Privacy Policy

We are delighted that you are visiting our website. The protection and security of your personal information whilst using our website is very important to us. We would therefore like to take this opportunity to inform you about which of your personal data we collect when you visit our website and for what purposes this data is used. Personal data refers to specific details relating to the personal or factual circumstances of an identified or identifiable natural person (data subject), e.g. name, address, email addresses, user behaviour. This is therefore data that enables us to identify you. In addition, you will also find some information here regarding data processing activities outside this website (e.g. video conferences or newsletters).

Responsible for data processing

Responsible

For the processing of personal data within the meaning of the EU General Data Protection Regulation (GDPR)
Cellavent Healthcare GmbH
Am Trippelsberg 43
40589 Düsseldorf
Telephone: 02 11/78 17 69 8-0
Email: info@cellavent.de

Data Protection Officer

exkulpa gmbh
Waldfeuchterstr. 266
52525 Heinsberg
Telephone: 02452 / 99 33 11
Email: datenschutz@cellavent.de

General information

In addition to the data you actively provide to us on this page (e.g. via our contact form), we collect certain technical data. This so-called metadata is automatically transmitted from your computer to our servers as soon as you access our website (including browser, operating system and timestamp). We use this data to ensure our website is displayed correctly. In addition, we may collect data via integrated third-party providers (e.g. for external media such as map services or analytics tools). We explain the specific purposes and legal bases for this in the course of this privacy policy.

Retention period

Unless a specific retention period is stated within this privacy policy, we will retain your personal data for as long as the purpose of the data processing remains valid. If you submit a valid request for erasure or withdraw your consent, we will erase your data. Statutory retention obligations remain unaffected.

Legal bases for data processing

If you have consented to data processing, the processing of your personal data is carried out on the basis of Article 6(1)(a) of the GDPR or Article 9(2)(a) of the GDPR, where special categories of data are processed in accordance with Article 9(1) of the GDPR. Where you have given your explicit consent to the transfer of personal data to third countries, the data is also processed in accordance with Article 49(1)(a) of the GDPR. If you have consented to the storage of cookies or to access to information on your device (e.g. through device fingerprinting), data processing also takes place on the basis of Section 25(1) of the TDDDG. You may withdraw your consent at any time. Where your data is necessary for the performance of a contract or for the implementation of pre-contractual measures, we process your data in accordance with Article 6(1)(b) of the GDPR. Furthermore, we process your data where this is necessary to comply with a legal obligation, on the basis of Article 6(1)(c) of the GDPR. Data processing may also take place on the basis of our legitimate interest in accordance with Article 6(1)(f) of the GDPR. The following sections of this privacy policy provide information on the respective legal bases in individual cases.

Note on data transfers to third countries and US companies without DPF certification

Please note that we use tools provided by companies based in third countries where data protection standards are not adequate or in the USA, and which are not covered by the EU-US Data Protection Framework (DPF). When using these tools, your personal data may be transferred to and processed in these countries. Please note that in these third countries, a level of data protection comparable to that of the EU cannot be guaranteed.

We would like to clarify that the US generally offers a level of data protection comparable to that of the EU. The transfer of data to the US is permitted if the recipient holds DPF certification or provides appropriate additional safeguards. Information on data transfers to third countries, including data recipients, can be found in our Privacy Policy.

Automated decision-making

Your personal data is not processed for the purposes of automated decision-making.

Your rights

As a data subject under the General Data Protection Regulation (GDPR), you have the following rights:

  • Right of access: You have the right to request confirmation from us as to whether your personal data is being processed and, if so, to receive further information about the processing and copies of the data being processed (Art. 15 GDPR).

    Right to rectification: You have the right to request the immediate rectification of inaccurate personal data concerning you and, where applicable, the completion of incomplete personal data (Article 16 of the GDPR).

    Right to erasure: You have the right to request the erasure without undue delay of personal data concerning you where the legal conditions are met, in particular where the data is no longer necessary for the purposes for which it was collected and the processing is unlawful (Art. 17 GDPR).

    Right to restriction of processing: You have the right to request that we restrict the processing of your personal data where the legal conditions are met, in particular where you contest the accuracy of the data, the processing is unlawful and you object to erasure (Article 18 of the GDPR).

    Right to data portability: You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format, and you have the right to transmit this data to another controller without hindrance from us, provided this is technically feasible (Article 20 of the GDPR).

    Right to object: You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you, where the processing is carried out on the basis of Article 6(1)(e) or (f) of the GDPR (Article 21 of the GDPR).

    Right to withdraw consent: You have the right to withdraw your consent to the processing of personal data at any time with effect for the future. Withdrawing your consent does not affect the lawfulness of processing carried out on the basis of your consent prior to its withdrawal (Article 7(3) of the GDPR).

    Right to lodge a complaint with a supervisory authority: You have the right to lodge a complaint with a data protection supervisory authority if you consider that the processing of your personal data infringes the GDPR (Article 77 of the GDPR).

    Further data processing operations

    General information obligations

    This information is intended for customers, prospective customers, suppliers and employees. We process your personal data for the following purposes:

    • To fulfil our contractual obligations towards you (Article 6(1)(b) of the GDPR).

      To carry out pre-contractual obligations (Article 6(1)(b) of the GDPR).
      To respond to enquiries (Article 6(1)(b) of the GDPR).

      Where you have given us your consent to process your personal data for specific purposes (such as to receive our newsletter), data processing takes place on the basis of your consent (Article 6(1)(a) of the GDPR).

      To comply with legal obligations to which our company is subject (Article 6(1)(c) of the GDPR).

      Where necessary, we also process your data to safeguard our legitimate interests, in particular to assert legal claims and defend ourselves in legal disputes, or to ensure IT security; to consult credit reference agencies and exchange data with them in order to assess creditworthiness and default risks; for direct marketing and market research, provided you have not objected to the use of your data for this purpose; in connection with measures relating to business management and the further development of services and products; in connection with measures relating to product and sales optimisation; in connection with risk management measures; and for the prevention or investigation of criminal offences (Article 6(1)(f) of the GDPR).

      Categories of recipients of personal data

      Within our company, only those employees who absolutely need the data to perform their duties have access to it (need-to-know principle). Individual processes and services are carried out by carefully selected service providers, commissioned in accordance with data protection regulations, who are based within the EEA. Where service providers commissioned by us gain access to personal data whilst performing their services, data processing agreements have been concluded with them in accordance with Article 28(3) of the GDPR.

      Duration of data retention

      The data we process is stored for the duration of the contractual relationship and its fulfilment, and in compliance with statutory retention periods. These include, in particular, retention obligations under commercial and tax law as set out in the German Commercial Code (HGB) and the German Fiscal Code (AO). The standard retention and documentation periods are therefore up to ten years. If no contractual relationship is established, we process the data only for as long as is necessary for the specific purpose.

      Cookies

      Cookies are small text files stored by your browser on your device to retain certain information whilst you are using the website. Cookies enable us to improve various aspects of our website and make your visit more convenient.

      There are various types of cookies, each serving different purposes. Temporary cookies, also known as session cookies, are stored only for the duration of your use of the website and are automatically deleted when you close your browser. Persistent cookies, on the other hand, remain stored on your device for a longer period and enable us to recognise you and your preferences when you visit the website again.

      Cookies can also be categorised as first-party cookies and third-party cookies. First-party cookies are set by our website, whilst third-party cookies are set by other websites or service providers whose content is integrated into our website, such as plugins or analytics tools.

      Cookies are used for various purposes, such as ensuring the website functions properly, storing user settings, compiling anonymous statistics on user behaviour, or displaying personalised content and advertising. The legal basis for the use of cookies varies depending on the purpose of the cookies. In some cases, the setting of cookies is based on your legitimate interest pursuant to Article 6(1)(f) of the GDPR, in order to make our website functional and user-friendly. As the website operator, we have a legitimate interest in storing necessary cookies to ensure the technically flawless and optimised provision of our services. Where we seek your consent to the use of cookies, processing is carried out on the basis of Article 6(1)(a) of the GDPR in conjunction with Section 25(1) of the TDDDG. You may withdraw your consent at any time.

      Cookie consent with Usercentrics

      Nature and scope of processing

      We use Usercentrics’ consent technology to obtain your consent to the storage of certain cookies on your device or to the use of certain technologies, and to document this in accordance with data protection regulations. The provider is Usercentrics GmbH, Sendlinger Straße 7, 80331 Munich (hereinafter ‘Usercentrics’).

      When you visit our website, the following personal data is transmitted to Usercentrics:

      • Your consent(s) or the withdrawal of your consent(s)

        Your IP address
        Information about your browser
        Information about your device
        The time of your visit to the website

        In order to be able to record and document your consent or withdrawal of consent, the provider sets a cookie in your browser. This data is stored until you delete the cookie , request that we delete the data, or the purpose for data processing no longer applies. Statutory retention obligations remain unaffected.

        Usercentrics is used to obtain the legally required consents for the use of certain technologies. The legal basis for this is Article 6(1)(c) of the GDPR.

        Data processing on behalf of a controller

        To ensure that personal data is processed in accordance with our specifications and in compliance with the GDPR, we have entered into a data processing agreement (DPA) with the provider.

        Data processing in detail

        Below, we provide information on the individual processing operations, the scope and purpose of data processing, the legal basis, the obligation to provide your data and the respective retention period. No automated decision-making, including profiling, takes place in individual cases.

        Provision of the website

        When you access and use our website, we collect the personal data that your browser automatically transmits to our server. The following information is temporarily stored in a so-called log file:

        • IP address of the requesting computer

          Date and time of access
          Name and URL of the file accessed
          Website from which the access originated (referrer URL)

          Browser used and, where applicable, your computer’s operating system, as well as the name of your internet service provider

          Our website is not hosted by us directly, but by a service provider who processes the aforementioned data on our behalf in accordance with Article 28 of the GDPR for the purpose of providing the website.

          The use of the hosting provider is for the purpose of fulfilling our contractual obligations towards our potential and existing customers (Article 6(1)(b) of the GDPR) and in the interest of ensuring the secure, fast and efficient provision of our online services by a professional provider (Article 6(1)(f) of the GDPR).

          Contact form

          Nature and scope of processing

          If you send us enquiries (e.g. via the contact form, by email or by telephone), we store all data arising from this (e.g. name, email address, subject of the enquiry, etc.). We require this data to process your enquiry and to be able to answer any follow-up questions. We do not pass on this data without your consent.

          Purpose and legal basis

          The processing of this data is based on Article 6(1)(b) of the GDPR, provided that your enquiry relates to the performance of a contract or is necessary for the implementation of pre-contractual measures. Otherwise, the processing is based on our legitimate interest in the effective handling of enquiries addressed to us (Article 6(1)(f) of the GDPR) or on your consent (Article 6(1)(a) of the GDPR) if you have previously given it.

          Retention period

          The data you enter in the contact form will remain with us until you request its deletion, withdraw your consent to its storage, or the purpose for storing the data no longer applies (e.g. once your enquiry has been fully processed). Mandatory legal provisions – in particular retention periods – remain unaffected.

          Newsletter

          We offer our newsletter on this website. If you wish to subscribe to it, we require your email address and further details to verify that the email address belongs to you and that you consent to receiving the newsletter. No other personal data is collected unless you provide it voluntarily (e.g. name, telephone number, place of residence, etc.).

          When processing the data you provide when subscribing to the newsletter, we rely exclusively on your consent under Article 6(1)(a) of the GDPR as the legal basis. You may withdraw your consent to the processing and storage of your personal data at any time (e.g. via the ‘Unsubscribe’ link in the newsletter) with effect for the future.

          We store the personal data you have provided for the purpose of receiving the newsletter until you unsubscribe from the newsletter via us or the mailing service provider. This does not apply to data we have stored about you for other purposes.

          If you unsubscribe from the newsletter mailing list, your email address will be stored by us or the mailing service provider on a blacklist for an indefinite period. This is done to prevent future mailings from being sent to you. The data on the blacklist is used exclusively for this purpose and is not combined with any other data. This is not only in your interest but also in our legitimate interest under Article 6(1)(f) of the GDPR to fulfil our legal obligations regarding the sending of newsletters. You may object to this storage provided that your personal interests override our legitimate interest.

          Brevo

          This website uses Brevo to send newsletters. The provider is Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin, Germany.

          Brevo is a service for organising and analysing newsletter distribution. The data you provide to subscribe to the newsletter is stored on Brevo’s servers in Germany.

          Brevo enables us to analyse our newsletter campaigns. For example, we can see whether a newsletter message has been opened and which links have been clicked. This allows us to identify which links have been clicked on most frequently.

          Brevo also allows us to group newsletter recipients into different categories (‘clustering’). For example, newsletter recipients can be grouped by age, gender or place of residence. This enables us to tailor the newsletters more effectively to the respective target groups.

          If you do not wish Brevo to analyse your data, you must unsubscribe from the newsletter. We provide a link for this purpose in every newsletter message.

          Further information on Brevo’s features can be found here: https://www.brevo.com/de/newsletter-software/.

          Data processing is carried out on the basis of your consent (Article 6(1)(a) of the GDPR). You may withdraw this consent at any time. The lawfulness of any data processing operations that have already taken place remains unaffected by the withdrawal.

          The data stored by us for the purpose of sending the newsletter will be retained by us or the newsletter service provider until you unsubscribe from the newsletter, and will be deleted from the distribution list once you have unsubscribed. Data stored by us for other reasons remains unaffected by this.

          After you unsubscribe from the newsletter, your email address may be stored by us or the newsletter service provider on a block list to prevent future mailings. The data from the block list is used solely for this purpose and is not combined with any other data. This serves both your and our interest in complying with legal requirements when sending newsletters (legitimate interest within the meaning of Article 6(1)(f) of the GDPR). Storage on the block list is not time-limited. You may object to this storage provided that your interests override our legitimate interest.

          Further information on data protection at Brevo can be found here: https://www.brevo.com/de/legal/privacypolicy/.

          To ensure that personal data is processed in accordance with our guidelines and in compliance with the GDPR, we have entered into a data processing agreement (DPA) with the provider.

          Services and tools used

          Google reCAPTCHA

          This website uses Google reCAPTCHA. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

          Nature and scope of data processing

          reCAPTCHA is used to verify data entry (e.g. into a contact form) on this website. Specifically, it checks whether the entry is made by a human or by an automated programme. Google reCAPTCHA analyses the behaviour of the website visitor based on various characteristics. The analysis begins automatically as soon as the visitor accesses the website. The data collected during the analysis, such as the IP address, the length of time the website visitor spends on the site or the mouse movements made, is forwarded to Google.

          Website visitors are not notified that an analysis is taking place; these processes run entirely in the background.

          Legal basis

          The storage and analysis of data are carried out on the basis of our legitimate interest in protecting our web services from malicious automated scanning and spam (Article 6(1)(f) of the GDPR). Where consent has been sought, the processing of data is carried out exclusively on the basis of your consent in accordance with Article 6(1)(a) of the GDPR and Section 25(1) of the TTDSG. This consent may be withdrawn at any time.

          Google’s privacy policy and terms of service can be found at the following links: https://policies.google.com/privacy?hl=de and https://policies.google.com/terms?hl=de.

          The company is certified under the ‘EU-US Data Privacy Framework’ (DPF), an agreement between the European Union and the USA which aims to ensure compliance with European data protection standards when processing data in the USA. Certification under the DPF obliges companies to comply with these data protection standards. Further information is available at: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active

          Usercentrics

          We use Usercentrics’ consent technology to obtain your consent to the storage of certain cookies on your device or to the use of certain technologies, and to document this in accordance with data protection regulations. The provider is Usercentrics GmbH, Sendlinger Straße 7, 80331 Munich (hereinafter “Usercentrics”).

          When you visit our website, the following personal data is transmitted to Usercentrics:
          • Your consent(s) or the withdrawal of your consent(s)
          • Your IP address
          • Information about your browser
          • Information about your device
          • The time of your visit to the website

          In order to be able to record and document your consent or withdrawal of consent, the provider sets a cookie in your browser. This data is stored until you delete the cookie, request that we delete the data, or the purpose for which the data is processed no longer applies. Statutory retention obligations remain unaffected.

          Usercentrics is used to obtain the legally required consents for the use of certain technologies. The legal basis for this is Article 6(1)(c) of the GDPR.

          Gstatic

          On this website, we use features provided by Gstatic, a service offered by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

          Nature and scope of data processing

          Gstatic is a service provided by Google to speed up the loading of web pages. Gstatic stores website resources such as images, CSS and JavaScript files on its servers in order to deliver them to the user more quickly when the page is visited again. During this data processing, technical information, such as your IP address and technical details of your browser, is transmitted to Gstatic.

          The user profiles created by Gstatic are pseudonymised and cannot be traced directly back to you as an individual.
          Further information on this can be found in Google’s Privacy Policy: https://policies.google.com/privacy.
          Legal basis

          The use of Gstatic on this website is based on your consent in accordance with Article 6(1)(a) of the GDPR in conjunction with Section 25(1) of the TTDSG. You have the right to withdraw your consent at any time.

          The company is certified under the “EU-US Data Privacy Framework” (DPF), an agreement between the European Union and the US which aims to ensure compliance with European data protection standards when processing data in the US. Certification under the DPF obliges companies to comply with these data protection standards. Further information is available at: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active

          Data Processing

          To ensure that personal data is processed in accordance with our specifications and in compliance with the GDPR, we have entered into a data processing agreement (DPA) with the provider.

          Google API

          On our website, we use the services and functions of Google APIs, provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

          Nature and scope of data processing

          Google APIs allow us to access additional services and data from Google. When using these services, your IP address is transmitted to Google Ireland Limited. Please note that we provide specific information in our privacy policy for each additional Google service that we use. Further information on Google APIs and data protection can be found in Google’s privacy policy: https://policies.google.com/privacy.

          Legal basis

          We use Google APIs on the basis of our legitimate interests (i.e. the interest in optimising our online offering), in accordance with Article 6(1)(f) of the GDPR. Where we obtain consent (e.g. consent to the storage of cookies), data processing takes place exclusively on the basis of Article 6(1)(a) of the GDPR; you may withdraw this consent at any time.

          Data processing on behalf of a third party

          To ensure that personal data is processed in accordance with our specifications and in compliance with the GDPR, we have entered into a data processing agreement (DPA) with the provider.

          Google Fonts

          Nature and scope of data processing

          This website uses web fonts to ensure consistent display of fonts provided by Google. When you visit the page, your browser loads the required web fonts into your browser cache so that text and fonts are displayed correctly. To do this, the browser you are using establishes a connection to Google’s servers. As a result, Google becomes aware of your IP address.

          Legal basis

          The use of Google Web Fonts is based on our legitimate interest in ensuring a consistent display of the typography on our website (Article 6(1)(f) of the GDPR). If consent has been requested (e.g. consent to the storage of cookies), the processing of data takes place exclusively on the basis of your consent in accordance with Article 6(1)(a) of the GDPR and Section 25(1) of the TTDSG. This consent may be withdrawn at any time. If your browser does not support web fonts, a standard font from your computer will be used. Further information on Google Web Fonts can be found here: https://developers.google.com/fonts/faq. Google’s privacy policy can be found here: https://policies.google.com/privacy?hl=de.

          The company is certified under the ‘EU-US Data Privacy Framework’ (DPF), an agreement between the European Union and the USA which aims to ensure compliance with European data protection standards when processing data in the USA. Certification under the DPF obliges companies to comply with these data protection standards. Further information is available at: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active

Authorized Officer

Thomas Preuss

Cellavent Healthcare GmbH
Am Trippelsberg 43
D-40589 Düsseldorf 

Get in touch

Product Enquiry

Your message relates to: