With this data protection information we inform you about our handling of your personal data and about your rights under the European General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG). Responsible for the data processing is the factory of chemical preparations of Dr. Richard Sthamer GmbH & Co. KG (hereinafter referred to as "we" or "us").
4. Categories of recipients of the data
5. Data transfer to third countries
6. Processing when exercising your rights
II. Data processing on our website
1. Processing of server log files
2. Contact options and inquiries
6. External Media and Third Party Services
III. Data processing on our social media pages
1. Visit of our social media page
2. Comments and Direct Messages
2. Customer and interested party data
If you have any questions or suggestions about this information or would like to contact us to assert your rights, please address your request to
Fabrik chemischer Präparate von Dr. Richard Sthamer GmbH & Co. KG
Liebigstrasse 5, 22113 Hamburg
Tel. +49 (0)40-73 61 68-0
Email info@sthamer.com
The data protection term "personal data" refers to all information that relates to a specific or identifiable person. We process personal data in compliance with the relevant data protection regulations, in particular the GDPR and the BDSG. Data processing by us only takes place on the basis of legal permission. We only process personal data with your consent (§ 25 Para. 1 TTDSG or Art. 6 Para. 1 Letter a DSGVO), to fulfill a contract to which you are a party or at your request to carry out pre-contractual measures (Art. 6 Para 1 letter b GDPR), to fulfill a legal obligation (Article 6 paragraph 1 letter c GDPR) or if the processing is necessary to protect our legitimate interests or the legitimate interests of a third party, unless your interests or fundamental rights and Fundamental freedoms that require the protection of personal data prevail (Article 6 (1) (f) GDPR).
If you apply for a vacancy in our company, we will also process your personal data to decide whether to establish an employment relationship (Section 26 (1) sentence 1 BDSG).
Unless otherwise stated in the following information, we only store the data for as long as is necessary to achieve the purpose of processing or to fulfill our contractual or legal obligations. Such legal storage obligations can result in particular from commercial or tax regulations. We will retain such personal information contained in our accounting records for ten years from the end of the calendar year in which the information was collected and retain personal information contained in commercial letters and contracts for six years. In addition, we will store data in connection with consents that require proof as well as with complaints and claims for the duration of the statutory limitation periods. We will delete data stored for advertising purposes if you object to the processing for this purpose.
We use contract processors to process your data. The processing operations carried out by such processors include e.g. hosting, sending e-mails, maintenance and support of IT systems, customer and order management, order processing, accounting and billing, marketing measures or the destruction of files and data carriers. A processor is a natural or legal person, public authority, agency or other body that processes personal data on behalf of the data controller. Contract processors do not use the data for their own purposes, but carry out the data processing exclusively for the person responsible and are contractually obliged to ensure suitable technical and organizational measures for data protection. Otherwise, we may transfer your personal data to places such as postal and delivery services, house bank, tax consultancy/auditing company or the financial administration. Other recipients may result from the following information.
Our data processing may involve the transfer of certain personal data to third countries, i.e. countries in which the GDPR does not apply. Such a transfer takes place in a permissible manner if the European Commission has determined that an appropriate level of data protection is required in such a third country. If such an adequacy decision by the European Commission is not available, personal data will only be transferred to a third country if there are suitable guarantees in accordance with Article 46 GDPR or if one of the requirements of Article 49 GDPR is met.
Unless otherwise stated below, we use the EU standard data protection clauses as suitable guarantees for the transfer of personal data to third countries. You have the option of receiving or viewing a copy of these EU standard data protection clauses. To do this, please contact the address given under Contact.
If you agree to the transfer of personal data to third countries, the transfer takes place on the legal basis of Art. 49 Para. 1 Letter a DSGVO.
If you exercise your rights in accordance with Art. 15 to 22 GDPR, we process the transmitted personal data for the purpose of implementing these rights by us and in order to be able to provide evidence of this. For the purpose of providing information and preparing it, we will only process data stored for this purpose and for data protection control purposes and otherwise restrict processing in accordance with Art. 18 GDPR.
This processing is based on the legal basis of Article 6 (1) (c) GDPR in conjunction with Articles 15 to 22 GDPR and Section 34 (2) BDSG.
As the data subject, you have the right to assert your data subject rights against us. In particular, you have the following rights:
Wenn Sie der Ansicht sind, dass eine Verarbeitung der Sie betreffenden personenbezogenen Daten gegen die Bestimmungen der DSGVO verstößt, haben Sie nach Maßgabe des Art. 77 DSGVO das Recht auf Beschwerde bei einer Aufsichtsbehörde.
In accordance with Art. 21 Para. 1 GDPR, you have the right to object to processing based on the legal basis of Art. 6 Para. 1 Letter e or f GDPR for reasons arising from your particular situation. If we process personal data about you for the purpose of direct advertising, you can object to this processing in accordance with Article 21 (2) and (3) GDPR.
You can reach our data protection officer under the following contact details:
E-Mail: datenschutzbeauftragter@sthamer.de
Herting Oberbeck Datenschutz GmbH
Hallerstr. 76, 20146 Hamburg
https://www.datenschutzkanzlei.de
When using the website, we collect information that you provide yourself. We also automatically collect certain information about your use of the website during your visit to the website. In data protection law, the IP address is also considered personal data. An IP address is assigned to every device connected to the Internet by the Internet provider so that it can send and receive data.
When using our website for purely informational purposes, general information that your browser transmits to our server is initially automatically stored (i.e. not via registration). This includes by default: browser type/version, operating system used, page accessed, previously visited page (referrer URL), IP address, host name, search engine used and keyword, length of stay, number of pages accessed, last page opened before leaving the website, Date and time of server request and HTTP status code.
The processing takes place to protect our legitimate interests and is based on the legal basis of Art. 6 Para. 1 Letter f DSGVO. This processing serves the technical administration and security of the website. The stored data is anonymized immediately after collection, unless there is a justified suspicion of illegal use based on concrete indications and further examination and processing of the information is necessary for this reason. We are not able to identify you as the data subject based on the information stored. Articles 15 to 22 GDPR therefore do not apply in accordance with Article 11 (2) GDPR unless you provide additional information that enables you to be identified in order to exercise your rights set out in these articles.
Our website contains contact forms that you can use to send us messages. The transfer of your data is encrypted (recognizable by the "https" in the address line of the browser). All data fields marked as mandatory are required to process your request. Failure to provide it means that we cannot process your request. The provision of further data is voluntary. Alternatively, you can also send us a message via the contact e-mail. We process the data for the purpose of answering your request.
If your request is aimed at the conclusion or execution of a contract with us, Art. 6 Para. 1 Letter b DSGVO is the legal basis for data processing. Otherwise, we process the data based on our legitimate interest in contacting the requesting person. The legal basis for data processing is then Art. 6 Para. 1 Letter f GDPR.
We use cookies and similar technologies (“cookies”) on our website. Cookies are small pieces of data stored by your browser when you visit a website. This identifies the browser used and can be recognized by the web server. You have full control over the use of cookies through your browser. You can delete the cookies in the security settings of your browser at any time. You can object to the use of cookies through your browser settings in principle or for specific cases.
The use of cookies is partly technically necessary for the operation of our website and is therefore permitted without the consent of the user. We may also use cookies to provide special features and content, and for analytics and marketing purposes. This may also include third-party cookies. We only use such technically unnecessary cookies with your consent in accordance with Section 25 (1) TTDSG and, if applicable, Article 6 (1) (a) GDPR. Information on the purposes, providers, technologies used, stored data and the storage period of individual cookies can be found in the cookie settings of our consent management tool. You can reach this via the tab at the bottom right of the page.
This website uses the Consent Management Tool [Complianz] from [Complianz B.V.] (Netherlands) to control cookies and the processing of personal data.
The consent banner enables the users of our website to give their consent to certain data processing processes or to revoke a given consent. By confirming the "I accept" button or by saving individual cookie settings, you agree to the use of the associated cookies.
The legal basis under data protection law is your consent within the meaning of Art. 6 Para. 1 Letter a GDPR.
The banner also supports us in being able to provide proof of the declaration of consent. To do this, we process information about the declaration of consent and other log data for this declaration. Cookies are also used to collect this data. The processing of this data is necessary in order to be able to prove that consent has been given. The legal basis results from our legal obligation to document your consent (Art. 6 Para. 1 Letter c in conjunction with Art. 7 Para. 1 DSGVO).
You can revoke your consent to cookies here: Scroll all the way down the page. You can manage your cookie consent via the tab at the bottom right of the screen.
We use the Google Analytics service from Google Ireland Limited (Ireland, EU) on our website.
Google Analytics is a web analysis service that we use to collect and analyze data about the behavior of visitors to our website. Google Analytics uses cookies for this purpose, which enable an analysis of the use of our website. In doing so, personal data is processed in the form of online identifiers (including cookie identifiers), IP addresses, device identifiers and information about interaction with our website.
Some of this data is information that is stored on the device you are using. In addition, further information is stored on the device you are using via the cookies used. Such storage of information by Google Analytics or access to information that is already stored in your end device only takes place with your consent.
Google Ireland will process the data collected in this way on our behalf in order to evaluate the use of our website by users, to compile reports on activities within our website and to provide us with other services related to the use of our website and internet use provide. Pseudonymous user profiles can be created from the processed data.
The setting of cookies and the further processing of personal data described here takes place with your consent. The legal basis for data processing in connection with the Google Analytics service is therefore Article 6 (1) (a) GDPR. You can revoke this consent at any time with effect for the future via our consent management tool.
The personal data processed to provide Google Analytics on our behalf may be transferred to any country where Google Ireland or Google Ireland's sub-processors have facilities. Please note the information in the "Data transfer to third countries" section.
We only use Google Analytics with activated IP anonymization. This means that the IP address of the users is shortened by Google Ireland within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. The IP address transmitted by the user's browser is not merged with other data. Further information on the use of data for advertising purposes can be found in Google's data protection declaration at: www.google.com/policies/technologies/ads/.
We use the Google Analytics 4 variant. This enables us to track interaction data from different devices and from different sessions. This allows us to put individual user actions in context and analyze long-term relationships.
The data on user actions is stored for a period of 14 months and then automatically deleted. All other event data is stored for 2 months and then automatically deleted. The deletion of the data whose storage period has expired takes place automatically once a month.
We use Google Maps from Google Ireland Limited (Ireland, EU) on our website to display maps and for virtual tours. For such integration, processing of your IP address is technically necessary so that the content can be sent to your browser. Your IP address will therefore be transmitted to Google and Google may set its own cookies.
Your data will be processed on the basis of your consent in accordance with Art. 6 Para. 1 Letter a GDPR.
When using the service, a transfer of your data to the USA cannot be ruled out. Please also note the information in the "Data transfer to third countries" section. Further information on data protection at Google can be found in Google's data protection information at https://www.google.com/policies/privacy.
On this website we use the hCaptcha tool provided by Intuition Machines, Inc. (USA). To protect the website from spam and abuse, this tool is used for all contact forms. For such integration, processing of your IP address is technically necessary so that a connection to the hCaptcha servers can be established and the content can be sent to your browser. Your IP address is therefore processed by hCaptcha on our behalf. For security reasons, we use the service to check whether form entries are made by a natural person. In this way, automated access attempts and attacks can be detected and repelled. We are legally obliged to take technically and economically reasonable measures to ensure the security of our website. You can prevent this data processing at any time via the settings of the browser used or certain browser extensions. Such an extension is, for example, the matrix-based firewall uMatrix for the Firefox and Google Chrome browsers. Please note that this can lead to functional restrictions on the website.
Your data is processed on the basis of Art. 6 (1) (c) GDPR in conjunction with Art. 32 GDPR and Section 19 (4) TTDSG.
Further information on data protection at hCaptcha can be found in the hCaptcha data protection information: https://www.hcaptcha.com/privacy
We use the Cloudflare CDN service of Cloudflare Inc. (USA) on our website to display content. For such an integration, a processing of your IP address is technically necessary so that the content can be sent to your browser. Your IP address is therefore transmitted to Cloudflare. You can object to this data processing at any time via the settings of the browser used or certain browser extensions. Please note that this may result in functional restrictions on the website.
The processing of your data is based on Art. 6 (1) f DSGVO and is based on our legitimate interest in the optimization and economic operation of our website.
When using the service, a transfer of your data to the USA cannot be excluded. Please note the information in the section "Data transfer to third countries". For more information on data protection at Cloudflare, please refer to Cloudflare's privacy policy at https://www.cloudflare.com/privacypolicy/.
We use the Jsdelivr service of Volentio JSD Limited (UK) on our website to display content. For such integration, it is technically necessary to process your IP address so that the content can be sent to your browser. Your IP address is therefore transmitted to Volentio JSD Limited. You can object to this data processing at any time via the settings of the browser used or certain browser extensions. Please note that this may result in functional restrictions on the website.
The processing of your data is based on Art. 6 (1) f DSGVO and is based on our legitimate interest in the optimization and economic operation of our website.
When using the service, a transfer of your data to the USA cannot be ruled out. Please note the information in the section "Data transfer to third countries". Further information on data protection at Volentio JSD Limited can be found in Volentio's privacy policy at https://www.jsdelivr.com/terms/privacy-policy. https://www.jsdelivr.com/terms/privacy-policy.
We have a company page on several social media platforms. We would like to offer further opportunities for information about our company and for exchange. Our company has company pages on the following social media platforms:
If you visit or interact with a profile on a social media platform, personal data about you may be processed. The information associated with a social media profile used also regularly constitutes personal data. This also includes messages and statements made using the profile. In addition, during your visit to a social media profile, certain information is often automatically recorded about it, which can also constitute personal data.
When you visit our Facebook page, through which we present our company or individual products from our range, certain information about you is processed. Meta Platforms Ireland Limited (Ireland, EU) is solely responsible for this processing of personal data. Further information about the processing of personal data by Meta can be found at https://www.facebook.com/privacy/explanation. Meta offers the possibility to object to certain data processing; relevant information and opt-out options can be found at. https://www.facebook.com/settings?tab=ads.
Meta provides us with anonymized statistics and insights for our Facebook Page that help us gain insights into the types of actions people take on our Page (so-called "Page Insights"). These site insights are created based on certain information about people who have visited our site. This processing of personal data is carried out by Meta and us as joint controllers. The processing serves our legitimate interest in evaluating the types of actions taken on our site and improving our site based on these findings. The legal basis for this processing is Art. 6 Para. 1 Letter f GDPR.
We cannot assign the information obtained via the page insights to individual user profiles that interact with our Facebook page. We have entered into a joint controllership agreement with Meta, which sets out the distribution of data protection obligations between us and Meta. For details about the processing of personal data to create Page Insights and the agreement concluded between us and Meta, please visit https://www.facebook.com/legal/terms/information_about_page_insights_dataWith regard to this data processing, you have the option of asserting your rights as a data subject (see "Your rights") against Meta. Further information on this can be found in Meta's data protection declaration at https://www.facebook.com/privacy/explanation.
Please note that according to the meta data protection regulations, user data is also processed in the USA or other third countries. Meta only transfers user data to countries for which the European Commission has issued an adequacy decision in accordance with Art. 45 GDPR or on the basis of suitable guarantees in accordance with Art. 46 GDPR.
In principle, LinkedIn Ireland Unlimited Company (Ireland, EU) is solely responsible for the processing of personal data when you visit our LinkedIn page. Further information about the processing of personal data by LinkedIn can be found at https://www.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy.
If you visit our LinkedIn company page, follow this page or engage with the page, LinkedIn processes personal data in order to provide us with statistics and insights in an anonymous form. This gives us insights into the types of actions that people take on our site (so-called site insights). For this purpose, LinkedIn processes in particular data that you have already made available to LinkedIn via the information in your profile, e.g. B. Data on function, country, industry, seniority, company size and employment status. In addition, LinkedIn will process information about how you interact with our LinkedIn company page, e.g. whether you are a follower on our LinkedIn company page. LinkedIn does not provide us with any of your personal data with the Page Insights. We only have access to the aggregated Page Insights. It is also not possible for us to draw conclusions about individual members from the information on the page insights. This processing of personal data within the scope of the page insights is carried out by LinkedIn and us as joint controllers. The processing serves our legitimate interest in evaluating the types of actions taken on our LinkedIn company page and improving our company page based on these findings. The legal basis for this processing is Art. 6 Para. 1 Letter f GDPR.
We have entered into an agreement with LinkedIn on processing as joint controllers, which defines the distribution of data protection obligations between us and LinkedIn. The agreement is available at: https://legal.linkedin.com/pages-joint-controller-addendum. After that, the following applies:
Please note that according to the LinkedIn data protection guidelines, personal data is also processed by LinkedIn in the USA or other third countries. LinkedIn only transfers personal data to countries for which the European Commission has issued an adequacy decision in accordance with Art. 45 GDPR or on the basis of suitable guarantees in accordance with Art. 46 GDPR.
We also process information that you have provided to us via our company page on the relevant social media platform. Such information can be the username used, contact details or a message to us. This processing by us takes place as the sole responsible party. We process this data based on our legitimate interest in contacting the requesting person. The legal basis for data processing is Art. 6 Para. 1 Letter f GDPR. Further data processing can take place if you have given your consent (Art. 6 Para. 1 Letter a GDPR) or if this is necessary to fulfill a legal obligation (Art. 6 Para. 1 Letter c GDPR).
If you send us a message using the contact email provided, we will process the transmitted data for the purpose of answering your request. We process this data based on our legitimate interest in contacting the requesting person.
The legal basis for data processing is Art. 6 Para. 1 Letter f GDPR.
If you contact our company as a customer or interested party, we process your data to the extent necessary to establish or implement the contractual relationship. This regularly includes the processing of the personal master, contract and payment data provided to us as well as contact and communication data of our contacts at commercial customers and business partners. The legal basis for this processing is Art. 6 Para. 1 Letter f GDPR.
We also process customer and interested party data for evaluation and marketing purposes. This processing takes place on the legal basis of Art. 6 Para. 1 Letter f DSGVO and serves our interest in further developing our offer and in informing you specifically about our offers.
Further data processing can take place if you have given your consent (Art. 6 Para. 1 Letter a GDPR) or if this is necessary to fulfill a legal obligation (Art. 6 Para. 1 Letter c GDPR).
If you apply to our company, we will only process your application data for purposes related to your interest in current or future employment with us and the processing of your application. Your application will only be processed and acknowledged by the relevant contact persons. All employees entrusted with data processing are obliged to maintain the confidentiality of your data. If we are unable to offer you employment, we will keep the data you have submitted for up to six months after any rejection for the purpose of answering questions in connection with your application and rejection. This does not apply if legal provisions prevent deletion, if further storage is required for the purpose of providing evidence or if you have expressly consented to longer storage. The legal basis for data processing is Section 26 (1) sentence 1 BDSG. If we store your applicant data for longer than six months and you have expressly consented to this, we would like to point out that this consent can be revoked at any time in accordance with Art. 7 Para. 3 DSGVO. Such a revocation does not affect the lawfulness of the processing that has taken place on the basis of the consent up to the point of revocation.
Wir veranstalten Schulungen für unsere Kund: innen und Interessent: innen. Für die Anmeldung ist die Verarbeitung von personenbezogenen Daten erforderlich. Wenn bei der Durchführung der Schulungen weitere Daten verarbeitet werden, weisen wir Sie gesondert darauf hin. Die bereitgestellten Daten können außerdem zur Versendung von Materialien und zur Versendung von Anmeldebestätigungen zu den Schulungen verwendet werden. Die Verarbeitung der bereitgestellten Daten erfolgt zum Zwecke der Leistungserbringung und beruht auf der Rechtsgrundlage des Art. 6 Abs. 1 Buchst. b DSGVO.
