Privacy Policy & Imprint

Imprint

Cellex Cell Professionals GmbH
Melli-Beese-Str. 9-11
50829 Cologne
Phone: +49 221 2509 0
Fax: +49 221 2509 2998
cellex@cellex.me

Registration court: District Court Cologne
Register number: HRB 102599
Managing director: Prof. Dr. med. Gerhard Ehninger, Dr. Armin Ehninger
Tax Number: 217/5717/3013

Data Protection & Copyright

If there is an opportunity of entering personal data (email adresses, names, adresses) within this website, this is entirely voluntary. We explicitly declare that we will not pass this pata to third parties.

The Medical Device Safety Officer

MPS.Beauftragter@cellex.me

The Medical Device Safety Officer carries out the following tasks as a central office within the company:

1. contact person for authorities, manufacturers and distributors in connection with reports of risks of medical devices as well as in the implementation of safety corrective measures in the field and other necessary corrective measures,
2. coordination of internal processes to fulfill the reporting and cooperation obligations of users and operators and
3. coordinating the implementation of corrective actions and safety corrective actions.

Google Analytics

This website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about the use of the website will be transmitted to and stored by Google on servers in the United States.

In case IP-anonymisation is activated on this website, your IP adress will be truncated within the area of Member States of the European Union or other parties to the Agreement on the European Economic Area. Only in exceptional cases the whole IP adress will be first transfered to a Google server in the USA and truncated there. The IP-anonymisation is active on this website.

Google will use this information on behalf of the operator of this website for the purpose of evaluating your use of the website, compiling reports on website activity for the website operators and providing them other services relating to website activity and internet usage.

The IP-adress, that your browswer conveys within the scope of Google Analytics, will not be associated with any other data held by Google. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do you may not be able to use the full functionality of the website. You can also opt-out from being tracked by Google Analytics with effect for the future by downloading and installing Google Analytics Opt-out Browser Addon for your current web browser.

Disclaimer

Despite careful control, we assume no liability for the content of external links. The operators are exclusively responsible for the content of linked pages.

Data Privacy

I. Name and address of the Controller

The controller within the meaning of the General Data Protection Regulation (“GDPR”) and other national data protection laws is:

Cellex Cell Professionals GmbH

Melli-Beese-Str. 9-11
50829 Cologne
Phone: +49 221 2509 0
Fax: +49 221 2509 2998
Email: infocenter@cellex.me
Website: www.cellex.me

Represented by the Managing Directors Prof. Dr.med. Gerhard Ehninger, Dr. Armin Ehninger

II. Contact Details of the Data Protection Officerr

Data Protection Officer of Cellex Cell Professionals GmbH:

Phone: +49 221 2509 2985
Email: datenschutz@cellex.me
Website: www.cellex.me

III. General Information on Data Processing

1. Scope of the Processing of Personal Data

We generally process personal data of users of our website only to the extent necessary to provide a functional website and our content and services. Where processing is not technically or legally required, it is carried out only with the user’s consent.

2. Legal Basis for the Processing of personal data

Where we obtain the consent of the data subject for processing operations involving personal data, Art. 6(1)(a) GDPR serves as the legal basis.

Where information is stored on the user’s terminal equipment or access is obtained to information already stored on the user’s terminal equipment, the permissibility of such access is additionally governed by the applicable provisions of the German Telecommunications Digital Services Data Protection Act (“TDDDG”). Where this is based on consent, Sec. 25(1) TDDDG applies.

Where the processing of personal data is necessary for the performance of a contract or for the implementation of pre-contractual measures, Art. 6(1)(b) GDPR serves as the legal basis.

Where the processing of personal data is necessary for compliance with a legal obligation to which our company is subject, Art. 6(1)(c) GDPR serves as the legal basis.

Where processing is necessary for the purposes of a legitimate interest pursued by our company or by a third party and the interests, fundamental rights and freedoms of the data subject do not override that interest, Art. 6(1)(f) GDPR serves as the legal basis.

3. Data Erasure and Storage Period

The personal data of the data subject will be erased or its processing restricted as soon as the purpose of the processing no longer applies. Storage beyond this period will only take place where provided for by European or national legal provisions or where necessary for the establishment, exercise or defence of legal claims.

IV. Provision of the Website and Creation of Log Files

1. Description and Scope of Data Processing

Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing computer. The following data is collected:

information about the browser type and version used,

• the user’s operating system,
• the user’s IP address,
• date and time of access,
• page or file accessed,
• websites from which the user’s system accesses our website,
• websites accessed by the user’s system via our website,
• amount of data transferred,
• notification of successful or unsuccessful retrieval.

This data is also stored in the log files of our system. This data is not stored together with other personal data of the user.

Where IP addresses are processed in log files, they are shortened or anonymised in accordance with our technical configuration as soon as they are no longer required for the provision, stability and security of the website.

2. Legal Basis for Data Processing

The legal basis for the temporary storage of the data and log files is Art. 6(1)(f) GDPR.

. Purpose of the Data Processing

Temporary storage of the IP address by the system is necessary to deliver the website to the user’s device. Storage in log files is carried out to ensure the functionality of the website and to safeguard the security and stability of our information technology systems.

These purposes also constitute our legitimate interest in data processing pursuant to Art. 6(1)(f) GDPR.

4. Duration of Storage

The data will be erased or anonymised as soon as it is no longer necessary for achieving the purpose for which it was collected, unless statutory retention obligations apply or further storage is necessary to investigate or defend against a security incident.

5. Objection and Removal Options

The collection of data for the provision of the website and the storage of data in log files are strictly necessary for the operation of the website. Consequently, the user has no right to object in this respect.

IV. Provision of the Website and Creation of Log Files

1. Description and Scope of Data Processing

Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing computer. The following data is collected:

information about the browser type and version used,

• the user’s operating system,
• the user’s IP address,
• date and time of access,
• page or file accessed,
• websites from which the user’s system accesses our website,
• websites accessed by the user’s system via our website,
• amount of data transferred,
• notification of successful or unsuccessful retrieval.

This data is also stored in the log files of our system. This data is not stored together with other personal data of the user.

Where IP addresses are processed in log files, they are shortened or anonymised in accordance with our technical configuration as soon as they are no longer required for the provision, stability and security of the website.

2. Legal Basis for Data Processing

The legal basis for the temporary storage of the data and log files is Art. 6(1)(f) GDPR.

3. Purpose of the Data Processing

Temporary storage of the IP address by the system is necessary to deliver the website to the user’s device. Storage in log files is carried out to ensure the functionality of the website and to safeguard the security and stability of our information technology systems.

These purposes also constitute our legitimate interest in data processing pursuant to Art. 6(1)(f) GDPR.

4. Duration of Storage

The data will be erased or anonymised as soon as it is no longer necessary for achieving the purpose for which it was collected, unless statutory retention obligations apply or further storage is necessary to investigate or defend against a security incident.

5. Objection and Removal Options

The collection of data for the provision of the website and the storage of data in log files are strictly necessary for the operation of the website. Consequently, the user has no right to object in this respect.

V. Cookies, Consent Management and Similar Technologies

1. Description and Scope of Data Processing

Our website uses cookies and comparable technologies. These are pieces of information that are stored on the user’s terminal equipment or that enable access to information already stored on the terminal equipment. Comparable technologies may include, in particular, local storage, session storage, pixels, scripts or similar technical procedures.

We use technically necessary technologies to provide the website securely, reliably and in a user-friendly manner. In addition, we use technologies requiring consent only if the user has given prior consent.

We use the CookieFirst service to obtain, manage and document consent.

• In this context, the following data in particular may be processed:consent status and the user’s individual selection,
• timestamp of consent, refusal or withdrawal,
• technical information about the browser and device,
• language settings,
• pseudonymous identifiers,
• shortened or anonymised IP address,
• URL or domain on which consent was given,
• log data relating to the display and management of the consent banner.

2. Legal Basis for Data Processing

Technically necessary cookies and comparable technologies are used on the basis of Sec. 25(2) TDDDG. Where personal data is processed in this context, the processing is based on Art. 6(1)(f) GDPR, insofar as it is necessary for the secure, stable and user-friendly provision of the website.

Non-technically necessary cookies and comparable technologies are used only on the basis of consent pursuant to Sec. 25(1) TDDDG. Where personal data is processed in this context, Art. 6(1)(a) GDPR is the legal basis.

Where we document consent, this is carried out on the basis of Art. 6(1)(c) GDPR in conjunction with Art. 7(1) GDPR. In addition, the processing is based on Art. 6(1)(f) GDPR insofar as it is necessary for the technical and legally compliant management of consent.

3. Purpose of Data Processing

The use of technically necessary technologies serves the secure, stable and user-friendly provision of our website. Consent management serves to obtain, document and manage consent in a legally compliant manner and to technically implement the user’s selection.

4. DurationStorage

The specific storage period for individual cookies, consent information and similar technologies depends on their respective function and technical configuration. Unless configured otherwise, the consent decision is usually stored for up to 12 months and then requested again.

VI. Consent Management with CookieFirst

1. Provider

We use the consent management tool CookieFirst on our website. The provider is Digital Data Solutions B.V. (CookieFirst), Plantage Middenlaan 42a, 1018 DH Amsterdam, the Netherlands.

2. Purpose and Scope of Processing

CookieFirst is used to obtain, manage and document consent for the use of cookies and comparable technologies. Via CookieFirst, users may decide which categories or services they wish to consent to. Users may also change or withdraw their consent.

The data processed in connection with CookieFirst is described in Section V.

3. Legal Basis

The legal bases for the use of CookieFirst are set out in Section V.2 of this Privacy Policy.

4. Recipients

The recipient of the data is CookieFirst as a service provider. Where CookieFirst acts as a processor, processing is carried out on the basis of a data processing agreement pursuant to Art. 28 GDPR.

VII. Web Analytics with Matomo

1. Description and Scope of Data Processing

We use Matomo on our website, an open-source software for analysing the usage behaviour of our website visitors.

The following data in particular may be processed:

• shortened or masked IP address,
• pages and subpages accessed,
• date and time of access,
• referrer URL,
• duration of visit,
• frequency of page views,
• browser and device information,
• operating system used,
• screen resolution and language settings.

Matomo is used in a privacy-friendly configuration. The IP address is shortened or anonymised. As a result, it is not possible for us to directly assign the shortened IP address to a specific user.

2. Legal Basis for Data Processing

Where Matomo is used for analytics purposes, this is done on the basis of the user’s consent pursuant to Art. 6(1)(a) GDPR. Where information is stored on or accessed from the user’s terminal equipment in connection with Matomo, this is done on the basis of Sec. 25(1) TDDDG.

3. Purpose of Data Processing

The processing is carried out for the statistical evaluation of the use of our online offering, for reach measurement and for improving the user-friendliness and content of our website.

4. Duration of Storage

The data collected will be erased or anonymised as soon as it is no longer required for the purposes stated above. Unless a shorter storage period is configured, the data will be erased no later than after 180 days.

5. Withdrawal Option

The user may withdraw consent at any time with effect for the future via the cookie settings.

VIII. Embedded Content and Third-Party Providers

1. Vimeo

Video content from the provider Vimeo may be embedded on our website. The provider is Vimeo.com, Inc., 330 West 34th Street, 5th Floor, New York, NY 10001, USA.

When a page with embedded Vimeo content is accessed, personal data may be transmitted to Vimeo, in particular the IP address, technical browser and device information, information about the operating system, referrer URL and usage data in connection with playing the video.

If users are logged into Vimeo, Vimeo may associate the use of our website with the respective Vimeo account. This can be prevented by logging out of the Vimeo account before accessing the relevant content.

Vimeo content is embedded only after the user has given prior consent, insofar as this is technically and legally required.

The legal basis for the processing of personal data is Art. 6(1)(a) GDPR. Where information is stored on or accessed from the user’s terminal equipment in connection with Vimeo, this is done on the basis of Sec. 25(1) TDDDG.

The user may withdraw consent at any time with effect for the future via the cookie settings.

2. Social Feed / Elfsight

The Elfsight service may be used on our website to display social feed or widget content. The provider is Elfsight, SL.

Depending on the specific integration, personal data may be processed, in particular technical connection data, IP address, browser and device information, information about the operating system, referrer URL, information about the accessed subpage as well as usage and interaction data in connection with the embedded widget.

Elfsight may also use cookies or comparable technologies. Depending on the configuration, content or technical connections to the respective embedded social networks or platforms may also be affected.

Where content is loaded via Elfsight and is not technically necessary, it is embedded only after the user has given prior consent.

The legal basis for the processing of personal data is Art. 6(1)(a) GDPR. Where information is stored on or accessed from the user’s terminal equipment in connection with Elfsight, this is done on the basis of Sec. 25(1) TDDDG.

The user may withdraw consent at any time with effect for the future via the cookie settings.

3. Third-Country Transfers in Connection with Third-Party Services

Where personal data is transferred to countries outside the European Union or the European Economic Area in connection with embedded content or third-party services, such transfer is governed by the legal requirements of Art. 44 et seq. GDPR. General information on third-country transfers is provided in Section X.

VIII. Embedded Content and Third-Party Providers

1. Vimeo

Video content from the provider Vimeo may be embedded on our website. The provider is Vimeo.com, Inc., 330 West 34th Street, 5th Floor, New York, NY 10001, USA.

When a page with embedded Vimeo content is accessed, personal data may be transmitted to Vimeo, in particular the IP address, technical browser and device information, information about the operating system, referrer URL and usage data in connection with playing the video.

If users are logged into Vimeo, Vimeo may associate the use of our website with the respective Vimeo account. This can be prevented by logging out of the Vimeo account before accessing the relevant content.

Vimeo content is embedded only after the user has given prior consent, insofar as this is technically and legally required.

The legal basis for the processing of personal data is Art. 6(1)(a) GDPR. Where information is stored on or accessed from the user’s terminal equipment in connection with Vimeo, this is done on the basis of Sec. 25(1) TDDDG.

The user may withdraw consent at any time with effect for the future via the cookie settings.

2. Social Feed / Elfsight

The Elfsight service may be used on our website to display social feed or widget content. The provider is Elfsight, SL.

Depending on the specific integration, personal data may be processed, in particular technical connection data, IP address, browser and device information, information about the operating system, referrer URL, information about the accessed subpage as well as usage and interaction data in connection with the embedded widget.

Elfsight may also use cookies or comparable technologies. Depending on the configuration, content or technical connections to the respective embedded social networks or platforms may also be affected.

Where content is loaded via Elfsight and is not technically necessary, it is embedded only after the user has given prior consent.

The legal basis for the processing of personal data is Art. 6(1)(a) GDPR. Where information is stored on or accessed from the user’s terminal equipment in connection with Elfsight, this is done on the basis of Sec. 25(1) TDDDG.

The user may withdraw consent at any time with effect for the future via the cookie settings.

3. Third-Country Transfers in Connection with Third-Party Services

Where personal data is transferred to countries outside the European Union or the European Economic Area in connection with embedded content or third-party services, such transfer is governed by the legal requirements of Art. 44 et seq. GDPR. General information on third-country transfers is provided in Section X.

IX. Contact by Email and Applications

1. Description and Scope of Data Processing

It is possible to contact us via the email addresses and contact details provided on our website. In this case, we process the personal data transmitted with the enquiry by the user.

The following data in particular may be processed:

• name,
• email address,
• telephone number,
• company or organisation,
• content of the message,
• further information voluntarily provided by the sender,
• technical communication data.

In this context, data is not disclosed to third parties unless this is necessary to process the respective matter. The data is used to process the enquiry and the related correspondence.

2. Legal Basis for Data Processing

The legal basis for the processing of data transmitted in the course of contacting us is generally Art. 6(1)(f) GDPR. Our legitimate interest lies in processing the enquiry addressed to us and communicating with the sender.

If the contact is aimed at concluding or performing a contract, Art. 6(1)(b) GDPR is an additional legal basis.

Where statutory retention obligations apply, Art. 6(1)(c) GDPR is the legal basis.

3. Applications by Email

If users send us application documents by email, we process the personal data contained therein for the purpose of conducting the application process. The legal basis is Art. 6(1)(b) GDPR and Sec. 26 of the German Federal Data Protection Act (“BDSG”), insofar as processing is necessary for the decision on the establishment of an employment relationship.

Application data is generally erased no later than six months after completion of the application process, unless statutory retention obligations apply, consent has been given for longer storage or further storage is necessary for the establishment, exercise or defence of legal claims.

4. Purpose of Data Processing

The processing serves to handle the contact request, the related correspondence, the processing of applications and, where applicable, the implementation of pre-contractual measures or contractual relationships.

5. Duration of Storage

The data is erased as soon as it is no longer necessary for achieving the purpose for which it was collected and no statutory retention obligations apply. Business correspondence may be subject to retention obligations under commercial or tax law.

6. Objection and Removal Options

The user may object at any time to the processing of their personal data in connection with contacting us, insofar as the processing is based on Art. 6(1)(f) GDPR. In such a case, the conversation may not be able to continue.

X. Third-Country Transfers

Personal data is transferred to countries outside the European Union or the European Economic Area only where the specific requirements of Art. 44 et seq. GDPR are met.

This may in particular be the case where we use third-party services on our website. Such a transfer is carried out only on the basis of the legally provided safeguards, in particular:

• an adequacy decision by the European Commission,
• appropriate safeguards pursuant to Art. 46 GDPR, in particular by concluding standard contractual clauses,
• or, where applicable, another legally permissible derogation.

Where a third-country transfer takes place in connection with individual services, we provide information on this in the respective sections of this Privacy Policy to the extent required under data protection law. Further information on any third-country transfers and the safeguards in place may be requested using the contact details stated above.

XI. No Automated Decision-Making

We do not use automated decision-making, including profiling, within the meaning of Art. 22 GDPR on our website.

XII. Rights of Data Subjects

Where personal data concerning you is processed, you are a data subject within the meaning of the GDPR. You have the following rights in particular vis-à-vis the controller:

1. Right of Access

You may request confirmation from the controller as to whether personal data concerning you is being processed. Where such processing exists, you may request access to this personal data and the information specified in Art. 15 GDPR.

2. Right to Rectification

You have the right to rectification and/or completion if the processed personal data concerning you is inaccurate or incomplete.

3. Right to Restriction of Processing

Subject to the statutory requirements, you have the right to request restriction of the processing of your personal data.

4. Right to Erasure

You may request that personal data concerning you be erased without undue delay, provided that the statutory requirements of Art. 17 GDPR are met.

5. Right to Notification

If you have exercised your right to rectification, erasure or restriction of processing, the controller is obliged to notify all recipients to whom the relevant personal data has been disclosed, where this is required by law.

6. Right to Data Portability

You have the right to receive the personal data concerning you that you have provided to the controller in a structured, commonly used and machine-readable format, provided that the statutory requirements are met.

7. Right to Object

You have the right, on grounds relating to your particular situation, to object at any time to the processing of personal data concerning you where the processing is based on Art. 6(1)(e) or Art. 6(1)(f) GDPR.

The controller will then no longer process the personal data concerning you unless the controller demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the establishment, exercise or defence of legal claims.

8. Right to Withdraw Consent

You have the right to withdraw data protection consent at any time with effect for the future. The lawfulness of processing carried out on the basis of consent before its withdrawal remains unaffected.

9. Right to Lodge a Complaint with a Supervisory Authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority if you consider that the processing of your personal data infringes the GDPR.

The supervisory authority responsible for us is:

Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen
Postfach 20 04 44
40102 Düsseldorf
Germany
Phone: +49 211 38424-0
Email: poststelle@ldi.nrw.de
Website: www.ldi.nrw.de

XIII. Current Version and Amendments to this Privacy Policy

We reserve the right to amend this Privacy Policy if the data processing on our website changes or if legal, technical or organisational changes make an amendment necessary. The current version published on our website applies.