Imprint/Privacy Policy

Imprint

Saphenus Medical Technology GmbH
Magnesitstraße 1
3500 Krems, Österreich
Branch Office: Dopplergasse 5/7-8, 1110 Wien
FN 462419d | LG Krems an der Donau
UiD: ATU72269225
office@saphenus-med.com

Privacy Policy

The present Privacy Policy sets forth the practices of Saphenus Medical Technology GmbH (“Saphenus“) regarding the collection of data relating to customers.

Competent authority within the meaning of the General Privacy Policy Regulation (GDPR): dsb Privacy Policy Authority of the Republic of Austria.

Purpose of data processing

We will process your personal data for the following purposes:

• establishment, administration and handling of the business relationship and/or fulfilment of the contract concluded with you
• strengthening the existing customer relationship or establishment of a new customer relationship or approaching prospective customers, including by providing information on cur-rent products and services from our range

User rights

You have the following rights:

1. To request a confirmation as to whether and to what extent your personal data is used and processed, and to request access to the personal data that we have stored about you, as well as additional information
2. To request a copy of the personal data which you have provided to us on a voluntary basis, a structured, commonly used and machine-readable format
3. To request a rectification of the personal data we have stored about you
4. To request the erasure of your personal data
5. To object the processing of your personal data by us
6. To request restriction of the processing of your personal data by us
7. To lodge a complaint with a supervisory authority

However, please note that these rights do not apply without restriction but are subject to our own legitimate interests as well as to regulatory requirements.

If you wish to exercise any of these rights or to obtain further information, please contact our Privacy Policy officer Mag. Rainer Schultheis, email: rainer.schultheis@saphenus-med.com.

Data storage

We store your personal data for as long as it is necessary to provide our services, to comply with legal obligations, and to resolve disputes and enforce our policies. The storage periods de-pend on the type of data collected and the purpose for which the data has been collected, and take into account both the case-specific circumstances and the need to delete outdated, unused information as soon as possible. We store the records containing personal data of customers, documents on the creation of accounts, communications and other data in accordance with appli-cable laws and regulations.

We may, at any time and in our sole discretion, to correct, complete or remove any incomplete or inaccurate data.

Legal basis of data processing

The processing of your personal data (i.e. any data which allows your identification by reasona-ble means; “personal data”) is necessary in order to perform the contract to which you are par-ty (art. 6/1/b GDPR).

Furthermore, we process your personal data on the basis of our overriding, legitimate interest in achieving the purposes mentioned under item “Purpose of data processing” (art. 6/1/f GDPR). Further purposes are to provide you with our services, to protect our legitimate interest and to comply with the legal and financial regulatory obligations we are subject to.

Which data do we collect?

We collect personal data, which is data that identifies or allows to identify an individual by applying reasonable measures. Such data includes:

• Name, form of address/sex/title
• Address
• Email

In the event of an active business relationship, the following data will be collected in addition:

• Contractual data (payment history and performance, country of origin, VAT no., powers of representation and contact persons)
• Invoicing and payment data (bank details, payment terms, creditworthiness, blocking indicators, credit information)
• Register excerpts (company register, creditor protection association (Kreditschutz-verband))
• Correspondence

How do we obtain data about you?

We obtain your personal data from various sources:

• You provide us with such data on a voluntary basis, for example, when registering on our website.
• We receive such data from other providers, services and from public registers (data traf-fic analysis providers, for example).

How is the data used? To whom is the data disclosed?

We do not disclose user data to third parties except as described in the present Privacy Policy.

We use the data for the following purposes:

• Communication with you (sending messages regarding our services, providing technical
• information and handling of customer service requests, if applicable)
• Contract management (existing contracts, purchase/sales)
• Execution of payment transactions
• Management of daily business transactions
• Fulfilment of corporate and tax documentation purposes
• Initiation of business deals within the scope of our business activities
• Information on new products and services

In addition to the different purposes specified above, we may also disclose personal data to our subsidiaries, affiliates and subcontractors.

In addition to the purposes set out in the present Privacy Policy, we may transmit personal data to our trusted third party vendors for the following reasons:

• Banks for the handling of payment transactions
• Legal representatives in the respective business cases
• Auditors and tax advisors
• Courts
• Competent administrative authorities, in particular tax authorities
• Collection companies for debt recovery purposes
• External lenders, such as leasing or factoring companies and assignees, insofar as the delivery or service has been financed in this way by external lenders
• Contractual or business partners who participate or are to participate in the delivery or service
• Insurance companies on the occasion of the conclusion of an insurance contract for the delivery/service or the occurrence of an insured event
• Federal Institute “Statistik Österreich“ for setting-up (official) statistics required by law
• Group management of the client, in the case of suppliers as well as commercial custom-ers and key customers
• Customers (recipients of services)
• IT service providers or service companies that we use

Some of the above mentioned recipients may be located outside Austria or process your person-al data outside Austria. The level of Privacy Policy in other countries may not be equivalent to the level applicable in Austria. Therefore, we take the necessary measures in order to ensure that all recipients provide an adequate level of Privacy Policy.

We may also disclose information if we have good reason to believe that it is useful or reasonable in order to: (i) comply with applicable laws, regulations, legal proceedings or requests of public authorities; (ii) enforce our policies (including our agreement) and, if necessary, investigate potential violations thereof; (iii) investigate, detect or prevent illegal activities or other wrong conduct, suspected fraud, or security issues, or take action against any of these; (iv) assert or enforce our legal claims or defend ourselves against the claims of others; (v) protect our rights, property or safety, the safety of our users, your safety, or the safety of third parties; or to (vi) cooperate with prosecution authorities and/or to protect intellectual property or other legal rights.

Marketing

We may use your personal data, such as your name, email address, phone number, etc. either ourselves or disclose it to an external subcontractor in order to provide you with promotional material regarding our services, which may be of interest to you.

We respect your right to privacy. Therefore, these marketing materials will always provide you with the opportunity to opt-out of receiving such mailings in the future. When you have unsub-scribed, your email address or phone number will be removed from our marketing distribution lists.

Please note that, even when you have opted out of receiving our marketing emails, we will continue to send you emails containing important information that does not include an unsubscribe option. Such emails include maintenance messages or administrative notifications.

Corporate transaction

We may disclose personal data in the event of a corporate transaction (e.g. sales of major busi-ness units, merger, consolidation, or sale of assets). If any of the foregoing occurs, the purchas-er or the relevant company will assume the rights and obligations set forth in the present Privacy Policy.