Data Protection Declaration

1) General information

ORSOFT GmbH (ORSOFT), a subsidiary of OR Soft Jänicke GmbH, takes the protection of your personal data very seriously and always adheres to the legal provisions when processing personal data, in particular observing the current data protection regulations. This data protection statement provides information on the type, scope and purposes of ORSOFT's collection and use of your data, in particular personal data. This declaration also applies to all affiliated companies of ORSOFT.

2) Responsible Authority

Martin Luther Ring 13
04109 Leipzig
Telephone: +49 (0)341 230 89 00


Managing Directors

Hartmut Friedrich
Dr. Wilmar Mögling
District Court Leipzig HRB 28318

3) Data collection sources

ORSOFT strives to collect as little data as possible from you. The use of ORSOFT's website for informational purposes is possible without the provision of personal data. In this section, general information is collected which serves to ensure the operational safety of ORSOFT's website (see item 9). Personal data will only be requested, processed and used to the extent necessary to comply with the purposes stated under point 5.

Therefore, personal data that ORSOFT receives in advance or in the course of a business relationship with a company for which you are the contact person or legal representative will be processed. In addition, personal data is processed when you contact ORSOFT by e-mail or by using the electronic contact form. In individual cases, ORSOFT may process personal data collected from publicly accessible sources (e.g. networking platforms) in a legally permissible manner.

4) Types of data ORSOFT processes

ORSOFT processes the following categories of personal information in the event that you provide it: General and business communication data (title, first name, surname, e-mail address, telephone number, fax number, company name, job title, business address). ORSOFT also collects and processes general information as defined in Section 9 of this Statement.

5) Purposes of the collection and processing of personal data and legal bases

ORSOFT processes personal data in accordance with the requirements of the General Data Protection Regulation (GDPR) and the amendment provisions of the German National GDPR Implementation Act (in short: BDSG-neu). ORSOFT collects, processes and uses your personal data exclusively for the following purposes provided that at least one of the conditions specified under Section 5 a) to d) is fulfilled.

a) Data processing for the fulfilment of contractual obligations or for the implementation of pre-contractual measures (Art. 6 para. 1 item b GDPR)

ORSOFT processes your personal data in order to carry out pre-contractual measures in accordance with your request (e.g. by e-mail or telephone) and to provide you with the information you require. Additionally, data is processed in order to comply with the contractual obligation to provide services. Example:

  • Access to and invoicing of ORSOFT's payable services (e.g. in case of registration for an ORSOFT event)

b) Data processing based on a balance of interests (Article 6 (Paragraph 1) (f) GDPR)

If necessary, ORSOFT will process your data in order to safeguard ORSOFT's legitimate interests, provided that no individual interests or your fundamental rights and freedoms conflict with them. Examples:

  • Provision of ORSOFT services, including but not limited to needs analyses and advice, for the fulfilment of a contract with a customer whose contact person or legal representative you are
  • Ensuring IT security and IT operations, in particular improving website functionality
  • Providing information on ORSOFT as well as on current proprietary products and services (which may be similar to services already purchased) and selected proprietary conferences, on the condition this is legally possible (in terms of data protection and competition) without your consent (e.g. § 7 section. 3 of the German Act Against Unfair Competition) and you have not objected to the use of your data for the purpose of direct advertising.
  • Acquisition of new customers
  • Transmission of your personal data within the corporate group, as far as it is legally possible without your consent; especially for internal administrative purposes
  • Asserting (civil) legal claims and defending in legal matters
  • Preventing threats to state or public security, especially criminal offences

c) Data processing on the basis of legal requirements (Article 6 (1) (b) GDPR) or for the fulfilment of tasks in the public interest (Article 6 (1) (e) GDPR)

Regardless of the original data collection purpose, ORSOFT may be legally obligated to process your data or to do so in the public interest. Examples:

  • Compliance with retention, control and reporting obligations in accordance with tax and commercial law

d) Data processing based on consent (Article 6 (1) (a) GDPR)

Unless otherwise required by law, ORSOFT will always seek your consent to process your data for individual, specified purposes. Examples:

  • Processing your request using the contact form on ORSOFT's website
  • Processing of your data for the purpose of direct marketing, if consent is required by law
  • Disclosure of data within the ORSOFT group of companies (subject to consent)

You can revoke your consent at any time with effect for the future without affecting the legality of the processing carried out on the basis of the consent until revocation.

6) Data provision obligation and any possible consequences of failure to provide it

In the context of a contractual relationship between your company and ORSOFT, you may be required to provide the personal data specified under section 4 (with the exception of general information) if this should be necessary for the establishment and execution of the business relationship or the corresponding contractual obligations or for the implementation of pre-contractual measures.

Failure to provide your personal information would result in ORSOFT being unable to provide the information content or services you have requested.

7) Recipient and transfer of your personal data / transmission of the data to a third party country or an international organisation

At ORSOFT and within the ORSOFT Group, only relevant departments receive the data they need to fulfil legal obligations or to carry out the (possibly pre-) contractual relationship between ORSOFT and your company (in particular to advise and support you on various aspects of operational software, supply chain management, master data maintenance and hospital planning). In particular for internal administrative purposes, your data will also be transmitted within the group of companies. If required by law, your consent will be obtained separately.

Processors used by ORSOFT within the meaning of Art. 28 GDPR receive your data exclusively for the purposes stated under section 5. Service providers used by ORSOFT are obliged to treat your personal data in accordance with the currently applicable data protection regulations, in particular in accordance with the GDPR.

Other recipients will only receive your data if such disclosure is required by law or ORSOFT is required to do so by official and/or court order, if you have given your separate consent or if ORSOFT is authorised to disclose such data without your consent.

Your personal data will not be actively transferred to a country outside the EEA or to an international organisation.

8) Criteria for determining the period of data retention

ORSOFT adheres to the principles of data avoidance and data economy. ORSOFT will therefore only retain your personal data for as long as is necessary to achieve the stated purposes (e.g. to conduct a business relationship and/or to safeguard ORSOFT's legitimate interests) or as stipulated by the various legal requirements for retention and documentation (e.g. in accordance with the German Commercial Code or the Tax Code). In particular, the legal retention periods are ultimately the decisive criterion for the length of time your data is retained.

After the respective processing purpose has ceased or after expiry of these periods, the corresponding data will be deleted routinely and in accordance with statutory provisions or, if necessary, initially temporarily blocked. In addition, ORSOFT will immediately delete your data in the event of a request pursuant to Art. 21  GDPR, unless there are legitimate reasons for processing and/or ORSOFT is legally obliged to archive your data.

General information collected by the website within the scope of section 9 will be routinely deleted after 14 days.

9) Collecting general information when visiting the ORSOFT website

When you access ORSOFT websites, general information, that is technologically necessary to view the website, is automatically collected. This information includes the type of web browser used, the operating system used, date and time of access, referrer URL (previously visited page) and the computer's IP address. This data cannot be traced back to specific persons. Information collected in this way is evaluated by ORSOFT solely for statistical purposes; it is not merged with other data sources. The data will not be used for any other purpose or passed on to third parties. It is routinely deleted after 14 days.

10) Use of cookies

ORSOFT uses few proprietary session cookies. These are small text files that are stored on a device you use and for example, make visiting a website more comfortable or safer.

The use of cookies is limited to the duration of your visit to the website. They are automatically deleted when you close your browser. There is no association with personal data. Cookies do not process any personal data.

You can prevent the use of cookies in the settings of your browser. Please note that website functionality may be limited or even disabled if cookies are not enabled.

11) Data Security

ORSOFT uses technical and organisational security measures to protect your ORSOFT data from accidental or intentional manipulation, loss, destruction or access by unauthorised persons. ORSOFT's security measures are continuously being improved as new technology develops. However, ORSOFT cannot guarantee complete security of data transmission over the internet. ORSOFT therefore does not guarantee complete protection of data against access by third parties.

12) Your Rights

As a person concerned within the meaning of Art. 4 No. 1 GDPR, you have the right under Art. 15 GDPR to obtain information about your personal data stored by ORSOFT at any time. You also have the right to have your data corrected in accordance with Art. 16 GDPR, processing restricted in accordance with Art. 18 GDPR or your personal data deleted in accordance with Art. 17 GDPR: With regard to the right to information and deletion, reference is made to the applicable restrictions pursuant to §§ 34 and 35 BDSG-neu. You have the right to data portability under Art. 20 GDPR and the right to complain to a competent supervisory authority under Art. 77 GDPR in connection with § 19 BDSG-neu. In general, the supervisory authority of ORSOFT is the Saxon Data Protection Officer.

Furthermore, you have a right of objection in accordance with Art. 21 GDPR. If the processing of the data is based on your consent, you may revoke this consent at any time pursuant to Art. 7 para. 3 GDPR by notifying ORSOFT with effect for the future. The legality of the processing carried out based on consent until revocation remains unaffected.

Your right of objection under Article 21 of GDPR

Case-specific right of opposition to processing based on Article 6 paragraph 1 item e or f GDPR

If your data is processed on the basis of Article 6 paragraph 1 item e or f GDPR, you have the right to object to the processing of your personal data at any time for reasons arising from your particular situation.

In this event, ORSOFT will cease processing your personal data, provided that ORSOFT cannot find compelling legitimate grounds for processing that outweigh your interests, rights and freedoms and if the processing does not serve to assert, exercise or defend legal claims.

Right to object to data processing for the purpose of direct marketing

If ORSOFT processes your personal data for direct marketing purposes, you have the right to opt-out of the processing of your personal data at any time for the purposes of such advertising.

If you exercise this right of objection, ORSOFT will no longer process your personal data for direct marketing purposes.

Your objection can be made in any form, preferably in writing by e-mail to or by post to ORSOFT GmbH, Martin-Luther-Ring 13, 04109 Leipzig.

13) Data Protection Officer

Should you have any questions or suggestions regarding the processing of your personal data by ORSOFT, please do not hesitate to contact ORSOFT. In this case, please contact the responsible data protection officer directly, who is also available in the event of requests for information, applications or complaints.

By post:
Data Protection Officer
Martin Luther Ring 13
04109 Leipzig

By email:

+49 (0)341 230 89 01

14) Changes to the privacy policy

ORSOFT reserves the right to modify this declaration of data protection in the course of its existence, in particular to adapt it to current legal requirements or to implement changes to services in the data protection declaration, e.g. when introducing new services. Accordingly, the new data protection declaration applies to any subsequent visit to the website. If this change is not required by law or permitted by applicable law without your consent, you will be separately informed of any change in the purpose of data processing before this Data Protection Declaration is amended. ORSOFT will, if necessary, obtain your consent.

Last updated: May 2018