Arete

Privacy Policy

Last updated: [20/04/2026]

1. Introduction and Overview

We take the protection of your personal data very seriously. This Privacy Policy explains how ARETE Implant Tech (“we”, “us”, “our”) collects, uses, and protects your personal data when you visit our website https://arete-implanttech.de (the “Website”) or otherwise interact with us.

This Privacy Policy applies to the processing of personal data in accordance with the EU General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG), and the German Telecommunications Digital Services Data Protection Act (TTDSG).

2. Controller

The controller responsible for the processing of personal data on this Website within the meaning of Art. 4 (7) GDPR is:

ARETE Implant Tech [Legal company name / legal form, e.g., GmbH] [Street and number] [Postal code and city] Germany

Email: info@areteimplanttech.com Phone: +49 [phone number]

Represented by: [Name of managing director / authorized representative] Commercial Register: [Registering court and HRB number, if applicable] VAT ID: [VAT identification number, if applicable]

3. Data Protection Officer

[If you are legally required to appoint a Data Protection Officer (DPO) under Art. 37 GDPR / § 38 BDSG, insert contact details here. If not, you may state:]

We have not appointed a Data Protection Officer because we are not required to do so under applicable law. For any questions regarding data protection, please contact us directly at info@areteimplanttech.com.

4. General Principles of Data Processing

We process personal data only where a legal basis permits us to do so under Art. 6 (1) GDPR. Depending on the processing activity, the legal basis may be:

  • Consent (Art. 6 (1) lit. a GDPR) — where you have given us clear consent to process your data for a specific purpose.
  • Contract (Art. 6 (1) lit. b GDPR) — where processing is necessary for the performance of a contract or pre-contractual measures.
  • Legal obligation (Art. 6 (1) lit. c GDPR) — where we must process data to comply with a legal obligation.
  • Legitimate interests (Art. 6 (1) lit. f GDPR) — where processing is necessary for our legitimate interests, provided these interests are not overridden by your rights and freedoms.

5. Access Data and Server Log Files

When you visit our Website, our hosting provider automatically collects and stores certain information in so-called server log files, which your browser transmits to us. This includes:

  • IP address of the requesting device
  • Date and time of the request
  • Name and URL of the requested file
  • Website from which access was made (referrer URL)
  • Browser used and, if applicable, the operating system of your device and the name of your access provider
  • HTTP status code and the amount of data transferred

Purpose: Ensuring a reliable connection to the Website, ensuring the comfortable use of our Website, evaluating system security and stability, and for administrative purposes.

Legal basis: Art. 6 (1) lit. f GDPR. Our legitimate interest lies in the purposes listed above.

Storage period: Server log files are stored for a maximum of [7 / 14 / 30] days and then deleted. Data that requires longer retention for evidentiary purposes is excluded from deletion until the respective incident has been fully clarified.

6. Hosting

Our Website is hosted by [Hosting provider name, e.g., IONOS SE, Elbestraße 1, 56410 Montabaur, Germany]. When you visit our Website, the hosting provider processes personal data such as IP addresses, browser information, and access times on our behalf.

Legal basis: Art. 6 (1) lit. f GDPR (legitimate interest in the secure and efficient provision of our Website).

A data processing agreement (Auftragsverarbeitungsvertrag) in accordance with Art. 28 GDPR has been concluded with the hosting provider.

7. Contact Form and Email Contact

Our Website provides a contact form that you can use to get in touch with us electronically. When you use the contact form, we process the following data:

  • Your name (required)
  • Your email address (required)
  • Your phone number (required)
  • Your message (optional)
  • The date and time the message was sent

You can also contact us directly by email at info@areteimplanttech.com or by phone.

Purpose: To respond to your inquiry, to process your request (e.g., product consultations, seminar registrations, partnership inquiries), and to communicate with you in connection with a (potential) business relationship.

Legal basis:

  • Art. 6 (1) lit. b GDPR, where your inquiry relates to the conclusion or performance of a contract (e.g., product consultation, seminar booking).
  • Art. 6 (1) lit. f GDPR, for other inquiries, based on our legitimate interest in responding to and processing your request effectively.

Storage period: We store the data you provide via the contact form until your inquiry has been fully processed. If statutory retention obligations apply (e.g., commercial or tax-related retention periods under § 257 HGB or § 147 AO, generally 6 or 10 years), data will be stored for the duration of these obligations and then deleted.

8. Cookies and Similar Technologies

Our Website uses cookies and similar technologies. Cookies are small text files that are stored on your device when you visit a website.

8.1 Technically Necessary Cookies

Some cookies are strictly necessary to ensure the technical operation and basic functions of our Website. Without these cookies, the Website would not function correctly.

Legal basis: § 25 (2) no. 2 TTDSG in conjunction with Art. 6 (1) lit. f GDPR (legitimate interest in the proper functioning of the Website).

8.2 Optional Cookies (Analytics, Marketing, etc.)

We only set optional cookies — for example, for analysis, marketing, or the integration of third-party content — if you have given your explicit consent via our cookie consent banner.

Legal basis: § 25 (1) TTDSG in conjunction with Art. 6 (1) lit. a GDPR (consent).

You can withdraw your consent at any time with effect for the future, for example via the cookie settings accessible through [link to cookie settings] or by deleting cookies in your browser. For further information, please refer to our Cookie Policy.

8.3 Managing Cookies

You can configure your browser to inform you about the setting of cookies, to allow cookies only in individual cases, or to exclude their acceptance entirely. Please note that disabling cookies may limit the functionality of our Website.

9. Third-Party Services and Content

[This section must be customized to reflect the services you actually use. Below are common modules — keep those that apply, delete those that do not, and have a specialist check for any you may have missed.]

9.1 WordPress

Our Website is built on the WordPress content management system. No personal data is transmitted to Automattic or any other external provider as a result of using WordPress itself in a self-hosted installation. If you use the Jetpack plugin, external embeds (e.g., YouTube, Vimeo, Google Fonts), or similar, please add the relevant sections below.

9.2 Google Fonts / External Fonts

[If you load Google Fonts from Google servers:] Our Website uses web fonts provided by Google LLC (“Google Fonts”). When you visit a page, your browser loads the required fonts from Google’s servers. This transmits your IP address to Google. We have integrated Google Fonts in a GDPR-compliant manner by [hosting fonts locally / using consent-based loading]. If fonts are hosted locally, no data is transmitted to Google.

Legal basis: Art. 6 (1) lit. a GDPR (consent) or Art. 6 (1) lit. f GDPR (legitimate interest in a uniform display).

[If you host fonts locally — which is strongly recommended in Germany following the LG München I ruling of 20 January 2022 (Az. 3 O 17493/20) — state this clearly.]

9.3 Analytics (e.g., Google Analytics, Matomo)

[If applicable — e.g.:] We use [Google Analytics 4 / Matomo / other] to analyze the use of our Website. This is done only with your prior consent via our cookie banner. [Describe IP anonymization, data transfer, standard contractual clauses if data is transferred to the USA, opt-out options, and storage period.]

9.4 Social Media Plugins

[Only if you use social media plugins. Otherwise, delete or state: “Our Website does not use social media plugins that transmit data to providers such as Meta, LinkedIn, X (Twitter), etc. Links to our social media profiles — if any — are implemented as simple hyperlinks.”]

9.5 Embedded Content (YouTube, Vimeo, Google Maps, etc.)

[Only if applicable. Describe the service, the provider, the data transmitted, the legal basis (consent), and opt-out options.]

10. Data Transfers to Third Countries

Personal data is generally processed within the European Union or the European Economic Area. To the extent that data is transferred to third countries outside the EU/EEA (e.g., the USA), such transfers only take place if an adequate level of data protection is ensured, in particular on the basis of:

  • An adequacy decision by the European Commission (Art. 45 GDPR),
  • Standard contractual clauses adopted by the European Commission (Art. 46 (2) lit. c GDPR), or
  • Your explicit consent (Art. 49 (1) lit. a GDPR).

11. Recipients of Personal Data

We only share your personal data with third parties where this is legally permitted or where you have given your consent. Recipients may include:

  • IT service providers (e.g., hosting, email, maintenance) acting as processors under Art. 28 GDPR.
  • Professional advisors such as lawyers, accountants, or tax advisors, where legally required.
  • Public authorities and institutions, where there is a legal obligation to disclose information.
  • Manufacturers and logistics partners (e.g., Lyra ETK) where necessary for the fulfillment of a consultation, order, or seminar registration.

12. Your Rights as a Data Subject

You have the following rights with regard to your personal data:

  • Right of access (Art. 15 GDPR) — You have the right to request information about the personal data we process about you.
  • Right to rectification (Art. 16 GDPR) — You have the right to request the correction of inaccurate data.
  • Right to erasure (Art. 17 GDPR) — You have the right to request the deletion of your personal data, subject to statutory retention obligations.
  • Right to restriction of processing (Art. 18 GDPR) — You have the right to request that we restrict the processing of your data.
  • Right to data portability (Art. 20 GDPR) — You have the right to receive your data in a structured, commonly used, and machine-readable format.
  • Right to object (Art. 21 GDPR) — You have the right to object to processing based on legitimate interests (see Section 13).
  • Right to withdraw consent (Art. 7 (3) GDPR) — Where processing is based on consent, you have the right to withdraw your consent at any time with effect for the future.
  • Right to lodge a complaint (Art. 77 GDPR) — You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement.

To exercise your rights, please contact us using the contact details in Section 2.

The supervisory authority responsible for us is: [Competent supervisory authority for your federal state — e.g., Der Hessische Beauftragte für Datenschutz und Informationsfreiheit, Postfach 3163, 65021 Wiesbaden, Germany]

13. Right to Object (Art. 21 GDPR)

You have the right, on grounds relating to your particular situation, to object at any time to the processing of personal data concerning you which is based on Art. 6 (1) lit. f GDPR (processing based on legitimate interests).

If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing serves the establishment, exercise, or defense of legal claims.

Objections can be made informally and should be addressed to: info@areteimplanttech.com.

14. Obligation to Provide Personal Data

The provision of personal data is neither legally nor contractually required. However, providing certain data (such as name, email, and phone number in our contact form) is necessary for us to respond to your inquiry. If you do not provide this data, we may not be able to process your request.

15. Automated Decision-Making and Profiling

We do not use automated decision-making, including profiling, within the meaning of Art. 22 GDPR.

16. Data Security

We use appropriate technical and organizational measures to protect your data against accidental or intentional manipulation, loss, destruction, or unauthorized access. Our Website uses SSL/TLS encryption to protect the transmission of confidential content, such as inquiries you send to us via the contact form. You can recognize an encrypted connection by the “https://” prefix and the lock symbol in your browser’s address bar.

Our security measures are continuously improved in line with technological developments.

17. Changes to this Privacy Policy

We reserve the right to amend this Privacy Policy to ensure that it always complies with current legal requirements or to reflect changes to our services, for example when introducing new services. The version applicable to your next visit will be the updated version.

18. Contact

You can contact us by using the form on the footer