Privacy policy
Draft — this content will be legally reviewed and finalised before publication.
1. Controller
A.R.C. Laser GmbH, Bessemerstraße 14, 90411 Nürnberg, Germany.
Data protection: datenschutz@arclaser.de
2. Server log files
When the portal is accessed, technical data is processed automatically (IP address — anonymised after 7 days, timestamp, browser/operating system information, pages visited, data volume transferred). Legal basis: Art. 6 (1) (f) GDPR (legitimate interest in secure operation). Retention: 30 days.
3. Download form & logging (MDR)
Before downloading instructions for use, we collect your company/ institution, title, first and last name, email address and consent, as well as the device downloaded, the language and the exact revision. The purpose is the non-repudiable traceability of every delivery as required by the Medical Device Regulation (MDR). Legal basis: Art. 6 (1) (c) and (f) GDPR. Retention follows the statutory retention periods.
4. Cookies
Only strictly necessary cookies are used (login/session token in the admin area, storage of the language preference). No tracking, marketing or analytics cookies are set.
5. Data security
Transmission is encrypted via TLS. Passwords are stored hashed using bcrypt.
6. Your rights
You have the right to access, rectification, erasure, restriction of processing, data portability and objection (Art. 15–21 GDPR). Please contact datenschutz@arclaser.de.
7. Supervisory authority
Bavarian State Office for Data Protection Supervision (BayLDA), Ansbach.