Privacy Policy

MIRAmedtech Shop Privacy Policy

Information obligation pursuant to article 13 of the DPA

In accordance with Article 13(1) of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter: DPA), we inform you that:

1) The controller of your personal data is MIRAmedtech with its registered office in Königsbach-Stein at Heckwiesenweg 1.

2) In matters of data protection you can contact us at shop@miramedtech.com or at the postal address in paragraph 1

3) Purposes and grounds for processing personal data

The controller processes personal data in order to:

(a) providing the service electronically, maintaining the account of the User of the online shop, including transactions and payments. The legal basis for data processing is the performance of a contract (Article 6(1)(b) of the RODO),

b) sales of products offered by MIRAmedtech online shop. The legal basis for data processing is the performance of the contract (Article 6(1)(b) RODO),

c) to provide proper service to the Store's users, in particular as part of communication with users as part of the order processing process (Article 6(1)(b) RODO),

d) to handle complaints submitted by users, return of benefits in the event of withdrawal from the contract and defence in the event of the occurrence of mutual claims. The legal basis for data processing is the legitimate interest of the Administrator - (Article 6(1)(f) RODO),

e) sending commercial information by electronic means - only in the case of the User's consent. The legal basis for data processing is consent (Art. 6(1)(a) RODO),

f) handling requests and enquiries during conversations, telephone contacts, e-mail correspondence, correspondence within electronic forms. Providing answers to the sent questions, conducting correspondence. The legal basis for data processing is the legitimate interest of the Administrator - (Article 6(1)(f) RODO),

g) for analytical purposes (e.g.: optimisation of our products on the basis of your comments about them, your interest, application technical logs; optimisation of service processes on the basis of sales and after-sales service processes. The legal basis for data processing is the legitimate interest of the Administrator - (Article 6(1)(f) RODO),

4) Recipients of the data

We may share your personal data with the following categories of entities:

a) Persons authorised by the Administrator - employees and associates;

b) Entities to whom the Administrator entrusted the processing of personal data (processors) on the basis of concluded contracts;

c) Entities to which the Administrator will be obliged to make the data available on the basis of legal provisions;

d) Data recipients such as: couriers, banks, Internet payment operators.

5) Transfer of data to third countries or international organisations

Your personal data will be transferred outside the European Economic Area to Google LLC, Facebook, The Rocket Science Group LLC d/b/a MailChimp (if you agree to the newsletter) providing an adequate level of protection as established by the European Commission's decision under Directive 95/46/EC on the adequacy of protection provided by the EU-US Privacy Shield

6) Data retention period

a) Personal data related to the performance of the sales contract will be processed for a period related to the performance of the contract, as well as the exercise of the parties' rights under the substance of the contract,

b) Personal data processed for marketing purposes will be processed until the withdrawal of consent to their processing, and in the absence of withdrawal of consent, until the completion of this service by the Administrator.

c) Personal data processed in connection with an enquiry shall be stored, depending on the nature of the enquiry, either for the duration of the sales contract service or for the period necessary to provide the person with a definitive answer.

d) Personal data processed in connection with the assertion of claims in connection with the performance of a contract shall be processed for the duration of the claim,

e) Personal data processed in order to comply with legal obligations, including in particular tax and accounting obligations, shall be processed for the period resulting from the legal provisions

f) Personal data shall be processed for a maximum period of 10 years from the date of completion of the contract.

g) Personal data used for analytical purposes shall be stored for a maximum period of 14 months

7) Your rights

You have the right

a) To request access to your personal data, rectification, erasure or restriction of processing,

b) to object to the processing of your personal data,

c) to have your personal data transferred;

d) to withdraw your consent to the processing of personal data at any time, without affecting the lawfulness of the processing of personal data, which was carried out on the basis of consent before its withdrawal (withdrawal of consent may take place in any form, including via the designated email address shop@miramedtech.com)

e) to lodge a complaint to the supervisory authority

Your personal data will be processed in an automated manner (including in the form of profiling), however this will not have any legal effect on you or similarly significantly affect your situation.

8) Information about the requirement/voluntariness of providing data

Providing personal data by the Store user is voluntary, nevertheless, lack of such data may prevent the service of the order processing.

9) Protection of processed personal data

The processing of personal data takes place in a set of personal data, which is treated as a database with a high level of security, stored on a server protected against remote (IT) access as well as physical access. Moreover, all persons processing personal data for the purposes of the Store, who are employees of the Administrator, have the appropriate authorisations issued in accordance with Article 29 of the DPA and have signed a declaration on keeping personal data confidential.

Privacy protection

We ensure that our Customers fully respect their privacy and protect their personal data.

Transmission protection Sensitive data - in particular passwords of any kind - are transmitted via SSL encrypted protocol.

Server logs

In accordance with accepted practice of most websites, we store HTTP requests directed to our server. Viewed resources are identified by URL addresses. The exact list of information stored in web server log files is as follows:

the public IP address of the computer from which the request came (this can be directly the user's computer)

the name of the client station - identification performed by the http protocol, if possible

user name given in the authorization process,

time of the request's arrival,

first line of the http request

http response code

number of bytes sent by the server

the URL address of the page previously visited by the user (referer link), in case the user accessed the website of the Bureau via a link,

information about user's browser.

information about errors which occurred during HTTP transaction.

In order to ensure the highest possible quality of the service, we occasionally analyse log files in order to determine which pages are visited most often, which web browsers are used, whether the structure of the page does not contain errors, etc.

Use of data

The collected logs are stored for an indefinite period of time as support material for the administration of the service. The information contained in them shall not be disclosed to anyone except persons authorised to administer the server and the network. On the basis of log files statistics may be generated to assist in the administration. Aggregate summaries in the form of such statistics do not contain any identifying characteristics of visitors to the service.

Our Store also uses so-called "cookies". These files are stored on the Customer's computer by our server and provide statistical data about the Customer's activity in order to adjust our offer to the Customer's individual needs and tastes. The Customer may at any time disable the option of accepting cookies in his/her Internet browser, although he/she must be aware that in some cases disabling these files may make it difficult to use the offer of our Store. The cookie files stored on the Customer's computer store information on:

User sessions,