Imprint & privacy policy for our social media channels

This statement includes the legal information requirements with regard to the use of the following social media sites:"

·      Linkedin: https://www.linkedin.com/company/medinix-information-systems-gmbh

·      XING: https://www.xing.com/pages/medinixinformationsystemsgmbh

·      Facebook: https://www.facebook.com/people/medinix-GmbH/100065125503188/

·      Instagram: https://www.instagram.com/datavizsuccess/

Imprint for our social media sites:

Site operator within the meaning of § 5 TMG

medinix Information Systems GmbH

Rickertstr. 26, 66386 St. Ingbert, Germany

E-mail: info@medinix.com

Tel.: +49 6894 8949060

Commercial register

Register court: Local court Saarbrücken

Registration number: HRB 33172

Managing Director

Frank Buschlinger

Sales tax identification number according to § 27 a Sales Tax Act

DE 217218354

Responsible for content

Frank Buschlinger

(address as above)

Privacy policy for the social media sites used by Medinix Information Systems GmbH.

Medinix Information Systems GmbH maintains publicly accessible profiles in various social networks. Please note that when you access our profiles, personal data of you, such as the IP address and - if you are logged in - also the interaction with us and our posts, will be processed by the respective providers of the social media.

The purpose of this privacy policy is to provide you with an overview of which of the personal data collected from you is processed by us and the respective platform and which rights you are entitled to.

In principle, you will also find all important information about our company on our website. You are not obliged to use social media to interact with us.

However, interaction with us on our social media is only possible if you transfer certain personal data to the provider.

When you visit our social channels, your personal data is collected, used and stored by the operators of the respective social network. A small part of the collected data is also transmitted to Medinix Information Systems GmbH in order to be able to interact with you on the one hand and to obtain statistical information on the use of our social channels on the other.

The collection of personal data by the service providers also takes place if you, as a visitor to the respective page, do not have a profile in the respective social network yourself. The individual data processing operations and their scope differ depending on the operator of the respective social network. For details about the collection and storage of your personal data as well as the type, scope and purpose of their use by the operator of the respective social network, please refer to the privacy statements of the respective operator:

·      Linkedin:    https://de.linkedin.com/legal/privacy-policy

·      Xing:         https://privacy.xing.com/de/datenschutzerklaerung

·      Facebook: https://www.facebook.com/privacy/policy

·      Instagram: https://privacycenter.instagram.com/policy

Our data protection declaration contains general information on data protection in the first part and then goes into specific detail on the individual social media used.

 

 

I.       General information on data protection

1.   Responsible

Responsible for the operation and the personal data transmitted and aggregated via the respective social media sites is:

Medinix Information Systems GmbH

Rickertstr. 26

66386 St. Ingbert

E-mail: info@medinix.com - Phone: +49 68948949060

You can reach our data protection officer by e-mail at datenschutz@medinix.com.

2.   Notes on the use of social media channels

Medinix Information Systems GmbH operates several social media sites as shown in the imprint. In doing so, we can generally view the information that you can call up in your public user profile, insofar as you have made a corresponding registration on the social media site.

In addition, the providers provide us with further anonymous usage statistics, which we use to improve our profile and to evaluate the visits made on the profile.

You can find more detailed information for each provider in the respective section of this privacy policy.

The personal data accruing in the context of the use of the respective social media will initially always be processed by the respective provider of the social network. This provider will collect, store and process the data for the operation of the platform (e.g. display and interaction with the posts, transmission of direct messages, user profile of the user).

In the course of our user profile, the respective provider transmits personal data to us in some cases. The data transmitted to us can be found in the following sections on the individual social networks.

The operation of the profiles in the social networks is necessary for a common exchange about our services. The associated processing of your data when visiting the site is done for this purpose. This is data processing in the legitimate interest within the meaning of Art. 6 (1) p. 1 lit. f DSGVO.

The additional information provided to users by social media is based on the changing social ways of obtaining information. Information via social media is intended to reach users who obtain most of their information from social media.

Of course, essential information will continue to be published via "classic" channels such as the company's own homepage, which is why the person concerned is free to choose the source of his or her information .

We ourselves will use our social media channels to educate about your work and to interactively engage with media users.

3.   General data subject rights

3.1.   Right to information and correction requests - Deletion & blocking of data - Revocation of consent

a)   Right to information

You have the right to request confirmation as to whether we or our social media sites are processing personal data about you. If this is the case, you have a right of access to the information named in Art. 15 (1) of the GDPR, insofar as the rights and freedoms of other persons are not affected (cf. Art. 15 (4) of the GDPR).

b)   Right of rectification

In accordance with Art. 16 DSGVO, you have the right to have any incorrect personal data stored on the social media site (such as address, name, etc.) corrected at any time. You can also request that the data stored on the social media site be completed at any time.

c)   Right to deletion

Pursuant to Art. 17 (1) DSGVO, you have the right to have the personal data collected about you deleted if

(1)   the data is either no longer required;

(2)   due to the revocation of consent, the legal basis for the processing has ceased to exist without replacement;

(3)   you have objected to the processing and there are no legitimate grounds for the processing;

(4)   your data are processed unlawfully;

(5)   a legal obligation requires this or a collection according to Art. 8 para. 1 DSGVO has taken place.

According to Art. 17 (3) of the GDPR, the right does not exist if

(1)   processing is necessary for the exercise of the right to freedom of expression and information;

(2)   your data have been collected on the basis of a legal obligation;

(3)   the processing is necessary for reasons of public interest;

(4)   the data are necessary for the assertion, exercise or defense of legal claims.

d)   Right to restriction of processing

According to Art. 18 (1) DSGVO, you have the right in individual cases to request the restriction of the processing of your personal data.

This is the case when

(1)   the accuracy of the personal data is disputed by you;

(2)   the processing is unlawful and you do not consent to erasure;

(3)   the data are no longer needed for the purpose of processing, but the data collected are used for the assertion, exercise or defense of legal claims;

(4)   an objection to the processing pursuant to Art. 21 (1)       DSGVO has been lodged and it is still unclear which interests prevail.

e)   Right of revocation

If you have given us express consent to process your personal data (Art. 6 para. 1 p. 1 lit. a DSGVO or Art. 9 para. 2 lit. a DSGVO), you may revoke this consent at any time. Please note that the lawfulness of the processing carried out on the basis of the consent until the revocation is not affected by this.

f)    Right of objection

Pursuant to Art. 21 DSGVO, you have the right to object at any time to the processing of personal data relating to you that has been collected on the basis of Article 6 (1) p. 1 lit. e or lit. f DSGVO . You only have this right if there are special circumstances against the storage and processing.

g)   Right to data portability

Pursuant to Art. 20 of the GDPR, you have the right to be provided with the personal data concerning you. It is possible to provide you with the following data upon request pursuant to Art. 20 (1) DSGVO:

(1)   Data collected    on the basis of explicit consent pursuant to Art. 6 para. 1 p. 1 lit. a DSGVO or Art. 9 para. 2 lit. a DSGVO;

(2)   Data that we have received from you in accordance         with Art. 6 para. 1 p. 1 lit. b DSGVO within the framework of existing contracts,

in each case insofar as this data has been processed within the framework of an automated procedure.

The transfer of personal data directly to a controller of your choice can be carried out as far as this is technically feasible. Please note that in the case of data that interferes with the freedoms and rights of other persons pursuant to Art. 20 (4) DSGVO, no transfer may take place.

3.2.  How do you exercise your rights?

Please note that we are not the operator of the entire social platform, but merely maintain a profile on the corresponding page. We receive the data and information listed in this privacy policy from the platforms. We therefore advise you to contact the respective social media site directly for general data information requests, change requests and deletion and blocking requests with regard to the platform. In addition, we refer to the privacy policy of the respective social media site.

You will find more detailed information on the exercise of rights with the relevant providers in the corresponding sections of this privacy policy.

You can reach us at

Medinix Information Systems GmbH

Rickert Street 26

66386 St. Ingbert

E-mail: info@medinix.com - Phone: +49 68948949060

You can reach our data protection officer at the e-mail datenschutz@medinix.com.

3.3.  Right of complaint to the supervisory authority

If you suspect that your data is being processed illegally on one of our social media sites, you can, of course, bring about a judicial clarification of the issue at any time. In addition, any other legal option is open to you. Irrespective of this, you have the option of contacting a supervisory authority in accordance with Art. 77 (1) DSGVO. The right of complaint pursuant to Art. 77 DSGVO is available to you in the EU Member State of your place of residence, your place of work and/or the place of the alleged infringement, i.e. you can choose the supervisory authority to which you turn from the places mentioned above. The supervisory authority to which the complaint has been submitted will then inform you of the status and outcome of your submission, including the possibility of a judicial remedy pursuant to Art. 78 GDPR.

 

 

II.     Special information on the use of LINKEDIN

1.   Person responsible for LINKEDIN and aspects of joint responsibility

Responsible for the processing that takes place on the platform is the

LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland
Email or contact form: https://www.linkedin.com/help/linkedin/ask/PPQ?lang=de.

Since LINKEDIN also processes the data on its own servers of the parent company LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA and also transfers the data to the USA, the processing thus also takes place in a third country for which no adequacy decision of the European Commission exists. Therefore, the usual level of protection for the DSGVO cannot be guaranteed for the transfer, as it cannot be ruled out that in the third country, e.g. authorities can access the collected data. We have concluded standard data protection clauses with LINKEDIN. Likewise, LINKEDIN has further guarantees to ensure an appropriate level of data protection. You can find more information here: https://de.linkedin.com/legal/l/dpa.

You can contact LINKEDIN's data protection officer using the contact form on the following pages. Please note that the message sent via this contact form may not only be received by the data protection officer:

https://www.linkedin.com/help/linkedin/ask/TSO.

In addition, you may also contact LINKEDIN's Privacy Officer by mail at the following address: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland.

With regard to the use of the social media service LINKEDIN, there is joint responsibility with respect to the use of individual functions by Medinix Information Systems GmbH. In addition to LINKEDIN, Medinix Information Systems GmbH is also responsible for these functions. The basis is the usage agreement between Medinix Information Systems GmbH and LINKEDIN.

2.   Used functions at LINKEDIN

LINKEDIN maintains various features through which users can interact on LINKEDIN. Through these particular features, LINKEDIN sends us, or makes available to us in our LINKEDIN user menu, certain personally identifiable information on our behalf. Interaction with us or our posts on LINKEDIN's platform is only possible if you are registered with LINKEDIN.

Below, we explain what data LINKEDIN provides to us and how we process this data:

2.1.  List of functions and transmitted data

a) Direct Message(s): LinkedIn notifies us when users have sent us a direct message or support request via LinkedIn and delivers this message to us. The purpose of the data processing is to process the specific contact request received through the direct message.

b) Push notifications: Push notifications allow us to deliver messages to users, provided they have given their prior consent to LinkedIn. For this purpose, users inform LinkedIn of their willingness to receive push notifications by giving their active consent in a browser window or in an app or in the operating system of the end device. LinkedIn records these end devices or users in a database under a specific ID. By triggering a push notification function under a specific assignment, LinkedIn then delivers the message defined by us to the users matching in the database. We only receive anonymized statistical data about the assignment criteria and the effectiveness of the correctly delivered push notifications from LinkedIn. The purpose of the data processing is the delivery of the push notifications to a previously defined target group.

c) Ratings: Users can rate us and our facilities on LinkedIn. LinkedIn uses the data thus entered to display our rating key based on a star category. The rating is also displayed under our user account. LinkedIn sends us a message in case of user ratings and gives us the opportunity to publicly reply to the user. The purpose of the data processing is for us to respond to the rating and to publish the rating to other users.

d) Comments: Users can leave us a comment on our LinkedIn page. LinkedIn uses the data entered in this way to display the comment on our LinkedIn page. LinkedIn sends us a message when comments are made and gives us the opportunity to respond publicly to the user. The purpose of the data processing is to publish your comment on our LinkedIn page. We reserve the right to hide comments.

e) Job advertisements: For some job ads, you can apply directly via LINKEDIN. In our application form on LINKEDIN, you can enter your contact details and add application documents. These will then be transmitted to us by LINKEDIN. The data will be deleted by LINKEDIN after 6 months. We ourselves will delete the data 6 months after completion of the application process, unless a separate consent allows us a longer storage period.

2.2.  Purpose of the use of the functions by Medinix Information Systems GmbH

Medinix Information Systems GmbH uses the data collected by LINKEDIN and partly transferred to Medinix Information Systems GmbH in order to be able to interact with users within the framework of the platform. In doing so, the possibilities of the social platform are deliberately used in order, for example, not to create a media break when contact is established by means of a private message.

The publication of comments and evaluations serves above all the interaction with the users interested in the media offer of Medinix Information Systems GmbH.

2.3.  Legal basis for the processing of personal data

For registered users, the legal basis for the functions used is Art. 6 (1) p. 1 lit. b DSGVO (contract). By registering, a user relationship is concluded with regard to the use of the platform and the functions available there. The LINKEDIN Terms of Use, which are part of the contract, can be found at: https://www.linkedin.com/legal/user-agreement. The functions cannot be used by users without a LINKEDIN account.

The legal basis with regard to the general operation of the profile operated by Medinix Information Systems GmbH and the transfer of individual data records to Medinix Information Systems GmbH is Art. 6 para. 1 p. 1 lit. f DSGVO (legitimate interest), unless you are registered or logged in to LINKEDIN. The legitimate interest consists in an error-free function of the LINKEDIN platform.

2.4.  Revocation and cancellation options

The revocation and deletion options are based on the general regulations on the right of revocation and deletion under data protection law described below in this data protection declaration.

2.5.  Duration of storage

The deletion of the data provided to us by LINKEDIN will take place insofar as it is no longer required for the above-mentioned purpose or the user account concerned has been deleted.

2.6.  Necessity of providing personal data

The information is neither contractually nor legally required and is not necessary for the conclusion of a contract. If you do not fill in the existing mandatory fields or do not fill them in completely, you will not be able to use the corresponding functions of LINKEDIN. You can also contact us via other channels, such as by e-mail or via our website.

3.   Information on the use of cookies and web services

3.1.  Scope of the processing of personal data

For detailed information on which cookies and web services are in use by LINKEDIN and to what extent they are integrated by LINKEDIN, please refer to the LINKEDIN privacy policy at: https://www.linkedin.com/legal/privacy-policy. Medinix Information Systems GmbH will not itself deploy or use any further cookies or web services on the social media sites. In addition, there is no linking of the social media sites with other cookies and web services used by Medinix Information Systems GmbH. Medinix Information Systems GmbH has no access to the data collected via LINKEDIN from cookies and web services.

The following notes therefore serve in particular to provide transparent information about your visit to our social media channels.

3.2.  Legal basis

The legal basis for the setting of cookies and web services by LINKEDIN itself can be found in LINKEDIN's Privacy Policy.

In the case of registered users, some transfers of personal data via the cookies and web services set may also take place on the basis of the LINKEDIN Terms of Use and in these cases are based on Art. 6 para. 1 sentence 1 lit. b DSGVO (contract). The usage agreement can be found at: https://www.linkedin.com/legal/user-agreement.

3.3.  Purpose of data processing by LINKEDIN

The cookies and web services are set by the respective social media site in order to maintain the full functionality of the social media site, to improve the user experience or to pursue the purpose stated with your consent. The cookie technology also enables the respective social media site to recognize individual visitors by means of pseudonyms, e.g. an individual or random ID, so that more individual services can be offered.

Details can be found in the LINKEDIN privacy statement at: https://www.linkedin.com/legal/privacy-policy?trk=hb_ft_priv.

3.4.  Duration of storage

Details can be found in the LINKEDIN privacy statement at: https://www.linkedin.com/legal/privacy-policy?trk=hb_ft_priv.

3.5.  Possibility of objection, revocation of consent and deletion

You can set your browser according to your wishes so that the setting of cookies and web services is generally prevented. You can then decide on a case-by-case basis whether to accept cookies and web services or accept them in principle. Cookies may be used for various purposes, such as to recognize that your access device is already connected to our LINKEDIN social media site (persistent cookies) or to store recently viewed content (session cookies). If you have expressly given the respective social media site permission to process your personal data, you can revoke this consent at any time. Please note that the legality of the processing carried out on the basis of the consent until the revocation is not affected.

4.   Data subject rights regarding LINKEDIN

4.1.  Right to information and correction requests - Deletion & blocking of data - Revocation of consent

a)     Right to information

You may request information about the data you have provided to LINKEDIN.

To the extent you are registered with LINKEDIN, you may access and review the personal information LINKEDIN has collected from you by following the instructions listed at https://www.linkedin.com/help/linkedin/answer/116279. The categories and more information can be found at https://www.linkedin.com/legal/privacy-policy#collect. Regarding any other claims, you may also contact LINKEDIN at the contact information listed.

To protect your privacy and maintain security, LINKEDIN takes steps to verify your identity before providing you with access to your personal information.

To the extent that a request for information concerns data within the scope of shared responsibility, you are also welcome to submit a request for information to us.

b)   Right of rectification

You may, within the scope of the GDPR, request rectification of data that you have provided to LINKEDIN or that LINKEDIN has collected.

As a registered user, you can already customize a large amount of personal information by following the instructions listed at https://www.linkedin.com/help/linkedin/answer/116279. Regarding any further claims, you can also contact LINKEDIN via the listed contact details.

To the extent that a claim for correction involves data that Medinix Information Systems GmbH received under shared responsibility, you are also welcome to submit a claim for correction to.

c)   Right to deletion

As a registered user, you can delete your data from LINKEDIN by following the instructions listed at https://www.linkedin.com/help/linkedin/answer/63. By following them, the account will initially be deactivated for 14 days and will be deleted within 30 days of account closure. Personal data will be deleted by LINKEDIN if there is no legal obligation to keep it.

As a non-registered user, you can also contact LINKEDIN using the contact details listed.

To the extent that a deletion request involves data that Medinix Information Systems GmbH has received under shared responsibility, you are also welcome to submit a deletion request to us. Since LINKEDIN is responsible for the deletion and management of personal data, we advise you to submit the requests directly to LINKEDIN for faster processing.

d)   Right to restriction of processing

As a registered user, you can manage your privacy settings and other account features by following the instructions at https://www.linkedin.com/help/linkedin/answer/116279. If you change your settings, it may take some time for your selections to be technically processed by the system. Depending on the settings you have adjusted, you may also notice changes in your LINKEDIN experience or restrictions on access to certain features.

As a non-registered user, you can also contact LINKEDIN using the contact details listed.

To the extent that a right to restriction involves data that Medinix Information Systems GmbH has received under shared responsibility, you are also welcome to submit a restriction request to us. Again, we advise you to submit requests directly to LINKEDIN for faster processing.

e)   Right of revocation

As a registered user you can manage your privacy settings and other account features by following the instructions at https://www.linkedin.com/help/linkedin/answer/116279. If you change your settings, it may take some time for your selections to be technically processed by the system. Depending on the settings you have adjusted, you may also notice changes in your LINKEDIN experience or restrictions on access to certain features.

As a non-registered user, you can also contact LINKEDIN using the contact details listed.

To the extent that a right to withdraw consent relates to data that Medinix Information Systems GmbH has received under shared responsibility, you are also welcome to submit a withdrawal to us.

f)    Right of objection

In accordance with Art. 21 DSGVO, you have the right to object at any time to the processing of personal data relating to you that has been collected on the basis of Article 6 (1) p. 1 lit. e or lit. f DSGVO. You only have this right if there are special circumstances against the storage and processing.

As a registered user you can manage your privacy settings and other account features by following the instructions at https://www.linkedin.com/help/linkedin/answer/116279. If you change your settings, it may take some time for your selections to be technically processed by the system. Depending on the settings you have adjusted, you may also notice changes in your LINKEDIN experience or restrictions on access to certain features.

As a non-registered user, you can also contact LINKEDIN using the contact details listed.

To the extent that a right to object relates to data that Medinix Information Systems GmbH has received under shared responsibility, you are also welcome to submit an objection to us.

g)   Right to data portability

As a registered user, you can download a copy of your data, such as your LINKEDIN posts, by following the instructions at https://www.linkedin.com/help/linkedin/answer/50276/auf-ihre-kontodaten-zugreifen?lang=det.

As a non-registered user, you can also contact LINKEDIN using the contact details listed.

To the extent that a right to data portability relates to data that Medinix Information Systems GmbH has received under shared responsibility, you are also welcome to submit a data transfer request to us pursuant to section.

4.2.  How do you exercise your rights?

Please note that Medinix Information Systems GmbH is not the operator of the entire social platform, but merely maintains a profile on LINKEDIN. We receive the data and information listed in this privacy policy from LINKEDIN. We therefore advise you to contact LINKEDIN directly for general data information requests, change requests and deletion and blocking requests with regard to the platform.

You may contact LINKEDIN's Privacy Officer with your privacy inquiries via the contact form at: https://www.linkedin.com/help/linkedin/ask/TSO-DPO. In addition, you may also contact LINKEDIN's Privacy Officer by mail at the following address:

LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland.

Medinix Information Systems GmbH can be reached at the contact details provided.

 

 

III.   Special information on the use of XING

1.   Person responsible for XING and aspects of joint responsibility

Responsible for the processing that takes place on the platform is the

New Work SE, Am Strandkai 1, 20457 Hamburg, Germany, e-mail: info@xing.com.

XING is a network in the German-speaking region. According to Xing, your personal data is transferred exclusively to servers in the European Union. Insofar as sub-processors take place in states outside the European Union, XING we will conclude the contractual regulations required under data protection law to ensure an appropriate level of protection for personal data with the third party.

You can contact the XING data protection officer using the contact form on the following pages. Please note that the message sent via this contact form may not only be received by the data protection officer:

https://www.xing.com/support/contact/security/data_protection.

In addition, you can also contact XING's data protection officer by mail at the following address: New Work SE Felix Lasse, Am Strandkai 1, 20457 Hamburg, Germany.

You can access XING's privacy policy at https://privacy.xing.com/de/datenschutzerklaerung.

With regard to the use of the social media service XING, there is joint responsibility with regard to the use of individual functions by Medinix Information Systems GmbH. In addition to XING, Medinix Information Systems GmbH is also responsible for these functions. This is based on the usage agreement between Medinix Information Systems GmbH and XING.

2.   Functions used on XING

XING holds various functions available through which users can interact on XING. Via these special functions, XING sends us certain personal data on our behalf or this data is made available to us in our XING user menu so that it can be retrieved. Interaction with us or our posts on the XING platform is only possible if you are registered with XING.

For information on visibility to other users, visit https://privacy.xing.com/de/datenschutzerklaerung/informationen-die-sie-uns-mitteilen.

In the following, we explain which data XING makes available to us and how we process this data:

2.1.  List of functions and transmitted data

a) Direct message(s): XING notifies us when users have sent us a direct message or support request via XING and delivers this message to us. The purpose of the data processing is to process the specific contact request received via the direct message. You can find more information at https://privacy.xing.com/de/datenschutzerklaerung/informationen-die-sie-uns-mitteilen/private-nachrichten-im-sozialen-netzwerk.

b) Push notifications: Push notifications allow us to deliver messages to users if they have given their prior consent to XING. For this purpose, users inform XING of their willingness to receive push notifications by giving their active consent in a browser window or in an app or in the operating system of the end device. XING records these end devices or users in a database under a specific ID. By triggering a push notification function under a specific assignment, XING then delivers the message defined by us to the users matching in the database. We only receive anonymized statistical data about the assignment criteria and the effectiveness of the correctly delivered push notifications from XING. The purpose of the data processing is to deliver the push notifications to a previously defined target group.

c) Interaction with our content: Information on how we handle data when you interact with our content can be found at https://privacy.xing.com/de/datenschutzerklaerung/informationen-die-sie-uns-mitteilen/ihre-geteilten-inhalte-und-reaktionen-im-sozialen-netzwerk.

d) Interaction as part of job advertisements / recruiting: For some job advertisements, you can apply directly via XING. In our application form on XING, you can enter your contact details and add application documents. These are then transmitted to us by Xing. The data will be deleted by Xing after 6 months. We ourselves will delete the data 6 months after completion of the application process, unless a separate consent allows us to store the data for a longer period.

2.2.  Purpose of the use of the functions by Medinix Information Systems GmbH

Medinix Information Systems GmbH uses the data collected by XING and partly transferred to Medinix Information Systems GmbH in order to be able to interact with users within the framework of the platform. In doing so, the possibilities of the social platform are deliberately used in order, for example, not to create a media break when contact is established by means of a private message.

The publication of comments and ratings serves primarily the interaction with the users interested in the media offer of Medinix Information Systems GmbH.

2.3.  Legal basis for the processing of personal data

For registered users, the legal basis for the functions used is Art. 6 (1) p. 1 lit. b DSGVO (contract). By registering, a user relationship is concluded with regard to the use of the platform and the functions available there. The XING Terms of Use, which form part of the contract, can be found at: https://www.xing.com/terms/xing. The functions cannot be used by users without a XING account.

The legal basis with regard to the general operation of the profile operated by Medinix Information Systems GmbH and the transfer of individual data records to Medinix Information Systems GmbH is Art. 6 (1) p. 1 lit. f DSGVO (legitimate interest), unless you are registered or logged in to XING. The legitimate interest is the error-free functioning of the XING platform. You can find more details in this statement.

2.4.  Revocation and cancellation options

The revocation and deletion options are based on the general regulations on the right of revocation and deletion under data protection law described below in this data protection declaration.

2.5.  Duration of storage

The data provided to us by XING will be deleted as soon as it is no longer required for the above-mentioned purpose or the user account concerned has been deleted.

2.6.  Necessity of providing personal data

The information is neither contractually nor legally required and is not necessary for the conclusion of a contract. If you do not fill in the existing mandatory fields or do not fill them in completely, you will not be able to use the corresponding XING functions. You can also contact us via other channels, such as by e-mail or via our website.

3.   Information on the use of cookies and web services

3.1.  Scope of the processing of personal data

Precise information on which cookies and web services are used by XING and to what extent they are integrated by XING can be found in the XING privacy policy at: https://privacy.xing.com/de/datenschutzerklaerunghttps://www.linkedin.com/legal/privacy-policy?trk=hb_ft_privhttps://twitter.com/de/privacy.Medinix Information Systems GmbH will not itself use any further cookies or web services on the social media pages or use them there. In addition, there is no linking of the social media pages with other cookies and web services used by Medinix Information Systems GmbH. Medinix Information Systems GmbH has no access to the data collected via XING from cookies and web services.

The following notes therefore serve in particular to provide transparent information about your visit to our social media channels.

3.2.  Legal basis

The legal basis for the setting of cookies and web services by XING itself can be found in XING's privacy policy.

In the case of registered users, some transfers of personal data via the cookies and web services set may also take place on the basis of the XING Terms of Use and in these cases are based on Art. 6 (1) p. 1 lit. b DSGVO (contract). The usage agreement can be found at: https://www.xing.com/terms/xing.

3.3.  Purpose of data processing by XING

The cookies and web services are set by the respective social media site in order to maintain the full functionality of the social media site, to improve the user experience or to pursue the purpose stated with your consent. The cookie technology also enables the respective social media site to recognize individual visitors by means of pseudonyms, e.g. an individual or random ID, so that more individual services can be offered.

Details can be found in the XING privacy statement at: https://privacy.xing.com/de/datenschutzerklaerung.

3.4.  Duration of storage

Details can be found in the XING privacy statement at: https://privacy.xing.com/de/datenschutzerklaerung

3.5.  Possibility of objection, revocation of consent and deletion

You can set your browser according to your wishes so that the setting of cookies and web services is generally prevented. You can then decide on a case-by-case basis whether to accept cookies and web services or accept them in principle. Cookies can be used for various purposes, e.g. to recognize that your access device is already connected to our XING social media site (permanent cookies) or to store recently viewed content (session cookies). If you have expressly given the respective social media site permission to process your personal data, you can revoke this consent at any time. Please note that the legality of the processing carried out on the basis of the consent until the revocation is not affected.

4.   Data subject rights regarding XING

4.1.  Right to information and correction requests - Deletion & blocking of data - Revocation of consent

a)     Right to information

You can request information about the data you have provided to XING.

The information on how to do this can be found at https://privacy.xing.com/de/datenschutzerklaerung/welche-rechte-koennen-sie-geltend-machen/auskunftsrecht.

To protect your privacy and maintain security, XING takes measures to verify your identity before XING provides you with information about your personal data.

To the extent that a request for information concerns data within the scope of shared responsibility, you are also welcome to submit a request for information to us.

b)     Correction claim

Within the framework of the DSGVO, you can demand a right of rectification with regard to the data that you have provided to XING or that XING has collected.

As a registered user, you can already customize a large amount of personal data in your user profile yourself. For more information, please visit https://privacy.xing.com/de/datenschutzerklaerung/welche-rechte-koennen-sie-geltend-machen/berichtigungsrecht.

To the extent that a claim for correction involves data that Medinix Information Systems GmbH received under shared responsibility, you are also welcome to submit a claim for correction to us.

c)     Right to deletion

As a registered user, you can delete your data from XING by following the instructions listed at https://privacy.xing.com/de/datenschutzerklaerung/welche-rechte-koennen-sie-geltend-machen/recht-auf-loeschung.

As far as a deletion claim concerns data that Medinix Information Systems GmbH has received within the scope of joint responsibility, you are also welcome to submit a deletion claim to us. Since XING is responsible for the deletion and management of personal data, we advise you to submit the requests directly to XING for faster processing.

d)     Right to restriction of processing

As a registered user, you can manage your privacy settings and other account functions by following the instructions at https://privacy.xing.com/de/datenschutzerklaerung/welche-rechte-koennen-sie-geltend-machen/recht-auf-einschraenkung-der-verarbeitung. If you change your settings, it may take some time for your selection to be technically processed by the system. Depending on the settings you have adjusted, you may also notice changes in your XING experience or restrictions on access to certain features.

Insofar as a right to restriction concerns data that Medinix Information Systems GmbH has received within the scope of joint responsibility, you are also welcome to submit a restriction request to us. Here, too, we advise you to submit the requests directly to XING for faster processing.

e)         Right of revocation

You can revoke the processing of your data with regard to the legally existing rights at any time by contacting XING.

To the extent that a right to withdraw consent relates to data that Medinix Information Systems GmbH has received as part of its shared responsibility, you are also welcome to submit a withdrawal to us.

f)   Right of objection

In accordance with Art. 21 DSGVO, you have the right to object at any time to the processing of personal data relating to you that has been collected on the basis of Article 6 (1) p. 1 lit. e or lit. f DSGVO. You only have this right if there are special circumstances against the storage and processing.

You can revoke the use by following the instructions at https://privacy.xing.com/de/datenschutzerklaerung/welche-rechte-koennen-sie-geltend-machen/widerspruchsrecht.

To the extent that a right to object relates to data that Medinix Information Systems GmbH has received under shared responsibility, you are also welcome to submit an objection to us.

g) Right to data portability

Information on the right to data portability can be found at https://privacy.xing.com/de/datenschutzerklaerung/welche-rechte-koennen-sie-geltend-machen/recht-auf-datenuebertragbarkeit.

To the extent that a right to data portability relates to data that has been stored by Medinix Information Systems GmbH under shared responsibility, you are also welcome to submit a data transfer request to us.

 

 

4.2.  How do you exercise your rights?

Please note that Medinix Information Systems GmbH is not the operator of the entire social platform, but merely maintains a profile on XING. We receive the data and information listed in this privacy policy from XING. We therefore advise you to contact XING directly for general requests for data information, requests for changes and requests for deletion and blocking with regard to the platform.

You can contact XING's data protection officer with your data protection inquiries via the contact form at: https://www.xing.com/support/contact/security/data_protection. In addition, you can also contact XING's data protection officer by mail at the following address:

New Work SE, Am Strandkai 1, 20457 Hamburg, Germany.

Medinix Information Systems GmbH can be reached at the contact details provided at the beginning of this privacy policy.

 

 

IV.  Special information on the use of INSTAGRAM

1.   Person responsible for INSTAGRAM and aspects of joint responsibility

Responsible for the processing that takes place on the platform is the

Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, impressum@support.instagram.com, Fax: +1 650 543 5340.

Since INSTAGRAM also processes the data on its own servers of the parent company Meta Plattform Inc., 1601 Willow Road, Menlo Park, CA 94025, USA and also transfers the data to the USA, the processing thus also takes place in a third country for which no adequacy decision of the European Commission exists. Therefore, the usual level of protection for the GDPR cannot be guaranteed for the transfer, as it cannot be ruled out that in the third country, e.g. authorities can access the collected data. We have concluded standard contractual clauses with Meta. You can find more information here: https://www.facebook.com/legal/EU_data_transfer_addendum.

With regard to any joint responsibilities that may exist, we have also entered into the agreements set out at https://www.facebook.com/legal/terms/page_controller_addendum.

You can contact Meta's data protection officer using the contact form on the following pages. Please note that the message sent via this contact form may not only be received by the data protection officer:

https://www.facebook.com/help/contact/540977946302970.

In addition, you may also contact INSTAGRAM's Privacy Officer by mail at the following address: Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

Instagram's privacy policy can be found at https://privacycenter.instagram.com/policy/.

With regard to the use of the social media service INSTAGRAM, there is a joint responsibility with regard to the use of individual functions by us. In addition to INSTAGRAM, medinix Information Systems GmbH is also responsible for these functions.

2.   Used functions at INSTAGRAM

INSTAGRAM maintains various features through which users can interact on INSTAGRAM. Through these special features, INSTAGRAM sends us certain personal data on our behalf or makes it available to us in our INSTAGRAM user menu.

In the following, we explain which data INSTAGRAM makes available to us and how we process this data:

2.1.  List of functions and transmitted data

(a) Direct Message(s): Instagram notifies us when users have sent us a direct message or support request via Instagram and delivers that message to us. The purpose of the data processing is to process the specific contact request received through the direct message.

b) Push notifications: Push notifications allow us to deliver notifications to users if they have given their prior consent to Instagram. For this purpose, users inform Instagram of their willingness to receive push notifications by giving their active consent in a window that appears or in an app or in the operating system of the end device. Instagram records these end devices or users in a database under a specific ID. By triggering a push notification function under a specific association, Instagram then delivers the message to the users matching in the database. We only receive anonymized statistical data about the attribution criteria and the effectiveness of the correctly delivered push notifications from Instagram. The purpose of the data processing is to deliver the push notifications to a pre-determined target group.

c) Live chat / group chat: Instagram notifies us when individual or multiple users have opened a chat and provides us with a chat form through which we can exchange messages with the users. The purpose of the data processing is to process the specific contact request received through the live chat.

d) Comments: Users can leave us a comment on our Instagram page. Instagram uses the data entered in this way to display the comment on our Instagram page. Instagram sends us a message when comments are left and gives us the opportunity to publicly respond to the user. The purpose of the data processing is to publish your comment on our Instagram page. We reserve the right to delete or hide comments.

e) Surveys: The data you enter in a survey on Instagram is displayed to us by Instagram as a pseudonymized opinion of the survey. The purpose of the data processing is the networking of Instagram users and the exchange of media content individually or in a defined community.

f) Advertising: Through the advertising function, we can have Instagram serve targeted advertisements to other users. In advance, we can specify a target group in the Instagram user menu based on certain abstract criteria. After the advertisement has been delivered by Instagram, Instagram compiles anonymous statistics for us that show the effectiveness of the advertising measure as well as the primarily targeted group. The purpose of the data processing is to deliver the advertising to abstractly determined users and to network Instagram users to share with each other and create and share media content individually or in a defined community or openly in society.

g) Livestream/Live Videos: Instagram allows us to send a live video to participating users. In doing so, we receive information from Instagram about the corresponding target group during the livestream. The purpose of the data processing is to establish the concrete video transmission, as well as the optimization of our live stream offer.

2.2.   Purpose of the use of the functions by medinix Information Systems GmbH

medinix Information Systems GmbH uses the data collected by INSTAGRAM and partly transmitted to medinix Information Systems GmbH to be able to interact with users within the framework of the platform. In doing so, the possibilities of the social platform are deliberately used in order, for example, not to create a media break when contact is established by means of a private message.

The publication of posts, comments, surveys, videos and advertising as well as participation in group chats, live chats and livestreams / live videos primarily serve to interact with users interested in our media offering.

The surveys are used to map current opinion and to identify trends, statistics and interests and, in addition to general statistical collection away from the platform, represent a further indication of the working methods and orientation of medinix Information Systems GmbH.

2.3.  Legal basis for the processing of personal data

For registered users, the legal basis for the functions used is Art. 6 (1) p. 1 lit. b DSGVO (contract). By registering, a user relationship is concluded with regard to the use of the platform and the functions available there. The INSTAGRAM terms of use, which are part of the contract, can be found at: https://de-de.facebook.com/help/instagram/581066165581870. The functions cannot be used by users without an INSTAGRAM account.

The legal basis with regard to the general operation of the profile operated by us and the transfer of individual data records to medinix Information Systems GmbH is Art. 6 para. 1 p. 1 lit. f DSGVO (legitimate interest), unless you are registered or logged in to INSTAGRAM. The legitimate interest consists in an error-free function of the INSTAGRAM platform.

2.4.  Revocation and cancellation options

The revocation and deletion options are based on the general regulations on the right of revocation and deletion under data protection law described below in this data protection declaration.

2.5.  Duration of storage

The deletion of the data provided to us by INSTAGRAM will take place as soon as it is no longer required for the above-mentioned purpose or the user account concerned has been deleted.

2.6.  Necessity of providing personal data

The information is neither contractually nor legally required and is not necessary for the conclusion of a contract. If you do not fill in the existing mandatory fields or do not fill them in completely, you will not be able to use the corresponding functions of INSTAGRAM. You can also contact us via other channels, such as by e-mail or via our website.

3.   Information on the use of cookies and web services

3.1.  Scope of the processing of personal data

Precise information on which cookies and web services are used by INSTAGRAM and to what extent they are integrated by INSTAGRAM can be found in the INSTAGRAM privacy policy at: https://privacycenter.instagram.com/policy/. medinix Information Systems GmbH will not itself use any further cookies or web services on the social media sites or use them there. A linking of the social media sites with other cookies and web services used by medinix Information Systems GmbH will only take place if and to the extent that it is listed in the respective privacy policy on the corresponding website. medinix Information Systems GmbH has no access to the data collected via INSTAGRAM from cookies and web services.

The following notes therefore serve in particular to provide transparent information about your visit to our social media channels.

3.2.  Legal basis

The legal basis for the setting of cookies and web services by INSTAGRAM itself can be found in INSTAGRAM's privacy policy.

In the case of registered users, some transfers of personal data via the cookies and web services set may also take place on the basis of the INSTAGRAM terms of use and in these cases are based on Art. 6 para. 1 p. 1 lit. b DSGVO (contract). The usage agreement can be found at: https://de-de.facebook.com/help/instagram/581066165581870.

3.3.  Purpose of data processing by INSTAGRAM

The cookies and web services are set by the respective social media site in order to maintain the full functionality of the social media site, to improve the user experience, to pursue the purpose stated with your consent and also to show you personalized advertising or products that match your user profile, if applicable. Cookie technology also enables the respective social media site to recognize individual visitors by means of pseudonyms, e.g. an individual or random ID, so that more individualized services can be offered.

Details can be found in the INSTAGRAM privacy statement at: https://privacycenter.instagram.com/policy.

3.4.  Duration of storage

Details can be found in the INSTAGRAM privacy statement at: https://privacycenter.instagram.com/policy

3.5.  Possibility of objection, revocation of consent and deletion

You can set your browser according to your wishes so that the setting of cookies and web services is generally prevented. You can then decide on a case-by-case basis whether to accept cookies and web services or accept them in principle. Cookies can be used for various purposes, for example, to recognize that your access device is already connected to our INSTAGRAM social media site (permanent cookies) or to store recently viewed offers (session cookies). If you have expressly given the respective social media site permission to process your personal data, you can revoke this consent at any time. Please note that the lawfulness of the processing carried out on the basis of the consent until the revocation is not affected by this.

4.   4.    data subject rights regarding INSTAGRAM

4.1.  Right to information and correction requests - Deletion & blocking of data - Revocation of consent

a)     Right to information

You may request information about the data you have provided to INSTAGRAM.

To the extent that you are registered with INSTAGRAM, you can access and view the personal data INSTAGRAM has collected from you at https://www.instagram.com/accounts/edit/. You can find the categories and further information at https://privacycenter.instagram.com/policy.

To protect your privacy and maintain security, INSTAGRAM takes steps to verify your identity before providing you with any information about your personal information.

To the extent that a request for information concerns data within the scope of shared responsibility, you are also welcome to submit a request for information to us.

b)     Correction claim

Within the scope of the GDPR, you may request a rectification claim regarding the data that you have provided to INSTAGRAM or that INSTAGRAM has collected.

As a registered user, you can already customize a large amount of personal data at https://www.instagram.com/accounts/edit/. Regarding any further claims, you can also contact INSTAGRAM at the contact details listed under point II. 1.

To the extent that a claim for correction involves data that we received under shared responsibility, you are also welcome to submit a claim for correction to us.

c)     Right to deletion

As a registered user, you can delete your data from INSTAGRAM by following the instructions listed at https://help.instagram.com/370452623149242. By following them, the account will initially be deactivated for 30 days and will be deleted after the 30 days. The personal data will then be deleted by INSTAGRAM if there are no legal retention obligations.

As a non-registered user, you can also contact INSTAGRAM using the contact details listed.

As far as a deletion request concerns data that medinix Information Systems GmbH has received within the scope of joint responsibility, you are also welcome to submit a deletion request to us according to section I. 1. Since INSTAGRAM is responsible for the deletion and management of personal data, we advise you to submit the requests directly to INSTAGRAM for faster processing.

d)   Right to restriction of processing

As a registered user, you can manage your privacy settings and other account functions at https://www.instagram.com/accounts/privacy_and_security/. If you change your settings, it may take some time for your selection to be technically processed by the system. Depending on the settings you have adjusted, you may also notice changes in your INSTAGRAM experience or restrictions on access to certain features.

As a non-registered user, you can also contact INSTAGRAM using the contact details listed.

As far as a right to restriction concerns data that medinix Information Systems GmbH has received within the scope of joint responsibility, you are also welcome to submit a restriction request to us. Again, we advise you to submit the requests directly to INSTAGRAM for faster processing.

e)   Right of revocation

As a registered user, you can manage your privacy settings and other account functions at https://www.instagram.com/accounts/privacy_and_security/. If you change your settings, it may take some time for your selection to be technically processed by the system. Depending on the settings you have adjusted, you may also notice changes in your INSTAGRAM experience or restrictions on access to certain features.

As a non-registered user, you can also contact INSTAGRAM using the contact details listed.

Insofar as a right to withdraw consent concerns data that medinix Information Systems GmbH has received within the scope of joint responsibility, you are also welcome to send a withdrawal to us.

f)    Right of objection

In accordance with Art. 21 DSGVO, you have the right to object at any time to the processing of personal data relating to you that has been collected on the basis of Article 6 (1) p. 1 lit. e or lit. f DSGVO. You only have this right if there are special circumstances against the storage and processing.

As a registered user, you can manage your privacy settings and other account functions at https://www.instagram.com/accounts/privacy_and_security/. If you change your settings, it may take some time for your selection to be technically processed by the system. Depending on the settings you have adjusted, you may also notice changes in your INSTAGRAM experience or restrictions on access to certain features.

As a non-registered user, you may also contact INSTAGRAM using the contact information listed in Section II. 1. above.

To the extent that a right to object relates to data we have received under shared responsibility, you are also welcome to submit an objection to us pursuant to.

g)   Right to data portability

As a registered user, you can download a copy of your data, such as your INSTAGRAM posts, by following the instructions at https://www.instagram.com/download/request/.

As a non-registered user, you may also contact INSTAGRAM using the contact information listed in Section II. 1. above.

To the extent that a right to data portability concerns data that medinix Information Systems GmbH has received under shared responsibility, you are also welcome to submit a data transfer request to us.

4.2.  How do you exercise your rights?

Please note that medinix Information Systems GmbH is not the operator of the entire social platform, but merely maintains a profile on INSTAGRAM. We receive the data and information listed in this privacy policy from INSTAGRAM. We therefore advise you to contact INSTAGRAM directly for general requests for data information, requests for changes and requests for deletion and blocking with regard to the platform.

You can contact INSTAGRAM's data protection officer with your data protection inquiries via the contact form at: https://www.facebook.com/help/contact/540977946302970. In addition, you can also contact INSTAGRAM's data protection officer by mail at the following address:

Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

medinix Information Systems GmbH can be reached using the contact details provided.

 

 

V.    Special information on the use of FACEBOOK

1.   Responsible for FACEBOOK and aspects of joint responsibility

Responsible for the processing that takes place on the platform is the

Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, impressum-support@support.facebook.com, Fax: +16505435325.

Since FACEBOOK also processes the data on its own servers of the parent company Meta Plattform Inc., 1601 Willow Road, Menlo Park, CA 94025, USA and also transfers the data to the USA, the processing thus also takes place in a third country for which no adequacy decision of the European Commission exists. Therefore, the usual level of protection for the GDPR cannot be guaranteed for the transfer, as it cannot be ruled out that in the third country, e.g. authorities can access the collected data. We have concluded standard contractual clauses with Meta. You can find more information here: https://www.facebook.com/legal/EU_data_transfer_addendum.

With regard to any joint responsibilities that may exist, we have also entered into the agreements set out at https://www.facebook.com/legal/terms/page_controller_addendum.

You can contact Meta's data protection officer using the contact form on the following pages. Please note that the message sent via this contact form may not only be received by the data protection officer:

https://www.facebook.com/help/contact/5409779463029700.

In addition, you may also contact FACEBOOK's Privacy Officer by mail at the following address: Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

The FACEBOOK privacy policy can be found at https://www.facebook.com/privacy/policy.

With regard to the use of the social media service FACEBOOK, there is joint responsibility with regard to the use of individual functions by medinix Information Systems GmbH. In addition to FACEBOOK, medinix Information Systems GmbH is also responsible for these functions according to this privacy policy.

2.   Functions used on FACEBOOK

FACEBOOK holds various functions available through which users can interact on FACEBOOK. Through these special functions, FACEBOOK sends us certain personal data on our behalf, or this data is made available to us in our FACEBOOK user menu.

In the following, we explain which data FACEBOOK makes available to us and how we process this data:

2.1.  List of functions and transmitted data

a) Direct Message(s): Facebook notifies us when users have sent us a direct message or support request via Facebook and delivers this message to us. The purpose of the data processing is to process the specific contact request received through the direct message.

b) Push notifications: Push notifications allow us to deliver messages to users if they have given their prior consent to Facebook. For this purpose, users inform Facebook of their willingness to receive push notifications by giving their active consent in a browser window or in an app or in the operating system of the end device. Facebook records these end devices or users in a database under a specific ID. By triggering a push notification function under a specific assignment, Facebook then delivers the message defined by us to the users matching in the database. We only receive anonymized statistical data about the attribution criteria and the effectiveness of the correctly delivered push notifications from Facebook. The purpose of the data processing is to deliver the push notifications to a previously defined target group.

c) Live chat / group chat: Facebook notifies us when individual or multiple users have opened a chat and provides us with a chat form through which we can exchange messages with the users. The purpose of the data processing is to process the specific contact request received through the live chat.

d) Comments: Users can leave us a comment on our Facebook page. Facebook uses the data entered in this way to display the comment on our Facebook page. Facebook sends us a message when comments are made and gives us the opportunity to respond publicly to the user. The purpose of the data processing is to publish your comment on our Facebook page. We reserve the right to delete or hide comments.

e) Appointment/event reminder function: Via the appointment/event reminder function, users can declare their willingness to participate in our events or appointments and to be reminded of the corresponding events. This allows us to estimate approximately how many and which participants will want to attend our events. Likewise, Facebook automatically reminds event participants of the signaled participation before the event. The purpose of the data processing is the reminder of an appointment or the reservation of an appointment or an event as well as the optimization of our event offer.

f) Surveys: The data you enter in a survey on Facebook is displayed to us by Facebook as a pseudonymized opinion of the survey. The purpose of the data processing is the networking of Facebook users and the exchange of media content individually or in a defined community.

g) Advertising: Through the advertising function, we can have Facebook serve targeted advertisements to other users. In advance, we can specify a target group in the Facebook user menu based on certain abstract criteria. After the advertising has been delivered by Facebook, Facebook compiles anonymous statistics for us, which show the effectiveness of the advertising measure as well as the target group primarily addressed. The purpose of the data processing is the delivery of the advertisement to abstractly determined users and the networking of Facebook users to exchange with each other and to create and share media content individually or in a defined community or openly in society.

h) Livestream/Live Videos: Facebook allows us to send a live video image to participating users. In doing so, we receive information from Facebook about the corresponding target group during the livestream. The purpose of the data processing is to establish the concrete video transmission, as well as the optimization of our live stream offer.

2.2.  Purpose of the use of the functions by medinix Information Systems GmbH

medinix Information Systems GmbH uses the data collected by FACEBOOK and partly transmitted to medinix Information Systems GmbH in order to be able to interact with users within the framework of the platform. In doing so, the possibilities of the social platform are deliberately used in order, for example, not to create a media break when contact is established by means of a private message.

The publication of posts, comments, surveys, videos and advertisements as well as the participation in group chats, live chats and live streams / live videos primarily serve the interaction with users interested in the media offer of medinix Information Systems GmbH.

The surveys are used to map current opinion and to identify trends, statistics and interests and, in addition to general statistical collection away from the platform, represent a further indication of the working methods and orientation of medinix Information Systems GmbH.

2.3.  2.3 Legal basis for the processing of personal data

For registered users, the legal basis for the functions used is Art. 6 (1) p. 1 lit. b DSGVO (contract). By registering, a user relationship is concluded with regard to the use of the platform and the functions available there. The FACEBOOK terms of use, which are part of the contract, can be found at: https://www.facebook.com/legal/terms. The functions cannot be used by users without a FACEBOOK account.

The legal basis with regard to the general operation of the profile operated by medinix Information Systems GmbH and the transfer of individual data records to medinix Information Systems GmbH is Art. 6 para. 1 p. 1 lit. f DSGVO (legitimate interest), unless you are registered or logged in to FACEBOOK. The legitimate interest consists in a faultless function of the FACEBOOK platform. You can find more details in section III. 0. of this declaration.

2.4.  2.4 Revocation and deletion options

The revocation and deletion options are based on the general regulations on the right of revocation and deletion under data protection law described below in this data protection declaration.

2.5.  2.5 Duration of storage

The deletion of the data provided to us by FACEBOOK will take place as soon as it is no longer required for the above-mentioned purpose or the user account concerned has been deleted.

2.6.  2.6 Necessity of providing personal data

The information is neither contractually nor legally required and is not necessary for the conclusion of a contract. If you do not fill in the existing mandatory fields or do not fill them in completely, you will not be able to use the corresponding functions of FACEBOOK. You can also contact us via other channels, such as by e-mail or via our website.

3.   Information on the use of cookies and web services

3.1.  Scope of the processing of personal data

Precise information on which cookies and web services are used by FACEBOOK and to what extent they are integrated by FACEBOOK can be found in the FACEBOOK privacy policy at: https://www.facebook.com/privacy/policy. medinix Information Systems GmbH will not itself use any further cookies or web services on the social media sites or use them there. A linking of the social media sites with other cookies and web services used by medinix Information Systems GmbH will only take place if and to the extent that it is listed in the respective privacy policy on the corresponding website. medinix Information Systems GmbH has no access to the data collected via FACEBOOK from cookies and web services.

The following notes therefore serve in particular to provide transparent information about your visit to our social media channels.

3.2.  Legal basis

The legal basis for the setting of cookies and web services by FACEBOOK itself can be found in Instagram's privacy policy.

In the case of registered users, some transfers of personal data via the cookies and web services set may also take place on the basis of the FACEBOOK terms of use and in these cases are based on Art. 6 para. 1 sentence 1 lit. b DSGVO (contract). The usage agreement can be found at: https://www.facebook.com/legal/terms.

3.3.  Purpose of data processing by FACEBOOK

The cookies and web services are set by the respective social media site in order to maintain the full functionality of the social media site, to improve the user experience, to pursue the purpose stated with your consent and also to show you personalized advertising or products that match your user profile, if applicable. Cookie technology also enables the respective social media site to recognize individual visitors by means of pseudonyms, e.g. an individual or random ID, so that more individualized services can be offered.

Details can be found in the FACEBOOK privacy statement at: https://www.facebook.com/privacy/policy.

3.4.  Duration of storage

Details can be found in the FACEBOOK privacy statement at: https://www.facebook.com/privacy/policy.

3.5.  Possibility of objection, revocation of consent and deletion

You can set your browser according to your wishes so that the setting of cookies and web services is generally prevented. You can then decide on a case-by-case basis whether to accept cookies and web services or accept them in principle. Cookies can be used for various purposes, e.g. to recognize that your access device is already connected to our FACEBOOK social media site (permanent cookies) or to store recently viewed offers (session cookies). If you have expressly given the respective social media site permission to process your personal data, you can revoke this consent at any time. Please note that the legality of the processing carried out on the basis of the consent until the revocation is not affected.

4.   Data subject rights regarding FACEBOOK

4.1.  Right to information and correction requests - Deletion & blocking of data - Revocation of consent

a)     Right to information

You may request information about the data you have provided to FACEBOOK.

If you are registered with FACEBOOK, you can access and view the personal data collected from you by FACEBOOK at https://www.facebook.com/settings?tab=your_facebook_information. The categories and further information can be found at https://www.facebook.com/your_information.

To protect your privacy and maintain security, FACEBOOK takes steps to verify your identity before providing you with access to your personal information.

To the extent that a request for information concerns data within the scope of shared responsibility, you are also welcome to make a request for information.

b)     Correction claim

You may request a rectification claim under the GDPR regarding the data that you have provided to FACEBOOK or that Facebook has collected.

As a registered user, you can already customize a large amount of personal data at https://www.facebook.com/your_information. Regarding any further claims, you can also contact FACEBOOK at the contact details listed in section III. 1.

To the extent that a claim for correction involves data that medinix Information Systems GmbH received under shared responsibility, you are also welcome to submit a claim for correction to us.

c)     Right to deletion

As a registered user, you can delete your data from FACEBOOK by following the instructions listed at https://de-de.facebook.com/help/250563911970368/?helpref=hc_fnav. By following them, the account will initially be deactivated for 30 days and will be deleted after the 30 days. The personal data will then be deleted by FACEBOOK if there are no legal retention obligations.

As a non-registered user, you can also contact FACEBOOK using the contact details listed.

As far as a deletion request concerns data received from medinix Information Systems GmbH within the scope of joint responsibility, you are also welcome to submit a deletion request to us. Since FACEBOOK is responsible for the deletion and management of personal data, we advise you to submit the requests directly to FACEBOOK for faster processing.

d)   Right to restriction of processing

As a registered user, you can manage your privacy settings and other account functions at https://www.facebook.com/settings. When you change your settings, it may take some time for your selections to be technically processed by the system. Depending on the settings you have adjusted, you may also notice changes in your FACEBOOK experience or restrictions on access to certain features.

As a non-registered user, you can also contact FACEBOOK using the contact details listed.

As far as a right to restriction concerns data received by medinix Information Systems GmbH within the scope of joint responsibility, you are also welcome to submit a restriction request to us. Again, we advise you to submit the requests directly to FACEBOOK for faster processing.

e)   Right of revocation

As a registered user, you can manage your privacy settings and other account functions at https://www.facebook.com/settings. When you change your settings, it may take some time for your selections to be technically processed by the system. Depending on the settings you have adjusted, you may also notice changes in your FACEBOOK experience or restrictions on access to certain features.

As a non-registered user, you can also contact FACEBOOK using the contact details listed.

To the extent that a right to revoke consent relates to data we have received under shared responsibility, you are also welcome to submit a revocation to us.

f)    Right of objection

In accordance with Art. 21 DSGVO, you have the right to object at any time to the processing of personal data relating to you that has been collected on the basis of Article 6 (1) sentence 1 lit. e or lit. f DSGVO. You only have this right if there are special circumstances against the storage and processing.

As a registered user, you can manage your privacy settings and other account functions at https://www.facebook.com/settings. When you change your settings, it may take some time for your selections to be technically processed by the system. Depending on the settings you have adjusted, you may also notice changes in your FACEBOOK experience or restrictions on access to certain features.

As a non-registered user, you may also contact FACEBOOK using the contact information listed in Section III. 1. above.

To the extent that a right to object relates to data we have received under shared responsibility, you are also welcome to submit an objection to us.

g)   Right to data portability

As a registered user, you can download a copy of your data, such as your FACEBOOK posts, by following the instructions at https://www.facebook.com/dyi/?referrer=ayi.

As a non-registered user, you can also contact FACEBOOK using the contact details listed.

To the extent that a right to data portability relates to data that we have received under shared responsibility, you are also welcome to submit a data transfer request to us.

4.2.  How do you exercise your rights?

Please note that medinix Information Systems GmbH is not the operator of the entire social platform, but merely maintains a profile on FACEBOOK. We receive the data and information listed in this privacy policy from FACEBOOK. We therefore advise you to contact FACEBOOK directly for general requests for data information, requests for changes and requests for deletion and blocking with regard to the platform.

You may contact FACEBOOK's data protection officer with your data protection inquiries via the contact form at: https://www.facebook.com/help/contact/540977946302970. In addition, you may also contact FACEBOOK's Data Protection Officer by mail at the following address:

Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

 

You can reach medinix Information Systems GmbH under the contact data given in section I. 1.