Privacy Policy

Data Protection: your Right – our Duty

You can rest assured that your personal data will be protected and remain secure. The protection of your privacy and your rights in the processing of personal data is an important concern for FIOR & GENTZ Gesellschaft für Entwicklung und Vertrieb von orthopädietechnischen Systemen mbH, which we take into account in all our business processes.
We therefore wish to inform you of the basic rules governing the way we handle personal data.

How We Use your Data

FIOR & GENTZ Gesellschaft für Entwicklung und Vertrieb von orthopädietechnischen Systemen mbH collects, processes and uses all personal data arising from your visits to our online services only in accordance with the applicable regulations for the protection of personal data.

We only use the personal data for the purposes stated in this Privacy Policy (for example to process inquiries or to fulfil orders for medical devices). When we collect personal data via forms, we will inform you of the purpose of its collection and other details in accordance with the provisions of Art. 13 of the GDPR. The use of such data for other purposes is excluded.

Controller

The controller, who is responsible for processing your data, within the meaning of the General Data Protection Regulation (GDPR) is:
FIOR & GENTZ Gesellschaft für Entwicklung und Vertrieb von orthopädietechnischen Systemen mbH
Dorette-von-Stern-Straße 5
21337 Lüneburg (Germany)

Information Collected by Us

You can use almost the entirety of this website without us requiring personal data from you. Only a few offerings and services that you will find on our pages require you to provide personal data for their use.

1. Provision of the Website
When you use the website’s Internet services, the Internet servers (web servers) automatically record and evaluate technical access data (browser type, browser version, operating system used, referrer URL, host name, time of server request, IP address). However, this data cannot be attributed to a specific person; the individual user remains anonymous. This data is not merged with any other data. The legal basis for this processing is Art. 6(1) lit. a GDPR (legitimate interest for the purpose of technically error-free presentation and optimisation of the website). The data is stored only for as long as is necessary for the stated purpose.

2. Cookies
We would like to point out that these web pages use cookies. Cookies are text files that are stored in the web browser on your computer system. The legal basis for the use of cookies is Art. 6(1)(a) of the GDPR (consent to processing for statistical purposes, for optimisation of the presentation or for marketing purposes). If you choose not to accept the use of cookies, some offerings of the website may be unavailable or limited.

Information about the cookies used:

 

Website 

Name

Purpose

Length of Storage

Provider

Type

 

fe_typo_user

This cookie is a TYPO3 standard session cookie. It stores the access data entered when you log in to a protected area.

duration of the session

TYPO3 Association, Sihlbruggstrasse 105, 6340 Baar, Switzerland

HTTP

necessary

typo3_geoip_targetGeoIP Cookie forwards the user to the appropriate national version.1 monthFIOR & GENTZHTTPnecessary

rc::c

distinguishes between humans and bots

duration of the session

Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

HTML

necessary

_ga

registers a unique ID, which is used to generate statistical data on your usage of the website

2 years

Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

HTTP

statistics

_gid

registers a unique ID, which is used to generate statistical data on your usage of the website

1 day

Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

HTTP

statistics

_gat

The _gat_UA cookie also contains the identity number (_gat_ <***>) of the Google Analytics account or website to which the cookie refers. 

1 day

Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

HTTP

statistics

_gcl_au

is used by Google AdSense for advertising efficiency on web pages

3 months

Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

HTTP

marketing

r/collect

transmits data about your device and browsing behaviour to Google Analytics

duration of the session

Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

pixel

marketing

 

Webshop 

Name

Purpose

Length of Storage

Provider

Type

 

ASPSESSIONID

records your actions for all page queries

duration of the session

Microsoft Corporation, One Microsoft Way, Redmond, WA USA

HTTP

necessary

_ga

registers a unique ID, which is used to generate statistical data on your usage of the website

2 years

Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

HTTP

statistics

_gid

registers a unique ID, which is used to generate statistical data on your usage of the website

1 day

Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

HTTP

statistics

_gat

The _gat_UA cookie also contains the identity number (_gat_ <***>) of the Google Analytics account or website to which the cookie refers. 

1 day

Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

HTTP

statistics

_gcl_au

is used by Google AdSense for advertising efficiency on web pages

3 months

Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

HTTP

marketing

r/collect

transmits data about your device and browsing behaviour to Google Analytics

duration of the session

Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

pixel

marketing

 

Orthosis Configurator

Name

Purpose

Length of Storage

Provider

Type

 

ASP.NET_SessionId

records your actions for all page queries

duration of the session

Microsoft Corporation, One Microsoft Way, Redmond, WA USA

HTTP

technical

ASPSESSIONID

records your actions for all page queries

duration of the session

Microsoft Corporation, One Microsoft Way, Redmond, WA USA

HTTP

technical

_ga

registers a unique ID, which is used to generate statistical data on your usage of the website

2 years

 

HTTP

marketing

_gid

registers a unique ID, which is used to generate statistical data on your usage of the website

1 day

Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

HTTP

marketing

_gat

The _gat_UA cookie also contains the identity number (_gat_ <***>) of the Google Analytics account or website to which the cookie refers. 

1 day

Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

HTTP

marketing


The website also uses cookies that are essential for the technical operation of the website. These do not contain any personal information and are not read by any third party. 

3. Contact Form and Email Contact
Our website includes a contact form, which you can use for sending enquiries to us. In order to respond to your enquiry, both the email address field and the text field detailing your enquiry (both mandatory fields) will need to be completed.

Any further information is voluntary. Alternatively, it is also possible to contact us via the specified email address. The data associated with your enquiry will be processed by us for the purpose of responding. The legal basis for the processing is Art. 6(1) lit. a GDPR. The purpose of the processing is to deal with your enquiry. The stored data will be erased if the purpose of the processing ceases to exist and there are no further legal or contractual retention obligations. As a rule, the data associated with your enquiries will be retained for 12 months unless another processing purpose (such as an order or quotation) arises from the enquiry.

4. EXPERTMAIL – the FIOR & GENTZ Newsletter

Our website offers a facility for subscribing to EXPERTMAIL. For this purpose, the following data is collected and stored for the purpose of sending you the newsletter and to ensure verifiability:

  • email address,
  • date and time of registration,
  • date and time of the confirmation email (double opt-in procedure).

The legal basis is Art. 6(1)(a) of the GDPR (Consent). When you subscribe to our newsletter, your consent is obtained and we refer you to this Privacy Policy. This involves the use of a double-opt-in procedure. After you have given your consent, we will send you an email with a confirmation link to complete the subscription process. You can withdraw your consent to being sent our EXPERTMAIL newsletter at any time with future effect. Your data will then be deleted immediately unless there are legal or contractual retention obligations to the contrary.

 

Payment with PayPal

PayPal assumes the function of an online payment service provider as well as a trustee and offers buyer protection services. By selecting and using payment via PayPal or PayPal Plus (credit card/direct debit) as part of your order process, the data required for payment processing is automatically transmitted to PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg, and serves to fulfil the contract in accordance with Article 6 (1) (b) GDPR.

The personal data transmitted to PayPal generally includes first name, surname, address, email address, IP address and other data required for payment processing. Personal data relating to the respective order (e.g. number of items, item number, invoice amount, taxes and other invoice information) is also required to fulfil the purchase contract.

The transmission of your data is necessary for payment processing via PayPal and serves the purpose of confirming your identity and administering your payment order. You can object to this processing of your data at any time by sending a message to PayPal. However, PayPal may still be authorised to process your personal data if it is necessary for contractual payment processing.

PayPal reserves the right to carry out a credit check for the payment methods credit card via PayPal and direct debit via PayPal. For this purpose, your payment data will be disclosed to credit agencies in accordance with Article 6 (1) (f) GDPR based on PayPal's legitimate interest in determining your willingness and ability to pay. We do not have any influence on this process and only receive the result as to whether the payment has been made or rejected or whether a review is pending.

You can find PayPal's Privacy Statement at https://www.paypal.com/ad/legalhub/privacy-full.

PayPal is not a processor as defined by Article 4 (8) GDPR with its own responsibility.

Integration of Third-Party Services and Content

Our website may contain links to other websites that are outside our control and to which this Privacy Policy does not apply. If you access other websites using the links provided, the operators of these websites may collect information about you that they use in accordance with their own Privacy Policy, which may differ from ours.

When processing your personal data, we may share it with various recipients in different situations. Recipients of personal data may be organisations that support the controller in the course of its business activities, in particular banks, courier and transport companies, external bodies that provide IT support, companies that carry out internal controls/audits on behalf of the controller or provide services that we use on the website, or authorities on the basis of applicable laws. We always adhere to the principle of using data only for specific purposes and we collect, process and store your personal data only for the purposes for which you have communicated it to us. Your personal data will not be shared with third parties without your explicit consent except where necessary for the provision of the service or for the execution of the contract.

We utilise content from the following third-party service providers on the legal basis of Art. 6(1) lit. a GDPR:

YouTube

This website uses videos from YouTube LLC, 901 Cherry Ave., 94066 San Bruno, CA, USA, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, to present our company and our services.

The videos on the FIOR & GENTZ website are embedded locally, i.e. no personal data will be disclosed to any third parties. However, when using our YouTube link, please note that you are directed to the YouTube website. When you access our videos on the YouTube platform, Google Ireland Ltd., as the operator of the platform in the EU, will process your data (personal information, IP address, etc.).

You can view YouTube’s data protection policy at https://policies.google.com/privacy.

Instagram

On this social media platform, we share responsibility with Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

The legal basis for the resulting processing of personal data described below is Art. 6(1) lit. a GDPR. Our legitimate interest lies in the analysis, communication, sales and promotion of our products and services.

When you access our online presence on the Instagram platform, Facebook Ireland Ltd., as the operator of the platform in the EU, will process your data (personal information, IP address, etc.).

You can view Instagram’s data protection policy at https://help.instagram.com/519522125107875.

Google Analytics

We use Google Analytics to analyse website usage. The data obtained is used to optimise our website and advertising measures. The legal basis for the processing is Art. 6(1) lit. a GDPR.
Google Analytics is provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland). Google processes website usage data and is contractually committed to measures to ensure the security and confidentiality of the data processed.
The service uses cookies, which are stored on your device for up to two years. The information gathered by the cookies is usually sent to a Google server in the USA and stored there. The recorded data is stored with the randomly generated user ID, which enables the evaluation of pseudonymous user profiles. This user-related data is automatically deleted after 14 months. Other data remains stored in aggregated form indefinitely. You have the option of preventing the cookie from being stored on your device by making the appropriate settings in your browser. It is not guaranteed that you will be able to access all functions of this website without restrictions if your browser does not allow cookies. Furthermore, you can use a browser plug-in to prevent the information collected by cookies (including your IP address) from being sent to and used by Google Inc. The following link will take you to the corresponding plug-in: https://tools.google.com/dlpage/gaoptout?hl=en 
You can find more information on the usage of data by Google Inc. here: https://support.google.com/analytics/answer/6004245?hl=en.

Google Maps

We use Google Maps on our website to show you locations better and thus adapt our service to your needs. The legal basis for the processing is Art. 6(1) lit. a GDPR. Google Maps is provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland). Google processes website usage data and is contractually committed to measures to ensure the security and confidentiality of the data processed. In order for Google Maps to fully provide its service, data from you will be recorded and stored. These include, among others, the search terms entered, your IP address and GPS coordinates (latitude and longitude). If you are using the route planner function, the start address entered is also saved. This data storage occurs on the Google Maps websites. We can only inform you of this, but cannot influence it. Since Google Maps is integrated into our website, Google sets at least one cookie (name: NID) in your browser. This cookie saves data about your user behaviour. Google uses this data primarily to optimise its own services and to provide you with individual, personalised advertising. The information gathered by the cookies is usually sent to a Google server in the USA and stored there. You can find out exactly where Google's data centres are located here: https://www.google.com/about/datacenters/inside/locations/?hl=en

Google stores some data for a set period of time. For other data, Google only provides the option to delete it manually. The company also anonymises information, such as advertising data, in server logs by deleting part of the IP address and cookie information after 9 and 18 months respectively. The automatic location and activity data deletion feature stores location and web and app activity information for either 3 or 18 months – depending on your decision – and then deletes it. In addition, you can also manually delete this data from your history at any time via your Google account. If you want to completely prevent location tracking, you need to pause the "Web and App Activity" section in your Google Account. Click "Data and Personalisation" and then the "Activity Setting" option. Here you can switch the activities on or off.
You have the option of preventing the cookie from being stored on your device by making the appropriate settings in your browser. It is not guaranteed that you will be able to access all functions of this website without restrictions if your browser does not allow cookies.
You can find more information on the usage of data by Google Inc. here: https://support.google.com/analytics/answer/6004245?hl=en

Facebook

Facebook is an online service provided by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA. In the EU, this service is operated by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. Both are referred to as "Facebook" here.

The legal basis is Art. 6(1) lit. a GDPR: Our legitimate interest lies in improving the quality of our web presence.

Facebook provides further information about the collection and use of data and also your rights and protection options at:

Privacy Protection for Persons under the Age of 16 on the Internet

FIOR & GENTZ Gesellschaft für Entwicklung und Vertrieb von orthopädietechnischen Systemen mbH will not knowingly collect or use personal data from minors (under the age of 16) in any form. Generally, we do not know the age of the person visiting our websites. However, we have not taken any specific measures to protect such data to a particular degree. Persons under the age of 16 may not transmit any personal data without the express consent of their parents or guardians.

Your Rights Regarding the Processing of Your Data

Right of Access: You have the right to request confirmation from the controller as to whether personal data concerning you is being processed; if this is the case, you have a right of access to this personal data and to the information specified in Art. 15 of the GDPR. 

Right to Rectification: You have the right to request the controller to rectify any incorrect personal data concerning you without delay and, if necessary, to complete incomplete personal data (Art. 16 of the GDPR).

Right to Erasure: You have the right to request the controller to delete personal data concerning you without delay if any of the reasons specified in Art. 17 of the GDPR applies, e.g. if the data is no longer required for the purposes pursued (right to erasure). 

Right to Restriction of Processing: You have the right to request the controller to restrict processing if any of the conditions specified in Art. 18 of the GDPR applies, e.g. if you have lodged an objection to processing, for the duration of the review by the controller. 

Notification Obligation: You have the right to be informed about the recipients of personal data. The controller shall communicate any rectification or erasure of personal data or restriction of processing carried out in accordance with Article16, Article 17(1) and Article 18 to each recipient, unless this proves impossible or involves disproportionate effort (Art. 19 of the GDPR). 

Right to Data Portability: You have the right to receive the personal data concerning you, which you have provided to a controller, in a structured, commonly used and machine-readable format. You also have the right to have this data transmitted to another controller, if technically feasible, (Art. 20 of the GDPR). 

Right to Object: You have the right to object at any time to the processing of personal data concerning you for reasons arising from your particular situation. The controller will then no longer process the personal data unless they can demonstrate compelling grounds for processing, which outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims (Art. 21 of the GDPR).

Right to Lodge a Complaint: You have the right of appeal to a supervisory authority, without prejudice to any other administrative or judicial remedy, if you consider that the processing of personal data concerning you is contrary to the GDPR (Art. 77 of the GDPR). You may exercise this right before a supervisory authority in the Member State where you reside or work, or where the alleged infringement occurred. The responsible supervisory authority for Lower Saxony is:

The State Commissioner for Data Protection of Lower Saxony
Prinzenstraße 5
30159 Hannover

Security of Your Data

The data provided by you to FIOR & GENTZ Gesellschaft für Entwicklung und Vertrieb von orthopädietechnischen Systemen mbH is protected by suitable technical and organisational means with the aim of securing your data against accidental or intentional manipulation, loss, destruction, access by unauthorised persons or unauthorised disclosure to third parties. Our security measures are continuously monitored and improved in accordance with technological developments and organisational possibilities. 

Data Protection Officer

For further information, please contact our data protection officer at any time: datenschutz(at)hbsn-gruppe.de


×

Technische Cookies

Name Purpose Record Duration Provider Type
fe_typo_user This cookie is a standard session cookie of TYPO3. It stores the entered access data when a user logs in for a closed area. duration of the session TYPO3 Association, Sihlbruggstrasse 105, 6340 Baar, Schweiz HTTP
rc::c distinguishes between humans and bots duration of the session Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Irland HTML
×

Marketing Cookies

Name Purpose Record Duration Provider Type
_ga registers a unique ID which is used to generate statistical data on the user’s website usage 2 years Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Irland HTTP
_gid registers a unique ID which is used to generate statistical data on the user’s website usage 1 day Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Irland HTTP
_gat The _gat_UA cookie also contains the identity number (_gat_ <***>) of the Google Analytics account or website to which the cookie refers.  1 day Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Irland HTTP
_gcl_au is used by Google AdSense for advertising efficiency on web pages 3 months Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Irland HTTP
r/collect transmits data about the user’s device and behaviour to Google Analytics duration of the session Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Irland Pixel