Privacy Policy
Ultimo aggiornamento
02/09/2020
2. Your rights
You as a data subject have the following rights, providing that the legal prerequisites are fulfilled:
• Right of access to personal data, Art. 15 GDPR
• Right to rectification of personal data, Art. 16 GDPR
• Right to erasure of personal data, Art. 17 GDPR
• Right to restriction of processing, Art. 18 GDPR
• Right to data portability, Art. 20 GDPR
• Right to object, Art. 21 GDPR
Insofar as the processing of data is based on your consent, you have the right to retract your consent at any time with
effect for the future.
You have the right to submit a complaint to the data protection authorities regarding the processing of your data.
Responsible party and data protection officer
The responsible party for data processing is, unless otherwise stated above:
Aristo Pharma GmbH
Wallenroder Straße 8 - 10
13435 Berlin
Phone: +49 (0) 30 - 710 94 - 4200
Fax: +49 (0) 30 - 710 94 - 42500
Email: info@aristo-pharma.de
You can contact the data protection officers via fox-on Datenschutz GmbH, Pollerhofstr. 33a, 51789 Lindlar,dsb@fox-on.com.
1. Data processing
We process your personal data in the following contexts:
1.1 Website aristo-pharma.de
When you call up and use our website aristo-pharma.de, personal data is automatically processed so that we can provide you with our information.
1.1.1 Server log files (access data)
Server-Log-Dateien
The provider of the pages automatically processes information provided automatically by your browser, known as server log files. These include:
• Browser type and browser version
• operating system
• Referrer URL (origin address)
• Date and time of the server request
• IP address
This data will not be merged with other data sources.
The data processing is based on Art. 6 para. 1 letter f GDPR, which permits the processing of data on the
basis of legitimate interest. In this case, there is a justified interest in a secure and trouble-free operation
of the web server. In order to ensure this, the administration must be able to recognise and trace attacks
and
malfunctions of the system via the server log files. In order to recognize attack patterns, accesses to the
server must be stored. As soon as this data is no longer needed, it is deleted. For technical reasons, the
data is disclosed to the hosting service provider, who is, however, bound by instructions and contract to
us.
1.1.2 Cookies
The data processor can record information on visits made to websites such as, for example, regarding
the pages visited or the searches carried out. Such information is used to better customise the content of
the website to the needs of our customers and prepare statistics regarding the individual use of the
website for internal market analysis purposes.
The websites uses ’cookies’ to some extent. These are small text files which are stored on your computer
and which your browser can retrieve. Cookies help to make our services more user-friendly, effective and
secure.
Most of the cookies we use are ‘session cookies’ and are automatically erased at the end of your visit.
Other cookies remain on your device until you erase them. These cookies enable us to recognise your
browser when you visit again.
A cookie is also used in which your consent or rejection to the use of technically not necessary cookies is
stored. It is stored for 100 days and contains no personal reference.
You can set your browser so that you receive information regarding the setting of cookies and only
permit cookies on a case-by-case basis, exclude cookies from being accepted in specific cases or in
general and have the cookies automatically erased when you close the browser. However, the scope of
functions offered by our online services may be restricted in this case.
1.1.3 Contact form
If you send us enquiries using the contact form, your details from the enquiry processing form and in the
event of follow-up questions will be processed and stored by us.
Mandatory fields are marked accordingly. Filling in mandatory fields is necessary so that we can answer
and process your enquiries. All other information is voluntary.
The processing of the data entered in the contact form takes place exclusively on the basis of your
consent (Art. 6 Para. 1 Letter a GDPR). You can revoke this consent at any time. A revocation is only valid
for the future.
We will not pass on your data to third parties without your consent or another legal basis.
The data you enter in the contact form will remain with us until you request us to delete it, revoke your
consent to its storage or until the purpose for data storage no longer applies (e.g. after your request has
been processed). Mandatory legal provisions, in particular retention periods, remain unaffected.
1.1.4 DocCheck
DocCheck is an identification service that provides access to information for medical professionals on
our non-public pages. It is operated by DocCheck Medical Services GmbH, Vogelsanger Straße 66, 50823
Cologne, Germany.
Registration and use takes place by entering a DocCheck user name and password. The registration
procedure is carried out exclusively on DocCheck's servers, so that we do not receive any personal data
in this context. Your data will only be transmitted to us with your express consent or for the purpose of
legal prosecution, insofar as this is permissible under data protection law.
DocCheck uses cookies. This includes a session cookie which serves your further identification after
logging into the non-public area of the website, so that you do not have to register again and again while
using this area. Information on this and all other cookies for which DocCheck is required can be found in
the provider's data protection declaration: http://info.doccheck.com/de/privacy/
1.1.5 Google Analytics
These website uses Google Analytics, a web analysis service provided by Google Inc. (‘Google’). This
service collects information regarding your use of the website, including the browser type and version,
operating system used, referrer URL (previously visited page), IP address or date/time of the query.
Google Analytics uses so-called ‘cookies’, which are text files that are stored on your computer and
enable an analysis of your use of the web pages. The information generated by the cookies regarding
your use of these web pages is typically transferred to one of Google’s servers in the US and stored there.
Because IP anonymisation is activated on these web pages, Google abbreviates your IP address and only
transmits it in anonymised form in member states of the European Union or the EEA (European Economic
Area). The full IP address is only transmitted to a Google server in the US and abbreviated there in
exceptional cases. This transfer is carried out on the basis of the EU-U.S. Privacy Shield agreement.
On behalf of the operator of these web pages, Google will use this information to evaluate your use of
the website, compile reports regarding the website activities and perform other services associated with
the web pages and Internet use for the website operator.
Our legitimate interest in the processing of data is also for these purposes. The legal basis for the use of
Google Analytics is Art. 6 para. 1 lt. f GDPR. The data that we send and that is linked with cookies, user
information (e.g. user ID) or advertising IDs is automatically erased after 14 months. Data for which the
retention period has expired is deleted automatically once a month.
You can prevent cookies from being stored by making a corresponding setting in your browser software;
please note, however, that you might not be able to use all of the functions of this website to their full
extent in this case. You can also prevent the data that is generated by the cookies and related to your use
of the web pages (including your IP address) from being collected and processed by Google by
downloading and installing the browser plugin provided in the following link. The link is:
https://tools.google.com/dlpage/gaoptout
Alternatively, you can prevent data from being collected by Google Analytics on a case-by-case basis by
clicking the link below. This results in an opt-out cookie being set, which prevents your data from being
collected when you visit this website in future: Deactivate Google Analytics.
You can obtain further information from Google at https://policies.google.com/?gl=de.
1.1.6 Google-Maps
This website uses Google Maps for displaying interactive maps. Google Maps is a map service provided
by Google Inc., 1600 Amphitheatre Parkway, Mountain View, California 94043, USA. The use of Google M
aps results in information regarding the use of the website, including your IP address, being transmitted
to Google in the US.
When you go to a page on our website that contains Google Maps, your browser establishes a direct
connection with Google’s servers. Google transmits the content of the map directly to your browser,
which integrates it into the website. For this reason, we do not have any influence on the scope of the
data that Google collects in this manner. According to the information available to us, this includes the
following data at a minimum:
• Date and time of the visit to our website
• Web address or URL of our website
• IP address
• The (start) address entered in the course of route planning
We have no influence on the further processing and use of the data by Google and therefore cannot
accept any responsibility for this.
If you do not want Google to collect, process or use data relating to you via our website, you can disable
JavaScript in your browser settings. You will not be able to view maps in this case.
Please refer to the Google Privacy Policy to learn about the purpose and scope of the data collection
and the further processing and use of the data by Google as well as your related rights and settings
options for protecting your privacy: https://policies.google.com/privacy
1.1.7 YouTube plugin
We use plugins of the YouTube site operated by Google in our website. The operator is YouTube, LLC,
901 Cherry Ave, San Bruno, CA 94066, USA. When you visit one of our pages equipped with a YouTube
plug-in, a connection is established to YouTube's servers. YouTube has privacy-friendly preferences so it
only stores your information when you actually start a video, according to YouTube.
By being certified according to the EU-US Privacy Shield ("EU-US Privacy Shield"), Google and its
subsidiary YouTube guarantee that the data protection requirements of the EU are also complied with
when processing data in the USA.
The legal basis is Art. 6 Para. 1 Letter f GDPR. Our legitimate interest lies in improving the quality of our
website.
The connection to the YouTube server in the USA is necessary in order to be able to display the
respective video on our website via your Internet browser. In the course of this YouTube will at least
record and process your IP address, the date and time as well as the website you visited. In addition, a
connection to the advertising network "DoubleClick" is established by Google.
If you are logged in to YouTube at the same time, YouTube assigns the connection information to your
YouTube account. If you wish to prevent this, you must either log out of YouTube before visiting our
website or make the appropriate settings in your YouTube user account.
YouTube permanently stores cookies on your terminal device via your Internet browser for the purpose of
functionality and analysis of user behaviour. If you do not agree with this processing, you have the option
of preventing the cookies from being saved by making a setting in your Internet browser.
Google provides further information on the collection and use of data as well as your rights and
protection options in this regard in the data protection information at
https://policies.google.com/privacy.
1.1.8 Vimeo
We use plugins on our website to display videos from the Vimeo platform. It is operated by Vimeo, LLC
with headquarters in 555 West 18th Street, New York, New York 10011, USA.
Vimeo's certification to the EU-US Privacy Shield guarantees that the EU's data protection requirements
are also met when processing data in the USA.
The legal basis is Art. 6 para. 1 letter f GDPR. Our legitimate interest lies in improving the quality of our
Internet presence.
When you open a web page provided with such a plugin, a connection to the Vimeo servers will be
established and the plugin will be displayed. By this means, the Vimeo server will be informed which of
our web pages you have visited. If you are logged into Vimeo as a member, Vimeo will assign this
information to your personal user account. This information is also assigned to your user account when
using the plugin, e.g. clicking the start button of a video. You can prevent this assignment by logging out
of your Vimeo user account before using our website and deleting the corresponding cookies from
Vimeo. If you do not agree with the data processing, you have the possibility to prevent the storage of
cookies by a setting in your Internet browser.
Further information on data processing and information on data protection by Vimeo can be found at
1.1.9 Share functions for social networks
On our website you can share individual pages via the "Share" links on the social networks Facebook,
Twitter and WhatsApp. Only when you click on one of these links a connection will be established to the
selected network and data about you will be transmitted there. The networks will use your personal
information to perform the sharing function.
The data processing by us is based on our legitimate interests, i.e. the interest in the distribution of our
online services in accordance with Art. 6 Para. 1 Letter f. GDPR.
Further information is available here:
• Facebook (Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA, operated within the EU by
Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland): Privacy information can be found
at https://www.facebook.com/policy.php. By being certified according to the EU-U.S. Privacy Shield,
Facebook guarantees that the EU's data protection regulations are also adhered to when processing
data in the USA.
• Twitter (Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA): Privacy information can
be found at https://twitter.com/privacy. By being certified under the EU-U.S. Privacy Shield, Twitter
guarantees that the EU's data protection requirements are also met when data is processed in the
USA.
• WhatsApp (WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2,
Ireland): Privacy information can be found at https://www.whatsapp.com/legal/#privacy-policy.
WhatsApp's certification to the EU-U.S. Privacy Shield ensures that the EU's data protection
requirements are met when data is processed in the United States.
1.1.10 Doubleclick
This website uses the online marketing tool Doubleclick from Google. Doubleclick uses cookies to
serve ads relevant to users and to improve campaign performance reports. Google uses a cookie ID to
track which ads appear in which browser, thereby preventing them from appearing more than once. In
addition, Doubleclick can use cookie IDs to capture actions related to ad requests (conversions), such as
when a user sees a Doubleclick ad and later uses the same browser to visit the advertiser's website and
make a purchase. According to Google, Doubleclick cookies do not contain personally identifiable
information.
Because of the marketing tools used, your browser automatically connects directly to Google's server.
We have no control over the extent and further use of the data collected by Google through the use of
this tool and inform you therefore according to our state of knowledge: By the integration of Doubleclick
Google receives the information that you called the appropriate part of our Internet appearance or
clicked an announcement of us. If you are registered with a Google service, Google can assign the visit
to your Google account. Even if you are not registered with Google or have not logged in, it is possible
that the provider may find out your IP address and store it.
In addition, the Doubleclick Floodlight cookies enable us to understand whether you are performing
any actions on our website after you have accessed or clicked on one of our display/video ads on
Google or another platform via Doubleclick. Doubleclick uses this cookie to learn how you interacted
with our sites and to send you targeted advertisements later.
You can prevent participation in this tracking process in a number of ways:
a) by setting your browser software accordingly, in particular by suppressing third party cookies, you will
not receive advertisements from third parties
b) by disabling conversion tracking cookies by setting your browser to block cookies from the domain
www.googleadservices.com, https://adssettings.google.com, which will be deleted when you delete
your cookies
c) by deactivating the interest-based advertisements of the providers that are part of the self-regulatory
campaign "About Ads" via the link http://www.aboutads.info/choices, this setting being deleted if you
delete your cookies
d) by permanent deactivation in your browsers Firefox, Internet Explorer or Google Chrome under the
link http://www.google.com/settings/ads/plugin
e) by means of the corresponding cookie setting. We would like to point out that in this case you may not
be able to use all functions of this offer to their full extent.
The legal basis for data processing is our legitimate interest in effectively publishing advertisements and
evaluating their use (Art. 6 Para. 1 Letter f GDPR).
Further information on Doubleclick can be found at https://www.google.de/doubleclick and on data
protection at Google in general: https://policies.google.com/privacy. Google is committed to the EU-
U.S. Privacy Shield, https://www.privacyshield.gov.
1.1.11 MyFonts Counter
The service MyFonts-Counter does not process any personal data, but anonymously measures the use
of web fonts on our website. Further information can be found at:
https://www.monotype.com/legal/privacy-policy/web-font-tracking-privacy-policy/
1.2 Further data processing
1.2.1 Facebook appearance
We maintain an online presence on Facebook to communicate with the customers, prospects and users
active there and to inform them about our offers. We would like to point out that user data may be
processed outside the European Union. This can result in risks for users, e.g. by making it more difficult
to enforce their rights. Facebook has signed up to the EU-U.S. Privacy Shield Agreement and is thus
committed to EU data protection standards.
As a rule, user data is also processed for market research and advertising purposes. For example, user
profiles can be created on the basis of user behavior and the resulting interests of users. The usage
profiles can in turn be used, for example, to place advertisements inside and outside the platforms that
are presumed to correspond to the interests of the users. For these purposes, cookies are usually stored
on the user's computer, through which the user's usage behaviour and interests are stored. Furthermore,
data can also be stored in the user profiles independently of the devices used by the users (in particular if
the users are members of the respective platforms and are logged in). The processing of users' personal
data is carried out on the basis of our legitimate interests in the effective information of users and
communication with users in accordance with Art. 6 Para. 1 Letter f GDPR. If the users are requested by
the respective providers to give their consent to data processing (i.e. declare their consent e.g. by ticking
a checkbox or confirming a button), the legal basis for processing is Art. 6 para. 1 letter a GDPR. For a
detailed description of the respective processing operations and the opt-out options, please refer to the
information provided by Facebook: Privacy policy: https://www.facebook.com/about/privacy/, Opt-Out:
https://www.facebook.com/settings?tab=ads and http://www.youronlinechoices.com. Also in the case of
information requests and the assertion of user rights, we point out that these can be asserted most
effectively with the provider Facebook. Only the provider has access to the user's data and can directly
take appropriate measures and provide information.
1.2.2 Business partners and contact persons
We process data about business partners (customers, suppliers, service providers, etc.) or their contact
persons. This includes names, contact details and job-related data (e.g. details of employer and
professional position).
The personal data originates either directly from the data subjects themselves or from their employer.
We need this data to safeguard our legitimate interests (Art. 6 Para. 1 Letter f GDPR) in order to be able
to communicate with our business partners and to be able to fulfil, prepare and terminate contracts with
our business partners. In addition, this data is also used to transmit information about our products and
services and to carry out marketing activities. The use of personal data for direct marketing purposes can
be opposed at any time.
A passing on of the data to third parties is not planned. This data will be stored for as long as it is
necessary for the above-mentioned purposes and, if applicable, for as long as legal storage periods
require. Insofar as it is necessary to fulfil these purposes, we can forward your data to external service
providers. These are contractually and legally obliged to maintain confidentiality.
1.2.3 Application
You can voluntarily submit your application online via our website. We process your applicant data only
for the purpose and within the framework of the application procedure and in accordance with the legal
requirements.
The processing of the applicant data is carried out to fulfil our (pre-)contractual obligations within the
scope of the application procedure (Art. 6 Para. 1 Letter b GDPR and § 26 BDSG, German Data
Protection Act).
If you voluntarily provide us with special categories of personal data within the scope of the application
procedure (within the meaning of Art. 9 Para. 1 GDPR, e.g. health data, severely disabled status or ethnic
origin), we process these on the basis of the legal basis of Art. 9 Para. 2 Letter a GDPR. If we ask you for
special categories of personal data during the application process, they will be processed in accordance
with Art. 9 Para. 2 Letter b GDPR.
The application procedure requires that you as an applicant provide us with your applicant data.
Mandatory information is marked in our online form and can be found in the job description.
You can send us your application using the online form on our website. The data will be transmitted to us
encrypted according to the state of the art. You can also send us your applications by e-mail. Because e-
mails are not sent encrypted by default, you are responsible for a secure transmission yourself in this
case. You can also send us your application by post.
Applicant data will be deleted after a period of six months, subject to justified revocation by the
applicants, so that we can answer any follow-up questions regarding the application and meet our
obligations to provide evidence under the AGG (German General Equal Treatment Act).
The company to which you are applying is responsible for data processing within the framework of the
application. If this is not Aristo Pharma GmbH, it acts as a service provider and can access the applicant
data.
In this case, the company named in the application is responsible for data protection:
• Aristo Pharma GmbH, Wallenroder Straße 8 - 10, 13435 Berlin, Phone: +49 30 71094 - 4200,
info@aristo-pharma.de
• Advance Pharma GmbH, Wallenroder Straße 12 - 14, 13435 Berlin, Phone: +49 30 40370 – 0,
info@advance-pharma-berlin.de
• esparma Pharma Services GmbH, Bielefelder Straße 1, 39171 Sülzetal, OT Osterweddingen,
Deutschland, Phone: +49 39205 438 – 4000, info@esparma.de
• Lindopharm GmbH, Neustrasse 82, 40721 Hilden, Phone: +49 2103 206 - 5, kontakt@lindopharm.de
• Medinsa - LABORATORIOS MEDICAMENTOS INTERNACIONALES, S.A., Calle Solana 26, 28850
Torrejón de Ardoz, Madrid, Phone: +34 916558 - 610, info@medinsa.com
• Pharma Wernigerode GmbH, Dornbergsweg 35, 38855 Wernigerode, Phone: +49 3943 554 - 0,
info@pharma-wernigerode.de
• Steiner & Co. Deutsche Arzneimittelgesellschaft mbH & Co. KG, Ostpreussendamm 72/74, 12207
Berlin, Phone: +49 30 71094 - 4200, info@steinerarznei-berlin.de
Aristo Pharma Group (only in English)
We take the protection of your personal data very seriously and handle your personal data confidentially and in accordance with statutory data protection regulations. The following statement regarding data protection at Aristo Pharma GmbH explains how Aristo Pharma GmbH collects, manages and uses information relating to individual persons.