Thank you for your interest in the CEVEC website under www.cevec.com (hereinafter “Website”). We respect your privacy and will collect and process your personal data in compliance with the applicable legal requirements at all times.
1. DATA CONTROLLER
Data controller within the meaning of the European General Data Protection Regulation (GDPR) is CEVEC Pharmaceuticals GmbH, Gottfried-Hagen-Str. 60-62, 51105 Cologne, Germany, phone +49.221.46020-800, fax +49.221.46020-801, e-mail firstname.lastname@example.org (hereinafter “CEVEC”, “we”, “our”, “us” etc.).
2. WHAT IS PERSONAL DATA
Personal data means any information relating to you, provided that you can be identified or are identifiable (directly or indirectly) with such information. For example, personal data includes your name, address, phone, fax or mobile phone number as well as your e-mail address. Personal data does not include information of a general nature that does not identify you; for example, the number of users of the Website.
3. WHAT TYPES OF PERSONAL DATA WE COLLECT AND PROCESS
The Website gathers personal data in two ways: (a) Passively (for example, through our Website’s technology); and (b) directly (for example, when you voluntarily provide personal data to us for certain services).
3.1 WEB SERVER PROTOCOLS (INCLUDING IP ADDRESS)
Each time you visit and use the Website our web server, due to technical reasons, automatically collects your IP address, the date and time of your visit of the Website, the sites visited on the Website, the referrer site, your browser type (e.g. Microsoft Explorer or Mozilla Firefox), your operating system (e.g. Microsoft Windows 10), the domain name and the address of your internet access provider.
We process this information for our endeavors (a) to provide you with a proper and meaningful user experience on the Website and within our services; and (b) to improve and optimize the Website and our services, the layout and content of the Website. The legal basis for such processing are our legitimate interests (Art. 6 para. 1 lit. f GDPR). In particular, to ensure the proper functioning of the Website and to improve the Website, its layout and content as well as our services.
Further, we may process such information in cooperation with your internet access provider and/or local authorities in cases of a system misuse in order to investigate and identify the originator of such system misuse. The legal basis for such processing are our legitimate interests (Art. 6 para. 1 lit. f GDPR). In particular, the protection of the integrity of the Website, our system as well as our users.
3.2 PERSONAL DATA SUBMITTED BY YOU IN THE FRAMEWORK OF OUR SERVICES
Further, we collect your personal data that you have provided to us on a voluntary basis; for example, when you use the contact form provided on the Website. We process such personal data for the purposes laid out below. Please note that you can generally use the Website without providing personal data to us that directly identifies you. However, please be aware that in this case you may not be able to use all of our services offered.
a. CONTACT FORM
In order to send us inquiries via our contact form https://cevec.com/contact-us it is necessary to provide your name, e-mail address and your inquiry in form of a text message. You may optionally also provide to us your phone number. We process such personal data in order to process and respond to your inquiry. The legal basis for this is taking steps at your request prior to entering into a contract (Art. 6 para. 1 lit. b GDPR).
By submitting the contact form on our website, your personal data such as your IP address, your e-mail and text message will be processed. Also, for security reasons and to protect this website from spam, your data will be processed in the CleanTalk Cloud Service and they will be stored in log files for 7 days. On the expiry of the mentioned period, they will be deleted completely. CleanTalk may use information of spam activity of IP/email addresses to offer proper anti-spam protection to all websites connected to its service. It concerns exclusively those IP/email addresses that are being used for spam mailing. More Information about CleanTalk Anti-Spam & Security you can get here: https://blog.cleantalk.org/cleantalk-gdpr-compliance/
Provided that you have given us your consent, we will collect your e-mail address and name when you register for our newsletter. We process such personal data in order to provide you with our newsletter.
For the online newsletter form we use a so-called double opt-in in order to obtain your consent. In particular, you will receive an e-mail from us after you have registered for our newsletter which contains the request to click the included confirmation link. Only upon receipt of such confirmation you will be approved to receive our newsletter.
For the administration and analysis of our newsletter we use MailChimp, whereas the delivery is carried out by MC Services. Further information on this can be found unter item 4 and 6.3.
You may, at any time, opt out from receiving our newsletter by clicking the unsubscribe button included in each newsletter provided by us.
The legal basis for this is the consent provided by you (Art. 6 para. 1 lit. a GDPR).
4. TRANSFER OF PERSONAL DATA
We do not share personal data with any third party, unless (a) this is necessary to fulfil our services and/or the provision of the Website; (b) is permitted by applicable law; or (c) has been agreed by you.
Further, we are entitled to outsource the processing of personal data (completely or partially) to external service providers which are acting on our behalf as data processors in the meaning of Art. 4 no. 8 GDPR. When such third-party service providers are located outside of the European Union (EU) or the European Economic Area (EEA), we will put in place appropriate safeguards in accordance with the requirements set by law and data protection authorities to ensure that your personal data is duly protected.
A list of our external service providers, including a description of their services and the existence of appropriate safeguards in case the service provider is located outside of the EU/EEA can be found in the following overview: