Last Updated: December 1, 2022
In this and the following section summaries, we have placed the legal information in a more accessible and abbreviated form. For complete information, please read the text in the section to the right.
This Policy is intended to help you understand:
- why we collect your personal data;
- how we collect, use and store your personal data;
- which rights relating to your personal data you have;
- how you can exercise the rights relating to your personal data;
- how we share and disclose your personal data;
Alpha Dent Implants GmbH is located in the Federal Republic of Germany.
- disclosure by transmission;
- dissemination or otherwise making available;
- alignment or combination;
- restriction; and
- erasure or destruction.
You can be our visitor or client:
- You are a Visitor when you merely browse our Website and provide your data primarily via cookies or other tracking technologies;
- You are a client or client’s representative (‘Client’) when you submit your (or third-party’s) personal data via the Website’s forms, email, social media or in any other way with the purpose to learn more about or obtain our services.
When you submit your personal data to us, you may be asked to consent to our processing of the personal data you provide, as explained in this Policy, to enable us to provide you with the information requested if no other legal ground can be used.
To facilitate your understanding of this Policy, we explain the usage of the definitions listed here under the GDPR.
We use the following definitions in this Policy:
“data controller” means the natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data is processed.
“data processor” means the natural or legal person who processes personal data on behalf of the data controller.
“data subject” is any living individual who submits personal data to us.
“personal data” means any information relating to you and helping identify you (directly or indirectly) such as your name, last name, email, location data, etc.
“processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
“joint controllers” means two or more controllers jointly determining the purposes and means of processing.
The definitions of terms used within this Policy are taken from the GDPR.
We collect and process the information about you or obtained from you under this Policy. In this section, you can learn more about what personal data may be collected when you visit the website, use our application, or interact with us in other ways.
We collect two basic types of information about you in connection with our services: client data, and visitor data, which relate to Clients and Visitors, respectively. In particular, we collect:
(a) Contact Information. We can collect some personal data when you submit your personal data via the Website’s forms, social media, messengers, or email to contact or to obtain our services and when you stop by our pavilion at an industry event or a fair to connect for future business cooperation. Such data may include name, email, title and any other information you may provide us via available contact options.
We use the personal data we collected and the personal data you provided us with or requested us to collect only for the purposes listed in this Policy. We may share your personal data with third parties solely for the purposes listed herein.
We DO NOT sell your data. We DO NOT use automated decision-making and profiling.
We DO NOT intentionally collect and process any sensitive personal data. Please, refrain from sharing your or third-party sensitive personal data with us.
Grounds for processing
Our grounds for processing your personal data are
- your consent,
- our legitimate interests,
- performance of a contract, or
- our legal obligations.
We do NOT intentionally collect and process sensitive personal information. Please, refrain from sharing your sensitive personal data when you provide information to us through Website, email or our social media accounts.
We collect and process your personal data under the provisions of the GDPR.
GDPR provides an exclusive list of lawful bases allowing us to process your personal data. During personal data processing, we rely only on four of them, namely, Article 6.1(a): consent.
We collect the information you choose to give us, and we process it with your consent. You may withdraw your consent to the processing of your personal data at any time.
Please remember that the withdrawal of consent does NOT automatically mean that the processing before the withdrawal is considered unlawful. You may withdraw the consent to the processing of your personal data by sending us an email at firstname.lastname@example.org, or by contacting us in any other way convenient for you.
Article 6.1(f): legitimate interests
As a data controller, we process your personal data to prevent any fraudulent actions and to provide you with the desired services. Also, we need some data to enable our Website to run smoothly and give you a pleasant user experience. We use only strictly necessary data under this legal ground.
Article 6.1(b): performance of a contract
When you provide us with personal data via contact forms on the Website, email, and social media, this can be deemed as your request to form a contract or to perform a contract between you and us. However, we may ask you to give us clear consent in case of doubt.
Article 6.1(c): legal obligation
We process your personal data to fulfil the applicable legal obligations arising mainly from the GDPR. In the event of you sending us the request to fulfil the rights granted by the GDPR, we may ask you for some personal data we already have to identify you and achieve compliance with the applicable law.
Use of Your Personal Data
As a data controller, we use your personal data for the purposes listed in the table below, where we also detail the type of personal data processed, legal bases we rely on to do so, third parties with whom we may share your personal data:
|Purposes||Type of personal data||Legal grounds||Third Parties recipients|
|Communication with Clients and Visitors regarding our services||(a) Contact information||Performance of a contract (Article 6(1)(b))||Bitrix24, Contractors|
|Marketing (to send you informational messages about our Company, promotions, events (webinars, seminars, consultations, master classes, etc.).||(a) Contact information||Your consent (Article 6(1)(a))||Bitrix24, Contractors|
|Establishing a business connection for future cooperation||(a) Contact information||Your consent (Article 6(1)(a))||Bitrix24, Contractors|
|Preventing fraudulent activity, enable the functionality of the Website||(b) Cookies Information||Our legitimate interest (Article 6(1)(f))||Contractors|
|Perform analytics and marketing on our Website||(b) Cookies Information||Your consent (Article 6(1)(a))||Bitrix24, Facebook, Youtube, AddThis, Contractors|
|Complying with the law or legal process||
(a) Contact Information
(b) Cookies Information
|Legal obligation (Article 6(1)(c))||Contractors|
Data Security, Integrity and Retention
We will store and process your personal data for as long as needed to provide you or other customers with the services.
Also, you may request erasing of your personal data by contacting us in any way convenient for you.
As a data controller, we store and process your personal data for 3 months unless we do not need it for any of the purposes defined in this Policy and/or unless longer storage is required or expressly permitted by law.
Usually, we retain your data while your account is actively used, but we will delete your personal data if we notice that you have not used your account for a long time or if you ask us to delete your personal data. Some categories of data can be stored for a shorter time: for example, cookies expire in a few days, weeks or months as they are programmed to (or earlier if you clean your browser’s cache).
We may not delete or anonymise your data if we are compelled to keep it to comply with the law or legal process.
Despite any of the aforementioned periods of data storage, you may request to delete your personal data by sending us an email at email@example.com or contacting us in another way convenient for you.
We have implemented appropriate organisational, technical, administrative, and physical security measures that are designed to protect your personal data from unauthorised access, disclosure, use, and modification. We regularly review our security procedures and policies to consider appropriate new technology and methods.
Data Sharing and Disclosure
We only transfer your personal data to third parties according to the requirements of GDPR.
Where possible and necessary, we always enter data processing agreements (DPAs) and Non-Disclosure Agreements (NDAs) with our third parties.
We may disclose the personal data to third parties, including those outside the EU and EEA, provided that proper safeguards are put in place and the applicable local laws do not put your rights at risk.
We may share your personal data as a controller with joint controllers and data processors under the following provisions.
Sharing data with data processors
There are many features necessary to provide you with access to our Website that we cannot complete ourselves. Thus, we seek help from third parties. We may grant some service providers access to your personal data, in whole or part, to provide the necessary services.
Therefore, we may share and disclose your personal data to other data processors:
During our business activities, we may engage different specialists which may receive your personal data, including our technical, sales and marketing specialists, to provide you with better customer service. Also, we may disclose some of your personal data to our outsource legal and accounting professionals to make our business accurate and transparent. The abovementioned specialists are collectively referred to as Contractors.
We may transfer your personal data to countries outside the EU and EEA (for example, the USA) that are not determined to offer an adequate level of data protection based on article 45 of GDPR (adequacy decision) with appropriate safeguards as determined under the GDPR.
We only transfer your personal data to third parties within the requirements under the GDPR. Where possible and necessary, we always enter into Data Processing Agreements (DPAs) and Non-Disclosure Agreements (NDAs) with them and treat personal data transfer seriously. Where the Contractor has an appropriate data processing agreement in place, Company may adjoin such data processing agreement. If so, Company and the Contractor may regulate the transfer of the personal data to such Contractor using this data processing agreement.
Transferring your personal data outside of the European Economic Area
We may transfer your personal data to third countries outside the EU and the EEA under Article 46 of the GDPR on the appropriate safeguards, including the standard contractual clauses (SCC).
For transfers to countries that do not fall under requirements of Article 45 of the GDPR on the adequacy of the level of protection, we may transfer your personal data to third countries outside the EU and the EEA, including the onward transfers of the personal data from the third countries to other third countries, under Article 46 of the GDPR with the appropriate safeguards, including the SCC.
We disclose your personal data to countries outside the EU and the EEA in compliance with our internal procedures regarding international transfers to adduce adequate safeguards concerning the protection of privacy and fundamental rights and freedoms of natural and legal persons.
We put supplementary technical and organisational measures in place when transferring data outside the EU and the EEA. e.g. prior assessment of the service supplier’s reliability and personal data protection practices, encryption of the transferred personal data, prompt reacting to any threats to confidentiality, integrity and availability of the personal data, conducting transfer impact assessments (TIA) when necessary, etc.
Your Rights under the GDPR
You may exercise the following rights under the General Data Protection Act (GDPR):
- right of access;
- right to rectification;
- right to erasure;
- right to restriction of processing;
- right to object to processing;
- right to data portability;
- right to lodge a complaint;
- right to consent withdrawal.
You may exercise the following rights by submitting your request at firstname.lastname@example.org.
Rights under the GDPR
- right of access means that you may ask us to send you a copy of your personal data collected together with information regarding the nature, processing and disclosure of that personal data;
- right to rectification means that you may ask us to update and correct the false data, missing or incomplete personal data.
- right to erasure (to be “forgotten”) means that you may ask us to delete your personal data collected, except insofar it is prohibited by appropriate laws.
- right to restriction of processing means that you may ask us to restrict processing where:
- your personal data is not correct or outdated;
- the processing is unlawful.
- right to object to the processing means that you may raise objections on grounds relating to your particular situation;
- right to data portability means that you may ask us to transfer a copy of your personal data to another organisation or you;
- right to withdraw the consent when your personal data processed based on your consent;
- right to lodge a complaint with the supervisory data protection authority about the processing of your personal data.
You may submit the complaint to the supervisory authority of your place of residence within the EU or to the data protection authority stated in this Policy.
Please, note that we may need to confirm your identity to process your requests to exercise your rights under the GDPR. Thus, we may not be able to satisfy your request if you do not provide us with sufficient detail to allow us to verify your identity and respond to your request.
Data Protection Authority under the GDPR
We kindly ask you to contact us directly so that we can quickly answer your question.
We kindly invite you to share your concerns with us in the first place regarding any issue related to your personal data processing. You may contact us to address your inquiries at email@example.com.
Supervisory Authorities under GDPR:
In case of any questions regarding data protection, you can apply to the German Federal Commissioner for Data Protection and Freedom of Information (Bundesbeauftragte für Datenschutz und Informationsfreiheit – ‘BfDI’) and/or supervisory authority in your place of residence or domicile. We will cooperate with the appropriate governmental authorities to resolve any privacy-related complaints that cannot be amicably resolved between you and us.
You can find the full list of EU supervisory authorities through the link.
Where you are a child under 16 in the EU, we need the consent of your parent (or another holder of parental responsibility, legal guardian) to allow you to use our Website.
We undertake the best possible efforts to secure the processing of personal data belonging to the underage. Therefore, the Company does not knowingly collect personal data from persons under the age of 16.
By submitting your personal data to us, you acknowledge that you have reached the age of 16, and under the laws of your country of residence, you have all rights to provide us with your personal data for processing. If you have any reason to believe that a child under the age of 16 has provided his/her personal data to us, please contact us at firstname.lastname@example.org.
We may change this policy from time to time due to the different purposes.
We will notify you of such material changes through means available to us.
This Policy may be changed from time to time due to the implementation of new updates, technologies, laws’ requirements or for other purposes. We will send notice to you if these changes are dramatic and where required by applicable laws, we will obtain your consent for the subsequent processing. In any case, we encourage you to review this Policy to check for any changes regularly.
Such notification may be provided via email, announcement published in our Website and by other means consistent with applicable law.
How to Contact Us
- Our email: email@example.com
- Our address: Hanauer Str. 8, Pforzheim, Germany 75181
- Our phone number: [+49 1798784562]