+49 (0) 41 01 86 86 8-0
  1. Home
  2. Privacy

Data Protection

 

Thank you for visiting our website and your interest in our company.

Data protection is an important topic for indigodental GmbH (herafter referred to as “indigodental”), the operator of the website www.indigodental.com. Protecting your privacy rights is very important to us. We have therefore designed our website in line with the principle of data minimization, which means we restrict ourselves to the essential information needed.


1. Collection of Personal Data on Visits to Our Website

If you wish to visit our website, we will only collect the following technically necessary data in order that the website is displayed correctly and that its stability and security are ensured. The legal basis for the above is our legitimate interest in accordance with the first sentence of Article 6 (1) (f) of the GDPR.

 

The following data are collected:

 

  • IP address

  • The date and time of the request

  • Time zone difference from Greenwich Mean Time (GMT)

  • Content of the request (specific page)

  • Access status/HTTP status code

  • The data volume transferred in each case

  • The web page from which the request originated

  • Browser

  • The operating system and its interface

  • Browser software language and version

 

We collect and use the personal data that we receive when you use our online services strictly within the legally permitted framework and solely for the purpose for which you supplied the data (e.g. requesting information materials, posting comments, subscribing to newsletters). The collected data are subject to extensive security measures that prevent unauthorized access, block misuse, and protect against the destruction or loss of data. Data are SSL-encrypted before transmission over the internet.

When you contact us by email or by using a contact form on this website, we will store the data you provide (your email address, your name and telephone number if applicable, and the content of your message) in order to answer your questions. Your data are processed in the context of precontractual measures or based on your express consent in accordance with the first sentence of Article 6 (1) (a) and (b) of the GDPR. We erase the data collected in this context once storage is no longer necessary or restrict processing if legal retention periods exist. We collect the following data when you contact us using our website:

 

  • The IP address of the target email server

  • The date and time of the request

  • The email address of the sender

  • The content of the message

 

If your email content is confidential in nature, we strongly urge you to encrypt it to protect against unauthorized access or falsification during transmission.


2. Rights of Data Subjects

You are entitled to assert the following rights of data subjects with regard to personal data concerning you at any time and at no charge:

 

  • Right of access

  • Right to rectification or erasure

  • Right to restriction of processing

  • Right to object to processing

  • Right to data portability

 

You also have the right to lodge a complaint concerning our processing of your personal data with a data protection supervisory authority.


3. Revocation of Consent and Objection to the Processing of Your Data

If you have consented to the processing of your data, you can revoke this consent at any time. Such a revocation influences whether the processing of your personal data is permissible after you have notified us of the revocation.

You can email the notice of revocation to privacy@indigodental.com or post it to indigodental GmbH, Data Protection Officer, Fahltskamp 5, 25421 Pinneberg.

If we process your personal data based on a balancing of interests, you can object to such processing. This is especially the case if the processing is not required for the fulfillment of a contract with you, and which is explained in the following description of functions. When exercising such an objection, we request that you explain the reasons why we should not have processed your personal data as we have done. If your objection is justified, we shall review the situation and either discontinue or adjust our data processing activities, or provide you with our compelling legitimate grounds for continuing our processing.

 

4. Erasure of Personal Data

The data we process are erased in accordance with legal requirements if the purpose of processing your data no longer applies, or if your data are no longer required for the purpose for which they were collected. Your data will also be erased if the processing was based on your consent and you have revoked the same.

It may be that the storage of your data is required for other legally permissible purposes, such as to fulfill a legal obligation, to exercise legal claims, or for reasons under tax law. In such cases, your personal data will only be processed for these specific purposes.

 

5. Categories of Recipients of Personal Data

We rely on national and international external service providers, who may also have access to your personal data, to process our business transactions (e.g. for IT, logistics, telecommunications, sales and marketing). We have established data processing contracts, which ensure that data processing is carried out in a lawful manner, with these providers in accordance with Article 28 of the GDPR.

If we pass on your personal data to our subsidiaries, or if our subsidiaries pass the same on to us (e.g. for marketing purposes), this is also done in accordance with existing data processing agreements.

 

6. Requirements for Transferring Personal Data to Third Countries

For the exceptional cases in which personal data are transferred to countries outside of the European Economic Area (EEA) (“third countries”), this takes place under the conditions set out in Article 44 et seq. of the GDPR. We will provide you with information on the respective details of transfer at the relevant points below.

The European Commission recognizes some third countries as having an equivalent level of data protection to the EEA through what are known as “adequacy decisions.” However, other third countries to which personal data may be transferred may not have a consistently high level of data protection due to a lack of legal provisions. In such cases, we ensure that data protection is adequately guaranteed. This is achieved through binding company rules, the European Commission’s standard contractual clauses for the protection of personal data in accordance with Article 46 (1) and (2) (c) of the GDPR, certificates, and recognized codes of conduct.


7. Additional Functions and Services on our Website

In addition to the use of our website for purely informational purposes, we offer various services that you can access if they are of interest to you. To this end, you typically need to provide further personal data, which we use to provide the service in question and to which the aforementioned data processing principles apply.

In some cases, we use external service providers to process your data. We have carefully chosen and engaged these service providers, who are bound by our instructions and undergo regular monitoring.

Insofar as our service providers or partners are based in a state outside of the European Union (EU) or the European Economic Area (EEA), we shall advise you of the consequences of this situation at the appropriate point in this privacy policy.


8. Cookies

Cookies are small text files that are transmitted to your computer together with the online data actually requested. These data are stored on your computer in readiness for subsequent visits.

We use the consent management platform (CMP) from Cookiebot, a service provided by Usercentrics GmbH, Sendlinger Straße 7, 80331 Munich, Germany. The tool allows you to conveniently manage your consent to the setting of technically non-essential cookies and to make changes in this respect using the tool (e.g. revoking granted consent or making objections).

The information required under Article 13 of the GDPR on the processing of your personal data by the Cookiebot CMP and by technically non-essential cookies can also be found in the tool.

How to disable or enable the cookie settings: 
Click on the blue-and-white cookie icon along the right edge of the page. A pop-up window will appear, showing the cookies used on the website according to the following categories: “Necessary,” “Preferences,” “Statistics,” and “Marketing.” Clicking on the “Show Details” tab will expand the window to show more information about the cookies, such as the name, provider, purpose, expiration and type. You can disable or enable the cookie settings by selecting the checkboxes next to the categories.


9. Processing of Job Applicant Data

Data required for establishing contact and for the purposes of the application process are collected and stored in compliance with the regulations under data protection law. The legal basis for this is our precontractual relationship in accordance with the first sentence of Article 6 (1) (b) of the GDPR and Section 26 (1) in conjunction with the second sentence of (8) of the German Federal Data Protection Act (BDSG).

If an application is rejected, the applicant’s data shall, in any case, be stored for evidence purposes for up to six months after the end of the application process for the purpose of exercising, asserting, or defending against legal claims. The legal basis for this is the first sentence of Article 6 (1) (f) of the GDPR. If you have consented to further storage of your personal data in accordance with the first sentence of Article 6 (1) (a) of the GDPR, we will transfer your data to our applicant pool until you revoke this consent. In any case, the data will be erased after one year unless you revoke your consent beforehand. If you have been offered a position during the application process, the data from the applicant data system will be transferred to our HR management system. You can find information on the storage period in the data protection information prepared for our employees.

Your provision of the data is not required by law or contractually prescribed. You are not obligated to provide the data. However, if the data are not provided, it will be impossible to process the application and, perhaps, to recruit the applicant.


10. Processing of Customer Data

In the context of processing customer data, we collect and store information to the extent necessary, such as first and last name, postal address, email address, telephone number/fax number, goods ordered/service provided, customer inquiry information, and date of inquiry.
 
We process these data (with the exception of your IP address) for the purposes of fulfilling and processing contracts with you (including payment processing), customer inquiries, and for our own marketing purposes in accordance with the applicable regulations under data protection law.
 
The legal basis for the processing of your customer data is Article 6 (1) (b), (c), and (f) of the GDPR. Your data are erased once they are no longer required for their intended purpose, insofar as this does not conflict with statutory retention requirements (particularly those arising from the German Tax Code (AO) and German Commercial Code (HGB)).

 

Questions on Data Protection

The ongoing development of the internet has an impact on indigodental’s data protection strategy. If you have any questions, suggestions, or comments relating to data protection at indigodental, you can send them at any time by email to the following address: privacy@indigodental.com. This privacy policy will be continually adapted and further developed in line with the development of data protection and security technology. As such, we reserve the right to modify or amend this policy if need be.


Postal Address:

indigodental GmbH
Data Protection Officer
Fahltskamp 5
25421 Pinneberg
Germany

 

Gender Disclaimer
Any references made on this website to the male form shall apply to people of all genders. We have refrained from referring to all genders for the sake of improving legibility.

 

Last updated: October 2025