Privacy Statement

for

AWR Inhalation GmbH

 

 

In the following paragraphs, we would like to inform you about the processing of personal data while using our web pages, the functions provided therein as well as external online services (such as presences on social media).

 

1. Responsibility

 

Responsible for this internet presence:

AWR Inhalation GmbH

Am Stadtweg 48 B

15834 Rangsdorf.
You will find further information on the company as well as the authorized representatives in our Website Notice which you can find here: https://shop.awr-inhalation.de/content/11-impressum

 

2. Which data are processed?

 

2.1 Legal Basis for Data Processing

 

In order to be able to offer you our web page as well as the associated services, we process personal data as per the following legal requirements:

- Consent (section 6, subsection 1a and section 7, DSGVO)

- for the Performance of Contracts (section 6, subsection 1b, DSGVO)

- for the Compliance with Legal Obligations (section 6, subsection 1c, DSGVO)

- on the basis of a Balance of Interests (section 6, subsection 1f, DSGVO)

When explaining the different data processing acts, we will refer to the corresponding terms throughout. This will enable you to always categorize on which legal basis we process personal data.

If your personal data are processed on the basis of a Consent given by you, you have the right to revoke this Consent to us at any time with future effect.

If we process data on the basis of a Balance of Interests, you, as the party concerned, have the right to object to the processing of personal data with respect to the provisions as per section 21, DSGVO.

 


2.2 Access Data

 

During your visit on our web pages, personal data are being processed to enable your terminal device to display the contents of the web page.

For the website pages to be rendered in your browser, the IP-address of your terminal device has to be processed alongside further information on the browser of your terminal device.

Data protection legislation obligates us to also guarantee the confidentiality and integrity of the personal data processed by our IT systems.

To this end and due to this concern, the following data are being logged on the basis of a Balance of Interests:

- the IP address of the computer calling up (for a maximum of 7 days)

- the operating system of the computer calling up

- the type as well as version of the browser running on the computer calling up

- the name of the requested target address (URL) and target file

- the date and time of the request

- the transferred data volume

- the referring URL (referrer)

The IP address is deleted from all systems used in connection with running these web pages no later than 7 days after the page visit. We won’t be able to identify any persons from the remaining data.

Furthermore, the data will also be used to be able to find and fix bugs on the web pages. If need be, other information comparable with the abovementioned data will also be logged for this purpose to protect from attacks on our IT systems in the course of guarding our rightful interests.

 

2.3 Contact Form

 

We are offering a contact form on our web page which enables you to request information on our products or services or to contact us in general. Furthermore, you can contact us via e-mail. The necessary information you need to provide for us to be able to reply to a request is:

- Subject line

- Your e-mail address

- Your message

Entering details into other data fields is voluntary.

We require this information to be able to process your request, address you correctly and reply to you. Data processing takes place in case of specific inquiries to perform or initiate a sales contract. In the case of general requests, data processing will take place on the basis of a Balance of Interests.

Inquiries that reach us via the contact form of our web page or via e-mail are processed by us electronically to reply to you. In this context, other persons, departments or possibly third parties might become aware of the information you have transmitted by entering it into the contact form.

The online transmission of the contact form data is performed via encrypted connections.


 

2.4 Online Shop

 

For the operation of your online shop and orders of goods and / or services, personal data are processed as well. This generally takes place to enable the functionalities of the shop as well as initiating or performing contracts for sales and procurement of our goods and services.

 

2.5 Cookies

 

We use cookies on our web pages. Cookies are small sets of text information saved on your terminal device via your browser. Cookies are necessary to enable certain functions on our web pages.

These files can’t be used to run programs or viruses on your computer and only require minimal disk space. Usually, cookies have a unique string of characters, the so-called “cookie ID”. This string allows the web page or server to identify your web browser specifically and distinguish it from any other computer.

We are using session cookies which are automatically deleted by your browser immediately after the end of your visit on our web pages. However, we are also using so-called persistent cookies for web analysis which are not automatically deleted after the end of your visit on our web pages.

You have the option to prevent placement of cookies by specific settings in your web browser. Please refer to the user manual or help feature of your web browser for this purpose. However, we have to inform you that in such cases, using our web pages might only be possible in a reduced fashion.

Our use of cookies is based on a Balance of Interests. Our interest is a user-friendly visit on our web pages.

 

3. Notes on the Incorporation of Third-Party Sources

 

We are using contents from so-called third-party sources for our web services. This means we incorporate contents or services provided by third parties in our service to be able to offer further functionalities or to optimize graphic representations.

When incorporating external services and sources, it is a prerequisite for a successful connection process that the IP address of the user is transmitted to the third party whilst connecting. In the following sections, we will discuss further measures and processes these service providers might apply. It might be the case that these third parties take steps in terms of user tracking and marketing analysis with cookies or invisible image files. In general, we try to only incorporate service providers who respect the privacy of our page visitors and only use your IP address to provide their part of the service.

The data processing in this case is based on a Balance of Interests, whereby our interest lies in an appealing design and display of our internet offers, an effective and cost-efficient operation of our web pages as well as their further optimization and improvement.

 


3.1 Google Web Fonts

 

On our web pages, we are using so-called Google Web Fonts. This service loads fonts from Google servers to provide a better design of the web page. The data processing in this instance is based on a Balance of Interests, whereby our interest lies in an appealing design of the web page.

The fonts in question are downloaded from Google servers which are usually located in the US. Google guarantees an appropriate level of data protection as per the “Privacy Shield”: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI

The service provider in this case is: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. You can read the privacy policy of the service provider Google LLC here:

https://www.google.com/policies/privacy/ An opt-out option is available here:

https://adssettings.google.com/authenticated

 

3.2 Adobe Typekit Fonts

 

On our web pages, we are also using so-called Typekit fonts by Adobe Systems Software Ireland Ltd. The data processing in this instance is based on a Balance of Interests, whereby our interest lies in an appealing design of our internet offer as well as its optimization and improvement.

The fonts in question are downloaded from Adobe servers which are usually located in the US. Adobe Systems guarantees an appropriate level of data protection as per the “Privacy Shield”:

https://www.privacyshield.gov/participant?id=a2zt0000000TNo9AAG&contact=true

The service provider in this case is: Adobe Systems Software Ireland Ltd., 6 Riverwalk, Naas Road 24, Dublin, Ireland
You can read the privacy policy of the service provider Adobe Systems here:

https://www.adobe.com/de/privacy/policy.html

Further information on Typekit in particular can be found here:

https://www.adobe.com/de/privacy/policies/typekit.html

 


3.3 YouTube

 

Furthermore, we incorporate videos into our web page using the platform “YouTube”, owned by Google.
In this instance as well, processing of data is based on a Balance of Interests, whereby our interest lies in an appealing and functional visualization of our web page and the display of corresponding videos on our internet offer.

The video material in question is downloaded from Google servers which are usually located in the US. During this process, it is possible that Google logs IP addresses. If possible, we are using the option “extended data protection mode” provided by Google when incorporating the videos in question. In this mode, Google does not set cookies.

Google guarantees an appropriate level of data protection as per the “Privacy Shield”:

https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI

The service provider in this case is:

Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
You can read the privacy policy of the service provider Google LLC here:

https://www.google.com/policies/privacy/

An opt-out option for data processing for marketing purposes is available here:

https://adssettings.google.com/

 

3.4 Online Profiles on Platforms and in Social Media

 

We maintain profiles or informational offers on various platforms and on social media. Through this, we inform users who are active there about our services and are also using this option to communicate with the users of the specific service.

The use of the specific platforms and services is subject to the data protection policies and terms of use set by the specific operator. If users contact us via these platforms, we will process the messages and any transferred data according to the aforementioned data protection policies.

 

4. Purposes of the Processing of Personal Data

 

We are processing the aforementioned data for the purpose of operating our web page, for fulfillment of contractual obligations to our customers and for preservation of our rightful interests.

In case of inquiries beyond an active customer relation, we will process data for distribution and advertising purposes. You can object to the use of your personal data for advertising purposes at any time.

 

5. Voluntary Information

 

If you voluntarily provide information to us, for instance in contact forms, and this information is not necessary for us to fulfill contractual obligations, we will process this data under the reasonable assumption that processing and using this information is in your interest.

 

6. Recipients / Dissemination of Data

 

As a general rule, we do not pass on any data you provide us with. In particular, your data will not be passed on to third parties for their advertising purposes.

However, we might rely on service providers to operate our web pages or to provide further products or services. In this case, it can occur that a service provider is provided with personal data. We choose our service providers carefully, especially with regards to data protection and data security and we take all measures required by data protection legislation to ensure reliable data processing.

 

7. Safety Measures

 

As per section 32 of the DSGVO, we have implemented the appropriate technical and organizational measures to ensure the safety of the personal data processed by us.

In order to guarantee the safety of your data during data transfer whilst visiting our web page, we are also using state of the art SSL and TLS encryption.

However, it is impossible to fully discount vulnerabilities in data transfer via the internet. For this reason, we would like to point out the option to transfer personal data to us in alternative ways, such as per telephone or mail.

 

8. Data Processing Outside the European Union

 

In the case that personal data are being processed outside of the European Union or the European Economic Area (EEA), the terms found in the previous sections apply.

The processing of data in such cases is subject to the specific terms of section 44 et seq. of the DSGVO. It’s also ensured through special guarantees that data processing outside of the European Union or the European Economic Area is subject to a protection level equal to the EU regulations.

If data are being processed within the US, this frequently is subject to the recognized “Privacy Shield” regulation. The other cases are mostly subject to recognized contractual obligations, the so-called standard contractual clauses.

 


9. Your Rights as a Party Concerned

 

As per section 15 of the DSGVO, you have the Right to Information on personal data concerning you. You can contact us at any time for further information and to obtain a copy of the data.

In case of an inquiry for information that does not take place in written form, we ask for your understanding that we might ask you for proof that you’re the person inquiring.

Furthermore, as per section 16 of the DSGVO, you have the right to rectify or, as per section 17 of the DSGVO, to have your data deleted or to restrict the processing of your data as per section 18 of the DSGVO – insofar as you’re legally entitled to.

As per section 20 of the DSGVO, you also have the right to Data Portability which means you can obtain the data provided to us and request transfer of this data to another responsible person.

Finally, you also have the Right of Objection to data processing as per the legal requirements, especially as per the stipulations under section 21 of the DSGVO.

 

10. Data Erasure

 

As a general rule, we always delete personal data if no further storage is required. Data storage might especially be necessary, if data are still needed to meet contractual obligations, to verify, meet or deny warranty and if needed, guarantee claims. In the case of legal retention periods, erasure of data will only be considered after expiry of the legal obligation to retain it.

The necessity of data erasure is being regularly reviewed and executed by us through an appropriate process.

 

11. Right of Appeal to a Regulatory Authority

 

You have the right to appeal to a regulatory authority concerned with data protection to complain about the processing of personal data by us.

 

12. Modification of Privacy Statement

 

We will revise this privacy statement in case of changes to this web page or other events that make this necessary. You will always find the most current version on this web page.

 

 

[Version of September 10th, 2018]