BERJAYA

Trusted Shops: 4.86

Delivery in 1 - 3 working days

Data protection information

Information on data processing for this website in accordance with Art. 13 of the EU General Data Protection Regulation (GDPR) when collecting personal data from the data subject.

(Version: GDPR 2.1 dated April 29, 2025)

FormMed Healthcare GmbH is the data controller for this website and, as a provider of a teleservice, must inform you at the beginning of your visit about the type, scope, and purposes of the collection and use of personal data in a precise, transparent, understandable, and easily accessible form in clear and simple language. This content must be available to you at all times.

We attach great importance to the security of your data and compliance with data protection regulations. The processing of personal data is subject to the provisions of the currently applicable European and national laws.

The following data protection information is intended to show you how we handle your personal data and how you can contact us:

FormMed HealthCare GmbH
Schönberger Weg 13
60488 Frankfurt am Main
Germany
Commercial register no.: HRB 128692
Managing Directors: Jan Herweijer, Steven Jongeneel, Dr. Roland Schmidt
Phone: +49 69 76805698-22
E-Mail: Info@formmed.de

Our data protection officer
Sven Lenz
Data protection firm Lenz GmbH & Co. KG
Bahnhofstraße 50
87435 Kempten
Germany

If you have any questions about data protection or other data protection issues, please feel free to send an email to the data protection team: datenschutz@formmed.de

A.General

For the sake of clarity, we do not differentiate between genders. In the interests of equal treatment, the relevant terms apply to all genders. The meaning of the terms used, such as "personal data" or "processing," can be found in Art. 4 GDPR.

The personal data processed within the scope of this website includes
- Inventory data (e.g., names and addresses of customers),
- Contract data (e.g., services used, payment information),
- usage data (e.g., pages visited on our website), and
- content data (e.g., entries in online forms).

B. Specific Data protection information

We guarantee that we will only process your data in connection with the processing of your inquiries, for internal purposes, and to provide the services or content you have requested.

Basis for data processing

We process your personal data only in compliance with the relevant privacy policy and on the following legal bases:

- Processing for the fulfillment of our services and the implementation of contractual measures in accordance with Art. 6 (1) (b) GDPR (e.g. to process orders in the web shop)
- Processing for compliance with our legal obligations pursuant to Art. 6 (1) (c) GDPR
- Consent pursuant to Art. 6 (1) (a) and Art. 7 GDPR (e.g., consent to receive our newsletter)
- Processing to safeguard our legitimate interests pursuant to Art. 6 (1) (f) GDPR (e.g., sending advertising to existing customers).

Data transfer to third parties

We would like to point out that data is transferred to third parties.

Your data will only be passed on to third parties within the framework of legal requirements. We only pass on your data if this is necessary, for example, for contractual purposes or on the basis of legitimate interests in the economic and effective operation of our business.

If we use subcontractors to provide our services, we take appropriate legal precautions and technical and organizational measures to ensure the protection of personal data in accordance with the relevant legal provisions.

Data transfer to a third country or an international organization

Third countries are countries in which the GDPR is not directly applicable law. This basically includes all countries outside the EU or EWR.

Through the use of various services on our website/in our web shop (see description below), data is transferred to a third country or an international organization.

The adequacy decision of the EU-Commission is taken into account here. This states that it is a safe third country or a safe international organization that offers an adequate level of protection.

The following applies to data transfers to the USA: Since July 2023, there has been an adequacy decision by the EU-Commission (Data Privacy Framework), which identifies the USA as a third country with a level of data protection comparable to that of the EU. The adequacy decision can now serve as the basis for data transfers to certified organizations in USA.

The US services used are certified under the Data Privacy Framework. Details can be found under the individual services. However, there is still a risk that your data may be processed by US authorities for control and surveillance purposes. There is currently no legal remedy against this practice.

Storage period for your personal data

We adhere to the principles of data minimization and data avoidance. This means that we only store your data for as long as is necessary to fulfill the aforementioned purposes or as stipulated by the various storage periods provided for by law. If the respective purpose no longer applies or after the corresponding periods have expired, your data will be routinely blocked or deleted in accordance with the statutory provisions.

Contact

When you contact us electronically (e.g., via contact form or email), personal data is processed. The information you provide will be stored exclusively for the purpose of processing your inquiry and for possible follow-up questions.

We would like to inform you of the legal basis for this:

- Processing for the fulfillment of our services and the implementation of contractual measures Art. 6 (1) (b) GDPR

We would like to point out that emails can be read or altered without authorization and without notice during transmission. Furthermore, we would like to point out that we use software to filter unwanted emails (spam filter). The spam filter may reject emails if they are incorrectly identified as spam due to certain characteristics.

What are your rights?

a) Right to information
You have the right to obtain information about your stored data free of charge. Upon request, we will inform you in writing which personal data we have stored about you. This also includes the origin and recipients of your data as well as the purpose of data processing.

b) Right to correction
You have the right to have your data stored by us corrected if it is incorrect. In this case, you can request a restriction of processing, e.g., if you dispute the accuracy of your personal data.

c) Right to blocking
Furthermore, you can have your data blocked. To ensure that your data can be blocked at any time, this data must be stored in a block file for control purposes.

d) Right to erasure
You can request the deletion of your personal data, provided that there are no legal retention obligations. If such an obligation exists, we will block your data upon request. If the relevant legal requirements are met, we will delete your personal data even without your request.

e) Right to data portability
You are entitled to request that we provide the personal data you have submitted to us in a format that allows it to be transferred to another location.

f) Right to lodge a complaint with a supervisory authority
You have the option of lodging a complaint with one of the data protection supervisory authorities.

The data protection authority responsible for us:

The Hessische Beauftragte für Datenschutz und Informationsfreiheit
P.O. Box 3163, 65021 Wiesbaden Germany
Phone: +49 611 1408-0

You can open the complaint form via the following link: https://datenschutz.hessen.de/service/beschwerde-uebermitteln

Note: A complaint can also be submitted to any data protection supervisory authority within the EU.

g) Right to object
You have the right to object to the processing of your data at any time for reasons arising from your particular situation; this also applies to profiling based on these provisions.

We will then no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing serves to assert, exercise, or defend legal claims.

If personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for such marketing purposes; this also applies to profiling insofar as it is related to such direct marketing. In the event of such an objection, we will no longer process your personal data for direct marketing purposes. To do so, simply send us an email.

h) Right of withdrawal
You have the option at any time to revoke your consent to the processing of your data with effect for the future without giving reasons. Revocation will not result in any disadvantages for you. To do so, simply send us an email.

However, such revocation does not affect the lawfulness of the processing carried out on the legal basis of Art. 6 (1) (a) GDPR up to the time of revocation.

To exercise your data subject rights, please send us an email to one of the above email addresses.

Protection of your personal data

We take state-of-the-art contractual, technical, and organizational security measures to ensure compliance with data protection laws and to protect the processed data against accidental or intentional manipulation, loss, destruction, or access by unauthorized persons.

The security measures include, in particular, the encrypted transmission of data between your browser and our server. For this purpose, 256-bit SSL (AES 256) encryption technology is used.

Your personal data is protected in the following ways (excerpt):

a) Maintaining the confidentiality of your personal data
In order to maintain the confidentiality of your data stored with us, we have taken various measures for access control and authorization control.

b) Maintaining the integrity of your personal data
To maintain the integrity of your data stored with us, we have taken various measures for disclosure control and Input control.

c) Maintaining the availability of your personal data
To maintain the availability of your data stored with us, we have taken various measures to control orders and availability.

The security measures in place are continuously improved in line with technological developments. Despite these precautions, we cannot guarantee the security of your data transmission to our website due to the uncertain nature of the internet. For this reason, any data transmission by you is at your own risk.

Protection of minors

Persons under the age of 16 may only provide us with personal information if they have the express consent of their legal guardians. This data will be processed in accordance with this privacy policy.

Server log files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

- Browser type and browser version
- Operating system used
- Referrer URL
- Host name of the accessing computer
- Time of the server request
- IP address

This data is not merged with other data sources.

The basis for data processing is our legitimate interest pursuant to Art. 6 (1) lit. f) GDPR.

Processing of your data in our online shop

Our website uses the Shopware 6 shop system from shopware AG (Ebbinghoff 10, 48624 Schöppingen, Germany). Below, we explain the specific processing of personal data by Shopware 6 when using our online shop.

When you visit our web shop, Shopware 6 automatically processes technical information to ensure the functionality and security of the website:

IP address (in anonymized form)
Browser type and browser version
Operating system
Referrer URL (the previously visited page)
Date and time of the request
Session IDs and cookies for session management

The legal basis for this is Art. 6 (1) lit. f GDPR (legitimate interest in the security and functionality of the shop).

The following personal data is processed for the purpose of processing orders and managing customer accounts:

Last name, first name
Email
Billing and delivery address
Phone number (if provided)
Payment information
Order history

Shopware 6 also processes payment data in the context of order fulfillment in order to execute purchase agreements. For this purpose, your payment information is transmitted to the payment service provider you have selected. Depending on the payment method, this may include the following:

Bank details (IBAN, BIC) or credit card details
Transaction data (payment status, reference number, amount)
Beneficial owner (tax data may be requested for corporate customers).

Payment providers involved may include (depending on selection and integration):

PayPal (PayPal (Europe) S.à r.l. et Cie, Luxemburg)
Mollie B.V., Amsterdam, Niederlande

The legal basis for this is Art. 6 (1) (b) GDPR (performance of a contract) and, where applicable, Art. 6 (1) (f) GDPR (interest in fraud protection and misuse detection).

Shopware 6 stores session information to manage the shopping cart and current user actions. To do this, Shopware sets the following types of cookies:

Essential cookies: Stores login and shopping cart contents
Session IDs: For identifying recurring sessions
Tracking cookies (if activated): Analysis of purchasing behavior
The use of non-essential cookies (e.g., for marketing and tracking) only takes place with your express consent (Art. 6 para. 1 lit. a GDPR).

When you use our contact form or submit support requests, Shopware 6 processes the following data:

Name, email address
Content of the request or message
Subject of the request
Meta data (e.g., IP address, time of the request)

Legal basis: Depending on the purpose, Art. 6 (1) (b) GDPR (to respond to customer inquiries) or Art. 6 (1) (f) GDPR (legitimate interest in processing inquiries).

Data transfer:

Payment processing: Transfer to the selected payment provider (see section on payment processing)
Shipping processing: Transfer of shipping data to logistics service providers (e.g., DHL, DPD, UPS)
Tax and accounting: Legally required transfer to tax and financial authorities
Marketing & analysis (only with consent): Transfer of anonymized/aggregated data for shop optimization

Legal basis: Art. 6 (1) (b) and (c) GDPR (performance of a contract and legal obligation).

No data will be transferred to third countries without your knowledge and express consent.

We only store your data for as long as is necessary for the respective purposes, which may include:

Data type	Storage period
Order and payment data	6–10 years (tax and commercial law retention periods)
Registered customer accounts	Permanent, until account deletion
Cookies (essential)	Until end of session / max. 12 months
Contact form inquiries	6 months
Log data (e.g., IP addresses)	6 months

After the storage period has expired, your data will be securely deleted or anonymized.

Transfer of your data to shipping service providers

The personal data we collect will be passed on to the transport company responsible for delivery within the scope of contract processing, insofar as this is necessary for the delivery of the goods.

The goods are delivered by the transport service providers DHL (DHL Paket GmbH, Sträßchensweg 10, 53113 Bonn) or DPD (DPD Deutschland GmbH, Wailandtstraße 1, 63741 Aschaffenburg). If you have given us your consent during the ordering process, we will pass on your email address to DHL in accordance with Art. 6 (1) lit. a GDPR before the goods are delivered for the purpose of coordinating a delivery date or to notify you of the delivery. Other-wise, we will only pass on the name of the recipient and the delivery address to DHL for the purpose of delivery in accordance with Art. 6 (1) lit. b GDPR. The data will only be passed on if this is necessary for the delivery of the goods. In this case, it is not possible to coordinate the delivery date with DHL in advance or to notify you of the delivery. Consent can be revoked at any time with future effect by contacting us or the transport service provider DHL.

Use of Endereco for address validation

We use the "Endereco" service from Endereco GmbH (Balthasar-Neumann-Straße 4b, 97236 Randersacker, Germany) on our website for address validation during the purchase process to ensure that the address data you have entered is correct. This serves to avoid incorrect deliveries and shipping problems.

During the ordering process, the address data you enter (e.g., street, house number, postal code, city, country) is transmitted to Endereco. There, it is checked whether the address exists or whether there are any spelling mistakes, incomplete information, or incorrect postal codes. Address validation is carried out on the basis of Art. 6 (1) lit. f GDPR (legitimate interest). Our legitimate interest lies in ensuring the quality of the address data, avoiding incorrect deliveries, and optimizing the shipping process.

The data transmitted to Endereco is only processed for validation purposes and is not stored. Endereco does not permanently store or further process the address data. Furthermore, no other personal data, such as orders or payment information, is passed on to Endereco.

Endereco processes the transmitted data exclusively within the EU in compliance with the applicable data protection regulations.

Further information on data processing by Endereco can be found in Endereco's privacy policy: https://www.endereco.de/en/data-protection/

Integration of the Trusted Shops Trustbadge / other widgets

We use the Trusted Shops Trustbadge on our website to display our seal of approval and any customer reviews and to offer visitors the Trusted Shops buyer protection services after placing an order. When you visit the website, a connection to the servers of Trusted Shops GmbH (Subbelrather Str. 15C, 50823 Cologne, Germany) is automatically established.

The following access data is collected:

Your IP address,
date and time of access,
amount of data transferred,
the source/reference from which you accessed our site,
your browser and operating system.

This data is processed on the basis of our legitimate interest (Art. 6 (1) (f) GDPR) in increasing the reliability and trustworthiness of our online shop and optimizing our offering. The server log files are automatically deleted no later than seven days after collection.

If you place an order in our web shop and give your consent to Trusted Shops buyer protection or a review, we may transfer personal data to Trusted Shops. Processing is then carried out on one of the following legal bases, depending on the case:

Fulfillment of a contract (Art. 6 para. 1 lit. b GDPR): If you decide to use Trusted Shops services (e.g., buyer protection or rating system), Trusted Shops will process your email address, order number, and order details in order to provide you with these protection or rating services.
Legitimate interest (Art. 6 (1) (f) GDPR): Trusted Shops may process data for transaction security and abuse prevention purposes.
Consent (Art. 6 (1) (a) GDPR): After placing your order, you may receive an invitation by email to rate your purchase. However, this will only happen if you have given your express consent beforehand.

Further information on data processing by Trusted Shops can be found in their privacy policy at: https://www.trustedshops.de/impressum/#datenschutz.

Storage period: The server log files collected by Trusted Shops are automatically deleted after seven days at the latest. Data collected in connection with an order or a review is stored exclusively in accordance with the Trusted Shops data guidelines.

Cookies

Cookies are small text files that are stored locally in the cache of your internet browser. Cookies enable, for example, the recognition of the internet browser. The files are used to help the browser navigate through the website and to make full use of all functions.

Cookies that are necessary for the electronic communication process or to provide certain functions you have requested (e.g., shopping cart function) are stored on the basis of Art. 6 (1) lit. f) GDPR. The website operator has a legitimate interest in storing cookies for the technically error-free and optimal provision of its services. If other cookies (e.g., cookies for analyzing your surfing behavior) are stored, these are treated separately in this privacy policy.

We may therefore store cookies on your device if they are absolutely necessary for the operation of our website. For all other types of cookies, we require your permission. Our website uses different types of cookies. Some cookies are placed by third parties that are used on our pages.

You can change or revoke your consent at any time on our website. Please provide your consent ID and the date when you contact us regarding your consent.

Your consent applies to the following domains:
www.formmed.de
Your current consent status:
Your consent ID:
Consent date:
Change your consent | Withdraw your consent

Cookie consent tool

On our website, we use the Cookiebot service from Usercentrics A/S (Havnegade 39, 1058 Kopenhagen, Dänemark) to inform you about the use of cookies and to manage your consent in a legally compliant manner.

Cookies are set for this purpose to record and store your consent. The following data is processed:

Your IP address (in anonymized form)
Date and time of your consent
Browser information
An anonymous, random identifier
The consent status data (which cookies you have accepted or rejected).

This data is processed on the basis of Art. 6 (1) (c) GDPR (compliance with a legal obligation) and Art. 6 (1) (f) GDPR (legitimate interest in user-friendly and legally compliant cookie management).

Your consent data is stored for 12 months and then automatically deleted.

Cookiebot stores your data within the Europäischen Union and does not pass it on to third parties. You can change or revoke your consent to the services used on the website at any time by adjusting your cookie settings here..

Further information on data processing by Cookiebot can be found in the privacy policy of Usercentrics A/S: https://www.cookiebot.com/en/privacy-policy/.

Website hosting

We use the system of the following provider to host our website and display the page content: ScaleCommerce GmbH (Horstweg 24, 14059 Berlin, Germany).

All data collected on our website is processed on the provider's servers. We have concluded a data processing agreement with the provider that ensures the protection of our website visitors' data and prohibits unauthorized disclosure to third parties.

Data is transferred to a third country (here USA) or an international organization. Since July 2023, there has been an adequacy decision by EU-Kommission (Data Privacy Framework), which identifies USA as a third country with a level of data protection comparable to that of the EU. The adequacy decision can now serve as the basis for data transfers to certified organizations in USA. According to the list of certified companies published by US Department of Commerce, Google LLC is listed as a certified company.

Use of Google services on our site

We use the services of Google Google Ireland Limited (Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland) on our website.

All processing described in connection with the use of Google services is carried out exclusively on the basis of your express consent in accordance with Art. 6 (1) lit. a GDPR in conjunction with § 25 TDDDG. You can revoke your consent at any time with effect for the future. To exercise your right of revocation, please deactivate these services using the "Cookie Consent Tool" provided on the website.

- We have concluded a so-called data processing agreement with Google, which obliges Google to protect the data of our website users and not to pass it on to third parties.

To ensure compliance with European data protection standards, even in the event of any transfer of data from the EU or EWR to USA and possible further processing there, Google refers to the so-called standard contractual clauses of the Europäischen Com-mission, which we have contractually agreed with Google.

Since July 2023, there has been an adequacy decision by the EU-Commission (Data Privacy Framework), which identifies USA as a third country with a level of data protection comparable to that of the EU. The adequacy decision can now serve as the basis for data transfers to certified organizations in USA. According to the list of certified companies published by US Department of Commerce, Google LLC is listed as a certified company.

Further legal information on Google, including a copy of the standard contractual claus-es mentioned, can be found at https://policies.google.com/privacy?hl=en and at https://policies.google.com/technologies/partner-sites?hl=en.

The following Google services are used on our website:

Google Analytics 4

We use Google Analytics 4 on our website to analyze website usage.

The version we use employs so-called "cookies." Cookies are text files that are stored on your device and enable analysis of your use of a website. The information collected by cookies about your use of the website is usually transmitted to an Google server, where it is stored and processed. The transmission of information to the servers of the company Google LLC, based in USA, cannot be ruled out. Google LLC processes the data for its own purposes and may use it to compile comprehensive information about you.

The IP address transmitted by your device is always collected and processed anonymously by default and automatically, so that the collected information cannot be directly linked to you as an individual. Google truncates the IP address within member states of the Europian Union (EU) or other contracting states of the Agreement on the Europian Economic Area (EWR) by removing the last digits.

By using Google Analytics on our website, extensive information is used to evaluate user behavior on our website, to compile reports on your website activities or usage behavior, and to provide us with other services related to your website usage and Internet usage. Furthermore, the "demographic characteristics" function collects statistics on the age, gender, and interests of website users based on an evaluation of interestrelated advertising and with the help of third-party information. These serve the purpose of enabling us to carry out target group-oriented marketing measures. However, the data collected in this way cannot be assigned to a specific person and therefore cannot be assigned to you personally.

We also use the "UserIDs" function as an extension of Google Analytics 4.

By assigning individual UserIDs, we can generate cross-device reports (known as "cross-device tracking") using Google. If you have created a personal account by regis-tering on this website and are logged into your personal account on various devices using your login details, your user behavior will also be analyzed across devices. The data collected in this way shows, among other things, on which device you first clicked on an ad and on which device the relevant conversion took place.

We also use the Google Signals service as an extension of Google Analytics 4.

With Google Signals, we can also have Google generate cross-device reports (so-called "cross-device tracking"). If you have activated "personalized ads" in your Google ac-count and linked your Internet-enabled devices to your Google account, Google can analyze usage behavior across devices and create database models based on this. Among other things, the data shows on which device you first clicked on an ad and on which device the relevant conversion took place. We only receive statistics created on the basis of Google Signals. You have the option of deactivating the "personalized ads" function in the settings of your Google account, thereby disabling cross-device analysis in connection with Google Signals.

The data collected in connection with the use of Google Analytics 4 is stored for 2 months and then deleted.

Google Ads conversion tracking

We use the online advertising program "Google Ads" on this website and conversion tracking within the scope of Google Ads. By using Google Ads, we can draw atten-tion to our offers on external websites with the help of advertising material (so-called Google Adwords) and also measure the success of this advertising campaign. We do this in order to be able to show you advertising tailored to your needs.

If a user clicks on an ad placed by Google, a cookie (small text file) for conversion tracking is set on their device. These cookies usually expire after 30 days and are not used for personal identification. The cookie enables us to recognize, with the help of Google, that the user was redirected to our site by clicking on the ad.

Cookies cannot therefore be tracked beyond the websites of Google Ads customers. The information collected is used to generate conversion statistics that provide us with information about the total number of users who clicked on our ad and were redirected to a page tagged with a conversion tracking tag. However, we do not receive any information that can be used to personally identify users.

Google Ads Remarketing

Our website uses the functions of Google Ads Remarketing. This allows us to advertise this website in Google search results and on third-party websites.

For this purpose, Google places a cookie in the browser of your device, which automatically enables interest-based advertising using a pseudonymous cookie ID and based on the pages you have visited.

Any further data processing only takes place if you have agreed to Google linking your internet and app browsing history to your Google account and using information from your Google account to personalize the ads you see on the web. In this case, if you are logged in to Google while visiting our website, Google will use your data together with Google Analytics data to create and define target group lists for cross-device remarketing. To do this, your personal data will be temporarily linked to Google Analytics data by Google in order to form target groups.

Details on the processing initiated by Google Ads Remarketing and Googles's handling of data from websites can be found here: https://policies.google.com/technologies/partner-sites?hl=en.

Google Tag Manager

We use a service called Google Tag Manager. This is a support service and only processes personal data for technically necessary purposes. Google Tag Manager ensures that other components are loaded, which in turn may collect data. Google Tag Manager does not access this data.

Meta-Pixel for the creation of custom audiences with extended data matching

- Within our online offering, the so-called "Meta-Pixel" of the social network Facebook is used in the mode of extended data matching, which is operated by Meta Platforms Ireland Ltd. (4 Grand Canal Quare, Dublin 2, Ireland), ("Facebook").

When a user clicks on an advertisement displayed on Facebook, an addition is made to the URL of our linked page by Meta-Pixel. This URL parameter is then supplemented by our website after redirection to the user's browser by setting a cookie. In addition, this cookie collects specific customer data, such as the email address, which we collect on our website linked to the Facebook advertisement during transactions such as pur-chases, account logins, or registrations (extended data matching). The cookie is read by Meta-Pixel, enabling the data, including specific customer data, to be forwarded to Meta.

With the help of Meta-Pixel with extended data matching, Meta is able to precisely de-termine the visitors to our online offering as a target group for the display of ads (so-called "Facebook ads"). This allows us to display the Facebook ads we place only to Facebook users who have also shown an interest in our online offering or who have certain characteristics (e.g., interests in certain topics or products, which are determined based on the websites visited) that we transmit to Meta (so-called "custom audiences").

By using the pixel, we also want to ensure that our Facebook ads correspond to the potential interests of users and do not appear intrusive. This allows us to further evaluate the effectiveness of Facebook advertisements for statistical and market research purposes by tracking whether users were redirected to our website after clicking on an Facebook advertisement (so-called "conversion"). We can thus better measure the effectiveness of our advertising campaigns by recording more attributed conversions.

All transmitted data is stored and processed by Meta so that it can be linked to the respective user profile and Facebook can use the data for its own advertising purposes in accordance with the Facebook data use policy (https://www.facebook.com/about/privacy/). The data may enable Facebook and its partners to place advertisements on and outside of Facebook. For this purpose, we have entered into a joint responsibility agreement with Meta in accordance with Art. 26 GDPR.

These processing operations are carried out exclusively with the express consent of the data subject in accordance with Art. 6 (1) (a) GDPR in conjunction with § 25 TDDDG.

The information generated by Meta-Pixel is usually transferred to a server of Meta and stored there, whereby it may also be transferred to the servers of Meta Inc in USA. Since July 2023, there has been an adequacy decision by the EU-Commission (Data Privacy Framework), which identifies USA as a third country with a level of data protection comparable to that of the EU. The adequacy decision can now serve as a so-called appropriate safeguard pursuant to Art. 45 GDPR for data transfers to certified organizations in USA. According to the list of certified companies published by US Department of Commerce, Meta Inc is listed as a certified company.

You can object to the storage and evaluation of data by Meta at any time. Simply click on Cookie Settings and move the slider for the "Marketing" cookie category to the left in the cookie banner. Then click on the "Accept selection" button.

Newsletter/existing customer advertising

If you subscribe to our email newsletter, we will send you regular information about our offers. Personal data is collected for this purpose. The only mandatory information required to send the newsletter is your email address. The provision of any further data is voluntary and will be used to address you personally. We use this data for our own advertising purposes in the form of the email newsletter, provided you have expressly given your consent to this.

We use the double opt-in procedure to send the newsletter. This means that we will only send you an email newsletter once you have expressly confirmed your consent to receive the newsletter. We will then send you a confirmation email asking you to confirm that you wish to receive the newsletter in the future by clicking on the correspond-ing link.

By activating the confirmation link, you give us your consent to use your personal data in accordance with Art. 6 (1) (a) GDPR. When you register for the newsletter, we store your IP address entered by your Internet service provider (ISP) as well as the date and time of registration in order to be able to trace any possible misuse of your email ad-dress at a later date.

You can unsubscribe from the newsletter at any time using the link provided in the newsletter or by sending us a message to info@formmed.de. Once you have unsubscribed, your email address will be immediately deleted from our newsletter distribution list and added to a block file to ensure that your withdrawal is respected.

We use the contact details of our existing customers (e.g., name, address, email address) to provide information about our products and services via email or postal advertising. This processing is carried out on the basis of Article 6(1)(f) GDPR (legitimate interest) and, in the case of advertising measures by email, in accordance with the provisions of Section 7(3) UWG (German Unfair Competition Act). Our legitimate interest is to make relevant offers and maintain a long-term customer relationship.

Personal data will only be stored for as long as is necessary for the stated purpose (existence of the customer relationship) or until you object to its use.

You have the right to object to the use of your data for advertising purposes at any time. You can do this informally by contacting us using the contact details above. Upon receipt of your objection, we will no longer use your data for advertising purposes.

Social networks

In addition to this online offering, we also maintain a presence on various social media platforms, which you can access via the corresponding buttons on our website. When you visit such a presence, personal data may be transmitted to the social network provider. It is possible that, in addition to storing the data you specifically enter in this social medium, further information may also be processed by the social network provider.

For more information, please see our social media privacy policy.

Changes to our privacy policy

We reserve the right to amend our privacy policy at short notice so that it always complies with current legal requirements or to implement changes to our services. This may, for example, relate to the introduction of new services. The new privacy policy will then apply to your next visit.