest store will then be displayed. If you then click on "Your route to the institute", you will be redirected to the Google Maps page. There you can then enter the route data. By visiting our website, Google receives the information that you have called up the corresponding sub-page of our website. In addition, according to our knowledge, the following information is transmitted to Google: Date and time of the visit to the relevant website, internet address or URL of the website accessed, IP address of the access device and, on the Google Maps page as part of route planning, the start and destination address entered. This is done regardless of whether Google provides a user account via which you are logged in or whether no user account exists. If you are logged in to Google, your data will be assigned directly to your account. If you do not want your data to be associated with your Google profile, you must log out before activating the button. Google stores your data as usage profiles and uses them for the purposes of advertising, market research and/or the needs-based design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, and you must contact Google to exercise this right.
If you click on "Confirm" at the bottom of the cookie bar when visiting our website without changing the settings regarding Google Maps on the Cookie Settings page, you consent within the meaning of Art. 49 (1) sentence 1 lit. a) DSGVO to your data (IP address, time stamp, user behaviour on our website, if applicable) being transmitted to Google in the USA and processed there. The ECJ considers the USA to be a country with a level of data protection that is not adequate by European standards. There is a risk of access by US authorities. In addition, we do not know exactly how Google processes your data.
The legal basis for the use of the Institute Finder and Google Maps is Art. 6 para. 1 sentence 1 f DSGVO. Our legitimate interest in collecting data follows from the fact that we use Google Maps for the purpose of better locating our Reviderm stores and thus optimising our offers.
Google Tag Manager and Remarketing
For easier management of the aforementioned Google tools, we use the Google Tag Manager and Google Remarketing, an advertising analysis tool. The Google Tag Manager itself does not create user profiles, does not store cookies and does not perform any independent analyses. It is only used for administration and the tools integrated via it. Depending on the integrated tool, the Google Tag Manager collects IP addresses of website visitors and passes them on to the Google tools.
7. Voluntariness of the provision of data
The provision of personal data when visiting our website is neither legally or contractually required nor necessary for the conclusion of a contract. You are also not obliged to provide personal data when visiting our website, however, access data is collected automatically when you visit our website. If you wish to register as a customer, registration data is required.
8. duration of processing
Access data, Cookies
Access data is stored by our hosting provider for security reasons (e.g. to clarify acts of abuse or fraud) for a maximum period of 6 months and then deleted. Data whose further storage is required for evidentiary purposes is exempt from deletion until the respective incident has been finally clarified.
If IP addresses are processed by third-party providers, we have no influence on the duration of the processing. You can find the links to the data protection declarations of the third-party providers under point 6. There you can inform yourself about the duration of the processing.
We process personal data that you provide via our forms or communicate to us in any other way for the duration of the processing of your request, provided that this data is not subject to the retention periods under tax and commercial law or consent justifies continued storage.
You have the right to object at any time to personal data processed on the basis of Art. 6 (1) sentence 1 f DSGVO, provided that there are grounds for the objection arising from your particular situation. However, your personal data will be further processed if there are compelling legitimate grounds to further process the data that override the interests, rights and freedoms of your person, or if the processing serves the assertion, exercise or defence of legal claims. If we process personal data from you for the purpose of direct marketing, you have the right to object to the processing of personal data for the purpose of such marketing at any time without giving reasons (Art. 21 DSGVO).
10. Further data subject rights
If you have given your consent, you have the right to revoke it. We would like to point out that a revocation does not change the lawfulness of the processing granted until the revocation (no retroactive effect of the revocation).
Within the scope of the GDPR, you have the right to request information free of charge about the personal data we hold about you (Art. 15 GDPR).
Furthermore, in accordance with the GDPR, you have the right to correction (Art. 16 GDPR), deletion (Art. 17 GDPR), restriction (Art. 18 GDPR) and transfer (Art. 20 GDPR) of your personal data.
You also have the right to complain to the competent data protection supervisory authorities in justified cases (Art. 77 DSGVO).
You can assert your rights under the GDPR by e-mail or in writing. You can find the contact details of the provider below.
11. contact details
Provider as responsible entity:
Tel.: (+49) 08104 / 8873-0
Fax +49 08104 / 8873-999
Data Protection Officer:
Bavarian State Office for Data Protection Supervision
PO Box 606
Telephone: +49 (0) 981 53 1300
Fax: +49 (0) 981 53 98 1300
A list of all data protection supervisory authorities with contact details can be found here: https://www.bfdi.bund.de/DE/Service/Anschriften/anschriften_table.html
Status: April 2023