It is important to us to protect your personal data. For this reason we wish to inform you of how we implement the data protection regulations on our website. At the same time, however, we wish to point out that there may be security loopholes associated with data transmission via the internet.
With current technology it is not possible to protect the data completely from (unauthorised) access by third parties.
1. Name and contact data of the controller
This data privacy information applies to the processing of data by the following controller:
Pharmorgana GmbH An der Guldenmuehle 7 65817 Eppstein Germany
Telephone: Fax: Email:
+49 6198 587770
+49 6198 587780 firstname.lastname@example.org
Managing Director with power of representation: Thomas Ungerbiller
Registration court: Local Court [Amtsgericht], Königstein Registration number: HRB 5823
Contact details of our company data protection officer:
Pharmorgana GmbH Ms Andrea A. Hahn
An der Guldenmuehle 7 65817 Eppstein Germany
Telephone: +49 6198 587770 Email: email@example.com
2. Recording of general information when you visit our website
When you access our website, a cookie automatically records data of a general nature. This information (server log files) refers to items such as the type of web browser, the operating system being used, domain name of your internet service provider, the client‘s IP address, the date and time of the request, the pages requested, the HTTP code, the volume of data requested, the referrer, and other similar items. None of this information can be used to identify you. It is not combined with data from other sources. However, we reserve the right to check this information subsequently if we become aware of specific indications of any illegal use (e.g. cyber attacks).
The types of data set out above are technically necessary to correctly supply the contents of web pages requested by you, and are necessarily generated during use of the internet. They are used in particular for the following purposes:
to ensure the smooth establishment of the connection to the website,
to ensure the most convenient use of our website,
to evaluate system security and stability,
for other administrative purposes.
We may subject anonymous information of this type to a statistical evaluation to enable us to optimise our internet presence and the technology behind it.
The legal basis for the data processing is Art. 6 para. 1 lit. f of the General Data Protection Regulation (EU Regulation 2016/679) (hereinafter “GDPR”).
Our legitimate interest arises from the above-listed purposes of data collection. We never use the data collected for the purpose of determining your identity. The sole recipients of the data are the controller and any processors.
The data we record are never forwarded to third parties or linked with personal data without your consent.
The data processed by cookies are required for the above-mentioned purposes of pursuing our legitimate interests and those of third parties according to Art. 6 para. 1 lit. f of the GDPR.
4. Purposes of data processing, forwarding of data
We process your personal data only for the purposes mentioned in this data privacy information. Your personal data are not forwarded to third parties for purposes other than those mentioned.
We forward your personal data to third parties only if:
you have given your explicit consent pursuant to Art. 6 para. 1 lit. a of the GDPR,
the processing is required pursuant to Art. 6 para. 1 lit. b of the GDPR in order to process a contract with you,
the processing is required pursuant to Art. 6 para. 1 lit. c of the GDPR in order to perform a legal obligation, or
the processing is required pursuant to Art. 6 para. 1 lit. f of the GDPR in order to pursue legitimate interests
and there are no grounds for assuming that you have an overriding interest worthy of protection in your data not being forwarded.
To the extent that external service providers (e.g. manufacturers, suppliers, dispatchers and forwarders) come into contact with personal data within the scope of the foregoing regulations, we have taken the possible legal and technical measures and/or have applied certifications to ensure that such service providers also comply with the applicable legal data protection provisions.
5. Erasure and blocking of data
We operate in accordance with the principles of data minimisation and data economy. We therefore save your personal data only for as long as this is required for fulfilling the purposes mentioned here, or for the storage periods required by law. If and when the processing purpose ceases to exist, or these legally determined storage periods come to an end, the relevant data will be routinely blocked or erased in accordance with the legal regulations.
6. Rights of data subjects
You may exercise the following rights at any time:
pursuant to Art. 15 of the GDPR, the right to obtain information about your data that we store and their processing;
pursuant to Art. 16 of the GDPR, the right to rectification of inaccurate personal data;
pursuant to Art. 17 of the GDPR, the right to erasure of your data that we store, provided that the processing is not required for exercising the right to freedom of expression and freedom of information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise or defence of legal
pursuant to Art. 18 of the GDPR, the right to restriction of data processing if we are not yet permitted to erase
your data owing to legal obligations;
pursuant to Art. 20 of the GDPR, the right to data portability if you have consented to the data processing or
have concluded a contract with us;
pursuant to Art. 21 of the GDPR, the right to object to our processing of your data if grounds for such
objection exist relating to your particular situation, or if the objection applies to direct marketing. In the latter case, you have a general right to object – that will be implemented by us – without specifying a particular situation.
If you have given us your consent, you may withdraw it at any time with future effect.
If you wish to exercise your right to withdraw your consent or your right to object, please contact us by sending an email to: firstname.lastname@example.org.
You may lodge a complaint with the competent supervisory authority at any time. Your competent supervisory authority depends on the German federal state in which your residence, your work or the place of the alleged infringement is located. You can find a list of supervisory authorities (for the private sector), including their postal addresses, at:
7. Data security
We apply appropriate technical and organisational security measures to protect your data from accidental and intentional manipulation, partial and complete loss, destruction and unauthorized access by third parties. Our security measures are continually improved in line with technological developments. In addition, our employees receive regular training and are generally obliged to maintain data secrecy.
8. Current relevance and amendments to this data privacy information, and questions
This data privacy information is currently up-to-date and was last revised in November 2019.
We reserve the right to amend this data privacy information so that it satisfies the current legal requirements at all times, and to reflect changes to our services, e.g. when new services are introduced. If you make a repeat visit to our website, the new data privacy information will apply accordingly.
Please do not hesitate to contact us if you have any further questions about privacy and protection of your data. Our contact details, including the contact details of our data protection officer can be found in section 1 of this data privacy information.
Last revised: 1st July 2020