Privacy

Information on data processing for this website in accordance with Art. 13 EU General Data Protection Regulation (GDPR) when collecting personal data from the data subject.

Data protection notice (version: GDPR 2.0 of xx March 2023)

Medigene AG is responsible for this website. As the provider of a teleservice, we must inform you at the beginning of your visit about the type, scope and purpose of personal data collection and use. We must do so in a manner that is precise, transparent, easy to understand and easily accessible, using clear and simple language. This content has to be available to you at any time. 

We attach great importance to the security of your data and compliance with data protection regulations. The processing of personal data is subject to the provisions of the European and national legislation currently in force.

In the following data protection notice, our intention is to outline how we handle your personal data and how you can contact us:

Medigene AG
Lochhamer Straße 11
D-82152 Planegg

Telephone: +49 89 2000330
E-Mail: medigene@medigene.com

Commercial Register No: HRB 115761

Management: Dr. Selwyn Ho, Prof. Dr. Dolores J. Schendel

Our data protection officer

Sven Lenz
Deutsche Datenschutzkanzlei – Datenschutzkanzlei Lenz GmbH & Co. KG
Bahnhofstraße 50
87435 Kempten
Germany

For questions regarding data protection or other data protection concerns, please send an e-mail to the following e-mail address: datenschutz@medigene.com

A. General

For ease of understanding, we do not distinguish between the genders. For the purpose of equality, equivalent terms apply to all genders. The meaning of the terms used, such as “personal data” or its “processing”, can be found in Article 4 of the EU General Data Protection Regulation (GDPR).

The personal data processed within the scope of this website includes

  • usage data (e.g. visited sites of our website) and
  • content data (e.g. input for newsletter registration).

B. Specific

Data protection notice

We guarantee that we will only process your data in connection with the processing of your inquiries as well as for internal purposes and in order to provide content and the services that you request.

Bases for data processing

We process users’ personal data only in compliance with the relevant data protection regulations. Legal basis are:  

  • Provision of contractual obligation
  • Processing is required by law
  • If you have given your consent (e.g. newsletter registration) 
  • Enforcement of our legitimate interest

This is where the above legal bases are regulated:

  • Processing for the purpose of providing our services and taking contract-related steps
    Art. 6 (1) b) GDPR
  • Processing for the purposes of compliance with our legal obligations
    Art. 6 (1) c) GDPR
  • Consent
    Art. 6 (1) a) and Art. 7 GDPR
  • Processing for the purposes of our legitimate interests
    Art. 6 (1) f) GDPR 

Data transfer to third parties

No data is transferred to a third party.

Data transfer to a third country or an international organization

A “third country” is a country in which the GDPR is not a directly applicable law. This basically includes all countries outside the EU or the European Economic Area.

No data is transferred to a third country or an international organization without legal basis.

Storage period of your personal data

We adhere to the principles of data economy and data reduction. This means that we only store your data for as long as is necessary to fulfill the above-mentioned purposes or in accordance with the various storage periods stipulated by law. If the respective purpose no longer applies or if the relevant storage periods expire, your data will be routinely blocked or deleted in accordance with statutory provisions.

For this purpose, we have drawn up an internal company concept to ensure this procedure.

Contact

If you contact us via this website, you agree to electronic communication. During the contact process, personal data is processed. The information you provide will be stored exclusively for the purpose of processing your inquiry and for possible follow-up questions.

The legal bases for this are as follows:

  • Processing for the purpose of providing our services and taking contract-related steps
    Art. 6 (1) b) GDPR

We would like to point out that, during transmission, e-mails can be read or changed unnoticed and without authorization. Please also note that we use software to filter unsolicited e-mails (spam filter). Use of the spam filter may result in the rejection of e-mails that have been falsely identified as spam due to certain characteristics.

What rights do you have?

    1. Right to information
      You have the right to obtain information about your stored data, free of charge. Upon request, we will inform you in writing of your personal data that we have stored. This also includes the origin and recipients of your data as well as the purpose of data processing.
    2. Right to rectification
      You have the right to have your data that we store rectified if it is incorrect. In doing so, you can request restriction of processing, e.g. if you contest the accuracy of your personal data.
    3. Right to blocking
      You can also have your data blocked. In order to allow blocking of your data at any time, this data must be held in a blocking file for control purposes.
    4. Right to erasure
      You can also request the erasure of your personal data, provided there are no statutory retention requirements. Insofar as such an obligation exists, we will block your data on request. If the relevant legal requirements are met, we will erase your personal data even if you do not request us to do so.
    5. Right to data portability
      You are entitled to request that we provide you with the personal data you have provided to us in a format that allows it to be transferred to another location.
    6. Beschwerderecht bei einer Aufsichtsbehörde
      You have the option to lodge a complaint with one of the data protection supervisory authorities.

      The competent data protection authority is:

      Bavarian Department of Data Protection Supervision (BayLDA)
      Promenade 27, D-91522 Ansbach
      Telephone: +49 981 53-1300
      Fax: +49 981 53-981300

      You can access the complaint form of the Bavarian Department of Data Protection Supervision via the following link: https://www.lda.bayern.de/de/beschwerde.html

       

    7. Right to object
      You have the possibility at any time, for reasons arising from your particular situation, to object to the processing of your data pursuant to Art. 6 (1) (e) and (f) GDPR; this also applies to profiling based on these provisions.

      Medigene AG will then no longer process your personal data unless it can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the purpose of asserting, exercising or defending legal claims.

      If personal data are processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling, insofar as it is associated with such direct marketing. In the event of such an objection, we will no longer process your personal data for the purposes of direct marketing. For this purpose, it is sufficient to send us a corresponding e-mail.

    8. Right of revocation
      You have the possibility at any time without giving reasons, to revoke your consent given to the processing of your personal data with effect for the future. You will not experience any disadvantages as a result of the revocation. For this purpose, it is sufficient to send us a corresponding e-mail.

      However, such revocation shall not affect the lawfulness of the processing carried out on the legal basis of Art. 6 (1) a) GDPR until the time of revocation.

      To exercise your data subject rights, send us an e-mail to the following address: datenschutz@medigene.com 

Protection of your personal data

We take contractual, technical and organizational security measures in line with state of the art technology in order to ensure compliance with the provisions of data protection legislation and to safeguard the data processed against accidental or intentional manipulation, loss, destruction or against access by unauthorized persons.

The security measures include in particular the encrypted transmission of data between your browser and our server. 256-bit SSL (AES 256) encryption technology is used for this purpose. 

Your personal data is protected within the scope of the following actions (excerpt):

  1. Maintaining the confidentiality of your personal data
    In order to protect the confidentiality of your personal data stored with us, we have taken a range of steps to control admission, entry and access.
  2. Safeguarding the integrity of your personal data
    In order to safeguard the integrity of your personal data stored by us, we have taken various measures to control the forwarding and input of such data.
  3. Ensuring the availability of your personal data
    In order to maintain the availability of your personal data stored with us, we have taken a number of steps to control compliance with work orders and availability.

The security measures in use are continuously improved in line with technological developments. Despite these precautions, due to the insecure nature of the internet, we cannot guarantee that your data will be transmitted securely to our website. As a result, any data transmission from you is at your own risk.

Protection of minors

Personal information may only be provided to us by persons under the age of 16 with the express consent of a parent or guardian. This data will be processed in accordance with this data protection declaration.

Server-Log-files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

  • browser type and browser version
  • operating system used
  • referrer URL
  • host name of the accessing computer
  • time of the server request
  • IP address

This data is not merged with other data sources.

The basis for the data processing is according to Art. 6 para. 1 lit. f) GDPR our legitimate interest.

Cookies 

Cookies are small text files that are stored locally in the cache of your internet browser. Cookies allow (for example) the recognition of the internet browser. The files are used to help the browser navigate through the website and to ensure that all functions can be used to the full extent.

We only use cookies that are relevant to the system.

Newsletter/e-mail notification

If you subscribe to our e-mail newsletter (e-mail notification), we will send you press releases and company announcements as soon as they are published. Personal data is collected for this purpose. Your email address is the only information required for sending the newsletter. Providing any further data is voluntary and will be used to address you personally. This data will be used by us for the purposes of sending selected information (newsletter) in the form of the e-mail, provided that you have expressly consented hereto as follows:

“Yes, I would like to receive information from Medigene.“

We use the “double opt-in” procedure to send the newsletter/e-mail notification. This means that we will only send information to you after you have explicitly confirmed that you consent to the sending. We will then send you a confirmation e-mail asking you to click on a link to confirm that you wish to receive our newsletter in the future.

By activating the confirmation link, you consent to the use of your personal data in accordance with Art. 6 (1) a) GDPR. When you register for the newsletter, we store your IP address as entered by the Internet Service Provider (ISP) as well as the date and time of registration. The purpose of this is to be able to track any possible misuse of your e-mail address at a later point in time.

You can unsubscribe from the newsletter at any time via the link provided for this purpose in the newsletter, or by sending a message to us, e-mail: investor@medigene.com. After you have unsubscribed, your e-mail address will immediately be deleted from our newsletter distribution list and included in a blocking file to ensure that revocation is successful.

Social networks

In addition to this online service, we also maintain presence in various social media, which can be accessed via the corresponding buttons on our website. When visiting such presence, personal data may be transmitted to the provider of the social network. It is possible that in addition to the storage of the data specifically entered by you in this social medium, further information is also processed by the provider of the social network. 

For more information, please see our social media privacy policy.

Changes to our privacy policy

We reserve the right to adjust our data protection declaration in short-term in order to reflect the latest legal requirements or to incorporate changes to our services. This could involve the introduction of new services, for example. Your return visit will then be subject to the new data protection declaration.

This site is registered on wpml.org as a development site.