Information on data protection in accordance with Article 13 of the General Data Protection Regulation
Protecting your personal data is very important to Protina Pharmazeutische GmbH, which operates this website. We treat your personal data confidentially and in compliance with the statutory data protection regulations and this declaration on data protection. A range of personal data is collected when you use this website. Personal data are data that can be used to identify you personally. This data protection declaration explains which data we collect and what the data are used for. It also explains how and for what purpose the data are used. Please note that data transmission via the internet (e.g. in email communications) can be exposed to security breaches. It is not possible to completely protect data from being accessed by third parties.
1. Name and contact details for the responsible authority:
Protina Pharmazeutische GmbH
Legal representative: Monika Tiedemann
Adress: Adalperostrasse 37, 85737 Ismaning
2. Contact details of the data protection officer:
Dr. Sebastian Kraska
80331 München, Germany
3. Data processing in connection with provision of the website
3.1 Scope of processing:
Every time our website is accessed, our system generates automated data and information from the web-enabled system with which you as the user (“data subject”) visit our website. These data are stored and processed on our server in a log file. The following personal data are collected:
a) Browser type and version used
b) User’s operating system
c) User’s internet service provider
d) User’s IP address
e) Date and time of access
f) Websites from which the user’s web-enabled system accessed our internet page
g) Websites called up by the user’s web-enabled system from our website
3.2 Purpose of processing:
The IP address is a series of digits that clearly identifies your web-enabled system when it accesses our website. The IP address is used to send and receive data packages and enables users to access a website. Temporary storage of the IP address on our server is necessary to transmit the page content to the user’s web-enabled system when accessing our website; otherwise this content cannot be displayed.
Storage in log files is necessary to ensure that the website functions and to establish any transmission errors. In addition, we use these data to optimise our website and to safeguard the security of our IT systems. These data are not evaluated for marketing purposes.
3.3 Legal basis of processing
Data processing is based on our legitimate interests in accordance with Article 6(1) Sentence 1 letter f GDPR.
3.4 Legitimate interests
We have a legitimate commercial and non-commercial interest in presenting our company to the public via a website.
3.5 Recipients or categories of recipients
Personal data are passed on to our IT department and to contractors, who are used for hosting and the provision of the IT resources required to operate our website.
3.6 Transfer to third countries
We do not intend to transfer personal data to foreign countries.
3.7 Duration of storage
Personal data are deleted when they are no longer required for the purpose for which they were collected. Where data are collected for the provision of the website, this is when the session ends. The user’s IP address has to be stored for the duration of the session to permit use of the website.
If the data are stored in the log file, the data collected by this file are deleted after seven days at the latest. Storage for a longer period is possible. In this case, users’ IP addresses are deleted or anonymised, so allocation to the web-enabled system that accessed the website is no longer possible.
3.8 Right to object and right to erasure
As the data subject, you have the right to object at any time, on grounds relating to your personal situation, to processing of personal data concerning you which is based on Article 6(1) Sentence 1 letter e or f GDPR (Article 21(1) GDPR). Processing of personal data in order to provide this website and to generate log files is essential for the administration and maintenance that operating this website entails. Therefore, users cannot object to this type of processing.
3.9 Obligation to provide information (Article 13(2) letter e GDPR)
Providing your data for the processing of log files is voluntary. If you do not provide your data, we may not be able to address your web-enabled system, and you may not be able to use our website.
4. Processing of cookies
4.1 Scope of processing
4.2 Third party services
Data protection rules for using The Trade Desk
The Trade Desk offers what is known in the industry as a Demand Side Platform (“DSP” or “Platform”). We provide technology that helps advertisers and their advertising agencies manage digital advertising campaigns across many channels, such as websites, apps, audio, smart TVs, and other video. The advertising campaigns run by our clients help pay for the content you enjoy.
We, and our clients, collect and use data both to help ensure that the ads you see are relevant and to measure and report on their effectiveness.
Our AdBrain product, which is part of our Platform, uses data to produce a mapping of devices that might be related to each other, meaning that they might be used by the same person or by people in the same household. This helps advertisers better target and measure their campaigns, as well as to try to limit the number of times the same person or household sees an ad.
Data that is in our Platform is pseudonymous, which means that it does not directly identify people. Our Platform doesn’t have names, email addresses, phone numbers, or the like, and we prohibit our clients and partners from providing that kind of data into our Platform. Our clients and partners may, outside of our Platform, have access to other information about you, including information that directly identifies you. Such information is governed by the clients’ own legal requirements, privacy policies, contracts, or other terms that they have in place.
Our references to our Platform in this policy only refer to the Trade Desk’s own advertising technology platform and systems and do not include the technology or systems of clients or partners that use or integrate with us. They are bound by our policies when they use our Platform.
The Trade Desk is a member of the Network Advertising Initiative (NAI) and adheres to the NAI’s 2020 Code of Conduct. The Trade Desk also follows the industry self-regulatory guidelines of the Digital Advertising Alliance, the Digital Advertising Alliance of Canada, and the European Digital Advertising Alliance.
The Trade Desk also implements and adheres to the policies of the IAB EU Transparency & Consent Framework as part of our compliance with EU data protection law. See http://advertisingconsent.eu for more information.
If you want to go directly to our Opt Out, please visit http://www.adsrvr.org.
4.3 Purpose of processing
The purpose of using technical cookies is to make it simpler for users to use websites. Some functions on our website cannot be offered without enabling cookies. For these, it is necessary to recognise the internet browser even after the user has called up a different page. These technical cookies collect and store data and transmit it to us to allow our website to be called up from the database and to store the shopping cart for membership applications. The user data collected by these technical cookies are not used for profiling.
4.4 Legal basis of processing
Data processing is based on our legitimate interests in accordance with Article 6(1) Sentence 1 letter f GDPR.
4.5 Legitimate interests
We have a legitimate commercial interest in presenting our company to the public and promoting our products. For that purpose, it is necessary to offer a website that meets generally accepted usage standards and offers users simple use of the website in accordance with their needs and interests.
4.6 Recipients or categories of recipient
Cookie data are passed on to our internal departments and to contractors who are used for hosting and the provision of IT resources.
4.7 Transmission to third countries
We do not intend to transfer personal data to foreign countries.
4.8 Duration of storage
4.9 Right to object and right to erasure
The data subject has the right to object at any time, on grounds relating to his or her particular situation, to processing of personal data concerning him or her which is based on Article 6(1) letter e or f, GDPR (Article 21(1) GDPR). If cookies are disabled for our website, full use of all functions on our website may not be possible.
4.10 Obligation to provide information (Article 13(2) letter e GDPR)
Providing your data for the processing of cookies is voluntary. If you do not provide your data, we may not be able to address your web-enabled system and you may not be able to use our website or to use it in full.
5. Processing with Google Analytics
5.1 Scope of processing
We use the functions of Google Analytics, a web analysis service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google Analytics uses “cookies”. These are text files that are stored on your computer and that permit analysis of your use of the website. Google uses this information on our behalf to evaluate your use of the website and compile reports on your website activity.
5.2 Purpose of processing
We use these data for user-oriented structuring and optimisation of our website and to safeguard the security of our IT systems. We will also use the data for marketing purposes to improve our understanding of our customers’ and members’ interest in our products, services and membership offers and to provide practical solutions.
5.3 Legitimate interests
If data processing is based on Article 6(1) letter f GDPR – in other words, on our legitimate interests – we are required to inform you of the legitimate interests pursued by us or by a third party. Your data are processed in pursuit of our legitimate interest in analysing our market presence, the effectiveness of recruiting members and our public image. To this end, Google Analytics provides use with anonymised visitor statistics from which we can see when the site was accessed from which country.
5.4 Recipients or categories of recipient
Your personal data are passed on to our internal departments and to contractors who are used for the provision of IT resources. They are not passed on to other recipients. A data processing contract has been concluded with Google.
5.5 Transmission to third countries
As a rule, data on your usage of this website are transmitted to a Google server in the USA, where it is stored. We have activated the IP anonymisation function on the website. Therefore, in the member states of the European Union and other states party to the Agreement on the European Economic Area, Google shortens your IP address before it is transmitted to the USA. Only in exceptional circumstances will your full IP address be transmitted to a Google server in the USA and shortened there.
5.6 Duration of storage
User data are stored for 26 months. It is not possible to identify individuals on the basis of the reports prepared by Google Analytics.
5.7 Obligation to provide information (Article 13(2) letter e GDPR)
Providing your data for processing by Google Analytics is voluntary. You will not be placed at a disadvantage if you do not provide your data.
5.8 Right to object and right to erasure
The data subject has the right to object at any time, on grounds relating to his or her particular situation, to processing of personal data concerning him or her which is based on Article 6(1) letter e or f, GDPR (Article 21(1) GDPR). The processor no longer processes the personal data from then on.
You can prevent Google Analytics from collecting your data by setting an opt-out cookie. The opt-out cookie prevents collection of your data when you visit this website in the future. To set an opt-out cookie please go to bullet "4. Processing of cookies" and withdraw your consent.
In addition, you can prevent Google from collecting the data generated by the cookie relating to your use of the website (including your IP address) and processing these data by downloading and installing the browser plugin available from the following link: tools.google.com/dlpage/gaoptout.
6. Processing of customer and supplier data
6.1 Scope of processing
You can contact us by post, email, fax, phone, text message and contact form. You can contact us by providing your personal data, especially your name, address, communication details and other content; we will reply and this will involve processing your personal data.
6.2 Purpose of processing
Your personal data will be processed in order to identify you, to allocate your communication to an existing contract or other contractual relationship where appropriate, to process your communication and to reply to it. The personal data that you transmit to us via your communication medium will be processed for the purpose of dealing with and replying to your communication.
6.3 Legal basis for processing
If you have given your consent to the processing of the personal data specified in subsection 6.1 for the purposes set out in subsection 6.2, processing will be based on your consent in accordance with Article 6(1) Sentence 1 letter a GDPR.
Processing of the above personal data may be necessary in specific cases for the performance of a contract to which you are a party or for the performance of steps undertaken at your request prior to entering into a contract, Article 6(1) Sentence 1 letter b GDPR.
Processing of personal data is also undertaken on the basis of our legitimate interests in accordance with Article 6(1) Sentence 1 letter f GDPR.
6.4 Legitimate interests
We have a legitimate commercial interest in being contactable via our communication media in order to process and reply to enquiries.
6.5 Recipients or categories of recipient
Your personal data will be processed internally and possibly forwarded to external recipients where necessary to deal appropriately with your enquiry. Public bodies on the basis of overriding legal regulations. Other external bodies insofar as the data subject has given consent and transmission is permissible on the basis of overriding interests.
6.6 Transmission to third countries
We do not intend to transfer personal data to foreign countries. Your data may be processed outside the European Union in connection with performance of the contract.
6.7 Duration of storage
Personal data are deleted when they are no longer required for the purpose for which they were collected. The period for which the data are stored depends on statutory retention periods and is normally 10 years.
7. Information on data security
For security reasons and to protect the transmission of confidential content such as enquires that you send to us as the operator of this site, this website uses SSL or TLS encryption. You can recognise an encrypted connection by a change in the address line in your browser from “http://” to “https://” and the padlock symbol in your browser toolbar. When SSL or TLS encryption is activated, data you transfer to us cannot be read by third parties.
8. Your rights as a data subject
1. Right to withdraw consent: Under Article 7(3) GDPR, you have the right to withdraw the consent you have given to the data controller at any time. In this case, data processing that was based on your consent may no longer be performed in the future.
2. Right to access: Under Article 15 GDPR, you have the right to obtain information on the personal data processed by the controller. In particular, you can obtain information on the purposes of processing, the categories of personal data concerned, the categories of recipients to whom your data have been or will be disclosed, the envisaged period for which the data will be stored, the existence of the right to request rectification or erasure of the data, to restrict or object to processing of the data, the existence of a right to lodge a complaint, the source of the data if they were not collected by us, and the existence of automated decision-making, including profiling and, where relevant, meaningful information providing details of this.
3. Right to rectification: Under Article 16 GDPR, you have the right to demand rectification, without undue delay of incorrect or incomplete personal data stored by the data controller.
4. Right to erasure and right to be forgotten: Under Article 17 GDPR, you have the right to demand erasure of your personal data stored by the controller, unless processing is necessary to exercise the right to freedom of expression and information, to comply with a legal obligation, in the public interest or to establish, exercise or define legal claims.
5. Right to restrict processing: Under Article 18 GDPR you have the right to restrict processing of your personal data if the accuracy of the personal data is contested by you, processing is unlawful but you oppose erasure of the data, we no longer need the data but you require them for the establishment, exercise or defence of legal claims, or you have objected to processing pursuant to Article 21 GDPR.
6. Right to data portability: Under Article 20 GDPR you have the right to receive personal data that you have made available to us in a structured, commonly used and machine-readable format and the right to demand transmission of the data to another controller.
7. Right to complain: Under Article 77 GDPR, you have the right to submit a complaint to a supervisory authority. As a rule, you can contact the supervisory authority at your usual place of residence, place of work or the seat of the controller.
8. Right to object: If your personal data are processed on the basis of legitimate interests in accordance with Article 6(1) Sentence 1 letter f GDPR, you have the right under Article 21 to object to processing of your personal data on grounds relating to your particular situation. To exercise your right to object, please contact our data protection officer (firstname.lastname@example.org).