Data Privacy Statement

Thank you for visiting our website. With this privacy statement, we would like to inform you in detail about the processing of your personal data, which may be incurred through your visit or use of our website.

The processing of personal data is carried out in accordance with the provisions of the European and German law. This privacy statement refers to our website. If you are redirected to other websites via links on our website, please inform yourself about the respective handling of your data there.

Responsible according to the EU General Data Protection Regulation and other national data protection regulations:

SICAT GmbH & Co. KG
Brunnenallee 6
53177 Bonn
Germany

If you have any questions regarding data protection, please contact the company data protection officer of SICAT GmbH & Co. KG at privacy (at) sicat.com.

 

Server Log Files

When you visit our website, your browser may forward personal data to us in a fully automated manner.

 

SICAT processes these data according to Art. 32 GDPR to guarantee a trouble-free operation of our website, to defend against dangers in case of attacks on our systems and to improve our services for you.

These data are stored by SICAT for a period of 3 months. In case of attacks on our systems, the relevant data are forwarded to the law enforcement authorities.

Our website and our customer portal are hosted in external, certified data centers located in Germany.

 

Cookies

To optimize our web presence, we use cookies. These are small text files that are stored in the memory of your computer, helping us to optimize our web presence for you. The use of cookies is carried out based on Art. 6 Para. 1 lit. f GDPR. You may prevent the use of cookies by selecting the “block cookies” browser setting in your browser. However, we would like to point out that blocking cookies may result in functional limitations in regard to our Internet offering.

 

Newsletter

On our website, we offer you the opportunity to subscribe to a free newsletter.

When registering for the personalized newsletter, the data entered in the input mask (Your e-mail address, your name and possibly the optionally entered office name and address) are transferred to us and stored to regularly inform you in person about our products, product improvements and services.

For processing the data, your consent is obtained during registration according to Art 6 Para. 1 lit. a GDPR and it is referred to this data privacy statement.

The newsletter is send by Newsletter2Go. For this purpose, we transfer the collected data to Newsletter2Go which is located in Germany. An order processing contract exists. Any personal data provided by you is only used for sending the newsletter. Your data is not transferred to third parties.

Our newsletter contains so-called tracking pixels which help us to recognize if and when a newsletter was opened and which links in the e-mail have been followed by the personalized recipient. This additional information is processed by us according to Art. 6 Para. 1 lit. f GDPR in order to align our newsletter optimally with your wishes and interests.

Withdrawal of consent
If you no longer want to receive the newsletter, you have the opportunity to withdraw your consent at any time with effect for the future. Use the unsubscribe link provided in the newsletter or send an e-mail to info (at) sicat.com.

When registering for the newsletter, we have to verify your data. For this purpose, we send a short confirmation e-mail to the e-mail address specified by you.

The data for processing the newsletter are deleted as soon as they are no longer required for achieving the purpose for collection or you have withdrawn your consent to receive the newsletter. To defend against claims, we store the signed out e-mail address for another 3 years.

When registering for the newsletter, the IP address of the requesting computer and date and time of the registration are collected. According to Art. 32 GDPR, this is intended to avoid possible misuse of the services or of the e-mail address used. These additional data are stored by us for a period of 3 months.

 

Contact form

You may use the contact form on our website to contact us. Using the input mask, you enter your data (Name, e-mail address, possibly company or office name, address) and your request which are transferred to us by e-mail and processed by SICAT according to Art. 6 Para. 1 lit. b GDPR. The retention period conforms to the requirements of commercial law and medical devices law respectively.

Your data will be transmitted to us in accordance with the current state of the art using a SSL/TLS encryption.

At the time of sending the message, the IP address of the requesting computer as well as the date and time are also recorded according to Art. 32 GDPR. We require these data in order to prevent or restrict misuse of the contact form and to ensure the security of our IT systems. These additional information is stored for a maximum of 3 months.

 

ReCaptcha

To make sure that the data entry in our contact form is not made by an automated program, we use „Google reCAPTCHA“ on our website. Provider is Google LLC., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

The analysis starts automatically as soon as the user visits the website. For analysis, reCAPTCHA evaluates various information, e.g. IP address, length of stay on the website and mouse movements made by the user. The data collected during the analysis will be transmitted to Google.

The data processing is based on Art. 6 Para. 1 lit. f GDPR for a legitimate interest of the party responsible in order to protect his web offers against abusive automated spying and SPAM.

For additional information regarding Google reCAPTCHA as well as the data privacy statement of Google see the following link: https://www.google.com/intl/de/policies/privacy/

 

E-mail contact

In addition to the contact form, it is possible to contact us by using the e-mail addresses posted on the website.

Incoming e-mails are checked for spam and viruses in accordance with Art. 32 GDPR.

Use the info (at) sicat.com e-mail address to send general inquiries by e-mail.

To directly contact the appropriate department or employee, use the SGL (at) sicat.com,  SW-Support (at) sicat.com,  clinicalassist (at) sicat.com e-mail addresses or the e-mail addresses of SICAT employees listed on the „Contacts“ subpage.

We store your personal data (E-mail address, if applicable, your name and content data) to answer your request according to Art. 6 Para. 1 lit. b GDPR. The retention period conforms to the requirements of commercial law and medical devices law respectively.

Use the career (at) sicat.com e-mail address to send us your application for thevacancies posted in the “Career” area on the website.

The data provided by you (E-mail address, name, contact details, content data, application data, certificates etc.) are processed for the purpose of establishing or initiating an employment relationship in accordance with Art. 88 GDPR or § 26 Federal Data Protection Act (new). Your data will be stored for 6 months after completing the application process.

The retention period is extended by the applicant’s giving his or her consent for admission to an applicant pool. The consent is given in writing according to Art. 6, Para. 1 lit. a GDPR and can be withdrawn at any time using the above-mentioned e-mail address. Data in the so-called applicant pool is deleted after 2 years if no employment contract has resulted from the application.

 

Webshop/Portal

When you visit our webshop, you will be redirected to our SICAT portal for registration.

For the use of the SICAT portal or the webshop respectively, we offer you the opportunity to enter your personal data (Name, e-mail address, company or practice name, position or status, address, contact details) for registration.
The processing of your data takes place to fulfill a contract or to carry out pre-contractual measures according to Art. 6 Para. 1 lit. b GDPR.

In your user account or in the address book, you will have an overview of the data you entered. You also have the opportunity to manage or change your data.

As part of the registration or at any time under "Edit user account", you have the opportunity to register for the receipt of additional information. By activating the respective box, you give us your consent according to Art. 6 Para. 1 lit. a GDPR, allowing us to provide you with additional information on our products. You can choose between our newsletter, which we send to you by e-mail, and a personal contact by e-mail or telephone.

Withdrawal
Of course, you can withdraw this consent at any time with effect for the future. To do this, you can remove the check mark for your advertising consent under “Information” in your user account. In that case, your data will no longer be used for advertising purposes.

If you place an order using the Webshop, the digital order process or the File Uploader, we process the personal data that you entered or transferred during registration for order handling, for sending an electronic order confirmation, for shipment of the goods including a delivery note and invoice. The retention period of the stored data in the context of order processing is 10 years according to commercial and tax law.

We pass on your shipping data for delivery to logistics service providers. For the tracking of your order we use Shiptrack of the MHP-Solution Group. An order processing contract exists.

Using the Digital Ordering Process from SICAT SUITE, the customer who is signed-in and registered the Portal transfers his or her order for a patient-specific SICAT guide.

In order to provide a comfortable order process, SICAT regularly checks the server connection to be able to refer to the offline order process if necessary. This online check is carried out according to Art. 6 Para. 1 lit. f GDPR.

The File Uploader or Digitalguide Uploader provides the customer with the opportunity to transfer orders for patient-specific guides from Galileos Implant or SICAT Implant 1.x to SICAT. The legal basis for the order processing is Art. 6 Para. 1 lit. b GDPR, the retention periods are based on medical device law.

Using the order transparency, customers who have registered for the Portal and are signed-in get access to all cases concerning the customer which have been uploaded to our systems, complemented by the corresponding processing status. In addition, the associated accompanying documents and certificates are accessible.

In the order history, customers who have registered and are signed-in get an overview of the orders that have been placed so far. Furthermore, information about the product ordered, the order date, the specified delivery or invoice address, the selected shipping method and the payment method is available.

In the license management area, SICAT provides registered and signed-in customs with the opportunity to look up and manage the purchased licenses. For this purpose, we store the activation key of the current licenses for the SICAT applications according to Art. 6 Para. 1 lit. b GDPR.

For managing Pick-Up orders, SICAT provides registered and signed-in customers with the opportunity to manage pick-up orders affiliated with surgical guides or therapeutic appliances for stone models and data carriers. For this purpose, we store the order size, the address and the pick-up date and forward these data to the shipping provider.

 

Payment options

SICAT offers different payment options.
- PayPal
- Debit – Ingenico, Six-Payment
- Credit card – Ingenico, Six-Payment

You will be directly forwarded to the website of the payment service. The data entered there will not be stored by SICAT.

 

„Terror list“ screening

EU anti-terrorism regulations require that no customer, supplier, or service provider belongs to the group of terrorist suspects defined in centralized lists (terrorist lists). It is therefore necessary for SICAT to perform a data comparison with the terrorist lists prior to closing a business deal. The legal basis is Art. 6 Para. 1 lit. c GDPR.

 

Compliance with export prohibitions

If you provide a delivery address in other EU countries, we will check your customer data under the Foreign Trade Act to comply with export prohibitions and embargos and as proof of the VAT-exempt calculation to recipients in a non EU-country. In addition, we make customs declarations for your shipment to non-EU countries. The legal basis is Art. 6 Para. 1 lit. c GDPR.

 

Google Maps

SICAT GmbH & Co. KG uses the Google Maps API to depict our location and to allow you to plan your route to us. Provider is Google LLC., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

When using Google Maps, Google also processes data about the use of Maps features by visitors to the Websites. For more information about Google and Google's privacy policy, please see the following link: https://www.google.com/intl/en/policies/privacy/

The use of Google Maps is based on a legitimate interest according to Art. 6 Para. 1 lit. f GDPR in optimizing our website.

 

YouTube videos

We use the YouTube embedding feature of YouTube LLC. (901 Cherry Ave., San Bruno, CA 94066, USA; „YouTube“) on our website. YouTube is an affiliate of Google LLC. (1600 Amphitheater Parkway, Mountain View, CA 94043, USA; "Google"). The feature displays videos deposited with YouTube in an iframe on the website. The option "Extended Privacy Mode" is activated. As a result, YouTube does not store information about visitors to the site. Only when you watch a video will information be transmitted to and stored on YouTube. For more information about the collection and use of data by YouTube and Google, your rights and ways to protect your privacy, please refer to the YouTube Privacy Policy (https://www.youtube.com/t/privacy). 

 

Use of automated decision-making including profiling (Art. 22 GDPR)

As a matter of principle, SICAT does not use fully automated decision-making. If this procedure is used in individual cases, you will be informed separately if this is required by law.

 

Rights of the persons concerned

When processing your personal data as defined by the GDPR through SICAT GmbH, you as the person concerned have comprehensive rights towards SICAT GmbH as responsible authority.

 

Right to withdraw your data privacy declaration

You have the right to withdraw your data privacy declaration at any time with effect for the future. Data collected until the withdrawal takes full legal effect remain unaffected by this. Please send a short message to info (at) sicat.com or privacy (at) sicat.com.

Revision: June 2018