window.ga=window.ga||function(){(ga.q=ga.q||[]).push(arguments)};ga.l=+new Date; ga('create', 'UA-23711421-5', 'auto'); ga('set', 'forceSSL', true); ga('set', 'anonymizeIp', true); ga('require', 'displayfeatures'); ga('require', 'cleanUrlTracker'); ga('require', 'outboundLinkTracker'); ga('require', 'ec'); var match = RegExp('[?&]gclid=([^&]*)').exec(window.location.search); var gclid = match && decodeURIComponent(match[1].replace(/\+/g, ' ')); if(gclid){ ga('set', 'dimension1', gclid); } ga('send', 'pageview'); ga('set', 'nonInteraction', true); setTimeout("ga('send', 'event', 'read', '20 seconds')", 20000); Data protection | Stoma shop Belgium
+32(0)2.588.41.98
export@stoma.de

Data protection

Introduction

We, Storz am Mark GmbH (hereinafter “we” or “us”), take the protection of your personal data seriously. We handle your data confidentially and in accordance with the GDPR as well as this policy.

1 Controller

Storz am Mark GmbH
Emminger Straße 39
78576 Emmingen-Liptingen
Germany
Tel.: +4974659260-70
E-Mail: sam(at)stoma.de
Website: www.stoma.de

2 Data Protection Officer

Storz am Mark GmbH
Emminger Straße 39
78576 Emmingen-Liptingen
Germany
Tel.: +4974659260-28
Email: datenschutz(at)stoma.de
Website: www.stoma.de

3 Definitions (Art. 4 GDPR – summary)

  • Personal data: All information that identifies you directly or indirectly.
  • Processing: Any operation related to data (collection, storage, use, etc.).
  • Controller: Entity that determines purposes and means.
  • Processor: External service provider acting on behalf of the controller.


4 Collection and storage when visiting the website

When visiting our website, our server automatically collects log data:

  • IP address
  • Access date/time
  • URL of the requested file
  • Referrer URL
  • Browser and operating system type

Purpose: Functional security, performance measurement, attack detection

Legal basis: Art. 6(1)(f) GDPR (legitimate interest)

Storage period: 30 days, then anonymization

5 Google Fonts

We embed web fonts locally, thus avoiding data transfers to Google Ireland Limited. Until completed:

  • Data recipient: Google Ireland Limited
  • Legal basis: Art. 6(1)(f) GDPR (legitimate interest)


6 Cookies & Tracking

We use cookies only with your consent via our consent tool.

  • Session cookies: Functional security
  • Preference cookies: settings
  • Statistics cookies: Google Analytics (IP anonymization)
  • Marketing cookies: Google Ads, Meta Pixel
    Withdrawal: anytime via cookie banner or browser settings


7 Google Analytics, Google Ads, Meta Pixel

  • Google Analytics (anonymized) – opt-out via browser add-on
  • Google Ads (conversion tracking) – consent required
  • Meta Pixel – used after consent, opt-out in Facebook account


8 Contact inquiries

When contacting us via form, email, or phone, we store your data (name, email, content) for processing.

Data transfer: not without your consent

Storage duration: 3 years

9 Newsletter (Double Opt-In)

  1. Registration via form
  2. Confirmation email with link
  3. Storage of email, registration and confirmation date, IPs
  4. Withdrawal via unsubscribe link or email to newsletter@stoma.eu
    Legal basis: Art. 6(1)(a) GDPR (consent)

10 Routine deletion & blocking

Data is deleted once the purpose ceases or retention periods end. Automated and manual checks take place regularly.

11 Data protection in applications

We process application documents (cover letter, CV, certificates) for recruitment.

Legal basis: Art. 6(1)(b) GDPR

Storage: 2 months after rejection unless legitimate interests apply.

12 Google Maps

Interactive maps with consent.

  • Data recipient: Google LLC (USA)
  • Data transferred: IP address, entered address data
  • Legal basis: Art. 6(1)(f) GDPR
  • Deactivation: disable JavaScript


13 Processors

We work with service providers (e.g., hosting, email delivery) under Art. 28 GDPR contracts. We maintain an internal list.

14 Data transfers to third countries

Transfers outside EU/EEA only with adequacy decisions or Standard Contractual Clauses (SCC).

15 Social media & links

Our pages contain links to third-party providers. Their privacy policies apply upon access. We have no control over their content.

16 Your rights

  • Access (Art. 15 GDPR)
  • Rectification (Art. 16)
  • Erasure (Art. 17)
  • Restriction (Art. 18)
  • Data portability (Art. 20)
  • Objection (Art. 21)
  • Withdrawal of consent
  • Complaint to supervisory authority

Requests: datenschutz(at)stoma.de

17 PayPal as payment method

When selecting PayPal, we transmit your name, address, and order number to PayPal (Europe) S.à r.l. & Cie, 22–24 Boulevard Royal, 2449 Luxembourg, for processing.

Legal basis: Art. 6(1)(b) GDPR (performance of contract)

Data processing at PayPal: See https://www.paypal.com/de/webapps/mpp/ua/privacy-full

18 Registration (customer account)

When creating an account, we collect:

  • Name, e-mail, address
  • Password (hashed)
  • Profile information (optional)

Purpose: processing current and future orders, personalized services

Legal basis: Art. 6(1)(b) GDPR

Account deletion: anytime in the customer area or by e-mail to vertrieb@stoma.de

19 Other shop-specific processing

  • Shopping cart function: storage via session cookie
  • Reviews: name, e-mail, content – processing based on your consent


20 Updates & changes

Last updated: 09.09.2025. We reserve the right to amend this policy and will publish the update date here.

Recently viewed
Functional

Functional cookies are absolutely necessary for the functionality of the web shop. These cookies assign a unique random ID to your browser so that your unhindered shopping experience can be guaranteed over several page views.

Session:
The session cookie stores your shopping data over several page views and is therefore essential for your personal shopping experience.
Notepad:
The cookie enables a notepad to be made available to the user across sessions. This means that the notepad remains available even across several browser sessions.
Device Assignment:
The device assignment helps the shop to ensure the best possible display for the currently active display size.
CSRF token:
The CSRF token cookie contributes to your security. It strengthens the security of forms against unwanted hacker attacks.
Login token:
The login token is used for the cross-session recognition of users. The cookie does not contain any personal data, but allows personalization across multiple browser sessions.
Cache exception:
The cache exception cookie allows users to read individual content independent of the cache memory.
Active cookies check:
The cookie is used by the website to find out whether cookies are permitted by the browser of the site user.
Cookie settings:
The cookie is used to store the cookie settings of the site user over several browser sessions.
Qualification query:
This query is used to check whether you have the professional qualifications to purchase our medical devices.
Country identification:
The cookie is used to remember the language identification in the shop.
PayPal:
The cookie is used for payment processing via PayPal.
Information about origin:
The cookie stores the user's page of origin and the first page visited for further use.
Enabled cookies:
Stores which cookies have already been accepted by the user for the first time.
Regionauswahl
Marketing

Marketing cookies are used to place advertisements on the website in a targeted and individualized manner over several page views and browser sessions.

Google AdSense:
The cookie is used by Google AdSense to improve advertising efficiency on the website.
Tracking

Tracking cookies help the shop operator to collect and evaluate statistics about the behavior of users on their website.

Google Analytics:
Google Analytics is used for traffic analysis of the website. Thereby statistics about website activities can be created and read out.
This website uses cookies to ensure you get the best experience on our website. More information