Privacy Policy

We herewith wish to inform you about the processing of personal data by Berlin Heart, in particular when you are using our website. We process personal data (e.g. name, address, e-mail address and telephone number of a data subject) in accordance with the applicable law, in particular the General Data Protection Regulation (GDPR) and the German Data Protection Law (BDSG).


1. Name and Address of the Controller

Controller in the sense of Art. 4 para. 7 GDPR is:

Berlin Heart GmbH
Represented by the directors Sven-René Friedel, Dr. Ares K. Menon
Wiesenweg 10
12247 Berlin, Germany
Tel: +49 30 8187 2600
Fax: +49 30 8187 2601



2. Data Protection Officer

You may contact our Data Protection Officer as follows:  

Berlin Heart GmbH
- attn. the Data Protection Officer -
Wiesenweg 10
12247 Berlin, Germany

Tel: +49 30 8187 2106


3.Processing of Personal data when visiting our website

The mere informatory use of our website only leads to a processing of personal data that are transmitted by your internet browser to our server. While visiting our website we process the following data. This is technically necessary for us in order to display the website and to safeguard its stability and security (legal basis: Art. 6 para. 1 phr. 1 lit. f GDPR):

  • IP-Address
  • date and time of the request
  • time zone difference to Greenwich Mean Time (GMT)
  • content of the request (concrete page)
  • access status/HTTP status code
  • the respectively transmitted data volume
  • the website from which the request came from
  • browser type
  • operating system (OS) and its surface
  • language and version of the browser software.

4. Processing of Personal Data in the event of personal contact

When you are entering into personal contact with us by e-mail, letter, contact form or in another way we will process the transmitted data (e.g. your e-mail address, your name and/or your telephone number) in order to process and/or answer your request (legal basis: Art. 6 para. 1 phr. 1 lit. a, f GDPR). The data processed in this context will be deleted as soon as their storage is no longer necessary or we restrict the processing if we have to fulfill a legal obligation to retain such data.


5. Processing of Personal Data in Recruitment Procedures

5.1  If you transmit personal data to us in the context of recruitment procedures, such data will be processed only for the implementation of this procedure, to determine the possible success of your application.  (legal basis: Art. 6 para. 1 phr. 1 lit. a, f GDPR).

5.2  If a contract is concluded between you and us, we will process the data for the purposes of conclusion and execution of the employment subject to the statutory provisions. In any other case, we will automatically delete the application documents after six months, unless the deletion is in contrary to our legitimate interests (e.g. procedures according to the German General Equal Treatment Act)  



6. Processing of Patient Data

6.1 If data of a patient is transmitted to Berlin Heart, e.g. by contract partners (in particular by clinics where the patient receives the medical treatment), Berlin Heart will immediately pseudonymize or anonymize the patient’s data.

6.2 The patient’s data (including data concerning health) will only be processed by Berlin Heart, if this is permitted according to statutory provisions, e.g. if the patient has given his/her explicit consent, for necessary measure of quality assurance and the eventually necessary medical support of the patient, especially in case of emergency. As a producer of medical devices Berlin Heart also has to fulfill legal reporting obligations towards public regulatory authorities. As an example, this applies for (adverse) events that may have led to a serious deterioration in the state of a patient’s health. These reporting obligations are also applicable toward public authorities in third countries (countries outside the European Union). We always transmit patient data pseudonymized or, if possible and legally permitted anonymized.  (Legal basis for data concerning health: Art. 9 para. 2 lit. a, c, f, h, i GDPR as well as § 22 para. 1 No. 1 lit. b, c Germany Data Protection Law; as for the rest: Art. 6 para. 1 phr. 1 lit. a, f GDPR).


7. Your Rights

7.1 With respect to your personal data you have the following rights:

  • right to request,
  • right to rectification and erasure,
  • right to restriction of processing,
  • right to object to the processing,
  • right to withdrawal, if the processing is based on your consent,
  • right to data-portability.

7.2 You may withdraw your consent at any time for the future without providing reasons.

7.3    If you think that we have not duly observed your rights, you are entitled to lodge a complaint with the supervisory authority concerning our processing of your personal data. However, before lodging a complaint, we would be happy if you could inform us about your criticism so that we are able to remedy the grounds of your complaint.

7.3 If you think that we have not duly observed your rights, you are entitled to lodge a complaint with the supervisory authority concerning our processing of your personal data. However, before lodging a complaint, we would be happy if you could inform us about your criticism so that we are able to remedy the grounds of your complaint.

8. Erasure of Data by the Controller

8.1 We process your data only for the period of time that is necessary to achieve the respective storage purpose or if we following our legal obligations. All server log files (including your IP-address) will be automatically erased within 14 days.

8.2 We will erase your personal data if the processing purpose or the legal storage obligation ceases to exist. Therefore, you don’t have to take any actions to this end.


9. Cookies

9.1 In addition to the aforementioned data, cookies will be stored on your computer when our website is used. Cookies are small text files that are stored on your hard drive and associated to the browser you have used. Herewith, we may in particular determine the user frequency and number of users and analyses the website activity. We also use cookies to provide a user friendly design of our website. Some cookies remain on your device after your visit of our website. If you are visiting our website again, we may retrieve such saved cookies.

9.2 You may configure your browser preferences according to your demands and, for example, prevent the acceptance of third party or all cookies. However, please note that by refusing cookies, some functions of this website may eventually not be accessible.



10. Analytical Tools

10.1 This website uses Google Analytics, a web analytics service of Google Inc. (“Google“). Google Analytics uses “cookies”, which means text files placed on your computer that allow an analyses how you use the website. The information generated by the cookie about your use of the website will in general be transmitted to and stored by Google on servers in the USA. If the IP – anonymization is activated on this website (see below), your IP-address will be previously shortened by Google within a member state of the European Union or in a contracting state to the Agreement on the European Economic Area. Only as an exception your IP-address will be fully transmitted to a server located in the USA and shortened there. Google will use these information on behalf of the controller for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services for the controller relating to website activity and internet usage.

10.2 Google will not associate your IP address with any other data held by Google.

10.3 You may refuse the use of cookies by selecting the appropriate settings on your browser. However please note that in this case you may not be able to use the full functionality of this website. You may in addition prevent Google from collecting and processing the data generated by the cookie and related to your use of the website (including your IP-address) by downloading and installing the browser plug-in, available under

10.4 This website uses Google Analytics with the extension „_anonymizeIp()“. Therefore, only shortened IP-addresses will be processed. A direct link to a data subject should be excluded.  

10.5 We use Google Analytics to analyze and to constantly improve the use of our website. For cases of an exceptional transmission of personal data in the USA, Google has joined the EU-US Privacy Shield regulation, see Legal basis for the use of Google Analytics is Art. 6 para. 1 phr. 1 lit. f GDPR.

10.6 Information on Google: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001. User terms of service:,
general Information on data protection:,
Privacy Policy:



11. Definitions of the GDPR

11.    Definitions of the GDPR
For the purpose of the GDPR and this Privacy Policy the following terms have the meaning described below.

–    ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;

–    ‘processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;

–    ‘restriction of processing’ means the marking of stored personal data with the aim of limiting their processing in the future;

–    ‘consent’ of the data subject means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;

–    ‘pseudonymisation’ means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person;

–    ‘controller’ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;

–    ‘third party’ means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data;

–    ‘processor’ means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;