Privacy protection

We at BWT Pharma & Biotech GmbH are pleased that you are visiting our website. The protection of your privacy is particularly important to us. With this privacy policy, we will explain how we collect, process, and use your personal data as well as the purpose for collection. This is in all cases done in conformity with the provisions of data protection law.

 

1. General

 

BWT Pharma & Biotech GmbH´s privacy policy uses the terms as stated in the General Data Protection Regulation [GDPR].
‘Personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;

‘Affected person’ means any identified or identifiable natural person whose personal data are processed by the controller.

‘Processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;

‘Controller’ or ‘to be responsible for processing’ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;

‘Third party’ means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data;

‘Consent’ of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;

 

2. Name and address of the controller


BWT Pharma & Biotech GmbH
Carl-Benz-Straße 4
74321 Bietigheim-Bissingen
Telefon: +49 7142 3737-500
Telefax: +49 7142 3737-700
E-Mail: office@bwt-pharma.com

Representative of the controller:
Stephan Stautmeister, Managing Director
Cay Mânsson, Managing Director

3. Data Protection Officer

 

You can contact our data protection officer via the e-mail datenschutz@bwt-pharma.com or at our postal address with the additional words ”der Datenschutzbeauftragte“.

4. Processing of personal data

 

4.1. Visiting our website

4.1.1. Description and scope of the data processing 

When you visit our Website, your browser will transfer certain data (so called server log files) to our web server:
• IP address
• Date and time of access
• Time zone difference to Greenwich Mean Time (GMT)
• Content of request (specific site)
• Operating system and status of access/HTTP status code
• Transferred volume of data
• Website requesting access
• Browser, language settings, version of browser software

4.1.2. Purpose of data processing

The storage of this data in log files is necessary for the provision of the website.

4.1.3. Legal basis of processing

We collect this data on the basis of our legitimate interest in accordance with Art. 6 para. 1 lit. f) GDPR and to be able to display our website and ensure its security.

4.1.4. Duration of storage

Information in the log files is stored for security purposes (for example, to investigate abusive or fraudulent activities) for a period of seven days and then deleted. Data whose further retention is required for evidential purposes shall be exempted from deletion until final clarification of the incident.

4.1.5. Disagreement and right of erasure

The collection of data for the provision of the website and its storage in log files is essential for operation for technical reasons. There is consequently no possibility on for the user to object.


4.2. Contact form and e-mail contact

4.2.1. Scope of data processing

A contact form is available on our website, which you can use to send us questions or suggestions electronically. If you use this option, the data entered in the input mask will be transmitted to us and saved. These are the following data: first name, name, e-mail address, street, zip code, city, phone number, country, message.

Alternatively, contact via provided e-mail addresses is possible. In this case, the user's personal data transmitted by e-mail will be stored.

In this context, there is no disclosure of the data to third parties. The data is used exclusively to process the conversation and to process the request.

4.2.2. Purpose of data processing

Personal data in the contact form is only used to administer the contact process. A legitimate interest in the processing of data may also be included when contact is via e-mail.

Other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.

4.2.3. Legal basis for processing

The legal basis for the processing of data transmitted via e-mail is Article 6 (1) lit. f GDPR. If the e-mail aims to conclude a contract, then additionally, the legal basis for the processing is Art. 6 §1 lit. b GDPR.

4.2.4. Duration of data storage

Data will be deleted as soon as the reason for its collection is no longer given. In the case of any data collected to allow website service, this provision is met when the respective online session is completed. Personal data contained in the contact form and those sent via e-mail are deleted when the respective communication with the user has ended. The communication is ended when it can be inferred from the circumstances that the relevant facts have been finally clarified.

4.2.5. Disagreement and right of erasure

You have the possibility to revoke consent for the processing of personal data at any time. If you contact us by e-mail, you may object to the storage of your personal data at any time. In such a case, communication cannot continue. In this case, you can send us an e-mail to office@bwt-pharma.com. All personal data stored in the course of contacting will be deleted in this case.

Otherwise, you revoke your consent for the processing of personal data at any time via post or telephone. You will find the contact details of the data protection officer in the header of this legal declaration.
In this case, all personal data stored in the course of communication will be deleted.

4.3 Applications (career)

4.3.1. Scope of data processing

If you are interested in working for BWT Pharma & Biotech GmbH, you can apply online. You will find jobs that we have advertised under the menu item "Career".
If you apply via the Career Form, we process the following personal data: salutation, title, first name, surname, e-mail address, telephone number, job number / unsolicited application and the documents you submit: cover letter, CV, certificates.

4.3.2. Purpose of data processing

We process personal data for the decision regarding the establishment of employment, in particular for the selection process of suitable candidates and the administrative implementation of the application process.

4.3.3. Legal basis of processing

Legal basis is § 26 Abs. 1 BDSG-new

4.3.4. Recipient of personal data

Your personal data may be examined by the Human Resources Department and the department requiring the member of staff.

4.3.5. Duration of storage

If the application results in employment, we process this data to maintain employment. These will then be included in our human resource management system.
If the application does not lead to an employment relationship, these data will be deleted, taking into account the period of grace of the AGG 3 months after completion of the application process, unless the applicant has granted consent in accordance with Art. 6 (1) (a) GDPR and Art. 7 GDPR for longer-term retention of his personal data in order to be taken into account when new job offers arise.

4.3.6. Opposition and removal possibility

The information you provide to us can be renewed or deleted at any time upon request. For this please send us an e-mail to personal@bwt-pharma.com. This does not apply if you have applied for a specific position with us in an ongoing application process. In this case, we will store the information you provide for this position until the expiration of the statutory periods of legal action (especially § 15 AGG).

4.4. Cookies

4.4.1. Scope of data processing

Our website uses cookies. Cookies are small text files that are saved when you visit our website on your computer. Cookies do not harm your computer and do not contain malicious software such as Viruses. Cookies contain one characteristic string that allows clear identification of the browser when re-launching the website. Some elements of our website require that the calling browser be identified even after a page break. This website uses transient and persistent cookies.

a) Transient cookies are automatically deleted when you close the browser. These include so-called session cookies. These store a so-called session ID, with which various requests from your browser can be assigned to the shared session. When you return to our website, your computer can be recognised. The session cookies are deleted when you log out or close the browser.
b) Persistent cookies are automatically deleted after a specified period, which may differ depending on the cookie. You can delete the cookies in the security settings of your browser at any time.

4.4.2. Purpose of data processing

We use cookies to make our website attractive and user-friendly, to improve it and to speed up enquiries
Some elements of our website require that the visiting browser be identified even after a page break. For these, it is necessary that the browser is recognised even after a page break. These include e.g. Log-in information and shopping cart functions.

4.4.3. Legal basis of data processing

The legal basis for the processing of personal data using the technically necessary cookies is Art. 6 para. 1 lit. f) GDPR.

4.4.4. Duration of storage

Session cookies are deleted as soon as the browser is closed.
Persistent cookies are automatically deleted after a specified period of time.

4.4.5. Opposition and removal possibility

As a user, you have full control over the use of cookies. By changing the settings in your Internet browser, you can set it so that cookies are not stored at all or automatically deleted at the end of your Internet session. To do this, select "Do not accept cookies" in your browser settings. In Microsoft Internet Explorer, select "Tools> Internet Options> Privacy> Settings"; In Firefox, choose Tools> Settings> Privacy> Cookies); If you use another internet browser, please refer to the help function of the browser for the instructions regarding the prevention and deletion of cookies.
Please note, however, that in this case you may not be able to use all functions on our website.

4.5. Web analytics

4.5.1. Scope of data processing

etracker
Services of etracker GmbH, Erste Brunnenstraße 1, 20459 Hamburg, are used on this website for the analysis of usage data.
User profiles can be created under a pseudonym from the data processed by etracker. It uses cookies that allow a statistical analysis of the use of this website by its visitors and the display of usage-related content or advertising.

The data that may enable a connection to an individual, such as the IP address, login or device identifiers, will be anonymised or pseudonymised as soon as possible. Any other use, combination with other data from etracker or a transfer to third parties will not take place.

The data generated are processed and stored on our behalf by etracker exclusively in Germany and are thus subject to the strict German and European data protection laws and standards. etracker was independently audited, certified and awarded the ePrivacyseal privacy seal.

We use etracker for the purpose of optimizing our website. Data processing takes place on the basis of the statutory provisions of Art. 6 (1) (f) GDPR.

You can object to the data collection and storage at any time with effect for the future. In order to counter data collection and storage of your visitor data for the future, you can obtain an opt-out cookie from etracker under the following link, which ensures that no visitor data from your browser will be collected and stored by etracker in the future.

The opt-out sets an opt-out cookie with the name "cntcookie" by etracker. Please do not delete this cookie for as long as you want to object. Further information can be found in the data protection regulations of etracker: http://www.etracker.com/de/datenschutz.html.

I object to the processing of my personal data with etracker on this website.

4.5.2. Purpose of data processing

etracker uses this information on our behalf to evaluate the use of our website and to compile reports on the activities on our website. This enables us to optimise our online presence and our website.

4.5.3. Legal basis of data processing
The data processing is based on our legitimate interest acc. Art. 6 para. 1 lit. f) GDPR.

5. Data security

 

In accordance with Art. 32 GDPR, we take technical, contractual and organizational measures for state of the art security of data processing to ensure a level of protection appropriate to the risk and the data processed by us against destruction, loss, alteration and unauthorised access. One of these security measures is the encrypted transfer of data between your browser and our servers. Please note that SSL encryption is only activated for transmissions made over the Internet if the key symbol appears in the lower menu bar of your browser window and the address begins with https: //. Secure Socket Layer (SSL) protects data transmission against third-party data piracy using encryption technology. If this option is not available, you may choose not to send certain data over the Internet.

All information you submit to us will be stored on our servers in the European Union.

6. Collaboration with processors and third parties

 

A transfer of data to third parties takes place on the basis of a legal permit. We will only pass users' data on to third parties if, for example, on the basis of Art. 6 para. 1 lit. b) GDPR it is required for contractual purposes or based on legitimate interests in accordance with Art. 6 para. 1 lit. f.) GDPR on the economic and effective operation of our business operations.

We employ, in accordance with privacy protection processing acc. Art. 28 GDPR, subcontractors for the provision of our services, in particular for the operation, maintenance and hosting of the online presence and of IT systems. We have taken appropriate legal precautions and appropriate technical and organizational measures to protect personal data in accordance with applicable law.

7. Integration of services and content of third parties

 

We include external services or content on our website. This is done on the basis of our legitimate interests in the analysis, optimization and economic operation of our online presence in accordance with Art. 6 para. 1 lit. f) GDPR.

When using such a service or displaying third-party content, communication data such as e.g. Date, time and IP address is exchanged between you and the respective provider. Most relevant is your IP address, which is required to display content in your browser.

It may be that the provider of the respective services or contents of your data for further, own purposes processed. However, as we have no influence over the data collected by third parties and their processing by them, we cannot give any binding information on the purpose and scope of the processing of your data.

For more information on the purpose and scope of the collection and processing of your data, please refer to the privacy policy of the respective data protection provider whose services or content we include.

The following list provides an overview of third-party providers as well as their contents and links to their privacy statements, which contain further information on the processing of data and the opportunity to opt-out.

  • If you use third-party payment services (such as PayPal, Visa, Mastercard, giropay), the terms and conditions and privacy notices of our Electronic Payments Partner (mPAY24), which are available in the Transaction Application, apply.
  • Maps provided by the third-party Google Inc. service, Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. Privacy Policy: https://www.google.com/policies/privacy/ Opt-Out: https://www.google.com/settings/ads/.
  • Third-party YouTube Inc. YouTube Inc. videos, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. Privacy Policy: https://www.google.com/policies/privacy/ Opt-Out: https://www.google.com/settings/ads/.
  • Within our online presence, we include functions from Google+. These features are provided by third party Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. If you're logged in to your Google+ account, you can link the contents of our pages to your Google+ profile by clicking the Google+ button. This allows Google to associate your visit to our pages with your user account. We point out that we, as the provider of the pages, are not aware of the content of the transmitted data and their use by Google+. Privacy Policy: https://www.google.com/policies/privacy/, OptOut: https://www.google.com/settings/ads/
  • We use social plugins from the Pinterest social network operated by Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, USA ("Pinterest"). When you visit a page containing such a plugin, your browser connects directly to the servers of Pinterest. The plugin transmits protocol data to the server of Pinterest in the USA. This log data may include your IP address, the address of the visited websites, which also include Pinterest features, browser type and settings, date and time of the request, how you use Pinterest, and cookies. Privacy Policy: https://about.pinterest.com/en/privacy-policy.
  • Functions of the service Instagram are included in our online presence. These features are provided by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, United States. If you are logged in to your Instagram account, you can link the contents of our pages to your Instagram profile by clicking on the Instagram button. This allows Instagram to associate the visit to our pages with your user account. We point out that we as the provider of the pages do not receive information regarding the content of the transmitted data and their use by Instagram. Privacy Policy: http://instagram.com/about/legal/privacy/
  • We use functions of the network XING. Supplier is XING AG, Dammtorstraße 2932, 20354 Hamburg, Germany. Each time you visit one of our sites that includes Xing features, it connects to Xing servers. To our knowledge, storage of personal data does not take place. In particular, no IP addresses are stored or the usage behaviour is evaluated. Privacy Policy: https://www.xing.com/app/share?op=data_protection.
  • Functions of the social network Facebook are integrated into our website. These features are offered by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland ("Facebook").


The plugins may represent interaction elements or content (e.g., videos, graphics, or textual contributions) and may be recognised by one of the Facebook logos (white "f" on blue tile, the terms "Like," "Like," or “Thumbs up” sign) or are marked with the marker "Facebook Social Plugin". The list and appearance of Facebook Social Plugins can be viewed here: https://developers.facebook.com/docs/plugins/.

Facebook is certified under the Privacy Shield Agreement, which provides a guarantee to comply with European privacy legislation (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).

When a user invokes a feature of this online offering that includes such a plugin, their device establishes a direct connection to the Facebook servers. The content of the plugin is transmitted by Facebook directly to the device of the user and incorporated by him into the online presence. In the process, user profiles can be created from the processed data. We therefore have no influence on the amount of data that Facebook collects with the help of this plugin and therefore inform the users according to the best of our knowledge.

By integrating the plugins, Facebook receives the information that a user has accessed the corresponding page of the online presence. If the user is logged in to Facebook, Facebook can assign the visit to his Facebook account. If users interact with the plugins, for example, press the Like button or leave a comment, the information is transmitted from your device directly to Facebook and stored there. If a user is not a member of Facebook, there is still the possibility that Facebook will find out and save their IP address. According to Facebook, only an anonymous IP address is stored in Germany.

The purpose and scope of the data collection and the further processing and use of the data by Facebook, as well as the related rights and setting options for protecting the privacy of users, can be found in Facebook's privacy policy: https://www.facebook.com/about/privacy/

If a user is a Facebook member and does not want Facebook to collect data about him via this online presence and link it to his member data stored on Facebook, he must log out of Facebook and delete his cookies before using our online presence. Other settings and inconsistencies regarding the use of data for promotional purposes are possible within the Facebook profile settings: https://www.facebook.com/settings?tab=ads

8. Your rights

 

If we process personally identifiable information of yours, you are Basic Data Protection Ordinance (GDPR) and you have the following rights regarding the personal data concerning you:

 
  • Right to information (Art. 15 GDPR)
  • Right to correction (Art. 16 GDPR)
  • Right to cancellation (Art. 17 GDPR) 
  • Right to limit processing (Article 18 of the GDPR),
  • Right to data portability (Article 20 of the GDPR)
  • Right to object to processing (Article 21 GDPR) 
  • Right, to complain to a data protection supervisory authority (Article 77 GDPR).

Under data protection laws you have rights in relation to your personal data that include the right to request access, correction, erasure, restriction, transfer, to object to processing, to portability of data and (where the lawful ground of processing is consent) to withdraw consent.

9. Changes to the privacy policy

 

We reserve the right to change the privacy policy in order to adapt it to changed legal situations, or to changes in the service and data processing. However, this only applies to declarations of data processing. If users' consent is required or elements of the privacy policy contain provisions of the contractual relationship with the users, the changes will only be made with the consent of the users.

Please inform yourself regularly about our privacy policy.