Medner Longevity Systems

The protection of personal data is of particular importance to the management of Medner Germany GmbH & Co. KG. Use of our websites is generally possible without providing any personal data. The processing of personal data is always carried out in compliance with the General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG), and the applicable national data protection regulations.

1Definitions

Personal data means any information relating to an identified or identifiable natural person. Processing is any operation in connection with personal data. Consent is any freely given, specific, informed indication of the data subject's wishes.

2Name and address of the controller

The controller for the purposes of the GDPR is Medner Germany GmbH & Co. KG, Uhlandstr. 20-25, 10623 Berlin, Germany. Phone: 030-88721015. Email: info@medner.de. Website: www.medner.de.

3Data Protection Officer

The Data Protection Officer of the controller is Lisa Bergmann, reachable at l.bergmann@medner.de or by post at the above address marked "Data Protection Officer". Any data subject may at any time contact our Data Protection Officer directly with any questions or suggestions concerning data protection.

4SSL / TLS encryption

For security reasons and to protect the transmission of confidential content, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address bar of the browser changes from "http://" to "https://" and by the lock icon in your browser bar. When SSL or TLS encryption is enabled, the data you transmit to us cannot be read by third parties.

5Cookies & consent

The websites of Medner Germany GmbH & Co. KG use cookies. Cookies are text files that are stored on a computer system via an internet browser. We distinguish between technically necessary cookies (e.g. for the basic functionality of the website) and non-necessary cookies (e.g. for analytics or marketing).

Technically necessary cookies are set on the basis of Art. 6(1)(f) GDPR and § 25(2) TTDSG (German Telecommunications and Telemedia Data Protection Act). For all non-necessary cookies, we obtain the user's express consent before setting them (Art. 6(1)(a) GDPR in conjunction with § 25(1) TTDSG).

Consent can be withdrawn at any time via the cookie settings. Cookies that have already been set can be deleted at any time via the internet browser or other software programs.

6Server log files & general data

Each time the website is accessed, the web server automatically collects a series of general data and information in so-called server log files. These include:

browser type and version
operating system used
referrer URL
IP address (anonymized or shortened)
date and time of access

This data is not associated with the data subject. The legal basis is Art. 6(1)(f) GDPR (legitimate interest in the correct presentation and security of our website). The storage period is generally a maximum of 30 days.

7Hosting & technical provision

Our website is hosted on the servers of our hosting service provider, Webflow Inc., 398 11th Street, 2nd Floor, San Francisco, CA 94103, USA — and its European infrastructure partners (in particular Amazon Web Services with data centers located within the EU).

The transfer of data to the USA is carried out on the basis of the EU Standard Contractual Clauses (SCC) pursuant to Art. 46(2)(c) GDPR, taking into account the EU-US Data Privacy Framework. The legal basis is Art. 6(1)(f) GDPR (legitimate interest in the secure and reliable operation of our online services).

For more information, see Webflow's privacy policy at webflow.com/legal/privacy.

8Contact forms (HubSpot)

On our website, we use the contact form tool from HubSpot Ireland Limited (Ground Floor, Two Dockland Central, Guild Street, Dublin 1, Ireland) — a subsidiary of HubSpot, Inc. based in the USA. When you fill in a contact form on our website, the data submitted (in particular name, email, phone number, company, message) is stored on HubSpot's servers and forwarded to us.

A transfer of data to the USA cannot be ruled out. This is carried out on the basis of the EU Standard Contractual Clauses and HubSpot's certification under the EU-US Data Privacy Framework.

The legal basis is Art. 6(1)(b) GDPR (pre-contractual measures) and Art. 6(1)(f) GDPR (legitimate interest in efficient processing of inquiries). The submitted data is stored for as long as is necessary to process the inquiry, and no longer than the statutory retention periods.

For more information: legal.hubspot.com/privacy-policy.

9Contact by email or phone

If you contact us by email or phone, the data you provide (name, email address, phone number, content of the inquiry) is stored and used exclusively for processing your request. The data is not passed on to third parties.

The legal basis is Art. 6(1)(b) GDPR (pre-contractual measures) and Art. 6(1)(f) GDPR (legitimate interest in communication with prospects and customers). The data will be deleted as soon as the purpose for its processing no longer applies, subject to statutory retention obligations.

10Newsletter & marketing communication

If you actively subscribe to newsletters or marketing communication, the personal data provided (in particular email address, and where applicable name) is processed exclusively for the purpose of sending such communication.

The newsletter is sent on the basis of your express consent (Art. 6(1)(a) GDPR) via a double opt-in procedure. This consent can be withdrawn at any time with effect for the future — either via the unsubscribe link in each email or by sending a message to info@medner.de.

11Web analytics

This website may use web analytics tools (e.g. Google Analytics, Webflow's own analytics) to optimize our online services. In doing so, information about usage (page views, time spent on site, click paths, approximate region) may be collected. Wherever possible, the collection is anonymized or pseudonymized.

Where analytics tools are used that process personal data or transfer data to third countries, they are only used on the basis of your express consent (Art. 6(1)(a) GDPR in conjunction with § 25(1) TTDSG), given via the cookie consent banner. Consent can be withdrawn at any time.

12Embedded content & social media

Our website may contain links to and embedded content from social networks, in particular:

Instagram (Meta Platforms Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland)
LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland)
YouTube (Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland)

When such content is accessed, personal data (in particular IP address) may be transmitted to the providers' servers — including outside the EU. The processing is carried out on the basis of your consent (Art. 6(1)(a) GDPR) and our legitimate interest in an appealing presentation (Art. 6(1)(f) GDPR). For further information, please refer to the data protection notices of the respective providers.

13Data transfer to third countries

In certain cases, personal data is transferred to service providers in third countries (in particular the USA). This applies in particular to the services mentioned in this privacy policy (Webflow, HubSpot, where applicable web analytics tools, and social media providers).

Any such transfer is carried out on the basis of suitable safeguards pursuant to Art. 44 et seq. GDPR — in particular:

EU Standard Contractual Clauses (Art. 46(2)(c) GDPR)
Certification under the EU-US Data Privacy Framework (where the provider is certified)
Your express consent (Art. 49(1)(a) GDPR)

14Rights of the data subject

Right of access (Art. 15 GDPR)

You have the right to obtain free information at any time about the personal data stored about you.

Right to rectification (Art. 16 GDPR)

You have the right to request the immediate rectification of inaccurate or completion of incomplete data.

Right to erasure (Art. 17 GDPR)

You have the right to request the immediate erasure of the personal data concerning you (right to be forgotten).

Right to restriction (Art. 18 GDPR)

You have the right to request the restriction of processing if the conditions are met.

Right to data portability (Art. 20 GDPR)

You have the right to receive the personal data concerning you in a structured, commonly used, and machine-readable format, or to have it transferred to another controller.

Right to object (Art. 21 GDPR)

You have the right to object at any time to the processing of the personal data concerning you.

Right of withdrawal (Art. 7(3) GDPR)

You have the right to withdraw any consent given for the processing of personal data at any time.

Right to lodge a complaint (Art. 77 GDPR)

You have the right to lodge a complaint with a supervisory authority. The authority responsible for us is the Berlin Commissioner for Data Protection and Freedom of Information (Berliner Beauftragte für Datenschutz und Informationsfreiheit), Friedrichstr. 219, 10969 Berlin, datenschutz-berlin.de.

15Legal bases & storage period

Legal bases:

Art. 6(1)(a) GDPR — consent
Art. 6(1)(b) GDPR — performance of a contract and pre-contractual measures
Art. 6(1)(c) GDPR — legal obligation
Art. 6(1)(f) GDPR — legitimate interests

Storage period: Personal data is stored only for as long as is necessary to achieve the purpose of storage, or as required by statutory retention periods (in particular § 257 HGB, § 147 AO — up to 10 years for tax- and commercial-law-relevant documents). The data is then routinely deleted.

16Automated decision-making

As a responsible company, we do not use automated decision-making or profiling within the meaning of Art. 22 GDPR.

17Validity & changes to this policy

This privacy policy is currently valid and dated 2026. Due to the further development of our website and services, or due to changes in legal or regulatory requirements, it may be necessary to update this privacy policy. The currently valid version can be accessed at any time at medner.de/en/data-protection.