Principles of data processing at myriamed GmbH
A link has brought you to this page because you want to find out how we handle (your) personal data. Please find below our information relating to data protection in fulfilment of our information obligations pursuant to Article 12 et seq. GDPR.
Who is responsible for data processing?
In accordance with data protection legislation, responsibility lies with:
For more information about our company, details of authorized representatives and other contact possibilities, please turn to the Imprint on our website. We have set up the following e-mail address to deal with all concerns about data protection: email@example.com
Which of your data do we process and to what purpose?
Any data that we have obtained from you are processed only for the purposes for which we have received or obtained them.
Data processing for other purposes only applies within the necessary legal prerequisites pursuant to Art. 6 (4) GDPR. In this case, we will naturally heed any information obligations pursuant to Art. 13 (3) GDPR and Art. 14 (4) GDPR.
What is the legal basis for this?
The legal basis for processing personal data is always Art. 6 GDPR, insofar as any specific legal regulations do not yet exist. This includes in particular the following possibilities:
• Consent (Art. 6 (1) a) GDPR)
• Data processing for the performance of contracts (Art. 6 (1) b) GDPR)
• Data processing on the basis of legitimate interests (Art. 6 (1) f) GDPR)
• Data processing for compliance with a legal obligation (Art. 6 (1) c) GDPR)
If personal data are processed on the basis of your consent, you have the right at any time to withdraw consent from us with effect for the future.
If we process data on the basis of legitimate interests, you as data subject have the right to object to the processing of personal data, taking account of the stipulations made in Art. 21 GDPR.
How long is the data storage period?
We process the data for as long as necessary for the specific purpose.
Where statutory storage obligations apply, e.g. under commercial or fiscal law, the affected personal data will be saved for the duration of the storage obligation. On expiry of the storage obligation, the situation will be reviewed to see whether there is any further need for processing. If no such need exists any longer, the data will be erased.
As a fundamental rule, we review data at the end of the calendar year with regard to the need for further processing. In view of the volume of data involved, this review is carried out with regard to specific types of data or processing purposes.
You can naturally demand information at any time (see below) about your personal data stored by us and demand erasure of the data or restriction of processing if no need exists.
Who receives the data?
Your personal data are only forwarded to third parties if this is necessary for performing the contract with you, if such forwarding is permissible based on legitimate interests pursuant to Art. 6 (1) f) GDPR, we are legally obliged to forward the data or you have given corresponding consent.
Where are the data processed?
We process your personal data only in data centers within the EU.
Your rights as "data subject"
You have the right to information about your personal data processed by us.
If you make an information enquiry that is not in writing, please understand that we will then expect you to provide proof that you are the person you are claiming to be.
Furthermore, you have the right to rectification or erasure or restriction of processing insofar as you are entitled by law.
Moreover, you are entitled to object to the processing in the framework of the legal obligations. The same applies to the right to data portability.
In particular, Art. 21 (2) and (2) GDPR gives you the right to object to the processing of your data in the context of direct marketing when this is based on legitimate interests.
Right to lodge a complaint
You have the right to lodge a complaint with a data protection supervisory authority about our processing of personal data.
Data protection officer
We have appointed an external data protection officer for our company: