Cardia International: Privacy Statement

Data protection officer

If you have any questions about the processing of your personal data or about data protection generally, please ask our data protection officer, who is also your point of contact if you have any complaints. Please contact us at

Right of information and revocation

The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union (EU) and the European Economic Area (EEA)and gives you the right as a user to obtain information about the personal data Cardia International has stored on you. You can revoke any consent you have given to the collection, processing and use of your personal data at any time with future effect. Cardia International will then delete your data. This does not apply to data that is still needed, for an existing contract, for instance.

Disclosure and use of personal data

Data is only collected on behalf of or transmitted to state agencies and authorities on the basis of mandatory national regulations. Personal data is not transmitted to third parties without your express agreement. Our employees, suppliers and subsidiaries have undertaken to treat data confidentially and to comply with the relevant statutory provisions of data protection law and the principle of data secrecy.

Limited use of your data

Your personal data are only used for the purpose for which you disclosed them to the Cardia International and to the extent that you have consented to their use and further disclosure.

Encryption of personal data

All the information you entrust to the Cardia International in dialogue boxes and application forms is securely transmitted using modern internet technology and only used for the stated purpose.

Cardia International uses a transmission method based on the SSL protocol (secure sockets layer protocol). This encrypts all the data exchanged between your browser and the server of the Cardia International. Your data are therefore safe from manipulation and unauthorised access by third parties while being sent. This does not necessarily apply to unencrypted emails that you send to Cardia International, however. These may be vulnerable to unauthorised third-party access during transmission. Detailed information on the encryption of sensitive emails can be found in IT Security.

Links to external providers

This data protection statement does not apply to the content of websites operated by other providers which can be reached by links on our website. Cardia International has no knowledge of and no control over which data the operators of these sites may collect. Information can be found in the data protection statement for the respective website.

Use of cookies

Cardia International uses persistent cookies with an expiry date in order to analyse the use of our web pages and optimise them for you. Cookies are small text files that are sent to your computer and stored on its hard drive. These cookies do not store your personal data or link them with your personal user data, so your privacy is protected. Cookies do not become part of your system and cannot do any damage. Most browsers are set to accept cookies automatically. However, you can deactivate the acceptance of cookies or set your browser so that it notifies you when cookies are used or prevents them from being sent. All the functions of our website are also available to you without cookies. If you deactivate cookies it may restrict the functions of some of our services, however.

Collection and use of protocol data

Protocol data is recorded every time the web pages of Cardia International are visited and every time a file is accessed. The data comprises:

– your IP address,
– the website you have come from,
– the pages you click on and
– the date and duration of your visit.

Cardia International analyses this information in anonymised form for statistical purposes and to improve our online services, but does not compile personal user profiles. The data are also not communicated to third parties. Data with technical information about your visit are disclosed for analysis and processing to external service providers which have signed a confidentiality and non-disclosure agreement with Cardia International.

Cardia International upholds your right to ‘informational self-determination’ and the protection of your privacy when we process your personal data and when you use our online services. Cardia International has therefore taken technical and organisational security precautions to guarantee this protection.

Legal foundations

Personal data that you communicate when visiting our website is processed in accordance with the European Union’s (‘EU’) General Data Protection Regulation (‘GDPR’),  and other statutory provisions applicable to electronic business transactions.