Privacy Policy
DATA PROTECTION
D&B Pharmadesign Gesellschaft für Anlagenplanung und Consulting mbH (hereinafter: we) informs you about the type, scope and purpose of the processing of your personal data within our online offering and the associated services.
I. Definitions
This data protection declaration is based on terms used by the European legislator for directives and regulations when issuing the General Data Protection Regulation (GDPR). To ensure that this explanation is understandable, we explain the terms used in advance. If you find references to legal regulations below without specifying the exact name of the respective law, this refers to the GDPR.
1. Personal data
“Personal data” means any information relating to an identified or identifiable natural person (hereinafter “data subject”); A natural person is considered to be identifiable if he or she can be identified directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more special characteristics that express the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person.
2. Responsible person
“Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, decides on the purposes and means of processing personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
3. Processing
“Processing” is any operation or series of operations carried out with or without the aid of automated procedures in connection with personal data, such as the collection, recording, organization, structuring, storage, adaptation or modification, reading, querying, etc Use, disclosure by transmission, distribution or other form of provision, alignment or combination, restriction, deletion or destruction.
4. Third
“Third party” means a natural or legal person, public authority, agency or other body other than the data subject, the controller, the processor and the persons authorized to process the personal data under the direct responsibility of the controller or the processor.
5. Consent
“Consent” is any expression of wishes given by the data subject voluntarily, for a specific case, in an informed and unequivocal manner, in the form of a statement or other unambiguous confirmatory act, by which the data subject indicates that he or she consents to the processing of data concerning him or her agrees to personal data.
II. Contact details of the person responsible and data protection officer
The person responsible within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is:
D&B Pharmadesign Gesellschaft für Anlagenplanung und Consulting mbH
Neulehenstr. 8b
33790 Halle/Westphalia
Tel.: 05201 856610
Email: kontakt@db-pharmadesign.de
You can reach our data protection officer at:
D&B Pharmadesign Gesellschaft für Anlagenplanung und Consulting mbH
Data Protection Officer
Neulehenstr. 8b
33790 Halle/Westphalia
Email:datenschutz@db-pharmadesign.de
III. General information on data processing
1. Scope of processing of personal data
In principle, we only process personal data of our users to the extent that this is necessary to provide a functional website and our content and services. The processing of our users’ personal data regularly only takes place with the user’s consent. An exception applies in cases in which obtaining prior consent is not possible for actual reasons and the processing of the data is permitted by legal regulations.
2. Legal basis for processing personal data
To the extent that we obtain the consent of the data subject for processing personal data, Art. 6 Para. 1 lit. a GDPR serves as the legal basis.
When processing personal data that is necessary to fulfill a contract to which the data subject is a party, Art. 6 Para. 1 lit. b GDPR serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.
If the processing of personal data is necessary to fulfill a legal obligation to which our company is subject, Article 6 Paragraph 1 Letter c GDPR serves as the legal basis.
In the event that the vital interests of the data subject or another natural person require the processing of personal data, Article 6 (1) (d) GDPR serves as the legal basis.
If the processing is necessary to protect a legitimate interest of our company or a third party and the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 Para. 1 lit. f GDPR serves as the legal basis for the processing.
3. Data deletion and storage period
The personal data of the data subject will be deleted or blocked as soon as the purpose of storage no longer applies. Storage can also take place if this has been provided for by the European or national legislator in EU regulations, laws or other regulations to which the person responsible is subject. The data will also be blocked or deleted if a storage period prescribed by the standards mentioned expires, unless there is a need for further storage of the data to conclude or fulfill a contract.
IV. Visit to our website, server data and log files
1. Description and scope of data processing
Every time our website is accessed, our system or our web space provider One.com automatically collects data and information from the computer system of the accessing computer. The following data is collected, among others: browser type and browser version, operating system used, referrer URL, host name of the accessing computer, time of the server request and the IP address.
2. Legal basis for data processing
The legal basis for the temporary storage of data and log files is Article 6 Paragraph 1 Letter f GDPR.
3. Purpose of data processing
The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user’s computer. To do this, the user’s IP address must remain stored for the duration of the session.
The data is stored in log files to ensure the functionality of the website. The data also serves us to optimize the website and to ensure the security of our information technology systems. The data will not be evaluated for marketing purposes in this context.
These purposes also include our legitimate interest in data processing in accordance with Article 6 Paragraph 1 Letter f of the GDPR.
4. Duration of storage
The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. If the data is stored in log files, this is usually the case after 30 days.
5. Possibility of objection and removal
The collection of data to provide the website and the storage of the data in log files is absolutely necessary for the operation of the website. There is therefore no possibility for the user to object.
V. Contact
If you contact us (e.g. by email, contact form or telephone), your personal data will be processed to process the contact request and process it.
The legal basis for this processing of the transmitted personal data is Article 6 (1) (b) GDPR. If health data is affected, Art. 6 Para. 1 lit. b GDPR in conjunction with Art. 9 Para. 2 lit. h GDPR and Section 22 Para. 1 No. 1 lit. b. Federal Data Protection Act is the legal basis.
We delete this data as soon as it is no longer necessary to achieve the purpose for which it was collected; i.e. regularly when the respective conversation with you has ended. The conversation ends when the matter in question has been finally clarified. Otherwise, the statutory retention periods apply.
VI. Plugins and tools
Cloud anti-spam service Clean Talk
We use the cloud anti-spam service cleantalk.org on our websites. This service increases the security and delivery speed of our websites.
The provider is CleanTalk Inc, 711 S Carson street, suite 4, Carson city, NV, 89701, USA.
The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. If the data is stored in log files, this is usually the case after 30 days. The service is integrated to optimize our websites in our own interest, in accordance with Art. 6 Para. 1 lit. f GDPR.
Further data protection information CleanTalk can be found here: https://cleantalk.org/publicoffer#cleantalk_gdpr_compliance [VP3]
Web fonts
We use fonts (web fonts) locally on the website to ensure a uniform and attractive presentation of texts. When you access a page, your browser loads the required web fonts into the browser cache in order to display texts and fonts correctly. For this purpose, the browser must establish a connection to the Google servers and transmit technical data such as your IP address. However, we have taken precautions to prevent a direct connection to Google servers. The Google web fonts are provided via a local cache on our server, so that no data is transmitted to Google. Through this measure, we ensure that the use of Google Webfonts on our website is GDPR-compliant.
VII. Your rights as a data subject
If your personal data is processed, you are the data subject within the meaning of the GDPR. This means that you have the following rights towards the person responsible, i.e. us:
1. Right to information
You have the right to request confirmation as to whether the data in question is being processed and to receive information about this data as well as further information and a copy of the data, Art. 15 GDPR.
2. Right to rectification
You have the right to request that the data concerning you be completed or that incorrect data concerning you be corrected, Art. 16 GDPR.
3. Right to deletion
You have the right to demand that the relevant data be deleted immediately, Art. 17 GDPR.
4. Right to restriction of processing
Under the conditions specified in Art. 18 GDPR, you can request a restriction on the processing of the data.
5. RIGHT TO OBJECT
You can object to the future processing of your data at any time, Art. 21 GDPR. The objection can in particular be made against processing for direct advertising purposes.
6. Right of withdrawal
You have the right to revoke your data protection declaration of consent at any time with effect for the future, Art. 7 Para. 3 GDPR. The revocation does not affect the lawfulness of the processing carried out based on the consent up to the revocation.
7. Right to information
If you have asserted the right to rectification, deletion or restriction of processing against the controller, the controller is obliged to inform all recipients to whom the personal data concerning you have been disclosed of this rectification or deletion of the data or restriction of processing, unless , this turns out to be impossible or involves disproportionate effort. You have the right to be informed about these recipients by the person responsible.
8. Right to data portability
You have the right to request that the data concerning you that you have provided to us be received and to request that it be transmitted to other responsible parties, Art. 20 GDPR.
9. Right to complain
You have the right to lodge a complaint with the responsible supervisory authority, Art. 77 GDPR.
As of: 12/2022