Diligence and transparency is the basis for a trusting cooperation with our customers. Eurofins respects the privacy of all users of its website and ensures that the personal information received or provided by you through our web forms is treated as confidential. Herewith we we would like to inform you on how we process your personal data and which rights you have concerning those data according to the European General Data Protection Regulation (GDPR). What kind of personal data we proceed is depends upon the respective contractual relationship.
Who is responsible for the data processing?
Eurofins Medigenomix Forensik GmbH
Anzinger Str. 7a
Managing Director: Dr. Burkhard Rolf
How can you contact the privacy officer?
Dr. Klaus zu Hoene
Which personal data do we use?
We process your personal data when you send us a request, order a DNA test kit or sign a contract for a DNA Analysis. Besides, we process your personal data in ordert o submit to legal obligations, to meet a legitimate interest or because your granted your consent.
Depending on the specific operating ground we process the following kind of data:
- Name, Surname
- Postal address
- Data for communication (email address, telephone number)
- Date of birth
- Contract data such as Order ID, Order date, contract details
- Invoice data
- Payment data, account information
- DNA-Data in connection with your ordered DNA analysis
Where do we get the data from?
We only process personal data that we receive from you as our customer.
Why do we process your personal data and on which legal basis?
We process your personal data considering the GDPR, the German Data Protection Act (BDSG) as well as all other relevant laws only for the reason specified in our contract.
based on your consent (acc. to article 6 (1) GDPR)
In case you give your volontary consent to collect, process or transmit your personal data this consent is the legal basis for processing the data.
In the following cases we process your personal data based on your consent:
- Customer satisfaction surveys through external partners
To fulfill a contract (Art. 6 (1 b) GDPR)
- Reporting a DNA test result as ordered
To comply with legal obligations (Art. 6 (1 c) GDPR)
As a company we are subject tovarious legal obligations. To comply with those obligations we may need to process your personal data.
- Prevention of fraud / of illegal behaviour
Because of a legitimate interest (Art. 6 (1 f) GDPR)
In some cases we may need to process your personal data to safeguard our or a third party legitimate interest.
- Safeguarding of IT security and IT operations
- Application of strictyl necessary cookies, performance Cookies und functionality Cookies
Who your personal information will be transferred to?
To meet our contractual and legal obligations your personal data may be transferred to external service providers
External service providers:
- GSuite, Google LLC
- Net Reviews SAS
Will your information be transferred outside the European Union?
Countries outside the European Union (and the European Economic Area„EWR“) treat data protection differently from countries within the EU. To process your data we may use service providers from outside the EU. No decision has yet been made by the EU commission that those non-EU countries offer an appropriate protection.
We have therefore implemented certain measures to ensure the safeguarding of your personal data in all countries, within as well as without the EU. With service partners outside the EU we apply standard privacy clauses provided by the EU commission. These clauses provide guarantees for the protection of your personal data handled by service partners in a non-EU country. You may of course request to read this guarantee. Please contact us under firstname.lastname@example.org if you wish to do so.
How long will we keep your personal data for?
Your personal data will be stored for a limited period of time, to fulfill the purpose for which they have been collected and processed, as listed above.
Once the storage of your data to comply with our legal or contractual obligations is not necessary anymore your data will be deleted. We will only keep them if processing is necessary for one of the following purposes:
- Fulfillment of fiscal and commercial retention requirements according to the German Commercial Code (HGB) and General Fiscal Code (AO).
- The results of DNA analyses need to be saved for 30 years according to §17 German Genetic Diagnostics Act (GenDG)
- Storage of evidence in regards to the statute of limitations. The German Civil (BGB) determines this to be up to 30 years, regularly it is 3 years.
Which rights do you have over your personal data?
Each person concerned has the right to access the personal data acc. to article 15, GDPR, the right to rectify inaccurate personal data acc. article 16 GDPR, the right to deletion of data acc. to article 17 GDPR, the right to restricting the processing of data acc. to article. 18 GDPR, the right to object to the progressing of data acc. to article 21 GDPR and the right todata portability provided acc. to article 20 GDPR. The right to information and the right to deletion are underlying the constrictions acc. to §§ 34 and 35 GDPR.
Right of objection
- What right do you possess in regards of the processing of your data in your own or in public interest?
Acc. to article 21 (1) GDPR you have the right to withdraw your consent to process your personal data any time. Reasons to do so are specified in Art. 6 (1 lit. E) GDPR (data processing in public interest) or article Artikel 6 (1 lit. F) GDPR (data processing to protect legitimate interests). This also applies to a profiling based on this rule.
If you withdraw your consent we will not process your personal data anymore unless we may have compelling reasons, worthy of protection, to process your data. Those reasons must predominate your interests, rights and freedom. Also, the processing of your data may serve the enforcement, exertion or defense of legal obligations.
Withdrawal of consent
You can withdraw your consent in full or in parts at any time. To do so, please send us an email to email@example.com. Please consider that this withdrawal can only be applied for future data processing.
Right of access to personal data
You have the right to ask if we have stored your personal data. You have the right to ask which data we have stored, for which purpose we are processing your data, to whom we disclose your data, how long we store your personal data and which other rights you may executein regards to this data.
Beyond you have the right to ask for rectifying your data and for erasing your data. If there are no more reasons to save your data we will erase them otherwise restrict the processing of your data. You also have the right for the portability of the data you provided us with.
You also have the right to complain to the relevant national data protection authority in case these rights are not complied with. An overview of the national data protection authorities is available at the following link: http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080
(Article 77 GDPR,. § 19 GDPR).
Excute your rights
To excute your rights please contact the responsible persons or our privacy security officer: firstname.lastname@example.org We will process your request according to the statutory provisions and will inform you of the measures we seized
Do you have an obligation to provide us with your personal data?
To enter into a business relationship you need to provide us with such personal data that is necessary to comply with your order or that we are legally obliged to retrieve. If you do not want to give us that data the processing of your order will not be possible.
Data collection through this website
We collect your data when you visit our website. This data is partially automatically collected through cookies and saved in server log files. In our cookie notice we give you detailed information which cookies we use for which purposes: https://www.vaterschaftsanalyse.de/en/info/privacy-policy/
Changes to this information
In case of a change in the purpose or the way of our processsing of your personal data we will update this information in due time and inform you accordingly.