Data Protection

It is important to us that we protect your data, which may be collected during your visit to www.agasan.com. You can visit our website at any time, without providing personal details.

Your individual and personal data is therefore only collected and stored if you contact us voluntarily. This includes all data that identifies or could identify you, such as your name, address, email address or even user behaviour.

The legal provisions on protecting your data can be found in the General Data Protection Regulation and in the German Federal Data Protection Law.

The data controller in the sense of the data protection provisions is

AGA Sanitätsartikel GmbH
represented by Director Achim Walter
Löhner Strasse 198b
32584 Löhne | Germany

T: +49 5731 82283
Email: info@agasan.com

The data protection officer is: Jörg Spannuth.

In the following document, you can learn what data we collect during your visit to our website and how this data is used. If you have any further questions, you can contact us at datenschutz@agasan.com.

You also have the right to appeal to the responsible supervisory authority regarding any improper use of your data. The authority is:

State commissioner for data protection and freedom of information
North Rhein-Westphalia
PO Box 20 04 44
40102 Düsseldorf

T: +49 211 38424-0
F: +49 211 38424-10
Email: poststelle@ldi.nrw.de
 

1. Server data collection

When visiting our website, various server statistics are transferred from your browser to our provider’s servers and stored automatically. Amongst other information, the name of the website visited, data, the data and time of the visit, the quantity of data transferred, reports of successful access, the browser type and version, the users operating system, the referrer URL (the previously visited website), the IP-address and querying provider is logged.

This data is used to conduct statistical analysis of the visits to our website and it is not assignable to individual persons. The legal basis for data collection is article 6 I f GDPR. This data is not combined with data from other sources. The IP-address is anonymised and data is deleted after 60 days. Our legitimate interest in the collection of this data arises from our need to optimise the website for our users, e.g. by preventing access from malicious pages or to optimise access for certain browsers and therefore the website is only shown to the user once the IP-address has been logged.

You fundamentally have the right to object to the collection of this data. In this exceptional case, this right is not taken into consideration, as it would otherwise not be possible to use the website.

The data is deleted as soon as it is no longer required for the abovementioned purposes.

2. Using and passing on personal data

a. General

Insofar as you have provided us with personal data, we will use this to answer your queries, to advise and execute contracts concluded with you and for technical administrative purposes. Your personal data will only be transferred or passed onto third-parties if this is required for the purposes of executing the contract, invoicing or if you have previously given your consent to such. You have the right to revoke any consent you have given at any time with future effect, see point 5 for your rights as a data subject.

b. Contract execution

Within the context of contracts concluded with you, we collect and store the personal data you have provided us with for the purpose of contract execution, i.e. including invoicing.

Your data is passed on for invoicing through banks or transport providers. Within the context of the legal fiscal provisions, invoice data will be transferred to the tax and revenue office.

The legal basis for collecting and processing the data arises from the execution of the contract, article 6 I (b) GDPR. The legal basis for transferring the data to the tax and revenue office is article 6 I (c) GDPR.

This data is erased upon expiry of the applicable legal retention obligations. If no legal retention obligations are present, then the data will be deleted once the purpose has been met.

c. Contact form and Email queries

When using our contact form, we collect and store your company, name and email address for the purpose of answering your query.

If you send us a contact request by email, we collect and store the email address and the data contained within the email.

The legal basis is article 6 I (a) GDPR, as when you use the form mentioned above, you consent to the processing of your data.

Your data is erased once the purpose for storage no longer applies, i.e. once your email/contact form query has been answered or once the subject matter of the query has been resolved.

You have the right to revoke the consent you have already given at any time, although the legality of the processing conducted up until consent was revoked remains unaffected.

For claims to erasure or information, see your data subject rights under point 5.

3. Cookies

This site uses cookies. These are small text files, which are stored on your internet browser (e.g. Firefox, Chrome, Microsoft Explorer/Edge, Safari etc.) or on your computer (your operating system) when visiting our site. Using these cookies, which contain a specific number sequence, allows our website to recognise your browser when revisiting our site. We use our own, so-called session cookies. These are aimed at improving use of the website and optimising the presentation of content.

The legal basis is article 6 I (f). Our legitimate interest is based on the fact that the abovementioned cookies allow the site to load easier, no tracking data is collected and thereby no personal rights or fundamental freedoms are breached.

You can deactivate cookies in your web browser. However, in certain cases this can affect the website’s functionality. For your other rights as a data subject, see point 5.

These cookies are only valid for the duration of your browser session and are deleted once you have ended your visit to our website.

You retain the right to be informed about and object to the storage of data by us at any time, see point 5 for your rights as a data subject. You can disable cookies in your web browser completely. However, in certain cases this can affect the website’s functionality.

Privacy Settings

Cookies are used on our website. Some of these are mandatory, while others allow us to improve your user experience on our website.

• Essential
• statistics
• External Content
   

4. Google Analytics

This website uses Google Analytics, a web analysis service of Google LLC (1600 Ampitheatre Parkway, Mountain View, CA 94043, USA; “Google”). Google Analytics uses so-called “cookies”, see Section 3 above of the general statement concerning cookies.

Cookies are used within the scope of Google Analytics for the purpose of analysing your use of the website as well as for measuring the range.

According to the information provided by Google Inc., the following cookies are used when using Google Analytics. This overview is based on Google Overview (in Englisch). 

The legal basis for gathering and storing data is Art. 6 I (f) GDPR. Our legitimate interest is justified based on the fact that we can use the analysis data for purposes such as determining where users end their site visit and we can improve our pages for you or adapt our language selection based on which countries our site is loaded from. On our website, we have extended Google Analytics with the code “gat._anonymizeIp();” in order to ensure anonymisation when collecting IP addresses (referred to as IP Masking). It is therefore not possible for us to assign the analysis data which has been collated to a specific person.

Data transmission to third countries: The data generated by the cookies about our use of this website is generally transmitted to a Google server in the USA and saved there. Due to the IP anonymisation enabled on this website, your IP address will be truncated by Google within Member States of the European Union or in other contracting states of the European Economic Area agreement. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and truncated there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website in order to put together reports about website activities and to provide other services linked to website usage and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google.

Google LLC is certified by the US Privacy Shield, which confirms that it provides an appropriate level of data privacy in line with GDPR. We have entered into an order processing agreement with Google LLC, by means of which Google Inc. provides evidence that we comply with appropriate and suitable technical and organisational measures to protect your personal data.

Objections and deletion

You can prevent cookies being stored on your computer using the relevant setting in your browser software; however we would point out that if you do so you may not be able to benefit from the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the Browser-Add-on available under the link.

The aforementioned add-on may not be available when loading our website via browsers on mobile devices. In this case, as well as in general, you can therefore alternatively prevent the use and distribution of the data to Google by clicking on this link. Please note that this is an “opt-out cookie” which is only valid for www.agasan.com and the browser being used. If you delete the cookies in your browser history, you must click on the link once again if you load our website in order to object to the use of data. The same applies if you load the website using a different browser.

You will find more information concerning data privacy with Google Analytics at https://support.google.com/analytics/answer/6004245?hl=en

You have the right to obtain information concerning the data stored by us and to object to it at all times, see Section 6 below concerning your rights as a data subject.

5. Data subject rights

a. Right to information

You have the right to be informed freely and at any time about the personal data that we store about you. You can demand to be informed about the following information. We must provide this information within one month:

(1) the purposes for which personal data is processed;

(2) the categories of personal data that is processed;

(3) the recipient or categories of recipients who have been or will be given access to your personal data;

(4) the planned duration of storing your personal data or, if concrete details on this are not available, criteria for the determination of the storage period;

(5) the existence of a right to rectification or erasure of your personal data, the right to restrict the processing by the data controller or the right to object to this processing;

(6) the existence of a right to appeal to a supervisory authority;

(7) all available information about the origin of data, if the personal data was not collected from the data subject;

(8) the existence of any automated decision-making or profiling, in accordance with article 22, para.1 and 4 of the GDPR and, at least in these cases, meaningful information about the logic involved, as well as the scope and intended effects of such processing on the data subject. We draw attention to the fact that we do not make use of such automated decision-making.

(9) whether your personal data is transferred to a third country or an international organisation. In this context, you may demand to be informed about the appropriate guarantees for transfers, in accordance with article 46 of the GDPR.

b. Right to rectification

You have the right to demand that any incorrect personal data held by us is rectified immediately, or that any incomplete personal data completed.

c. Right to deletion

Deletion claims

Sie haben das Recht, dass die Sie betreffenden personenbezogenen Daten unverzüglich gelöscht werden, und wir sind verpflichtet, diese Daten unverzüglich zu löschen, sofern einer der folgenden Gründe zutrifft:

You have the right to have your personal data erased immediately and we are obligated to erase it, provided one of the following reasons applies:

(1) Your personal data is no longer needed for the purpose for which it was collected or otherwise processed.

(2) You revoke your consent, upon which the processing was based, in accordance with article 6 I (a) and there is no other legal basis for processing.

(3) In accordance with article 21 I GDPR, you object to the processing of your data, which we collect on the basis of our stated legitimate interests (e.g. for Google Analytics) and no other legitimate reason for processing prevails, in accordance with article 21 II GDPR, you object to the processing in the context of direct advertising.

(4) Your personal data was unlawfully processed by us, for example, without consent or without a legitimate interest.

(5) Erasure of your personal data is required in order to fulfil the our legal obligations arising from EU or German law.

(6) The data was collected in the context of services offered by the information society to you as a minor, in accordance with article 8 GDPR.

If we have published your personal data and if we are obligated to erase it for one of the abovementioned reasons, then we will, in an appropriate manner, inform the companies whose websites contain the published data, that you wish to have this data erased. We will also explain that you, as the data subject, have requested the erasure of all links to this data and of all copies or replications of the data.

Exceptions

The right to erasure does not apply if the processing is required

(1) to express the right to free expression and information;

(2) to fulfil the legal duties for processing, which emanate from EU or German law, e.g. in the context of legal fiscal retention obligations or to perform a task in the public interest or in the exercise of official authority, that is vested in us;

(3) for reasons of public interest in the sense of public health, in accordance with article 9 II (h) and (i), as well as article 9 III of the GDPR;

(4) for archiving, scientific or historic purposes in the public interest or for statistical purposes, in accordance with article 89 (I) of the GDPR, insofar as the right to erasure foreseeably makes the realisation of the aims impossible or it seriously impedes this, or

(5) to assert, exercise or defend legal claims, e.g. in court proceedings.

d. Right to restrict data processing

You have the right to demand that we restrict the processing of your data, if one of the following requirements is met:

(1) If you dispute the accuracy of the personal data and for a time that allows us to check the accuracy of such data.

(2) If the processing is unlawful, you decline the erasure of your personal data and instead demand that use of your personal data is restricted.

(3) If we no longer require the data for the purpose of processing but you require the data for the assertion, execution or defence of legal claims.

(4) If you have objected to the processing of your personal data, which we collect on the basis of our stated legitimate interests (e.g. Google Analytics), so long as it has not yet been ascertained, whether our legitimate interests outweigh your rights.

If the processing was restricted for the abovementioned reasons, then, with the exception of your own storage, your data may only be processed with your consent, or for the assertion, execution or defence of legal claims, or to protect the rights of another natural or legal person (GmbH, AG etc.) or for reasons of significant public interest in the EU or a member state.

If you have enacted your right to restrict processing, you will be informed by us prior to the restriction being lifted.

e. Duty to disclose

If you have enacted your right to the rectification, erasure or restriction of processing by us, we are obligated to disclose this to all recipients who have been provided with your personal data, unless this is not possible or if it requires disproportionate effort.

You retain the right to be informed by us about these recipients.

f. Right to portability

You have the right to receive your personal data, which you have provided us with, in a structured, conventional and machine-readable format. Furthermore, you have the right to have your data transferred to another company by us without delay, so long as

(1) the processing concerns consent, in accordance with article 6 (I) of the GDPR or a contract, in accordance with article 6 I (b) of the GDPR and

(2) the processing takes place using automated procedures.

When executing this right, you further have the right to obtain your personal data, which has been transferred directly to another company by us, so long as this is technically feasible. The freedoms and rights of other persons may not be infringed during this.

The right to data portability does not apply to the processing of personal data, which is required to perform a task in the public interest or in the exercise of public authority, that is vested in us.

g. Right to object

For reasons relating to your particular situation, you have right to object to the processing of your personal data at any time, which due to article 6 I (e) of the GDPR “processing necessary for the performance of a task carried out in the public interest” or (f) of the GDPR “processing necessary for the purposes of our legitimate interests”, such as online marketing; this also applies to profiling based on these provisions.

We no longer process your personal data, unless we can prove that there are compelling protective reasons for processing, which outweigh your interests, rights and freedoms, or unless the processing is used to assert, execute or defend legal claims.

If your personal data is processed to carry out direct advertising, you have the right to object to the processing of your personal data for the purpose of such advertising at any time; this also applies to profiling, so long as it is in connection with such direct advertising.

If you object to processing for the purpose of direct advertising, then your personal data will no longer be used for this purpose.

In the context of using services from the information society and notwithstanding guideline 2002/58/EC, you have the possibility to lodge your objection using automated procedures using technical specifications.

h. Right to revoke the legal data protection declaration of consent

You have the right to revoke your legal data protection declaration of consent at any time. By revoking your consent, the legality of processing conducted up until consent was revoked remains unaffected.

i. Contact person for data subject rights

Insofar as we do not make it possible for you to execute your processing rights straight away, such as when unsubscribing from a newsletter, please contact us at info@agasan.com or by post using the address stated on our site notice.