Privacy policy

We are delighted that you are interested in our company, and we are committed to protecting your data.

1. General information, topicality

Your personal data is processed in accordance with the EU General Data Protection Regulation (GDPR) and applicable, country-specific data protection legislation. We created our data privacy policy to inform you, among other things, of how your personal data is collected and stored, the type and purpose of its use, the respectively valid legal basis for this and your rights as they relate to data protection.
We regularly review the content of our data privacy policy. Due to the ongoing development of our website and corresponding offers, or due to changing legal or official guidelines, it may become necessary to modify this privacy policy. Therefore, we reserve the right to change the data privacy policy at any time with or without notice. Please check this policy regularly for any changes. You can view and print the current privacy policy from our website at any time.

2. Name and contact information of the controller

This data privacy policy is valid for processing by:

Data controller:
HEIM Pharma Tropfsysteme GmbH
Lauterstraße 11a
96486 Lautertal
Germany
Phone: +49 (0) 95 61 – 55 26-3
Fax: +49 (0) 95 61 – 55 26-40
Email: info@heim-pharma.de
web: www.heim-pharma.de

3. Data protection officer

Our external data protection officer continuously monitors compliance with data protection regulations to protect your interests. Feel free to contact her directly if you require any additional information or explanations:
 Gabriele Baroness of Thuringia Reichenbach

Certified Data Protection Officer – DSB TÜV Süd Attorney at Law, Attorney for IT Law
Hinterer Glockenberg 12
96450 Coburg
Germany
Phone: 09561 / 35 47 811
Fax: 09561 / 35 47 812
Email: datenschutz@heim-pharma.de
web: https://www.von-thuengen.de

4. Collection and storage of personal data and the type and purpose of its use

a) When visiting our website
When you visit our website the browser installed on your device automatically sends information to our website’s server. This information is temporarily stored in what is known as a log file. The following information is collected without any action on your part and stored until it is automatically deleted when you leave our website:

  • IP address of the computer sending the enquiry
  • Date and time of the enquiry or access
  • Time zone difference to Greenwich Mean Time (GMT)
  • Content of the enquiry (specific page)
  • Name and URL of the accessed file
  • Access status/HTTP status code
  • The volume of data transferred
  • Website from which the request or access takes place (referrer URL)
  • Browser used
  • Your computer’s operating system and its interface as well as the name of your access provider
  • Browser software language and version

We process this information for the following purposes:

  • To guarantee smooth establishment of a connection to our website
  • To ensure convenient use of our website
  • To analyse system security and stability
  • And for additional administrative purposes

The legal basis for data processing is point f of Art. 6 para. 1 sentence 1 GDPR. Our legitimate interest follows from the purposes of data collection listed above. We will never use the data we collect for the purpose of drawing conclusions about your person.

b) When contacting us via email, letter, fax or phone
We collect personal data that you provide voluntarily when contacting us via email. Which data is collected can be gleaned from the input form you fill out. We use the information you provide solely for the purpose of processing your enquiry and/or contract. Once your enquiry and/or contract has been completely processed, your data is blocked from further processing and will be erased upon expiry of the applicable statutory retention periods in accordance with tax and trade law, provided you have not given your express consent to the further use of your data or we have reserved the right to use your data for a longer period as permitted by law and outlined in the following.

Data processing for the purpose of contacting us takes place in accordance with point a of Art. 6 para. 1 sentence 1 GDPR based on the consent you voluntarily provide.

Data processing in the event that a contract is concluded with us takes place in accordance with point a of Art. 6 para. 1 sentence 1 GDPR based on the consent you voluntarily provide for contract fulfilment in accordance with point b of Art. 6 para. 1 sentence 1 GDPR.

You may reject the storage and use of your data for these purposes by sending a message to the contact options outlined under numeral 1.

The legal basis for the data processing is point f of Art. 6 para. 1 sentence 1 GDPR. Our legitimate interest follows from our interest in selling our products.

c) Other forwarding of data

Your personal data is never forwarded to third parties for any purposes other than those outlined in the following.

We only forward your personal data to third parties if:

  • You have granted your express consent under point a of Art. 6 para. 1 sentence 1 GDPR,
  • Forwarding this data is required under point f of Art. 6 para. 1 sentence 1 GDPR to enforce, exercise or defend legal claims and there is no reason to assume that you have an overriding and legitimate interest in preventing your data from being forwarded,
  • In the event of a legal obligation associated with the forwarding of data under point c of Art. 6 para. 1 sentence 1 GDPR, and
  • To the extent that this is legally permissible and required under point b of Art. 6 para. 1 sentence 1 GDPR in order to manage the contract relationship with you.

5. Electronic mail (email)

Internet-based data transmission (e.g. email communication) may not be secure. It is possible for third parties to read, store and use information that you send to us via electronic mail (email) for another purpose. Therefore, please do not send confidential information without using an encryption program.

6. Your rights as the data subject

You have the following rights:

  • You may revoke any consent you have granted us at any time. The consequence is that we will no longer be permitted to process the data provided with this consent in the future (Art. 7. Para. 3 GDPR)
  • You may request information on the personal data we process (Art. 15 GDPR). Specifically, you may request information on the purposes of processing, the category of personal data, the categories of recipients who have been or will be provided access to your data, the planned storage period, the existence of rights to rectification, to erasure, to restriction of processing or to object, the existence of the right to lodge a complaint, the source of your data if we did not collect it and the existence of automated decision-making including profiling and, if necessary, meaningful information about any related details;
  • You may request the immediate completion or rectification of incomplete or inaccurate personal data we have stored (Art. 16 GDPR).
  • You may request the erasure of personal data we have stored provided it is not required for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or to enforce, exercise or defend legal claims (Art. 17 GDPR).
  • You may request the restriction of how your personal data is processed if you dispute the accuracy of the data, the processing is unlawful, but you object to its erasure and we no longer require the data but you require it to enforce, exercise or defend legal claims or you have lodged an objection against the processing of your data (Art. 18 GDPR) in accordance with Art. 21 GDPR.
  • You have the right to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request the transfer of this data to another data controller (Art. 20 GDPR) and
  • Without prejudice to any other administrative or judicial remedy, you have the right to complain to a supervisory authority, in particular in the Member State of its residence, place of work or place of alleged infringement. A list of the supervisory authorities with their respective contact information is available via the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html

7. Right of objection

To the extent that your personal data is processed on the basis of legitimate interests under point f of Art. 6 para. 1 sentence 1 GDPR, you have the right to object against the processing of your personal data for reasons that result from your special situation or if the objection is against direct advertising. In the case of the latter, you have a general right of objection that we will honour without requiring you to provide information on a special situation.

If you wish to exercise your right of revocation or objection, simply send an email to the address under numeral 2 above.

8. Data security

For security reasons our website uses SSL (Secure Socket Layer) encryption. You can determine whether an individual page of our Internet presence is transmitted in encrypted form by viewing the address line of your browser. It will change from “http://” to “https://” and a key or lock symbol will appear in your browser’s status bar.

Furthermore, we use the appropriate technical and organisational safety measures to protect your data against unintentional or intentional manipulation, partial or complete loss, destruction or unauthorised access by third parties. We are constantly improving our security measures to keep pace with the latest technological developments.

9. Use of cookies

Like many other websites, we also use “cookies”, small text files that make it possible to save specific, device-related information on user access devices (PC, tablet, smartphone). They are designed to improve the user experience on our website and thus benefit the user on the one hand, but also to collect statistical data on how webpages are used and thus improve our content on the other. Some of the cookies we use are “session cookies”, which are deleted after your browser session ends, i.e. when you close your browser. Other cookies stay on your computer or mobile device and enable us to recognise your browser again the next time you visit our website (persistent cookies).

As a user, you can decide whether to accept or reject the use of cookies. Most browsers feature an option that enables you to reduce or completely block saving cookies. However, it should be noted that use is restricted and less convenient without the use of cookies.

Detailed information about cookies
You will find detailed information about cookies, e.g. how you can determine which cookies have been set and how to handle or delete these cookies, on the following webpage: http://www.allaboutcookies.org/ge/

Additional instructions on how to delete cookies in the most common browsers can be found here:

The legal basis for the data processing, i.e. for the use of “cookies”, is point f of Art. 6 para. 1 sentence 1 GDPR. Our legitimate interest follows from our interest in improving the user experience on our website and improving our content.

10. Plug-ins and tools

Use of Google Maps

Our website uses the Google Maps service via an API. Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, offers this service. Your IP address must be saved in order to use the functionality offered by Google Maps. This information is generally transmitted to a Google Server in the United States and stored there. The operator of this website has no influence over the scope of data that is transmitted. We use Google Maps in the interest of increasing the visual appeal of our online content and making it easier for users to find locations listed on the website. This presents a legitimate interest in the sense of point f of Art. 6 para. 1 GDPR. For more detailed information on how the user data that is collected is handled, please view Google’s data privacy policy: https://www.google.de/intl/de/policies/privacy/.

Use of Google Web Fonts

Our website uses “Web Fonts” provided by Google to ensure standardised presentation of fonts. When you access a page, your browser stores the required web fonts in your browser cache in order to correctly display fonts.

Your browser must establish a connection to Google’s servers for this purpose. Google receives information that your IP address accessed our website in the process. Google Web Fonts are used in the interest of providing a standardized, visually appealing presentation of our online content. This represents a legitimate interest in the sense of point f of Art. 6 para. 1 GDPR.
If your browser does not support Web Fonts, then your computer will use a standard font.

For more information on Google Web Fonts, please visit  https://developers.google.com/fonts/faq and Google’s data privacy policy: https://www.google.com/policies/privacy/.

11. Analysis tools and advertising

Matomo (formerly Piwik)

This website uses the open source web analysis service Matomo. Matomo uses “cookies”. These are text files saved to your computer that make it possible to analyse how you use the website. The information generated by the cookie regarding your use of this website is saved to our server. The IP address is anonymised prior to saving.

Matomo cookies remain on your device until you delete them.

Storage of Matomo cookies and the use of this analysis tool takes place on the basis of point f of Art. 6 para. 1 GDPR. The website operator has a legitimate interest in the anonymous analysis of user behaviour to optimise web content and advertising.
The information generated by the cookie regarding your use of this website is not forwarded to third parties. You may block cookies in your browser settings; however, in this case you may not be able to use all of the features of this website.

If you do not consent to the storage and use of your data, then you may disable storage and use here. In this case, an opt-out cookie will be saved to your browser to prevent Matomo from saving usage data. If you delete your cookies this will result in deletion of the Matomo opt-out cookie. The opt-out cookie will need to be enabled again if you revisit our website.