Data Protection Policy
1. Data protection at a glance
1.1 General information
In the following, a simple overview is provided of what happens with your personal data when you visit our website. Personal data constitute all data which may be used to personally identify you. For detailed information on the topic of data protection, please consult the data protection policy below. In order to protect your personal data, we have concluded a contract on contracted third-party data processing with our web hosting provider in the sense of Art. 28 of the General Data Protection Regulation (GDPR)
1.2 What should you know about data capture on our website?
- Who is responsible for capturing data on this website?
Data processing is performed on this website by its operator; please consult the legal notice for its contact data.
- How do we capture your data?
Your data are captured, for one, when you provide them to us. These can, for example, be data which you enter in a contact form. Other data are automatically captured by our IT systems when you visit the website. These are primarily technical data (e.g. the browser used, your operating system, or the time at which you call a page). These data are automatically captured as soon as you enter our website.
- What do we use your data for?
Some data are captured in order to make the website available without any errors. Other data may be used to analyse your behaviour as a user.
- What rights do you have in connection with you data?
You have the right to request and receive at any time information on the source, recipients and purpose of your stored personal data. You also have the right to demand the rectification, blocking or erasure of these data. You may contact us at any time via the address provided in the legal notice on these matters as well as in connection with other issues related to data protection. In addition, you have the right to complain to the responsible supervisory authority.
1.3 Analytical and third-party tools
When you visit our website, your use of it may be statistically evaluated. This is mainly done with cookies and so-called analysis programs. As a rule, your actions and movements are anonymously analysed, in other words your behaviour cannot be traced back to you. You may object to this analysis or prevent it by using certain tools or setting ‘opt-out cookies’. Detailed information is contained in the data protection policy below.
2. General information and information on obligations
The operators of this website take the protection of your personal data very seriously. We treat your personal data confidentially while complying with the legal requirements for data protection as well as this data protection policy.
When you use this website, various personal data are collected. Personal data are data which could be used to personally identify you. This data protection policy explains which data we collect and what we use it for. It also explains how and for what purpose this is done.
Please note that data transmission over the Internet (e.g. when communicating by e-mail) may be exposed to security vulnerabilities. It is not possible to completely protect data from being accessed by third parties.
2.1 Information on the data controller
The controller for this website (in the sense of Art. 24 of the GDPR) is:
Tel.: +49 (0)89-98 1830
Fax: +49 (0)89-98 29 0126
The controller is the natural or legal person who, either alone or together with others, decides on the purposes and means of processing personal data (e.g. names, e-mail addresses etc.).
2.2. Revoking your consent to data processing
Many data processing activities are only possible with your explicit consent. You may revoke at any time consent which you have previously given. To do so, it is sufficient to send us a formless message by e-mail. The lawfulness of any data processing performed prior to receiving this revocation is not affected by it.
2.3 Right to file complaints with regulatory authorities
If there has been a breach of data protection legislation, the person affected may file a complaint with the competent regulatory authorities. The competent regulatory authority for matters related to data protection legislation is the data protection officer of the German state in which our company is headquartered. A list of data protection officers and their contact details can be found at the following link:
The State Commissioner for Data Protection and for the Right to Access Files Bayer:
Prof. Dr. Thomas Petri
P.O. Box 22 12 19
You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another person responsible, this will only be done if it is technically feasible.
2.4 Right to data portability
You have the right to receive data which we automatically process with your consent or in fulfilment of a contract in a commonly used and machine-readable format. If you request us to directly send the data to another data controller, this will be done only if and to the extent that this is technically feasible.
2.5 SSL or TLS encryption
For security reasons and to safeguard transmissions of confidential content, such as orders or requests which you submit to us as the website operator, we make use of SSL or TLS encryption. You can tell when a connection is encrypted because the address line of your browser then begins with ‘https://’ instead of ‘http://’ and a padlock symbol appears on the left in the browser command line.
If SSL or TLS encryption is enabled, data which you send to us cannot be read by third parties.
2.6 Information, blocks, erasure
Within the scope of the applicable legal provisions, you have the right to obtain information free of charge on your stored personal data, their source and recipients and the purpose of data processing, as well as a right to the rectification, blocking or erasure of these data if relevant. You may contact us at the address listed in the legal notice at any time about these things or if you have any other questions related to your personal data.
2.7 Objection to advertising e-mails
The use of contact data published in compliance with the requirement to provide such information on our website for sending advertising or informational materials which have not been explicitly requested. The operators of this website expressly reserve the right to take legal action in the event that unrequested advertising is received, e.g. in the form of spam.
3. Data collection on our website
Some of the pages of this website use so-called cookies. Cookies do not cause any harm to your computer and do not contain any viruses. Cookies are used to make our offering user-friendlier, more effective and more secure. Cookies consist of small text files which are stored on your computer and stored by your browser. Most of the cookies we use are ‘session cookies’ which are automatically deleted at the end of your visit. Other cookies remain stored on your device until you actively delete them. These cookies enable us to recognise your browser the next time you visit our website.
You can use your browser settings in order to be informed whenever cookies are set and only allow this to be done in individual cases, exclude the setting of cookies for certain cases or generally prevent it, or enable automatic erasure of cookies when the browser is closed. However, if you disable cookies the functionality of this website may be reduced.
Cookies required for electronic communications or to provide certain functions wished by you are stored on the basis of Art. 6, Para. 1 (f) of the GDPR. The website operator has a legitimate interest in storing cookies in order to optimally provide error-free services. To the extent that other cookies are stored (e.g. cookies for analysing your surfing activity), they are separately treated in this data protection policy.
3.2 Server log files
We automatically capture and store information in so-called server log files which your browser automatically sends to us. They are:
- Browser type and version
- The operating system used
- The referring URL
- Hostname of accessing computer
- Time of server request
- IP address
These data are not mingled with other data sources, and we are therefore unable to use this information to identify you without also making use of third-party information (e.g. of your internet provider). Such a mingling of data may only be performed in exceptional cases in which a criminal attack on our webserver is launched from your IP address.
The basis for data processing is Art. 6, Para. 1 (f) of the GDPR, which allows the processing of data for our legitimate interests (especially for protecting against hacking, spamming, denial-of-service attacks etc.).
As a rule, server log files are stored for 14 days and then automatically overwritten. Longer storage may be justified in exceptional cases by certain IT security issues in connection with our web server.
4. Analysis tools and advertising
4.1 Google Analytics
This website uses functions of Google Analytics, a web analysis service provided by Google Inc. at 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Google Analytics uses so-called ‘cookies’. These are text files which are stored on your computer and permit analysis of how you use our website. The information generated by the cookie on your use of these website is typically sent to a Google server in the USA and stored there.
Google Analytics cookies are stored in accordance with Art. 6, Para. 1 (f) of the GDPR. The website operator has a legitimate interest in analysing user behaviour in order to optimise its Web offering and advertising.
We have enabled the IP anonymisation function on this website. This results in your IP address being cropped by Google in member states of the European Union and the signatory states of the Agreement on the European Economic Area before it is conveyed to the USA. Only in exceptional cases is the full IP address first transmitted to a Google server in the USA and then cropped there. On behalf of this website’s operator, Google uses this information to evaluate your use of the website, compile reports on website activities and provide services to the website operator in connection with internet use. The IP address transmitted by your browser within the scope of Google Analytics is not mingled with any other data of Google.
You can prevent cookies from being placed by appropriately setting your browser; however, we call your attention to the fact that in this case you may not be able to fully utilise all functions of this website. In addition, you can prevent the capture of data generated by the cookie on your use of the website (including your IP address) and its transmission to and processing by Google by downloading and installing the browser plugin available at the following link:
Opt-out from data capture
You can prevent Google Analytics from capturing your data by clicking on the following link: Disable Google Analytics. An opt-out cookie is then set which prevents your data from being captured during subsequent visits to this website.
We have concluded an agreement with Google on the processing of order data and fully comply with the rigorous requirements of the German data protection authorities in connection with our use of Google.
Demographics in Google Analytics
This website uses the ‘Demographics’ functionality of Google Analytics. This makes it possible to compile reports, including a breakdown of website visitors by age, gender and interests. These data are obtained from interest-specific advertising of Google and visitor data of other providers. It is not possible to correlate these data with particular individuals. You can disable this function at any time by changing the advertising settings of your Google account or generally prevent Google Analytics from capturing any data on you as described in the ‘opt out from data capture’ section above.
5. Plugins and tools
5.1 Google Web Fonts
In order to consistently display fonts, this website uses so-called Web Fonts provided by Google. When calling a page, your browser loads the required Web Fonts into your browser cache to ensure correct depiction of text and fonts.
For this purpose, the browser you use must connect to Google’s servers. When this is done, Google learns that our website has been called via your IP address. Google Web Fonts are used for the sake of achieving consistent and attractive presentation of our online offering. This constitutes a legitimate interest in the sense of Art. 6, Para. 1 (f) of the GDPR.
If your browser does not support Web Fonts, a standard font available on your computer is used instead.
5.1 Google Maps
This website uses the Google Maps map service via an API. Google Maps is a service of Google Ireland Limited (‘Google’), Gordon House, Barrow Street, Dublin 4, Ireland.
In order to use the functions of Google Maps, it is necessary for your IP address to be stored. As a rule, this information is sent to a server of Google in the USA and stored there. The provider of this website has no influence on this transmission of data.
Google Maps is used in the interests of ensuring attractive presentation of our online offering and making it easy for users to find the places indicated on our website. This constitutes a legitimate interest in the sense of Art. 6, Para. 1 (f) of the GDPR.
6. Sharing content via social media
The content of our website may be shared via social media such as Facebook or Twitter. The website does not actively integrate share buttons of their providers. Direct contact between these media and you as a user does not take place unless and until you actively click on one of these buttons as a user.
Consequently, no user data is automatically sent to the operators of these platforms. If the user is a member of one of the social media, during use of the website the buttons of Facebook, Twitter etc. appear in an information window in which the user can check and confirm a text before sending it.
Our users can share content of this website in social media while complying with data protection laws and preventing social media providers from creating profiles of their surfing behaviour.
You can change your data privacy settings of your Twitter account by going to http://twitter.com/account/settings.
Plugins of the Facebook social networking service provided by Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA are integrated in our website. You can tell the Facebook plugs by the Facebook logo or ‘like’ button. An overview of Facebook plugins is available here: https://developers.face-book.com/docs/plugins/
When you visit our website, a direct link is created between your browser and the Facebook server. As a result, Facebook learns that you have visited our website with your IP address. If you click on a Facebook ‘like’ button while you are logged in to your Facebook account, you can link content of our website to your Facebook profile. This enables Facebook to assign your visit to our website to your user account.
If you do not want Facebook to be able to assign your visit to our website to your Facebook account, please log out of your Facebook user account first.
Our website uses functions of the reddit network operated by reddit inc., 520 Third Street, Suite 305, San Francisco, CA 94107, USA.
The plugins of this Web service can be accessed via the ‘Share’ option in the navigation bar at the top. The reddit button can be identified by a transparent reddit icon in a black square. If you click on it while you are logged in to your reddit account, you can link the content of this website to your reddit profile. This enabled reddit to assign your visit to our website to your user account. We call your attention to the fact that we, as the website’s provider, do not receive any information on the content of the transferred data or their use by reddit.
Our website uses functions of the Digg network operated by Digg, Mississippi St. 135, 3rd floor San Francisco, CA94107, USA.