隐私政策

Effective as of Aug 08, 2018

1. General

The protection of your personal data is very important to us. At this point, we would like to inform you about data protection in our company. Your personal data will solely be used within statutory data protection regulations, such as the General Data Protection Regulation (GDPR) or the new Federal Data Protection Act (BDSG). Our employees and agents are obliged to comply with data protection regulations. Below you will find information about the nature, scope and purpose of the collection and use of your personal data and your rights. These notes can be accessed at any time on the internet at https://www.brainlab.com/privacy-policy/.

2. When you visit our website

2.1  Scope of data collection and storage

Ser. Nr.DataPurposeLegal basis
1.Browser data (date and time of access, URL (address) of the referring website, accessed file, amount of transmitted data, browser type and version, operating system, IP address)Connecting to the websiteArt. 6 Sec. 1 lit. f GDPR
2.web analytics data *Audience measurement, website optimization, interest-based advertising, retargetingArt. 6 Sec. 1 lit. f GDPR

* web analytics

To continually improve and optimize our website content and usability, we use analytics technologies from Google LLC, Facebook Inc., Twitter Inc., LinkedIn, Yandex N.V. and WordPress. The session and interaction data of the website visitors are collected and statistically evaluated. Cookies are used for this purpose. The session and interaction data are never processed in personalized form, but only anonymously.

In part, analysis data is transmitted to and stored on a server of the respective analytics service in a Member State of the EU or in a third country outside the EU (for example in the USA). The information may be transferred to third parties, if this is legally permissible or if third parties process this data on behalf of our service provider. Neither we nor the web analytics services will associate your IP address with any other data stored by us or the service provider. The website uses the following analytics services:

  • Brainlab/Wordpress

    Maintains the states of the user on all page requests.

  • Google Tag Manager

    Google Tag Manager does not collect personal data. The Tag Manager makes it easier for us to integrate and manage our tags. Tags are small pieces of code that can be used, among other things, to measure traffic and visitor behavior, track the impact of online advertising and social channels, set up remarketing and audience targeting, and test and optimize websites. We use the Google Tag Manager for all services listed in section 2.1 below. If you’ve opted out, Google Tag Manager will consider that opt out. For more information about Google Tag Manager, see: https://www.google.com/analytics/tag-manager/use-policy/.

  • Google Analytics

    This website uses Google Analytics, a web analytics service provided by Google LLC (1600 Amphitheater Parkway, Mountain View, California 94043, USA). The IP Anonymization feature in Google Analytics sets the last octet for IPv4 user IP addresses and for the last 80 bits in memory for IPv6 addresses to zero, just after being sent to the Analytics data collection network for collection. In this case, the full IP address will never be written to disk. Further information on anonymization can be found here: https://support.google.com/analytics/answer/2763052.

  • Google AdWords und Conversion Tracking

    We use the Google AdWords online advertising program and Google AdWords conversion tracking. Google Conversion Tracking is an analytics service provided by Google LLC (1600 Amphitheater Parkway, Mountain View, CA 94043, USA; “Google”):

    To promote our services, we run Google Adwords ads using Google Conversion Tracking for personalized, interest-based, and location-based online advertising. The option to anonymize the IP addresses is controlled by the Google Tag Manager via an internal setting, which is not visible in the source of this page. This internal setting is set so that an anonymization of the IP addresses is achieved. Ads appear after searches on Google Network sites. We have the opportunity to combine our ads with specific keywords. Cookies allow us to serve ads based on previous visits by a user to our website.

    When an ad is clicked, Google places a cookie on the user’s computer. For more information on the cookie technology used, please refer to Google’s Guidance on Website Statistics and Privacy Policy.

    Using this technology, Google and we as a customer receive information that a user has clicked on an ad and has been redirected to our websites. The information obtained here is used exclusively for a statistical evaluation for ad optimization. We do not receive any information that personally identifies visitors. The statistics provided to us by Google include the total number of users who have clicked on one of our ads and, if applicable, whether they have been redirected to a conversion-tagged page of our website. Based on these statistics, we can understand which search terms were used most often on our ad and which ads lead to contact via the contact form by the user.

    If you do not want this, you can prevent the storage of the cookies required for these technologies, for example through the settings of your browser. In this case your visit will not be included in the user statistics.

    You also have the option of selecting the types of Google ads or disabling interest-based ads on Google using the ad settings. Alternatively, you can disable the use of third-party cookies by calling the network advertising initiative’s opt-out help.

    However, we and Google continue to receive statistical information on how many users visited this page. If you also do not want to be included in these statistics, you can prevent this with the help of additional programs for your browser (for example with the add-on Ghostery).

  • Google Dynamic Remarketing

    On our website we use the dynamic remarketing feature of Google AdWords. The technology allows us to post automatically generated, targeted ads after you visit our website. The advertisements are based on the products and services you clicked on the last visit to our website.

  • Google DoubleClick

    We use DoubleClick, a service provided by Google Inc. DoubleClick uses cookies to serve user-based ads. The cookies recognize which ad has already been displayed in your browser and whether you have accessed a website via a switched ad. The cookies do not collect any personal information and cannot be associated with such information.

    If you do not want to receive user-based advertising, you can disable the delivery of ads using Google’s Ads Preferences.

    You can read more about how Google uses cookies in Google’s privacy policy.

  • Facebook Tracking Pixel

    With the Facebook Pixel, the behavior of users can be tracked, after they have been redirected to the website of the provider by clicking on a Facebook ad. This process is designed to evaluate the effectiveness of Facebook advertisements for statistical and market research purposes and may help to optimize future advertising efforts. The data collected is anonymous to us, so they do not provide us with any conclusions about the identity of the users. However, the data is stored and processed by Facebook, so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes, according to the Facebook data usage directive (https://www.facebook.com/about/privacy/). You can enable Facebook and its affiliates to display ads on and off Facebook. A cookie may be stored on your computer for these purposes. Facebook is able to link the data to your Facebook account and use the data for its own promotional purposes, in accordance with Facebook’s privacy policy at: https://www.facebook.com/about/privacy/. Brainlab uses this tracking pixel only on the career subpages.

  • Yandex Metrica

    Registers a unique ID that is used to generate statistical data about how the visitor uses the site.

  • Twitter Analytics
    Twitter Conversion Tracking

    Collects anonymous data about user visits to the site, such as the number of visits, the average time spent on the website, and which pages were loaded to personalize and improve the Twitter service.

    Twitter Advertising

    Collects anonymous data about user visits to the website, such as the number of visits, the average time spent on the website, and which pages were loaded to personalize and improve the Twitter service.

  • LinkedIn Analytics / LinkedInAds

    Used by the social networking service LinkedIn for tracking the use of embedded services.

The duration of the used cookies is limited to max. 14 months, unless otherwise stated below. A cookie is a small text file that allows a website to recognize a browser. Cookies are stored in a text file on the computer and retrieved and read the next time the web server is contacted. As a user, you can use your browser settings to decide for yourself whether and which cookies you want to allow, block or delete. You can find instructions for your browser here: Internet Explorer, Firefox, Google Chrome, Google Chrome mobile, Microsoft Edge, Safari, Safari mobile. Alternatively, you can also use so-called adblockers, such as Ghostery.

However, the collection and storage of data for the purpose of website optimization can also be objected to at any time with future effect via the following opt-out link http://www.youronlinechoices.com/de/praferenzmanagement/. Use the link above to manage your preferences for usage-based online advertising. If you object to a usage-based online ad using the preference manager, it will only apply to the specific business data collection from the web browser you are using. The preference management is cookie-based. Deleting all browser cookies also removes the preferences you set with the preference manager.

If you want to deactivate Google Analytics, you can alternatively also download a corresponding add-on for your web browser at: https://tools.google.com/dlpage/gaoptout.

For US Residents: Except as otherwise specified in this Privacy Policy, Brainlab does not alter the practices detailed herein based upon your selection of the “do not track” setting or other “opt out” setting or feature that may be offered by your browser; however, Brainlab reserves the right to do so in the future.

2.2 Pursued legitimate interests, provided legal basis is Art. 6 Sec. 1 lit. f GDPR

See purpose in Section 2.1

2.3 Source, unless the data was collected from the data subject

Sec. 2.1 Ser. No.Source
1 and 2Terminal device of the user

2.4 Obligation to provide data and automated decision-making

There is no legal or contractual obligation to provide personal data. The provision of personal data is also not required for the conclusion of a contract. Possible consequence of not providing personal data is the limited usability of the website.

There is no automated decision-making including profiling according to Art. 22 GDPR.

3. Product information

You may contact us for information about products or services via the product information form.

3.1  Scope of data collection and storage

Ser.DataPurposeLegal Basis
1Contact form data (first name, last name, telephone number, e-mail address, country, postal code, message, consent data)Processing and answering the contact, information on products and services *Art. 6 Sec.1 lit. a GDPR (in conjunction with Para. 7 Sec. 2 No. 3 Unfair Competition Act – UWG)

* Used for this purpose only if you have consented to it. In this case, we also record the consent you have given us.

3.2 Pursued legitimate interests, provided legal basis is Art. 6 Sec.1 lit. f GDPR

See purpose Sec. 3.1

3.3 Source, unless the data was collected from the data subject

Sec. 3.1 ser. No.Source
1IP address, server log file: Terminal device of the user, time, URL

We use the e-mail address collected in connection with the sale of a product or service on our website for the direct marketing of own and similar products and / or services. If you do not wish to receive advertising, you may object to the use of your email address at any time without incurring any costs other than the basic rate for communication means. For this purpose, there is a corresponding link to unsubscribe in each newsletter.

3.4 Obligation to provide data and automated decision-making

There is no legal or contractual obligation to provide personal data. The provision of personal data is also not required for the conclusion of a contract. Possible consequence of not providing personal data is that we cannot provide you with the requested information.

There is no automated decision-making including profiling according to Art. 22 GDPR.

Clinical Research

You have the opportunity to contact us for a clinical trial with Brainlab products via the Clinical Research Form.

4.1  Scope of data collection and storage

Ser. No.DataPurposeLegal basis
1Contact form data (first name, last name, e-mail address, country, institution, message, consent data)Processing and answering the contact *Art. 6 Sec.1 lit. a GDPR (in conjunction with Para. 7 Sec. 2 No. 3 Unfair Competition Act – UWG)

* Used for this purpose only if you have consented to it. In this case, we also record the consent you have given us.

4.2  Pursued legitimate interests, provided that legal basis is Art. 6 Sec. 1 lit. f GDPR

See purpose in Sec. 4.1

4.3 Source, unless the data was collected from the data subject

Sec. 4.1 ser. No.Source
1IP address, server log file: Terminal device of the user, time, URL

4.4 Obligation to provide data and automated decision-making

There is no legal or contractual obligation to provide personal data. The provision of personal data is also not required for the conclusion of a contract. Possible consequence of not providing personal data is that we cannot provide you with the requested information.

There is no automated decision-making including profiling according to Art. 22 GDPR.

5. Customer locations

You can contact us to make an appointment for a customer location visit using the Reference Locations form.

5.1 Scope of data collection and storage

Ser. No.DataPurposeLegal basis
1Contact form data (first name, last name, telephone number, e-mail address, country, postal code, institution, message, consent data)Processing and answering the contact to make an appointment*Art. 6 Sec.1 lit. a GDPR (in conjunction with Para. 7 Sec. 2 No. 3 Unfair Competition Act – UWG)

* Used for this purpose only if you have consented to it. In this case, we also record the consent you have given us.

5.2 Source, unless the data was collected from the data subject

Sec. 5.1 ser. No.Source
1IP address, server log file: Terminal device of the user, time, URL

5.3 Obligation to provide data and automated decision-making

There is no legal or contractual obligation to provide personal data. The provision of personal data is also not required for the conclusion of a contract. Possible consequence of not providing personal data is that we cannot provide the requested information.

There is no automated decision-making including profiling according to Art. 22 GDPR.

6. Press releases

You can subscribe to up-to-date press information via the Press Releases form.

6.1 Scope of data collection and storage

Ser. No.DataPurposeLegal basis
1Contact form data (first name, last name, publisher, media title, e-mail address, country, consent data)Processing and answering the contact, sending current press releases *Art. 6 Sec.1 lit. a GDPR (in conjunction with Para. 7 Sec. 2 No. 3 Unfair Competition Act – UWG)

* Used for this purpose only if you have consented to it. In this case, we also record the consent you have given us.

6.2 Source, unless the data was collected from the data subject

Sec. 6.1 Ser. No.Source
1IP address, server log file: Terminal device of the user, time, URL

6.3 Obligation to provide data and automated decision-making

There is no legal or contractual obligation to provide personal data. The provision of personal data is also not required for the conclusion of a contract. Possible consequence of not providing personal data is that we cannot provide the requested information.

There is no automated decision-making including profiling according to Art. 22 GDPR.

7. Newsletter registration

You can register for news about current publications on our blog by using the newsletter registration form.

7.1 Scope of data collection and storage

Ser. No.DataPurposeLegal basis
1Contact form data (title, first name, last name, institution, e-mail address, function, consent data)Submission of blog articles, information on products and services *Art. 6 Sec.1 lit. a GDPR (in conjunction with Para. 7 Sec. 2 No. 3 Unfair Competition Act – UWG)

 * Used for this purpose only if you have consented to it. In this case, we also record the consent you have given us.

7.2 Source, unless the data was collected from the data subject

Sec. 7.1 Ser. No.Source
1IP address, server log file: Terminal device of the user, time, URL

We use the e-mail address collected in connection with the sale of a product or service on our website for the direct marketing of own and similar products and / or services. If you do not wish to receive advertising, you may object to the use of your email address at any time without incurring any costs other than the basic rate for communication means. For this purpose, there is a corresponding link to unsubscribe in each newsletter.

7.3 Obligation to provide data and automated decision-making

There is no legal or contractual obligation to provide personal data. The provision of personal data is also not required for the conclusion of a contract. Possible consequence of not providing personal data is hat we cannot provide the requested information. There is no automated decision-making including profiling according to Art. 22 GDPR.

8. General contact

You can contact us for any kind of request via the general contact form.

8.1 Scope of data collection and storage

Ser. No.DataPurposeLegal basis
1Contact form data (first name, last name, e-mail address, message, consent data)Processing and answering the contact *Art. 6 Sec.1 lit. a GDPR (in conjunction with Para. 7 Sec. 2 No. 3 Unfair Competition Act – UWG)

* Used for this purpose only if you have consented to it. In this case, we also record the consent you have given us.

8.2 Source, unless the data was collected from the data subject

Sec. 8.1 Ser. No.Source
1IP address, server log file: Terminal device of the user, time, URL

8.3 Obligation to provide data and automated decision-making

There is no legal or contractual obligation to provide personal data. The provision of personal data is also not required for the conclusion of a contract. Possible consequence of not providing personal data is that we cannot provide the requested information.

There is no automated decision-making including profiling according to Art. 22 GDPR.

9. Event date

You can make an appointment for an event via the event date form.

9.1 Scope of data collection and storage

Ser. No.DataPurposeLegal basis
1Contact form data (first name, last name, e-mail address, message, consent data)Processing and answering the contact for making an appointment *Art. 6 Sec.1 lit. a GDPR (in conjunction with Para. 7 Sec. 2 No. 3 Unfair Competition Act – UWG)

* Used for this purpose only if you have consented to it. In this case, we also record the consent you have given us.

9.2 Source, unless the data was collected from the data subject

Sec. 9.1 Ser. No.Source
1IP address, server log file: Terminal device of the user, time, URL

We use the e-mail address collected in connection with the sale of a product or service on our website for the direct marketing of own and similar products and / or services. If you do not wish to receive advertising, you may object to the use of your email address at any time without incurring any costs other than the basic rate for communication means. For this purpose, there is a corresponding link to unsubscribe in each newsletter.

9.3 Obligation to provide data and automated decision-making

There is no legal or contractual obligation to provide personal data. The provision of personal data is also not required for the conclusion of a contract. Possible consequence of not providing personal data is that we cannot arrange an appointment for an event.

There is no automated decision-making including profiling according to Art. 22 GDPR.

10. Event registration

You can register for an event.

10.1 Scope of data collection and storage

Ser. No.DataPurposeLegal basis
1Registration form data (title, first name, last name, institution, function, e-mail address, bill recipient, billing address, consent data)Processing and answering the registration for the event, creation of personalized participant documents *Art. 6 Sec.1 lit. a GDPR (in conjunction with Para. 7 Sec. 2 No. 3 Unfair Competition Act – UWG)

* Used for this purpose only if you have consented to it. In this case, we also record the consent you have given us.

10.2 Source, unless the data was collected from the data subject

Sec. 10.1 Ser. No.Source
1IP address, server log file: Terminal device of the user, time, URL

10.3 Obligation to provide data and automated decision-making

There is no legal or contractual obligation to provide personal data. The provision of personal data is also not required for the conclusion of a contract. Possible consequence of not providing personal data is hat you cannot register for the event.

There is no automated decision-making including profiling according to Art. 22 GDPR.

11. Applications

You can apply for a job via the career portal. Your personal data will be processed as follows:

11.1 Scope of data collection and storage

Ser. No.DataPurposeLegal basis
1
  • contact information (e.g.: address, telephone number, e-mail address)
  • CV data (e.g.: education, vocational training, work experience, language skills)
  • Profiles in social networks (e.g.: Xing, LinkedIn, Facebook)
  • documents related to applications (e.g.: application photo, cover letter, certificates, supporting documents)
RecruitingPara. 26 Abs. 1 S. 1 Federal Data Protection Act – BDSG
2Browser data (date and time of access, URL (address) of the referring website, retrieved file, amount of data sent, browser type and version, operating system, IP address)Connecting to the websiteArt. 6 Sec.1 lit. f GDPR

11.2 Pursued legitimate interests, provided legal basis is Art. 6 Sec.1 lit. f GDPR

See purpose in Sec. 5.1

11.3 Source, unless the data was collected from the data subject

Sec. 5.1 Ser. No.Source
2IP address, server log file: Terminal device of the user, time, URL

11.4 Obligation to provide data and automated decision-making

There is no legal or contractual obligation to provide personal data. The provision of personal data is also not required for the conclusion of a contract. Possible consequence of not providing personal data is that the job application of the user cannot be taken into account in the recruiting process and the user cannot be recruited.

There is no automated decision-making including profiling according to Art. 22 GDPR.

12. Transfer of personal data

Your personal data may be transferred to the following recipients:

Recipients or categories of recipients

Transfer to public authorities or by court order

At the request of the competent authorities, we must provide information on personal data (inventory data) on a case-by-case basis for the purpose of law enforcement, security, compliance with the statutory functions of the constitutional protection agencies or the Military Shielding Service or for the enforcement of intellectual property rights.

Waiver of social plugins

We waive the integration of social plugins in our website to protect your privacy when visiting our website. We have only integrated graphic links from social network providers (e.g. www.facebook.com) into our website. This means that your browser is not initially able to establish a direct connection with the server of the social network provider. For information on how to deal with your personal data when using this website, please refer to the respective privacy policy of the provider. Brainlab AG assumes no liability for the privacy policies and procedures of the linked sites.

Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA

For anonymised data for Google Analytics und for Conversion Tracking, see above. Google is subject to the EU-US. Privacy Shield. Existing EU-US Privacy Shield certifications can be viewed at https://www.privacyshield.gov/list. The Implementing Decision (EU) 2016/1250 of the EU Commission of 12 July 2016 recognizes the level of protection of the EU US Privacy Shields as equivalent to the level of protection of the Union.

Facebook Inc., 1601 Willow Road, Menlo Park, California 94025, USA

Facebook is subject to the EU-US. Privacy Shield. Existing EU-US Privacy Shield certifications can be viewed at https://www.privacyshield.gov/list. The Implementing Decision (EU) 2016/1250 of the EU Commission of 12 July 2016 recognizes the level of protection of the EU US Privacy Shields as equivalent to the level of protection of the Union.

softgarden e-recruiting GmbH, Tauentzienstraße 14, 10789 Berlin *

schalk&friends – Agentur für digitale Lösungen GmbH, Lindwurmstraße 124, 80337 Munich

Brainlab Corporate Services GmbH, Olof-Palme-Straße 9, 81829 Munich

Brainlab Sales GmbH, Olof-Palme-Straße 9, 81829 Munich

Brainlab Ltd. (UK), Regus House, 1010 Cambourne Business Park, Cambourne, Cambridge, CB36DP, UK

Brainlab Ltd. (Israel), 35 Efal Street, Petach-Tikva, 4951132, Israel

Brainlab Italia s.r.l., Via Monte di Pietá 21, 20121 Milano, Italy

Succursale de Brainlab Sales GmbH (F), Tour Ariane 5, Place de la Pyramide, 92088 Paris La Défense Cedex, France

Brainlab, Inc., 5 Westbrook Corporate Center, Suite 1000, Westchester, IL 60154 USA

Brainlab Ltda., Avenida Angélica, nº 2.071, conj. 41, CEP 01227-200, Consolação São Paulo, Brazil

Brainlab Beijing, Medical Equipment Trading Co., Ltd, Unit B9-1, Guanghualu SOHO2 No.9 Guanghua Road, Chaoyang District, Beijing 100020, China

Brainlab Ltd. Unit 2102, 21/F, The Hennessy, 256 Hennessy Road, Wan Chai, Hong Kong

Brainlab Médica, S.L. Plaza Ángel Carbajo, 6, Entresuelo Izquierda, 28020 Madrid, Spain

Brainlab India Pvt. Ltd., #411 Time Tower, M G Road, Gurgaon-122002, Haryana, India

Brainlab K.K., Tamachi East Bldg. 2F, 3-2-16 Shibaura, Minato-ku, Tokyo 108-0023, Japan

Brainlab Ltd. (Malaysia), Level 36, Menara Citibank 165 Jalan Ampang 50450 Kuala Lumpur, Malaysia

Brainlab Australia Pty. Ltd., Suite 1, Building 1, 14 Aquatic Drive, Frenchs Forest, NSW 2086, Australia

Brainlab Ltd. (Seoul Branch), Unit 704, 7th Floor Shinwon Plaza Building, 85 Dokseodang-ro, Yongsan-Gu, Seoul 04419, Republic of Korea

Brainlab Ltd. (Singapore Branch), 73 Upper Paya Lebar Road #04-01, Centro Bianco, Singapore 534818

Bainlab Sales GmbH (Dubai Branch), Dubai Airport Free Zone, Building: 5WB, Office: 151, Dubai, UAE

In some cases, we also use service providers for hardware maintenance, software maintenance and provision of technical services, which may then come into contact with your data.

* Transfer to this recipient will only be made if you have consented thereto.

Your personal information will only be disclosed to affiliates and service partners, provided that they act on our behalf and assist us in providing our services. Processing of your personal data by service providers commissioned by us takes place within the scope of a processing on behalf acc. to Art. 28 GDPR. The aforementioned service providers only have access to personal information required to perform the respective activity. These recipients are prohibited from using personal information for other, in particular for their own advertising purposes. Insofar as external service providers come into contact with personal data, we have ensured through legal, technical and organizational measures as well as through regular inspections that these too comply with the applicable data protection regulations.

There is no transfer of your personal data to third parties for purposes other than those listed. We only share your personal information with third parties if:

  • you have given your explicit consent,

  • the transfer is required to assert, exercise or defend legal claims and there is no reason to believe that you have an overriding legitimate interest in not disclosing your data,

  • in the event that there is a legal obligation to disclose or

  • it is permitted by law and is required for the execution of contractual relationships with you.

13. Transfer of personal data to third countries

In this context, we transfer personal data to the third countries listed above. In order to ensure an adequate level of data protection in these third countries either adequacy decisions of the EU Commission1 or adequate and appropriate guarantees exist in the form of:

  • EU-U.S. Privacy Shield Certification2

  • Standard data protection clauses of the Commission (EU standard contract clauses)6

1Further information on the recognition of safe third countries can be found on the website of the EU-Commission.. 2Present US-US Privacy Shield Certifications can be viewed at https://www.privacyshield.gov/list. The The Implementing Decision (EU) 2016/1250 of the EU Commission of 12 July 2016 recognizes the level of protection of the EU-US Privacy Shield as equivalent to the Union’s level of protection.3 We will provide you with a copy upon request.

14. Duration of Storage

WWe process and store your personal data in as far as necessary for the duration of our business relationship, which includes, for example, the initiation and execution of a contract and the regular limitation period of three years to defend against or assert legal claims.

In addition, we are subject to various storage and documentation obligations arising, inter alia, from the German Commercial Code (HGB) or the Tax Code (AO). The retention periods specified therein are six to ten years. During this time, the processing of the data is limited. The retention obligation begins at the end of the calendar year in which the offer was made or the contract was fulfilled. For example, commercial or tax-relevant accounting documents are kept for ten years and contract and tax-relevant documents for at least six years.

In legal matters supervised by lawyers, the related data are stored for at least six years; for enforcement titles, the retention period can be up to thirty years due to the statute of limitations.

Applicant data will be retained for six months in the event of recruitment or rejection, unless you have explicitly given us your consent to store your data for a longer period. At the end of this period, the data will be anonymised in order to be available for later statistical evaluations.

IP addresses are usually temporarily stored for connection, if we also use them for website optimization or for advertising purposes, they are immediately anonymized and processed only anonymously. The duration of used cookies is limited to 14 months.

15. Rights

You have the right

  • pursuant to Art. 15 GDPR to request information about your personal data processed by us;

  • pursuant to Art. 16 GDPR to demand the rectification of inaccurate or the completion of incomplete personal data stored by us;

  • pursuant to Art. 17 GDPR to demand the deletion of your personal data stored by us;

  • pursuant to Art. 18 GDPR to obtain the restriction of the processing of your personal data

  • pursuant to Art. 20 GDPR to receive your personal data, you have provided to us, in a structured, commonly used and machine-readable format or to request transmission to another controller;

  • pursuant to Art. 21 (i), under certain conditions, to object to the processing of your personal data based on Art. 6 Sec. 1 lit. e GDPR (in the public interest) or pursuant to Art. 6 Sec. 1 lit. f GDPR (for safeguarding a legitimate interest), or (ii) to object to the processing for direct marketing purposes;

  • pursuant to Art. 7 Sec. 3 GDPR to withdraw a consent once given to us at any time. This also applies to the withdrawals of consents that were given to us prior to the entry into force of the General Data Protection Regulation, ie before 25 May 2018. As a result, we will not be allowed to continue the processing based on this consent for the future without affecting the legality of the processing carried out on the basis of the consent until the withdrawal;

  • pursuant to Art. 77 GDPR lodge a complaint with a supervisory authority.

For asserting the statutory data subject rights and for all other questions about data processing, please write to the address of Brainlab AG listed below or send an e-mail to legal@brainlab.com. The exercise of your above rights is free of charge for you.

For US Residents: You authorize Brainlab to communicate with you in response to your submissions on the website and any other communications.

Notice to California Residents: The California Civil Code permits California residents to request that we not share your Personally Identifiable Information with third parties for their direct marketing purposes. If you are a California resident, you may contact legal@brainlab.com to request information regarding whether and how we share personally information with third parties for their direct marketing purposes and/or to request that such information not be shared with third parties for such purposes.

16. Contact details of the controller and the data protection officer

ControllerLegal representativesData protection officer

Brainlab AG

Olof-Palme-Straße 9

81829 Munich

Chairman of the supervisory board:

Dietrich von Buttlar

Board of Directors

Stefan Vilsmeier (CEO)
Rainer Birkenbach
Jan Merker

Rebecca Kirsch

c/o intersoft consulting services AG

Beim Strohhause 17

20097 Hamburg

www.intersoft-consulting.de

17. Changes to the privacy policy

We reserve the right to change or amend this Privacy Policy at any time in accordance with applicable data protection laws.

For inquiries, please contactlegal@brainlab.com.

Additional Policies for US Residents:

Governing Law

If you are a resident of the United States, any dispute between you and Brainlab arising out of or relating to this Privacy Policy, the website or its content shall be governed by, and will be construed in accordance with, the laws of the States of New York, without regard to choice of law principles. You irrevocably agree that the courts located in or for the State of Illinois, Cook County, are the sole and exclusive forum and venue for any dispute, as the most convenient and appropriate to address any disputes, and you agree to submit to the jurisdiction and venue of such courts.

Use and Transfer of Non-Personally Identifiable Information

“Non-Personally Identifiable Information” refers to data stored anonymously in a protocol file, collected by cookies or similar technology, as well as information collected by Google Analytics, AdWords and Brainlab’s display networks, and any other information that does not personally identify the individual to whom the information relates, such as information that is aggregated by Brainlab or a third party, or information that is not linked to personally identifiable information of an individual.

In addition to the uses discussed above, Brainlab may use and share non-Personally Identifiable Information in a variety of ways so long as Brainlab uses such information in its de-identified form. These uses may include, without limitation, uses for website administration; analysis of website trends and how the site is used; improving navigation of the site; analysis of the performance of the website and diagnosis of problems; improving the services we offer; analysis and developing advertisements and advertising campaigns; analysis of website user demographics, interests and preferences.

Brainlab also may use your non-Personally Identifiable Information to present you with targeted content and advertisements (including on third party websites and apps) based on your past visits to the website and your non-Personally Identifiable Information collected over time by us and third parties, optimize and determine the effectiveness of content and advertisements, analyse your interactions with content and advertisements, and how those interactions relate to your visits to the website. Some of our third party partners may participate in the Digital Advertising Alliance’s Self-Regulatory Program for Online Behavioural Advertising and allow consumers the ability to opt-out of targeted advertising based on web activity tracking. For more information regarding the foregoing, please Click here or visit http://www.aboutads.info/choices/. Please note that even if our third party partners participate in this program and you opt-out of targeted advertising based on web activity tracking, you still may receive standard advertisements from us and targeted advertisements from third parties. You may need to re-click the link and follow the instructions provided therein if you delete cookies or similar technology or use a different computer, device or browser.

Children

Brainlab will not knowingly collect, use or disclose any information submitted by children under the age of majority in the jurisdiction where they reside. Parents are encouraged to educate their children about their use of the Internet, and particularly about security issues regarding the disclosure of personally identifiable information to websites.

Links

You may have the opportunity to follow links on the website to other sites that may be of interest to you. Neither Brainlab nor its affiliates are responsible for the privacy practices of any other sites or the content provided thereon. Therefore, the privacy policies with respect to other sites may differ from those applicable to the website. We encourage you to review the privacy policies of each other site.

No Medical Advice

Brainlab is not a healthcare institution or medical facility and neither Brainlab nor the website provides any medical advice. You are solely responsible for all medical decisions, including any diagnosis, use of medical professionals, treatment or treatment plan, made by you as the result of the use of the website or any communications with Brainlab, regardless of any referral or suggestion made by Brainlab.

Changes to this Privacy Policy

Any revisions to this Privacy Policy will be effective immediately upon posting. Any material changes in the manner that we use personally identifiable information will apply only to information collected thereafter, unless we provide notice or have other communications with you, e.g. with a pop-up cookie notification banner. Each time you access, use, or browse the website, provide information to Brainlab online, or click on Brainlab’s digital advertisements on third party websites or applications, you signify your acceptance of the then-current Privacy Policy. If you do not accept this Privacy Policy, you are not authorized to access, use or browse the website, to provide information to Brainlab, or to click on Brainlab’s digital advertisements on third party websites or applications.