S a m o t i o n 

​

This privacy policy informs you about the type, scope, and purpose of the processing of personal data (hereinafter referred to as "data") within our online services and the associated websites, functions, and content, as well as external online presences, such as our social media profiles (collectively referred to as the "online offer"). Regarding the terms used, such as "processing" or "controller," we refer to the definitions in Article 4 of the General Data Protection Regulation (GDPR).

​

Controller

​
Karimu Samuels / Samotion
Alexandrinen Str. 93
10969 Berlin, Germany
Email: info@samotion.de
Managing Director/Owner: Karimu Samuels
Link to imprint: https://www.samotion.de/impressum-1

 

​

Types of processed data:

​

• Inventory data (e.g., names, addresses).

• Contact data (e.g., email, phone numbers).

• Content data (e.g., text entries, photos, videos).

• Usage data (e.g., visited websites, content interests, access times).

• Meta/communication data (e.g., device information, IP addresses).

​​

​

Categories of affected persons:

Visitors and users of the online offer (hereinafter referred to as "users").

​

Purpose of processing:

• Provision of the online offer, its functions, and content.

• Responding to contact requests and communication with users.

• Security measures.

• Reach measurement/marketing​

​​

​

Terms used:

"Personal data" refers to all information relating to an identified or identifiable natural person (hereinafter "data subject"); a natural person is considered identifiable if they can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g., cookie), or one or more specific characteristics that are an expression of the physical, physiological, genetic, mental, economic, cultural, or social identity of that person.

"Processing" means any operation or set of operations performed on personal data, whether or not by automated means. The term is broad and encompasses practically any handling of data.

"Pseudonymization" is the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is stored separately and subject to technical and organizational measures to ensure that the personal data is not assigned to an identified or identifiable natural person.

"Profiling" means any type of automated processing of personal data that involves using such data to evaluate certain personal aspects related to a natural person, particularly to analyze or predict aspects concerning their work performance, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.

As the "controller," we refer to the natural or legal person, authority, institution, or other body that, alone or jointly with others, determines the purposes and means of processing personal data.

"Processor" means a natural or legal person, authority, institution, or other body that processes personal data on behalf of the controller.

​​

​

Security measures:

We implement appropriate technical and organizational measures in accordance with Article 32 GDPR, considering the state of the art, implementation costs, and the nature, scope, circumstances, and purposes of processing, as well as the varying likelihood and severity of the risk to the rights and freedoms of natural persons, to ensure a level of protection appropriate to the risk.

Measures include securing the confidentiality, integrity, and availability of data through control of physical access to the data and the access, input, transmission, availability, and separation of data. We also have procedures in place to ensure the exercise of data subject rights, data deletion, and responses to data breaches. Furthermore, we incorporate data protection into the development and selection of hardware, software, and procedures, in accordance with the principle of privacy by design and by default (Article 25 GDPR).

​​

​

Collaboration with processors and third parties:

If we disclose data to other persons and companies (processors or third parties) or provide them with access to the data, it is done only on the basis of legal permission (e.g., if a transfer of data to third parties, such as payment service providers, is necessary for the performance of the contract in accordance with Article 6(1)(b) GDPR), if you have given your consent, if a legal obligation requires it, or on the basis of our legitimate interests (e.g., when using service providers, web hosts, etc.).

If we commission third parties with processing data based on a "data processing agreement," this is done in accordance with Article 28 GDPR.

​​

​

Transfers to third countries:

If we process data in a third country (i.e., outside the European Union (EU) or European Economic Area (EEA)), or this occurs in the course of using services from third parties or disclosing/transmitting data to third parties, it will only happen if necessary for the performance of our (pre)contractual obligations, based on your consent, due to a legal obligation, or based on our legitimate interests. Data will be processed in a third country only if the special conditions of Articles 44 et seq. GDPR are met. This means that data processing may occur based on special guarantees, such as the official recognition of an EU-equivalent level of data protection (e.g., for the USA via the "Privacy Shield") or compliance with officially recognized special contractual obligations (so-called "standard contractual clauses").

​

​

Rights of affected persons:

You have the right to request confirmation whether data is being processed and to request information about this data, as well as additional information and copies of the data in accordance with Article 15 GDPR.

​

You have the right, in accordance with Article 16 GDPR, to request the completion of your data or correction of inaccurate data.

​

You have the right to request, in accordance with Article 17 GDPR, the immediate deletion of data or alternatively, in accordance with Article 18 GDPR, a restriction on the processing of data.

​

You have the right to receive the data you have provided to us in accordance with Article 20 GDPR and request its transmission to other controllers.

​

You also have the right to file a complaint with the competent supervisory authority in accordance with Article 77 GDPR.

​

​

Right of withdrawal:

You have the right to withdraw your consent at any time in accordance with Article 7(3) GDPR.

​

​

Right to object:

You can object to the future processing of your data in accordance with Article 21 GDPR at any time. The objection can be made especially against the processing for direct marketing purposes.

​

​

Cookies and Right of Objection for Direct Marketing:

"Cookies" are small files that are stored on users' computers. These cookies can store different information. A cookie primarily serves to store information about a user (or the device on which the cookie is stored) during or after their visit to an online offer. Temporary cookies, or "session cookies," are deleted after the user leaves an online offer and closes their browser. Permanent cookies remain stored even after closing the browser, for example, to store login statuses or user interests for reach measurement or marketing purposes.

You can disable cookies in your browser settings if you do not want cookies to be stored on your computer. However, please note that disabling cookies may lead to restricted functionality of the online offer.

​

​

Data Deletion:

The data we process will be deleted or its processing restricted in accordance with Articles 17 and 18 GDPR. Data is deleted when it is no longer required for its purpose, and no legal retention obligations apply.

​

​​​​

Cookies and Right to Object to Direct Marketing

​

"Cookies" are small files stored on users' computers. Different information can be stored within cookies. A cookie primarily serves to store information about a user (or the device on which the cookie is stored) during or after their visit to an online offer. Temporary cookies, or "session cookies" or "transient cookies," are cookies that are deleted after a user leaves an online offer and closes their browser. For example, a shopping cart’s content in an online store or a login status can be stored in such a cookie. "Permanent" or "persistent" cookies remain stored even after closing the browser. For example, a login status can be stored if users visit the site again after several days. In such cookies, users’ interests may also be stored, which can be used for reach measurement or marketing purposes. "Third-party cookies" are cookies provided by providers other than the operator of the online offer (otherwise, if they are only the operator’s cookies, they are called "first-party cookies").

We may use temporary and permanent cookies and will inform users about this within our privacy policy.

If users do not want cookies to be stored on their computer, they are asked to deactivate the relevant option in their browser settings. Stored cookies can be deleted in the browser's system settings. Excluding cookies may lead to functional limitations of this online offer.

A general objection to the use of cookies for online marketing purposes can be declared through various services, especially in the case of tracking, via the U.S. site http://www.aboutads.info/choices/ or the EU site http://www.youronlinechoices.com/. Furthermore, the storage of cookies can be disabled through browser settings. Please note that this may limit the functionality of certain features of this online offer.

​​

​

Deletion of Data

​

The data we process will be deleted or its processing restricted in accordance with Articles 17 and 18 of the GDPR. Unless otherwise stated in this privacy policy, data stored by us will be deleted as soon as it is no longer required for its intended purpose and no legal retention obligations conflict with its deletion. If the data is not deleted because it is required for other legally permissible purposes, its processing will be restricted. That is, the data will be blocked and not processed for other purposes. This applies, for example, to data that must be stored for commercial or tax law reasons.

According to legal regulations in Germany, data must be stored for 10 years in accordance with §§ 147(1) AO, 257(1) Nos. 1 and 4, (4) HGB (books, records, management reports, booking vouchers, commercial books, documents relevant for taxation, etc.) and 6 years according to § 257(1) Nos. 2 and 3, (4) HGB (business letters).

According to legal regulations in Austria, the data must be stored for 7 years according to § 132(1) BAO (accounting documents, receipts/invoices, accounts, documents, business papers, statement of income and expenses, etc.), for 22 years in connection with real estate, and for 10 years for documents related to electronically provided services, telecommunications, broadcasting, and television services provided to non-business customers in EU member states, and for which the Mini-One-Stop-Shop (MOSS) is used.

 

​

Healthcare Services

 

We process the data of our patients, interested parties, and other clients or contractual partners (collectively referred to as "patients") in accordance with Article 6(1)(b) GDPR to provide our contractual or pre-contractual services. The data processed, the type, scope, purpose, and necessity of the processing, are determined by the underlying contractual relationship. The processed data generally includes inventory and personal data of the patients (e.g., name, address, etc.), as well as contact data (e.g., email address, phone number, etc.), contract data (e.g., services used, products purchased, costs, names of contacts), and payment data (e.g., bank details, payment history, etc.).

As part of our services, we may also process special categories of data according to Article 9(1) GDPR, specifically health-related data of the patients, possibly related to their sexual life or sexual orientation. For this, we obtain explicit consent from the patients, as required by Article 6(1)(a), Article 7, and Article 9(2)(a) GDPR, and process the special categories of data otherwise for healthcare purposes based on Article 9(2)(h) GDPR, § 22(1) No. 1(b) BDSG.

If required for contract performance or legally necessary, we disclose or transmit patients’ data in the context of communication with medical professionals, third parties involved in the performance of the contract, such as laboratories, billing offices, or comparable service providers, if this serves the provision of our services according to Article 6(1)(b) GDPR, is legally required according to Article 6(1)(c) GDPR, serves our or the patients' legitimate interest in efficient and cost-effective healthcare according to Article 6(1)(f) GDPR, or is necessary under Article 6(1)(d) GDPR to protect vital interests of the patients or another natural person or within the framework of consent according to Article 6(1)(a), Article 7 GDPR.

Data will be deleted if it is no longer necessary for the fulfillment of contractual or legal care obligations and for handling warranty and similar duties, with the necessity of data retention being checked every three years. Otherwise, the legal retention obligations apply.

 

​

Contacting Us

 

When contacting us (e.g., via contact form, email, phone, or social media), users' information will be processed for the purpose of handling and responding to the contact request in accordance with Article 6(1)(b) GDPR. Users' information may be stored in a Customer Relationship Management system ("CRM system") or a similar inquiry organization.

​

We delete inquiries once they are no longer needed. We review the necessity every two years; furthermore, legal archiving obligations apply.

​

 

Social Media Online Presences

 

We maintain online presences on social networks and platforms to communicate with active customers, prospects, and users there and to inform them about our services. When accessing these networks and platforms, the terms of service and privacy policies of the respective operators apply.

​

Unless otherwise stated in our privacy policy, we process the data of users who communicate with us on these networks and platforms, e.g., by posting on our profiles or sending us messages.

 

​

Embedding of Third-Party Services and Content

 

We incorporate third-party content or service offerings within our online offer based on our legitimate interests (i.e., interest in analyzing, optimizing, and economically operating our online services in accordance with Article 6(1)(f) GDPR) to include their content and services, such as videos or fonts (hereinafter collectively referred to as "content").

This always requires that the third-party providers of these contents perceive the user's IP address, as they cannot send the content to the user’s browser without it. Therefore, the IP address is required for the delivery of this content. We strive to only use content whose respective providers use the IP address solely for the delivery of the content. Third-party providers may also use so-called pixel tags (invisible graphics, also called "web beacons") for statistical or marketing purposes. These "pixel tags" allow for the evaluation of visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user's device and can contain technical details about the browser and operating system, referring websites, visit time, and further details about the use of our online services, as well as being linked to information from other sources.

​

Youtube

 

We embed videos from the “YouTube” platform provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Privacy Policy: https://www.google.com/policies/privacy/
Opt-Out: https://adssettings.google.com/authenticated

 

Google Fonts

 

We embed the fonts ("Google Fonts") from Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Privacy Policy: https://www.google.com/policies/privacy/
Opt-Out: https://adssettings.google.com/authenticated

 

Google Maps

 

We integrate maps from the “Google Maps” service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Processed data may include, in particular, users' IP addresses and location data, but such data is only collected with the user's consent (usually managed through their mobile device settings). Data may be processed in the USA.
Privacy Policy: https://www.google.com/policies/privacy/
Opt-Out: https://adssettings.google.com/authenticated

 

Use of Facebook Social Plugins

 

We use Facebook Social Plugins ("Plugins") based on our legitimate interests (i.e., interest in analyzing, optimizing, and economically operating our online services as per Article 6(1)(f) GDPR). These plugins are provided by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("Facebook"). The plugins may represent interaction elements or content (e.g., videos, graphics, or text posts) and are recognizable by one of the Facebook logos (white "f" on a blue tile, or the words "Like", "Gefällt mir" or a "thumbs-up" symbol), or marked with the addition "Facebook Social Plugin".
The list and appearance of the Facebook Social Plugins can be found here: https://developers.facebook.com/docs/plugins/.

Facebook is certified under the Privacy Shield agreement and thereby guarantees compliance with European data protection laws (Privacy Shield link).

When a user accesses a function of this online offer that includes such a plugin, their device establishes a direct connection with Facebook’s servers. The content of the plugin is transferred directly from Facebook to the user's device and embedded into the online offer. Through this process, Facebook may create user profiles based on the processed data. We do not have control over the scope of the data Facebook collects using this plugin and therefore inform users based on our current knowledge.

Through the integration of the plugins, Facebook receives the information that a user has accessed the relevant page of the online offer. If the user is logged into Facebook, Facebook can associate the visit with the user's Facebook account. If users interact with the plugins, such as clicking the "Like" button or posting a comment, the relevant information will be transferred directly from the user's device to Facebook and stored there. Even if a user is not a Facebook member, it is possible that Facebook may collect and store their IP address. According to Facebook, only anonymized IP addresses are stored in Germany.

For further details on the purpose and scope of data collection, as well as the additional processing and usage of data by Facebook, and the privacy settings for protecting users' privacy, users can refer to Facebook’s privacy policy: https://www.facebook.com/about/privacy/.

If a user is a Facebook member and does not want Facebook to collect data about them through this online offer and link it with their Facebook member data, they must log out of Facebook before using our online offer and delete their cookies. Further settings and objections to the use of data for advertising purposes can be made in the Facebook profile settings: https://www.facebook.com/settings?tab=ads or via the U.S. site http://www.aboutads.info/choices/ or the EU site http://www.youronlinechoices.com/. The settings apply across platforms, meaning they will apply to all devices, such as desktops or mobile devices.

​

Instagram

 

We integrate functionalities and content from Instagram, provided by Instagram Inc., 1601 Willow Road, Menlo Park, CA 94025, USA, within our online offer. This can include content such as images, videos, or texts, and buttons that allow users to share content from this online offer on Instagram. If users are members of Instagram, Instagram can associate the call of the aforementioned content and functions with the users' profiles on Instagram.
Instagram Privacy Policy: http://instagram.com/about/legal/privacy/.

 

Xing

 

We integrate functionalities and content from Xing, provided by XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany, within our online offer. This can include content such as images, videos, or texts, and buttons that allow users to share content from this online offer on Xing. If users are members of Xing, Xing can associate the call of the aforementioned content and functions with the users' profiles on Xing.
Xing Privacy Policy: https://www.xing.com/app/share?op=data_protection.

 

LinkedIn

 

We integrate functionalities and content from LinkedIn, provided by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland, within our online offer. This can include content such as images, videos, or texts, and buttons that allow users to share content from this online offer on LinkedIn. If users are members of LinkedIn, LinkedIn can associate the call of the aforementioned content and functions with the users' profiles on LinkedIn.
LinkedIn Privacy Policy: https://www.linkedin.com/legal/privacy-policy.
LinkedIn is certified under the Privacy Shield agreement and thereby guarantees compliance with European data protection laws (Privacy Shield link).
Opt-Out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

Created with Datenschutz-Generator.de by RA Dr. Thomas Schwenke.

​

Google Analytics

​

This website uses the web analytics service Google Analytics, provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Google Analytics uses so-called "cookies." These are text files that are stored on your computer and allow the analysis of your use of the website. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there.

The storage of Google Analytics cookies is based on Article 6(1)(f) GDPR. The website operator has a legitimate interest in analyzing user behavior to optimize both its web offer and its advertising.