Privacy Policy

Privacy Policy

As of January 2022

Table of contents
  1. Identity and contact details of the data controller
  2. Contact details of the data protection officer
  3. General information on data processing
  4. Rights of the data subject
  5. Provision of website and creation of log files
  6. Use of cookies
  7. Newsletter
  8. Contact via Email
  9. Contact form
  10. Application via Email and application form
  11. Corporate web profiles on social networks
  12. Use of corporate profiles in professionally oriented networks
  13. Hosting
  14. Usage of Plugins
    1. Identity and contact details of the data controller

The data controller responsible in accordance with the purposes of the UK General Data Protection Regulation (UK GDPR) and other data protection regulations is:

Wren Healthcare

Discovery Park, Innovation House, Innovation Way

CT13 9FD, Sandwich

United Kingdom

0203 974 6950

info@wrenhealthcare.co.uk

wrenhealthcare.co.uk

    1. Contact details of the data protection officer

The designated data protection officer is:

DataCo International UK Limited

c/o One Peak Partners, 41 Great Pulteney Street 2nd floor

London W1F 9NZ

United Kingdom

+44 20 3318 17 18

www.dataguard.co.uk

    1. General information on data processing

1. Scope of processing personal data

In general, we only process the personal data of our users to the extent necessary to provide a functioning website with our content and services. The regular processing of personal data only takes place with the consent of the user. Exceptions include cases where prior consent cannot be technically obtained and where the processing of the data is permitted by law.

2. Legal basis for data processing

Where consent is appropriate for processing personal data, Art. 6 (1) (1) (a) UK GDPR serves as the legal basis to obtain the consent of the data subject for the processing of their data.

As for the processing of personal data required for the performance of a contract of which the data subject is party, Art. 6 (1) (1) (b) UK GDPR serves as the legal basis. This also applies to processing operations required to carry out pre-contractual activities.

When it is necessary to process personal data in order to fulfil a legal obligation to which our company is subject, Art. 6 (1) (1) (c) UK GDPR serves as the legal basis.

If vital interests of the data subject or another natural person require the processing of personal data, Art. 6 (1) (1) (d) UK GDPR serves as the legal basis.

If the processing of data is necessary to safeguard the legitimate interests of our company or that of a third party, and the fundamental rights and freedoms of the data subject do not outweigh the interest of the former, Art. 6 (1) (1) (f) UK GDPR will serve as the legal basis for the processing of data.

3. Data removal and storage duration

The personal data of the data subject will be erased or restricted as soon as the purpose of its storage has been accomplished. Additional storage may occur if this is provided for by international regulations, laws, or other relevant regulations to which the data controller is subject. Restriction or erasure of the data also takes place when the storage period stipulated by the aforementioned standards expires, unless there is a need to prolong the storage of the data for the purpose of concluding or fulfiling the respective contract.

    1. Rights of the data subject

When your personal data is processed, you are a data subject within the meaning of the UK GDPR and have the following rights:

1. Right to information

You may request the data controller to confirm whether your personal data is processed by them.

If such processing occurs, you can request the following information from the data controller:

      1. The purpose for which the personal data is processed.
      1. The categories of personal data being processed.
      1. The recipients or categories of recipients to whom the personal data have been or will be disclosed.
      1. The planned duration of the storage of your personal data or, if specific information is not available, criteria for determining the duration of storage.
      1. The existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning you or to object to such processing.
      1. The existence of the right to lodge a complaint with a supervisory authority.
      1. Where personal data are not collected from you any available information as to their source.
      1. The existence of automated decision-making including profiling under Article 22 (1) and Article 22 (4) UK GDPR and, in certain cases, meaningful information about the data processing system involved, and the scope and intended result of such processing on the data subject.

You have the right to request information on whether your personal data will be transmitted to a third country or an international organization. In this context, you can then request for the appropriate guarantees in accordance with Art. 46 UK GDPR in connection with the transfer.

2. Right to rectification

You have a right to rectification and/or modification of the data, if your processed personal data is incorrect or incomplete. The data controller must correct the data without delay

3. Right to the restriction of processing

You may request the restriction of the processing of your personal data under the following conditions:

      • If you challenge the accuracy of your personal data for a period that enables the data controller to verify the accuracy of your personal data.
      • The processing is unlawful, and you oppose the erasure of the personal data and instead request the restriction of their use instead.
      • The data controller or its representative no longer need the personal data for the purpose of processing, but you need it to assert, exercise or defend legal claims; or
      • If you have objected to the processing pursuant to Art. 21 (1) UK GDPR and it is not yet certain whether the legitimate interests of the data controller override your interests.

If the processing of personal data concerning you has been restricted, this data may – with the exception of data storage – only be used with your consent or for the purpose of asserting, exercising or defending legal claims or protecting the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.

If the processing has been restricted according to the aforementioned conditions, you will be informed by the data controller before the restriction is lifted.

4. Right to erasure

a) Obligation to erase

If you request from the data controller to delete your personal data without undue delay, they are required to do so immediately if one of the following applies:

      1. Personal data concerning you is no longer necessary for the purposes for which they were collected or processed.
      1. You withdraw your consent on which the processing is based pursuant to Art. 6 (1) (1) (a) and Art. 9 (2) (a) UK GDPR and where there is no other legal basis for processing the data.
      1. According to Art. 21 (1) UK GDPR you object to the processing of the data and there are no longer overriding legitimate grounds for processing, or you object pursuant to Art. 21 (2) UK GDPR.
      1. Your personal data has been processed unlawfully.
      1. The personal data must be deleted to comply with a legal obligation in Union law or Member State law to which the data controller is subject.
      1. Your personal data was collected in relation to information society services offered pursuant to Art. 8 (1) UK GDPR.

b) Information to third parties

If the data controller has made your personal data public and must delete the data pursuant to Art. 17 (1) UK GDPR, they shall take appropriate measures, including technical means, to inform data processors who process the personal data, that a request has been made to delete all links to such personal data or copies or replications of the personal data, taking into account available technology and implementation costs to execute the process.

c) Exceptions

The right to deletion does not exist if the processing is necessary

      1. to exercise the right to freedom of speech and information.
      1. to fulfil a legal obligation required by the law of the Union or Member States to which the data controller is subject, or to perform a task of public interest or in the exercise of public authority delegated to the representative.
      1. for reasons of public interest in the field of public health pursuant to Art. 9 (2) (h) and Art. 9 (2) (i) and Art. 9 (3) UK GDPR.
      1. for archival purposes of public interest, scientific or historical research purposes or for statistical purposes pursuant to Art. 89 (1) UK GDPR, to the extent that the law referred to in subparagraph (a) is likely to render impossible or seriously affect the achievement of the objectives of that processing, or
      1. to enforce, exercise or defend legal claims.

5. Right to information

If you have the right of rectification, erasure or restriction of processing over the data controller, they are obliged to notify all recipients to whom your personal data have been disclosed of the correction or erasure of the data or restriction of processing, unless this proves to be impossible or involves a disproportionate effort.

You reserve the right to be informed about the recipients of your data by the data controller.

6. Right to data portability

You have the right to receive your personal data given to the data controller in a structured and machine-readable format. In addition, you have the right to transfer this data to another person without hindrance by the data controller who was initially given the data, if:

      1. the processing is based on consent in accordance with Art. 6 (1) (1) (a) UK GDPR or Art. 9 (2) (a) UK GDPR or performance of a contract in accordance with Art. 6 (1) (1) (b) UK GDPR and
      1. the processing is done by automated means.

In exercising this right, you also have the right to transmit your personal data directly from one person to another, insofar as this is technically feasible. Freedoms and rights of other persons shall not be affected.

The right to data portability does not apply to the processing of personal data necessary for the performance of a task in the public interest or in the exercise of official authority delegated to the data controller.

7. Right to object

For reasons that arise from your particular situation, you have, at any time, the right to object to the processing of your personal data pursuant to Art. 6 (1) (1) (e) or 6 (1) (1) (f) UK GDPR; this also applies to profiling based on these provisions.

The data controller will no longer process the personal data concerning you unless he can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing is for the purpose of enforcing, exercising or defending legal claims.

If the personal data relating to you are processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data in regard to such advertising; this also applies to profiling associated with direct marketing.

If you object to processing for direct marketing purposes, your personal data will no longer be processed for these purposes.

Regardless of Directive 2002/58/EG, you have the option, in the context of the use of information society services, to exercise your right to object to automated decisions that use technical specifications.

8. Right to withdraw the data protection consent declaration

You have the right to withdraw your consent at any time. The withdrawal of consent does not affect the legality of the processing carried out on the basis of the consent until the withdrawal.

9. Automated decisions on a case-by-case basis, including profiling

You have the right to not be subject to a decision based solely on automated processing – including profiling – that will have a legal effect or substantially affect you in a similar manner. This does not apply if the decision:

      1. is required for the conclusion or execution of a contract between you and the data controller,
      1. is permitted by the Union or Member State legislation to which the data controller is subject, and where such legislation contains appropriate measures to safeguard your rights and freedoms and legitimate interests, or
      1. is based on your eplicit consent.

However, these decisions must not be based on special categories of personal data under Art. 9 (1) UK GDPR, unless Art. 9 (2) (a) or Art. 9 (2) (b) UK GDPR applies and reasonable measures have been taken to protect your rights and freedoms as well as your legitimate interests.

With regard to the cases referred to in (1) and (3), the data controller shall take appropriate measures to uphold your rights and freedoms as well as your legitimate interests, including the right to obtain assistance from the data controller or his representative, to express your opinion on the matter, and to contest the decision.

10. Right to complain to a supervisory authority

Without prejudice to any other administrative or judicial remedy, you shall have the right to complain to a supervisory authority, in the Member State of your residence, or your place of work or place of alleged infringement, if you believe that the processing of the personal data concerning you violates the UK GDPR. If you are located in the United Kingdrom, you shall have the right to complain to the ICO if you are unhappy with how we have used you data and/or believe that the processing of the personal data concerning you violates the applicable law. The ICO´s address: Information Commissioner´s Office Wycliffe House Water Lane Wilmslow Cheshire SK9 5AF Helpline number: 0303 123 1113 ICO website: https://www.ico.org.uk

The supervisory authority to which the complaint has been submitted shall inform the complainant of the status and results of the complaint, including the possibility of a judicial remedy pursuant to Art. 78 UK GDPR.

    1. Provision of website and creation of log files

1. Description and scope of data processing

Each time our website is accessed, our system automatically collects data and relevant information from the computer system of the calling device.

The following data is collected:

      • Browser type and version used
      • The user’s operating system
      • The user’s internet service provider
      • The IP address of the user
      • Date and time of access
      • Web pages from which the user’s system accessed our website
      • Web pages accessed by the user’s system through our website

This data is stored in the log files of our system. This data is not stored together with other personal data of the user.

2. Purpose of data processing

The temporary storage of the IP address by the system is necessary for the delivery of the website to the computer of the user. For this purpose, the user’s IP address must be kept for the duration of the session.

The storage in logfiles is done to ensure the functionality of the website. The data is also used to optimize the website and to ensure the security of our IT systems. An analysis of the data for marketing purposes does not take place.

For the aforementioned purposes, our legitimate interest lies in the processing of data in compliance with Art. 6 (1) 1 (f) UK GDPR.

3. Legal basis for data processing

The legal basis for the temporary storage of data and logfiles is Art. 6 (1) (1) (f) UK GDPR.

4. Duration of storage

The data will be deleted as soon as it is no longer necessary for the purpose of its collection. The session is complete when the collection of data for the provision of the website is accomplished.

If the data is stored in log files, this is the case after seven days at the latest. Storage beyond this is possible. In this case, the IP addresses of the users are deleted or alienated so that an assignment of the calling client is not possible.

5. Objection and removal

The collection of data for the provision of the website as well as the storage of data in log files are essential for the operation of the website. Therefore, the user may not object to the aforementioned processes.

    1. Use of cookies

1. Description and scope of data processing

Our website uses cookies. Cookies are text files that are stored in the internet browser or the internet browser on the user’s computer system. If a user calls up a website, a cookie can be stored on the user’s operating system. These cookies contain a string of characters that allows the browser to be uniquely identified when the website is reopened.

We use cookies to make our website more user-friendly. Some elements of our website require the calling browser to be identified even after a page break.

The following data is stored and transmitted in the cookies:

      • Language settings
      • Log-in information
      • Entered search queries
      • Frequency of page views
      • Use of website functionalities

The user data collected in this manner is pseudonymised by technical measures. It is therefore not possible to assign the data to the user accessing the site. The data is not stored together with other personal data of the users.

2. Purpose of data processing

The purpose of using technical cookies is to simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies. These require that the browser is recognized even after a page change.

We need cookies for the following purposes:

      • Storage of search terms

The user data collected by technical cookies are not used to create user profiles.

3. Legal basis for data processing

The legal basis for the processing of personal data using technical cookies is Art. 6 (1) (1) (f) UK GDPR, legitimate interests.

4. Duration of storage and possibility of objection and removal

Cookies are stored on the user’s device and transmitted to our site by the user. Therefore, you as a user also have full control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing the settings in your Internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it is possible that not all functions of the website can be used to their full extent.

The transmission of Flash cookies cannot be prevented via the browser settings, but by changing the settings of the Flash Player.

If you use the Safari browser version 12.1 or higher, cookies will be automatically deleted after seven days. This also applies to opt-out cookies, which are used to prevent the use of tracking mechanisms.

    1. Newsletter

1. Description and scope of data processing

You can subscribe to a newsletter on our website free of charge. When subscribing for the newsletter, the data from the input mask is transmitted to us.

      • Email address
      • Last name
      • First name
      • Telephone / mobile phone number
      • Address
      • IP address of the user’s device
      • Date and time of registration

No data will be passed on to third parties in connection with data processing for the dispatch of newsletters. The data will be used exclusively for sending the newsletter.

2. Purpose of data processing

The user’s email address is collected to deliver the newsletter to the recipient.

Additional personal data as part of the registration process is collected to prevent misuse of the services or email address.

3. Legal basis for data processing

The legal basis for the processing of data provided by the user after registration for the newsletter is Art. 6 (1) (1) (a) UK GDPR if the user has given his consent.

4. Duration of storage

The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. The user’s email address will therefore be stored as long as the newsletter subscription is active.

The other personal data collected during the registration process is generally deleted after a period of seven days.

5. Objection and removal

The subscription for the newsletter can be cancelled by the data subject at any time. For this purpose, every newsletter contains an opt-out link.

Through this, it is also possible to withdraw the consent to the storage of personal data collected during the registration process.

    1. Contact via Email

1. Description and scope of data processing

You can contact us via the email address provided on our website. In this case the personal data of the user transmitted with the email will be stored.

The data will be used exclusively for the processing of the conversation.

2. Purpose of data processing

If you contact us via email, this also constitutes the necessary legitimate interest in the processing of the data.

3. Legal basis for data processing

If the user has given consent, the legal basis for processing the data is Art. 6 (1)(a) UK GDPR.

The legal basis for the processing of data transmitted while sending an email is Art. 6 (1) (1) (f) UK GDPR. If the purpose of the email contact is to conclude a contract, the additional legal basis for the processing is Art. 6 (1) (b) UK GDPR.

4. Duration of storage

The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. For personal data sent by email, this is the case when the respective conversation with the user has ended. The conversation ends when it can be concluded from the circumstances that the matter in question has been conclusively resolved.

The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.

5. Objection and removal

The user has the possibility to withdraw consent to the processing of their personal data at any time. If the user contacts us by email, he can object to the storage of his personal data at any time.

by emailing info@wrenhealthcare.co.uk

In this case, all personal data stored while establishing contact will be deleted.

    1. Contact form

1. Description and scope of data processing

A Contact form is available on our website, which can be used for electronic contact. If a user makes use of this option, the data entered in the input mask will be transmitted to us and stored.

When sending the message the following data will also be stored:

      • Email address
      • Last name
      • First name
      • Address
      • Telephone / mobile phone number
      • IP address of the user’s device
      • Date and time of contact

As part of the sending process, your consent will be obtained for the processing of your data and reference will be made to this privacy policy.

Alternatively, you can contact us via the email address provided. In this case the personal data of the user transmitted with the email will be stored.

The data will be used exclusively for the processing of the conversation.

2. Purpose of data processing

The processing of the personal data from the input mask serves us exclusively for the purpose of establishing contact. If you contact us by email, this also constitutes our necessary legitimate interest in the processing of the data.

The other personal data processed during the sending process serve to prevent misuse of the Contact form and to ensure the security of our information technology systems.

3. Legal basis for data processing

The legal basis for the processing of the data is Art. 6 (1) (1) (a) UK GDPR if the user has given his consent.

The legal basis for the processing of data transmitted while sending an email is Art. 6 (1) (1) (f) UK GDPR. If the purpose of the email contact is to conclude a contract, the additional legal basis for the processing is Art. 6 (1) (1) (b) UK GDPR.

4. Duration of storage

The data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected. For the personal data from the input mask of the Contact form and those sent by email, this is the case when the respective conversation with the user has ended. The conversation ends when it can be inferred from the circumstances that the facts in question have been conclusively clarified.

The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.

5. Objection and removal

The user has the possibility to withdraw the consent to the processing of their personal data at any time. If the user contacts us by email, he can object to the storage of his personal data at any time.

by emailing info@wrenhealthcare.co.uk

In this case, all personal data stored while establishing contact will be deleted.

    1. Application via Email and application form

1. Scope of processing personal data

There is a form on our website which can be used for electronic job applications. If an applicant makes use of this possibility, the data entered in the input mask will be transmitted to us and stored. The data is:

      • First name
      • Last name
      • Address
      • Telephone / mobile phone number
      • Email address
      • Salary expectations
      • Information on education and training
      • Language skills
      • Curriculum vitae
      • Certificates

Your consent will be obtained for the processing of your data as part of the sending process and reference will be made to this privacy policy.

Alternatively, you can send us your application by email. In this case, we collect your email address and the information you provide in the email.

After sending your application, you will receive confirmation of receipt of your application documents from us by email.

Your data will not be passed on to third parties. The data will be used exclusively for processing your application.

2. Purpose of data processing

The processing of personal data from the application form serves us solely to process your application. If you contact us by email, this also constitutes the necessary legitimate interest in the processing of the data.

The other personal data processed during the sending process serve to prevent misuse of the application form and to ensure the security of our information technology systems.

3. Legal basis for data processing

The legal basis for the processing of the data is the initiation of the contractual relationship at the request of the data subject, Art. 6 (1) (1) (b) Alt. 1 UK GDPR.

4. Duration of storage

After completion of the application procedure, the data will be stored for up to six months. Your data will be deleted after six months at the latest. In the event of a legal obligation, the data will be stored within the framework of the applicable provisions.

The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.

5. Objection and removal

The applicant has the possibility to object to the processing of personal data at any time. If the applicant contacts us by email, he can object to the storage of his personal data at any time. In such a case, your application will no longer be considered.

by emailing careers@wrenhealthcare.co.uk

All personal data stored during electronic job applications will be deleted in this case.

    1. Corporate web profiles on social networks

Use of corporate profiles on social networks

Instagram:

Instagram, Part of Facebook Ireland Ltd., 4 Grand Canal Square Grand Canal Harbour, Dublin 2 Ireland

 

    1. On our company profile we provide information and offer Instagram users the possibility of communication. If you carry out an action on our Instagram company profile (e.g. comments, contributions, likes etc.), you may make personal data (e.g. clear name or photo of your user profile) public. However, as we generally or to a large extent have no influence on the processing of your personal data by Instagram, we cannot make any binding statements regarding the purpose and scope of the processing of your data.

Our corporate profile in social networks is used for communication and information exchange with (potential) customers. We use the company’s profile for:

services, recruitment and marketing

Publications on the company profile can contain the following content:

      • Information about services
      • Advertisement
      • Customer contact
      • recruitment

Every user is free to publish personal data.

The legal basis for data processing is Art. 6 (1) (1) (a) UK GDPR.

 

    1. We store your activities and personal data published on our Instagram corporate profile until you withdraw your consent. Furthermore, we comply with the statutory retention periods.

 

    1. We process data from our corporate web profile in our own systems as well. The data is stored there for the following period: 1 year.

 

    1. You can object at any time to the processing of your personal data that we collect within the framework of your use of our Instagram corporate web profile and assert your rights as a data subject mentioned under IV. of this privacy policy. Please send us an informal email to info@wrenhealthcare.co.uk. For further information on the processing of your personal data by Instagram and the corresponding objection options, please click here:

Instagram: https://help.instagram.com/519522125107875

Twitter:

Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, Ireland

 

    1. On our company profile we provide information and offer Instagram users the possibility of communication. If you carry out an action on our Instagram company profile (e.g. comments, contributions, likes etc.), you may make personal data (e.g. clear name or photo of your user profile) public. However, as we generally or to a large extent have no influence on the processing of your personal data by Instagram, we cannot make any binding statements regarding the purpose and scope of the processing of your data.

Our corporate profile in social networks is used for communication and information exchange with (potential) customers. We use the company’s profile for:

services, recruitment and marketing

Publications on the company profile can contain the following content:

      • Information about services
      • Advertisement
      • Customer contact
      • recruitment

Every user is free to publish personal data.

The legal basis for data processing is Art. 6 (1) (1) (a) UK GDPR.

 

    1. We store your activities and personal data published on our Twitter corporate profile until you withdraw your consent. Furthermore, we comply with the statutory retention periods.

 

    1. We process data from our corporate web profile in our own systems as well. The data is stored there for the following period: 1 year.

 

    1. You can object at any time to the processing of your personal data that we collect within the framework of your use of our Twitter corporate web profile and assert your rights as a data subject mentioned under IV. of this privacy policy. Please send us an informal email to info@wrenhealthcare.co.uk. For further information on the processing of your personal data by Twitter and the corresponding objection options, please click here:

Twitter: https://twitter.com/de/privacy

YouTube:

YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, United States

 

    1. On our company profile we provide information and offer Instagram users the possibility of communication. If you carry out an action on our Instagram company profile (e.g. comments, contributions, likes etc.), you may make personal data (e.g. clear name or photo of your user profile) public. However, as we generally or to a large extent have no influence on the processing of your personal data by Instagram, we cannot make any binding statements regarding the purpose and scope of the processing of your data.

Our corporate profile in social networks is used for communication and information exchange with (potential) customers. We use the company’s profile for:

services, recruitment and marketing

Publications on the company profile can contain the following content:

      • Information about services
      • Advertisement
      • Customer contact
      • recruitment

Every user is free to publish personal data.

The legal basis for data processing is Art. 6 (1) (1) (a) UK GDPR.

 

    1. We store your activities and personal data published on our YouTube corporate profile until you withdraw your consent. Furthermore, we comply with the statutory retention periods.

 

    1. We process data from our corporate web profile in our own systems as well. The data is stored there for the following period: 1 year.

 

    1. You can object at any time to the processing of your personal data that we collect within the framework of your use of our YouTube corporate web profile and assert your rights as a data subject mentioned under IV. of this privacy policy. Please send us an informal email to info@wrenhealthcare.co.uk. For further information on the processing of your personal data by YouTube and the corresponding objection options, please click here:

YouTube: https://policies.google.com/privacy?gl=DE&hl=en

    1. Use of corporate profiles in professionally oriented networks

1. Scope of data processing

We use corporate profiles on professionally oriented networks. We maintain a corporate presence on the following professionally oriented networks:

LinkedIn:

LinkedIn, Unlimited Company Wilton Place, Dublin 2, Ireland

On our site we provide information and offer users the possibility of communication.

The corporate profile is used for job applications, information, public relations, and active sourcing.

We do not have any information on the processing of your personal data by the companies jointly responsible for the corporate profile. Further information can be found in the privacy policy of:

LinkedIn:

https://www.linkedin.com/legal/privacy-policy

If you carry out an action on our company profile (e.g. comments, contributions, likes etc.), you may make personal data (e.g. clear name or photo of your user profile) public.

2. Legal basis for data processing

The legal basis for the processing of your data in connection with the use of our corporate web profile is Art. 6 (1) (1) (f) UK GDPR.

3. Purpose of the data processing

Our corporate web profile serves to inform users about our services. Every user is free to publish personal data.

4. Duration of storage

We store your activities and personal data published via our corporate web profile until you withdraw your consent. In addition, we comply with the statutory retention periods.

5. Objection and removal

You can object at any time to the processing of your personal data which we collect within the scope of your use of our corporate web profile and assert your rights as a data subject mentioned under IV. of this privacy policy. Please send us an informal email to the email address stated in this privacy policy.

You can find further information on objection and removal options here:

LinkedIn:

https://www.linkedin.com/legal/privacy-policy

    1. Hosting

The website is hosted on servers of a service provider commissioned by us.

Our service provider is:

WordPress.com

The servers automatically collect and store information in so-called server log files, which your browser automatically transmits when you visit the website. The stored information is:

      • Browser type and version
      • Used operating system
      • Referrer URL
      • Hostname of the accessing computer
      • Time and date of the server request
      • IP address of the user’s device

This data will not be merged with other data sources. The data is collected on the basis of Art. 6 (1) (1) (f) UK GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of his website – and server log files are therefore recorded.

The server of the website is geographically located in the United States of America.

      • Email address
      • Last name
      • First name
      • Address
      • Telephone / mobile phone number
      • IP address of the user’s device
      • Date and time of registration

Registration of the user is required for the provision of certain content and services on our website.

for appointment bookings and service provision, marketing and analytics purposes.

This is the case for the data collected during the registration process if the registration is cancelled or modified on our website.

CloudFlare

1. Description and scope of data processing

On our website we use functions of the content delivery network CloudFlare of CloudFlare Germany GmbH, Rosental 7, 80331 Munich, Germany (Hereinafter referred to as CloudFlare). A Content Delivery Network (CDN) is a network of regionally distributed servers connected via the Internet to deliver content, especially large media files such as videos. CloudFlare offers web optimization and security services that we use to improve the load times of our website and to protect it from misuse. When you visit our website you will be connected to the servers of CloudFlare, e.g. to retrieve content. This allows personal data to be stored and evaluated in server log files, the user’s activity (e.g. which pages have been visited) and device and browser information (e.g. IP address and operating system). Further information on the collection and storage of data by CloudFlare can be found here: https://www.cloudflare.com/en-gb/privacypolicy/

2. Purpose of data processing

The use of CloudFlare’s features serves to deliver and accelerate online applications and content.

3. Legal basis for data processing

The data is collected on the basis of Art. 6 (1) (1) (f) UK GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of his website -and the server log files are therefore recorded.

4. Duration of storage

Your personal information will be retained for as long as necessary to fulfil the purposes described in this Privacy Policy or as required by law.

5. Objection and removal

Information about objection and removal options regarding CloudFlare can be found at:
https://www.cloudflare.com/en-gb/privacypolicy/

    1. Usage of Plugins

We use plugins for various purposes. The plugins used are listed below:

Use of Facebook pixel

1. Scope of processing of personal data

We use the Facebook pixels of Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA and their representatives in Union Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal H , D2 Dublin, Ireland (Hereinafter referred to as Facebook) on our online presence. It allows us to track the actions of users after they have seen or clicked on a Facebook ad. This allows personal data to be stored and evaluated, in particular the user’s activity (in particular which pages have been visited and which elements have been clicked on), device and browser information (in particular the IP address and the operating system), data on the advertisements displayed (in particular which advertisements have been displayed and whether the user has clicked on them) and also data on advertising partners (in particular pseudonymised user IDs). This allows us to measure the effectiveness of Facebook advertisements for statistical and market research purposes.
The data collected in this way is anonymous for us, i.e. we do not see the personal data of individual users. However, this data is stored and processed by Facebook. Facebook may link this information to your Facebook account and may also use it for its own promotional purposes in accordance with Facebook’s Data Usage Policy.\For more information about how Facebook collects and stores this information, please visit:
https://en-gb.facebook.com/policy.php

2. Purpose of data processing

The use of the Facebook pixel serves the analysis and optimization of advertising measures.

3. Legal basis for the processing of personal data

The legal basis for the processing of personal data is the user’s given consent in accordance with Art. 6 (1) (1) (a) UK GDPR.

4. Duration of storage

Your personal information will be stored for as long as is necessary to fulfill the purposes described in this Privacy Policy or as required by law, e.g. for tax and accounting purposes.

5. Possibility of revocation of consent and removal

You have the right to revoke your declaration of consent under data protection law at any time. The revocation of the consent does not affect the lawfulness of the processing carried out on the basis of the consent up to the revocation.
You can prevent Facebook from collecting and processing your personal information by preventing the storage of third-party cookies on your computer, by using the “Do Not Track” feature of a supporting browser, by disabling the execution of script code in your browser, or by installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.\You can find more information about objection and removal options for Facebook at:
https://en-gb.facebook.com/policy.php

Use of Google AdWords

1. Scope of processing of personal data

We use Google AdWords of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and its representative in the Union Google Ireland Ltd., Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (Hereinafter referred to as Google). With this service we place advertisements. Google places a cookie on your computer. This allows personal data to be stored and evaluated, in particular the user’s activity (in particular which pages have been visited and which elements have been clicked on), device and browser information (in particular the IP address and operating system), data about the advertisements displayed (in particular which advertisements have been displayed and whether the user has clicked on them) and also data from advertising partners (in particular pseudonymised user IDs).
Further information on the collection and storage of data by Google can be found here:
https://policies.google.com/privacy?hl=en-GB

2. Purpose of data processing

We only obtain knowledge of the total number of users who have responded to our advertisement. We will not share any information that could be used to identify you. The use does not serve the traceability.

3. Legal basis for the processing of personal data

The legal basis for the processing of personal data is the user’s given consent in accordance with Art. 6 (1) (1) (a) UK GDPR.

4. Duration of storage

Your personal information will be stored for as long as is necessary to fulfill the purposes described in this Privacy Policy or as required by law, e.g. for tax and accounting purposes.

5. Possibility of revocation of consent and removal

You have the right to revoke your declaration of consent under data protection law at any time. The revocation of the consent does not affect the lawfulness of the processing carried out on the basis of the consent up to the revocation.
You can prevent the collection and processing of your personal data by Google by preventing the storage of cookies from third parties on your computer, by using the “Do Not Track” function of a supporting browser, by deactivating the execution of script code in your browser or by using a script blocker such as a browser browser browser.B. Install NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
With the following link you can deactivate the use of your personal data by Google:
https://adssettings.google.com
Further information on objection and removal options against Google can be found at:\https://policies.google.com/privacy?gln=EN&hl=en

Use of Google Analytics

1. Scope of processing of personal data

We use Google Analytics, a web analysis service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and its representative in the Union Google Ireland Ltd., Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (Hereinafter referred to as Google). Google Analytics examines, among other things, the origin of visitors, their length of stay on individual pages and the use of search engines, thus allowing better monitoring of the success of advertising campaigns. Google places a cookie on your computer. This allows personal data to be stored and evaluated, in particular the user’s activity (in particular which pages have been visited and which elements have been clicked on), device and browser information (in particular the IP address and the operating system), data on the advertisements displayed (in particular which advertisements have been displayed and whether the user has clicked on them) and also data on advertising partners (in particular pseudonymised user IDs). The information generated by the cookie about your use of this website will be transmitted to and stored by Google on servers in the United States. However, if IP anonymization is enabled on this online presence, Google will previously truncate your IP address within member states of the European Union or other signatory states to the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there.
On behalf of the operator of this online presence, Google will use this information to evaluate your use of the online presence, to compile reports on the activities of the online presence and to provide further services associated with the use of the online presence and the Internet use to the operator of the online presence. The IP address transmitted by your browser as part of Google Analytics is not combined with other data from Google. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of our website.\Further information on the collection and storage of data by Google can be found here:
https://policies.google.com/privacy?hl=en-GB

2. Purpose of data processing

The purpose of processing personal data is to specifically address a target group that has already expressed an initial interest by visiting the site.

3. Legal basis for the processing of personal data

The legal basis for the processing of personal data is the user’s given consent in accordance with Art. 6 (1) (1) (a) UK GDPR.

4. Duration of storage

Your personal information will be stored for as long as is necessary to fulfill the purposes described in this Privacy Policy or as required by law. Advertising data in server logs is anonymized by Google’s own statements to delete parts of the IP address and cookie information after 9 and 18 months respectively.

5. Possibility of revocation of consent and removal

You have the right to revoke your declaration of consent under data protection law at any time. The revocation of the consent does not affect the lawfulness of the processing carried out on the basis of the consent up to the revocation.
You may prevent the collection and processing of your personal data by Google by preventing the storage of cookies by third parties on your computer, by using the “Do Not Track” function of a supporting browser, by deactivating the execution of script code in your browser or by installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser. your IP address) to Google and to prevent the processing of this data by Google by downloading and installing the browser plug-in available under the following link:
https://tools.google.com/dlpage/gaoptout?hl=en
With the following link you can deactivate the use of your personal data by Google:
https://adssettings.google.com\Further information on objection and removal options against Google can be found at:
https://policies.google.com/privacy?gl=EN&hl=en

Use of Google Maps

1. Scope of processing of personal data

We use the online map service Google Maps of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and the representative in the Union Google Ireland Ltd., Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (Hereinafter referred to as Google). We use the Google Maps plugin to visually display geographical data and embed it on our online presence. Through the use of Google Maps on our online presence, information about the use of our online presence, your IP address and addresses entered with the route plan function are transmitted to a Google server and stored there.
Further information on the collection and storage of data by Google can be found here:
https://policies.google.com/privacy?hl=en-GB

2. Purpose of data processing

The use of the Google Maps plug-in serves to improve user friendliness and an appealing presentation of our online presence.

3. Legal basis for the processing of personal data

The legal basis for the processing of personal data is the user’s given consent in accordance with Art. 6 (1) (1) (a) UK GDPR.

4. Duration of storage

Your personal information will be stored for as long as is necessary to fulfill the purposes described in this Privacy Policy or as required by law.

5. Possibility of revocation of consent and removal

You have the right to revoke your declaration of consent under data protection law at any time. The revocation of the consent does not affect the lawfulness of the processing carried out on the basis of the consent up to the revocation.
You can prevent the collection and processing of your personal data by Google by preventing the storage of cookies from third parties on your computer, by using the “Do Not Track” function of a supporting browser, by deactivating the execution of script code in your browser or by using a script blocker such as a browser browser browser.B. Install NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
With the following link you can deactivate the use of your personal data by Google:
https://adssettings.google.com
Further information on objection and removal options against Google can be found at:
https://policies.google.com/privacy?hl=en-GB

Use of Google ReCaptcha

1. Scope of processing of personal data

We use Google ReCaptcha of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and the representative in the Union Google Ireland Ltd., Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland. The purpose of this tool is to verify that a data entry is compliant and has not been performed by a bot by analyzing and authenticating the behavior of an online presence visitor with respect to various characteristics. This allows personal data to be stored and evaluated, in particular the user’s activity (in particular mouse movements and which elements were clicked on) and device and browser information (in particular time, IP address and operating system).
The data will not be associated with any data that may be collected or used in connection with the parallel use of authenticated Google services such as Gmail.
For more information about the collection and storage of data by Google, please visit:
https://policies.google.com/privacy?hl=en-GB

2. Purpose of data processing

The use of Google ReCaptcha serves to protect our online presence from misuse.

3. Legal basis for the processing of personal data

The legal basis for the processing of personal data is the user’s given consent in accordance with Art. 6 (1) (1) (a) UK GDPR.

4. Duration of storage

Your personal information will be stored for as long as is necessary to fulfill the purposes described in this Privacy Policy or as required by law, e.g. for tax and accounting purposes.

5. Possibility of revocation of consent and removal

You have the right to revoke your declaration of consent under data protection law at any time. The revocation of the consent does not affect the lawfulness of the processing carried out on the basis of the consent up to the revocation.
You can prevent the collection and processing of your personal data by Google by preventing the storage of cookies from third parties on your computer, by using the “Do Not Track” function of a supporting browser, by deactivating the execution of script code in your browser or by using a script blocker such as a browser browser browser.B. Install NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
With the following link you can deactivate the use of your personal data by Google:
https://adssettings.google.com
Further information on objection and removal options against Google can be found at:
https://policies.google.com/privacy?hl=en-GB

Use of Google Webfonts

1. Scope of processing of personal data

We use Google web fonts of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and its representative in the Union Google Ireland Ltd., Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (Hereinafter referred to as Google). The web fonts are transferred to the browser’s cache when the page is called up in order to be able to use them for the visually improved display of various information. If the browser does not support Google Web Fonts or does not allow access, the text will be displayed in a default font. When the page is accessed, no cookies are stored for the online presence visitor. Data transmitted in connection with the page view is sent to resource-specific domains such as https://fonts.googleapis.com or https://fonts.gstatic.com. It may be used to store and analyse personal data, in particular user activity (in particular which pages have been visited and which elements have been clicked on) and device and browser information (in particular IP address and operating system).
The data will not be associated with any data that may be collected or used in connection with the parallel use of authenticated Google services such as Gmail.
For more information about the collection and storage of data by Google, please visit:
https://policies.google.com/privacy?hl=en-GB

2. Purpose of data processing

The use of Google Webfonts serves an appealing representation of our texts. If your browser does not support this feature, a standard font will be used by your computer to display it.

3. Legal basis for the processing of personal data

The legal basis for the processing of personal data is the user’s given consent in accordance with Art. 6 (1) (1) (a) UK GDPR.

4. Duration of storage

Your personal information will be stored for as long as is necessary to fulfill the purposes described in this Privacy Policy or as required by law, e.g. for tax and accounting purposes.

5. Possibility of revocation of consent and removal

You have the right to revoke your declaration of consent under data protection law at any time. The revocation of the consent does not affect the lawfulness of the processing carried out on the basis of the consent up to the revocation.
You can prevent the collection and processing of your personal data by Google by preventing the storage of cookies from third parties on your computer, by using the “Do Not Track” function of a supporting browser, by deactivating the execution of script code in your browser or by using a script blocker such as a browser browser browser.B. Install NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
With the following link you can deactivate the use of your personal data by Google:
https://adssettings.google.com
Further information on objection and removal options against Google can be found at: https://policies.google.com/privacy?hl=en-GB

Use of HubSpot

1. Scope of processing of personal data

We use functions of HubSpot Inc., 2nd Floor, 25 First Street, Cambridge, MA 02141, USA (Hereinafter referred to as HubSpot). This is an integrated software solution that covers various aspects of our online marketing. These include, among other things: Email marketing (newsletters and automated mailings, e.g. to provide downloads), social media publishing & reporting, reporting (especially traffic sources, access, etc. …), contact management (especially user segmentation & CRM), landing pages and contact forms. HubSpot sets a cookie on your computer. This allows personal data to be stored and evaluated, in particular the user’s activity (in particular which pages have been visited and which elements have been clicked on), device and browser information (in particular the IP address and the operating system), data on the advertisements displayed (in particular which advertisements have been displayed and whether the user has clicked on them) and also data on advertising partners (in particular pseudonymised user IDs).
Further information on the collection and storage of data by HubSpot can be found at:
https://legal.hubspot.com/privacy-policy

2. Purpose of data processing

The use of the HubSpot Plug-In serves exclusively for the optimization of our marketing.

3. Legal basis for the processing of personal data

The legal basis for the processing of personal data is the user’s given consent in accordance with Art. 6 (1) (1) (a) UK GDPR.

4. Duration of storage

Your personal information will be stored for as long as is necessary to fulfill the purposes described in this Privacy Policy or as required by law, e.g. for tax and accounting purposes.

5. Possibility of revocation of consent and removal

You have the right to revoke your declaration of consent under data protection law at any time. The revocation of the consent does not affect the lawfulness of the processing carried out on the basis of the consent up to the revocation.
You can prevent HubSpot from collecting and processing your personal data by preventing the storage of cookies from third parties on your computer, by using the “Do Not Track” function of a supporting browser, by deactivating the execution of script code in your browser or by installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.

You can find further information on objection and removal options against HubSpot at:
https://legal.hubspot.com/privacy-policy
You can also find further information on objection and removal options against HubSpot at:
https://legal.hubspot.com/privacy-policy

Use of YouTube

1. Scope of processing of personal data

We use the plugin operated by Google from YouTube, YouTube LLC, 901 Cherry Ave, San Bruno, CA 94066, USA and their representatives in the Union Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (Hereinafter referred to as Google). We use the plugin from YouTube to embed videos from YouTube on our online presence. When you visit our website, your browser connects to YouTube’s servers. It may be used to store and analyse personal data, in particular user activity (in particular which pages have been visited and which elements have been clicked on) and device and browser information (in particular IP address and operating system).
We have no influence on the content of the plug-in. If you are logged into your YouTube account during your visit, YouTube can assign your online presence visit to this account. By interacting with this plug-in, this corresponding information is transmitted directly to YouTube and stored there. \Further information on the collection and storage of data by Google can be found here:
https://policies.google.com/privacy?hl=en-GB

2. Purpose of data processing

The use of the YouTube PlugIn serves the improvement of the user friendliness and an appealing representation of our on-line operational readiness level.

3. Legal basis for the processing of personal data

The legal basis for the processing of personal data is the user’s given consent in accordance with Art. 6 (1) (1) (a) UK GDPR.

4. Duration of storage

Your personal information will be stored for as long as is necessary to fulfill the purposes described in this Privacy Policy or as required by law, e.g. for tax and accounting purposes.

5. Possibility of revocation of consent and removal

You have the right to revoke your declaration of consent under data protection law at any time. The revocation of the consent does not affect the lawfulness of the processing carried out on the basis of the consent up to the revocation.
You can prevent the collection and processing of your personal data by Google by preventing the storage of cookies from third parties on your computer, by using the “Do Not Track” function of a supporting browser, by deactivating the execution of script code in your browser or by using a script blocker such as a browser browser browser.B. Install NoScript (https://noscript.net/) or Ghostery (www.ghostery.com=EN&hl=e) in your browser.
With the following link you can deactivate the use of your personal data by Google:
https://adssettings.google.com
Further information on objection and removal options against Google can be found at:
nhttps://policies.google.com/privacy?hl=en-GB

Use of Font Awesome

1. Scope of processing of personal data

We use fonts from Font Awesome, a service of Fonticons, Inc., 6 Porter Road, Apartment 3R, Cambridge, MA 02140, USA (Hereinafter referred to as Font Awesome). The fonts are transferred to the browser’s cache when the page is called up in order to be able to use them for the visually improved display of various information. Personal data may be stored, transmitted and evaluated, in particular device and browser information (in particular the IP address and operating system).
If the browser does not support or prevent access to Font Awesome, the text will be displayed in a standard font.
When you visit the site, Font Awesome will not accept cookies
For further information on the collection and storage of data by Font Awesome, please visit:
https://origin.fontawesome.com/privacy

2. Purpose of data processing

The use of Google Webfonts serves an appealing representation of our texts.

3. Legal basis for the processing of personal data

The legal basis for the processing of personal data is the user’s given consent in accordance with Art. 6 (1) (1) (a) UK GDPR.

4. Duration of storage

Your personal information will be stored for as long as is necessary to fulfill the purposes described in this Privacy Policy or as required by law.

5. Possibility of revocation of consent and removal

You have the right to revoke your declaration of consent under data protection law at any time. The revocation of the consent does not affect the lawfulness of the processing carried out on the basis of the consent up to the revocation.
You can prevent Font Awesome from collecting and processing your personal data by preventing the storage of third-party cookies on your computer, by using the “Do Not Track” function of a supporting browser, by deactivating the execution of script code in your browser, or by using a script blocker such as Font Awesome’s “Do Not Track” function.B. Install NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.\For more information on how Font Awesome can be challenged visit:
https://origin.fontawesome.com/privacy

Use of Google Tag Manager

1. Scope of processing of personal data

We use the Google Tag Manager (https://www.google.com/intl/de/tagmanager/) of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and its representative in the Union Google Ireland Ltd., Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (Hereinafter referred to as Google). With Google Tag Manager, tags from Google and third-party services can be managed and bundled and embedded on an online presence. Tags are small code elements on an online presence that are used, among other things, to measure visitor numbers and behavior, capture the impact of online advertising and social channels, use remarketing and targeting, and test and optimize online presences. When a user visits the online presence, the current tag configuration is sent to the user’s browser. It contains statements about which tags are to be triggered. Google Tag Manager triggers other tags that may themselves collect data. You will find information on this in the passages on the use of the corresponding services in this data protection declaration. Google Tag Manager does not access this data.
For more information about the Google Tag Manager, please visit https://www.google.com/intl/de/tagmanager/faq.html and see Google’s privacy policy: https://policies.google.com/privacy?hl=en

2. Purpose of data processing

The purpose of the processing of personal data lies in the collected and clear administration as well as an efficient integration of the services of third parties.

3. Legal basis for the processing of personal data

The legal basis for the processing of personal data is the user’s given consent in accordance with Art. 6 (1) (1) (a) UK GDPR.

4. Duration of storage

Your personal information will be stored for as long as is necessary to fulfill the purposes described in this Privacy Policy or as required by law. Advertising data in server logs is anonymized by Google’s own statements to delete parts of the IP address and cookie information after 9 and 18 months respectively.

5. Possibility of revocation of consent and removal

You have the right to revoke your declaration of consent under data protection law at any time. The revocation of the consent does not affect the lawfulness of the processing carried out on the basis of the consent up to the revocation.
You may prevent the collection and processing of your personal data by Google by preventing the storage of cookies by third parties on your computer, by using the “Do Not Track” function of a supporting browser, by deactivating the execution of script code in your browser or by installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser. your IP address) to Google and to prevent the processing of this data by Google by downloading and installing the browser plug-in available under the following link:
https://tools.google.com/dlpage/gaoptout?hl=en
With the following link you can deactivate the use of your personal data by Google:
https://adssettings.google.de\Further information on objection and removal options against Google can be found at:
https://policies.google.com/privacy?gl=EN&hl=en

Use of Facebook Retargeting

1. Scope of processing of personal data

We use functionalities of the advertising plugin Facebook Retargeting of Facebook Ireland Limited, 4 Grand Canal Square, Dublin Dublin 2, Ireland (hereinafter referred to as Facebook).
Facebook Retargeting is used to run advertising campaigns and to interact with them. Facebook Retargeting reminds users about products they have searched for or viewed but not purchased. In the process, cookies from Facebook are stored on your device.
In particular, the following personal data is processed by Facebook:
– Information about user activities
– Accessed website
– Which products have been displayed
– Which ads have been clicked
– Device information, especially device type, IP address
– Facebook account of users if they are logged in to Facebook
Data is processed on servers of Facebook Inc, Facebook, Inc, 1601 Willow Road, Menlo Park, California 94025 in the USA.
Further information on the collection and storage of data by Facebook Retargeting can be found at:
https://www.facebook.com/privacy/explanation

2. Purpose of data processing

The use of Facebook Retargeting allows us to run advertisements on various platforms and to analyze the interaction of users with these advertisements. In this way, we aim to provide users with personalized and therefore more relevant advertisements.

3. Legal basis for the processing of personal data

The legal basis for the processing of personal data is the user’s given consent in accordance with Art. 6 (1) (1) (a) UK GDPR.

4. Duration of storage

Your personal information will be stored for as long as is necessary to fulfill the purposes described in this Privacy Policy or as required by law, e.g. for tax and accounting purposes.

5. Possibility of revocation of consent and removal

You have the right to revoke your declaration of consent under data protection law at any time. The revocation of the consent does not affect the lawfulness of the processing carried out on the basis of the consent up to the revocation.
You can prevent Facebook Retargeting from collecting and processing your personal data by blocking the storage of third-party cookies on your computer, by using the “Do Not Track” feature of a supporting browser, by deactivating the execution of script code in your browser, or by installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
The deactivation of personalized advertisements for Facebook users is possible for logged-in users here:
https://www.facebook.com/settings/?tab=ads
For further information on objection and removal options against Facebook Retargeting, please visit:
https://www.facebook.com/privacy/explanation

This privacy policy has been created with the assistance of DataGuard.

Who we are and what we do

Wren Healthcare respects your privacy and is committed to protecting your personal data. This privacy policy will inform you as to how we look after your personal data and sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Your visit to http://www.Wren Healthcare.com and our mobile app is collectively referred to as the “Site” and is subject to the terms set out in this privacy policy. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

Wren Healthcare Limited (trading as “Wren Healthcare”) is the data controller and responsible for your personal data (collectively referred to as “Wren Healthcare”, “we”, “us” or “our” in this privacy policy). We have appointed a data protection officer (DPO) who is responsible for overseeing questions in relation to this privacy policy. If you have any questions about this privacy policy, including any requests to exercise your legal rights, please email info@wrenhealthcare.co.uk or write to Innovation House, Innovation Way, Sandwich, Kent CT13 9FD.

Information we may collect from you

Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data). When you visit our Site or correspond with us by phone, e-mail or otherwise you may give us information that would be classed as personal data about you and others you are acting on behalf of. We may collect, use, store and transfer different kinds of personal data about you when you do so which we have grouped together follows:

Identity Data which includes your first name, last name, username or similar identifier, marital status, title, date of birth and gender. If you are booking a test for the ‘Test to Release’ scheme, we will collect and store your passport number in line with the UK government’s requirements of data collection for this scheme.

Contact Data which includes your address, email address and telephone numbers.

Demographic Data which includes your postcode, preferences and interests.

Health Data which includes information about your health including your medical history and/or current health status including but not limited to data regarding test results, diagnoses and medications.

Financial Data which includes your bank account and payment card details.

Transaction Data which includes details about payments to and from you and other details of products and services you have purchased from us.

Technical Data which includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this Site.

Profile Data which includes your username and password, requests for products and services made by you and feedback responses.

Usage Data which includes information about how you use our Site and services.

Marketing and Communications Data which includes your preferences in receiving marketing from us and our third parties and your communication preferences.

We also collect, use and share aggregated data such as statistical or demographic data for any purpose aggregated data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your usage data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect aggregated data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy policy.

Keeping your data secure

We know that data security is important to you and it is therefore important to us. We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions in accordance with this policy and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so. Our Site is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible.

Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.

How we will collect your data

We use different methods to collect data from and about you including through:

Direct interactions. You may give us any of the categories of data identified above by filling in forms on our site or by corresponding with us by phone, e-mail or otherwise. This includes personal data you provide when you:

  • register to use our Site;
  • make a request for our products or services;
  • request marketing communications to be sent to you;
  • give us some feedback.
 

Automated technologies or interactions. As you interact with our Site, we may automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, and other similar technologies. We may also receive Technical Data about you if you visit other Sites and apps employing our cookies. Please see our cookie policy below for further details.

Third parties or publically available sources. We may receive personal data about you from various third parties and public sources such as analytics providers, advertising networks and/or search information providers based inside and outside the EU including Google.

Contact, Financial and Transaction Data from providers of technical, payment and delivery services such as Stripe, Twilio and Google based inside and outside the EU.

Identity and Contact Data from data brokers or aggregators such as Google based inside and outside the EU.

Why we will use your data

The lawful basis for processing are set out Schedules 2 and 3 of the Data Protection Act 1998 and Article 6 of the General Data Protection Regulation (GDPR). We may process your personal data on more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out below. At least one of these must apply whenever we process personal data:

Consent:  you have given clear consent for us to process your personal data for a specific purpose.

Contract: the processing is necessary for a contract we have with you (for example, to process and provide the services and products you request from us and to manage our relationship with you), or because you have asked us to take specific steps before entering into a contract.

Legal obligation: the processing is necessary for us to comply with a legal or regulatory obligation (not including contractual obligations).

Vital interests: the processing is necessary to protect someone’s life.

Public task: the processing is necessary for us to perform a task in the public interest or for our official functions, and the task or function has a clear basis in law.

Legitimate interests: the processing is necessary for our legitimate interests (for example to administer and maintain our Site) or the legitimate interests of a third party unless there is a good reason to protect your personal data which overrides those legitimate interests. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests.  We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us.

Healthcare provision: the processing of data concerning your health is necessary for us to provide you with our service being a medical consultation, diagnosis and healthcare treatment.

Click here to find out more about the types of lawful basis that we will rely on to process your personal data.

Generally we do not rely on consent as a legal basis for processing your personal data other than as described below. However, if we do ask for your consent (for example in processing data relating to your health) we will do so in order to comply with the principle that any processing must be lawful, fair and transparent. Please see our terms and conditions for more information on this.

In order to provide our services to you we will need to process personal data about your health. Whilst we will ask for your consent to process this data we do not rely on this consent as the lawful basis on which we may process your health data. We will also rely on one of the other lawful basis as set out above.

How we will use your data

Collecting data helps us to understand what you are looking for and for us to deliver improved products and services to you. Specifically, we may use data:

  • To provide our services to you.
  • For our own internal records.
  • To improve our Site in order to better serve you.
  • To improve the products and services we provide.
  • To contact you in response to a specific enquiry.
  • To customise the Site for you to allow us to deliver the type of content and product offerings which you are most interested in.
  • To quickly process your transactions.
  • To send you promotional emails about products, services, offers and other things we think might be relevant to you.
  • To send you promotional mailings or to call you about products, services, offers and other things we think might be relevant to you.
  • To contact you via email, telephone or mail for market research reasons.
  • To ask for ratings and reviews of services or products.
  • To follow up with you after correspondence (live chat, email or phone inquiries).

In each case we will use your data in accordance with this privacy policy.

Disclosing your personal data

We may have to share your personal data with the parties below in order to provide our services to you. We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions. Examples of our third parties include:

  • Sub-contractors for the performance of any contract we enter into with them or you;
  • Accredited pharmacies,
  • UKAS registered laboratories,
  • NHS bodies (including GPs),
  • Service providers acting as processors who provide IT and system administration services.
  • Professional advisers acting as processors or joint controllers including lawyers, bankers, auditors and insurers who provide consultancy, banking, legal, insurance and accounting services.
 

Change of purpose

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please Contact us.

If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

Marketing

We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising.

We may use your Identity, Contact, Technical, Usage and Profile Data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which services and offers may be relevant for you (we call this marketing).

You will receive marketing communications from us if you have requested information from us. We will get your express opt-in consent before we share your personal data with any company outside Wren Healthcare for marketing purposes.

You can ask us or third parties to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent to you or by Contacting us at any time.

Where you opt out of receiving these marketing messages, this will not apply to personal data provided to us as a result of a purchase of services or products from us.

How long we will keep your data

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

Details of retention periods for different aspects of your personal data.

In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.

Your legal rights

Your legal rights

Under certain circumstances, you have rights under data protection laws in relation to your personal data. Please click on the links below to find out more about these rights:

If you wish to exercise any of the rights set out above, please Contact us. Please note that, should you exercise your legal right to withdraw your consent, we refer you to the above in which we explain that we do not rely on your consent as the only lawful basis on which we will process your personal data.

No fee usually required

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee of £10 if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

What we may need from you  

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

Time limit to respond

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

Cookies

A cookie is a small file placed on your computer’s hard drive. It enables our Site to identify your computer as you view different pages on our Site. Cookies allow Sites and applications to store your preferences in order to present content, options or functions that are specific to you. They also enable us to see information like how many people use the Site and what pages they tend to visit, so that we can offer better site experiences and tools in the future.

We have carefully chosen these cookies and have taken steps to ensure that your privacy is protected and respected at all times.

We may use cookies to:

  • Analyse our web traffic using an analytics package.

Aggregated usage data helps us improve the Site structure, design, content and functions.

  • Identify whether you are signed in to our Site.

A cookie allows us to check whether you are signed in to the site.

  • Test content on our Site or app. For example

, 50% of our users might see one piece of content, the other 50% a different piece of content.

  • Store information about your preferences.

The Site can then present you with information you will find more relevant and interesting. We may also use trusted third-party services that track this information on our behalf.

  • To recognise when you return to our Site.

We may show your relevant content, or provide functionality you used previously.

Cookies do not provide us with access to your computer or any information about you, other than that which you choose to share with us. All cookies used by this Site are used in accordance with current UK and EU Cookie Law

You can use your web browser’s cookie settings to determine how our Site uses cookies. If you do not want our Site to store cookies on your computer or device, you should set your web browser to refuse cookies. However, please note that doing this may affect how our Site functions. Some pages and services may become unavailable to you. Unless you have changed your browser to refuse cookies, our Site will issue cookies when you visit it.

To learn more about cookies and how they are used, visit All About Cookies.

Google

Google’s advertising requirements can be summed up by Google’s Advertising Principles. They are put in place to provide a positive experience for users.

Google, as a third-party vendor, uses cookies to serve ads on our site. Google’s use of the DART cookie enables it to serve ads to our users based on previous visits to our site and other sites on the Internet. Users may opt-out of the use of the DART cookie by visiting the Google Ad and Content Network privacy policy.

We have implemented the following:

  • Remarketing with Google AdSense
  • Google Display Network Impression Reporting
  • Demographics and Interests Reporting
  • DoubleClick Platform Integration

We, along with third-party vendors such as Google, use first-party cookies (such as the Google Analytics cookies) and third-party cookies (such as the DoubleClick cookie) or other third-party identifiers together to compile data regarding user interactions with ad impressions and other ad service functions as they relate to our Site.

Users can set preferences for how Google advertises to you using the Google Ad Settings page. Alternatively, you can opt out by visiting the Network Advertising Initiative Opt Out page or by using the Google Analytics Opt Out Browser add on.

Contact Us

Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to Wren Healthcare Ltd, Innovation House, Innovation Way, Sandwich, Kent, CT13 9FD

info@wrenhealthcare.co.uk

0203 9746950

Wren Healthcare Team