Datenschutz bei AMEDON

Contact

+49 (0) 451 / 38 450-0
info@amedon.de

Privacy Policy

An overview of data protection

General information

The following information will provide you with an easy to navigate overview of what will happen with your personal data when you visit this website. The term “personal data” comprises all data that can be used to personally identify you. For detailed information about the subject matter of data protection, please consult our Data Protection Declaration, which we have included beneath this copy.

Data recording on this website

Who is the responsible party for the recording of data on this website (i.e., the “controller”)?

The data on this website is processed by the operator of the website, whose contact information is available under section “Information about the responsible party (referred to as the “controller” in the GDPR)” in this Privacy Policy.

How do we record your data?

We collect your data as a result of your sharing of your data with us. This may, for instance be information you enter into our contact form.

Other data shall be recorded by our IT systems automatically or after you consent to its recording during

your website visit. This data comprises primarily technical information (e.g., web browser, operating system, or time the site was accessed). This information is recorded automatically when you access this website.

What are the purposes we use your data for?

A portion of the information is generated to guarantee the error free provision of the website. Other data may be used to analyze your user patterns. If contracts can be concluded or initiated via the website, the transmitted data will also be processed for contract offers, orders or other order enquiries.

What rights do you have as far as your information is concerned?

You have the right to receive information about the source, recipients, and purposes of your archived personal data at any time without having to pay a fee for such disclosures. You also have the right to demand that your data are rectified or eradicated. If you have consented to data processing, you have the option to revoke this consent at any time, which shall affect all future data processing. Moreover, you have the right to demand that the processing of your data be restricted under certain circumstances. Furthermore, you have the right to log a complaint with the competent supervising agency.

Please do not hesitate to contact us at any time if you have questions about this or any other data protection related issues.

Analysis tools and tools provided by third parties

When you visit this website, your browsing behavior may be statistically analyzed. This is primarily done using so-called analytics programs.You can find detailed information about these analytics programs in the following privacy policy.

Hosting
We are hosting the content of our website at the following provider:

External Hosting

This website is hosted externally. Personal data collected on this website are stored on the servers of the host. These may include, but are not limited to, IP addresses, contact requests, metadata and communications, contract information, contact information, names, web page access, and other data generated through a web site.

The external hosting serves the purpose of fulfilling the contract with our potential and existing customers (Art. 6(1)(b) GDPR) and in the interest of secure, fast, and efficient provision of our online services by a professional provider (Art. 6(1)(f) GDPR). If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6 (1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time.

Our host(s) will only process your data to the extent necessary to fulfil its performance obligations and to follow our instructions with respect to such data.

We are using the following host(s):

badenIT GmbH
Tullastrasse 61
79108 Freiburg

Data Processing Agreement

We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract required under data protection law that ensures the provider processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

General information and mandatory information

Data protection

The operators of this website and its pages take the protection of your personal data very seriously. Hence, we handle your personal data as confidential information and in compliance with the statutory data protection regulations and this Data Protection Declaration.

Whenever you use this website, a variety of personal information will be collected. Personal data comprises data that can be used to personally identify you. This Data Protection Declaration explains which data we collect as well as the purposes we use this data for. It also explains how, and for which purpose the information is collected.

We herewith advise you that the transmission of data via the Internet (i.e., through e-mail communications) may be prone to security gaps. It is not possible to completely protect data against third-party access.

Data Processing Concerning Children

Our services and our website are generally not intended for children under the age of 16. However, in the context of clinical studies, it may occur that personal data of children are processed as study participants or patients. This processing is carried out solely on the basis of informed consent given by the legal guardians in accordance with Art. 6(1)(a) GDPR and taking into account the special protective measures pursuant to Art. 9(2)(a) GDPR.

The responsibility for obtaining consent and ensuring data protection-compliant conduct of the studies lies with the client, University Hospital Düsseldorf. Amedon merely provides the technical infrastructure for the documentation of the collected data.

If personal data of children have been inadvertently processed outside of this defined context, such data will be deleted without delay in accordance with Art. 17 GDPR (right to erasure – “right to be forgotten”). If you, as a parent or legal guardian, suspect that your child has submitted personal data to us, please contact us immediately so that we can take appropriate measures in accordance with the requirements of Art. 12 GDPR.

Profiling and Automated Decision-Making

We do not use profiling or automated decision-making processes in accordance with Art. 22 GDPR on our website or as part of our services. No automated processes are used that have legal effects on individuals or similarly significantly affect them.

If such processes are introduced in the future, we will ensure that data subjects are informed in a timely manner in accordance with the requirements of Art. 13 and Art. 22 GDPR and that they can exercise their rights, in particular the right to object.

Processing of Sensitive Personal Data

As part of clinical studies, special categories of personal data are processed in accordance with Art. 9(1) GDPR, in particular health data of study participants. The processing of this data is carried out solely on the basis of informed consent given by the data subject or their legal representative in accordance with Art. 6(1)(a) and Art. 9(2)(a) GDPR.

The clinical studies are reported to the responsible authorities in accordance with regulatory requirements and are subject to approval by the competent ethics committee.

In this context, Amedon acts as a technical service provider and provides the required infrastructure for the documentation of the collected data. Responsibility for the collection, processing, and storage of this data lies with the respective sponsor of the clinical study.

Security Measures to Protect Sensitive Personal Data

To ensure the security of sensitive personal data, we implement technical and organizational measures in accordance with Art. 32 GDPR. These include, among others:

Encryption of stored and transmitted data
Strict access controls and permission management
Logging and monitoring of access
Privacy-friendly default settings in accordance with Art. 25 GDPR
Regular security audits and staff training

If you have any questions about the processing of your health data or would like to exercise your rights under Art. 15 et seq. GDPR, you can contact us at any time using the contact details provided.

Note on the Responsible Party

The responsible party for data processing on this website is:

M.A.R.C.O. GmbH & Co. KG
Institute for Clinical Research and Statistics
Schirmerstr. 71
40211 Duesseldorf
Germany

Phone: +49 (0) 211 / 977 933
Email: contact@marco-institut.de

The responsible party is the natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data (e.g. names, email addresses, etc.).

Storage duration

Unless a more specific storage period has been specified in this privacy policy, your personal data will remain with us until the purpose for which it was collected no longer applies. If you assert a justified request for deletion or revoke your consent to data processing, your data will be deleted, unless we have other legally permissible reasons for storing your personal data (e.g., tax or commercial law retention periods); in the latter case, the deletion will take place after these reasons cease to apply.

General information on the legal basis for the data processing on this website

If you have consented to data processing, we process your personal data on the basis of Art. 6(1)(a) GDPR or Art. 9 (2)(a) GDPR, if special categories of data are processed according to Art. 9 (1) DSGVO. In the case of explicit consent to the transfer of personal data to third countries, the data processing is also based on Art. 49 (1)(a) GDPR. If you have consented to the storage of cookies or to the access to information in your end device (e.g., via device fingerprinting), the data processing is additionally based on § 25 (1) TDDDG. The consent can be revoked at any time. If your data is required for the fulfillment of a contract or for the implementation of pre-contractual measures, we process your data on the basis of Art. 6(1)(b) GDPR. Furthermore, if your data is required for the fulfillment of a legal obligation, we process it on the basis of Art. 6(1)(c) GDPR. Furthermore, the data processing may be carried out on the basis of our legitimate interest according to Art. 6(1)(f) GDPR. Information on the relevant legal basis in each individual case is provided in the following paragraphs of this privacy policy.

Data Protection Officer

We have appointed a Data Protection Officer.

Data Protection Department

SCALTEL SNS SYSTEMS GmbH
Anna-Birle-Str. 2
55252 Wiesbaden, Germany

Phone: +49 6134 50789-24
Email: Datenschutz@SNS-Systems.de

Information on the data transfer to third-party countries that are not secure under data protection law and the transfer to US companies that are not DPF-certified

We use, among other technologies, tools from companies located in third-party countries that are not safe under data protection law, as well as US tools whose providers are not certified under the EU-US Data Privacy Framework (DPF). If these tools are enabled, your personal data may be transferred to and processed in these countries. We would like you to note that no level of data protection comparable to that in the EU can be guaranteed in third countries that are insecure in terms of data protection law.

We would like to point out that the US, as a secure third-party country, generally has a level of data protection comparable to that of the EU. Data transfer to the US is therefore permitted if the recipient is certified under the “EU-US Data Privacy Framework” (DPF) or has appropriate additional assurances.

Information on transfers to third-party countries, including the data recipients, can be found in this Privacy Policy.

Recipients of personal data

In the scope of our business activities, we cooperate with various external parties. In some cases, this also requires the transfer of personal data to these external parties. We only disclose personal data to external parties if this is required as part of the fulfillment of a contract, if we are legally obligated to do so (e.g., disclosure of data to tax authorities), if we have a legitimate interest in the disclosure pursuant to Art. 6 (1)(f) GDPR, or if another legal basis permits the disclosure of this data. When using processors, we only disclose personal data of our customers on the basis of a valid contract on data processing. In the case of joint processing, a joint processing agreement is concluded.

Revocation of your consent to the processing of data

A wide range of data processing transactions are possible only subject to your express consent. You can also revoke at any time any consent you have already given us. This shall be without prejudice to the lawfulness of any data collection that occurred prior to your revocation.

Right to object to the collection of data in special cases; right to object to direct advertising (Art. 21 GDPR)

IN THE EVENT THAT DATA ARE PROCESSED ON THE BASIS OF ART. 6(1)(E) OR (F) GDPR, YOU HAVE THE RIGHT TO AT ANY TIME OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA BASED ON GROUNDS ARISING FROM YOUR UNIQUE SITUATION. THIS ALSO APPLIES TO ANY PROFILING BASED ON THESE PROVISIONS. TO DETERMINE THE LEGAL BASIS, ON WHICH ANY PROCESSING OF DATA IS BASED, PLEASE CONSULT THIS DATA PROTECTION DECLARATION. IF YOU LOG AN OBJECTION, WE WILL NO LONGER PROCESS YOUR AFFECTED PERSONAL DATA, UNLESS WE ARE IN A POSITION TO PRESENT COMPELLING PROTECTION WORTHY GROUNDS FOR THE PROCESSING OF YOUR DATA, THAT OUTWEIGH YOUR INTERESTS, RIGHTS AND FREEDOMS OR IF THE PURPOSE OF THE PROCESSING IS THE CLAIMING, EXERCISING OR DEFENCE OF LEGAL ENTITLEMENTS (OBJECTION PURSUANT TO ART. 21(1) GDPR).

IF YOUR PERSONAL DATA IS BEING PROCESSED IN ORDER TO ENGAGE IN DIRECT ADVERTISING, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR AFFECTED PERSONAL DATA FOR THE PURPOSES OF SUCH ADVERTISING AT ANY TIME. THIS ALSO APPLIES TO PROFILING TO THE EXTENT THAT IT IS AFFILIATED WITH SUCH DIRECT ADVERTISING. IF YOU OBJECT, YOUR PERSONAL DATA WILL SUBSEQUENTLY NO LONGER BE USED FOR DIRECT ADVERTISING PURPOSES (OBJECTION PURSUANT TO ART. 21(2) GDPR).

Right to log a complaint with the competent supervisory agency

In the event of violations of the GDPR, data subjects are entitled to log a complaint with a supervisory agency, in particular in the member state where they usually maintain their domicile, place of work or at the place where the alleged violation occurred. The right to log a complaint is in effect regardless of any other administrative or court proceedings available as legal recourses.

Right to data portability

You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you should demand the direct transfer of the data to another controller, this will be done only if it is technically feasible.

SSL or TLS Encryption

For security reasons and to protect the transmission of confidential content—such as orders or inquiries that you send to us as the website operator—this site uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of your browser changes from “http://” to “https://” and by the lock symbol in your browser bar.
When SSL or TLS encryption is enabled, the data you transmit to us cannot be read by third parties.

Right to Access, Erasure, and Rectification

Within the framework of the applicable legal provisions, you have the right at any time to obtain free information about your stored personal data, its origin and recipients, and the purpose of data processing. You also have a right to rectification or erasure of this data, if applicable. For this purpose, as well as for any other questions concerning personal data, you can contact us at any time.

Right to Restriction of Processing

You have the right to request the restriction of the processing of your personal data. You may contact us at any time to exercise this right. The right to restriction applies in the following cases:

If you contest the accuracy of your personal data stored by us, we usually need time to verify this. During the verification period, you have the right to request the restriction of the processing of your personal data.
If the processing of your personal data was/is unlawful, you may request the restriction of data processing instead of erasure.
If we no longer need your personal data, but you require it for the establishment, exercise, or defense of legal claims, you have the right to request the restriction of processing instead of erasure.
If you have objected to processing pursuant to Art. 21(1) GDPR, a balance must be struck between your interests and ours. As long as it is not yet determined whose interests prevail, you have the right to request the restriction of the processing of your personal data.

If you have restricted the processing of your personal data, such data—apart from its storage—may only be processed with your consent, or for the establishment, exercise, or defense of legal claims, or for the protection of the rights of another natural or legal person, or for reasons of important public interest of the European Union or a Member State.

Objection to Promotional Emails

The use of contact details published within the scope of the legal notice obligation for sending unsolicited advertising and informational materials is hereby objected to. The operators of this website expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam emails.

Data Collection on This Website

Cookies

Our website uses so-called “cookies.” Cookies are small data packets that do not cause any damage to your device. They are either stored temporarily for the duration of a session (session cookies) or permanently (persistent cookies) on your device. Session cookies are automatically deleted after your visit. Persistent cookies remain stored on your device until you delete them yourself or they are automatically deleted by your web browser.

Cookies can be set by us (first-party cookies) or by third-party companies (so-called third-party cookies). Third-party cookies allow the integration of certain services from third-party companies within websites (e.g., cookies for processing payment services).

Cookies serve various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g., shopping cart functionality or displaying videos). Other cookies may be used to analyze user behavior or for advertising purposes.

Cookies that are necessary for the electronic communication process, for providing certain functions you request (e.g., for the shopping cart), or for optimizing the website (e.g., cookies for measuring web audience) are stored on the basis of Art. 6(1)(f) GDPR, unless another legal basis is specified. The website operator has a legitimate interest in storing necessary cookies for the technically flawless and optimized provision of its services. If consent to the storage of cookies and similar recognition technologies has been requested, processing is based exclusively on this consent (Art. 6(1)(a) GDPR and § 25(1) TTDSG); consent can be revoked at any time.

You can configure your browser to inform you about the setting of cookies and allow cookies only in individual cases, exclude the acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when the browser is closed. Disabling cookies may limit the functionality of this website.

Details about which cookies and services are used on this website can be found in this privacy policy.

Server Log Files

The provider of this website automatically collects and stores information in so-called server log files that your browser automatically transmits to us. These are:

Browser type and version
Operating system used
Referrer URL
Hostname of the accessing computer
Time of the server request
IP address

This data is not merged with other data sources.

The collection of this data is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of the website – for this purpose, the server log files must be collected.

Contact Form

If you send us inquiries via the contact form, your information from the inquiry form, including the contact details you provide there, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. We do not share this data without your consent.

The processing of this data is based on Art. 6(1)(b) GDPR if your request is related to the performance of a contract or is necessary to carry out pre-contractual measures. In all other cases, processing is based on our legitimate interest in the effective processing of inquiries addressed to us (Art. 6(1)(f) GDPR) or on your consent (Art. 6(1)(a) GDPR) if it has been requested; consent can be withdrawn at any time.

The data you enter in the contact form remains with us until you request deletion, revoke your consent to storage, or the purpose for data storage no longer applies (e.g., after your request has been fully processed). Mandatory legal provisions – especially retention periods – remain unaffected.

Inquiry by Email, Phone or Fax

If you contact us by email, phone, or fax, your inquiry, including all resulting personal data (name, inquiry), will be stored and processed by us for the purpose of handling your request. We do not share this data without your consent.

The processing of this data is based on Art. 6(1)(b) GDPR if your inquiry is related to the performance of a contract or is necessary for pre-contractual measures. In all other cases, processing is based on our legitimate interest in the effective handling of inquiries addressed to us (Art. 6(1)(f) GDPR) or on your consent (Art. 6(1)(a) GDPR) if it has been requested.

The data sent by you to us via contact inquiries will remain with us until you request its deletion, revoke your consent to storage, or the purpose for data storage no longer applies (e.g., after your request has been processed). Mandatory legal requirements – especially statutory retention periods – remain unaffected.

Analytics Tools and Advertising

IONOS WebAnalytics

This website uses the analytics services of IONOS WebAnalytics (hereinafter referred to as “IONOS”). The provider is 1&1 IONOS SE, Elgendorfer Straße 57, D – 56410 Montabaur, Germany.

As part of the analysis with IONOS, visitor numbers and behavior (e.g. number of page views, duration of website visit, bounce rates), visitor sources (i.e. the page the visitor came from), visitor locations, as well as technical data (browser and operating system versions) can be analyzed. For this purpose, IONOS stores in particular the following data:

Referrer (previously visited website)
Requested webpage or file
Browser type and version
Operating system used
Device type used
Time of access
IP address in anonymized form (used only to determine the location of access)

According to IONOS, data collection is fully anonymized and cannot be traced back to individual persons. IONOS WebAnalytics does not store cookies.

The storage and analysis of data is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the statistical analysis of user behavior in order to optimize both its website and advertising. If consent has been requested, the processing is based exclusively on Art. 6(1)(a) GDPR and § 25(1) TTDSG, provided that the consent includes the storage of cookies or access to information on the user’s device (e.g. device fingerprinting) as defined by the TTDSG. Consent can be withdrawn at any time.

Further information on data collection and processing by IONOS WebAnalytics can be found in the IONOS privacy policy at the following link:

https://www.ionos.de/terms-gtc/datenschutzerklaerung

Data Processing Agreement

Plugins and Tools

Google Maps

This site uses the map service Google Maps. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. This service allows us to integrate map content into our website.

To use the functions of Google Maps, it is necessary to store your IP address. This information is usually transmitted to a Google server in the USA and stored there. The provider of this site has no influence on this data transmission. When Google Maps is activated, Google may use Google Fonts for the uniform display of fonts. When you access Google Maps, your browser loads the necessary web fonts into your browser cache to display texts and fonts correctly.

The use of Google Maps is in the interest of providing an attractive presentation of our online offerings and to make it easy to find the locations mentioned on our website. This constitutes a legitimate interest within the meaning of Art. 6(1)(f) GDPR. If consent has been requested, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25(1) TTDSG, insofar as the consent includes the storage of cookies or access to information on the user’s device (e.g. device fingerprinting) as defined by the TTDSG. Consent can be withdrawn at any time.

Data transfers to the USA are based on the EU Commission’s Standard Contractual Clauses. Details can be found here:

https://privacy.google.com/businesses/gdprcontrollerterms/

and https://privacy.google.com/businesses/gdprcontrollerterms/sccs/

More information on the handling of user data can be found in Google’s privacy policy:

https://policies.google.com/privacy?hl=en

Google is certified under the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the United States intended to ensure compliance with European data protection standards when processing data in the U.S. Each company certified under the DPF commits to complying with these data protection standards. Further information is available from the provider at the following link:
https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active

Our Own Services

Handling of Applicant Data

We offer you the opportunity to apply for a position with us (e.g., via email, postal mail, or online application form). Below, we inform you about the scope, purpose, and use of the personal data collected during the application process. We assure you that the collection, processing, and use of your data are carried out in accordance with applicable data protection laws and all other legal provisions, and that your data will be treated with strict confidentiality.

Scope and Purpose of Data Collection

When you send us an application, we process the associated personal data (e.g., contact and communication data, application documents, notes from interviews, etc.) as far as is necessary to make a decision on establishing an employment relationship. The legal basis for this is Section 26 of the new German Federal Data Protection Act (BDSG-neu) (initiation of an employment relationship), Article 6(1)(b) GDPR (general contract initiation), and — if you have given your consent — Article 6(1)(a) GDPR. Consent may be withdrawn at any time. Within our company, your personal data will only be shared with individuals involved in processing your application.

If the application is successful, the data you have submitted will be stored in our data processing systems on the basis of Section 26 BDSG-neu and Article 6(1)(b) GDPR for the purpose of carrying out the employment relationship.

Retention Period of Data

If we are unable to offer you a position, if you reject a job offer, or if you withdraw your application, we reserve the right to retain the data you have submitted on the basis of our legitimate interests (Article 6(1)(f) GDPR) for up to 6 months after the conclusion of the application process (rejection or withdrawal of the application). The data will then be deleted, and any physical application documents will be destroyed. Retention serves in particular as evidence in the event of a legal dispute. If it is evident that the data will still be required after the 6-month period (e.g., due to a pending or threatened legal dispute), deletion will only occur once the purpose for continued storage no longer applies.

Longer storage may also occur if you have given your explicit consent (Article 6(1)(a) GDPR) or if legal retention obligations prevent deletion.

Inclusion in the Applicant Pool

If we do not offer you a position, it may be possible to include you in our applicant pool. In this case, all documents and information from your application will be transferred to the applicant pool in order to contact you in the event of suitable vacancies.

Inclusion in the applicant pool is based solely on your explicit consent (Article 6(1)(a) GDPR). Giving consent is voluntary and unrelated to the ongoing application process. You may withdraw your consent at any time. In this case, the data will be permanently deleted from the applicant pool, provided there are no legal reasons for further retention.

Data in the applicant pool will be permanently deleted no later than two years after consent has been given.

Last updated: March 20, 2025

eCRF
ePRO/eCOA
CTMS
eTMF
SAE Database

Company
Contact

Career