Data Privacy Statement

General

The provider (in the following also referred to as “we”) collects, uses and stores your personal data in accordance with the EU General Data Protection Regulation (GDPR), the German Data Protection Act (“Bundesdatenschutzgesetz”) and the German Telemedia Act (“Telemediengesetz”). Personal data means any information relating to an identified or identifiable natural person. Below we inform you about the type, extent and purpose of the collection and use of personal data.

  1. Who is responsible for data processing and who can you contact?

The party responsible for data processing is:
3B Pharmaceuticals GmbH, Magnusstraße 11, 12489 Berlin, Germany, Telephone: +49(0)30 63 92 43 17; Telefax: +49(0)30 63 92 43 16; info@3b-pharma.com

  1. Which data are being processed and what are the sources of these data?

We process personal data (Art. 4 No 1 GDPR) which we receive in the course of conducting our business as a biotech company, for example in connection with requests regarding information on our products and services. Personal data which we process include personal information such as name, address, email-addresses, IP-address and, in some instances, further data, for example regarding interest areas of the requesting person.

  1. For what purpose and on what legal basis are the data processed?

We process personal data in order to be able to conduct our activities and provide our services as a biotech company and in order to receive and reply to your requests. We process personal data in accordance with the following data protection-related provisions: We process personal data pursuant to Art. 6 para. 1 lit. a GDPR upon your consent, for example in order to inform you about our services. In the event that our company enters into a contractual relationship, including the initiation of a contractual relation, the processing of personal data takes place in order to fulfil contractual obligations in accordance with Art. 6 para. 1 lit. b GDPR. In the event that our company is subject to a legal obligation which requires the processing of personal data, such as for example the fulfilment of tax obligations, or for being able to demonstrate that your consent has been given, the processing of personal data is made pursuant to Art. 6 para. 1 lit. c GDPR. In exceptional cases the processing of personal data may be required in order to protect the vital interests of the data subject or another natural person. This could for example be the case were a visitor will be injured in our premises and in consequence his name, age, health insurance data or other vital information need to be transmitted to a doctor, hospital or other third party. In that event the processing will be made pursuant to Art. 6 para. 1 lit. d GDPR. Finally, data processing activities can be conducted on the basis of Art. 6 para. 1 lit. f GDPR which covers data processing activities which do not fall under any of the afore mentioned legal provisions and which covers data processing which is necessary for the purposes of the legitimate interests pursued by us or a third party and provided that such interests are not overridden by the interests or fundamental rights and freedoms of the data subject. The European legislator has explicitly mentioned that such legitimate interests could exist for example where the data subject is a client of the party responsible (recital 47 sentence 2 GDPR). As another example the legislator mentioned that the processing of personal data for direct marketing purposes may be regarded as carried out for a legitimate interest (recital 47 sentence 7 GDPR).

  1. Legitimate interests of the controller that are being pursued by the controller or a third party

If the processing of personal data is based on Article 6 para. 1 lit. f GDPR our legitimate interest is the conduct of our business and the related communication with you (recital 47 GDPR).

  1. Data protection in the context of job applications and job application procedures

We collect and process personal data of job applicants for the purpose of conducting and processing the job application procedure on the basis of Art. 6 para. 1 lit. b GDPR. The processing may be made electronically which will in particular be the case where job applicants transmit respective application documents to us electronically, such as by e-mail or via the web form on our website. If we conclude an employment contract with the applicant, the transmitted data will be stored for the purposes of execution of the engagement relationship in compliance with the legal provisions. If we do not conclude an employment contract with the applicant the application documents will be erased six months after filling the respective position, provided there are no conflicting legitimate interests of us for further data processing. Those legitimate interests within the afore meaning include, but are not limited to, obligations of providing evidence in proceedings pursuant to the German General Act on Equal Treatment (AGG).

  1. SSL-Encryption

For security reasons and in order to protect confidential information, such as requests submitted via our contact form, we use SSL-encryption. If an encrypted connection has been effected the address-line of your browser will show “https://” instead of “http://” and you might notice a locker symbol in your browser. If SSL is activated third parties cannot read data that you send to us.

  1. Server Logfiles

We collect and store information on the basis of Art. 6 para 1 lit. f GDPR about your visits of our website in so called log-files on our server. The log-files contain data that your browser is automatically sending to us, such as:

  • shortended IP-address
  • browser type/ browser version
  • your operating system
  • referrer URL (or the website visited previously)
  • date and time of the server request
  • amount of transmitted data
  • your internet service provider

These data will be collected and processed only for the purpose of measuring the statistics of our website performance. These data will not be connected with data from other data sources.

  1. Use of Cookies

Our Website uses cookies on the basis of Art. 6 para 1 lit. f GDPR. A cookie is a text file that is placed on the device of the user (PC, tablet, smartphone etc.) and stores certain information referring to the device. If you visit our website from the respective device our server receives information from a cookie. Our server can use this information for different purposes. For example can cookies be used for tailoring advertising to the user or in order to provide statistics for the use of the website. In your browser settings you can allow or deactivate cookies. In the case of deactivating cookies, however, some functionality of our website might not work.

  1. Period of Data Storage and Routinely Data Erase

We process and store personal data only for the period, which is required to meet the purpose of processing, or as long and to the extent as statutory laws require us to process and/or store such data. If the purpose of processing does not apply anymore and the applicable statutory retention requirement expires, we will as a matter of routine erase data or restrict the processing of data in accordance with the applicable statutory laws.

  1. Google Fonts

Our website uses Google Fonts to display external fonts. This is a service provided by Google Inc., Gordon House, Barrow Street, Dublin 4, Irland (hereinafter: Google). Through certification according to the EU-US Privacy Shield https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active Google guarantees that it will follow the EU’s data protection regulations when processing data in the United States. To enable the display of certain fonts on our website, a connection to the Google server in the USA is established whenever our website is accessed. The legal basis is Art. 6 Para. 1 lit. f) GDPR. Our legitimate interest lies in the optimization and economic operation of our site. When you access our site, a connection to Google is established from which Google can identify the site from which your request has been sent and to which IP address the fonts are being transmitted for display.

Google offers detailed information at https://adssettings.google.com/authenticated & https://policies.google.com/privacy in particular on options for preventing the use of data.

  1.  Google reCAPTCHA

Our website uses Google reCAPTCHA to check and prevent automated servers (“bots”) from accessing and interacting with our website. This is a service provided by Google Inc., Gordon House, Barrow Street, Dublin 4, Irland (hereinafter: Google). Through certification according to the EU-US Privacy Shield https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active. Google guarantees that it will follow the EU’s data protection regulations when processing data in the United States.This service allows Google to determine from which website your request has been sent and from which IP address the reCAPTCHA input box has been used. In addition to your IP address, Google may collect other information necessary to provide and guarantee this service.The legal basis is Art. 6 Para. 1 lit. f) GDPR. Our legitimate interest lies in the security of our website and in the prevention of unwanted, automated access in the form of spam or similar.Google offers detailed information at https://policies.google.com/privacy concerning the general handling of your user data.

  1.  Google Ads Conversion Tracking

This website uses “Google Ads Conversion Tracking” feature of Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, United States (“Google”), pursuant to Art. 6 para. 1 lit. f GDPR. Google Ads Conversion Tracking uses so-called “cookies”, text files that are stored on your computer and that allow you to analyze the use of the website by you if you have clicked on a Google ad. The cookies are valid for a maximum of 90 days. Personal data is not stored. As long as the cookie is valid, Google and we as the website owner can see that you’ve clicked an ad and reached a specific landing page (e.g., EScalate assay information, information request). These cookies cannot be tracked across multiple websites by different Google Ads participants. The cookie generates conversion statistics in Google Ads. These statistics include the number of users who have clicked on one of our ads. In addition, it counts how many users have come to a landing page that has been tagged with a “conversion tag”. However, the statistics do not contain any data that identifies you.

You can prevent the storage of cookies on your hard disk by selecting “Do not accept cookies” in your browser settings (in MS Internet Explorer under “Tools> Internet Options> Privacy> Settings” in Firefox under “Tools> Settings> Privacy” > Cookies “); however, please note that in this case you may not be able to use all features of this website to the fullest extent. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above. For more information about how Google uses conversion data and the privacy policy of Google, visit: https://support.google.com/google-ads/answer/93148?ctx=tltp&hl=en, https://policies.google.com/privacy?gl=de&hl=en.

  1. Google Analytics

We use Google Analytics on our website. This is a web analytics service provided by Google Inc., Gordon House, Barrow Street, Dublin 4, Irland (hereinafter: Google).

Through certification according to the EU-US Privacy Shield https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active Google guarantees that it will follow the EU’s data protection regulations when processing data in the United States.

The Google Analytics service is used to analyze how our website is used. The legal basis is Art. 6 Para. 1 lit. f) GDPR. Our legitimate interest lies in the analysis, optimization, and economic operation of our site.

Usage and user-related information, such as IP address, place, time, or frequency of your visits to our website will be transmitted to a Google server in the United States and stored there. However, we use Google Analytics with the so-called anonymization function, whereby Google truncates the IP address within the EU or the EEA before it is transmitted to the US.

The data collected in this way is in turn used by Google to provide us with an evaluation of visits to our website and what visitors do once there. This data can also be used to provide other services related to the use of our website and of the internet in general.

Google states that it will not connect your IP address to other data. In addition, Google provides further information with regard to its data protection practices at https://www.google.com/intl/de/policies/privacy/partners, including options you can exercise to prevent such use of your data.

In addition, Google offers an opt-out add-on at https://tools.google.com/dlpage/gaoptout?hl=en in addition with further information. This add-on can be installed on the most popular browsers and offers you further control over the data that Google collects when you visit our website. The add-on informs Google Analytics’ JavaScript (ga.js) that no information about the website visit should be transmitted to Google Analytics. However, this does not prevent information from being transmitted to us or to other web analytics services we may use as detailed herein.

  1. Google Maps

Our website uses Google Maps to display our location and to provide directions. This is a service provided by Google Inc., Gordon House, Barrow Street, Dublin 4, Irland (hereinafter: Google).

Through certification according to the EU-US Privacy Shield https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active Google guarantees that it will follow the EU’s data protection regulations when processing data in the United States.

To enable the display of certain fonts on our website, a connection to the Google server in the USA is established whenever our website is accessed.

If you access the Google Maps components integrated into our website, Google will store a cookie on your device via your browser. Your user settings and data are processed to display our location and create a route description. We cannot prevent Google from using servers in the USA. The legal basis is Art. 6 Para. 1 lit. f) GDPR. Our legitimate interest lies in optimizing the functionality of our website. By connecting to Google in this way, Google can determine from which website your request has been sent and to which IP address the directions are transmitted.

If you do not agree to this processing, you have the option of preventing the installation of cookies by making the appropriate settings in your browser. Further details can be found in the section about cookies above.

In addition, the use of Google Maps and the information obtained via Google Maps is governed by the Google Terms of Use https://policies.google.com/terms?gl=DE&hl=en and the Terms and Conditions for Google Maps https://www.google.com/intl/de_de/help/terms_maps.html.

Google also offers further information at https://adssettings.google.com/authenticated & https://policies.google.com/privacy

  1. Is there an automated decision-making process?

We do not use automated decision-making processes under Art. 22 GDPR for initiating decisions on the establishment or carrying out of the business relationship, which would have legal consequences for the data subject or would have a similar significant negative impact on this person.

  1. Documentation of declared consent

If you have given us your consent under Art. 7 DSGVO, § 7 UWG to contact you via email, then your consent is as follows:

You can withdraw a given consent at any time free of charge. A withdrawal can e.g. done by email or by post or by using the unsubscribe function in the respective email.

  1. Rights of Data Subject

According to Art. 15 GDPR the data subject has the right to obtain, upon request, free of costs, information about his or her personal data stored as well as the purpose of the data processing. According to Art. 16, 17 and 18 GDPR the data subject has also the right to correct incorrect data and block and delete his or her personal data. Moreover the data subject has, subject to Art. 20 GDPR, the right to receive his or her personal data, which he or she has provided to us, in a structured, commonly used and machine-readable format, and the right to transmit those data to another controller without hindrance from our part. According to Art. 21 para. 1 GDPR, the data subject has also the right to object, on grounds relating to his or her particular situation, at any time to the processing of personal data concerning him or her which is based on Art. 6 para. 1 lit. e or f GDPR. We will comply with the aforementioned requests if and to the extent such compliance is required by the applicable statutory laws.

Any requests regarding your personal data, including rectification, erasure or restriction of processing, may be directed to the email address datasecurity@3b-pharma.com or to the following postal address:

3B Pharmaceuticals GmbH
Attn. Data Security
Magnusstrasse 11
12489 Berlin, Germany

Each data subject has the right to lodge a complaint with a supervisory authority if the data subject considers that the processing of personal data relating to him or her infringes the GDPR.

Paragraphs outlining the use of certain Google functions on our website were derived from the Model Data Protection Statement of Anwaltskanzlei Weiß & Partner.