DATA PROTECTION

Last updated: October 15, 2024

This Privacy Policy describes how GADGETTO Products GmbH (applicable references: the "Site", "we", "us" or "our") defines privacy, collects, uses and discloses personal information when you visit shop.hamberger-medical.com (the "Site"), use our services, make a purchase from us, or otherwise communicate with us regarding the Site (collectively, the "Services").

Please read this privacy policy carefully.

There are no oral side agreements. Changes to these provisions must be made in writing.

§1 Changes to the Privacy Policy

We may update this Privacy Policy from time to time, including to reflect changes in our practices or for other operational, legal or regulatory reasons. We will post the revised Privacy Policy on the Website, update the date on the reference to "Last Updated" and take any other steps required by law. When implementing the revised Privacy Policy, we are not obligated to explicitly inform you of the change, the period for objection and the consequences of not raising an objection. The provisions in the current version apply to each contract concluded.

§2.1 How we collect and use your personal data

To provide the Services, we collect necessary data as set out below. The information we collect and use varies depending on how you interact with us.

In addition to the specific uses listed below, we may use the information we collect about you to communicate with you, provide or improve the Services, comply with any applicable legal obligations, enforce any applicable terms of service, and protect or defend the Services, our rights, and the rights of our users or other stakeholders.

§2.2 What personal data do we collect?

The type of personal information we receive about you depends on how you interact with our website and use our services. When we use the term “personal information”, we mean the information specifically listed below that identifies you as an individual, relates to you or can be associated with you. The following sections describe the categories and specific types of Personal Data we collect.

§2.3 Information we collect directly from you

The information you provide to us directly through our Services may include:

  • Contact information including your name, address, telephone number and email address.
  • Order information including your name, billing address, shipping address, payment confirmation, email address, and phone number.
  • User account information, including your user name, password, security questions, or other information used for account security. 
  • Customer support information , including information you include in your communications with us, such as when you send a message through the Services.

Some features of the Services (e.g., complaint management) may require you to provide certain information about yourself directly to us. You may choose not to provide this information, but doing so may prevent you from using or accessing these features.

§2.4 Information we collect about your use

We may also automatically collect certain information about your interaction with the Services (" Usage Data "). For this purpose, we may use cookies, pixels and similar technologies (" Cookies "). Usage Data may include information about how you access and use our website and your customer account (hereinafter also referred to as Account), including device information, browser information, information about your network connection, your IP address and other information about your interaction with the Services.

§2.5 Information received from third parties

Finally, we may receive information about you from third parties, including vendors and service providers who collect information on our behalf, such as:

  • Companies that support our website and services, such as Shopify.
  • Our payment processors who collect payment information (e.g. bank account, credit or debit card information, billing address) to process your payment, fulfill your orders, and provide you with the products or services you request and to fulfill our contract with you.

When you visit our website, open or click on emails we send you, or interact with our services or advertisements, we or third parties we work with may automatically collect certain information using online tracking technologies such as pixels, web beacons, software developer kits, third-party libraries, and cookies.

Any information we receive from third parties will be treated in accordance with this Privacy Policy. See also the section below, Third Party Websites and Links.

§3.1 How we use your personal data – provision of products and services

We use your personal information to provide you with the Services and to perform our contract with you, including processing your payments, fulfilling your orders, sending you notifications related to your account, purchases, returns, exchanges, or other transactions, creating, maintaining, and otherwise managing your account, arranging shipping, facilitating returns and exchanges, and other features and functionality related to your account. Optional: We may also enhance your shopping experience by enabling Shopify to match your account with other Shopify services you may choose to use, in which case Shopify will process your information in accordance with its Privacy Policy and Consumer Privacy Policy.

§ 3.2 Marketing and Advertising

We may use your personal data for marketing and promotional purposes where necessary, for example to send marketing and promotional messages by email and to show you advertisements for products or services. This may include using your personal data to better tailor the services and advertising on our website and other websites. If you are located in the EEA (European Economic Area), the legal basis for these data processing activities is our legitimate interest in selling our products in accordance with Art. 6, para. 1 (f) GDPR.

§4 Security and fraud prevention

We use your personal data to detect, investigate, or take action regarding possible fraudulent, illegal, or malicious activities. If you decide to use the Services and register an account, you are responsible for the security of your account credentials. We strongly recommend that you do not share your username, password, or other login information with third parties. If you believe your account has been compromised, please contact us immediately. If you are located in the EEA, the legal basis for these data processing activities is our legitimate interest in ensuring the security of our website for you and other customers, in accordance with Art. 6, para. 1 (f) GDPR.

§5 Communication with you and service improvement

We use your personal data to provide you with customer support and to improve our services. This is in our legitimate interest to be able to respond to you, provide you with effective services and maintain our business relationship with you, in accordance with Art. 6, para. 1 (f) GDPR.

§6.1 Cookies

We use cookies on our website. For specific information about the cookies we use in connection with the delivery of our store through Shopify, please visit https://www.shopify.com/legal/cookies . We use cookies to operate and improve our website and services (including remembering your actions and preferences), perform analytics, and better understand user interactions with the services (in our legitimate interests to manage, improve, and optimize the services). We may also allow third parties and service providers to use cookies on our website to better customize the services, products, and advertising on our website and other websites.

Most browsers automatically accept cookies by default. However, you can set your browser to remove or reject cookies through the browser controls. Please note that removing or blocking cookies may affect your user experience and may cause some of the Services, including certain features and general functionality, to not work properly or to become unavailable. In addition, blocking cookies may not completely prevent us from sharing information with third parties, such as our advertising partners.

§ 6.2 How we share personal data

In certain circumstances, we may share your personal information with third parties for the purpose of performing a contract, for legitimate purposes and for other reasons that are subject to this Privacy Policy. These circumstances may include:

  • Purposes with vendors or other third parties who provide services on our behalf (e.g. IT management, payment processing, data analysis, customer support, cloud storage, order fulfillment and shipping).
  • Purposes with business and marketing partners to provide you with services and advertise to you. Our business and marketing partners will use your information in accordance with their own privacy policies.
  • purposes with our subsidiaries or elsewhere within our group of companies, in our legitimate interests of running a successful business.
  • Purposes related to a business transaction such as a merger or bankruptcy, to comply with any applicable legal obligations (including responding to subpoenas, search warrants, and similar requests), to enforce any applicable Terms of Service, and to protect or defend the Services, our rights, and the rights of our users or others.
  • If you instruct, request or otherwise give us your consent to share certain information with third parties, for example to send you products or through your use of social media widgets or login integrations, the processing of the data will be done with your consent.

We disclose the following categories of personal data and sensitive personal data about users for the purposes set out above in §2.1- §2.5 and § 6.2 :

  • Category of users:
    • Identifiers such as basic contact details and certain order and account information
    • Commercial information such as order information, purchasing information and customer support information
    • Internet or other similar network activities, such as usage data
    • Geolocation data, e.g. locations determined via an IP address or other technical means
  • Categories of recipients:
    • Suppliers and third parties who provide services on our behalf (such as internet service providers, payment processors, fulfillment partners, customer support partners and data analytics providers)
    • business and marketing partners
    • Affiliates

We will not use or publish your personal data without your consent or for the purpose of inferring it. With your consent, we will pass on personal data for the purpose of carrying out advertising and marketing activities as follows, see §6.3 .

§ 6.3 Third-party websites and links

Our website may contain links to websites or other online platforms operated by third parties. If you follow links to websites that are not affiliated with or controlled by us, you should review their privacy and security policies and other terms and conditions. We do not guarantee and assume responsibility for the privacy or security of such websites, including the accuracy, completeness or reliability of any information found on such websites. Information you provide in public or semi-public places, including information you share on third party social networking platforms, may also be viewed by other users of the Services and/or users of such third party platforms, without any restriction on use by us or any third party. The inclusion of such links by us does not automatically constitute an endorsement of the content of such platforms or their owners or operators, except as disclosed in the Services.

§ 7 Children's Data

The Services are not intended for use by children, and we do not knowingly collect any Personal Information from children. If you are a parent or guardian of a child who has provided us with Personal Information, you may contact us using the contact information provided below to request that we delete that information.

As of the effective date of this Privacy Policy, we have no actual knowledge that we use, “share,” or “sell” (as those terms are defined in applicable law) personal information of anyone under the age of 16.

§ 8 Security and storage of your data

Please note that no security measures are perfect or impenetrable, and we cannot guarantee "perfect security." In addition, the information you send to us may not be secure during transmission. We recommend that you do not use insecure channels to communicate sensitive or confidential information to us.

How long we retain your personal information depends on a variety of factors, such as whether we need the information to administer your account, provide the Services, comply with legal obligations, resolve disputes, or enforce other applicable agreements and policies. We follow current legal requirements regarding data security and retention.

§ 9 Your Rights

Depending on where you live, you may have some or all of the rights listed below in relation to your personal information. However, these rights are not absolute and only apply in certain circumstances. In certain cases, we may refuse your request to the extent permitted by law.

§ 9.1 Right to access/information

You may have the right to request access to the personal information we hold about you, including details of how we use and disclose your information.

§ 9.2 Right to erasure

You may have the right to request that we delete any personal information we hold about you.

§ 9.3 Right to rectification

You have the right to request the correction of incorrect personal data that we have stored about you. We will examine the case and make the corrections where possible. We reserve the right, for example, that an address correction made too late or when goods are shipped cannot be made if the shipping process has already begun.

§ 9.4 Right to portability

You have the right to obtain information about the personal data we hold about you, to request a copy of the personal data we hold about you (subject to approval) and, under certain circumstances and with certain exceptions, to request the transfer of this data to third parties.

§9.5 Right to object to sale, transfer or targeted advertising

With respect to our advertising purposes, you have the right to instruct us not to "sell" or "share" your personal information or to object to the processing of your personal information for purposes that are considered "targeted advertising" within the meaning of applicable data protection laws. Please note that if you visit our website with the Global Privacy Control opt-out preference signal enabled, we will automatically treat this as a request to object to the "sale" or "share" of information for the device and browser you use to visit the website, depending on your location.

§9.6 Restriction of processing

You have the right to ask us to stop or restrict the processing of your personal data. We reserve the right to implement this if activities related to your order or request or similar are still outstanding or have not been fully completed.

§9.7 Revocation of consent

If we rely on your consent to process your personal data, you have the right to withdraw this consent.

§9.8 Right to Object

If we refuse to process your request, you have the right to appeal our decision. You can do this by responding directly to our refusal. We will then examine your case accordingly and act in accordance with the law.

§9.9 Manage communication settings

We may send you promotional emails and you can opt out of receiving these emails at any time by using the unsubscribe option provided in our emails to you or by writing to us. If you unsubscribe, we may still send you non-promotional emails, for example about your account or orders.

You can exercise these rights as indicated on our website or by contacting us using the contact details provided below.

We will not discriminate against you if you exercise any of these rights. We may need to collect information from you, such as your email address or account information, to verify your identity before we can provide a substantive response to the request. Under applicable law, you may designate an authorized agent to make requests to exercise your rights on your behalf. Before we accept such a request from an agent, we must receive proof from the agent that you have authorized them to act on your behalf. We may also need to confirm your identity directly with us. We will respond to your request in a timely manner as required by applicable law.

§ 10 Complaints

If you have any complaints about the way we process your personal data, please contact us using the contact details provided below. If you are not satisfied with our response to your complaint, depending on where you live, you may have the right to appeal our decision by contacting us using the contact details provided below or by submitting your complaint to your local data protection authority.

For the European Economic Area (EEA), you can find a list of the responsible data protection supervisory authorities here .

§11 International Users

Please note that we may transfer, store and process your personal data outside the country in which you live. Your personal data will also be processed by employees and third-party service providers and partners in those countries.

When we transfer your personal data outside Europe, we will rely on accepted transfer mechanisms such as the European Commission's Standard Contractual Clauses or equivalent contracts adopted by the relevant UK authority, unless the data transfer is to a country determined to provide an adequate level of protection.

§12 Contact

If you have any questions about our privacy practices or this Privacy Policy, or if you wish to exercise any of your rights, please call us or email us at info@hamberger-medical.com.

For the purposes of applicable data protection laws and unless expressly stated otherwise, we are the controller of your personal data.

Responsibility for data protection GADGETTO Products GmbH: Dominik Blendl (Managing Director)