We take the protection of your personal data very seriously and handle your personal data confidentially and in accordance with statutory data protection regulations. The following statement regarding data protection at Aristo Pharma GmbH explains how Aristo Pharma GmbH collects, manages and uses information relating to individual persons.
1. Data processing
We process your personal data in the following contexts:
1.1 Website aristo-pharma.de
When you call up and use our website aristo-pharma.de, personal data is automatically processed so that we can provide you with our information.
1.1.1 Server log files (access data)
The provider of the pages automatically processes information provided automatically by your browser, known as server log files. These include:
• Browser type and browser version
• operating system
• Referrer URL (origin address)
• Date and time of the server request
• IP address
This data will not be merged with other data sources.
The data processing is based on Art. 6 para. 1 letter f GDPR, which permits the processing of data on the basis of legitimate interest. In this case, there is a justified interest in a secure and trouble-free operation of the web server. In order to ensure this, the administration must be able to recognise and trace attacks and malfunctions of the system via the server log files. In order to recognize attack patterns, accesses to the server must be stored. As soon as this data is no longer needed, it is deleted. For technical reasons, the data is disclosed to the hosting service provider, who is, however, bound by instructions and contract to us.
The data processor can record information on visits made to websites such as, for example, regarding the pages visited or the searches carried out. Such information is used to better customise the content of the website to the needs of our customers and prepare statistics regarding the individual use of the website for internal market analysis purposes.
The websites uses ’cookies’ to some extent. These are small text files which are stored on your computer and which your browser can retrieve. Cookies help to make our services more user-friendly, effective and secure.
Most of the cookies we use are ‘session cookies’ and are automatically erased at the end of your visit. Other cookies remain on your device until you erase them. These cookies enable us to recognise your browser when you visit again.
A cookie is also used in which your consent or rejection to the use of technically not necessary cookies is stored. It is stored for 100 days and contains no personal reference.
You can set your browser so that you receive information regarding the setting of cookies and only permit cookies on a case-by-case basis, exclude cookies from being accepted in specific cases or in general and have the cookies automatically erased when you close the browser. However, the scope of functions offered by our online services may be restricted in this case.
1.1.3 Contact form
If you send us enquiries using the contact form, your details from the enquiry processing form and in the event of follow-up questions will be processed and stored by us.
Mandatory fields are marked accordingly. Filling in mandatory fields is necessary so that we can answer and process your enquiries. All other information is voluntary.
The processing of the data entered in the contact form takes place exclusively on the basis of your consent (Art. 6 Para. 1 Letter a GDPR). You can revoke this consent at any time. A revocation is only valid for the future.
We will not pass on your data to third parties without your consent or another legal basis.
The data you enter in the contact form will remain with us until you request us to delete it, revoke your consent to its storage or until the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory legal provisions, in particular retention periods, remain unaffected.
DocCheck is an identification service that provides access to information for medical professionals on our non-public pages. It is operated by DocCheck Medical Services GmbH, Vogelsanger Straße 66, 50823 Cologne, Germany.
Registration and use takes place by entering a DocCheck user name and password. The registration procedure is carried out exclusively on DocCheck's servers, so that we do not receive any personal data in this context. Your data will only be transmitted to us with your express consent or for the purpose of legal prosecution, insofar as this is permissible under data protection law.
1.1.5 Google Analytics
These website uses Google Analytics, a web analysis service provided by Google Inc. (‘Google’). This service collects information regarding your use of the website, including the browser type and version, operating system used, referrer URL (previously visited page), IP address or date/time of the query.
Google Analytics uses so-called ‘cookies’, which are text files that are stored on your computer and enable an analysis of your use of the web pages. The information generated by the cookies regarding your use of these web pages is typically transferred to one of Google’s servers in the US and stored there. Because IP anonymisation is activated on these web pages, Google abbreviates your IP address and only transmits it in anonymised form in member states of the European Union or the EEA (European Economic Area). The full IP address is only transmitted to a Google server in the US and abbreviated there in exceptional cases. This transfer is carried out on the basis of your consent.
On behalf of the operator of these web pages, Google will use this information to evaluate your use of the website, compile reports regarding the website activities and perform other services associated with the web pages and Internet use for the website operator.
Our legitimate interest in the processing of data is also for these purposes. The legal basis for the use of Google Analytics is Art. 6 para. 1 lt. f GDPR. The data that we send and that is linked with cookies, user information (e.g. user ID) or advertising IDs is automatically erased after 14 months. Data for which the retention period has expired is deleted automatically once a month.
You can prevent cookies from being stored by making a corresponding setting in your browser software; please note, however, that you might not be able to use all of the functions of this website to their full extent in this case. You can also prevent the data that is generated by the cookies and related to your use of the web pages (including your IP address) from being collected and processed by Google by downloading and installing the browser plugin provided in the following link. The link is: https://tools.google.com/dlpage/gaoptout
Alternatively, you can prevent data from being collected by Google Analytics on a case-by-case basis by clicking the link below. This results in an opt-out cookie being set, which prevents your data from being collected when you visit this website in future: Deactivate Google Analytics.
You can obtain further information from Google at https://policies.google.com/?gl=de.
This website uses Google Maps for displaying interactive maps. Google Maps is a map service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, California 94043, USA. The use of Google Maps results in information regarding the use of the website, including your IP address, being transmitted to Google in the US.
When you go to a page on our website that contains Google Maps, your browser establishes a direct connection with Google’s servers. Google transmits the content of the map directly to your browser, which integrates it into the website. For this reason, we do not have any influence on the scope of the data that Google collects in this manner. According to the information available to us, this includes the following data at a minimum:
• Date and time of the visit to our website
• Web address or URL of our website
• IP address
• The (start) address entered in the course of route planning
We have no influence on the further processing and use of the data by Google and therefore cannot accept any responsibility for this.
1.1.7 YouTube plugin
We use plugins of the YouTube site operated by Google in our website. The operator is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. When you visit one of our pages equipped with a YouTube plug-in, a connection is established to YouTube's servers. YouTube has privacy-friendly preferences so it only stores your information when you actually start a video, according to YouTube.
By being certified according to the EU-US Privacy Shield ("EU-US Privacy Shield"), Google and its subsidiary YouTube guarantee that the data protection requirements of the EU are also complied with when processing data in the USA.
The legal basis is Art. 6 Para. 1 Letter f GDPR. Our legitimate interest lies in improving the quality of our website.
The connection to the YouTube server in the USA is necessary in order to be able to display the respective video on our website via your Internet browser. In the course of this YouTube will at least record and process your IP address, the date and time as well as the website you visited. In addition, a connection to the advertising network "DoubleClick" is established by Google.
If you are logged in to YouTube at the same time, YouTube assigns the connection information to your YouTube account. If you wish to prevent this, you must either log out of YouTube before visiting our website or make the appropriate settings in your YouTube user account.
YouTube permanently stores cookies on your terminal device via your Internet browser for the purpose of functionality and analysis of user behaviour. If you do not agree with this processing, you have the option of preventing the cookies from being saved by making a setting in your Internet browser.
Google provides further information on the collection and use of data as well as your rights and protection options in this regard in the data protection information at https://policies.google.com/privacy.
We use plugins on our website to display videos from the Vimeo platform. It is operated by Vimeo, LLC with headquarters in 555 West 18th Street, New York, New York 10011, USA.
Vimeo's certification to the EU-US Privacy Shield guarantees that the EU's data protection requirements are also met when processing data in the USA.
The legal basis is Art. 6 para. 1 letter f GDPR. Our legitimate interest lies in improving the quality of our Internet presence.
When you open a web page provided with such a plugin, a connection to the Vimeo servers will be established and the plugin will be displayed. By this means, the Vimeo server will be informed which of our web pages you have visited. If you are logged into Vimeo as a member, Vimeo will assign this information to your personal user account. This information is also assigned to your user account when using the plugin, e.g. clicking the start button of a video. You can prevent this assignment by logging out of your Vimeo user account before using our website and deleting the corresponding cookies from Vimeo. If you do not agree with the data processing, you have the possibility to prevent the storage of cookies by a setting in your Internet browser.
Further information on data processing and information on data protection by Vimeo can be found at https://vimeo.com/privacy.
1.1.9 Share functions for social networks
On our website you can share individual pages via the "Share" links on the social networks Facebook, Twitter and WhatsApp. Only when you click on one of these links a connection will be established to the selected network and data about you will be transmitted there. The networks will use your personal information to perform the sharing function.
The data processing by us is based on our legitimate interests, i.e. the interest in the distribution of our online services in accordance with Art. 6 Para. 1 Letter f. GDPR.
Further information is available here:
• Facebook (Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA, operated within the EU by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland): Privacy information can be found at https://www.facebook.com/policy.php. By being certified according to the EU-U.S. Privacy Shield, Facebook guarantees that the EU's data protection regulations are also adhered to when processing data in the USA.
• Twitter (Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA): Privacy information can be found at https://twitter.com/privacy. By being certified under the EU-U.S. Privacy Shield, Twitter guarantees that the EU's data protection requirements are also met when data is processed in the USA.
• WhatsApp (WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland): Privacy information can be found at https://www.whatsapp.com/legal/#privacy-policy. WhatsApp's certification to the EU-U.S. Privacy Shield ensures that the EU's data protection requirements are met when data is processed in the United States.
Because of the marketing tools used, your browser automatically connects directly to Google's server. We have no control over the extent and further use of the data collected by Google through the use of this tool and inform you therefore according to our state of knowledge: By the integration of Doubleclick Google receives the information that you called the appropriate part of our Internet appearance or clicked an announcement of us. If you are registered with a Google service, Google can assign the visit to your Google account. Even if you are not registered with Google or have not logged in, it is possible that the provider may find out your IP address and store it.
In addition, the Doubleclick Floodlight cookies enable us to understand whether you are performing any actions on our website after you have accessed or clicked on one of our display/video ads on Google or another platform via Doubleclick. Doubleclick uses this cookie to learn how you interacted with our sites and to send you targeted advertisements later.
You can prevent participation in this tracking process in a number of ways:
a) by setting your browser software accordingly, in particular by suppressing third party cookies, you will not receive advertisements from third parties
b) by disabling conversion tracking cookies by setting your browser to block cookies from the domain www.googleadservices.com, https://adssettings.google.com, which will be deleted when you delete your cookies
c) by deactivating the interest-based advertisements of the providers that are part of the self-regulatory campaign "About Ads" via the link http://www.aboutads.info/choices, this setting being deleted if you delete your cookies
d) by permanent deactivation in your browsers Firefox, Internet Explorer or Google Chrome under the link http://www.google.com/settings/ads/plugin
e) by means of the corresponding cookie setting. We would like to point out that in this case you may not be able to use all functions of this offer to their full extent.
The legal basis for data processing is our legitimate interest in effectively publishing advertisements and evaluating their use (Art. 6 Para. 1 Letter f GDPR).
Further information on Doubleclick can be found at https://www.google.de/doubleclick and on data protection at Google in general: https://policies.google.com/privacy. Google is committed to the EU-U.S. Privacy Shield, https://www.privacyshield.gov.
1.1.11 MyFonts Counter
The service MyFonts-Counter does not process any personal data, but anonymously measures the use of web fonts on our website. Further information can be found at: https://www.monotype.com/legal/privacy-policy/web-font-tracking-privacy-policy/
1.2 Further data processing
1.2.1 Facebook appearance
We maintain an online presence on Facebook to communicate with the customers, prospects and users active there and to inform them about our offers. We would like to point out that user data may be processed outside the European Union. This can result in risks for users, e.g. by making it more difficult to enforce their rights. Facebook has signed up to the EU-U.S. Privacy Shield Agreement and is thus committed to EU data protection standards.
1.2.2 Business partners and contact persons
We process data about business partners (customers, suppliers, service providers, etc.) or their contact persons. This includes names, contact details and job-related data (e.g. details of employer and professional position).
The personal data originates either directly from the data subjects themselves or from their employer.
We need this data to safeguard our legitimate interests (Art. 6 Para. 1 Letter f GDPR) in order to be able to communicate with our business partners and to be able to fulfil, prepare and terminate contracts with our business partners. In addition, this data is also used to transmit information about our products and services and to carry out marketing activities. The use of personal data for direct marketing purposes can be opposed at any time.
A passing on of the data to third parties is not planned. This data will be stored for as long as it is necessary for the above-mentioned purposes and, if applicable, for as long as legal storage periods require. Insofar as it is necessary to fulfil these purposes, we can forward your data to external service providers. These are contractually and legally obliged to maintain confidentiality.
You can voluntarily submit your application online via our website. We process your applicant data only for the purpose and within the framework of the application procedure and in accordance with the legal requirements.
The processing of the applicant data is carried out to fulfil our (pre-)contractual obligations within the scope of the application procedure (Art. 6 Para. 1 Letter b GDPR and § 26 BDSG, German Data Protection Act).
If you voluntarily provide us with special categories of personal data within the scope of the application procedure (within the meaning of Art. 9 Para. 1 GDPR, e.g. health data, severely disabled status or ethnic origin), we process these on the basis of the legal basis of Art. 9 Para. 2 Letter a GDPR. If we ask you for special categories of personal data during the application process, they will be processed in accordance with Art. 9 Para. 2 Letter b GDPR.
The application procedure requires that you as an applicant provide us with your applicant data. Mandatory information is marked in our online form and can be found in the job description.
You can send us your application using the online form on our website. The data will be transmitted to us encrypted according to the state of the art. You can also send us your applications by e-mail. Because e-mails are not sent encrypted by default, you are responsible for a secure transmission yourself in this case. You can also send us your application by post.
Applicant data will be deleted after a period of six months, subject to justified revocation by the applicants, so that we can answer any follow-up questions regarding the application and meet our obligations to provide evidence under the AGG (German General Equal Treatment Act).
The company to which you are applying is responsible for data processing within the framework of the application. If this is not Aristo Pharma GmbH, it acts as a service provider and can access the applicant data.
In this case, the company named in the application is responsible for data protection:
• Aristo Pharma GmbH, Wallenroder Straße 8 - 10, 13435 Berlin, Phone: +49 30 71094 - 4200, firstname.lastname@example.org
• Advance Pharma GmbH, Wallenroder Straße 12 - 14, 13435 Berlin, Phone: +49 30 40370 – 0, email@example.com
• esparma Pharma Services GmbH, Bielefelder Straße 1, 39171 Sülzetal, OT Osterweddingen, Deutschland, Phone: +49 39205 438 – 4000, firstname.lastname@example.org
• Lindopharm GmbH, Neustrasse 82, 40721 Hilden, Phone: +49 2103 206 - 5, email@example.com
• Medinsa - LABORATORIOS MEDICAMENTOS INTERNACIONALES, S.A., Calle Solana 26, 28850 Torrejón de Ardoz, Madrid, Phone: +34 916558 - 610, firstname.lastname@example.org
• Pharma Wernigerode GmbH, Dornbergsweg 35, 38855 Wernigerode, Phone: +49 3943 554 - 0, email@example.com
• Steiner & Co. Deutsche Arzneimittelgesellschaft mbH & Co. KG, Ostpreussendamm 72/74, 12207 Berlin, Phone: +49 30 71094 - 4200, firstname.lastname@example.org
2. Your rights
You as a data subject have the following rights, providing that the legal prerequisites are fulfilled:
• Right of access to personal data, Art. 15 GDPR
• Right to rectification of personal data, Art. 16 GDPR
• Right to erasure of personal data, Art. 17 GDPR
• Right to restriction of processing, Art. 18 GDPR
• Right to data portability, Art. 20 GDPR
• Right to object, Art. 21 GDPR
Insofar as the processing of data is based on your consent, you have the right to retract your consent at any time with effect for the future.
You have the right to submit a complaint to the data protection authorities regarding the processing of your data.
Responsible party and data protection officer
The responsible party for data processing is, unless otherwise stated above:
Aristo Pharma GmbH
Wallenroder Straße 8 - 10
Phone: +49 (0) 30 - 710 94 - 4200
Fax: +49 (0) 30 - 710 94 - 4250
You can contact the data protection officers via fox-on Datenschutz GmbH, Pollerhofstr. 33a, 51789 Lindlar, email@example.com.