EUROIMMUN Medizinische Labordiagnostika AG is a wholly owned subsidiary of Revvity, Inc.
The following describes the processing of personal data in connection with the provision of our websites that link directly to this Data Protection Information ("websites" for short). The Data Protection Information also applies to this website itself.
The obligation to provide this information arises from Art. 13 GDPR . The information is dated January 2025 (version 1.1).
The provision and use of our website involves the processing of personal data (in short: data processing). Before the individual functions and processes associated with the provision and use of the website are discussed in the "Special section", the "General section" contains cross-functional and cross-process information on data processing.
EUROIMMUN Medizinische Labordiagnostika AG, Am Seekamp 31, 23560 Lübeck is the manufacturer of various products for laboratory diagnostics in human medicine (in short: EUROIMMUN) and, as the operator of this and the above-mentioned websites, also responsible for the data processing described below in accordance with the GDPR (General Data Protection Regulation). If EUROIMMUN jointly determines purposes and means with another controller, i.e. a case of "joint controllership" exists, this is addressed in the corresponding chapter in the "Special Part".
The GDPR provides for various rights for data subjects (i.e. natural persons "affected" by the processing of personal data, e.g. portal users, simple visitors to the website) (data subject rights). These rights include the right of access (Art. 15 GDPR), the right to rectification (Art. 16 GDPR), the right to erasure (Art. 17 GDPR), the right to restriction of processing (Art. 18 GDPR) and the right to data portability (Art. 20 GDPR).
Data subjects may object to processing based on Art. 6 (1) f) GDPR pursuant to Art. 21 (1) GDPR on grounds relating to their particular situation. The objection should be addressed to: info(at)euroimmun.de.
If processing is based on Art. 6 (1) a) GDPR (consent), the following applies: According to Art. 7 (3) GDPR, data subjects have the right to withdraw their consent to EUROIMMUN at any time. As a result, EUROIMMUN will no longer continue the processing that was based on this consent in the future. However, the revocation does not affect the legality of the data processed until the revocation. The "Special part" deals separately with the possibilities of revocation (e.g. input channel) depending on the processing.
In addition to lodging a complaint with our Data Protection Officer (see next section), every data subject also has the option of lodging a complaint with the data protection supervisory authority responsible for EUROIMMUN.
The data subject can contact EUROIMMUN's Data Protection Officer (DPO) with questions, suggestions or complaints about data protection and to exercise their rights under the GDPR. The DPO can be contacted by post (above address with the addition "Data Protection Officer") or by e-mail (datenschutz(at)euroimmun.de ).
If EUROIMMUN base processing in the "Special Section" on Art. 6 (1) b) or c) GDPR as the legal basis , the obligation to provide the data and the possible consequences of not providing it are addressed at the appropriate point.
Automated decision-making in individual cases, including profiling within the meaning of Art. 22 GDPR, does not take place in the context of the data processing described below .
If data is generally disclosed to recipients (e.g. as part of order processing, Art. 28 GDPR), this is indicated in the "Special section" for each processing operation
If a transfer to a third country or an international organisation takes place in particular, this is also indicated in the "Special part" for each processing operation. In principle, the following applies: such a transfer is permitted if the requirements of Chapter 5 GDPR (Art. 44-49 GDPR) are met. In addition to the transfer to countries or organisations based on an adequacy decision (Art. 45 GDPR), consent (Art. 49 (1) 1 a) GDPR) can also justify such a transfer.
The individual processing operations in connection with the provision of our websites are described in more detail below.
Each time our website is accessed, our system automatically collects information from the website visitor's accessing device. The following information is processed:
This information is stored in the server-side log files and monitoring databases.
If a visitor to the website also logs in to a portal as a registered user, this data is also linked to the user (see the following section on User registration).
In addition, registered and registering users and users of an electronic form generate a session cookie (to recognise authenticated users) and, if applicable, an XSRF token (to prevent requests being sent to the website from an external and potentially malicious website).
Temporary storage of the IP address by the system is necessary to enable delivery of the website to the user's computer. Storage in log files and monitoring databases takes place to ensure the functionality of the website. We also use the data to optimise the website and to ensure the security of our information technology systems (e.g. detection and rectification of security gaps, analysis of reported errors). These purposes also constitute our legitimate interest in data processing in accordance with Art. 6 (1) f) GDPR.
If the data is stored in log files and monitoring databases, it is deleted after 30 days at the latest. The data is stored anonymised in Matomo (see Matomo).
The legal basis for the processing of the data is Art. 6 (1) f) GDPR.
The following information relates to several portals (common features). For specific information on individual portals, please refer to the data protection information of the respective portal, e.g. as linked on the respective registration screen or in the portal.
The following data is processed for user registration and user administration:
Original master data transmitted by the customer to EUROIMMUN:
Depending on the individual form or portal for registration or login, various master data is requested, some of which is mandatory and some of which is voluntary, depending on the purpose of use. These include, for example
Data generated by the user in interaction with the platform:
Data that is also linked to the user by EUROIMMUN:
The processing of the above data serves the following specific purposes:
The above data will be deleted as follows:
The legal basis for the processing of the data is Art. 6 (1) a) GDPR (consent).
Once a registered user has successfully logged in, the following personal data is processed in addition to the data specified in section "Processing 2: User registration and centralised user administration":
Data on the user action:
These are stored in the server-side log files and monitoring databases.
The collection and storage of transaction data is carried out to ensure the functionality of the website (e.g. to track click paths that have led to errors).
In addition, we use the data to optimise the website and to ensure the security of our information technology systems (e.g. detection and rectification of security gaps, analysis of reported errors).
These purposes also constitute our legitimate interest in data processing in accordance with Art. 6 (1) f) GDPR.
The user session data collected is stored until the user logs out.
The transaction data of the logged-in user is stored for a maximum of 30 days. In Matomo (see Processing 5), they are also stored in anonymised form
The legal basis for the processing of the data is Art. 6 (1) f) GDPR.
Emails sent by the system contain the following personal data:
The e-mails sent are temporarily stored on a EUROIMMUN SMTP server
Incoming emails with content for which the recipient's email address is obviously not intended to be used (unwanted content) are deleted immediately after receipt (e.g. request for medical advice).
The processing of the above data is necessary to be able to receive emails generated by the system. These emails are used by the user, for example, to reset their password or to receive a response to an enquiry. These purposes also constitute our legitimate interest in data processing in accordance with Art. 6 (1) f) GDPR.
The content of the email sent is stored for the duration of the transmission and its preparation, usually much less than a minute. The recipient, sender and subject remain in the server log file for 30 days.
The legal basis for the processing of the data is Art. 6 (1) f) GDPR.
EUROIMMUN uses the data-saving tool "Matomo" on some websites to evaluate user behaviour on the respective website (more information: matomo.org/).
The IP address is changed so that it can no longer be assigned to a specific connection by EUROIMMUN. Furthermore, no cookies are stored for analysis with Matomo.
The last 2 bytes of the IP address are masked. This makes geolocation more difficult and very imprecise. In addition to the truncated IP address-, movement-, event-, page interaction- and browser-data is recorded, e.g:
On some website we use the web analysis service Matomo, which is self-hosted in Germany. Matomo helps us to analyse the use of the respective website to constantly improve its user-friendliness.
The data collected by Matomo at the beginning is immediately anonymised (see above). The anonymised data is stored for documentation purposes for an unspecified period of time.
Measuring the reach and further development of our website (e.g. better comprehensibility and searchability of our content) by using data-saving analysis tools such as Matomo is our legitimate interest in accordance with Art. 6 (1) f) GDPR, which also forms the legal basis for processing.
Videos from third-party platforms (YouTube, Vimeo), which are loaded via a so-called two-click solution, are integrated on our pages.
A connection to the video platform is only established once the user has given their consent. Consent is stored locally on the user's end device so that it does not have to be requested again for each video. For this purpose, a time-coded entry is stored in the LocalStorage of the browser.
When a connection to one of these third-party providers is established, data is transmitted as if the platform were visited directly (e.g. IP address). The platforms are responsible for this processing. The platform also receives information about which pages are accessed if they contain an embedded video.
If the user is logged in to the platform, the platform can link this information to the user profile.
Embedded videos from Vimeo or YouTube are only loaded and displayed on the page if the user actively agrees to this. A connection is then established to the YouTube or Vimeo servers, whereby various data is transmitted to the respective portal to establish the connection (see above).
The provider of Vimeo is Vimeo, Inc (US). The provider of YouTube is YouTube, LLC. (US), a subsidiary of Google, LLC (US)
On 10 July 2023, the EU Commission adopted an adequacy decision C(2023) 4745 final with regard to the transfer of data to the US (so-called Data Privacy Framework = DPF). Vimeo, Inc. and Google, LLC (including its wholly owned subsidiaries) have been certified in accordance with the procedure required to participate in the DPF. The active participants can be found here.
You can find out how long the provider stores data on the pages of the respective provider (see above). We store the user's decision to allow a connection to a third-party provider for the purpose of video integration in LocalStorage. Every user can delete this entry via their own browser or by using the deactivation function under "exercise of the cancellation".
The legal basis for the processing of the data is Art. 6 (1) a) GDPR. The transmission is also based on consent, which the user can voluntarily give as part of the two-click solution (Art. 49 (1) a) GDPR)
The cancellation is made by deleting the LocalStorage in the browser or by clicking on this link.
It is possible that applications may be sent to us via the individual EUROIMMUN "Career" websites. Details on data processing in connection with the initiation of an employment relationship can be found here (in German DE; in English EN) and are therefore not the subject of this data protection information.
Information on data processing while using our central contact form is described where the form can be accessed.
When using our comment functions, the following user data is processed:
When entering comments, the name and e-mail address must be entered - the commentator's website can be entered. The e-mail address will not be published. For security reasons and to block spam, the IP address is saved.
The comment data will remain stored until consent is revoked (see below). A shortened storage period of 90 days applies specifically to the IP address.
For the processing of the IP address, we rely on Art. 6 (1) f) GDPR (see above on legitimate interest: security, spam defence). For the other data, we rely on the consent of the commenter (Art. 6 (1) a) GDPR).
The revocation of consent should be sent to: blog(at)euroimmun.de. Please note: the revocation must be sent from the e-mail address that was specified when using the comment function.
The following data is processed for newsletter registration:
Mandatory registration data:
Optional registration data:
After registration, the following data is processed:
We regularly inform our customers, business partners and interested parties by e-mail newsletter about offers, services and products of EUROIMMUN and Revvity Inc for medical laboratory diagnostics. The mandatory registration data is used for the delivery, administration and individualisation of the newsletter offer. In particular, we require the IP address to recognise and prevent misuse.
Optional registration data helps us to address you personally. For example: if you indicate that you are particularly interested in a certain product range, we can suggest specific offers, services and products based on this.
For optimisation purposes, our newsletters contain tracking pixels, small graphics in HTML emails that enable statistical evaluations when they are loaded. This allows us to see if an email has been opened and which links have been clicked on. If the images are not downloaded or links are not clicked, this is not recorded as an opening.
We use the double opt-in procedure: After registering, you will receive an e-mail with a confirmation link that is valid for 14 days. You will only be added as a recipient after confirmation.
The processing necessary for sending, managing and individualising the newsletter is carried out by Salesforce.com Germany GmbH (salesforce for short) on our behalf (so-called order processing).
Your data will be stored until you withdraw your consent (see below)
The legal basis for data processing is Art. 6 (1) a) GDPR (consent).
Recipients of the newsletters can unsubscribe from the newsletter at any time and revoke their consent. Each newsletter contains an unsubscribe link.
![]({"large":"/typo3conf/ext/typoconfiguration/Resources/Public/Images/icons/magnifying_glass_white.svg","medium":"/typo3conf/ext/typoconfiguration/Resources/Public/Images/icons/magnifying_glass_white.svg","small":"/typo3conf/ext/typoconfiguration/Resources/Public/Images/icons/magnifying_glass_white.svg"}){kind=icon}
