In the following, we will inform you about the collection of personal data when using this website. Personal data includes any data that personally identifies you, such as your name, address, e-mail addresses, user behavior.
1. Data processing controller and data protection officer
1.1. Controller as set forth in the General Data Protection Regulation (GDPR)
PWC Gesellschaft für medizinische Testverfahren im Sport mbH
Tel.: +49 (0) 81 05 / 7 34 06 – 00
Fax: +49 (0) 81 05 / 7 34 06 – 310
Represented by Managing Directors Stephanie & Volker Laakmann
1.2. Data Protection Officer
You can reach our data protection officer
· by mail: at the aforementioned address with a letter addressed to “Data Protection Officer”
· by e-mail: firstname.lastname@example.org
2. Your rights
· Art. 15 GDPR, you have the right to receive information about any personal data that we have stored about you and that is collected when you visit the website;
· Art. 16 GDPR, you have the right to request rectification of inaccurate data or the completion of personal data that we have stored about you;
· Art 17. GDPR, you have the right to request the deletion of the personal data that we have stored about you if it is not necessary to process it to meet a legal obligation or to assert, exercise, or defend legal claims;
· Art. 7 Para. 3 GDPR, you have the right to withdraw the data processing consent you have issued to us at any time. As a result, we will henceforth no longer be allowed to continue the data processing that is based on this consent. The legality of the processing that has taken place based on the consent until revocation by the data subject shall remain unaffected;
· Art. 20 GDPR, you have the right to receive data concerning your person that you have provided to us in a structured, commonly used, and machine-readable format or request that this data be transferred to another controller;
· Art. 18 GDPR, you have the right to request the restriction of processing. We will restrict processing if the requirements of Art. 18 Para. 1 GDPR apply;
· Art. 77 GDPR, you have the right to lodge a complaint with the data protection supervisory authority in charge if you consider that the processing of your personal data that is collected as you visit our website infringes the GDPR. The Bavarian Office for Data Protection (BayLDA) is responsible for Quentia GmbH.
· If your personal data is processed based on legitimate interests as per Art. 6 Para. 1 Sentence 1 (f) GDPR, you have the right to object to the processing of your personal data as per Art. 21 GDPR if there are reasons resulting from your particular situation or if your complaint is against direct advertising. In the latter case, you have a general right of objection, which we will implement without specification of a special situation being required.
3. Data security
We maintain technical measures to ensure privacy, particularly to protect your personal data from hazards during data transfers and to protect your data from being viewed by third parties. Each of these measures will accordingly be tailored to the current state of the art.
4. Processing of personal data
4.1. Collection of personal data when visiting our website
General website usage
When the website is used for informational purposes, i.e., if you do not register or otherwise send us information, we only collect the personal data that your browser sends to our server. If you wish to view our website, we collect the following data that we technically require in order to show you our website and to ensure stability and security (The legal basis is Art. 6, Para. 1 Sentence 1 (f) GDPR):
– IP address
– Date and time of the request
– Time zone difference from Greenwich Mean Time (GMT)
– Contents of the request (specific page)
– Access status/HTTP status code
– The amount of data transferred in each case
– Website from which the request originates
– Operating system and its interface
– Language and version of the browser software
You can configure your browser settings according to your preferences. However, please note that you may afterwards be unable to use all the functions of this website.
4.2. Additional functions and offerings of our website
In addition to using our website purely for information purposes, we offer many different services that you can use if you are interested. To do so, you must generally provide additional personal information that we will use to provide the service in question.
Contact via e-mail/contact form
To make any inquiries, we give you the option of contacting us using the e-mail address listed on the website or the contact form. In this case, the personal data of the sender, i.e., the user, that is sent with the inquiry will be saved.
The legal basis for processing this data that is sent during an inquiry is Art. 6 Para. 1 (f) GDPR (our legitimate interests as a controller). If the inquiry aims to conclude a contract, then Art. 6 Para 1. (b) GDPR (performance of a contract) shall also be an additional legal basis for processing.
This personal data is processed only so that we can process your contact inquiry. Inside our company, your data is accessed by the departments that require it to process your inquiry. The user has the option to object to data processing. Please send the objection to the contact information listed in Chapter 1. In this case, any personal data that was saved when contact was made shall be erased.
5. Use of Google Analytics
Google Analytics, a web analysis service from Google LLC, is used on this website if you have granted your consent in this regard. The service provider in charge in the EU is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).
Scope of the processing
We use the “anonymizeIP” function (i.e., IP masking): Due to the activation of IP anonymization on this website, Google will truncate your IP address in the member states of the European Union or in other states that are party to the European Economic Area. Only in exceptional cases will the complete IP address be sent to a Google server in the U.S. and truncated there. The IP address sent by your browser as part of Google Analytics is not combined with other Google data.
Among other things, the following data will be collected during your visit to the website:
– The pages you open, i.e., your “click path”
– The “website goals” that have been reached (conversions, e.g., newsletter registrations, downloads, purchases)
– Your user behavior (such as clicks, duration of visit, bounce rates)
– Your approximate location (region)
– Your IP address (truncated)
– Technical information about your browser and the devices you use (e.g., language settings, display resolution)
– Your internet service provider
– The referrer URL (the website/advertising means that brought you to this website)
Purpose of processing
Google will use this information on behalf of this website’s operator to evaluate your (pseudonymous) use of the website and to compile reports about website activities. The reports that are compiled by Google Analytics are used to analyze our website’s performance.
The recipient of the data is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Transfer to third-party states
The data may be transferred to the U.S.
The cookie-linked data that we send is automatically erased after 14 months. Deletion of data that has exceeded its storage duration occurs automatically once a month.
Furthermore, you can prevent the cookie-produced data related to your usage of the website (incl. your IP address) from being collected, sent to, and processed by Google by doing the following
– Not issuing your consent to cookies or
– Downloading and installing the browser add-on to deactivate Google Analytics, which can be found HERE.
You can also prevent cookies from being saved by making the appropriate setting in your browser software. However, if you configure your browser to reject all cookies, it may limit the functionality of this website and others.
Legal basis and right of revocation
The legal basis for this data processing is your consent, Art.6 Para. 1 Sentence 1 (a) GDPR. You may revoke your consent with effect for the future at any time by opening the cookie settings and changing your selection there.
6. Google Maps integration
On our website, we use Google Maps (API) from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Maps is a web service that displays interactive (country) maps to visually depict geographical information. For instance, using this service can show you our location and make it easier to reach it.
As soon as you open the sub-pages that are embedded in a map from Google Maps, information about how you use our website (such as your IP address) is sent to a Google server in the U.S. and stored there. This occurs irrespective of whether Google provides a user account through which you are logged in or if there is no user account. If you are logged in through Google, your data will be associated directly with your account. If you do not wish for this association to your Google profile to take place, you must log out from your Google user account. Google stores your data (even if you are not logged in) as a usage profile and analyzes it. You have the right to object to the creation of this user profile, but to exercise it, you must send your objection to Google.
These processing procedures occur solely if permission is explicitly granted as per Art. 6 Para.1 (a) GDPR.
7. Integration of Google Tag Manager
This website uses Google Tag Manager, a cookie-free domain that does not record personal data.
This tool can be used to implement “website tags” (i.e., keywords that are integrated in HTML elements) that are administrated via an interface. By using the Google Tag manager, we can automatically follow which button, link, or personalized image you have actively clicked and then keep track of which content on our website you find particularly interesting.
Furthermore, the tool triggers other tags that may record your data. Google Tag Manager does not access this data. If you have carried out a deactivation at the domain or cookie level, this will continue to apply for all tracking tags that are implemented with the Google Tag Manager.
These processing procedures occur solely if permission is explicitly granted as per Art. 6 Para.1 (a) GDPR.
8. Using Cloud Typography/Hoefler & Co.
This website uses what are known as web fonts obtained from Hoefler & Co. (typography.com) to consistently display fonts. When opened, the required web fonts are loaded from your browser to your browser cache to optimally display text and fonts. To do so, the browser you use must connect to the servers of Hoefler & Co. (typography.com). As a result of this action, Hoefler & Co. becomes aware that our website was accessed via your IP address. Hoefler & Co. web fonts are used in the interest of making our online website look appealing. This constitutes a legitimate interest within the meaning of Art. 6 Para. 1 (f) GDPR.
If your browser does not support web fonts, then a standard font from your computer will be used instead.
You can find more information about Hoefler & Co. web fonts at https://www.typography.com/home/cloud-terms.php
9. Using ShortPixel
To optimize loading times, this website uses an image compression and delivery algorithm that is provided by ShortPixel (ID SCOUT SRL). When loading a website, your browser loads the required images to your browser cache.
To do so, the browser you use must connect to the servers of ShortPixel. As a result of this action, ShortPixel becomes aware that our website was accessed via your IP address. We use ShortPixel image optimization in the interest of making our online website look consistent and appealing. This constitutes a legitimate interest within the meaning of Art. 6 Para. 1 (f) GDPR.
The company uses the technical platform and the services of Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. Our presence on Facebook serves for better, active communication with our customers and prospects. The legal basis for this is Article 6 (1) lit. (f) GDPR.
According to a judgment of the ECJ dated June 05, 2018, the operator of a Facebook page and Facebook itself will be jointly responsible for the processing of personal data.
When visiting our Facebook page, Facebook will record, among other things, your IP address and other information that is available on your PC in the form of cookies. This information is used to provide us, as the operator of the Facebook pages, with statistical information on the use of the Facebook page.
Under the following link, Facebook provides further information on this:
We have no influence on the generation and presentation of the information. The data that are collected about you in this context will be processed by Facebook Ltd., and may be transferred to countries outside of the European Union. In general form, Facebook describes in its Data Usage Guidelines what information Facebook receives and how this information is used. There, you will also find information on contact options for Facebook, as well as the setting options for advertisements.
The Data Usage Guidelines are available under the following link:
Facebook’s full data policies can be found here:
Facebook does not conclusively and clearly explain – nor is it known to us – in which way it uses the data from the visit to Facebook pages for its own purposes, to what extent activities on the Facebook page are assigned to individual users, how long Facebook stores this data, and whether data from a visit to the Facebook page is passed on to third parties.
When accessing a Facebook page, the IP address which is assigned to your device will be transmitted to Facebook. According to Facebook, this IP address is anonymized (for “German” IP addresses) and deleted after 90 days. Facebook also stores information on the devices of its users (e.g. within the context of the “Login Notification” function). If necessary, Facebook is thus able to assign IP addresses to individual users. If you are currently logged in to Facebook as a user, there is a cookie with your Facebook ID on your device. This allows Facebook to understand that you visited this page and how you used it. This also applies to all other Facebook pages. Via Facebook buttons that are integrated into websites, Facebook is able to record your visits to these websites and assign them to your Facebook profile. Based on this data, tailored content or advertising can be offered to you.
If you want to avoid this, you should log out of Facebook or deactivate the “stay logged in” function, delete the cookies on your device, and close and restart your browser. In this way, Facebook information that can be used to directly identify you will be deleted. This allows you to use our Facebook page without revealing your Facebook ID. When you access interactive features of the page (like, comment, share, news, etc.), a Facebook login screen will appear. After a possible login, you will again be recognizable for Facebook as a specific user.
Information on how to manage or delete existing personal information can be found on the following Facebook support pages:
Facebook has assumed the primary responsibility for the processing of insights data and, among other things, for the exercise of the rights of the persons concerned according to Art. 15 et seq. GDPR. Please contact Facebook directly for requests for information or other questions concerning your rights, such as the deletion of data, as only Facebook will have full access to your user data. If we directly receive requests in this regard, we will forward them to Facebook.
11. Storage duration for personal data
We process and store your data if it is necessary to fulfill the aforementioned purposes, particularly our contractual and legal obligations. If the data is no longer necessary to fulfill these purposes and our obligations, it will be erased on a regular basis unless it needs to temporarily undergo further processing for the following purposes:
– Compliance with retention requirements under commercial and tax law, particularly the commercial code and tax code. The retention or documentation periods stated therein amount to six to ten years.
– Preservation of evidence as part of statutory limitation periods. According to Sections 195 ff. of the German Civil Code (BGB), these statutes of limitations can amount up to 30 years, whereas the normal statute of limitation amounts to three years.
12. Obligation to provide data
In the context of our business relationship, you must send us data that is necessary for initiating and conducting a business relationship and for meeting the associated contractual obligations, or data that we are obligated to collect. Without this data, we will generally be unable to conclude or execute the contract.
14. Social media profiles on Xing, LinkedIn, and Twitter
We maintain profiles on the Xing, LinkedIn, and Twitter social networks to communicate with the users who are registered there and inform them about our products, services, and news.
Cookies are generally saved in your browser when visiting our profiles on social media networks; they store your usage behavior and interests for market research and advertising purposes. Please consult the social media networks’ privacy policies for detailed information about data processing when using our social media profiles as well as about your rights:
– XING (provider: XING SE, Dammtorstraße 30, 20354 Hamburg, Germany)
– LinkedIn (provider: LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland)
Cookie guidelines/opt-out: https://www.linkedin.com/legal/cookie-policy
– Twitter (provider: Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland)