Privacy Policy

MEDION AG Privacy Policy (as of May 2018)

Thank you for visiting MEDION. We take the protection of your personal information very seriously and want you to feel secure when using our website and our products. The protection of your privacy in the processing of personal data is a central and important concern for MEDION, which we also consider in all our business processes. We take care of the protection of your collected, processed and used data during your visit to the MEDION website. We are happy for you to contact us for all questions about MEDION data protection and will promptly take care of your queries or requests. This statement may be updated from time to time. We therefore ask you to read this document regularly. The date of the latest update can be found at the end of this document.

  1. Principles

Your personal data will be collected, processed and used in strict compliance with legal requirements and in good faith. Where possible, we design our business processes in such a way that data protection requirements are taken into account during the development of products and services and that personal data are anonymised in such a way that the data subject cannot or can no longer be identified, if the agreed purpose is not thereby compromised. MEDION uses your personal data for the technical management and development of this website, for customer, user management and marketing to inform you about our services and products and for other well-defined purposes.

  1. Used sources and data

As part of our business relationships, we process personal data that we have received directly from you. In addition, we process personal data that we legitimately gain from publicly available sources or that are transmitted to us by other third parties as far as these data are necessary for the provision of the corresponding services and within the scope of the agreed purpose.

We store your data, which is necessary for the processing of your order, the use of our products or the provision of services, for example repairs, and – if selected by you – to process payments. These are personal data such as your address details, your date of birth (for transactions with age verification) and data required for certain payment methods. The respective order data (article, quantity, price, etc.) are assigned to your address data. In most cases, MEDION is already required by law to collect this data (for example, in the case of age verification in accordance with the Children and Young Persons Act or the Tax Code).

  1. Purpose of processing and legal bases

The processing of your personal data takes place in accordance with the provisions of the European General Data Protection Regulation (GDPR) and country-specific regulations.


For the fulfilment of contractual obligations (Article 6 (1) b GDPR):

The processing of personal data takes place in the context of trade in products and services in the field of consumer electronics. The purposes of data processing are primarily based on the specific product (e.g. physical or digital) and its application possibilities or on the order placed with us (e.g. repair). For further details on data processing purposes please refer to the contract documents, the operating instructions and the terms and conditions or the conditions of use.

In the context of balancing of interests (Article 6 (1) f GDPR):

If necessary, we process your data beyond the actual fulfilment of the contract for the protection of legitimate interests of us or third parties. This includes the review and optimization of requirements analysis procedures for direct customer approach, advertising or market and opinion research, provided you have not objected to the use of your data, the assertion of legal claims and defence in legal disputes, ensuring IT security and the IT operations of MEDION, the prevention and investigation of criminal offenses on the basis of official orders, and measures for the business management and further development of MEDION services and products.

On the basis of your consent (Article 6 (1) a GDPR):

As long as we have your given consent to the processing of personal data for specific purposes (e.g. transfer of data within the Group, evaluation of data for marketing purposes), the legality of this processing is based on your consent. The granted consent can be revoked at any time. This also applies to the revocation of declarations of consent that were issued to us before the validity of the GDPR, i.e. before 25/05/2018. The revocation of consent does not affect the legality of the data processed until the revocation.

Due to legal requirements (Article 6 (1) c GDPR) or in the public interest (Article 6 (1) e GDPR):

These include, for example, the identity and age check or the fulfilment of tax control and reporting obligations. Unless otherwise stated below, no personal data is processed when using this website; i.e. not saved or changed or passed on to third parties.

  1. Data transmission to third countries or to international organizations

A transfer of data to offices in countries outside the European Union (so-called third countries) takes place, only where it is necessary for the execution of your orders, required by law or you have given us your consent. In addition, MEDION does not transfer any personal data to third countries or international organizations. However, for certain orders, MEDION use service providers who also use service providers who can have their head office, parent company or data centres in a third country. According to Art. 45 GDPR, the transfer is permissible if the European Commission has decided that an adequate level of protection exists in a third country. If no such decision has been taken, MEDION or the service provider may only transfer personal data to a third country or to an international organization, where appropriate safeguards are provided (e.g. standard data protection clauses provided by the Commission or the supervisory authority in a specific procedure) and enforceable rights and effective remedies are available. MEDION has concluded contracts with these service providers for so-called order processing which stipulate that the foundations for data protection are always concluded with their contractual partners in compliance with the European data protection level.

  1. Storage periods

MEDION processes and stores your personal data if this is necessary for the fulfilment of our contractual and legal obligations. If the data is no longer required for the fulfilment of contractual or legal obligations, they are regularly deleted unless their temporary processing is necessary for the following purposes: Preservation of evidence in accordance with statutory limitation provisions. According to §§195 ff. of the Civil Code (BGB), these limitation periods can be up to 30 years, whereby the regular limitation period is three years. Furthermore, this includes the fulfilment of commercial and tax-related retention obligations under the Commercial Code (HGB) or the Tax Code (AO). The periods for storage or documentation specified in the previously listed laws are two to ten years.

  1. Your rights

Any person affected by the processing of personal data has the right to:

Information (Article 15 GDPR),

Correction (Article 16 GDPR),

Deletion (Article 17 GDPR),

Limitation of processing (Article 18 GDPR),

Data portability (Article 20 GDPR) as well as

Opposition (Article 21 GDPR).

With regards to the right to information and the right to delete, however, restrictions apply according to §§ 34 and 35 BDSG. In addition, there is a right of appeal to a competent data protection supervisory authority (article 77 GDPR in conjunction with section 19 BDSG).

  1. Duty to provide data

As part of our business relationship, you must provide the personal information necessary to enter into a business relationship and perform its contractual obligations, or that we are required to collect by law. Without this information, we will generally be unable to conclude or execute the contract with you, or enforcement of your statutory rights are put at risk (such as guarantees and warranties).

  1. 8. Automated decision-making and profiling

In principle, we do not use fully automated decision-making pursuant to Art. 22 GDPR to justify and implement the business relationship. If we use these procedures in individual cases, we will inform you about this separately, if this is required by law. We sometimes process your data automatically with the aim of evaluating certain personal aspects (profiling). By using profiling, for example, we can provide you with targeted information about products and services, or we use evaluation tools. These enable needs-based communication and advertising, including market and opinion research.

  1. Collection of personal data when visiting our website

In merely viewing our website for informative purposes where you do not register or otherwise provide us with information, we collect only the personal data that your browser transmits to our server. Therefore, when you look at our website, we collect the following data that is technically necessary for us to display our website and to ensure its stability and security (legal basis is article 6 (1) sentence 1 GDPR):

–              IP address

–              Date and time of the request

–              Time zone difference to Greenwich Mean Time (GMT)

–              Content of the requirement (landing page)

–              Access status / HTTP status code

–              Transmitted amount of data

–              Website from which the request comes

–              Browser

–              Operating system and its interface

–              Language and version of the browser software.

In addition to the aforementioned data, cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard drive assigned to the browser you are using and by which the body that sets the cookie (here through us) receives certain information. This is done, for example, through the website’s performance analysis of cookies, which help to improve our website by providing us with overall statistics on the number of visitors to a page, which areas of a page are most viewed, and the city or location of users. These can be installed by an external analysis provider commissioned by us. These cookies do not personally identify you. Cookies cannot run programs or transmit viruses to your computer. They only serve to make the Internet more user-friendly and effective overall. MEDION uses the following types of cookies: transient and persistent cookies.

Transient cookies are automatically deleted when you close the browser. These include, in particular, session cookies. These store a so-called session ID, with which various requests from your browser can be assigned to the common session. This will allow your computer to be recognized when you return to our website. The session cookies are deleted when you log out or close the browser.

Persistent cookies are automatically deleted after a specified period, which may differ depending on the cookie. You can delete the cookies in the security settings of your browser at any time.

You can configure your browser setting according to your wishes. e.g. decline the acceptance of third-party cookies or all cookies. Please be aware that you may not be able to use all features of this site. Please note that most browsers offer different ways to protect your privacy. For example, you can allow first-party cookies, but you can block third-party cookies or be notified each time a website wants to install a cookie. Please note that disabling cookies will make it impossible to set new cookies. However, it does not prevent previously set cookies from continuing to work on your device until you have cleared all cookies in your browser settings. You will usually find the instructions for managing cookies in your browser under the help function of the browser or in the operating instructions of your smartphone, static or mobile product used with Internet access.

In addition, we use cookies to identify you for follow-up visits if you have an account or a separate individual access to our offers, otherwise you would have to log in again for each visit. The Flash cookies used are not detected by your browser but by your Flash plug-in. Furthermore, we use HTML5 storage objects, which are stored on your device. These objects store the required data regardless of your browser and do not have an automatic expiration date. If you do not wish to process Flash cookies, you must install an add-on such as Mozilla Firefox


or the Adobe Flash Killer Cookie for Google Chrome. You can prevent the use of HTML5 storage objects by using private mode in your browser.

  1. Privacy Policy for Social Plugins

Our website uses plugins of social networks (Twitter, Facebook, etc.).

Every time you visit a page of our website that has such a plugin, the plugin causes the browser you are using to load and display the optical representation of the plugin from the social network server. In doing so, the social network server is informed which particular website of our internet presence you are currently visiting as well as other data, in particular your IP address. We have no control over the amount of data the social network collects using this plugin. Please inform yourself by means of the privacy policy of the respective social network: e.g.;;


  1. Information about your right of objection under Art. 21 General Data Protection Regulation (GDPR)

You may withdraw your consent to the processing of personal data by MEDION at any time. This also applies to the revocation of declarations of consent, which were given to us before the validity of the General Data Protection Regulation (GDPR), i.e. before 25/05/2018. Please note that the revocation only works for the future. Processing that occurred before the revocation is not affected.

Individual case-related right of objection

You have the right, at any time for reasons arising from your particular situation, to object to the processing of personal data concerning you, pursuant to Article 6 (1) e of the GDPR (Data Processing in the Public Interest); this also applies to profiling based on this provision within the meaning of Art. 4 Nr. 4 GDPR. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing is for the purposes of asserting, exercising or defending legal claims.

Insofar as we base the processing of your personal data on the balance of interests, you may object to the processing. This is the case if the processing is not required to fulfil a contract with you, which we describe in each case in the following description of the functions. In the event of such a disagreement, we ask you to explain the reasons why we should not process your personal data as we have done. In the case of your justified objection, we will examine the situation and will either discontinue or adapt the data processing or make clear to you our compelling reasons worthy of protection, on the basis of which we must continue the processing.

Right to object to the processing of data for direct marketing and advertising purposes

In individual cases, we process your personal data in order to operate direct mail or serve targeted adverts to you. You have the right to object at any time to the processing of personal data concerning you for the purposes of such advertising; this also applies to profiling insofar as it is associated with such direct mail. If you object to the processing for direct marketing purposes, we will no longer process your personal data for these purposes. The objection can be free of form and should be directed where possible to:

MEDION Electronics Ltd, 120 Faraday Park, Faraday Road, Dorcan, Swindon SN3 5JF

12. Responsible body is:

MEDION Electronics Ltd, 120 Faraday Park, Faraday Road, Dorcan, Swindon SN3 5JF


The data protection operation can also be reached via e-mail:

(Status of this privacy policy of MEDION AG, 05.2018, 1)