This data privacy statement is intended to inform you as a user of our website and our products about the nature, extent and purpose of the collection and use of personal data.
We expressly note that data transmission via the internet (e.g. when communicating by e-mail) may involve security vulnerability and cannot be fully protected from access by third parties.
Up-to-datedness and amendment of this privacy statement
This privacy statement is currently valid and has the status as of Oct 2019. Due to the further development of our website and offers or due to changed legal or official requirements, it may become necessary to change this privacy statement. You may access and print out the current privacy statement at any time from our website at https://www.ursapharm.de/en/datenschutz/.
Identity and contact details of the controller:
The controller is:
URSAPHARM Arzneimittel GmbH
Phone: + 49 (0) 6805 – 9292 0
Fax: + 49 (0) 6805 – 9292 88a
Data Protection Officer
Data Protection Officer URSAPHARM Arzneimittel GmbH
Transmission of personal data to recipients/ third parties and third-party- service providers
We comply with the legal requirements. A transfer of data to third parties occurs only within the scope of statutory provisions.
Data processing on our website
Integration of third-party services and content
On the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our website in accordance with Art. 6 para. 1.f GDPR), we use content or service offers from third parties within our website in order to integrate their content and services, such as videos or fonts (hereinafter uniformly referred to as “content”). If necessary, the relevant data processing is made by your previously issued declaration of consent in accordance with Art. 6 para 1.a GDPR.
This always presupposes that the third party providers of this content perceive the IP address of the users, since without the IP address they would not be able to send the content to their browser. The IP address is therefore required for displaying this content. We make every effort to use only those contents whose respective providers use the IP address only for the provision of the contents. Third-party providers may also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. “Pixel tags” can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user’s device and may include technical information about the browser and operating system, referring websites, visiting time and other information about the use of our online offer, and be linked to such information from other sources.
You are able to see further details to the respective third-party services in the following texts of this data privacy statement.
Types of processed data
We collect and process on our website inventory data (e.g. names, addresses), contact data (e.g. e-mail addresses, telephone numbers, fax numbers, postal address), usage data (e.g. visited websites, clicked links, interest in content, access times, access locations), content data (e.g. comments, text entries, photos, videos) and meta and communication data (e.g. device information, browser information, IP addresses).
Categories of data subjects
All visitors and users of our website are data subjects whose personal data are being processed.
We collect and process the personal data of users of our website in order to communicate with and inform them (e.g. contact and other inquiries, newsletters), to carry out statistics, range measurements and analyses (e.g. using marketing and analysis tools), so that we can better design and optimise its content and functions in order to technically administer and optimise the website and close security gaps.
Legal basis for the processing of personal data
We only process personal data if we are legally entitled to do so. In the following we will name these legal bases within the scope of the respective data processing individually. Generally, we are always entitled to process personal data if the data subject has given consent to the processing of his or her personal data (s. Art. 6 para. 1.a, Art. 7 GDPR), processing is necessary for the performance of a contract or prior to entering into a contract (s. Art. 6 para. 1.b GDPR), processing is necessary for compliance with a legal obligation (s. Art. 6 para. 1.c GDPR) or if processing is necessary in order to protect the vital interests (s. Art. 6 para. 1.f GDPR).
Recipient of personal data
We may transmit personal data to data processors or other third parties (e.g. hosting agencies, etc.) with whom we work. We are always entitled to so if the data subject has given consent to the processing of his or her personal data (s. Art. 6 para. 1.a, Art. 7 GDPR), processing is necessary for the performance of a legal obligation (s. Art. 6 para. 1.b GDPR), processing is necessary for compliance with a legal obligation (s. Art. 6 para. 1.c GDPR) or if processing is necessary in order to protect vital interests (s. Art. 6 para. 1.f GDPR). We conclude a so called processing agreement pursuant to Art. 28 GDPR with processors by which they commit to maintain data protection.
This website is hosted on the servers of the domainfactory GmbH. The hosting services we use serve the provision of the following services: Infrastructure and platform services, computing capacity, storage and database services, security services and technical maintenance services that we use to operate this website. Legal basis for the use of the hosting services is the protection of our legitimate interests in the analysis, optimization and an economic and secure operation of our website. (s. Art. 6 para. 1 cl. 1.f GDPR). In doing so, we, or our hosting provider, process inventory data, contact data, content data, contract data, usage data, meta and communication data of all users of this website.
The data will be stored for as long as there is a purpose for this. Thereafter, the data will be deleted, unless this is contrary to statutory retention obligations.
Server log files
We collect data about every access on our website (so called server log files) based on our legitimate interest, Art. 6 para.1 lit.f) GDPR.
The processed data include inter alia the IP address, time of retrieval, type of request, protocol, http status, referer, browser type and version, operating system and report on successful access.
The data will be used for statistical analysis for the purpose of operation, safety and optimization of the offer.
The data will be stored up to 7 days for security reasons. The IP address will be stored exclusively anonymously.
If further storage is required because of evidence purposes, the data will be deleted after the final settlement of the matter.
In addition, cookies will be stored on your computer when you use our website. Cookies are small text files that make it possible to store specific information relating to the device on the user’s access device (PC, smartphone, etc.). They serve the user-friendliness of websites (e.g. storage of login data), the collection of statistical data on website use and the analysis in order to improve the website. Cookies cannot run programs or transmit viruses to your computer.
You may prevent the storage of all or only certain cookies by configuring your browser accordingly in the security settings. Cookies that have already been stored can be deleted in the browser. In these cases, however, the use of the website may be restricted.
This website uses the following types of cookies:
- Transient (temporary) cookies
- Persistent (permanent) cookies
Transient cookies are automatically deleted when you close your browser. This includes in particular session cookies. These store a so-called session ID, by which different requests of your browser can be assigned to the common session. Thus, your computer will be recognized when you return to our website.
Persistent cookies are automatically deleted after a specified period, which may vary depending on the cookie. You may delete cookies at any time in the security settings of your browser.
Both types of cookies may be used by us (in this case “First Party Cookies”) or by third party providers (“third party cookies”).
Such cookies, which only enable the secure functioning of the website and those cookies that only statistically record the general usage behavior (eg the access to the website as well as the time of access), merge without user data across websites, without using external servers or services and without establishing traceability, we use according to our legitimate interest in a secure and functional provision of the website and for statistical purposes to optimize our website in accordance with Art. 6 para. 1 lit. f GDPR.
The use of other cookies is exclusively based on your previously given consent in accordance with Art. 6 para. 1 lit. a GDPR. Such cookies usually serve to optimize our offer as well as to develop and economically optimize individual marketing measures. You may voluntarily grant the consent to the cookies and tools concerned when you visit our website for the first time. You can change your decision at any time on our website.
Disabling/objecting to cookies:
The storage of cookies may also be prevented by configuring your browser accordingly in the security settings. However, not all functions of this website may then be available.
These options apply to all cookies mentioned below, which we use for this website.
This website uses Google Analytics, a web analytics service provided by Google LLC (“Google”). In this context, in particular we capture the age and the gender of the respective user. The data processing is made for the purpose of analyzing the response to our products in order to make these and our promotional offer more effective and to develop our marketing measures appropriately. The data processing takes place on the basis of your consent given at the time of the first call of this website according to Art. 6 para. 1 lit. a GDPR for the purpose of the analysis of the user behavior and the optimization of our online offer. In particular, no buying behavior is analyzed or profiles of individuals created. We use the analysis service exclusively for the aforementioned purposes.
We use Google Analytics with activated IP anonymization only and therefore the IP addresses are processed only shortened, in order to prevent them being directly linked to a particular individual. This means that your IP address will be abbreviated by Google within the member states of the European Union or other parties to the Agreement on the European Economic Area. In exceptional cases only, the full IP address will be sent to a Google server in the US and abbreviated there.
Google Analytics uses so-called “cookies”, text files which are saved on your computer and enable an analysis of your usage of the website. Information on your usage of this website generated by the cookie is generally transferred to a Google server in the US and stored there.
Google is certified under the Privacy Shield Agreement, which provides a guarantee to comply with European data protection law.
On behalf of the operator of this website, Google will use the information collected to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator.
The IP address provided by Google Analytics as part of Google Analytics will not be merged with other Google data. You can prevent the storage of cookies by a corresponding setting of your browser software; however, please note that if you do this, you may not be able to use all the features of this website to the fullest extent possible.
In addition, you may object to the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google at any time by using and install the browser plug-in available under the following link Download: http://tools.google.com/dlpage/gaoptout?hl=de.
Alternatively (or when using the website via a mobile browser), you can prevent the collection and processing of your data by Google Analytics by using the following link (https://tools.google.com/dlpage/gaoptout?hl=en). By clicking on the link, an opt-out cookie will be stored on your computer. Please note that the link must be pressed again on deletion of cookies on your device.
The storage period of user’s personal data is limited to 14 months.
Matomo (formerly PIWIK)
You may object to data processing by Matomo for the future.
The program Matomo is an open source project. For information about Matomo’s privacy, please visit: https://matomo.org/privacy-policy/
On this website, we are using Google Maps. This allows us to show you interactive maps directly on the website and allow you to conveniently use the map feature. Data processing takes place on the basis of your prior consent according to Art. 6 para. 1 lit. a GDPR.
By visiting the website, Google receives the information that you have accessed the corresponding subpage of our website. In addition, at least your IP address will be transmitted. This is done regardless of whether Google provides a user account that you are logged in to, or if there is no user account. When you’re logged in to Google, your data will be assigned directly to your account. If you do not wish to be associated with your profile on Google, you must log out before activating the button. Google stores your data as usage profiles and uses them for purposes of advertising, market research and / or tailor-made website design. Such an evaluation is done in particular (even for users who are not logged in) to provide appropriate advertising and to inform other users of the social network about their activities on our website. You have a right of objection to the formation of these user profiles. Therefor you have to contact Google, Google also processes your personal information in the United States and has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US Framework.
Further information on the purpose and extent of the data collection and its processing by YouTube as well as contradictory possibilities can be found here:
Our websites incorporate Google LLC.’s Google+ plug-ins, 1600 Amphitheater Parkway, Mountain View, CA 94043, United States (“Google”). The Google + plugins can be recognized by the white G + logo on a red background.
When you visit a page of our website, you will not be connected to Google’s servers. If you click on the corresponding button, you will be redirected to a website of Google. There you can share our content by clicking again. We have no influence on the processing of personal data on third-party websites.
By calling the Google + website, Google receives the information that you have visited its page with your IP address and other log data. This log information includes browser type, operating system, information about the previously visited web page and the pages you visited, location, your wireless service provider, device information (including device ID and application ID), search terms, and cookie information.
Google uses the personal information collected to display personalized advertising to you and measure its success. Google uses the so-called cross-device tracking method. This allows Google to personalize content across devices.
If you click the Google + button while logged in to your Google + account, you can link the contents of our pages to your Google + profile. This allows Google to associate the content of our pages with your user account.
Data processing takes place on the basis of your prior consent according to Art. 6 para. 1 lit. a GDPR.
We use the YouTube.com platform to post own videos and make them publicly available. YouTube is a non-affiliated third party, the YouTube LLC.
Some websites of our offer contain links or connections to the offer of YouTube. In general, we are not responsible for the contents of linked websites. However, in the event that you follow a link on YouTube, we point out that YouTube stores and uses your users’ information (for example, personal information, IP address) in accordance with its own data usage policies and uses it for business purposes.
We also include videos stored on YouTube directly on some of our websites. With this integration, contents of the YouTube website are displayed in partial areas of a browser window. However, the YouTube videos are only accessed by clicking on them. This technique is also called “framing”. If you visit a (sub-) page of our website that includes YouTube videos in this form, you will be connected to the YouTube servers and the content will be displayed on the website by notifying your browser.
The inclusion of YouTube content is only in “advanced privacy mode” provided by Youtube. Youtube ensures that they do not initially store cookies on your device.
When calling the relevant pages, however, the IP address is transferred and in particular informed which of our internet pages you have visited. However, you will not be able to associate this information with you unless you have logged in or are logged in permanently before the page view on YouTube or another Google service (eg Google+).
Once you start playing an embedded video by clicking on it, the enhanced privacy mode on your device will only save cookies to YouTube that do not contain personally identifiable information unless you’re currently signed in to a Google service. These cookies can be prevented by appropriate browser settings and extensions.
YouTube LLC, headquartered at 901 Cherry Avenue, San Bruno, CA 94066, USA;
YouTube is a subsidiary of Google Inc .; Information on data processing and data protection by YouTube or Google can be found here:
In providing and using the service, we have legitimate interests in the external presentation of our company. The corresponding data processing therefore takes place on the basis of Art. 6 para. 1 lit. f DSGVO.
Use of social media
We maintain online presence within social networks and platforms in order to communicate with customers, prospects and users active there and to inform them about our services. We point out that data of the users outside the area of the European Union can be processed. This may result in risks to users because, e.g. the enforcement of user rights could be made more difficult. As for US providers certified under the Privacy Shield, we point out that they are committed to upholding the EU’s privacy standards. Furthermore, the data of the users are usually processed for market research and advertising purposes. Thus, e.g. user profiles are created from the user behavior and the resulting interests of the users. The usage profiles may in turn be used to e.g. Place advertisements inside and outside the platforms that are allegedly in line with users’ interests. For these purposes, cookies are usually stored on the computers of the users, in which the user behavior and the interests of the users are stored. Furthermore, in the usage profiles, data can also be stored independently of the devices used by the users (in particular if the users are members of the respective platforms and logged in to them). The processing of personal data of users is based on our legitimate interests in an effective information of users and communication with users in accordance with. Art. 6 para. 1 lit. f. DSGVO. If the users are asked by the respective providers of the platforms for a consent to the above-described data processing, the legal basis of the processing is Art. 6 para. 1 lit. a., Art. 7 GDPR. For a detailed description of the respective processing and the possibilities of contradiction (opt-out), we refer to the following linked information of the provider. Also in the case of requests for information and the assertion of user rights, we point out that these can be claimed most effectively from the providers. Only the providers have access to the data of the users and can directly take appropriate measures and provide information. If you still need help, then you can contact us.
On our website are plugins of the short message network of Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA (“Twitter”). The Twitter plugins (tweet-button) can be recognized by the Twitter logo on our site.
When you visit a page of our website, no connection is established with the servers of Twitter. If you click on the corresponding button, they will be redirected to a website of Twitter. On this you can share our content by clicking again. We have no influence on the processing of personal data on third-party websites.
By calling the Twitter website, Twitter receives the information that you have visited its page with your IP address and other log data. This log information includes browser type, operating system, information about the previously visited web page and the pages you visited, location, your wireless service provider, device information (including device ID and application ID), search terms, and cookie information.
Twitter uses the personal information collected to play personalized advertising to you and measure its success. Twitter uses the so-called cross-device tracking method. Herewith, Twitter can personalize content across devices.
If you click on the Twitter “tweet button” while logged in to your Twitter account, you can link the contents of our pages to your Twitter profile. This allows Twitter to associate the content of our pages with your user account.
We run the Twitter page to present and communicate with the users of Twitter and other interested people. The processing of the personal data of users takes place on the basis of our legitimate interests, on an optimized corporate presentation, Art. 6 para 1 lit. f GDPR.
As operator of the Instagram site, we, together with the operator of the social network Instagram (Facebook Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland), are responsible persons pursuant to Art. 4 No. 7 GDPR. When visiting our Instagram page, personal data is processed by those responsible. In the following, we will inform you about the data processing in this regard.
Purposes of processing
The processing of the information should i.a. on the one hand enable Facebook to improve its advertising system, which distributes it via its network. On the other hand, it should allow us as the operator of the Instagram page to obtain statistics that Facebook created based on visits to our Instagram page. This aims to control the marketing of our activity. For example, it enables us to gain knowledge of the profiles of visitors who value our Instagram page or use applications on the site to provide them with more relevant content and to develop features that may be of higher interest to them.
In order to better understand how we can better achieve our goals with our Instagram page, demographic and geographical evaluations are also compiled and made available to us based on the information collected. We can use this information to specifically target interest-based ads without immediately knowing the identity of the visitor. If visitors use Facebook on multiple devices, the collection and evaluation can also be cross-device, if it is registered and registered in their own profile visitors.
The generated visitor statistics are only sent to us in anonymous form. We have no access to the underlying data.
We run this Instagram page to present and communicate with Instagram users and other interested people who visit our Instagram page. The processing of the personal data of users takes place on the basis of our legitimate interests, on an optimized corporate presentation, Art. 6 para 1 lit. f GDPR.
Disclosure of data
It is conceivable that some of the information collected could also be processed outside the European Union by US-based Facebook Inc. Facebook Inc. is certified under the US-EU privacy shield “Privacy Shield” and is thus committed to complying with European data protection requirements.
We ourselves do not share personal information.
Right to object
Instagram users can influence how their user behavior can be tracked when they visit our Instagram page. Other options are the Facebook and Instagram settings at:
The processing of information by means of the cookies used by Facebook can be prevented by the fact that in the own browser settings cookies from third parties or those of Facebook are not allowed.
Data processing via our Facebook Fanpage
We operate on the social media platform Facebook a so-called fanpage to communicate with the users there who have tagged our fan page with “Like” (“fans”), and to inform about our products and services.
We have signed an agreement with Facebook on joint liability under Art. 26 GDPR, which regulates the distribution of data protection obligations (https://www.facebook.com/legal/terms/page_controller_addendum). In doing so, Facebook assumes the obligation to inform users, to ensure data security and to report data breaches and is primarily a point of contact for exercising the data subject rights.
Facebook Ireland Ltd.
4 Grand Canal Square, Grand Canal Harbor
D2 Dublin, Ireland
URSAPHARM Arzneimittel GmbH
The data processing is based on our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR (information about our products and services, communication with users). If Facebook obtains the consent of the users to the data processing (eg by ticking a box in a checkbox or by clicking on a button), the legal basis of data processing is Art. 6 para. 1 lit. a GDPR.
Cookies and Insights
When operating the fanpage, we use the function Insights of Facebook to get anonymous statistical data of the users of our fanpage (https://www.facebook.com/business/a/page/page-insights).
Purposes of processing
The processing of information generated by Insights should enable us to obtain statistics that Facebook compiles from visits to our fanpage to control the marketing of our activity. So we can gain knowledge of the profiles of the visitors as well as their usage behavior of applications on our fanpage.
To help us understand how to use our fan page to better achieve our business goals, demographics and geographic data are also evaluated and provided to us based on the information we collect. We may use this information to deliver personalized advertisements without immediate knowledge of the visitor’s identity. If visitors use Facebook on multiple devices, the collection and evaluation can be done across devices, if it is registered and logged in their own profile visitors.
The generated visitor statistics are transmitted to us in anonymous form only. We have no access to the underlying data.
Within the advertising preferences settings, users can influence the extent to which they can track their usage behavior when visiting our Facebook page (https://www.facebook.com/ads/preferences).
Furthermore, we use our fanpage to communicate with our customers, prospects and Facebook users and to inform about our services. In this context, we may receive further information, e.g. because of user comments, private messages or because you follow us or share our content. The processing is solely for the purpose of communication and interaction with you.
Disclosure of data
It may be that users’ data is being processed outside the European Union. However, Facebook is certified under the Privacy Shield Agreement (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).
Further information on the purpose and scope of the data collection and its processing as well as on your rights pursuant to the GDPR and your right to object and adjustment options to protect your personal data on Facebook, you can find in the privacy statement of Facebook:
Facebook offers the possibility to remove cookies through an opt-out: https://www.facebook.com/settings?tab=ads
If requests for information or other data subject rights are asserted according to the GDPR, we point out that these can be claimed most effectively on Facebook itself. As the operator of the fanpage, we basically have no access to the data processed by Facebook. Only Facebook can access the data of users alone and therefore provide full information or other measures, e.g. deletion requests of users to implement.
For these purposes Facebook offers a form (https://www.facebook.com/help/contact/367438723733209).
We can be contacted at any time to support the exercise of data subject rights.
Complaints may be directed to the competent data protection supervisory authorities (see Art. 77 GDPR).
Competent data protection authority of Facebook within the EU:
Data Protection Commission
Canal House, Station Road, Partarlington, Co. Laois, R32 AP23, Ireland
Phone: +353 (0761) 104 800
LoCall: 1890 25 22 31
Fax: +353 57 868 4757
Responsible Data Protection Authority of URSAPHARM Arzneimittel GmbH:
Independent Data Protection Center Saarland
Tel .: 0681 947810
Fax: 0681/94781 29
E-Mail: poststelle (at) datenschutz.saarland.de
LinkedIn is certified under the Privacy Shield Agreement, which provides a guarantee to comply with European privacy legislation.
The use of the LinkedIn features is in the interest of an attractive presentation of our online services and the use of the data for marketing and targeting purposes. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.
You can opt out of data collection at https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
Within our online offer functions and contents of the service XING, by XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany, are offered, e.g. such as pictures, videos or text and buttons are part of the content that you can use to please your content, subscribe to the content creators or subscribe to our contributions. If you are a member of the platform XING, XING can call the assigned content and functions to your profiles. We can also integrate scripts and measures that allow us to use marketing and statistics functions in XING.
The use of the XING functions is in the interest of an attractive representation of our online offers and as well as the use of the data for marketing and targeting purposes. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.
At https://privacy.xing.com/de/datenschutzerklaerung you can object to data collection.
When contacting us (for example via contact form, e-mail or our Facebook account), your data will be processed in order to process the inquiry as well as for follow-up questions. The data processing is based on Art. 6 lit. b GDPR. Your data will be deleted as soon as we have fully processed your request.
Furthermore, we expressly point out the following:
As a pharmaceutical company, we are required by law to collect, document and, where appropriate, report to the relevant authorities inquiries describing events that are relevant for the medical product and drug safety. This message may also include personal information, such as your name, place of residence, health-related information or similar, provided that you have explicitly and voluntarily disclosed it to us. Obtaining additional information may require URSAPHARM to contact you. The legal basis for this data processing is Art. 6 para. 1 lit. c) GDPR i. V. m. § 3 MPSV and § 63 c AMG. Furthermore, we are obliged for reasons of pharmacovigilance to store your data according to legal requirements for at least 5 years for testing purposes. After expiry of the statutory deadlines, your data will be deleted or anonymized.
Vacancies/jobs are published on our website and you can apply for them by e-mail. Candidates are responsible for the secure transmission of applications comprising personal data via these communication channels.
In order to be able to process the applications, we require minimum data resulting from the job advertisement. This includes, for example, data such as name, address and documents belonging to the application, a cover letter, curriculum vitae and certificates. Further data can be transmitted voluntarily.
We process the data provided by the candidates only for the purposes of the application procedure. The legal basis for the processing of this data is the fulfilment of our pre-contractual obligations in the context of the application procedure in accordance with Art. 6 para. 1.b GDPR in connection with Art. 26 BDSG-new. An additional legal basis may be derived from Art.6 para. 1.f GDPR if data processing becomes necessary for us, e.g. within the framework of legal procedures.
We process all data that the applicants send us, e.g. name, address, e-mail address, telephone number, specific application data. By submitting the data, the applicants agree to the data processing in accordance with this privacy statement.
If candidates provide voluntarily special categories of personal data pursuant to Art. 9 para. 1 GDPR we will process them in accordance with Art. 9 para. 2. b GDPR. If we request these special categories of data, the data will be processed in accordance with Art. 9 para. 2.a GDPR.
In the event of a successful application, the applicant data will be further processed by us to establish an employment relationship in accordance with Art. 6 para. 1.b GDPR in connection with Art. 26 BDSG-new.
Otherwise, we will only store the applicants’ data for the duration of the application procedure and at the latest after the generally recognised and statutory retention periods. Afterwards or in case of withdrawal of an application, the data will be erased. Erasure will take place no later than four months after the vacancy has been filled in order to be able to respond to claims of the candidates under the Allgemeines Gleichbehandlungsgesetz [General Equal Treatment Act], if necessary. Further data may be stored for a longer period of time in order to fulfil other legal obligations.
If a candidate consents, we will add his or her applicant data to our candidates pool in order to be able to contact him or her for future job advertisements. Legal basis for such data processing is the applicant’s voluntary informed consent in accordance with Art. 6 para. 1.a, Art. 7 GDPR.
Candidates will be informed that their consent to inclusion in the candidates pool is voluntary and has no influence on current application procedures. You may withdraw your consent at any time for the future and object to data processing in the candidates pool for the future in accordance with Art. 21 GDPR. These declarations can be sent to the above address for data protection inquiries/to our Data Protection Officer.
On our website we offer a newsletter with which we inform you about current topics (exclusive competitions, product offers, general information, news etc.).You can register to receive the newsletter by entering your salutation, e-mail address and name in our registration form on the website or in our raffle registration form so that we can verify the accuracy of your information. Your e-mail address will be activated by means of a so-called Opt-in-procedure for sending our newsletter. After registration, you will receive a confirmation e-mail from us, in which you will have to click on a link there register the address effectively. The newsletter will be sent approximately six times a year to the e-mail address provided by you. We process your data on the basis of your consent (article 6 para. 1 lit. a GDPR) exclusively for sending the newsletter and delete it immediately after unsubscribing from our newsletter. When confirming the link in the Double-Opt-In E-Mail, the date and time of registration will also be stored on the basis of our legitimate interest (i.e. proof of registration, Art. 6 para. 1 lit. f GDPR).We send our newsletter via the provider CleverReach (CleverReach GmbH & Co. KG, Mühlenstraße 43, 26180 Rastede). For this purpose, the data you provide is encrypted to CleverReach.
More information on data security at CleverReach can be found here: https://www.cleverreach.com/en/datasafety/
If you wish no longer to receive our newsletter, you can unsubscribe via the unsubscribe function contained in each newsletter or via the unsubscribe form contained on our website or by means of the link contained in the newsletter or by other means.
On our website as well as our social media presences we organize sweepstakes in co-operation with the agencies FBO GmbH agency for marketing and new media, Heinrich Barth str. 27, 66115 Saarbruecken as well as portvier GmbH, Buhler road 20, 66130 Saarbruecken.
Participation in a sweepstake usually requires registration of participants with personal information, typically gender, first name, surname and e-mail address. The data processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR based on your approval. The respective conditions of participation apply. The winners will be anonymised (i.e., first name, shortened last name, abbreviated place of residence) published on our website. The data will be used solely for the purpose of handling the sweepstakes and will be deleted after the winners have been determined except for the winners. The winners will also be processed for winnings and then deleted. We only use your data beyond these purposes with your express approval, eg. for newsletter dispatch.
Rights of the data subject
At any time you have the right to request from the controller access to your personal data. The information has to be provided free of charge. Furthermore and under certain circumstances, you have the right to data portability, erasure of your data as well as rectification. Furthermore, you may be entitled to restrict the processing of your data and to have the right to publish or transfer the data you provide in a structured, common and machine-readable format.
If the processing of your personal data is based on your consent, you have the right to withdraw the consent at any time. The lawfulness of the processing based on your consent before the withdrawal is not affected by the withdrawal.
Right to object
At any time, you have the right to object to the processing of your personal data, which is based on Art. 6 para. 1 lit. f) GDPR. Where personal data are processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data concerning such marketing, which includes profiling to the extent that it is related to direct marketing.
Right to lodge a complaint
Furthermore, you have the right to lodge a complaint with a supervisory authority.
The supervisory authority which is responsible for us is:
Unabhängiges Datenschutzzentrum Saarland
Die Landesbeauftragte für Datenschutz und Informationsfreiheit
Phone: +49681 94781-0
Fax: +49681 94781-29
Transfer of personal data to a third country or international organisation
If we provide personal information to service providers outside the European Union, we will do so only to the extent that the third country has been confirmed by the EU Commission to have an adequate level of data protection or other appropriate data protection safeguards (such as mandatory privacy policies or EU standard contractual clauses).
As part of marketing campaigns (for example at trade fairs), we offer the opportunity to get further information about our company as well as about our products (for example, by personal contact via e-mail or telephone or by ordering or sending information materials by mail or E-mail).In order to provide you with further information or to contact you for advertising purposes, we need the corresponding data from you. These can be provided to us, for example, by completing an appropriate form or by your business card. The data processing for marketing purposes takes place – as far as the data are not based on our legitimate interest according to article 6 para. 1 lit. f GDPR (for example, for the purpose of direct mail) or any other legal basis may be processed or further processed (for example, for contractual or pre-contractual purposes under Art. 6 para 1 lit. b GDPR) – based on your consent Art. 6 para. 1 lit. a GDPR. For the purpose of carrying out the marketing activities, we may commission external service providers, such as advertising agencies. In addition, it may happen that we send our advertising e-mails via the provider CleverReach (CleverReach GmbH & Co. KG, Mühlenstraße 43, 26180 Rastede). For this purpose, the data you provide is encrypted to CleverReach. More information on data security at CleverReach can be found here: https://www.cleverreach.com/en/datasafety/.
Your data will be deleted – provided that the data can not be further processed on the basis of our legitimate interest or any other legal basis – after the information material has been sent or after the consent has been revoked. If you wish no longer to receive advertising e-mails from us, you can either notify us or unsubscribe via the unsubscribe form to which our advertising e-mails link.
Conclusion or Execution of Contracts
It is also possible that we process personal data for the purpose of concluding or executing contracts. The legal basis for these processing of personal data for pre-contractual and contractual purposes is Article 6 para. 1 lit. b) GDPR. The data will be deleted as soon as it is no longer required for the purposes mentioned or for the fulfillment of statutory, commercial or tax-related retention records (as the legal basis for the processing in this case, the respective statutory provisions in conjunction with Art. 6 para. 1 lit. c GDPR). It may happen that personal data is kept for the period in which claims can be asserted against our company (legal limitation period of three or up to thirty years).