NON-BINDING TRANSLATION FROM THE GERMAN LANGUAGE – FOR CONVENIENCE ONLY
STADA complies with all legal provisions on data protection. The protection of the privacy of visitors to this website is very important to STADA. Therefore, please take note of the following information:
STADA has set up links from all pages of this website to this data protection statement; if this is not the case, it is due to a technical error. In these exceptional cases, access to this statement is, however, possible via the website's start page.
In the future, it may be necessary for STADA to update this data protection statement. Such changes will then be announced on this page so that you always have complete knowledge of the type and the scope of personal data STADA saves and for which purposes STADA processes and utilizes this data.
On pages where STADA saves personal data, additional statements (for example on the use of the data) may be added as the need arises.
1. General information regarding the collection of personal data
a) The protection of your privacy when using our websites is very important to us, which is why we collect your personal data in accordance with legal requirements on data protection. Personal data is any information that relates to an identified or identifiable natural person, e.g. name, address, e-mail address, user behavior. The following sections inform you about how we handle your personal data.
b) The person responsible pursuant to Art. 4 (7) EU-General Data Protection Regulation (GDPR) is STADA Arzneimittel AG, Stadastraße 2-18, 61118 Bad Vilbel, email@example.com. Our Data Protection Officer can be reached at firstname.lastname@example.org or by using our postal address accompanied by the words “Data Protection Officer”.
c) If you are under 16 years of age, please obtain the consent of a parent/legal guardian before you provide personal data to STADA Arzneimittel AG.
d) The legal grounds for the processing of your personal data are defined in Section 6 GDPR. Depending on which of the permissible purposes described below for the processing of your personal data, the processing for the compliance with our legal obligations or to safeguard the legitimate interests of STADA or third parties, is always carried out on the condition that it is not outweighed by your interests or basic rights and freedoms. Furthermore, if necessary, the processing is carried out on the basis of your expressed consent, insofar as you have issued such consent to us.
2. Your rights
According to the provisions of the GDPR, you can exercise the following rights towards us:
- Right to access
- Right to rectification
- Right to restriction of processing
- Right to deletion / “right to be forgotten”
- Right to data transferability
- Right of appeal
In order to assert one of your right listed mentioned above, you can contact us at any time:
If the processing of your personal data is based on your consent, you have the right to object / withdraw your consent at any time, with effect for the future. The legality of the processing based on your consent until the withdrawal of the consent remains unaffected. Given consent can of course be canceled under the following address at any time with effect for the future:
STADA Arzneimittel AG
61118 Bad Vilbel, Germany
Fax: +49 6101/ 603-849
Furthermore, you have the right to complain to the data protection supervisory authority regarding our processing of your personal data. The relevant supervisory authority responsible for your German federal province can be accessed at www.bfdi.bund.de/DE/Infothek/Anschriften_Links/addresses_links-node.html.
3. Collection of personal data when visiting a website
a) In principle, you can visit our homepage without informing us about who you are. As is common for almost all websites, the server that hosts our website (webserver) automatically collects information about you if you visit our homepage. This data is technically necessary for us and ensures the stability and security of the website.
We analyze the server protocols on a regular and anonymous basis for statistical purposes (click stream analyses) in order to be able to evaluate how our website is used. Based on these insights, we can optimize our internet presence. Furthermore, we can use this information in case of misuse of the system in cooperation with your internet provider and/ or competent authorities, in order to identify the person responsible for the misuse.
b) In addition to the data mentioned previously, cookies are stored on your computer when you use our website. Cookies are small text files that are saved on your hard drive in an area determined by your browser and through which the entity that sets the cookie (in this case us) receives certain information. Cookies cannot run programs or transmit a virus to your computer. They serve to make the web presence in general more user-friendly and more effective.
aa) This website uses the following types of cookies, the scope and function of which are described below:
– Transient cookies (please see bb)
– Persistent cookies (please see cc).
Transient cookies are deleted automatically as soon as you close the browser. These include session-cookies in particular. These save a so-called session-ID, by which different requests of the browser can be allocated to the joint session. This allows your computer to be recognized if you return to our website. The session-cookies are deleted as soon as you log out or close the browser.
cc) Persistent cookies are deleted automatically after a specific period of time, which may differ depending on the cookie. You can delete the cookies in the security settings of your browser at any time.
dd) You can configure your browser settings according to your wishes and e.g. decline the acceptance of third-party-cookies or all cookies. We point out, however, that you may not be able to use all features of this website.
c) Cookies of third parties on our websites
We allow third parties to place cookies for this website on your computer.
This website uses Google Analytics, a web analysis service of Google Inc. "("Google"). We have concluded a corresponding contract with the provider for order data processing.
The relationship with the web analytics provider is based on the Privacy Shield Agreement between the European Union and the USA. Google is licensed under the Privacy Shield Framework of September 2017. www.privacyshield.gov/participant
Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site is being used. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. You can prevent this by setting your browser so that no cookies are stored.
Data processing is carried out on the basis of the legal requirements of Section 96 Paragraph 3 TKG and Art 6 Paragraph 1 lit a (consent) and/or f (legitimate interest) of the GDPR.
Our concern in accordance with GDPR (legitimate interest) is the improvement of our offer and our website. Since the privacy of our users is important to us, the user data is pseudonymised.
However, by activating IP anonymisation on this website, Google will abbreviate your IP address in advance within Member States of the European Union or in other countries party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and abbreviated there.
On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide the website operator with other services relating to website and Internet use. The pseudonymised IP address transmitted by your browser within the framework of Google Analytics will not be combinded with other Google data.
Users can also prevent Google Analytics from collecting data by clicking on the following link. An opt-out cookie is set to prevent future collection of your data when you visit this website: Disable Google Analytics
d) Use of social media plug-ins
(1) We currently use the following social media plug-ins: Facebook, Twitter, XING, LinkedIn and Google+. We use the so-called two-click solution. This means that if you visit our website, we do not initially transfer any personal data to the providers of the plug-ins in general. You can identify the provider of the plug-in by the marking above the initial letter or the logo. We offer the possibility to communicate directly with the plug-in provider via the button. By clicking on the button and thereby activating it; the plug-in provider is informed that you have visited the respective website of our online-offers. In addition, the data described under section 3 is transferred. In case of Facebook and Xing, according to information provided by them, in Germany the IP-addresses is anonymized immediately after collection. By activating the plug-in, your personal data is transferred to the respective plug-in-provider and saved there (for US-American providers: in the USA). As the plug-in-provider collects the data mainly by using cookies, we recommend to delete all cookies in your browser settings before clicking on the greyed out box.
(2) We have no influence on the collected data and data processing processes, nor are the full extent of the collection, the purposes of the processing and the storage periods known to us. We also have no information regarding the deletion of the collected data by the plug-in provider.
(3) The plug-in-provider saves your personal data as user profiles and uses them for the purposes of advertisements, market research and/or the needs-oriented design of its website. Such analysis takes place (even for users that are not logged-in) for presentation of user-oriented advertisements and to inform other users of the social network about your activities on the website. You have the right to object to the generation of such user profiles, the exercise of which you need to contact the respective plug-in provider. Through these plug-ins, we offer you the opportunity to interact with social media and other users, to improve our offers and to make their design more interesting. Legal foundation for the use of the plug-ins is Art. 6 (1) 1 f) GDPR.
(4) The transfer of the data takes place whether you have an account at the plug-in provider and are logged-in or not. If you are logged-in at a plug-in provider, the data collected at our website will be connected to the account of the plug-in provider. If you click on the activated button and e.g. link this page, the plug-in provider also saves this information in your user account and publicly shares it with your contacts. We recommend that you log-out on a regular basis after using social media, especially before activating the button, as you can thereby prevent a mapping to your profile at the plug-in provider.
Please click here to disable this tracking option on your Facebook account: www.facebook.com/ads/website_custom_audiences/
Please click here if you generally want to disable Facebook tracking: www.aboutads.info/choices/
(6) Further information on the purpose of the data collection and its processing by the plug-in provider can be found in the privacy statements of these providers. There you can also get more information about your rights and possibilities to protect your privacy by adjusting the user settings.
(7) Addresses of the respective plug-in providers and URL to their privacy statements:
a) Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA; www.facebook.com/policy.php; further information on data collection: www.facebook.com/help/186325668085084, www.facebook.com/about/privacy/your-info-on-other sowie www.facebook.com/about/privacy/your-info. Facebook acts under the EU-US-Privacy-Shield, www.privacyshield.gov/EU-US-Framework.
b) Twitter Inc., 1355 Market St, Suite 900o, San Francisco, California 94103, USA; twitter.com/privacy. Twitter acts under the EU-US-Privacy-Shield, www.privacyshield.gov/EU-US-Framework.
c) XING AG, Gänsemarkt 43, 20354 Hamburg, DE; www.xing.com/privacy.
d) LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA; www.linkedin.com/legal/privacy-policy. LinkedIn acts under the EU-US-Privacy-Shield, www.privacyshield.gov/EU-US-Framework.
e) Google Inc., 1600 Amphitheater Parkway, Mountainview, California 94043, USA; www.google.com/policies/privacy/partners/. Google acts under the EU-US-Privacy-Shield, www.privacyshield.gov/EU-US-Framework.
f) Integration of YouTube videos
(1) We have included YouTube-videos in our online offer that are saved at www.YouTube.com and which can be played directly from our website.
(2) By visiting the website, YouTube receives information, that you have visited the respective sub-site of our website. In addition, the data listed in section 3 is transferred. This takes place regardless of whether YouTube offers a user account that you are already logged-in to or if no user account exists. If you are logged-on at Google, your data is directly matched with your account. If you do not wish the matching with your profile at YouTube, you need to log-out before using the button. YouTube saves your data as user profiles and uses them for purposes of advertisements, market research and/or user-oriented design of its website. Such an analysis takes place (even for users that are not logged-in) for displaying user-oriented advertisements and in order to inform other users of the social network about your activities on our website. You have the right to object regarding the generation of such user profiles. For the execution of this right, you need to contact YouTube.
(3) Further information on the purpose and scope of the data collection and processing by YouTube can be found in the privacy statement. There you can also find further information on your rights and possibility to change the settings to protect your privacy: www.google.de/intl/en/policies/privacy/. Google processes your personal data also on US territory and acts under the EU-US-Privacy-Shield, www.privacyshield.gov/EU-US-Framework.
g) Integration of Google Maps
(1) We use the services of Google Maps on this website. This allows us to directly show interactive maps on our website and allow the comfortable use of the maps.
(2) By visiting the website, Google receives the information that you have visited the respective sub-site of our website. In addition, the data listed under section 3 is transferred. This takes place regardless of whether YouTube offers a user account that you are already logged-in to or if no user account exists. If you are logged-in at Google, your data is directly matched with your account. If you do not wish the matching with your profile at Google, you need to log-out before using the button. Google saves the data as user profiles and uses the data for the purposes of advertisements, market research
and/or user-oriented design of its website. Such an analysis takes place (even for users that are not logged-in) for displaying user-oriented advertisements and in order to inform other users of the social network about your activities on our website. You have the right to object regarding the generation of such user profiles. For the execution of this right, you need to contact Google.
(3) Further information on the purpose and scope of the data collection and processing by the plug-in provider can be found in the privacy statement of the provider. There you can also find further information on your rights and possibility to change the settings to protect your privacy: www.google.de/intl/en/policies/privacy/. Google processes your personal data also on US territory and acts under the EU-US Privacy Shield, www.privacyshield.gov/EU-US-Framework.
The regular STADA newsletter, press releases and ad-hoc releases provide information about our company announcements. The newsletter is sent to you only if you actively register for this service. If you register for our newsletter, the personal data you entered there is processed for the purpose of sending the newsletter.
STADA ensures the confidential treatment of your data. If you wish, you can unsubscribe from the newsletter at any time in various ways: via direct contact with us and via the link "unsubscribe from newsletter", which is included with each newsletter.
The same applies to the distribution of newsletters from STADA affiliates on products and/or services for which you can register on the respective product websites.
If you contact us by e-mail or a contact form, the personal data provided by you (e-mail, name, and telephone number) will be saved in order to answer your questions. The personal data which was collected for that purpose will be deleted once the saving of the data is no longer necessary, or we limit the processing if legal storage periods exist.
The provision of your personal data is not a legal or contractual obligation. This means that you are not obliged to provide us with your personal data. If you decide not to provide us with your personal data, some offers on our website may not be fully used by you.
j) STADA only (with the exception of web statistics) only collects data that you yourself disclose yourself to STADA to make use of one of the services offered by STADA (e.g. ordering of information brochures). This data will then be processed and used exclusively for carrying out the service that you requested (e.g. sending of the requested information material).
Furthermore, this data will only be processed or used for other purposes (e.g. sending of additional information on products or services or service material from STADA) if you have previously given your consent to do so to STADA.
Most Internet pages and functions which are made available by STADA do not require personal registration from the visitor. In some areas of this website, however, a registration is required for legal reasons (e.g. STADA service for experts). To be granted access to these areas, visitors must complete a form on the respective Internet page, whereby certain fields are obligatory and others are optional. In certain cases, visitors thereby select a user name and a password. If the obligatory fields are left empty, access to the selected website is denied and STADA cannot process the request.
Registration of closed user groups (log in medical specialist group)
Certain information related to prescription pharmaceutical products can only be made accessible if you are part of the medical specialist group. In this case, we are obligated to request your personal data as well as proof of your profession. This personal data will be administered in a data base and be treated with strict confidentiality.
The following personal data is collected:
- Group of specialists
- First and last name
- E-mail address
- Phone number
Alternatively, instead of such registration access can also be granted via a so-called DocCheck password.
This website uses the login service from the company DocCheck Medical Services GmbH ("DocCheck"). DocCheck uses so-called “cookies” – text files that are stored in the browser of the user – to make the use of their services easier. The information generated by the use of these cookies is only transferred to a server from DocCheck and is not shared with the website operator or other third parties. A data transfer of this information to outside of the EU does not take place. For the use of DocCheck, the agreement between you and DocCheck shall apply, with regard to data protection the DocCheck data protection declaration: www.doccheck.com/de/privacy/
Personal data which is collected via this website can also be made available by STADA to other STADA companies and contractually bound sales partners as well as to other third parties. This, however, is only done within the legally allowed scope.
4. Storage time
Purpose of storage
- Web server logs - storage time:14 days
- General inquiries - storage time: 180 days / 6 months
- Sample requests - storage time: 180 days / 6 months
- Order information material - storage time: 180 days / 6 months
- Newsletter subscription/unsubscription - storage time: As long as you subscribe to the newsletter. If you unsubscribe from the newsletter, you will be deleted directly.
- Subscription to the customer magazine - storage time: As long as the subscription lasts. If the subscription is cancelled, it will be deleted within 14 days.
- Use of services and promotions - storage time: As long as active consent for long-term use is available. In the event of revocation, the data will be deleted.
In the case of one-time use of offers without active consent for permanent use, the data will be deleted after 6 months.
- Faculty Login - storage time: As long as access is desired. In the event of revocation, the account will be deleted within 14 days.
5. Place of data processing
STADA also processes your data additionally outside the European Union.
b) STADA is a globally-active company. In the course of our business activities, we may potentially transfer your personal data also to recipients outside of the European Economic Area (“third countries”), where the applicable laws do not grant the same data protection safeguards as those in your home country. If this is the case, we will maintain the applicable data protection regulations and take appropriate protection measures to safeguard the security and integrity of our personal data, in particular through the conclusion of the EU standard contract clauses, which you can find at the following link: eur-lex.europa.eu/LexUriServ/LexUriServ.do
c) Information on how to obtain a copy of the appropriate guarantees: eur-lex.europa.eu/LexUriServ/LexUriServ.do
6. Transfer of your personal data
A transfer of your personal data takes place to the following recipients: Service provider for the distribution of the newsletter subscription, Service provider for the processing of orders for samples and information material, Service provider for the customer magazine subscription, Google Inc., Facebook Inc., Twitter Inc., YouTube, XING AG, LinkedIn Corporation for the purposes described under Section 3.
7. Safety measures
If we forward data according to the outlined services to our service providers, those are – in addition to mandatory legal provisions – bound by separate privacy agreements with us.
We use security measures that we continually optimize according to technical and legal developments in order to make sure that your data is protected from (accidental or intentional) manipulation, loss, destruction or access by unauthorized third parties.
8. Links to other websites
Our online offer contains links to other websites. This privacy statement does not cover other providers.
We do not have any influence on these website providers to ensure that they adhere to privacy statements and therefore we do not accept any responsibility for the accuracy.
The rapid development of the internet will make adjustments to our privacy regulations necessary from time to time. You will be informed on up-dates on this page.