General Data Protection Information

This privacy policy is intended for the users of our website. It is intended to provide information about the nature, scope and purpose of the collection and use of personal data by us, the responsible persons at

bioXXmed AG

bioXXmed AG

(details and contact see the Legal information)

We take data protection seriously and treat your personal data confidentially and in accordance with the statutory provisions, in particular by the European Data Protection Regulation (DSGVO) and by the German Federal Data Protection Act (BDSG).

Because new technologies, the constant further development of this website and the updating of the legal basis could result in changes to this data protection declaration, we recommend that you read through the data protection declaration again at regular intervals. (You can check at the very end of the Privacy Policy to see when we last updated this text).

Definitions of the terms used here (e.g. "personal data" or "processing") can be found in Article 4 of the GDPR.

Basic information on the handling of your data

The following principles apply to our handling of your personal data:

  • As a matter of principle, we do not pass on your data to third parties.
  • For all personal data collected by us, the rights of the data subject apply, which we would like to explicitly point out to you at this point and which are explained in detail further down on this page. (See section “Rights to your data”).

    The following sections of this privacy policy cover which personal data we collect, how it is transferred, for what purposes we collect it and how long we store it.

Data transmission

The transmission of data to and from our site takes place exclusively by means of a secure, encrypted connection via the so-called "HyperText Transfer Protocol Secure" (HTTPS). This prevents third parties from reading the data transfer, understanding the content, using it for their own purposes or falsifying it. You can recognize the use of such transport encryption by a lock symbol in the address line of your Internet browser.

However, we would like to point out that data transmission on the Internet may have security gaps. A guaranteed data protection against access by third parties is therefore not possible.

Access data

The website provider (web host) collects data on all accesses to the website on our behalf due to our legitimate interest as the website operator and stores this data as so-called "server log files" on the website's Internet server. The following data is logged:

  • Visited website
  • Date and time at the time of access
  • Amount of data sent
  • Source/reference from which you came to the page
  • Browser used
  • Operating system used
  • IP address used


We cannot assign this data to specific persons. As a rule, we do not merge this data with other data sources.

Our site provider stores server log files for a maximum of 60 days and then deletes them automatically. The data is stored for security reasons, e.g., to be able to clarify cases of abuse. If we have to retain data for legal reasons (e.g., for the purpose of preserving evidence), they are exempt from deletion until the incident has been finally clarified. There is a so-called "order processing contract" between our page provider based in Germany and us in accordance with Art. 28 ff. DSGVO, which legally secures the data protection-compliant processing of your data.


This website does not use “cookies” for advertising or tracking purposes. Such cookies are not transmitted to visitors' browsers either by our server or by third-party servers.

However, when calling up individual web pages, a technically necessary cookie is set, which is automatically deleted when you close your browser after visiting our pages. According to the current legal situation, no visitor consent is required before such technically necessary, required cookies are set. (See the ruling of the German Federal Court of Justice (BGH) from May 2020).

However, you can set your browser so that you are always informed about the cookies settings. You thus have the options to allow cookies only in individual cases, exclude the acceptance of cookies for certain cases or in general, as well as activate the automatic deletion of all cookies when closing the browser. (In this case, technically necessary cookies will also be blocked, the function of our website will be limited).

You can read what you need to set in your browser to do this in the instructions provided by your Internet browser provider (Chrome, Edge, Firefox, Opera, Safari, etc.).

Interested parties who contact us

If you contact us through the contact options offered (e-mail address, telephone number or contact form), we store your information so that we can access it to process and respond to your request.

Personal data in the sense of this privacy policy could be your telephone number or your e-mail address. In addition, you could provide us with further personal data such as first and last names, postal addresses, your own Internet pages, etc. as part of the exchange of information (for example, as part of an e-mail signature you use).

We could store all these interested party data for up to three years for the purpose of maintaining contact and making subsequent contact. We will delete them afterwards in any case without further action, unless you send us an informal request for deletion or correction of your personal data beforehand. (See also section Rights you have to your data).

Rights to your data

As a data subject, you have the right to receive, upon request and free of charge, information about what personal data has been stored about you. You also have the right to have incorrect data corrected and to have your personal data processed restricted or deleted. If applicable, you could also exercise your right to data portability. You further have the right to object to future processing of your data.

If you assume that your data has been processed unlawfully in contradiction to this privacy statement or fundamentally in the sense of the GDPR, you can file a complaint with the competent supervisory authority.

Deletion and correction of data

Unless your request conflicts with a legal obligation to retain data (e.g. data retention or legal retention obligations), you have a right to have your data deleted. We will delete data stored by us if it is no longer necessary for its intended purpose and if there are no legal retention requirements. If we are not allowed to carry out such deletion because the data is required for permissible legal purposes, we will restrict data processing; in this case, we will block the data and not process it for purposes other than those required by law.

The same applies to the correction of data that is not (no longer) correct. You can request such a correction at any time.

Right of objection

Users of this website may exercise their right to object to the processing of their personal data for the future at any time.

If you wish to request correction, blocking, deletion or information about your stored personal data, or if you have any questions regarding the collection, processing or use of your personal data, or if you wish to revoke any consent you have given, you can informally send us your request in writing, electronically or verbally. The fastest and safest way to send your request is to use the following e-mail address:

(Status of this data protection declaration: October 2022)


bioXXmed AG
Riedstrasse 2
64295 Darmstadt