Privacy policy

Basic Information

Thank you for your interest in our website. We routinely comply with data privacy laws, including the EU Data Privacy Regulation, the German Data Privacy Act (BDSG) and the Telemedia Act (TMG).

We are very pleased with your interest in our company. For the management of MLL Dx GmbH data privacy is an extremely important issue. You generally do not need to provide any personal information to use the MLL Dx website. However, if you wish to use our website to access the company's special services, personal information processing may be required. If personal information processing is required and there is no legal basis for processing, we generally ask for consent from the affected party.

Personal information, for example your name, address, e-mail address or telephone number, is always processed in accordance with the General Data privacy Regulation (pursuant to Article 4 paragraph 1 EU GDPR) and in compliance with the domestic data privacy laws applicable to MLL Dx GmbH (para. 46 BDSG new). We are publishing our data privacy policy to inform the public about the nature, scope and purpose of the personal information that we gather, use and process. Furthermore we inform you of your rights under this data privacy policy.

MLL Dx GmbH as the controller has implemented numerous technical and organizational measures to ensure the most complete protection of all personal information processed via this website. Nevertheless, transmitting data via the internet can be insecure, so we cannot guarantee absolute protection. Therefore you are free to submit your personal information to us by other means, for example by telephone.

Recording of general data and information

Every time somebody or an automated system accesses the MLL Dx GmbH website, the website records certain items of data and general information. This data and general information is then stored in the server's log files. The following data might be collected:

- browser type and version used,

- the operating system used by the accessing system,

- the webpage from which our website is accessed (so-called referrer),

- the sub-page that is accessed on our website,

- the date and time of access,

- an Internet Protocol address (IP address),

- the internet service provider of the accessing system and

- other comparable information that might be useful for warding off attacks on our computer systems.

When using this general information, MLL Dx GmbH draws no inferences about the affected person. This information is used solely to

- correctly display our website's contents,

- to optimize our website's contents,

- to ensure that our computer systems and the technology of our website continue to function, and

- for reporting to law enforcement after cyber-attacks.

In summary MLL Dx GmbH evaluates this anonymously gathered information statistically and in order to ensure data privacy and our company's Data security, thus ensuring optimal protection of the personal information we process. The anonymous data of the server log files are stored separately from all personal information reported by the affected person.

Contact via website

Pursuant to law, the MLL Dx/MLLSEQ website contains information that enables swift electronic contact to our company and direct communication with us. This information includes e-mail addresses. Whenever you contact the data controller via e-mail or through a contact form, any personal information that you disclose is automatically recorded. Any such personal information that you provide voluntarily to the controller is stored for the purpose of processing or of contacting you. None of this personal information is disclosed to third parties.

Routine deletion and blocking of personal information

The controller will process and store your personal information only for as long as needed to achieve the purpose of the storage or, if storage is required by the European directive or domestic law, for as long as the controller is legally bound to do so.

Whenever the purpose of storage is no longer desired or the storage period stipulated by the European directive or domestic law has expired, personal information is automatically blocked or deleted pursuant to law.

Legal basis for our processing of information

Article 6 I letter a GDPR is the legal basis for our company's processing procedures that involve obtaining consent to process for a specific purpose. Whenever we have to process personal information in order to fulfil a contract to which you are a party, for example when we process information to supply goods, render a service or make a payment, the processing procedure is based on article 6 I letter b GDPR. The same applies to any processing needed to perform pre-contractual acts, for example when we receive inquiries about our products or services. If the law obliges our company to process personal information, for example for the fulfilment of tax obligations, then processing is based on article 6 I letter c GDPR. In rare cases we might have to process your personal information to protect the vital interests of the affected party or those of another natural person. This would be the case, for example, if a visitor to our premises had an accident and his or her name, age, health insurance or other vital information had to be disclosed to a physician, a hospital or other third party. In such cases processing would be based on article 6 I letter d GDPR. Lastly, processing operations can be based on article 6 I letter f GDPR. This is the legal basis for processing procedures that are not covered by any of the above legal grounds, if processing is necessary to safeguard the legitimate interests of our company or a third party, unless your interests, fundamental rights or fundamental freedoms are more worthy of protection. These processing procedures are permitted in particular because European law expressly permits it. In this connection, the law states that a legitimate interest might be assumed if you are a customer of the controller (recital 47, second sentence, GDPR).

Legitimate interest of the controller or a third party in processing

If processing of personal information is based on article 6 I letter f GDPR, then the legitimate interest in question is our interest in conducting our business for the benefit of all of our employees and shareholders.

How long personal information is stored

The length of time for which personal information can be stored is determined by the applicable retention period provided by law. Once this period has elapsed, the data is routinely deleted unless it is still needed in order to fulfil an existing contract or to initiate a new one.

Change to the privacy policy

We reserve the right to occasionally adapt our data protection provisions so that they always comply with current legal requirements or to implement changes to our services in the data protection declaration. We encourage you to review this Privacy Policy periodically to keep abreast of the privacy of the personal information we collect. Your continued use of the service constitutes your acceptance and updating of this Privacy Policy.

Information on data subjects' rights

As a data subject, you have the following rights with regard to the processing of your personal data:
Right of information (Article 15 General Data Protection Regulation (GDPR))
Right of correction (Article 16 General Data Protection Regulation (GDPR))
Right of deletion (Article 17 General Data Protection Regulation (GDPR))
Right to limit processing (Article 18 General Data Protection Regulation (GDPR))
Right to data transferability (Article 20 General Data Protection Regulation (GDPR))
Right of objection (Article 21 General Data Protection Regulation (GDPR))
Right to withdraw consent (Article 7 third paragraph General Data Protection Regulation (GDPR))
Right of appeal to the regulatory authority (Article 77 General Data Protection Regulation (GDPR))

To exercise your rights, you can contact us using the contact information provided in Imprint, data privacy officer.