staging.funke-medical.de

Menu

Privacy policy

1. General
The following information, provided in accordance with Art. 13 GDPR, explains how we process personal data when you visit this website. According to Art. 4 No. 1 GDPR, personal data includes any information relating to an identified or identifiable natural person. This includes, for example, your name, address, email address, telephone number and other information that can be linked to a person.

Below, we explain which personal data we collect in connection with your visit to this website, for what purposes this is done and what rights you have with regard to this data processing.

2. Controller and Data Protection Officer
The controller within the meaning of Art. 4 No. 7 GDPR is
Funke Medical GmbH
Ährenfeld 10
46348 Raesfeld (Germany)

Phone: +49 (0)2865 266 93 50
Fax: +49 (0)2865 81 33
Email: info@funke-medical.de

For all questions relating to data protection, you may contact our Data Protection Officer at any time:
Jurando GmbH
Freiherr-vom-Stein-Straße 34
58511 Lüdenscheid
Email: info@jurando.de

3. Scope and purpose of the processing of personal data
When you use this website, various personal data is collected. This privacy policy explains which data we collect and what we use it for. It also explains how and for what purpose this is done.

3.1 Visiting this website
Server log files
When you access this website, your internet browser automatically sends data to this website server, where it is temporarily stored in a log file. The following data is stored without any further input from the visitor until it is automatically deleted:
• IP address of the visitor’s device,
• Date and time of access by the visitor,
• Name and URL of the page accessed by the visitor,
• Website from which the visitor accesses the website (“referrer URL”),
• Browser and operating system of the visitor’s device, as well as the name of the access provider used by the visitor.

The processing of this personal data is justified according to Art. 6(1)(f) GDPR. Our company has a legitimate interest in processing this data to
• quickly establish a connection to the company’s website,
• enable a user-friendly experience of this website,
• identify and ensure the security and stability of the systems and to facilitate and improve the administration of this website.

This data is expressly not processed for the purpose of gaining information about the identity of visitors to this website.

The data is deleted as soon as the purposes of data collection have been fulfilled. For data collected to provide the website, this means that it will be deleted once the respective session has ended. Data stored in log files is deleted after a maximum of 7 days. Storage beyond this period is possible. In this case, the IP addresses of users are deleted or anonymised so that clients accessing the site can no longer be identified.

Cookies
We use cookies and similar technologies on this website. Cookies are small text files that are stored on your device and can contain certain information. The use of such technologies is governed by Section 25 of the Telecommunications-Telemedia Data Protection Act (TTDSG). Technically necessary cookies, which are essential for the operation, security and basic functions of this website, may be used without your consent. The associated processing of personal data is based on our legitimate interest pursuant to Art. 6(1)(f) GDPR, to be able to provide this website in a functional and secure manner. These technically necessary cookies are not described individually in the privacy policy, as they do not involve selectable functions and are strictly required for the use of this website.

All other non-essential cookies and services from external providers, such as those used to integrate content, improving functionality or for IT security, are used exclusively with your voluntary consent in accordance with Section 25 para. 1 TTDSG and Art. 6(1)(a) GDPR. For this purpose, we use a consent management tool that allows you to choose which optional services you wish to allow when you first visit this website. You can withdraw or adjust your consent at any time via the consent tool and this will apply to all future use of the website.

Below, we inform you – in accordance with Art. 13 GDPR – about those services that require consent and are only loaded and used after you have given your consent.

Google Maps
This website uses Google Maps, a service provided by Google Ireland Limited, to display interactive maps and enable convenient use of the map function.

When you access a page with an embedded map, at least your IP address and other technical information (e.g. browser data) are transmitted to Google. If you are logged in to Google, this information can be linked to your account.

The legal basis for the integration of Google Maps is your consent (Art. 6(1)(a) GDPR). You may withdraw this consent at any time via the cookie settings. Data may be transferred to the USA; Google LLC is certified under the EU–US Data Privacy Framework.

For more information, please see Google’s privacy policy: https://policies.google.com/privacy.

Google Analytics
This website uses Google Analytics, a web analytics service that uses cookies (text files placed on your computer) to help analyse how users use the website and to continuously improve and enhance our services.

If IP anonymisation is activated on this website, your IP address is shortened by Google within member states of the European Union or other contracting states of the Agreement on the European Economic Area before being transmitted to a third country. This website uses Google Analytics with the extension “anonymiseIp()”. This ensures that IP addresses are processed in shortened form, thereby preventing them from being linked to a specific individual. If the data collected about you can be linked to a person, this possibility is immediately excluded and the personal data is deleted without delay. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to analyse your use of the website, to compile reports on website activity and to provide other services relating to website and internet usage to the site operator.

You can prevent cookies from being stored by adjusting your browser settings. However, please note that in this case you may not be able to fully utilise all the functions of this website. Furthermore, you can prevent Google from collecting and processing data generated by the cookie and related to your use of the website (including your IP address) by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

You can also deactivate Google Analytics by clicking on “Disable Google Analytics” to set a so-called Analytics opt-out cookie, which prevents Google Analytics from collecting data during future visits to this website.

The legal basis for the use of Google Analytics is Art. 6(1)(a) GDPR. Data may be transferred to the USA; Google LLC is certified under the EU–US Data Privacy Framework. Further information can be found at https://policies.google.com/privacy?hl=de. In addition, we have concluded a data processing agreement with Google in accordance with Art. 28.

Google Tag Manager
We use Google Tag Manager from Google Ireland Limited. This tool allows us to manage and integrate additional tracking and marketing services on this website. Your IP address is also processed in this context. Its use is based on your consent pursuant to Art. 6(1)(a) GDPR. The data is kept according to the services used and will be deleted at the latest when you withdraw your consent. Data may be transferred to the USA; Google LLC is certified under the EU–US Data Privacy Framework. Further information can be found at https://policies.google.com/privacy?hl=de.

Social media links
This website includes links to various social media platforms. These links are usually recognisable by their corresponding symbols or buttons (e.g., Facebook, X/Twitter, LinkedIn, Xing, WhatsApp).

By clicking on such a link, you will leave this website and be redirected to the respective platform. Data processing by the respective provider then only takes place there. We have no control over the type or scope of data processing by external providers.

The links are provided solely to direct you to our profiles or to make it easier to share content. Data is only transferred if you actively click on the link.

• Instagram/Facebook, provider: Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. Possible transfer to Meta Platforms Inc., 1601 Willow Road, Menlo Park, CA 94025, USA. Meta is certified under the EU-US Data Privacy Framework.
• LinkedIn, provider: LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. Possible transfer to LinkedIn Corporation, Sunnyvale, USA. LinkedIn is certified under the EU-US Data Privacy Framework.
• YouTube, provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Possible transfer to Google, USA. Google is certified under the EU-US Data Privacy Framework.

The legal basis for providing these links is your consent pursuant to Art. 6(1)(a) GDPR, which you voluntarily give by clicking on the respective symbol.

WordPress comments 
This website uses the locally integrated comment function of the WordPress content management system. This feature allows users to leave comments on posts. When you write a comment, the data you enter, as well as technical information such as IP address, browser data and timestamps, is processed to display the comment and to ensure the security of our system. Additionally, with your consent, cookies may be set to save your information for future comments. Data is not transmitted to external providers as part of the basic comment function. The processing is based on your consent in accordance with Art. 6(1)(a) GDPR, which you can revoke at any time via the consent management tool.

WordPress emojis
This website uses externally loaded WordPress emojis from the provider Automattic (USA) to display emojis. The service provides a set of emojis that is loaded especially when an older browser is used that cannot display emojis correctly without the service. When these emoji files are loaded, technical information such as your IP address and other browser and device information may be transmitted to external servers. No cookies are set in the process; technically, the system merely checks whether your browser can natively display emojis. The processing is based on your consent in accordance with Art. 6(1)(a) GDPR, which you can revoke at any time via the consent tool.

Gravatar
For displaying profile pictures in connection with the comment function, we use the external service “Gravatar” from the provider Automattic (Ireland). The service allows the display of images of people who, for example, leave a comment and whose email address is registered with Gravatar. If you use such an email address, an encrypted hash of your email address is transmitted to Gravatar after you have given your consent in order to retrieve the associated profile picture. IP addresses and technical browser information may also be processed. The processing is based exclusively on your consent in accordance with Art. 6(1)(a) GDPR, which can be revoked at any time via the consent tool. The transfer of personal data to third countries, such as the USA, cannot be ruled out.

Adobe Fonts
To display consistent fonts, we use the external service “Adobe Fonts” from the provider Adobe (Ireland). When you access our website, the required fonts are loaded from Adobe servers. Your IP address and the technical information necessary to provide the fonts are transmitted in this process. The integration serves solely to ensure a visually consistent presentation of our website. The processing is based on your consent in accordance with Art. 6(1)(a) GDPR, which you can revoke at any time using the consent tool. Adobe may also transfer data to servers in third countries, particularly in the USA.

Newsletter
If you have given us your explicit consent, we will process your personal data to regularly send you information, offers or news about our products and services via email. The legal basis for the processing is Art. 6(1)(a) GDPR.

During registration, we record the date and time of your registration and confirmation, as well as your email address, in order to be able to legally prove your consent.

Our email communications are sent via the service provider (SuperMailer, Mirko Böer, Malachitstraße 16, 04319 Leipzig), who is contractually bound as a data processor in accordance with Art. 28 GDPR and processes the data exclusively according to our instructions. No data is shared with third parties for their own purposes.

You can withdraw your consent to receive such emails at any time with effect for the future. You can withdraw your consent via the unsubscribe link included in every email or by contacting us using the contact details provided in this privacy policy.

Registration / Business customer account
On our website, in the “Online Shop” section, it is possible to log in with a personal business customer account after prior activation by our sales department. Full registration does not take place directly online; instead, our sales department first verifies and activates the company data required for using the B2B shop. Once activation is complete, you can log in with your email address and a password. Depending on internal processes, it may also be necessary to verify your customer number for initial activation.

The business customer account is used to manage your profile, use the shop functions and process and track orders. The legal basis for the processing is Art. 6(1)(b) GDPR, as the data processing is necessary for setting up the account, carrying out pre-contractual measures and fulfilling the user relationship. Your data will only be stored for as long as is necessary for using the account, processing orders and complying with statutory retention periods.

Shipping and payment service providers
To process orders in our online shop, we transmit personal data required for shipping or payment processing to the respective shipping and payment service providers. This includes, in particular, details such as delivery address, contact details, order number, contents of the goods and the data required for payment processing. The processing and transfer of data is carried out exclusively to fulfil the respective contract in accordance with Art. 6(1)(b) GDPR. The scope and purpose of the processing depend on the respective service provider and the shipping or payment method you have chosen. Further information on data processing can be found in the respective service providers’ own privacy policies.

3.2 Within our company
Contact
You have several options for contacting us (by email, by phone). When you contact us, we process the personal data you provide voluntarily and solely for the purpose of individual communication with you.

Processing of this data is based on Art. 6(1)(b) GDPR, insofar as your inquiry relates to the performance of a contract or is necessary for pre-contractual measures. In all other cases, processing is based on our legitimate interest (pursuant to Art. 6(1)(f) GDPR) in effectively handling inquiries addressed to us, or on your consent (Art. 6(1)(a) GDPR) if such consent has been requested.

The data you provide will remain with us until you request that we delete it, revoke your consent to its storage, or the purpose for data was collected no longer applies (e.g., after your request has been processed). Mandatory legal provisions, in particular retention periods, remain unaffected.

Direct marketing to existing customers
We process your contact details in order to send you information about our own similar products or services that relate to an existing business relationship. The processing is based on Art. 6(1)(f) GDPR in conjunction with Art. 7(3) German Act Against Unfair Competition (UWG).

Our legitimate interest is to provide you with relevant information and offers about our services within the framework of the existing customer relationship.

The prerequisite for this marketing communication is that we have received your email address in connection with a sale or service provision, you have not objected to the use of your address for this purpose and you were already informed of your right to object when we collected your data.

Our email communications are sent via the service provider (SuperMailer, Mirko Böer, Malachitstraße 16, 04319 Leipzig), who is contractually bound as a data processor in accordance with Art. 28 GDPR and processes the data exclusively according to our instructions. No data is shared with third parties for their own purposes.

To improve and optimise our email communication, we may track whether and when our emails are opened and which links are clicked. This information is evaluated and serves exclusively for statistical purposes to optimise the content of our emails and better align them with the interests of our recipients.

You can object to the use of your email address for marketing purposes at any time and this will apply to all future communications. You can object via the unsubscribe link in every email or by sending a message to the contact details provided in this privacy policy.

Customer data
These data are processed in the context of fulfilling our contracts with customers and implementing pre-contractual measures. The purposes of data processing are based on customer needs and may also include sales or consultation discussions and similar activities. Additionally, we process personal data to initiate and fulfil contracts with suppliers and service providers based on Art. 6(1)(b) GDPR.

Applicant data
We process the data you provide in connection with your application, either sent to us directly or submitted via an online form, to assess your suitability for the position (or, if applicable, other open positions in our company) and to carry out the application process.

As part of the application process, we process the personal data you provide to initiate an employment relationship under Art. 6(1)(b) GDPR. If the data is required for legal proceedings after the application process has been completed, data processing may take place on the basis of the requirements of Art. 6 GDPR, in particular for the purposes to protect legitimate interests pursuant to Art. 6(1)(f) GDPR. Our interest then lies in the assertion or defence of claims.

We process and store your personal data for as long as it is necessary to fulfil the purposes of the processing or contractual, legal or statutory obligations. After that, we delete the data or restrict its processing. If no employment relationship is established after the application process, we delete your data after 6 months.

Inclusion in the applicant pool is based solely on your explicit consent pursuant to Art. 6(1)(a) GDPR. Giving your consent is voluntary and does not affect the ongoing application process. Persons concerned can revoke their consent at any time. In this case, the data is irrevocably deleted from the applicant pool, unless there are legal reasons for retention.

Your application data is reviewed by the Human Resources department upon receipt of your application. Suitable applications are then internally forwarded to the heads of department responsible for the respective open position. We may transmit your personal data to affiliated companies if this is permitted within the scope of the stated purposes and legal bases. Within the company, solely those persons who require access to your data for the proper execution of our application process are authorised to do so. No transfer of data to third parties is planned or carried out.

4. Legal basis for data processing
Unless the legal bases have already been specified under section 4, the following applies to data processing:
If we obtain the consent of the data subject for processing personal data, Art. 6(1)(a) GDPR serves as the legal basis.

If the processing of personal data is necessary to fulfil a paid or unpaid contract, Art. 6(1)(b) GDPR serves as the legal basis. This also applies to processing operations that are necessary for carrying out pre-contractual measures.

If processing is necessary to comply with a legal obligation to which we are subject, then Art. 6(1)(c) GDPR serves as the legal basis.

If processing is necessary to protect a legitimate interest of our company or a third party, provided that the interests, fundamental rights and freedoms of the data subject do not override these interests, Art. 6(1)(f) GDPR serves as the legal basis for processing.

5. Data transfer to third countries
If personal data is transferred to a third country, we ensure that there is either an adequacy decision by the European Commission or appropriate safeguards under Art. 46 GDPR to guarantee an adequate level of data protection.

6. Recipients or categories of recipients of the data
Within the company, only those departments that need the data to perform their tasks receive it.

Your personal data will generally not be transmitted to third parties. Exceptions apply only if this is necessary to execute contractual agreements with you, if you have given your consent, if legal provisions require it, or if we are entitled to disclose the data.

This includes, in particular, transfer of data to service providers commissioned by us (e.g. data processors) or other third parties whose activities are necessary for the execution of the contract (e.g. event organisers, authorities, courts, experts, etc.). The transmitted data may only be used by third parties for the specified purposes.

7. Data processors 
We share your data with service providers who support us in operating our websites and related processes, in accordance with Art. 28 GDPR (General Data Protection Regulation). These include, for example, hosting service providers. Our service providers are strictly bound by our instructions and contractually obligated.

Below, we list the data processors we work with, if this has not already been specified in the above sections of the privacy policy. If data is transferred outside the EU or the EEA in this context, we will provide information on the appropriate level of data protection.

  • DOIT GmbH, Zweck Hosting, Angemessenes Datenschutzniveau: Verarbeitung nur innerhalb EU/EWR
  • Denic eG, Zweck Hosting, Angemessenes Datenschutzniveau: Verarbeitung nur innerhalb EU/EWR

8. Storage period
Unless otherwise stated in this privacy statement for specific cases, we store personal data only as long as necessary to achieve the purposes pursued. Your personal data will be deleted as soon as the purpose of the data processing no longer applies. Insofar as there are legitimate grounds within the meaning of Art. 17(3) GDPR preventing deletion, such as a legal obligation to retain the data, the processing of the data is restricted during this period. A legal obligation to retain records exists, for example, due to tax and commercial law documentation requirements. In these cases, the data is deleted as soon as the reason for further storage ceases, for example, when the legally prescribed retention period expires.

9. Rights of data subjects
Under applicable law, you have the right to access, rectify or complete, delete, transfer, restrict and object to the processing of your personal data.

We take the protection of your data very seriously. To ensure that personal data is not disclosed to third parties, please send your request by email or post to the above address, clearly identifying yourself.

Right to information
You have the right to request information about your personal data processed by us. In particular, you can request information about the purposes of processing, the categories of personal data, the categories of recipients to whom your data have been or will be disclosed, the planned storage period, the existence of a right to rectification, deletion, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data if they were not collected from us and the existence of automated decision-making, including profiling and, where applicable, meaningful information about the logic involved. (Art. 15 GDPR)

Right to rectification or completion
You have the right to request the immediate correction of inaccurate or the completion of your personal data stored by us. (Art. 16 GDPR)

Right to deletion
You have the right to request the deletion of your personal data stored by us, unless further processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims. (Art. 17 GDPR)

Right to restriction of processing
You have the right to request the restriction of the processing of your personal data if you contest the accuracy of the data, the processing is unlawful and you oppose its erasure, we no longer need the data but you require it to assert, exercise or defend legal claims, or you have objected to the processing pursuant to Art. 21 GDPR. (Art. 18 GDPR)

Notification obligation of the controller
If you exercise your right to rectification, deletion, or restriction of processing, we are obliged to inform all recipients to whom we have disclosed your personal data of this correction, deletion, or restriction of processing – unless this proves impossible or involves disproportionate effort. You have the right to be informed about these recipients. (Art. 19 GDPR)

Right to data portability
You have the right to data portability, meaning the right to receive the personal data we have stored about you in a commonly used, machine-readable format. (Art. 20 GDPR)

You also have the right to receive your personal data, which we process automatically based on your consent or to fulfil a contract, and have it transferred to another controller in a commonly used, machine-readable format.

If you request the direct transfer of the data to another controller, this will only be done insofar as this does not restrict the rights and freedoms of other individuals.

Right to object
You have the right, for reasons related to your specific situation, to object at any time to the processing of your personal data that is carried out on the basis of Art. 6(1)(f) GDPR (processing based on a legitimate interests assessment).

If you object, we will no longer process your personal data, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or if the processing serves the purpose of asserting, exercising or defending legal claims.

Right to withdraw your consent
If we process your personal data based on your consent, you have the right to revoke this consent at any time with effect for the future.

In the event of a revocation, we will immediately delete the data concerned, unless further processing can be based on a legal basis for processing without your consent (e.g. statutory retention periods).

Your withdrawal of consent does not affect the lawfulness of the processing carried out prior to your withdrawal.

Right to lodge a complaint with the supervisory authority
Furthermore, you have the right to lodge a complaint with the competent data protection supervisory authority at any time. You may contact the data protection supervisory authority of the federal state (Bundesland) in which you reside or the authority of the federal state in which the controller is based.

The supervisory authority with which the complaint is filed will inform the complainant about the status and outcome of the complaint, including the possibility of judicial remedy under Art. 78 GDPR.

The supervisory authority responsible for us is the State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia, which can be reached as follows:
Kavalleriestr. 2-4,
40213 Düsseldorf
poststelle@ldi.nrw.de
https://www.ldi.nrw.de/

10. Data security
To protect your data to the fullest extend possible from unauthorised access, we take technical and organisational measures. We use an encryption method on our websites. Your data is transmitted between your device and our server via the Internet using TLS encryption. You can usually recognise this by the lock icon in the status bar of your browser and the address line beginning with https://.

11. Status and updates of this privacy policy
This Privacy Policy is valid as of November 2025.

We reserve the right to update the privacy policy at regular intervals to reflect changes in the underlying data processing procedures or due to changes in the law.