Cookie preferences
This website uses cookies, which are necessary for the technical operation of the website and are always set. Other cookies, which increase the comfort when using this website, are used for direct advertising or to facilitate interaction with other websites and social networks, are only set with your consent.

Privacy Protection

Maiwei (Europe) AG Privacy Policy

In this Privacy Policy we, Maiwei (Europe) AG, explain how we collect and otherwise process personal data. This is not an exhaustive description. You will find further details in our General Terms and Conditions of Business (and any other documents). Personal data is understood to be all information relating to an identified or identifiable person.

If you provide us with personal data of other persons (for example, customers, employees or acquaintances), please ensure that such persons are aware of this Privacy Policy. Only provide us with their personal data if you are allowed to do so and if such personal data is correct.

This Privacy Policy is based on the EU General Data Protection Regulation (GDPR). Although the GDPR is a regulation of the European Union, it is important to us. The Swiss Data Protection Act (Datenschutzgesetz, "DSG") is strongly influenced by EU law and, under certain circumstances, companies outside the European Union or the EEA must comply with the GDPR.

1.             Who is responsible for data protection in our company? Who is our data protection officer? Who is our EU representative?

The controller for data processing in accordance with Art. 13 (1)(a) GDPR is our company, Maiwei (Europe) AG, Lochstrasse 15, CH-8268 Salenstein, e-mail: info@maiwei-eu.com.

If you have data protection concerns, please send them by post or e-mail directly to our data protection officer: Maiwei (Europe) AG, Kim Wabel, Lochstrasse 15, CH-8268 Salenstein, e-mail: info@maiwei-eu.com.

Our representative in the EU or EEA according to Art. 27 GDPR is ABT Legal, Czifra & Neményi Law Firm, 3 a Montevideo u., H-1037 Budapest, Ungarn, E-Mail: peter.czifra@abtlegal.hu

2.             How do we collect and process personal data in general?

We primarily process the personal data that we receive from our customers and other business partners and other persons involved in the business relationship with them, or which we collect from their users when operating our websites and other applications.

Insofar as this is permitted, we also take certain data from publicly accessible sources (for example, debt collection registers, land registers, commercial registers, press, Internet) or obtain them from authorities and other third parties (Art. 13 GDPR). In addition to the information you provide us directly, the categories of personal data we receive about you from third parties include, in particular, information from public registers, information we obtain in connection with official and judicial proceedings, information in connection with your professional functions and activities (so that we can, for example with your assistance, conclude and process business transactions with your employer), information regarding you in correspondence and meetings with third parties, creditworthiness information (insofar as we process business transactions with you personally), information regarding you which persons from your environment (family, consultants, legal representatives, etc.) give us so that we can conclude or process contracts with you or with your involvement (for example, references, your address for deliveries, powers of attorney, information regarding compliance with legal requirements, such as money laundering prevention and export restrictions, information from banks, insurance companies, distribution and other contractual partners of us for the use or provision of services by you (for example, payments made, purchases made), information from the media and the Internet regarding you personally (to the extent that this is appropriate in the specific case, for example within the framework of a job application, press review, marketing/sales, etc.), your addresses and, if applicable, interests and other socio-demographic data (for marketing purposes), data in connection with the use of the website (for example, IP address, MAC address of the smartphone or computer, information regarding your device and settings, cookies, date and time of the visit, pages and contents called up, functions used, referring website, location details).

2.1           What happens upon the use of our website for information purposes only?

If you use our website for purely informational purposes, that is, if you neither register as a user nor otherwise transmit information, we collect the following data from you: IP address, date and time of the inquiry, time zone difference to Greenwich Mean Time (GMT), content of the inquiry (specific page), access status/HTTP status code, amount of data transferred in each case, website from which the inquiry originates, browser, operating system and its interface, language and version of the browser software. We receive such data via cookies and directly from your browser. The purpose of this processing is the provision of our website and statistical evaluation. The legal basis for this is Article 6 (1)(1)(f) GDPR, according to which the processing of personal data may be carried out without the consent of the data subject if the processing is necessary to protect the legitimate interests of the controller or of a third party, except where such interests or fundamental rights and freedoms of the data subject require the protection of personal data, in particular where the data subject is a child. The aforementioned purposes are in our interest. Insofar as we use cookies, we refer to our statements under number 4.

2.2           What happens upon the use of our contact field?

If you communicate with us via our contact field, we collect the following data:

  • Surname,
  • First name,
  • Address,
  • E-mail address,
  • Phone number,
  • Gender,
  • Content of the message,

which you enter via the contact form.

Only you know the reasons for the contact; the reaction to this immediately describes the purpose of the processing. As far as a specific contractual relationship is concerned, whether in connection with the initiation, implementation or termination, the legal basis for the processing is Article 6 (1)(b) GDPR. In such a case, we store the data until the end of the statutory retention period. In all other cases, the legal basis is Article 6 (1)(1)(f) GDPR, according to which the processing of personal data may be carried out without the consent of the data subject if the processing is necessary to protect the legitimate interests of the controller or of a third party, except where such interests or fundamental rights and freedoms of the data subject require the protection of personal data, in particular where the data subject is a child. Communication outside of a contractual relationship is in our mutual interest. We store your data until the purpose resulting from the legitimate interest is fulfilled.

2.3           What information do we process regarding you when you register via our website?

If you register via our website, we collect the following personal data:

  • Surname,
  • First name,
  • Company name,
  • Address,
  • E-mail address,
  • Phone number,
  • Selected password,
  • Date of birth,
  • Payment information (credit card details, PayPal payment details, advance payment, other),

which you enter via our website and, if applicable, selected products or services (shopping cart).

 

2.4          What data do we process regarding you when you place an order via our web shop?

If you order products or services from us via our website, we collect the following personal data:

  • Surname,
  • First name,
  • Company name,
  • Address,
  • E-mail address,
  • Phone number,
  • Selected password,
  • Date of birth,
  • Payment information (credit card details, PayPal payment details, advance payment, other),
  • Products or services ordered

which you enter via our website and, if applicable, selected products or services (shopping cart).

 

3.              Purposes of data processing and legal bases

We use the personal data that we collect primarily to conclude and execute our contracts with our customers and business partners (Art. 6 (1)(a) GDPR), in particular within the framework of the distribution/sale of medical technology and pharmaceutical products and healthcare consulting, with our customers, and within the framework of the purchase of products and services from our suppliers and subcontractors, and to comply with our statutory duties in Switzerland and abroad. If you are working for such a customer or business partner, you can of course also be affected in this function with your personal data.

In addition, we process personal data of you and other persons, as far as permitted and as we consider it appropriate, for the following purposes as well, in which we (and sometimes also third parties) have a legitimate interest corresponding to the purpose:

  • Offering and further developing our offers, services and websites and other platforms on which we are present;
  • Communication with third parties and processing of their inquiries (for example, applications, media inquiries);
  • Examination and optimisation of procedures for the analysis of requirements for the purpose of direct customer contact along with the collection of personal data from publicly accessible sources for the purpose of customer acquisition;
  • Advertising and marketing (including the organisation of events), insofar as you have not objected to the use of your data (if we send you advertising as an existing customer, you can object to this at any time; we will then put you on a blocking list against further advertising mailings);
  • Market and opinion research, media monitoring;
  • Assertion of legal claims and defence in connection with legal disputes and official proceedings;
  • Prevention and investigation of criminal offences and other misconduct (for example, conducting internal investigations, data analysis to combat fraud);
  • Warranties of our operations, in particular IT, our websites and other platforms;
  • Purchase and sale of business units, companies or parts of companies and other transactions under company law and, in connection therewith, transfer of personal data along with measures for business management and insofar as necessary for compliance with statutory and regulatory obligations and internal rules of Maiwei (Europe) AG.

If you have given us your consent to process your personal data for specific purposes (for example, when you register to receive newsletters or carry out a background check), we will process your personal data within the scope of and based on such consent, to the extent that we do not have a different legal basis and require one. Any consent that has been given can be revoked at any time, but this has no effect on data processing that has already taken place.

4.             Do we employ cookies or comparable tracking techniques?

We typically employ "cookies" and similar techniques on our websites to identify your browser or device. A cookie is a small file that is sent to your computer or automatically stored on your computer or mobile device by the web browser you use when you visit our website. If you visit this website again, we are able to recognise you even if we do not know who you are. In addition to cookies that are only used during a session and are deleted after your visit to the website ("session cookies"), cookies can also be used to store user settings and other information for a certain period of time (for example, two years) ("permanent cookies"). However, you can set your browser to reject cookies, to save them only for one session or to otherwise delete them early on. Most browsers are preset so that you will accept cookies. We use permanent cookies to store user settings (for example, language, autologin) so that we can better understand how you use our offers and content. Some of the cookies are set by us; some are also set by contractual partners with whom we work together. If you block cookies, it is possible that certain functionalities (such as forms, login process) will no longer work.

Through our web shop, we mainly use so-called "functional cookies" in standard mode:

Functional cookies are absolutely necessary for the functionality of the web shop. Such cookies assign a unique random ID to your browser to ensure your uninterrupted shopping experience across multiple page views.

Session: The session cookie stores your shopping data over several page views and is therefore essential for your personal shopping experience.

Notepad: This cookie enables a notepad to be made available to the user across sessions. This means that the notepad remains available even across several browser sessions.

Device assignment: The device assignment helps the shop to ensure the best possible display for the currently active display size.

CSRF token: The CSRF token cookie contributes to your security. It strengthens the protection of forms against unwanted hacker attacks.

Login token: The Login token is used for the recognition of users across sessions. The cookie does not contain any personal data, but enables personalisation across several browser sessions.

Cache exception: The cache exception cookie allows users to read individual content independent of the cache memory.

Active check cookie: This cookie is used by the website to determine whether cookies are allowed by the browser of the site user.

Settings cookie: This cookie is used to store the cookie settings of the site user across several browser sessions.

By using our websites and by agreeing to receive newsletters and other marketing e-mails, if any, you agree to the use of such techniques. If you do not want this, you can adjust your browser or your e-mail programme accordingly and/or withdraw your consent.

5.              To whom do we pass on data and is it transferred abroad?

Within the framework of our business activities and for the purposes set out in number 3, we also disclose data to third parties, where permitted and where it seems appropriate to us, either because they process such data for us or because they wish to use such data for their own purposes (Art. 13 (1)(3) GDPR). This concerns in particular the following entities:

  • Our service providers (our manufacturer: Shenzhen Maiwei Biotech Co., Ltd, 2/F, Building 1, 2-10 Jinlong Blvd. South, Pingshan District, 518118, China, our owners (but no customer data), external partners (such as tax consultants, auditors, banks, insurance companies), including contract processors (such as IT providers);
  • Distributors, suppliers, subcontractors and other business partners;
  • Customers;
  • Domestic and foreign authorities, offices or courts (in case of a statutory duty);
  • Acquirers or parties interested in acquiring business divisions of Maiwei (Europe) AG or the entire company;
  • Other parties in possible or actual legal proceedings (in case of a statutory duty);

jointly recipients.

Such recipients are partly in Switzerland and partly abroad. In particular, you must expect your data to be transferred to all countries in which Maiwei (Europe) AG is represented and operates (at this time, China, European Union, EEA) and to other countries in Europe and the United States where the service providers we use are located (such as Microsoft or Facebook). If we transfer data to a country without adequate legal data protection, by using appropriate contracts (specifically, on the basis of the so-called "standard contractual clauses" of the European Commission, available at

  • https://eur-lex.europa.eu/LexUriServ/ LexUriServ.do?uri=OJ:L:2010:039:0005:0018:DE:PDF ,
  • https://eur-lex.europa.eu/LexUriServ/ LexUriServ.do?uri=OJ:L:2004:385:0074:0084:DE:PDF and
  • https://eur-lex.europa.eu/LexUriServ/ LexUriServ.do?uri=CELEX:32001D0497:DE:HTML

or the model contracts of the Swiss Federal Data Protection and Information Commissioner at www.edoeb.admin.ch) or so-called "binding corporate rules", as provided by law, we ensure an adequate level of protection or rely on the statutory exceptions to consent, the execution of the contract, the establishment, exercise or enforcement of legal claims, overriding public interests, the published personal data, or because it is necessary to protect the integrity of the persons concerned (see Art. 13 (1)(f) GDPR). You can obtain a copy of the contractual guarantees mentioned above from the contact person mentioned in number 1 at any time, unless otherwise stated above. However, we reserve the right to blacken copies for data protection reasons or reasons of secrecy, or to deliver only extracts.

6.             How long do we retain the personal data? (Art. 13 (2)(a) GDPR and the DSG)

We process and store your personal data for as long as it is necessary for the fulfilment of our contractual and statutory duties or otherwise for the purposes pursued with the processing, that is, for example, for the duration of the entire business relationship (from the initiation, processing to the termination of a contract) and, in addition, in accordance with the statutory retention and documentation duties (in principle, 10 years for business books, accounting records and receipts relevant to value-added tax, for certain documents 20 years or longer). It is possible that personal data may be retained for the time during which claims can be made against our company and to the extent that we are otherwise legally obliged to do so or legitimate business interests require it (for example, for evidentiary and documentation purposes). As soon as your personal data is no longer required for the aforementioned purposes, in principle, it will be deleted or made anonymous to the extent possible. For operational data (for example, system protocols, logs), shorter retention periods of twelve months or less apply in principle.

7.              Do we guarantee sufficient data security?

To protect your personal data from unauthorised access and misuse, we take appropriate technical and organisational security measures, such as IT and network security solutions, access controls and restrictions, encryption of data carriers and transmissions, along with controls.

We always strive to ensure that data leaks do not occur. If a data breach nevertheless occurs, we will ensure that we detect such a data leak at an early stage and, if necessary, immediately notify you or the relevant supervisory authority (for Switzerland: Federal Data Protection and Information Commissioner), taking into account the respective data categories concerned.

8.             Is there a duty to provide personal data (Art. 13 (2)(e) GDPR)?

Within the framework of our business relationship, you must provide us with the personal data required for the establishment and execution of a business relationship and the fulfilment of the associated contractual duties (as a rule, you do not have a statutory duty to provide us with data). Without such information, as a rule, we will not be able to enter into or perform a contract with you (or the entity or person you represent). Moreover, the website cannot be used if certain information to secure data traffic (such as your IP address) is not disclosed.

9.             What rights do you have as a data subject?

Within the framework of the data protection law applicable to you and to the extent provided for therein (such as in the case of the GDPR in accordance with Art. 13 (2)(b)), you have the right to access, rectification and erasure, the right to restrict data processing and otherwise the right to object to our data processing and to the surrender of certain personal data for the purpose of transfer to another body (so-called "data portability"). However, please note that we reserve the right to assert the restrictions provided for by law, for example if we are obliged to store or process certain data, if we have an overriding interest in doing so (insofar as we are entitled to invoke this) or if we need it for the assertion of claims. We will inform you in advance if any costs accrue for you. We already informed you of the option of revoking your consent in number 3. Please note that the exercise of such rights may conflict with contractual agreements and that this may have consequences, such as early termination of the contract or cost consequences. In such a case, we shall inform you in advance where this is not already governed by contract.

If you would like to invoke your rights, we ask you to state your concerns in such a way that we can clearly prove your identity (communication of your personal data and attachment of a copy of your identity card).

Furthermore, every data subject has the right to enforce his or her rights in court or to lodge a complaint with the competent data protection authority (Art. 13 (2)(d) GDPR). The competent data protection authority in Switzerland is the Federal Data Protection and Information Commissioner (http://www.edoeb.admin.ch).

10.          Amendments

We may amend this Privacy Policy at any time without notice. The current version published on our web-site applies. If the Privacy Policy is part of an agreement with you, we will inform you by e-mail or other suitable means if we update it by means of an amendment.

11.          Entry into force

This Privacy Policy will enter into force on 01. May 2022 and replaces all previous privacy policies.

 

Salenstein, 01. May 2022

This website uses cookies to provide you with the best possible functionality. If you do not agree, the following functions are not available to you:

More information
Accept Close