Contact
Dear visitors, Protecting your privacy is important to us! With the following information, we would therefore like to inform you about how we handle your data collected when you use our website.

A. Controller

1. Name and address of the controller responsible for processing

The controller within the meaning of the EU General Data Protection Regulation (GDPR) is VibraCare GmbH Holzweide 6 28307 Bremen Telephone: 0421 – 49 18 72 Email: info@vibracare.de

2. Name and address of the Data Protection Officer

The Data Protection Officer of the controller responsible for processing is: Mag. Markus Dittrich CASC – full service agentur GmbH Heigerleinstraße 2/4-9 1160 Vienna Tel.: +43 1 924 05 28 Email: datenschutzbeauftragter@casc.at

B. General

1. Scope of the processing of personal data

As a matter of principle, we collect and use our users’ personal data only to the extent necessary to provide a functional website and our content and services. If this should not be the case, personal data is generally used only with the user’s consent. An exception applies in cases where prior consent cannot be obtained for factual reasons and the processing of the data is permitted by statutory provisions. 2. Legal bases for processing Insofar as we obtain the data subject’s consent for processing operations involving personal data, Article 6(1)(a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis. When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Article 6(1)(b) GDPR serves as the legal basis. This also applies to processing operations necessary to carry out pre-contractual measures. Insofar as processing personal data is necessary for compliance with a legal obligation to which our company is subject, Article 6(1)(c) GDPR serves as the legal basis. In the event that vital interests of the data subject or another natural person require the processing of personal data, Article 6(1)(d) GDPR serves as the legal basis. If the processing is necessary for the purposes of legitimate interests pursued by our company or by a third party, and the interests, fundamental rights and freedoms of the data subject do not override the former interest, Article 6(1)(f) GDPR serves as the legal basis for processing. The legitimate interest of our company lies in carrying out our business activities.

3. Routine deletion and restriction of personal data

We process and store the data subject’s personal data only for as long as is necessary to achieve the purpose of storage. Storage may also take place insofar as this has been provided for by European or national legislators in EU regulations, laws or other provisions to which the controller is subject. As soon as the purpose of storage no longer applies or a storage period prescribed by the aforementioned provisions expires, the personal data is routinely restricted or deleted.

4. Security of your data

We take all appropriate technical and organizational measures to ensure the protection of your data. In addition, all web forms through which you transmit sensitive data to us are encrypted and thus protected as effectively as possible against unauthorized access.

C. Usage data

I. Log files

1. Description and scope of data collection

Each time our website is accessed, we or the hosting provider collect data and information through an automated system. This data is stored in the server log files. The following data may be collected:
  • Information about the browser type and version used
  • The user’s operating system
  • The user’s Internet service provider
  • The user’s IP address
  • Date and time of access
  • Websites from which the user’s system reaches our website (referrer)

2. Legal basis for data processing

The legal basis for the temporary storage of log files is Art. 6(1)(f) GDPR.

3. Purpose of data processing

The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user’s computer. For this purpose, the user’s IP address must remain stored for the duration of the session. Storage in log files takes place in order to ensure the functionality of the website. In addition, the data helps us optimize the website and ensure the security of our information technology systems. The data is not evaluated for marketing purposes in this context. These purposes also constitute our legitimate interest in data processing pursuant to Art. 6(1)(f) GDPR. The data is deleted as soon as it is no longer required for achieving the purpose for which it was collected. In the case of data collection for the provision of the website, this is the case when the respective session has ended.

4. Duration of storage

If the data is stored in log files, this is the case after seven days at the latest. Storage beyond this period is possible. In this case, the users’ IP addresses are deleted or anonymized so that the calling client can no longer be assigned.

5. Option to object and remove

The collection of data for the provision of the website and the storage of data in log files is absolutely necessary for the operation of the website. Consequently, the user has no option to object.

II. Use of cookies

So-called cookies are used on our pages. Cookies are small text files that are stored in the cache of your internet browser for the duration of your browser session (so-called session cookies) or on your hard drive for a defined period (so-called permanent cookies). Cookies enable the internet browser to be recognized so that, during future visits to our website, content can be made available to you more quickly and in a more targeted manner, tailored to your needs and preferences. We therefore use cookies in order to be able to offer a website tailored to visitors’ preferences as part of our legitimate interest. Cookies do not store any personal data. We use the content management system (CMS) MODX. MODX sets session cookies intended to make the use of our website more convenient for you and to enable us to understand that you have already visited individual pages of our website. These are automatically deleted when you leave our site. The data processed by cookies is necessary for the stated purposes in order to safeguard our legitimate interests and those of third parties pursuant to Art. 6(1) sentence 1 lit. f GDPR. In addition, cookies are set on our website by Google Analytics, Google Adwords Conversion Tracking, Facebook, reCAPTCHA and Google Maps. Please refer to the corresponding sections for more details. How can I prevent cookies from being stored? You can configure your browser so that cookies are only accepted if you consent to them. You can delete cookies that are already stored. However, deactivating cookies may limit the usability of our websites. Instructions on how to deactivate cookies can be found at the following LINK (wikihow.com). Show cookie settings

IV. Use of Google Maps

On this website, we use the Google Maps service. This allows us to display interactive maps directly on the website and enables you to use the map function conveniently. By visiting the website, Google receives the information that you have accessed the corresponding subpage of our website. In addition, the data referred to in Section 3 of this policy is transmitted. This takes place regardless of whether Google provides a user account through which you are logged in or whether no user account exists. If you are logged in to Google, your data will be assigned directly to your account. If you do not want your data to be associated with your profile on Google, you must log out before activating the button. Google stores your data as usage profiles and uses it for the purposes of advertising, market research and/or demand-oriented design of its website. Such evaluation is carried out in particular (even for users who are not logged in) to provide demand-oriented advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact Google in order to exercise this right. Further information on the purpose and scope of data collection and its processing by the plug-in provider can be found in the provider’s privacy policies. There you will also find further information on your rights in this regard and setting options to protect your privacy: http://www.google.de/intl/de/policies/privacy. Google also processes your personal data in the USA and has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

V. Further information on usage data

3. Third-party cookies

So-called third-party cookies are also used on our website. These are cookies stored by third-party providers. Our website currently uses cookies from the providers www.youtube.com and doubleclick by google 4. Doubleclick by Google We use the Doubleclick by Google tool on our website. This is a service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). Doubleclick by Google uses cookies to present advertising that is relevant to you. A pseudonymous identification number (ID) is assigned to your browser in order to check which ads were displayed in your browser and which ads were accessed. The cookies do not contain any personal information. The use of DoubleClick cookies merely enables Google and its partner websites to display ads based on previous visits to our website or other websites on the internet. The information generated by the cookies is transmitted by Google to a server in the USA for evaluation and stored there. Google only transfers data to third parties on the basis of statutory provisions or within the scope of commissioned data processing. Under no circumstances will Google combine your data with other data collected by Google. You can prevent Google from collecting the data generated by the cookies and relating to your use of the websites, as well as Google’s processing of this data, by downloading and installing the browser plug-in available at the following link under the item DoubleClick opt-out extension. Alternatively, you can deactivate Doubleclick cookies on the Digital Advertising Alliance website via the following link.

How can I prevent cookies from being stored?

You can configure your browser so that cookies are only accepted if you consent to them. You can delete cookies that are already stored. However, deactivating cookies may limit the usability of our websites. Instructions on how to deactivate cookies can be found at the following LINK (wikihow.com). There you will also learn how to deactivate the use of third-party cookies. We also use HTML5 storage objects that are stored on your device. These objects store the required data independently of the browser you use and do not have an automatic expiration date. You can prevent the use of HTML5 storage objects by using private mode in your browser. In addition, we recommend that you regularly delete your cookies and browser history manually[R1]. 5. Social plugins Social plugins from social networks are used on this website. This currently concerns plugins from the providers facebook and twitter. However, no data is transmitted to the respective site operators and no personal data is otherwise processed. To increase the protection of your data, the plugins are not integrated into the page without restriction, but only by using an HTML link (the so-called “Shariff solution” by c’t). This integration ensures that when a page containing such plugins is accessed, no connection is yet established with the servers of the provider of the respective social network. If you click one of the buttons, a new browser window opens and calls up the page of the respective service provider, where you can, for example (possibly after entering your login data), press the Like or Share button. For the purpose and scope of data collection and the further processing and use of the data by the providers on their websites, as well as your rights in this regard and setting options for protecting your privacy, please refer to the providers’ privacy notices. You can find facebook’s privacy policy at: http://www.facebook.com/policy.php. You can find twitter’s privacy policy at: https://twitter.com/de/privacy 6.Use of Google Maps Our homepage has integrated the Google Maps service in order to visually illustrate and display the locations and contact addresses of our branches. Google Maps is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. When used, Google collects and processes data about the user’s use of the map function. Further information about data processing can be found in Google’s Privacy Policy.

D. Your personal data (inventory data)

What is “personal data”?

Personal data is information about you that allows conclusions to be drawn about your identity or relates indirectly or directly to your person, e.g. your name, your address or your telephone number. Information that does not allow conclusions to be drawn about a specific or identifiable person is not included.

  1. Use of the contact form

    A contact form is available on our website www.vibracare.eu which can be used for electronic contact. To use the contact form, you enter your name[R1], your email address and your message so that we can process and respond to your inquiry accordingly. Providing a contact form serves our legitimate interests, as it gives us more ways to get in touch with you. Alternatively, contact can be made via the provided email address. If the data subject contacts the controller via one of these channels, the personal data transmitted by the data subject is stored automatically. This storage serves solely the purpose of processing or contacting the data subject. The data is not passed on to third parties.

  2. Forwarding to other websites

    To expand our range of services, you will find links on our website to other websites for which other providers are responsible. Please refer to their privacy policies to find out to what extent our advertising partners collect personal data. You can recognize such forwarding by the fact that a new browser window opens and a new address is displayed in the browser line

  3. Disclosure of data to third parties

    As a matter of principle, data is not disclosed to third parties. In order to fulfill our contractual obligations, e.g. from purchase agreements, we use external service providers who, for example, handle the delivery of goods. Within the scope of these data processing operations, we pass on your data to our service providers to the extent necessary for the performance of the contractual obligations.

  4. This concerns in particular:

    • – Postal delivery companies
    • – Shipping companies and freight forwarders
    • – Payment service providers (e.g.: paypal)
    • – Credit companies in the context of financed purchases (e.g.: medipay)
  1. Your rights as a data subject
  2. If OxyCare GmbH processes your personal data, you are a data subject within the meaning of the General Data Protection Regulation and you have the following rights vis-à-vis us as the controller:
a) Right of access You may request confirmation from the controller as to whether personal data concerning you is being processed by us. If such processing exists, you may request the following information from the controller:
  1. the purposes for which the personal data is processed;
  2. the categories of personal data being processed;
  3. the recipients or categories of recipients to whom the personal data concerning you has been or will be disclosed;
  4. the planned duration of storage of the personal data concerning you or, if specific information is not possible, criteria used to determine the storage period;
  5. the existence of a right to rectification or deletion of the personal data concerning you, a right to restriction of processing by the controller or a right to object to such processing;
  6. the existence of a right to lodge a complaint with a supervisory authority;
  7. all available information as to the source of the data if the personal data is not collected from the data subject;
  8. the existence of automated decision-making, including profiling, pursuant to Art. 22(1) and (4) GDPR and – at least in those cases – meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.
You have the right to request information as to whether the personal data concerning you is transferred to a third country or to an international organization. In this context, you may request to be informed of the appropriate safeguards pursuant to Art. 46 GDPR in connection with the transfer.

b) Right to rectification

You have a right to rectification and/or completion vis-à-vis the controller if the processed personal data concerning you is inaccurate or incomplete. We must carry out the rectification without undue delay.

c) Right to restriction of processing

Under the following conditions, you may request restriction of the processing of your personal data:
  1. if you contest the accuracy of the personal data concerning you for a period enabling the controller to verify the accuracy of the personal data;
  2. if the processing is unlawful and you oppose the deletion of the personal data and instead request the restriction of its use;
  3. if Oxycare GmbH no longer needs the personal data for the purposes of processing, but you require it for the establishment, exercise or defense of legal claims, or
  4. if you have objected to processing pursuant to Art. 21(1) GDPR and it has not yet been determined whether the legitimate grounds of the controller override your grounds.
If the processing of the personal data concerning you has been restricted, such data may – apart from being stored – be processed only with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State. If the restriction of processing has been restricted according to the above conditions, you will be informed by the controller before the restriction is lifted.

d) Right to erasure

You may request from us that the personal data concerning you be deleted without undue delay, and we are obliged to delete this data without undue delay if one of the following reasons applies:
  1. The personal data concerning you is no longer necessary in relation to the purposes for which it was collected or otherwise processed.
  2. You withdraw your consent on which the processing was based pursuant to Art. 6(1)(a) or Art. 9(2)(a) GDPR, and there is no other legal ground for the processing.
  3. You object to the processing pursuant to Art. 21(1) GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. 21(2) GDPR.
  4. The personal data concerning you has been processed unlawfully.
  5. The deletion of the personal data concerning you is necessary for compliance with a legal obligation under Union law or the law of the Member States to which the controller is subject.
  6. The personal data concerning you has been collected in relation to information society services offered pursuant to Art. 8(1) GDPR.
If Oxycare GmbH has made the personal data concerning you public and is obliged pursuant to Art. 17(1) GDPR to erase it, it shall, taking account of available technology and the cost of implementation, take reasonable steps, including technical measures, to inform controllers processing the personal data that you as the data subject have requested the erasure of all links to, or copies or replications of, that personal data. The right to erasure does not apply insofar as processing is necessary
  1. for exercising the right of freedom of expression and information;
  2. for compliance with a legal obligation requiring processing under Union law or the law of the Member States to which the controller is subject, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
  3. for reasons of public interest in the area of public health pursuant to Art. 9(2)(h) and (i) and Art. 9(3) GDPR;
  4. for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes pursuant to Art. 89(1) GDPR, insofar as the right referred to in paragraph 1 is likely to render impossible or seriously impair the achievement of the objectives of that processing, or
  5. for the establishment, exercise or defense of legal claims.

e) Right to be informed

If you have asserted the right to rectification, erasure or restriction of processing vis-à-vis the controller, the controller is obliged to notify all recipients to whom the personal data concerning you has been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves disproportionate effort. You have the right to be informed by us about these recipients.

f) Right to data portability

You have the right to receive the personal data concerning you that you have provided to Oxycare GmbH in a structured, commonly used and machine-readable format. You also have the right to transmit this data to another controller without hindrance from the controller to whom the personal data was provided, provided that
    1. the processing is based on consent pursuant to Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR or on a contract pursuant to Art. 6(1)(b) GDPR, and
    2. the processing is carried out by automated means.
In exercising this right, you also have the right to have the personal data concerning you transmitted directly from one controller to another controller, insofar as this is technically feasible. Freedoms and rights of other persons must not be adversely affected by this. The right to data portability does not apply to processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

g) Right to object

You have the right, on grounds relating to your particular situation, to object at any time to the processing of personal data concerning you which is based on Art. 6(1)(e) or (f) GDPR; this also applies to profiling based on those provisions. Oxycare GmbH will no longer process the personal data concerning you unless it can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the establishment, exercise or defense of legal claims. Where personal data concerning you is processed for direct marketing purposes, you have the right to object at any time to processing of personal data concerning you for the purpose of such advertising; this also applies to profiling insofar as it is related to such direct marketing. If you object to processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes. In the context of the use of information society services – notwithstanding Directive 2002/58/EC – you may exercise your right to object by automated means using technical specifications.

h) Right to withdraw the data protection declaration of consent

You have the right to withdraw your declaration of consent under data protection law at any time. Withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

i) Automated decision-making in individual cases including profiling

You have the right not to be subject to a decision based solely on automated processing – including profiling – which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision
    1. is necessary for entering into, or performance of, a contract between you and Oxycare GmbH,
    2. is authorized by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests, or
    3. is based on your explicit consent.
However, these decisions may not be based on special categories of personal data pursuant to Art. 9(1) GDPR, unless Art. 9(2)(a) or (g) applies and suitable measures to safeguard your rights and freedoms and legitimate interests have been taken. With regard to the cases referred to in a. and c., Oxycare GmbH shall implement suitable measures to safeguard your rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express your own point of view and to contest the decision.

j) Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, your place of work or the place of the alleged infringement, if you consider that the processing of personal data concerning you infringes the GDPR. The supervisory authority with which the complaint has been lodged shall inform the complainant of the status and the outcome of the complaint, including the possibility of a judicial remedy pursuant to Art. 78 GDPR.