EudaMed.com

Marktplatz für Medizinprodukte

StartseiteÜber unsWie es funktioniertPreiseGeräte suchenGebrauchtgeräte
Anmelden / Registrieren
← Home

Datenschutzrichtlinie

Privacy Policy for meddevmarket.com

Effective Date: January 22, 2026 eirmed ltd ("we," "us," or "our"), a company registered in Sofia, Bulgaria, operates meddevmarket.com (the "Platform"). We are committed to protecting your privacy and handling your personal data in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws. This Privacy Policy explains how we collect, use, disclose, and protect your personal data when you access or use the Platform, register as a User (Manufacturer, Distributor, or Buyer), or interact with our services.

By using the Platform, you acknowledge that you have read and understood this Privacy Policy and consent to the practices described herein. If you do not agree, please do not use the Platform.

1. Data Controller

eirmed ltd is the data controller for personal data processed through the Platform. Our contact details are:
EirMed LTD OOD 32 '6-ti Septemvri' Str., fl. 2, Sofia 1000, Bulgaria Email: privacy@meddevmarket.com

We have not appointed a Data Protection Officer (DPO) as our processing activities do not require one under GDPR Article 37. For inquiries or complaints, contact us at the email above. You also have the right to complain with your supervisory authority (e.g., the Bulgarian Data Protection Authority, CNPD).

2. Personal Data We Collect

We collect personal data that you provide directly or that is generated through your use of the Platform. Categories include:

  • Registration and Account Data: Name, email address, company name, job title, phone number, billing address, and payment details (processed via third-party providers).
  • Usage Data: IP address, browser type, device information, pages visited, time spent on the Platform, and interactions (e.g., enquiries sent or received).
  • Content Data: Information in listings, profiles, or communications (e.g., Manufacturer product descriptions or Buyer enquiries), which may include personal data if you choose to include it.
  • Subscription and Payment Data: Details related to Subscriptions, such as renewal preferences and transaction history.
  • Cookies and Tracking Data: See Section 8 for details on cookies, analytics, and similar technologies.
  • Other Data: Any additional information you provide, such as in support requests or feedback.

We do not collect sensitive personal data (e.g., health data) unless voluntarily provided in User content, in which case you are solely responsible for compliance.

3. How We Collect Data

  • Directly from You: When you register, subscribe, post listings, send enquiries, or contact us.
  • Automatically: Through cookies, logs, and analytics tools (e.g., Google Analytics).
  • From Third Parties: Payment processors, analytics providers, or if you connect via social logins (if applicable).

4. Purposes and Legal Bases for Processing

We process personal data only for specified purposes and on lawful bases under GDPR Article 6:

  • To Provide and Operate the Platform (Legal Basis: Performance of a contract - Art. 6(1)(b)): Managing accounts, facilitating enquiries between Users, processing Subscriptions, and delivering notifications.
  • To Improve Services (Legal Basis: Legitimate interests - Art. 6(1)(f)): Analyzing usage to enhance functionality, troubleshoot issues, and prevent fraud. Our interests are balanced against your rights (e.g., via opt-out options).
  • Marketing and Communications (Legal Basis: Consent - Art. 6(1)(a)): Sending promotional emails or updates about the Platform. You can withdraw consent at any time.
  • Compliance and Legal Obligations (Legal Basis: Legal obligation - Art. 6(1)(c)): Responding to regulatory requests, audits, or disputes.
  • Security and Fraud Prevention (Legal Basis: Legitimate interests - Art. 6(1)(f)): Monitoring for unauthorized access or misuse.

We do not use automated decision-making or profiling that produces legal effects on you.

5. Data Sharing and Disclosure

We may share personal data with:

  • Service Providers: Third-party processors (e.g., hosting providers like AWS, payment gateways like Stripe) who assist us, bound by GDPR-compliant contracts (e.g., Data Processing Agreements under Art. 28).
  • Other Users: Limited data (e.g., contact details) shared between Manufacturers, Distributors, and Buyers for enquiries or transactions. You control what you share.
  • Legal Requirements: If required by law, court order, or authorities (e.g., for investigations).
  • Business Transfers: In case of merger, acquisition, or asset sale, with notice to you where required.

We do not sell your personal data. For international transfers outside the EEA (e.g., to US-based providers), we use Standard Contractual Clauses (SCCs) or other GDPR-approved mechanisms to ensure adequate protection (Art. 44-50).

6. Data Retention

We retain personal data only as long as necessary for the purposes outlined:

  • Account data: For the duration of your active use, plus 6 years for legal/tax purposes.
  • Usage logs: Up to 12 months.
  • Marketing data: Until consent is withdrawn.

Data is securely deleted or anonymized thereafter, unless longer retention is required by law.

7. Your Rights Under GDPR

As an EU data subject, you have rights under GDPR Chapter III:

  • Access (Art. 15): Request a copy of your data.
  • Rectification (Art. 16): Correct inaccurate data.
  • Erasure ('Right to be Forgotten') (Art. 17): Request deletion, subject to exceptions (e.g., legal obligations).
  • Restriction (Art. 18): Limit processing in certain cases.
  • Portability (Art. 20): Receive data in a structured format.
  • Objection (Art. 21): Object to processing based on legitimate interests or for direct marketing.
  • Withdraw Consent (Art. 7): At any time, without affecting prior processing.
  • Automated Decisions (Art. 22): Not applicable, as we do not use them.

To exercise rights, email [Insert Privacy Email]. We respond within one month (extendable if complex). No fee unless requests are excessive.

8. Cookies and Tracking Technologies

We use cookies and similar technologies for functionality, analytics, and marketing:

  • Essential Cookies: For site operation (no consent needed).
  • Analytics Cookies: To track usage (e.g., Google Analytics; anonymized IP).
  • Marketing Cookies: For targeted ads (consent-based).

You can manage preferences via our cookie banner or browser settings. Rejecting cookies may limit functionality. For details, see our Cookie Policy [if separate; otherwise integrate here].

9. Data Security

We implement appropriate technical and organizational measures (e.g., encryption, access controls, regular audits) to protect data against unauthorized access, loss, or breach (GDPR Art. 32). However, no system is infallible; you use the Platform at your own risk. In case of a breach, we notify authorities and affected individuals as required (Art. 33-34).

10. Children's Privacy

The Platform is not intended for children under 16. We do not knowingly collect their data. If we become aware, we delete it promptly.

11. Third-Party Links

The Platform may link to external sites. We are not responsible for their privacy practices. Review their policies separately.

12. Changes to This Policy

We may update this Policy. Changes are posted here with a revised effective date. Continued use constitutes acceptance. Significant changes (e.g., new purposes) will be notified via email if you have an account.

13. Limitation of Liability

To the extent permitted by law, we disclaim liability for any data loss, breaches, or misuse arising from your actions (e.g., sharing sensitive data in listings) or third-party failures. You indemnify us against claims related to your non-compliance with data protection laws.

For questions, contact us at privacy@meddevmarket.com EirMed LTD OOD 32 '6-ti Septemvri' Str., fl. 2, Sofia 1000, Bulgaria January 22 2026