We, CompuGroup Medical SE (hereinafter CGM), are happy to welcome you to our customer portal. The protection of your personal data is of major concern to us and we would like you to feel secure when using our services. In the following, we will explain which information is collected and processed during your visit of the customer portal and for which purpose it is used.
Scope of Application
This data protection statement applies to the CGM customer portal.
Personal data means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an address and phone number. Information that is not directly related to your real identity - such as preferred websites or number of users of a page - is not personal data.
Collection and Processing of Personal Data
When visiting our customer portal and sending us a support inquiry (a "ticket"), the following data are processed and stored on our servers in Germany.
Stored temporarily in the portal for the duration of the session (automatic logout after 30 minutes):
• Session ID
• IP -address
• Timestamp at login
Permanent stored in our customer portal:
• SAP ID customer
• SAP ID contact person
• Timestamp of last login
• User name
• Password (encrypted)
• Security question
• Answer to the security question
Read from customer portal
• Current timestamp
Temporarily used from SAP system:
• Name of the contact person
• Name of the customer
• E-Mail of the contact person
• Creator of the SAP tickets
• Texts of the SAP tickets
Sent to SAP System
(Your data entries and choices):
• Title of the ticket'
• Description of the ticket
• Kategorization of the ticket
• Priority of the ticket
• External reference of the ticket
• E-Mail distribution list related to the ticket
• Attached documents/files
• Additional texts/answers to the ticket
Use and Transfer of Personal Data
The personal data provided by you is used exclusively for the purpose of capturing your support inquiry in SAP and responding to it according to our contractual obligations.
The data is stored in SAP CRM until your issue has been resolved (the ticket has been closed) plus the time corresponding to the contractual warranty time (5 years). Storage time may be extended if required by law.
Your personal data will not be transferred to third parties unless required for the purpose of the contractual agreement or based on your explicit consent.
CGM takes all necessary technical and organizational security measures to protect your personal data from loss or abuse. Your data is stored in a secure operating environment inaccessible for the public. Your personal data is encrypted by state-of-the-art technology during transmission. This means that communication between your computer and the CGM servers takes place by ways of an established encryption technique if supported by your browser.
You have the right to information and access to stored personal data as well as the right to rectification, to erasure, to restriction of processing, to data portability and the right to object to the processing of your personal data.
If you give consent to CGM, you have the right to withdraw it at any time with effect for the future. We undertake to delete all data collected about you. In doing so, however, we are legally obliged to observe possible commercial and fiscal retention periods which can prevent immediate deletion of this data. If these reasons should affect the deletion, we will inform you.
In addition, you have the right to lodge a complaint with the responsible supervisory authority if you believe that we are not processing your personal data properly.
Amendments to this Data Protection Statement
Please note that this Data Protection Statement may be amended and changed from time to time. Each version of this Data Protection Statement is to be identified by its date and version at the end of this document. We also archive all previous versions of this Data Protection Statement for your access on demand.
Data Protection Officer for CGM SE
Hans Josef Gerlitz
CompuGroup Medical SE
Maria Trost 21
Responsible Supervisory Authority
The responsible supervisory authority for CGM SE is The State Commissioner for Data Protection and Freedom of Information Rhineland-Palatinate
Hintere Bleiche 34