Data Privacy


We, the European Healthcare Acquisition & Growth Company B.V. (hereinafter “we”) are pleased about your interest in our company.

We take the protection of your personal data and their confidential treatment very seriously. The processing of your personal data takes place exclusively within the framework of the legal provisions of the data protection law of the European Union, in particular the General Data Protection Regulation (hereinafter “GDPR”) and further applicable regulations.

With this privacy policy, we inform you about the processing of your personal data on our website www.ehc-spac.com (the “website”) and about your privacy rights.


1) Name and contact details of the controller as well as operational data protection officer

European Healthcare Acquisition & Growth Company B.V.
c/o ALR Treuhand GmbH
Theresienhöhe 28
80338 München
email: info@ehc-company.com
The operational data protection officer can be reached as follows:
Tel: +49 (0)89 4523240
Email: info@ehc-company.com


2) Subject matter of data protection

The subject matter of data protection is personal data. This means any information relating to an identified or identifiable natural person (“data subject”). These include e.g. information such as name, postal address, e-mail address or telephone number.

Specific information on the personal data processed by us can be found below in detail in the data processing operations listed.


3) Collection and storage of personal data as well as the nature and purpose of their processing
a) When visiting the website

When calling our website, the browser used on your end device will automatically send information to the server of our website. This information is temporarily stored in a so-called log file. The following information is recorded without any action on your end and stored until automated erasure after 180 days:

  • internet protocol address of the requesting computer
  • date and time of the access
  • name and URL of the file retrieved
  • website from which the access takes place (referrer URL)
  • website that is called via our website
  • browser used and, if applicable, the operating system of your computer and the name of your access provider

The data mentioned are processed by us for the following purposes:

  • ensuring smooth establishment of the website’s connection
  • ensuring comfortable use of our website
  • evaluation of system safety and stability, as well as
  • other administrative purposes

The legal basis for data processing activities shall be Article 6(1)(f) GDPR. Our legitimate interests follow from the purposes listed above for data collection. In no case shall we use any collected data for the purpose of drawing conclusions about your person.

Furthermore, we use cookies and analysis services when you visit our website. More detailed explanations on this can be found in sections 5 and 6 of this data privacy statement.


b) Email contact

If there are any questions, we offer the option to contact us via the provided email address. In such a case, your personal data transmitted in the email will be stored.

Data processing activities undertaken for the purpose of contacting are based on Article 6(1)(f) GDPR. If the contact is targeted at conclusion of a contract, Article 6(1)(b) GDPR shall be an additional legal basis for processing.

The personal data collected by us shall be erased after completion of the request submitted by you.


4) Passing on data

We shall only pass on your personal data to third parties (recipients) if we are entitled to do so under the provisions of data protection law. Below we inform you about the circumstances in which this may be the case: We can pass on your personal data to third parties (recipients), if:

  • you have explicitly given consent to such for one or more specific purposes (Article 6(1)(a) GDPR);
  • processing is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract (Article 6(1)(b) GDPR);
  • processing is necessary for compliance with a legal obligation to which the we are subject (Article 6(1)(c) GDPR);
  • processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms, which require protection of personal data (Article 6(1)(f) GDPR).

Furthermore, the above-mentioned recipients include our service providers, so-called processors, to whom we transfer your personal data and who process your data for us on our behalf and in accordance with our instructions in compliance with Art. 28 GDPR. These service providers have been carefully selected and commissioned by us, are bound by our instructions and are regularly inspected.

In the context of the purposes mentioned in this data privacy statement, such recipients refer to Google, BOX, Campaign Monitor, Type form and Google Hire, as well as any other entities offering similar services (without being limited to such entities as recipients) (the “Recipients”).

The Recipients may, under their own responsibility, disclose personal data to their agents and/or delegates (the “Sub-Recipients”), which shall process the personal data for the sole purposes of assisting the recipients in providing their services to the controller and/or assisting the Recipients in fulfilling their own legal obligations.

The Recipients may be located either inside or outside the European Economic Area (the “EEA”). Where the Recipients are located outside the EEA in a country which does not ensure an adequate level of protection for personal data or does not benefit from an adequacy decision of the European Commission, the controller has entered into legally binding transfer agreements with the relevant Recipients in the form of the European Commission approved model clauses. In this respect, the data subjects have a right to request copies of the relevant document for enabling the personal data transfer(s) towards such countries by writing to the controller.

The Recipients and Sub-Recipients may, as the case may be, process the personal data as data processors (when processing the personal data on behalf and upon instructions of the controller and/or the Recipients), or as distinct controllers (when processing the personal data for their own purposes, namely fulfilling their own legal obligations).


5) Cookies

We use cookies on our website. These are small files that your browser will create automatically and that are stored on your end device (laptop, tablet, Smartphone or similar) when you visit our website. Cookies do not cause any damage to your end device, contain no viruses, Trojans or other harmful software.

The cookie is used to store information that results from the respective context of the specifically used end device. However, this shall not mean that we directly gain knowledge of your identity this way.

Use of cookies serves to make use of our offer more pleasant for you. We use session cookies in order to recognize that you have visited individual pages of our website before. They will be deleted automatically after you leave our website.

Furthermore, we also use temporary cookies to optimize user friendliness, which are stored on your end device for a certain specified period. When you visit our website again in order to use our services, it will be automatically recognized that you have visited us before and which input and settings you have made so that you will not have to enter them again.

On the other hand, we use cookies in order to statistically record use of our website and to evaluate it for the purpose of optimizing our offer to you (see section 6). These cookies enable us to recognize that you have visited us before if you visit our website again. These cookies are deleted automatically after 365 days in each case.

The data processed by cookies are required for the purpose of maintaining our legitimate interests and those of third parties according to Article 6(1)(f) GDPR.

You will be asked to consent to the different types of cookies mentioned above, with the exception of essential cookies, as soon as you enter our website and they will not be put in place unless you have explicitly consented to them. You may at any time decide to withdraw your consent and opt out of the cookies, by using one of the methods described at the end of clause 6 below. Complete deactivation of such cookies may, however, render you unable to use all functions of our website.


6) Plug-ins

On our website, we use plug-ins of a service provider to deploy surveys and collect information on our website. All data is stored securely via our service provider’s servers and is not shared or viewed by any third party services.


7) Rights of the data subject

You have the right:

  • to demand information in accordance with Article 15 GDPR regarding the processing of your personal data by us. In particular, you may request information on the purposes of the processing, the categories of personal data, the categories of recipient to whom your data have been or are disclosed, the envisaged storage period, the existence of the right to rectification, erasure, restriction of processing or objection, the right to lodge a complaint, the source of your data to the extent that these were not collected at our site, and the existence of automated decision-making, including profiling and any meaningful information on its details;
  • in accordance with Article 16 GDPR, obtain the rectification of any inaccurate personal data stored by us or completion of such data without undue delay;
  • in accordance with Article 17 GDPR, obtain the erasure of your personal data stored by us, to the extent that processing is not required for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defense of legal claims;
  • in accordance with Article 18 GDPR, obtain the restriction of processing of your personal data, to the extent that the accuracy of the data is contested by you, processing is unlawful, but you oppose erasure and we no longer need the personal data, but you still require them for the establishment, exercise or defense of legal claims or you have objected to processing pursuant to Article 21 GDPR;
  • in accordance with Article 20 GDPR, demand to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to demand transmission to another controller;
  • in accordance with Article 7(3) GDPR, to withdraw your consent once given to us towards us at any time. This has the consequence that we may no longer continue the data processing activities that were based on this consent in future and
  • in accordance with Article 77 GDPR, lodge a complaint with a supervisory authority. Usually, you may contact the supervisory authority at your habitual residence or place of work or our registered office for this. A list of the EU data protection authorities is available by clicking this link: http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080.

8) Right to object

As far as your personal data are processed based on legitimate interests in accordance with Article 6(1)(f) GDPR, you have the right to object to processing of your personal data in accordance with Article 21 GDPR, to the extent that there are grounds relating to your particular situation or the objection is targeted against direct marketing. In the latter case, you have a general right to object that will be implemented by us without any indication of a particular situation.

If you want to exercise any of your rights mentioned under the clauses 8 and 9 of this data privacy statement, simply send us an email to info@ehc-company.com


9) Further information

In accordance with Art. 13 para. 2 lit. e GDPR we would like to inform you about the following:

The provision of personal data is neither a statutory nor contractual requirement, nor a requirement necessary to enter into a contract. You are not obliged to provide the personal data. There are no consequences resulting from failure to provide such data.

In accordance with Art. 13 para. 2 lit. f GDPR we would like to inform you about the following:

We do not process your personal data for the purpose of automated decision-making.


10) Data security

Within the website visit, we use the common SSL procedure (Secure Socket Layer) in conjunction with the respective highest encryption level your browser supports. This usually is 256-bit encryption. If your browser does not support 256-bit encryption, we will use 128-bit v3 technology instead. Whether an individual website of our internet offer is transmitted encrypted or not is evident by the closed display of the key or lock symbol in the lower status bar of your browser.

Apart from this, we use appropriate technical and organizational security measures in order to protect your data from accidental or willful manipulation, partial or complete loss, destruction or unauthorized access by third parties. Our security measures will be improved continually according to the technological developments.


11) Topicality and changes of this data privacy statement

This data privacy statement has last been updated in November 2021.

Further development of our website and offers through it or changed statutory or authority specifications may require changes to this data privacy statement. We will notify you with respect to any substantial changes by flagging such update to each user at the entry of our website for a reasonable amount of time after such update and by adding the appropriate date above. You may call and print the respective current data privacy statement at any time on the website.