Privacy Policy - Deutsches Institut für Zell und Gewebeersatz

Thank you for your interest in our company and our website. The protection of your data and your privacy is very important to the German Institute for Cell and Tissue Replacement gGmbH (hereinafter: “DIZG” or “we”). Therefore, compliance with the applicable data protection regulations of the General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG) and other legal regulations is a matter of course for us.

In order to be able to offer you our services, we need to process your personal data. The following data protection information provides an overview of what happens to your personal data when you visit our website, contact us and/or purchase our transplants or services. Personal data is all data with which you can be personally identified. What data this is, how we handle it and what rights you have are explained below:

I. Controller

The controller within the meaning of Art. 4 (7) GDPR for the processing of personal data is

DIZG Deutsches Institut für Zell- und Gewebeersatz
Gemeinnützige Gesellschaft mbH
Innovationspark Wuhlheide
Köpenicker Straße 325, Haus 42
D-12555 Berlin

Telefon: +49(0)30-65 76 30 50
E-Mail: dizg@dizg.de

II. Data protection officer

If you have any questions regarding the processing of your personal data or your rights in relation to data protection, please contact:

DIZG Deutsches Institut für Zell- und Gewebeersatz
Gemeinnützige Gesellschaft mbH
– Datenschutzbeauftragter –
Köpenickerstr. 325
12555 Berlin

Telefon: +49(0)30-65 76 30 50
E-Mail: dsb@dizg.de

III. Data collection (traffic tracking)

1. Log Files

When you visit our website, the browser used on your device automatically sends information to the server of our website. This information is temporarily stored in a log file. The following information is collected without any action on your part and stored until it is automatically deleted:

IP address of the requesting computer,
Date and time of access,
Name und URL der abgerufenen Datei,
the website from which access was made (referrer URL)
browser used and, if applicable, the operating system of your computer and the name of your access provider.

The aforementioned data is processed by us for the following purposes:

Ensuring a smooth connection to the website,
Ensuring a comfortable use of our website,
Evaluation of system security and stability,
evaluation of user behavior and advertising measures, and
for other administrative purposes.

Data processing is carried out to protect our legitimate interests. The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest follows from the purposes for data collection listed above. Under no circumstances do we use the data collected for the purpose of drawing conclusions about your person.

We also use cookies and analysis services when you visit our website. You can find more detailed explanations on this in section III. 2. of this privacy policy.

2. Cookies

In order to make visiting our website attractive and to enable the use of certain functions, we use so-called cookies on various pages. These are small files that your browser automatically creates and that are stored on your end device (laptop, tablet, smartphone, etc.) when you visit our website.

Information is stored in the cookie that results in each case in connection with the specific end device used. However, this does not mean that we obtain direct knowledge of your identity.

A distinction is made between the following cookie types and functions:

Temporary cookies (also: session cookies): Temporary cookies are deleted at the latest after a user has left an online service and closed their browser.
Permanent Cookies: Permanent cookies remain stored even after the browser is closed. For example, the login status can be saved or preferred content can be displayed directly when the user visits a website again. The interests of users that are used for reach measurement or marketing purposes can also be stored in such a cookie.
First-Party Cookies: First-party cookies are set by us.
Third-Party Cookies: Third-party cookies are mainly used by advertisers (so-called third parties) to process user information.
Technically necessary cookies: Cookies may be absolutely necessary for the operation of a website (e.g. to store logins or other user input or for security reasons).
Statistical, marketing and personalization cookies: Cookies are also generally used to measure reach and when a user’s interests or behaviour (e.g. viewing certain content, using functions, etc.) on individual websites are stored in a user profile. Such profiles are used, for example, to show users content that matches their potential interests. This process is also referred to as “tracking”, i.e. tracking the potential interests of users.

We only use optional cookies and comparable technologies for marketing and analysis purposes if you have given your consent for data processing in accordance with Section 25 (1) TTDSG in conjunction with Art. 6 (1) sentence 1 lit. a GDPR and for the transfer of data to third countries in accordance with Art. 49 (1) sentence 1 lit. a GDPR via our cookie banner.

Our website uses a so-called “Consent Management” from Usercentrics GmbH to record and manage consents and any revocations. If you give your consent to the use of cookies, a cookie will be set to record your consent. We set this technically necessary cookie on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR in order to document your consent. If you delete your cookies, we will ask you for your consent again when you visit our website at a later date.

You can revoke your consent at any time or change the selection of cookies by clicking on the black dot at the bottom left of the screen.

Please note that you can also set your browser so that you are informed about the setting of cookies and can decide individually whether to accept them or to exclude the acceptance of cookies for certain cases or in general.

You can find out how to delete cookies in the most common browsers and change the cookie settings here:

Internet Explorer: https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies
Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen
Chrome: https://support.google.com/chrome/answer/95647?hl=de&hlrm=en
Safari: https://support.apple.com/de-de/guide/safari/sfri11471/12.0/mac/10.14
Opera: https://help.opera.com/de/latest/web-preferences/#cookies.

Please note that if you do not accept cookies, the functionality of our website may be limited.

3. Information on Google Services

We use various services of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland on our website for users from the European Economic Area and Switzerland; for all other users, the service provider is Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA (hereinafter: “Google”).

You can find more information on the individual specific Google services that we use on this website in the further privacy policy.
By integrating Google services, Google may collect and process information (including personal data). It cannot be ruled out that Google may also transmit the information to a server in a third country.

There is currently no adequacy decision pursuant to Art. 45 GDPR.

However, the transfer can be based on standard contractual clauses. Google has undertaken to comply with the standard contractual clauses for the transfer of personal data to third countries in accordance with Directive 95/46/EC (Standard Contractual Clauses – SCC).

You can find more information on the standard contractual clauses at https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractuals-clauses-scc_de and at https://policies.google.com/privacy/frameworks?hl=de.

We ourselves cannot influence which data Google actually collects and processes. You can find information on the types of cookies used by Google at https://policies.google.com/technologies/types.

If you access a Google service on our website while you are logged into your Google profile, Google can also link this event to your Google profile. If you do not wish to be associated with your Google profile, you must log out of Google before accessing our contact page.

You can also change your cookie settings (e.g. delete cookies, block cookies, etc.). Further information on this can be found in section III. 2. of this privacy policy.

You can find more information in Google’s privacy policy, which you can access here: https://www.google.com/policies/privacy/.

You can find information on Google’s privacy settings at: https://privacy.google.com/take-control.html.

a. Google Analytics

Our website uses Google Analytics with your consent, which you can revoke at any time. Google Analytics uses cookies, which are stored on your computer and enable your use of the website to be analyzed.

The following types of data are processed by Google:

Browser type/version
Operating system used
Referrer URL (the previously visited page)
Host name of the accessing computer (IP address)
Time of the server request

The information generated by the cookies about your use of this website is usually transmitted to a Google server in the USA and stored there. However, by activating IP anonymization on our website, your IP address will be shortened and thus anonymized by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.
Furthermore, we have concluded an order processing contract with Google for the use of Google Analytics (Art. 28 GDPR). Google processes the data on our behalf to evaluate your use of the website, to compile reports on website activity for us and to provide us with other services relating to website activity and internet usage. Google may transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf.

The legal basis for the processing of personal data described here is your consent, which you may have given for data processing in accordance with § 25 para. 1 TTDSG in conjunction with Art. 6 para. 1 sentence 1 lit. a GDPR and for data transmission in accordance with Art. 49 para. 1 sentence 1 lit. a GDPR in the cookie banner. You can revoke your consent at any time with effect for the future or adjust your selection under data protection settings.

You can also prevent the collection of data generated by the cookie and related to your use of the website (including your shortened IP address) and the processing of this data by Google by downloading and installing the browser add-on available at the following: http://tools.google.com/dlpage/gaoptout?hl=de.

If you prevent the storage of cookies, we would like to point out that in this case you may not be able to use all the functions of our website to their full extent.

Further information on data protection in connection with Google Analytics can be found in Google’s privacy policy and in the Google Analytics privacy policy.

Further information on Google services can be found in section III. 3. of this privacy policy.

c. Google Web Fonts (Local Hosting)

Our website uses so-called web fonts provided by Google for the uniform display of fonts. The Google fonts are installed locally. There is no connection to Google servers.

Further information on Google Web Fonts can be found at https://developers.google.com/fonts/faq and https://fonts.google.com/about and in Google’s privacy policy: https://www.google.com/policies/privacy/.

4. Kununu

Our website also uses a so-called widget of the Kununu network. Kununu is a service of NEW WORK AUSTRIA XING kununu Prescreen GmbH, Schottenring 2-6, 1010 Vienna, Austria and is operated by New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany.

When you access a page of our website that contains such a widget (yellow button with the inscription: “Our profile on kununu”), your browser establishes a direct connection with the Kununu servers. The content of the widget is transmitted by Kununu directly to your browser, which integrates it into the website. By integrating the widgets, Kununu receives the information that your browser has accessed the corresponding page of our website, even if you do not have a Kununu account or are not currently logged in to Kununu. This information (geographic location, usage data, browser information, information about the operating system, IP address, referrer URL) is transmitted directly from your browser to a Kununu server in Europe and stored there. If you are logged in to Kununu, Kununu can assign your visit to our website directly to your Kununu account. If you interact with the widget, the corresponding information is also transmitted directly to a Kununu server and stored there. The information is also published on Kununu and displayed to your Kununu contacts.

Kununu may use this information for the purposes of advertising, market research and the needs-based design of the Kununu pages. For this purpose, Kununu creates usage, interest and relationship profiles, e.g. to evaluate your use of our website with regard to the advertisements displayed to you on Kununu, to inform other Kununu users about your activities on our website and to provide other services associated with the use of Kununu.

The legal basis is your consent, which you may have given for data processing in accordance with § 25 para. 1 TTDSG in conjunction with Art. 6 para. 1 sentence 1 lit. a GDPR and for data transmission in accordance with Art. 49 para. 1 sentence 1 lit. a GDPR in the cookie banner. Without your consent, there will be no connection to the Kununu servers. You can revoke your consent or change your selection at any time under Privacy settings.

If you do not want Kununu to assign the data collected via our website to your Kununu account, you can refuse consent or log out of Kununu before visiting our website. The purpose and scope of the data collection and the further processing and use of the data by Kununu as well as your rights in this regard and setting options to protect your privacy can be found in Kununu’s data protection information at: https://privacy.xing.com/de/datenschutzerklaerung

IV. Mail Advertising

We reserve the right to store your first and last name, business address, title, academic degree, and professional, industry, or business designation, which we have received from you or from publicly available sources within the scope of the contractual relationship, in summarized lists in order to send you information about our products by postal mail.

We may also work with external partners from whom we receive your contact details. We will inform you in the respective letter whether and, if so, with which partner we are working.

The legal basis for the processing of your data is the protection of our legitimate interests in advertising to our customers, which prevail in the context of a balancing of interests, in accordance with Art. 6 (1) (f) GDPR.

You have the right to object to the further use of your personal data for advertising purposes at any time. If you wish to exercise your right of objection, simply send an email to dizg@dizg.de.

V. Making Contact

When you contact us (e.g. by post, e-mail, telephone, etc.), we store and process the data that you have provided to us (e.g. name, contact information, content of the inquiry). Which data is collected in the case of a contact form can be seen from the respective contact form. This data is stored and used exclusively for the purpose of responding to your request or for contacting you and the associated technical administration. The legal basis for the processing of this data is our legitimate interest in responding to your request in accordance with Art. 6 para. 1 lit. f GDPR. If your contact is aimed at concluding a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR. Your data will be deleted after final processing of your request. This is the case if it can be inferred from the circumstances that the matter in question has been conclusively clarified and provided that there are no statutory retention obligations to the contrary.

VI. Applications

On our website, we also offer you the opportunity to apply for vacancies and to send us your application by e-mail.
If you send us your application, we will process the personal data that you provide to us as part of your application.
This data may include in particular

Contact details (e-mail address, telephone numbers, fax number)
First name and surname
Address (street, house number, zip code, city, federal state)
Date and place of birth
Nationality
Degree of disability and severe disability (voluntary information)
Health data (mandatory depending on the position)
Proof of (higher) education (certificates and diplomas)
Professional evidence (certificates, assessments, diplomas, evidence of professional experience, further and advanced training)
Information on general skills (experience abroad, driving license with details of driving license category, other knowledge)
Curriculum vitae
Photograph
Proof of internships or certificates
Police clearance certificate

The purpose of processing the personal data resulting from the application documents sent by you is to be able to identify a suitable applicant.
The legal basis for the processing of your e-mail address is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest is to offer you the opportunity to contact us at any time and to be able to answer your inquiries. The legal basis for the processing of personal data resulting from the application is Art. 6 para. 1 lit. b), Art. 88 para. 1 GDPR, § 26 para. 1 BDSG.
The application email and the documents sent will be stored until a decision has been made for or against the applicant and will then be deleted.
If an employment relationship is established between you and us, we may continue to process the personal data already received from you for the purposes of the employment relationship in accordance with Art. 88 GDPR in conjunction with Section 26 BDSG-new, insofar as this is necessary for the performance or termination of the employment relationship or for the exercise or fulfillment of the rights and obligations of the representation of employees’ interests arising from a law or a collective agreement, a works or service agreement (collective agreement).
Insofar as we base the processing of your data on our legitimate interest, you have the right to object; please see Section IX. of this Privacy Policy.

The provision of personal data is required for the submission of an application. Failure to do so will mean that we will not be able to process and consider your application.

VII. Data Processing in Contractual Matters (Customers and Business Partners)

We process your personal data for the initiation and fulfillment of contracts, including the management of related order inquiries and order assignments, both online and offline. These processing operations may include the following categories of data:

Master data: This is business contact data and related information (e.g. company name and address, register data, legal form, organization size, email, telephone number, URL and other organization specifications and qualifications). In addition, we collect and process the data of our contact persons (e.g. name, e-mail address, telephone number, job title, department). We need this information in order to provide you with our services, to contact you and, if necessary, to enforce our rights. The data processing is therefore carried out for the purpose of fulfilling the contract (legal basis in this respect: Art. 6 para. 1 sentence 1 lit. b GDPR) and to protect our legitimate interests (legal basis: Art. 6 para. 1 sentence 1 lit. f GDPR).
Invoice data: Name and address, invoice date and number, invoice amount, VAT ID if applicable: We store this data to fulfill legal obligations and thus on the basis of Art. 6 para. 1 sentence 1 lit. c) GDPR. We process the invoice data for as long as we are obliged to store it. We regularly delete them 10 years after the end of the year in which the invoice was created..
Payment data: We process the bank account data provided by you for the purpose of payment processing and thus to safeguard our legitimate interests; it is therefore carried out on the basis of Art. 6 para. 1 sentence 1 lit. f) GDPR. We delete the payment data if this interest no longer exists or if your legitimate interests outweigh our legitimate interests, unless you have consented to further storage in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR or if legal obligations require further processing.
Depending on the business relationship, different data protection notices may apply, which we will point out accordingly before processing your personal data.

The provision of personal data is required for the submission of an application. Failure to do so will mean that we will not be able to process and consider your application.

VIII. Forwarding of data

Your personal data will not be transferred to third parties for purposes other than those listed below. We only pass on your personal data to third parties if:

you have given your express consent to this in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR,
the disclosure pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR is necessary for the assertion, exercise or defense of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data,
in the case that there is a legal obligation for the disclosure pursuant to Art. 6 para. 1 sentence 1 lit. c GDPR, and
this is legally permissible and necessary for the processing of contractual relationships with you in accordance with Art. 6 para. 1 sentence 1 lit. b GDPR. For this purpose, we may pass on your personal data to our service providers, for example to the financial institutions responsible for payment transactions, technical service providers who carry out IT maintenance and services for us, as well as providers of cloud services and logistics companies. If we use them as processors, the service providers will only have access to your data to the extent and for the period required to provide the respective service.

IX. Right of data subjects:

You have the right

to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you can request information about the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of appeal, the origin of your data if it was not collected by us, as well as the existence of automated decision-making including profiling and, if applicable, meaningful information on its details;
in accordance with Art. 16 GDPR, to immediately request the correction of incorrect or incomplete personal data stored by us
in accordance with Art. 17 GDPR, to request the erasure of your personal data stored by us, unless the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defense of legal claims
in accordance with Art. 18 GDPR, to demand the restriction of the processing of your personal data if the accuracy of the data is disputed by you, the processing is unlawful but you refuse to delete it and we no longer need the data, but you need it to assert, exercise or defend legal claims or you have lodged an objection to the processing in accordance with Art. 21 GDPR
in accordance with Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request that it be transmitted to another controller
in accordance with Art. 7 para. 3 GDPR, to revoke your consent to us at any time. As a result, we may no longer continue the data processing that was based on this consent in the future and
to lodge a complaint with a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our company headquarters.

X. Widerspruchsrecht

If your personal data is processed on the basis of legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR, you have the right to object to the processing of your personal data in accordance with Art. 21 GDPR, provided that there are reasons for this arising from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right to object, which will be implemented by us without specifying a particular situation.

If you wish to exercise your right of revocation or objection, simply send an e-mail to dizg@dizg.de.

XI. Duration of the storage of personal data

The duration of the storage of personal data is determined by the respective legal basis, the purpose of processing and – if relevant – additionally by the respective statutory retention period (e.g. retention periods under commercial and tax law).
When processing personal data on the basis of express consent in accordance with Art. 6 para. 1 lit. a GDPR, this data is stored until the data subject withdraws their consent.

If there are statutory retention periods for data that is processed within the scope of legal or similar obligations on the basis of Art. 6 para. 1 lit. b GDPR, this data will be routinely deleted after the retention periods have expired, provided that it is no longer required for contract fulfillment or contract initiation and/or we no longer have a legitimate interest in further storage.

When processing personal data on the basis of Art. 6 para. 1 lit. f GDPR, this data is stored until the data subject exercises their right to object in accordance with Art. 21 para. 1 GDPR, unless we can demonstrate compelling legitimate grounds for the processing that outweigh the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims.

When processing personal data for the purpose of direct marketing on the basis of Art. 6 para. 1 lit. f GDPR, this data is stored until the data subject exercises their right to object in accordance with Art. 21 para. 2 GDPR.

Unless otherwise stated in the other information in this declaration on specific processing situations, stored personal data will be deleted when it is no longer necessary for the purposes for which it was collected or otherwise processed.

XII. Data Security

We use the widespread SSL (Secure Socket Layer) method in conjunction with the highest level of encryption supported by your browser when you visit our website. As a rule, this is 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is transmitted in encrypted form by the closed display of the key or lock symbol in the lower status bar of your browser.

We also use suitable technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

XIII. Up-to-dateness and amendment of this privacy policy

Due to the further development of our website and offers on it or due to changed legal or official requirements, it may become necessary to change this data protection declaration. You can access and print out the current privacy policy at any time on the website at https://www.dizg.de/de/38-datenschutzerklaerung.html von Ihnen abgerufen und ausgedruckt werden.

DIZG
- About us
  The non-profit German Institute for Cell and Tissue Replacement (DIZG) is a pharmaceutical manufacturer based in Berlin and is one of the largest pharmaceutical and biotechnological non-profit organizations of its kind in Europe.
- Research & Development
  Optimizing transplant properties, adapting them to ever-changing clinical requirements, identifying new surgical applications for existing transplant types, and developing new transplants are what drive the Research & Development (R&D) team.
- Safety & Quality
  In Germany, human cell and tissue transplants of human origin are regulated as medicinal products and/or require approval. This means that their production, biological safety, and clinical application are subject to oversight by German authorities. In DIZG's cleanrooms, all regulatory requirements are strictly followed.
- Facility 2026
  The DIZG is investing in a new production facility for allogeneic devitalized tissue preparations to ensure safe patient care.
  From the groundbreaking in 2021 to the topping-out ceremony and beyond – discover the progress here.
- Press
  Here you can download interesting facts about DIZG, press releases, published interviews, literature as well as company images and logos.
- News
  Here you will find our news and the event overview.
Tissue donation
- All About Tissue Donation
  The tissue donations received by the DIZG originate from a living person or are collected post-mortem, i.e. after death. Under sections 3 and 4 of the German Transplantation Act, tissue removal, like organ removal, is only permitted with the consent of the donor or the relatives of the deceased.
- Living Tissue Donation
  The Tissue Donation department works closely with national and international collection facilities as well as with clinics that participate in living donation programmes. Together they ensure that human transplants are available for upcoming operations.
- Post mortem Tissue Donation
  Bone and soft tissue can be donated after death, i.e. post-mortem. However, according to the provisions of the Transplantation Act § 3 and § 4, the removal of tissue is only permitted with the donor's consent.
- Become a donor clinic
  The demand for safe human tissue transplants exceeds the supply. The more clinics participate in the DIZG donation programme, the more patients can be supplied with human transplants throughout Germany and Europe. This is why it makes sense to expand the tissue donation programme across the board.
  Since its foundation, around 868,000 transplants have been manufactured infection-free.
Allografts
- Application Areas
  We support doctors* and surgeons in their day-to-day clinical challenges with our versatile human allografts in form of tendons, menisci, bones and much more.
  Since its foundation, around 868,000 transplants have been manufactured infection-free.
- Allograft Portfolio
  The DIZG's transplant portfolio already includes 230 innovative human transplant forms for widespread clinical provision. Discover our comprehensive range!
- Meniscus Matching
  The DIZG is the only provider in Germany that offers meniscus matching to find a suitable meniscus transplant.
Cell Cultures
- Cell Culture: Areas of Application
  Autologous keratinocyte transplants are often an indispensable treatment method for extensive skin wounds and severe grade 2b and 3 burns. For more than 20 years, the DIZG has been the only institution in Germany to produce these in the form of sheets of human keratinocytes and a suspension of human keratinocytes.
- Cell Culture Manufacturing Process
  Our autologous cell cultures are produced to the highest standards in the highest possible cleanroom class A. The cultivation and provision of keratinocytes are subject to strict regulatory requirements, which require the DIZG to maintain a separate cleanroom area just for them.
- Cell Culture Service
  We offer you a comprehensive service for our autologous cell cultures, starting long before the transplantation. We also assist burn clinics in meeting regulatory requirements.

Preamble