1) Name and contact details of company as well as company data protection officer
This data protection information applies to data processing processes at:
PharmaLex GmbH (hereinafter: PharmaLex),
Bahnstraße 42–46, 61381 Friedrichsdorf, GERMANY
Phone: +49 (0)621 18 15 38 – 0
Fax: +49 (0)621 18 15 38 – 20
PharmaLex has a company data protection officer who can be contacted at firstname.lastname@example.org
2) Collection and storage of personal data as well as type and purpose of data usage
When visiting our website
When you visit our website www.pharmalex.com, the browser on your device automatically sends information to the server on our website. This information is temporarily stored in a so-called log file. The following information is recorded without your active submission thereof and stored until it is automatically deleted:
- IP address of the requesting computer,
- Date and time of access,
- Name and URL of the retrieved file,
- Website from which access is made (referrer URL – the previously visited page),
- The browser used and, if applicable, the operating system of your computer as well as the name of your access provider.
The mentioned data will be processed by us for the following purposes:
- Ensuring a smooth connection of the website,
- Ensuring easy use of our website,
- Evaluation of system security and stability
- Further administrative purposes.
The legal basis for data processing is Art. 6 §1 of the GDPR. Our legitimate interest follows from the purposes listed above for data collection.
When registering for our newsletter
If you have expressly consented according to Art. 6 §1 of the GDPR, we will use your email address to send you our newsletter on a regular basis.
When signing up for promotional news such as newsletters (which includes service & industry news), the data you provide will be used exclusively for this purpose.
We require your name and a valid email address for an effective registration. To verify that a registration is carried out by the owner of an email address, we use the “opt-in” or “double opt-in” procedure, depending on country specific requirements. The data will only be used for sending the newsletter and will not be passed on to third parties.
You can revoke your consent to the storage of your data and its use for sending newsletters at any time. In every newsletter you will find a corresponding link. You can also unsubscribe at any time directly on our company’s homepage or send us your request via the contact details given at the end of this document.
If you no longer wish to receive advertising oriented towards your interests, you can object at any time free of charge and with effect for the future, by using the unsubscribe function or sending an email to email@example.com.
When using our contact form
If you have any questions, we offer you the opportunity to contact us using the contact form provided on the website. A valid business email address is required so that we know who has sent the request and to allow us to respond. Supplementary information can be provided voluntarily. The data will be processed for the purpose of contacting you according to Art. 6 §1 of the GDPR based on your voluntary consent.
Your business contact information which is collected by the contact form is stored and processed for promotional communication from PharmaLex. By ticking the box on the contact form, you have given consent to use your data for promotional services. This allows PharmaLex to store, process and use your data for promotional communication (provision of Whitepapers, Newsletters, Webinars, Promotional Materials, Events). If you no longer wish to receive advertising oriented towards your interests, you can object at any time and with effect for the future by using the unsubscribe function or sending an email to firstname.lastname@example.org.
When filling out a form on our website, the following mandatory data is collected and processed / saved:
- First name
- Email address
The purpose of collecting and processing this data is to be able to process and answer your contact request.
In addition, there is an option to provide further personal data. These optional data are:
- Telephone number
The additional data that you optionally provide serves to improve communication with you and make it more specific. We want to make sure that the information we send to you is of relevance.
When registering or downloading content
As part of our Thought leadership approach, we have made it our mission to share knowledge by providing high-quality content to our contacts. This content can be in form of webinars, trainings, whitepapers, or other resources. We ask our contacts to enter their personal credentials before accessing these files (so-called ‘gated content’). The personal data we capture is used in order to learn about a visitor’s interests and informing them of additional content that might be of relevance.
When filling out a form to access gated content, the following mandatory data is collected and processed / saved:
- First name
- Business Email address
- Company Name
- Job title
In addition, there is an option to provide further personal data. These optional data are:
- Academic title
- Phone number
- Branch of industry
3) Data disclosure to third parties
Your personal data will not be transmitted to third parties for purposes other than those listed below.
We will only pass on your personal data to third parties if:
- you have given your consent according to Art.6 §1 of the GDPR.
- the disclosure pursuant to Art. 6 §1 of the GDPR is necessary to assert, exercise or defend legal claims except where such interests are overridden by the interests or fundamental rights and freedoms of your personal data.
- this is necessary for compliance with a legal obligation pursuant to Art. 6 §1 of the GDPR, and this is legally permissible and is necessary for the processing of contractual relationships with you pursuant to Art. 6 §1 of the GDPR.
We forward your personal data to the following companies for the above-mentioned purposes:
salesforce.com / Erika-Mann-Str. 63, 80636 München, Germany / CRM
LogMeIn Germany GmbH / Erika-Mann-Str. 69, 80636 München, Germany / Training
iCapture / 250 Bobwhite Ct., Suite 300, Boise, Idaho 83706 USA / Marketing purposes
A transmission to the recipient in the USA only takes place if the purpose stipulation requires this and the company (s) in the USA are certified according to the EU / US Privacy Shield (https://www.privacyshield.gov/welcome). This ensures that your data is also processed in accordance with data protection in the USA (adequacy decision of the EU Commission of July 12, 2016, Az. C (2016) 4176 final, OJ L 207/1 of August 1, 2016).
Duration of storage
Insofar as no explicit storage period is specified during the collection, the personal data will be deleted insofar as this is no longer necessary to fulfil the purpose of the storage, unless statutory retention obligations (e.g. commercial and tax retention obligations) prevent deletion.
Like many other websites, our company also uses “cookies”. Cookies are small text files that are transferred from a website server to your hard drive.
These are files that your browser automatically creates and that are stored on your device (laptop, tablet, smartphone, etc.) when you visit our site. Cookies do not damage your device nor do they contain any viruses, Trojans, or other malware.
The data processed by cookies is required for the mentioned purposes to protect our legitimate interests and those of third parties pursuant to Art. 6 §1 of the GDPR. Most browsers automatically accept cookies.
We differentiate between cookies that are essential for the technical functions of the website and optional cookies.
In order for you to be able to specify your desired data protection settings for visiting our website as individually as possible, we give you the opportunity to set your preferences according to the following categories.
Necessary cookies enable core functionality. The website cannot function properly without these cookies and can only be disabled by changing your browser preferences.
Analytical cookies help us to improve our website by collecting and reporting information on its usage.
These cookies may be used to help us build a profile of your interests. They do not store directly personal information but are based on uniquely identifying your browser and internet device. Please note no personal data is stored by PharmaLex.
5) Analysis tools
The tracking measures listed below are used by us and carried out based on Art. 6 §1 of the GDPR. With the tracking measures used, we want to ensure that our website is designed to meet requirements and is continually optimized.
We use the tracking measures to statistically record the use of our website and to evaluate page visits for the purpose of optimizing our offer. These interests are considered justified and are in accordance with the before mentioned provision. The respective data processing purposes and data categories can be found in the corresponding tracking tools.
For the purpose of demand-oriented design and continuous optimization of our pages, we use Google Analytics, a web analysis service provided by Google Inc. (https://www.google.de/intl/de/about/) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter “Google”). In this context, pseudonymized user profiles are created and cookies (see section 4) are used. The information generated by the cookie about your use of this website (Browser type/version, the operating system used, Referrer URL, Host name of the accessing computer (IP address), Time of the server request are transferred to a Google server located in the U.S. and stored there. The information is used to evaluate the use of the website, to compile reports on the website activities and to provide further services associated with the use of the website and the Internet for the purposes of market research and demand-oriented design of these Internet pages.
This information may also be transferred to third parties if this is required by law or if third parties process this data on behalf of the company. Under no circumstances will your IP address be merged with other data from Google. The IP addresses are anonymized so that an assignment to a specific individual is not possible (IP masking).
If you delete the cookies in this browser, you must set the opt-out cookie again. Further information on data protection in connection with Google Analytics can be found in the Google Analytics Help (https://support.google.com/analytics/answer/6004245?hl=en).
Google AdWords Conversion Tracking
We use Google Conversion Tracking to statistically record and evaluate the use of our website for the purpose of optimization. Google AdWords will set a cookie (see paragraph 4) on your computer if you have accessed our website via a Google ad.
These cookies expire after 30 days and are not used for personal identification. If the user visits certain pages of the AdWords customer’s website and the cookie has not yet expired, Google and the customer can recognize that the user has clicked on the ad and has been redirected to this page. Each AdWords customer receives a different cookie. Cookies can therefore not be traced via the websites of AdWords customers. The information collected using the conversion cookie is used to compile conversion statistics for those AdWords customers who have opted for conversion tracking. AdWords customers see the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, you will not receive any information that personally identifies users.
The optionally provided personal data will be used to improve communication with you. For this purpose, a current profile of our visitors is created as part of progressive profiling.
You have the option to object to this at any time. The objection must be sent to email@example.com.
PharmaLex uses Tracked URLs alone or in conjunction with cookies to compile information about visitors’ usage of the websites and interaction with emails from the PharmaLex. For example, PharmaLex may place a tracked URL in marketing emails that notifies us when you click on a link in the email that directs you to one of our sites. PharmaLex uses this functionality to operate and improve the website and email communications.
6) Social Media Plug-ins
We use a social plug-in for the social network Twitter on our website based on Art. 6 §1 of the GDPR in order to raise the awareness of our company. The underlying advertising purpose is to be regarded as a legitimate interest within the meaning of the GDPR. Responsibility for data protection-compliant operation must be guaranteed by the respective provider.
The integration of this plug-in by us takes place in the way of the so-called two-click method in order to protect our website visitors in the best possible way.
Our website contains plugins of the short message network of Twitter Inc. integrated. You can recognize the Twitter plugins by the Twitter logo on our site. An overview of tweet buttons can be found here (https://about.twitter.com/resources/buttons).
When you access a page of our website that contains such a plugin, a direct connection is established between your browser and the Twitter server.
7) Rights of the data subject
You have the right:
- To request information about your personal data processed by us in accordance with Art. 15 of the GDPR. In particular, you may request information about the purposes of the processing, the categories of personal data concerned, the recipients or categories of recipients to whom your personal data have been or will be disclosed, the envisaged storage period, the existence of the right to rectification, deletion, restriction or objection of processing of personal data, the right to lodge a complaint with a supervisory authority, the origin of your data, where the personal data was not collected by us, and the existence of automated decision-making including profiling and, if applicable, meaningful information about the logic involved;
- In accordance with Art. 16 of the GDPR you can demand without delay the correction of incorrect or complete personal data stored by us;
- To request the deletion of your personal data stored with us in accordance with Art. 17 of the GDPR, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
- In accordance with Art. 18 of the GDPR, to restrict the processing of your personal data if you dispute the accuracy of the data, if the processing is unlawful but you refuse to delete the data and we no longer need the data, but if you need it to assert, exercise or defend legal claims or if you have filed an objection to the processing in accordance with Art. 21 of the GDPR;
- In accordance with Art. 20 of the GDPR, to receive your personal data that you have provided to us in a structured, current, and machine-readable format or to request its transfer to another person responsible;
- In accordance with Art. 7 § 3 of the GDPR, you can revoke your consent to us at any time. As a result, we will no longer process data based on this consent
- To complain to a supervisory authority pursuant to Art. 77 of the GDPR.
As a rule, you can contact the supervisory authority at your usual place of residence or workplace or at our company headquarters.
8) Right to object
If your personal data are processed on the basis of legitimate interests pursuant to Art. 6 §1 of the GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR, on the grounds relating to your particular situation or the objection is directed against promotional materials. In the latter case, you have a general right of objection, which we will implement without specifying a particular situation.
If you wish to exercise your right of withdrawal or objection, simply send an email to firstname.lastname@example.org
9) Data security
We use the most common SSL (Secure Socket Layer) method in connection with the highest level of encryption supported by your browser. Usually this is a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. Whether a single page of our website is transmitted in encrypted form is indicated by the closed display of the key or lock symbol in the lower status bar of your browser.
We also use suitable technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction, or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.
10) Accuracy and amendment of this data protection declaration
This data protection declaration is currently valid and effective as of January 2020.
Due to the further development of our website and offers above or due to changed legal or official requirements, it may become necessary to amend this data protection declaration. You can access and print the most current data protection declaration at any time on the website at https://www.pharmalex.com/data-protection.