DATA PROTECTION

In this Privacy Policy, Saphenus Medical Technology GmbH (“Saphenus”) sets forth its practices with respect to information collected from customers.

Competent authority within the meaning of the General Data Protection Regulation (GDPR): dsb Data Protection Authority of the Republic of Austria.

Purpose of data processing
We will process your personal data for the following purposes:

for the establishment, administration and processing of the business relationship or processing of the contract concluded with you
to strengthen the existing customer relationship or to establish a new customer relationship or to approach prospective customers, including information about current products and services from our product range
User rights

You have the following rights:
To request confirmation of whether and to what extent your personal data is being used and processed, as well as access to the personal data stored about you and additional information

Request a copy of the personal data you have voluntarily provided to us in a structured, common and machine-readable format
Request a correction of the personal data we have stored about you
Request the deletion of your personal data
Object to the processing of your personal data by us
Request the restriction of the processing of your personal data by us
File a complaint with a supervisory authority
Please note, however, that these rights are not unlimited and are subject to our own legitimate interests as well as government regulations.
If you would like to exercise any of the rights listed here or would like further information, please contact our data protection officer at:

Mag. Rainer Schultheis, EMail: rainer.schultheis@nullsaphenus-med.com.

Storage
We will retain your personal information for as long as is necessary to provide our services, comply with legal obligations, and resolve disputes and enforce our policies. Retention periods are based on the type of data collected and the purpose for which it was collected, taking into account both case-specific circumstances and the need to delete outdated, unused information as soon as possible. We store records containing personal data of customers, account set-up documents, communications and other data in accordance with applicable laws and regulations.

We may, at any time and in our sole discretion, correct, complete or remove any incomplete or inaccurate data.

Basis for data collection
The processing of your personal data (i.e., any data that can reasonably be used to identify you; “personal data”) is necessary to fulfill the contract entered into with you. (Art. 6 para. 1 lit. b DSGVO).

In addition, we process your personal data on the basis of our overriding, legitimate interest in achieving the purposes stated under the point “Purpose of data processing” (Art. 6 para. 1 lit. f DSGVO). Further, so that we can provide you with our services, protect our legitimate interest, and comply with legal and financial regulatory obligations to which we are subject.

What data is collected?
We collect personally identifiable information, which is information that identifies or can be used to identify an individual through reasonable measures. Such data includes:

Name, salutation/gender/title
Address
Email
In the case of active business relationships additionally:
Contract data (payment and service behavior, country of origin, UID, powers of representation and contact persons)
Clearing and payment data (bank details, payment terms, creditworthiness, blocking indicators, credit information)
Excerpts from the register (companies register, credit protection association)
Correspondence
How do we obtain data about you?
We obtain your personal data from various sources:

You provide us with such data voluntarily, for example when registering on our website.
We receive such data from other providers, services and from public registers (for example, data traffic analysis providers).
How is the data used? To whom is the data passed on?
We do not share user information with third parties except as described in this Privacy Policy.

We use data for the following purposes:

To communicate with you (send notices regarding our services, provide technical information, and handle customer service requests, if applicable).
For contract management (inventory contracts, purchase / sale)
For the execution of payment transactions
For the conduct of daily business
For the fulfillment of corporate and tax law documentation purposes
For the initiation of business within the scope of own business activities
For information about new products and services
In addition to the various uses listed above, we may also share personal information with our subsidiaries, affiliates and subcontractors.

In addition to the purposes set forth in this Privacy Policy, we may share personal information with our trusted third-party vendors for the following reasons:

Banks for the processing of payment transactions
Legal representative in business case
Chartered accountant and tax consultant
Dishes
Competent administrative authorities, esp. Financial authorities
Debt collection agency
Third-party financiers such as leasing or factoring companies and assignees, insofar as the delivery or service is financed externally in this way
Contractual or business partners who are involved or are to be involved in the delivery or service
Insurance on the occasion of the conclusion of an insurance contract for the delivery/service or the occurrence of an insured event
Federal Agency “Statistics Austria” for the compilation of (official) statistics required by law
Group management of the client, suppliers, commercial customers and major customers
Customers (recipients of services)
IT service providers or service companies used by us
Some of the recipients mentioned above may be located outside of Austria or may process your personal data outside of Austria. The level of data protection in other countries may not correspond to that in Austria. We therefore take measures to ensure that all recipients provide an adequate level of data protection.

We may also disclose data when we have a good faith belief that doing so will be helpful or appropriate to: (i) comply with any applicable law, regulation, legal process or governmental request; (ii) enforce our policies (including our Agreement) and investigate possible violations thereof, if any; (iii) investigate, detect, prevent, or take action regarding illegal activities or other misconduct, suspected fraud, or security issues; (iv) assert or enforce our own legal claims or defend ourselves against the claims of others; (v) protect the rights, property or safety of us, the safety of our users, your safety or the safety of any third party; or to (vi) cooperate with law enforcement authorities and/or protect intellectual property or other legal rights.

Marketing
We may use your personally identifiable information, such as your name, email address, phone number, etc., ourselves or share it with a third-party subcontractor to provide you with promotional materials regarding our services that may be of interest to you.

We respect your right to privacy. Therefore, you will always be given the opportunity to unsubscribe from further mailings in these marketing materials. If you unsubscribe, your email address or phone number will be removed from our marketing distribution lists.

Note that even if you opt out of receiving our marketing emails, we will continue to send you emails with important information that do not include an unsubscribe option. This includes maintenance messages or administrative notifications.

Corporate transaction
We may share data in the event of a corporate transaction (e.g., sale of significant parts of a company, merger, consolidation, or asset sale). In the event that any of the above occurs, the acquirer or the relevant company shall assume the rights and obligations set forth in this Privacy Policy.