This data privacy statement is intended to inform you as a user of our website and our products about the nature, extent and purpose of the collection and use of personal data. The relevant obligations can be found in the Federal Data Protection Act (Bundesdatenschutzgesetz, BDSG) and the Telemedia Act (Telemediengesetz, TMG).
We expressly note that data transmission via the internet (e.g. when communicating by e-mail) may involve security vulnerability and cannot be fully protected from access by third parties.
Identity and contact details of the controller:
The controller is:
URSAPHARM Arzneimittel GmbH
Phone: + 49 (0) 6805 – 9292 0
Fax: + 49 (0) 6805 – 9292 88a
Data Protection Officer
Data Protection Officer URSAPHARM Arzneimittel GmbH
Data processing on our website
Transmission of personal data to recipients/ third parties and third-party- service providers
We comply with the legal requirements. A transfer of data to third parties occurs only within the scope of statutory provisions.
We engage third parties, external agents, to perform services in connection with the operation of this website and our company (e.g. advertising agencies or shipping service providers in the implementation and processing of competitions or other advertising measures, software providers for e-mail marketing).
Server log files
We collect data about every access on our website (so called server log files) based on our legitimate interest, Art. 6 para.1 lit.f) GDPR.
The processed data include inter alia the IP address, time of retrieval, type of request, protocol, http status, referer, browser type and version, operating system and report on successful access.
The data will be used for statistical analysis for the purpose of operation, safety and optimization of the offer.
The data will be stored up to 3 months for security reasons. The IP address will be stored exclusively anonymously.
If further storage is required because of evidence purposes, the data will be deleted after the final settlement of the matter.
Cookies are small files that make it possible to store specific device-related information on users’ access devices (computer, smartphones, etc.). They serve for the user-friendliness of web pages and thus the users (for example storage of login data). On the other hand, they are used to collect the statistical data of website use and to be able to analyze them for the purpose of improving the offer.
This website uses Google Analytics, a web analytics service provided by Google Inc. (“Google”). Google Analytics generates detailed statistics about a website’s traffic and traffic sources and measures conversions and sales. Google Analytics uses “cookies” stored on your computer to help analyse how users use our website. The data processing is based on our legitimate interest in accordance with Art. 6 para.1 lit. f) GDPR (economic interests in the use of the website, optimization of the online offer).
We use Google Analytics with activated IP anonymization only and therefore the IP addresses are processed only shortened, in order to prevent them being directly linked to a particular individual. This means that your IP address will be abbreviated by Google within the member states of the European Union or other parties to the Agreement on the European Economic Area. In exceptional cases only, the full IP address will be sent to a Google server in the US and abbreviated there.
Google Analytics uses so-called “cookies”, text files which are saved on your computer and enable an analysis of your usage of the website. Information on your usage of this website generated by the cookie is generally transferred to a Google server in the US and stored there.
Google is certified under the Privacy Shield Agreement, which provides a guarantee to comply with European data protection law.
On behalf of the operator of this website, Google will use the information collected to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator.
The IP address provided by Google Analytics as part of Google Analytics will not be merged with other Google data. You can prevent the storage of cookies by a corresponding setting of your browser software; however, please note that if you do this, you may not be able to use all the features of this website to the fullest extent possible.
In addition, you may object to the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google at any time by using and install the browser plug-in available under the following link Download: http://tools.google.com/dlpage/gaoptout?hl=de.
Alternatively (or when using the website via a mobile browser), you can prevent the collection and processing of your data by Google Analytics by using the following link (deactivate Google Analytics). By clicking on the link, an opt-out cookie will be stored on your computer. Please note that the link must be pressed again on deletion of cookies on your device.
The storage period of user’s personal data is limited to 14 months.
Integration of content and services of third-parties
It is possible that we use content or services from third-party providers to integrate their offers and services like for example videos, maps etc. This is based on our legitimate interests, Art. 6 para.1 lit. f GDPR (e.g. interest in the analysis, optimization and economic operation of our online offer).
The prerequisite for this is that these contents detect the IP address of the users, because without an IP address, the content can not be sent to the browser of the provider and thus can not be displayed.
We endeavor to use only content whose respective providers use the IP address solely for the delivery of the content. Third parties may also use so-called pixel tags (invisible graphics, also referred to as “web beacons”) for statistical or marketing purposes. The “pixel tags” can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user’s device and may include, but is not limited to, technical information about the browser and operating system, referring web pages, visit time, and other information regarding the use of our online offer.
The following presentation provides an overview of third-party providers as well as their contents, as well as links to their data protection statements, which contain further information on the processing of data and, for the possibility to appeal (so-called opt-out):
On this website, we are using Google Maps. This allows us to show you interactive maps directly on the website and allow you to conveniently use the map feature.
By visiting the website, Google receives the information that you have accessed the corresponding subpage of our website. In addition, at least your IP address will be transmitted. This is done regardless of whether Google provides a user account that you are logged in to, or if there is no user account. When you’re logged in to Google, your data will be assigned directly to your account. If you do not wish to be associated with your profile on Google, you must log out before activating the button. Google stores your data as usage profiles and uses them for purposes of advertising, market research and / or tailor-made website design. Such an evaluation is done in particular (even for users who are not logged in) to provide appropriate advertising and to inform other users of the social network about their activities on our website. You have a right of objection to the formation of these user profiles. Therefor you have to contact Google, Google also processes your personal information in the United States and has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US Framework.
Further information on the purpose and extent of the data collection and its processing by YouTube as well as contradictory possibilities can be found here:
Data processing for our Facebook fan page
We operate a so-called fan page on the Facebook social media network to communicate with the users active there and to inform them about our products and services.
As a rule, cookies are stored on the users’ devices, and these cookies then record their usage behaviour and interests. In particular, the user data processed in this way is used for market research and advertising purposes. Among other things, usage profiles are created from user behaviour and the resulting interests of the users. These usage profiles can be used, for instance, to place relevant ads within and outside of Facebook). In addition, data may be stored in the user profiles regardless of the devices used (especially if users are logged into Facebook).
This data processing is carried out on the basis of our legitimate interest in accordance with Art. 6 (1) lit. f) GDPR (information about our products and services; communication with users).
If Facebook obtains the user’s consent to data processing (i.e. consent is provided, for instance, by ticking a checkbox or confirming consent by pressing a button), the legal basis for the data processing is Art. 6 (1) lit. a) GDPR.
If requests for information or other rights are asserted in line with GDPR, we would like to point out that these can be most effectively asserted with the provider.
As the operator of the fan page, we do not have access to the data that is processed via Facebook itself. Only the provider, i.e. Facebook, has access to user data and can therefore provide full information or fulfil other obligations, such as requests for deletion.
As operators, we cannot guarantee that all rights can be enforced, as it is possible that data may be processed outside of the European Union. However, Facebook is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).
If you still require assistance, do not hesitate to contact us at any time at firstname.lastname@example.org
When contacting us (for example via contact form, e-mail or our Facebook account), your data will be processed in order to process the inquiry as well as for follow-up questions. The data processing is based on Art. 6 lit. b GDPR. Your data will be deleted as soon as we have fully processed your request.
Furthermore, we expressly point out the following:
As a pharmaceutical company, we are required by law to collect, document and, where appropriate, report to the relevant authorities inquiries describing events that are relevant for the medical product and drug safety. This message may also include personal information, such as your name, place of residence, health-related information or similar, provided that you have explicitly and voluntarily disclosed it to us. Obtaining additional information may require URSAPHARM to contact you. The legal basis for this data processing is Art. 6 para. 1 lit. c) GDPR i. V. m. § 3 MPSV and § 63 c AMG. Furthermore, we are obliged for reasons of pharmacovigilance to store your data according to legal requirements for at least 5 years for testing purposes. After expiry of the statutory deadlines, your data will be deleted or anonymized.
Rights of the data subject
At any time you have the right to request from the controller access to your personal data. The information has to be provided free of charge. Furthermore and under certain circumstances, you have the right to data portability, erasure of your data as well as rectification. Furthermore, you may be entitled to restrict the processing of your data and to have the right to publish or transfer the data you provide in a structured, common and machine-readable format.
If the processing of your personal data is based on your consent, you have the right to withdraw the consent at any time. The lawfulness of the processing based on your consent before the withdrawal is not affected by the withdrawal.
Right to object
At any time, you have the right to object to the processing of your personal data, which is based on Art. 6 para. 1 lit. f) GDPR. Where personal data are processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data concerning such marketing, which includes profiling to the extent that it is related to direct marketing.
Right to lodge a complaint
Furthermore, you have the right to lodge a complaint with a supervisory authority.
The supervisory authority which is responsible for us is:
Unabhängiges Datenschutzzentrum Saarland
Die Landesbeauftragte für Datenschutz und Informationsfreiheit
Phone: +49681 94781-0
Fax: +49681 94781-29
Transfer of personal data to a third country or international organisation
If we provide personal information to service providers outside the European Union, we will do so only to the extent that the third country has been confirmed by the EU Commission to have an adequate level of data protection or other appropriate data protection safeguards (such as mandatory privacy policies or EU standard contractual clauses).