Privacy Policy
Status: April 2024
Privacy Policy
The protection of your personal data is very important to us. We would therefore like to take this opportunity to inform you about data protection in our company. Your personal data will only be used in accordance with the statutory data protection regulations, such as the General Data Protection Regulation (GDPR). Our employees and service providers are obliged to comply with data protection regulations. Below you will find information on the type, scope and purpose of the collection and use of your personal data as well as your rights.
General data protection information
Processing of personal data
In this privacy policy, we inform you about the processing of personal data. Personal data within the meaning of Art. 4 GDPR is all information relating to an identified or identifiable natural person, e.g. name, address, email address, etc. and which are processed by us.
Controller and data protection officer
The controller for data processing pursuant to Art. 4 (7) GDPR is
Brainlab AG
Olof-Palme-Straße 9
81829 Munich
E-Mail: dataprivacy@brainlab.com
If you have any questions about data protection, please contact our data protection officer:
Katharina Ruhenstroth
c/o intersoft consulting services AG
Beim Strohhause 17
20097 Hamburg
www.intersoft-consulting.de
Recipients of data
Your personal data will only be passed on to third parties for the purposes listed here. Beyond this, data will only ever be passed on if there is a legal basis for doing so.
We only transfer your personal data to third parties if, for example:
you have given your express consent to the transfer in accordance with Art. 6 para. 1 lit. a GDPR; or
it is necessary in accordance with Art. 6 para. 1 lit. b GDPR for the processing of contractual relationships with you, e.g. to credit institutions or external service providers for the processing of contractually agreed payments, to shipping and transport companies for the purpose of transporting goods including shipment tracking; or
there is a legal obligation to pass on data pursuant to Art. 6 para. 1 lit. c GDPR; or
the disclosure pursuant to Art. 6 para. 1 lit. f GDPR is necessary within the scope of our legitimate interests, e.g. for the assertion, exercise or defending legal claims, and you have no overriding interest worthy of protection in not disclosing your data.
On this legal basis and for the purposes mentioned, we may disclose your data to third parties who provide services on our behalf in order to support us in our business activities. These companies are authorized to use your personal data only to the extent necessary to provide these services to us.
Brainlab and these companies have entered into agreements to ensure that your data is also adequately protected by our service providers. We use service providers for our marketing (e.g. web hosting and newsletters) and user experience optimization, for event registration (e.g. for Reference Site Visits and Brainlab Academy), for the execution and implementation of contracts we have with you or services we provide (e.g. sales inquiries and payment processing) and in the context of processing your application to our job postings. For example, we may share your name and delivery address with third parties that we engage to deliver certain products or services to you (e.g. support services, shipping or direct advertising companies).
Duration of storage
Your personal data will be deleted as soon as it is no longer required for the purposes for which it was collected and processed. Once the purpose no longer applies, the data will be deleted unless storage is necessary to fulfil a legal obligation or to assert, exercise or defend legal claims. Legal obligations arise for us from tax and commercial law, but also from other laws. For example, we must retain accounting data such as order and payment data or business letters for 10 years or 6 years, depending on the applicable tax and commercial law regulations. Further information on any retention periods can be found in the respective sections on the individual processing operations.
Data transfer to third countries
We always select the services we use in such a way that the protection of your personal data is guaranteed in the best possible way. For some services, we have no influence over whether the data processed by these services is transferred to holding companies in the USA or other third countries. If there is no decision by the European Union for these countries that they have a level of data protection comparable to that of the European Union (so-called EU adequacy decision), we or our contractual partner have concluded a separate contract or binding corporate rules that ensure this level of protection through additional measures and guarantees. In this way, the provider contractually ensures the protection of your personal data even in the event of a transfer to the third country.
Your rights
Processing of personal data
In this privacy policy, we inform you about the processing of personal data. Personal data within the meaning of Art. 4 GDPR is all information relating to an identified or identifiable natural person, e.g. name, address, email address, etc. and which are processed by us.
Controller and data protection officer
The controller for data processing pursuant to Art. 4 (7) GDPR is
Brainlab AG
Olof-Palme-Straße 9
81829 Munich
E-Mail: dataprivacy@brainlab.com
If you have any questions about data protection, please contact our data protection officer:
Katharina Ruhenstroth
c/o intersoft consulting services AG
Beim Strohhause 17
20097 Hamburg
www.intersoft-consulting.de
Recipients of data
Your personal data will only be passed on to third parties for the purposes listed here. Beyond this, data will only ever be passed on if there is a legal basis for doing so.
We only transfer your personal data to third parties if, for example:
you have given your express consent to the transfer in accordance with Art. 6 para. 1 lit. a GDPR; or
it is necessary in accordance with Art. 6 para. 1 lit. b GDPR for the processing of contractual relationships with you, e.g. to credit institutions or external service providers for the processing of contractually agreed payments, to shipping and transport companies for the purpose of transporting goods including shipment tracking; or
there is a legal obligation to pass on data pursuant to Art. 6 para. 1 lit. c GDPR; or
the disclosure pursuant to Art. 6 para. 1 lit. f GDPR is necessary within the scope of our legitimate interests, e.g. for the assertion, exercise or defending legal claims, and you have no overriding interest worthy of protection in not disclosing your data.
On this legal basis and for the purposes mentioned, we may disclose your data to third parties who provide services on our behalf in order to support us in our business activities. These companies are authorized to use your personal data only to the extent necessary to provide these services to us.
Brainlab and these companies have entered into agreements to ensure that your data is also adequately protected by our service providers. We use service providers for our marketing (e.g. web hosting and newsletters) and user experience optimization, for event registration (e.g. for Reference Site Visits and Brainlab Academy), for the execution and implementation of contracts we have with you or services we provide (e.g. sales inquiries and payment processing) and in the context of processing your application to our job postings. For example, we may share your name and delivery address with third parties that we engage to deliver certain products or services to you (e.g. support services, shipping or direct advertising companies).
Duration of storage
Your personal data will be deleted as soon as it is no longer required for the purposes for which it was collected and processed. Once the purpose no longer applies, the data will be deleted unless storage is necessary to fulfil a legal obligation or to assert, exercise or defend legal claims. Legal obligations arise for us from tax and commercial law, but also from other laws. For example, we must retain accounting data such as order and payment data or business letters for 10 years or 6 years, depending on the applicable tax and commercial law regulations. Further information on any retention periods can be found in the respective sections on the individual processing operations.
Data transfer to third countries
We always select the services we use in such a way that the protection of your personal data is guaranteed in the best possible way. For some services, we have no influence over whether the data processed by these services is transferred to holding companies in the USA or other third countries. If there is no decision by the European Union for these countries that they have a level of data protection comparable to that of the European Union (so-called EU adequacy decision), we or our contractual partner have concluded a separate contract or binding corporate rules that ensure this level of protection through additional measures and guarantees. In this way, the provider contractually ensures the protection of your personal data even in the event of a transfer to the third country.
Using our website
Processing of personal data
In this privacy policy, we inform you about the processing of personal data. Personal data within the meaning of Art. 4 GDPR is all information relating to an identified or identifiable natural person, e.g. name, address, email address, etc. and which are processed by us.
Controller and data protection officer
The controller for data processing pursuant to Art. 4 (7) GDPR is
Brainlab AG
Olof-Palme-Straße 9
81829 Munich
E-Mail: dataprivacy@brainlab.com
If you have any questions about data protection, please contact our data protection officer:
Katharina Ruhenstroth
c/o intersoft consulting services AG
Beim Strohhause 17
20097 Hamburg
www.intersoft-consulting.de
Recipients of data
Your personal data will only be passed on to third parties for the purposes listed here. Beyond this, data will only ever be passed on if there is a legal basis for doing so.
We only transfer your personal data to third parties if, for example:
you have given your express consent to the transfer in accordance with Art. 6 para. 1 lit. a GDPR; or
it is necessary in accordance with Art. 6 para. 1 lit. b GDPR for the processing of contractual relationships with you, e.g. to credit institutions or external service providers for the processing of contractually agreed payments, to shipping and transport companies for the purpose of transporting goods including shipment tracking; or
there is a legal obligation to pass on data pursuant to Art. 6 para. 1 lit. c GDPR; or
the disclosure pursuant to Art. 6 para. 1 lit. f GDPR is necessary within the scope of our legitimate interests, e.g. for the assertion, exercise or defending legal claims, and you have no overriding interest worthy of protection in not disclosing your data.
On this legal basis and for the purposes mentioned, we may disclose your data to third parties who provide services on our behalf in order to support us in our business activities. These companies are authorized to use your personal data only to the extent necessary to provide these services to us.
Brainlab and these companies have entered into agreements to ensure that your data is also adequately protected by our service providers. We use service providers for our marketing (e.g. web hosting and newsletters) and user experience optimization, for event registration (e.g. for Reference Site Visits and Brainlab Academy), for the execution and implementation of contracts we have with you or services we provide (e.g. sales inquiries and payment processing) and in the context of processing your application to our job postings. For example, we may share your name and delivery address with third parties that we engage to deliver certain products or services to you (e.g. support services, shipping or direct advertising companies).
Duration of storage
Your personal data will be deleted as soon as it is no longer required for the purposes for which it was collected and processed. Once the purpose no longer applies, the data will be deleted unless storage is necessary to fulfil a legal obligation or to assert, exercise or defend legal claims. Legal obligations arise for us from tax and commercial law, but also from other laws. For example, we must retain accounting data such as order and payment data or business letters for 10 years or 6 years, depending on the applicable tax and commercial law regulations. Further information on any retention periods can be found in the respective sections on the individual processing operations.
Data transfer to third countries
We always select the services we use in such a way that the protection of your personal data is guaranteed in the best possible way. For some services, we have no influence over whether the data processed by these services is transferred to holding companies in the USA or other third countries. If there is no decision by the European Union for these countries that they have a level of data protection comparable to that of the European Union (so-called EU adequacy decision), we or our contractual partner have concluded a separate contract or binding corporate rules that ensure this level of protection through additional measures and guarantees. In this way, the provider contractually ensures the protection of your personal data even in the event of a transfer to the third country.
Request and registration forms on our website
Processing of personal data
In this privacy policy, we inform you about the processing of personal data. Personal data within the meaning of Art. 4 GDPR is all information relating to an identified or identifiable natural person, e.g. name, address, email address, etc. and which are processed by us.
Controller and data protection officer
The controller for data processing pursuant to Art. 4 (7) GDPR is
Brainlab AG
Olof-Palme-Straße 9
81829 Munich
E-Mail: dataprivacy@brainlab.com
If you have any questions about data protection, please contact our data protection officer:
Katharina Ruhenstroth
c/o intersoft consulting services AG
Beim Strohhause 17
20097 Hamburg
www.intersoft-consulting.de
Recipients of data
Your personal data will only be passed on to third parties for the purposes listed here. Beyond this, data will only ever be passed on if there is a legal basis for doing so.
We only transfer your personal data to third parties if, for example:
you have given your express consent to the transfer in accordance with Art. 6 para. 1 lit. a GDPR; or
it is necessary in accordance with Art. 6 para. 1 lit. b GDPR for the processing of contractual relationships with you, e.g. to credit institutions or external service providers for the processing of contractually agreed payments, to shipping and transport companies for the purpose of transporting goods including shipment tracking; or
there is a legal obligation to pass on data pursuant to Art. 6 para. 1 lit. c GDPR; or
the disclosure pursuant to Art. 6 para. 1 lit. f GDPR is necessary within the scope of our legitimate interests, e.g. for the assertion, exercise or defending legal claims, and you have no overriding interest worthy of protection in not disclosing your data.
On this legal basis and for the purposes mentioned, we may disclose your data to third parties who provide services on our behalf in order to support us in our business activities. These companies are authorized to use your personal data only to the extent necessary to provide these services to us.
Brainlab and these companies have entered into agreements to ensure that your data is also adequately protected by our service providers. We use service providers for our marketing (e.g. web hosting and newsletters) and user experience optimization, for event registration (e.g. for Reference Site Visits and Brainlab Academy), for the execution and implementation of contracts we have with you or services we provide (e.g. sales inquiries and payment processing) and in the context of processing your application to our job postings. For example, we may share your name and delivery address with third parties that we engage to deliver certain products or services to you (e.g. support services, shipping or direct advertising companies).
Duration of storage
Your personal data will be deleted as soon as it is no longer required for the purposes for which it was collected and processed. Once the purpose no longer applies, the data will be deleted unless storage is necessary to fulfil a legal obligation or to assert, exercise or defend legal claims. Legal obligations arise for us from tax and commercial law, but also from other laws. For example, we must retain accounting data such as order and payment data or business letters for 10 years or 6 years, depending on the applicable tax and commercial law regulations. Further information on any retention periods can be found in the respective sections on the individual processing operations.
Data transfer to third countries
We always select the services we use in such a way that the protection of your personal data is guaranteed in the best possible way. For some services, we have no influence over whether the data processed by these services is transferred to holding companies in the USA or other third countries. If there is no decision by the European Union for these countries that they have a level of data protection comparable to that of the European Union (so-called EU adequacy decision), we or our contractual partner have concluded a separate contract or binding corporate rules that ensure this level of protection through additional measures and guarantees. In this way, the provider contractually ensures the protection of your personal data even in the event of a transfer to the third country.
Brainlab ID
Processing of personal data
In this privacy policy, we inform you about the processing of personal data. Personal data within the meaning of Art. 4 GDPR is all information relating to an identified or identifiable natural person, e.g. name, address, email address, etc. and which are processed by us.
Controller and data protection officer
The controller for data processing pursuant to Art. 4 (7) GDPR is
Brainlab AG
Olof-Palme-Straße 9
81829 Munich
E-Mail: dataprivacy@brainlab.com
If you have any questions about data protection, please contact our data protection officer:
Katharina Ruhenstroth
c/o intersoft consulting services AG
Beim Strohhause 17
20097 Hamburg
www.intersoft-consulting.de
Recipients of data
Your personal data will only be passed on to third parties for the purposes listed here. Beyond this, data will only ever be passed on if there is a legal basis for doing so.
We only transfer your personal data to third parties if, for example:
you have given your express consent to the transfer in accordance with Art. 6 para. 1 lit. a GDPR; or
it is necessary in accordance with Art. 6 para. 1 lit. b GDPR for the processing of contractual relationships with you, e.g. to credit institutions or external service providers for the processing of contractually agreed payments, to shipping and transport companies for the purpose of transporting goods including shipment tracking; or
there is a legal obligation to pass on data pursuant to Art. 6 para. 1 lit. c GDPR; or
the disclosure pursuant to Art. 6 para. 1 lit. f GDPR is necessary within the scope of our legitimate interests, e.g. for the assertion, exercise or defending legal claims, and you have no overriding interest worthy of protection in not disclosing your data.
On this legal basis and for the purposes mentioned, we may disclose your data to third parties who provide services on our behalf in order to support us in our business activities. These companies are authorized to use your personal data only to the extent necessary to provide these services to us.
Brainlab and these companies have entered into agreements to ensure that your data is also adequately protected by our service providers. We use service providers for our marketing (e.g. web hosting and newsletters) and user experience optimization, for event registration (e.g. for Reference Site Visits and Brainlab Academy), for the execution and implementation of contracts we have with you or services we provide (e.g. sales inquiries and payment processing) and in the context of processing your application to our job postings. For example, we may share your name and delivery address with third parties that we engage to deliver certain products or services to you (e.g. support services, shipping or direct advertising companies).
Duration of storage
Your personal data will be deleted as soon as it is no longer required for the purposes for which it was collected and processed. Once the purpose no longer applies, the data will be deleted unless storage is necessary to fulfil a legal obligation or to assert, exercise or defend legal claims. Legal obligations arise for us from tax and commercial law, but also from other laws. For example, we must retain accounting data such as order and payment data or business letters for 10 years or 6 years, depending on the applicable tax and commercial law regulations. Further information on any retention periods can be found in the respective sections on the individual processing operations.
Data transfer to third countries
We always select the services we use in such a way that the protection of your personal data is guaranteed in the best possible way. For some services, we have no influence over whether the data processed by these services is transferred to holding companies in the USA or other third countries. If there is no decision by the European Union for these countries that they have a level of data protection comparable to that of the European Union (so-called EU adequacy decision), we or our contractual partner have concluded a separate contract or binding corporate rules that ensure this level of protection through additional measures and guarantees. In this way, the provider contractually ensures the protection of your personal data even in the event of a transfer to the third country.
Fanpages
Processing of personal data
In this privacy policy, we inform you about the processing of personal data. Personal data within the meaning of Art. 4 GDPR is all information relating to an identified or identifiable natural person, e.g. name, address, email address, etc. and which are processed by us.
Controller and data protection officer
The controller for data processing pursuant to Art. 4 (7) GDPR is
Brainlab AG
Olof-Palme-Straße 9
81829 Munich
E-Mail: dataprivacy@brainlab.com
If you have any questions about data protection, please contact our data protection officer:
Katharina Ruhenstroth
c/o intersoft consulting services AG
Beim Strohhause 17
20097 Hamburg
www.intersoft-consulting.de
Recipients of data
Your personal data will only be passed on to third parties for the purposes listed here. Beyond this, data will only ever be passed on if there is a legal basis for doing so.
We only transfer your personal data to third parties if, for example:
you have given your express consent to the transfer in accordance with Art. 6 para. 1 lit. a GDPR; or
it is necessary in accordance with Art. 6 para. 1 lit. b GDPR for the processing of contractual relationships with you, e.g. to credit institutions or external service providers for the processing of contractually agreed payments, to shipping and transport companies for the purpose of transporting goods including shipment tracking; or
there is a legal obligation to pass on data pursuant to Art. 6 para. 1 lit. c GDPR; or
the disclosure pursuant to Art. 6 para. 1 lit. f GDPR is necessary within the scope of our legitimate interests, e.g. for the assertion, exercise or defending legal claims, and you have no overriding interest worthy of protection in not disclosing your data.
On this legal basis and for the purposes mentioned, we may disclose your data to third parties who provide services on our behalf in order to support us in our business activities. These companies are authorized to use your personal data only to the extent necessary to provide these services to us.
Brainlab and these companies have entered into agreements to ensure that your data is also adequately protected by our service providers. We use service providers for our marketing (e.g. web hosting and newsletters) and user experience optimization, for event registration (e.g. for Reference Site Visits and Brainlab Academy), for the execution and implementation of contracts we have with you or services we provide (e.g. sales inquiries and payment processing) and in the context of processing your application to our job postings. For example, we may share your name and delivery address with third parties that we engage to deliver certain products or services to you (e.g. support services, shipping or direct advertising companies).
Duration of storage
Your personal data will be deleted as soon as it is no longer required for the purposes for which it was collected and processed. Once the purpose no longer applies, the data will be deleted unless storage is necessary to fulfil a legal obligation or to assert, exercise or defend legal claims. Legal obligations arise for us from tax and commercial law, but also from other laws. For example, we must retain accounting data such as order and payment data or business letters for 10 years or 6 years, depending on the applicable tax and commercial law regulations. Further information on any retention periods can be found in the respective sections on the individual processing operations.
Data transfer to third countries
We always select the services we use in such a way that the protection of your personal data is guaranteed in the best possible way. For some services, we have no influence over whether the data processed by these services is transferred to holding companies in the USA or other third countries. If there is no decision by the European Union for these countries that they have a level of data protection comparable to that of the European Union (so-called EU adequacy decision), we or our contractual partner have concluded a separate contract or binding corporate rules that ensure this level of protection through additional measures and guarantees. In this way, the provider contractually ensures the protection of your personal data even in the event of a transfer to the third country.
Directive on privacy and electronic communications
Processing of personal data
In this privacy policy, we inform you about the processing of personal data. Personal data within the meaning of Art. 4 GDPR is all information relating to an identified or identifiable natural person, e.g. name, address, email address, etc. and which are processed by us.
Controller and data protection officer
The controller for data processing pursuant to Art. 4 (7) GDPR is
Brainlab AG
Olof-Palme-Straße 9
81829 Munich
E-Mail: dataprivacy@brainlab.com
If you have any questions about data protection, please contact our data protection officer:
Katharina Ruhenstroth
c/o intersoft consulting services AG
Beim Strohhause 17
20097 Hamburg
www.intersoft-consulting.de
Recipients of data
Your personal data will only be passed on to third parties for the purposes listed here. Beyond this, data will only ever be passed on if there is a legal basis for doing so.
We only transfer your personal data to third parties if, for example:
you have given your express consent to the transfer in accordance with Art. 6 para. 1 lit. a GDPR; or
it is necessary in accordance with Art. 6 para. 1 lit. b GDPR for the processing of contractual relationships with you, e.g. to credit institutions or external service providers for the processing of contractually agreed payments, to shipping and transport companies for the purpose of transporting goods including shipment tracking; or
there is a legal obligation to pass on data pursuant to Art. 6 para. 1 lit. c GDPR; or
the disclosure pursuant to Art. 6 para. 1 lit. f GDPR is necessary within the scope of our legitimate interests, e.g. for the assertion, exercise or defending legal claims, and you have no overriding interest worthy of protection in not disclosing your data.
On this legal basis and for the purposes mentioned, we may disclose your data to third parties who provide services on our behalf in order to support us in our business activities. These companies are authorized to use your personal data only to the extent necessary to provide these services to us.
Brainlab and these companies have entered into agreements to ensure that your data is also adequately protected by our service providers. We use service providers for our marketing (e.g. web hosting and newsletters) and user experience optimization, for event registration (e.g. for Reference Site Visits and Brainlab Academy), for the execution and implementation of contracts we have with you or services we provide (e.g. sales inquiries and payment processing) and in the context of processing your application to our job postings. For example, we may share your name and delivery address with third parties that we engage to deliver certain products or services to you (e.g. support services, shipping or direct advertising companies).
Duration of storage
Your personal data will be deleted as soon as it is no longer required for the purposes for which it was collected and processed. Once the purpose no longer applies, the data will be deleted unless storage is necessary to fulfil a legal obligation or to assert, exercise or defend legal claims. Legal obligations arise for us from tax and commercial law, but also from other laws. For example, we must retain accounting data such as order and payment data or business letters for 10 years or 6 years, depending on the applicable tax and commercial law regulations. Further information on any retention periods can be found in the respective sections on the individual processing operations.
Data transfer to third countries
We always select the services we use in such a way that the protection of your personal data is guaranteed in the best possible way. For some services, we have no influence over whether the data processed by these services is transferred to holding companies in the USA or other third countries. If there is no decision by the European Union for these countries that they have a level of data protection comparable to that of the European Union (so-called EU adequacy decision), we or our contractual partner have concluded a separate contract or binding corporate rules that ensure this level of protection through additional measures and guarantees. In this way, the provider contractually ensures the protection of your personal data even in the event of a transfer to the third country.
Other processing of personal data
Processing of personal data
In this privacy policy, we inform you about the processing of personal data. Personal data within the meaning of Art. 4 GDPR is all information relating to an identified or identifiable natural person, e.g. name, address, email address, etc. and which are processed by us.
Controller and data protection officer
The controller for data processing pursuant to Art. 4 (7) GDPR is
Brainlab AG
Olof-Palme-Straße 9
81829 Munich
E-Mail: dataprivacy@brainlab.com
If you have any questions about data protection, please contact our data protection officer:
Katharina Ruhenstroth
c/o intersoft consulting services AG
Beim Strohhause 17
20097 Hamburg
www.intersoft-consulting.de
Recipients of data
Your personal data will only be passed on to third parties for the purposes listed here. Beyond this, data will only ever be passed on if there is a legal basis for doing so.
We only transfer your personal data to third parties if, for example:
you have given your express consent to the transfer in accordance with Art. 6 para. 1 lit. a GDPR; or
it is necessary in accordance with Art. 6 para. 1 lit. b GDPR for the processing of contractual relationships with you, e.g. to credit institutions or external service providers for the processing of contractually agreed payments, to shipping and transport companies for the purpose of transporting goods including shipment tracking; or
there is a legal obligation to pass on data pursuant to Art. 6 para. 1 lit. c GDPR; or
the disclosure pursuant to Art. 6 para. 1 lit. f GDPR is necessary within the scope of our legitimate interests, e.g. for the assertion, exercise or defending legal claims, and you have no overriding interest worthy of protection in not disclosing your data.
On this legal basis and for the purposes mentioned, we may disclose your data to third parties who provide services on our behalf in order to support us in our business activities. These companies are authorized to use your personal data only to the extent necessary to provide these services to us.
Brainlab and these companies have entered into agreements to ensure that your data is also adequately protected by our service providers. We use service providers for our marketing (e.g. web hosting and newsletters) and user experience optimization, for event registration (e.g. for Reference Site Visits and Brainlab Academy), for the execution and implementation of contracts we have with you or services we provide (e.g. sales inquiries and payment processing) and in the context of processing your application to our job postings. For example, we may share your name and delivery address with third parties that we engage to deliver certain products or services to you (e.g. support services, shipping or direct advertising companies).
Duration of storage
Your personal data will be deleted as soon as it is no longer required for the purposes for which it was collected and processed. Once the purpose no longer applies, the data will be deleted unless storage is necessary to fulfil a legal obligation or to assert, exercise or defend legal claims. Legal obligations arise for us from tax and commercial law, but also from other laws. For example, we must retain accounting data such as order and payment data or business letters for 10 years or 6 years, depending on the applicable tax and commercial law regulations. Further information on any retention periods can be found in the respective sections on the individual processing operations.
Data transfer to third countries
We always select the services we use in such a way that the protection of your personal data is guaranteed in the best possible way. For some services, we have no influence over whether the data processed by these services is transferred to holding companies in the USA or other third countries. If there is no decision by the European Union for these countries that they have a level of data protection comparable to that of the European Union (so-called EU adequacy decision), we or our contractual partner have concluded a separate contract or binding corporate rules that ensure this level of protection through additional measures and guarantees. In this way, the provider contractually ensures the protection of your personal data even in the event of a transfer to the third country.
Job application
Processing of personal data
In this privacy policy, we inform you about the processing of personal data. Personal data within the meaning of Art. 4 GDPR is all information relating to an identified or identifiable natural person, e.g. name, address, email address, etc. and which are processed by us.
Controller and data protection officer
The controller for data processing pursuant to Art. 4 (7) GDPR is
Brainlab AG
Olof-Palme-Straße 9
81829 Munich
E-Mail: dataprivacy@brainlab.com
If you have any questions about data protection, please contact our data protection officer:
Katharina Ruhenstroth
c/o intersoft consulting services AG
Beim Strohhause 17
20097 Hamburg
www.intersoft-consulting.de
Recipients of data
Your personal data will only be passed on to third parties for the purposes listed here. Beyond this, data will only ever be passed on if there is a legal basis for doing so.
We only transfer your personal data to third parties if, for example:
you have given your express consent to the transfer in accordance with Art. 6 para. 1 lit. a GDPR; or
it is necessary in accordance with Art. 6 para. 1 lit. b GDPR for the processing of contractual relationships with you, e.g. to credit institutions or external service providers for the processing of contractually agreed payments, to shipping and transport companies for the purpose of transporting goods including shipment tracking; or
there is a legal obligation to pass on data pursuant to Art. 6 para. 1 lit. c GDPR; or
the disclosure pursuant to Art. 6 para. 1 lit. f GDPR is necessary within the scope of our legitimate interests, e.g. for the assertion, exercise or defending legal claims, and you have no overriding interest worthy of protection in not disclosing your data.
On this legal basis and for the purposes mentioned, we may disclose your data to third parties who provide services on our behalf in order to support us in our business activities. These companies are authorized to use your personal data only to the extent necessary to provide these services to us.
Brainlab and these companies have entered into agreements to ensure that your data is also adequately protected by our service providers. We use service providers for our marketing (e.g. web hosting and newsletters) and user experience optimization, for event registration (e.g. for Reference Site Visits and Brainlab Academy), for the execution and implementation of contracts we have with you or services we provide (e.g. sales inquiries and payment processing) and in the context of processing your application to our job postings. For example, we may share your name and delivery address with third parties that we engage to deliver certain products or services to you (e.g. support services, shipping or direct advertising companies).
Duration of storage
Your personal data will be deleted as soon as it is no longer required for the purposes for which it was collected and processed. Once the purpose no longer applies, the data will be deleted unless storage is necessary to fulfil a legal obligation or to assert, exercise or defend legal claims. Legal obligations arise for us from tax and commercial law, but also from other laws. For example, we must retain accounting data such as order and payment data or business letters for 10 years or 6 years, depending on the applicable tax and commercial law regulations. Further information on any retention periods can be found in the respective sections on the individual processing operations.
Data transfer to third countries
We always select the services we use in such a way that the protection of your personal data is guaranteed in the best possible way. For some services, we have no influence over whether the data processed by these services is transferred to holding companies in the USA or other third countries. If there is no decision by the European Union for these countries that they have a level of data protection comparable to that of the European Union (so-called EU adequacy decision), we or our contractual partner have concluded a separate contract or binding corporate rules that ensure this level of protection through additional measures and guarantees. In this way, the provider contractually ensures the protection of your personal data even in the event of a transfer to the third country.
Changes to the privacy policy
Processing of personal data
In this privacy policy, we inform you about the processing of personal data. Personal data within the meaning of Art. 4 GDPR is all information relating to an identified or identifiable natural person, e.g. name, address, email address, etc. and which are processed by us.
Controller and data protection officer
The controller for data processing pursuant to Art. 4 (7) GDPR is
Brainlab AG
Olof-Palme-Straße 9
81829 Munich
E-Mail: dataprivacy@brainlab.com
If you have any questions about data protection, please contact our data protection officer:
Katharina Ruhenstroth
c/o intersoft consulting services AG
Beim Strohhause 17
20097 Hamburg
www.intersoft-consulting.de
Recipients of data
Your personal data will only be passed on to third parties for the purposes listed here. Beyond this, data will only ever be passed on if there is a legal basis for doing so.
We only transfer your personal data to third parties if, for example:
you have given your express consent to the transfer in accordance with Art. 6 para. 1 lit. a GDPR; or
it is necessary in accordance with Art. 6 para. 1 lit. b GDPR for the processing of contractual relationships with you, e.g. to credit institutions or external service providers for the processing of contractually agreed payments, to shipping and transport companies for the purpose of transporting goods including shipment tracking; or
there is a legal obligation to pass on data pursuant to Art. 6 para. 1 lit. c GDPR; or
the disclosure pursuant to Art. 6 para. 1 lit. f GDPR is necessary within the scope of our legitimate interests, e.g. for the assertion, exercise or defending legal claims, and you have no overriding interest worthy of protection in not disclosing your data.
On this legal basis and for the purposes mentioned, we may disclose your data to third parties who provide services on our behalf in order to support us in our business activities. These companies are authorized to use your personal data only to the extent necessary to provide these services to us.
Brainlab and these companies have entered into agreements to ensure that your data is also adequately protected by our service providers. We use service providers for our marketing (e.g. web hosting and newsletters) and user experience optimization, for event registration (e.g. for Reference Site Visits and Brainlab Academy), for the execution and implementation of contracts we have with you or services we provide (e.g. sales inquiries and payment processing) and in the context of processing your application to our job postings. For example, we may share your name and delivery address with third parties that we engage to deliver certain products or services to you (e.g. support services, shipping or direct advertising companies).
Duration of storage
Your personal data will be deleted as soon as it is no longer required for the purposes for which it was collected and processed. Once the purpose no longer applies, the data will be deleted unless storage is necessary to fulfil a legal obligation or to assert, exercise or defend legal claims. Legal obligations arise for us from tax and commercial law, but also from other laws. For example, we must retain accounting data such as order and payment data or business letters for 10 years or 6 years, depending on the applicable tax and commercial law regulations. Further information on any retention periods can be found in the respective sections on the individual processing operations.
Data transfer to third countries
We always select the services we use in such a way that the protection of your personal data is guaranteed in the best possible way. For some services, we have no influence over whether the data processed by these services is transferred to holding companies in the USA or other third countries. If there is no decision by the European Union for these countries that they have a level of data protection comparable to that of the European Union (so-called EU adequacy decision), we or our contractual partner have concluded a separate contract or binding corporate rules that ensure this level of protection through additional measures and guarantees. In this way, the provider contractually ensures the protection of your personal data even in the event of a transfer to the third country.
Additional regulations for US residents
Processing of personal data
In this privacy policy, we inform you about the processing of personal data. Personal data within the meaning of Art. 4 GDPR is all information relating to an identified or identifiable natural person, e.g. name, address, email address, etc. and which are processed by us.
Controller and data protection officer
The controller for data processing pursuant to Art. 4 (7) GDPR is
Brainlab AG
Olof-Palme-Straße 9
81829 Munich
E-Mail: dataprivacy@brainlab.com
If you have any questions about data protection, please contact our data protection officer:
Katharina Ruhenstroth
c/o intersoft consulting services AG
Beim Strohhause 17
20097 Hamburg
www.intersoft-consulting.de
Recipients of data
Your personal data will only be passed on to third parties for the purposes listed here. Beyond this, data will only ever be passed on if there is a legal basis for doing so.
We only transfer your personal data to third parties if, for example:
you have given your express consent to the transfer in accordance with Art. 6 para. 1 lit. a GDPR; or
it is necessary in accordance with Art. 6 para. 1 lit. b GDPR for the processing of contractual relationships with you, e.g. to credit institutions or external service providers for the processing of contractually agreed payments, to shipping and transport companies for the purpose of transporting goods including shipment tracking; or
there is a legal obligation to pass on data pursuant to Art. 6 para. 1 lit. c GDPR; or
the disclosure pursuant to Art. 6 para. 1 lit. f GDPR is necessary within the scope of our legitimate interests, e.g. for the assertion, exercise or defending legal claims, and you have no overriding interest worthy of protection in not disclosing your data.
On this legal basis and for the purposes mentioned, we may disclose your data to third parties who provide services on our behalf in order to support us in our business activities. These companies are authorized to use your personal data only to the extent necessary to provide these services to us.
Brainlab and these companies have entered into agreements to ensure that your data is also adequately protected by our service providers. We use service providers for our marketing (e.g. web hosting and newsletters) and user experience optimization, for event registration (e.g. for Reference Site Visits and Brainlab Academy), for the execution and implementation of contracts we have with you or services we provide (e.g. sales inquiries and payment processing) and in the context of processing your application to our job postings. For example, we may share your name and delivery address with third parties that we engage to deliver certain products or services to you (e.g. support services, shipping or direct advertising companies).
Duration of storage
Your personal data will be deleted as soon as it is no longer required for the purposes for which it was collected and processed. Once the purpose no longer applies, the data will be deleted unless storage is necessary to fulfil a legal obligation or to assert, exercise or defend legal claims. Legal obligations arise for us from tax and commercial law, but also from other laws. For example, we must retain accounting data such as order and payment data or business letters for 10 years or 6 years, depending on the applicable tax and commercial law regulations. Further information on any retention periods can be found in the respective sections on the individual processing operations.
Data transfer to third countries
We always select the services we use in such a way that the protection of your personal data is guaranteed in the best possible way. For some services, we have no influence over whether the data processed by these services is transferred to holding companies in the USA or other third countries. If there is no decision by the European Union for these countries that they have a level of data protection comparable to that of the European Union (so-called EU adequacy decision), we or our contractual partner have concluded a separate contract or binding corporate rules that ensure this level of protection through additional measures and guarantees. In this way, the provider contractually ensures the protection of your personal data even in the event of a transfer to the third country.
個人情報保護方針
制定日:2018年12月1日
改訂日:2024年3月1日
ブレインラボ株式会社
代表取締役社長 松村 友隆
ブレインラボ株式会社(以下「当社」といいます。)は医療機器販売及び保守管理を核とした事業活動を通じて取得したお客様及びお取引先、また当社従業員の個人情報(氏名、性別、電話番号、Eメールアドレスなど個人に関する情報であって、当該情報に含まれる内容により、又は複数の情報を組み合わせることにより、特定の個人を識別できることとなるものをいいます。以下同じ。)を確実に保護することを、当社の重要な社会的責務と認識しております。当社は次の事項を含むこの個人情報保護方針及び「個人情報の取扱いについて」(以下、併せて「本方針等」といいます。)を定め、これを実施し、かつ、維持することを宣言いたします。
1.当社は、すべての事業で取扱う個人情報及び従業員等の個人情報の取扱いに関し、「個人情報の保護に関する法律」をはじめとする個人情報の取扱いに関する法令、国が定める指針その他の規範を遵守いたします。
2.当社は、個人情報の取得、利用にあたっては、その利用目的を特定することとし、特定された利用目的の達成に必要な範囲を超えた個人情報の取扱い(目的外利用)はいたしません。また、目的外利用を行わないために、適切な管理措置を講じます。
3.当社は、法令に定める場合を除き、事前に本人の同意を得ることなく、第三者への個人情報の提供は行いません。
4.当社は、個人情報の取扱いに関する苦情及び相談を受けた場合は、その内容について迅速に事実関係等を調査し、合理的な期間内に誠意をもって対応いたします。
5.当社は、個人情報を正確かつ最新の状態に保ち、個人情報の不正アクセス・紛失・破損・改ざん・漏洩などを防止するため、適正なセキュリティシステムの維持・管理体制の整備・社員教育の徹底等の必要な措置を講じ、個人情報の厳重な管理を行います。
6.当社は、個人情報保護マネジメントシステムの継続的改善を行います。
[個人情報保護方針の内容についてのお問い合わせ先]
ブレインラボ株式会社 個人情報相談窓口
メールアドレス:jp.ppolicy@brainlab.com
個人情報の取扱いについて
ブレインラボ株式会社
東京都港区芝浦3-2-16
代表取締役社長 松村 友隆
ブレインラボ株式会社(以下「当社」といいます。)は、以下のとおり個人情報の取扱いについて定め、個人情報(当社の個人情報保護方針に定めるところによります。以下同じ。)の保護を促進いたします。
1.個人情報の利用目的について
当社は、個人情報を下記業務ならびに利用目的の達成に必要な範囲で利用いたします。
(1)業務内容
① 医療機器販売に関する業務
② 医療機器の保守管理に関する業務
(2)利用目的
<お客様・お取引先に関する個人情報>
※① 当社業務に関する契約や法律等に基づく権利の行使や義務の履行のため
※② お取引に伴う業務上の連絡や挨拶状の送付等、お客様とのお取引の適切かつ円滑な遂行のため
※③ ニュースレターの配信のため
※④ 安全管理通知のため
※⑤ エンドオブサービス通知のため
※⑥ 製品回収のため
※⑦ 製品改修のため
※⑧ サービス向上のため
※⑨ その他当社業務の適切かつ円滑な遂行のため
<従業員、採用応募者、退職者に関する個人情報>
※① 当社の採用選考のため
※② 従業員の雇用管理のため
※③ 退職者への情報提供及び連絡等のため
<従業員・採用活動における内定者・外部有識者等の特定個人情報>
※① 当社が、法令に基づき、従業員・採用活動における内定者・外部有識者等の個人番号を、給与所得の源泉徴収票、支払調書、健康保険・厚生年金保険被保険者資格取得届等の書類に記載して、行政機関等及び健康保険組合等に提出する事務のため
上記(2)のうち、保有個人データの利用目的を、※で示しています。
2.安全管理措置のために講じている措置
当社は、関係する法令およびガイドラインを遵守し、取り扱う個人データの漏えい、滅失または毀損の防止その他の個人データの安全管理のため、必要かつ適切な措置(以下、「安全管理措置」といいます)を以下の通り講じてまいります。
(1) 基本方針の策定
当社は、個人データの適正な取扱いを確保するため、基本方針として「個人情報保護方針
(https://www.brainlab.com/ja/privacy-policy/)」を策定しています。
(2)個人データの取扱いに係る規律の整備
当社は、個人データの取扱方法、責任者・担当者およびその役割等について定める社内規程を策定しています。
(3)組織的安全管理措置
当社は、当社の組織体制における個人情報の取扱いに関する責任者として「個人情報保護管理者」を任命したうえで、個人情報保護マネジメントシステムを整備し、社内の個人情報保護に関する統制を実施しています。また、安全管理措置に関する社内規程を従業員(契約社員・派遣社員を含みます)に遵守させ、従業員が法や社内規程に違反している事実又は兆候を把握した場合は「個人情報保護管理者」をはじめとする責任者へ報告・連絡する体制を整備しています。さらに個人情報を取り扱う業務を委託する場合は、委託先に対して厳正な監督措置を実施し、委託先においても個人情報に関する安全管理措置が厳格に保たれるように監視を行っています。
(4)人的安全管理措置
当社は、従業員に対し個人情報の適正な取り扱いに関する教育・研修を定期的に実施しています。
(5)物理的・技術的安全管理措置
当社は、個人データを取り扱う区域において、従業員及び第三者の入退室管理を行うとともに、個人情報を含む文書や媒体、機器等は施錠保管等の盗難防止措置を実施しています。また、個人データおよび個人データを取り扱う情報システムへのアクセス制御、コンピュータウイルス対策、不正ソフトウェア対策、情報システムの監視等を実施しています。 例)定められた格納場所以外への個人データの保存禁止、認証パスワードに関する高レベルのポリシーの適用、個人データに対する操作履歴の取得・分析
(6)外的環境の把握
当社は、当社が取り扱う個人データの一部を海外に所在するサーバ内に保管しています。当社では該当国における個人情報保護の制度を把握したうえで安全管理措置を行っています。
・該当国:ドイツ
該当国における個人情報保護制度の概要については、個人情報保護委員会が公表している「外国における個人情報の保護に関する制度等の調査」の結果
(https://www.ppc.go.jp/personalinfo/legal/kaiseihogohou/#gaikoku)も参照ください。
3.個人情報の共同利用について
当社では、前記1で公表する利用目的の範囲内で、個人情報の共同利用を行います。
(1) 共同して利用される個人情報の項目
<当社のお客様・お取引先に関する個人情報>
氏名、性別、役職、勤務先、勤務先住所、電話番号、Eメールアドレス、写真
<当社の従業員に関する個人情報>
氏名、性別、住所、国籍、生年月日、電話番号、Eメールアドレス、所属部署、写真、家族情報
(2)共同して利用する者の範囲
<個人情報を共同利用する共同利用先企業>
ブレインラボ株式会社(ドイツ本社)、ブレインラボグループ各社
(3)共同して利用する者の利用目的
前記1で公表している利用目的と同内容です。
(4)共同して利用する個人情報の管理について責任を有する者の名称等
ブレインラボ株式会社 東京都港区芝浦3-2-16
代表取締役社長 松村 友隆
(5)取得方法
ドイツ本社との共有システムを通じたデータ連携
4.個人情報の第三者への委託
個人情報を第三者に委託する場合は、慎重に委託先を選定し、委託業務以外への個人情報の利用の制限、機密保持の遵守、その他個人情報の取扱いに関して適切な管理を行うよう指示・監督いたします。
5.開示、訂正等の手続きについて
当社は、ご本人からの保有個人データの開示・利用目的の通知・訂正等・利用停止等・第三者提供の停止又は第三者提供記録の開示(以下「開示等の請求等」という。)のご請求を受付いたします。
(1)開示等の請求等の申し出先
個人情報相談窓口担当
メールアドレス:jp.ppolicy@brainlab.com
(2)ご提出いただくもの
① 個人情報 開示等請求書
② 本人確認のための書類(運転免許証/運転経歴証明書(顔写真付き)、住民基本台帳カード(顔写真付き)などの公的書類のコピー)
③ 法定代理人の場合は、上記②に加え、法定代理権があることを確認する書類
④ 任意代理人の場合は、上記②に加え、当社所定の委任状及び本人の印鑑証明書
※ご提出いただいた書類に、個人番号や要配慮個人情報が記載されている場合、あらかじめ塗り潰した上でご提出下さい。当社受領時に塗り潰されていない場合は、当社にて塗り潰すことにより取得しないものとさせていただきます。
※当社所定の様式については、別途ご案内いたします。
(3)手数料
当該ご請求のうち、開示のご請求及び利用目的の通知のご請求につきましては、1回のご請求につき、1,000円(税込)の手数料をご負担いただきますので、あらかじめご了承ください。
6.個人情報の取扱いに関するご相談・苦情について
当社の個人情報の取扱いに関するご相談や苦情等のお問い合わせについては、下記の窓口までご連絡いただきますよう、お願い申し上げます。
[個人情報保護方針の内容についてのお問い合わせ先]
ブレインラボ株式会社 個人情報相談窓口
メールアドレス:jp.ppolicy@brainlab.com