Privacy Policy_shadow

The protection of your personal data is very important to us. Personal data are information about personal or other circumstances of a specific or identifiable natural person. These include, for example name, address, phone number, date of birth, and others, but also any other data that can be related to a person.

Since personal data are specifically legal protected, they are only collected by us to the extent necessary for the provision of our company services (laboratory services and trade of goods). Below we describe which kind of personal information we collect and how we use it.

Our data protection practice complies with the legal regulations, in particular those of the Federal Data Protection Act (BDSG), the Telemedia Act (TMG) and the General Data Protection Regulation (GDPR). We will only collect, process and store your personal data as and insofar it is necessary for the processing of your inquiries as well as for the provision of services including our website insofar there is a legitimate interest i.a.o. Art. 6 para. 1 p. 1 lit.f GDPR or any other permit. Only with your prior consent, your data will also be used for more detailed, consent-specific purposes, e.g. for the transmission of advertising information by newsletter.

1. Definitions

The privacy policy of PHAST is based on the terminology used in the adoption of the General Data Protection Regulation (GDPR):
(http://eur-lex.europa.eu/legal-content/DE/TXT/PDF/?uri=CELEX:32016R0679)

2. Responsible Person and Data Protection Officer

Responsible for the collection, processing and use of your personal data in accordance with Art. 4 No. 7 GDPR is:

PHAST Gesellschaft für Pharmazeutische Qualitätsstandards mbH
Cardinal-Wendel-Str. 16, 66424 Homburg
Germany
Phone: + 49 (0) 6841 - 9242-0
Fax: + 49 (0) 6841 - 9242-888
E-mail: ceo-phast[at]phast.com

Data protection officer:
Cardinal-Wendel-Str. 16, 66424 Homburg
E-Mail: datenschutz[at]phast.com

If you wish to object to the collection, processing or use of your data by us in accordance with this privacy policy as a whole or for individual measures, you may object to your opposition pursuant to Art. Point 12 of this statement to the Data Protection Officer (see above address). You can save and print this privacy policy statement at any time.

3. Website and Log files

Thanks for visiting our website www.phast.com and your interest in our company. Each time our website is accessed, our system automatically collects data and information from the computer system of the approaching computer. The following data are collected:

(1) Information about the browser type and version used
(2) The operating system of the retrieval device
(3) The IP address of the retrieval device
(4) Date and time of access
(5) Web sites and resources (images, files, and other page content) accessed on our website.
(6) Websites from which the user's system came to our website (referrer tracking)

This data are stored in the log files of our system. A storage of this data together with personal data of a specific user does not take place, so that an identification of individual visitors does not take place.

I. Legal basis for the processing of personal data

Art. 6 para. 1 lit. GDPR (legitimate interest). Our legitimate interest is to ensure the achievement of the purpose described below.

II. Purpose of data processing

The logging is done to maintain the compatibility of our website for all visitors as possible and for anti-abuse and troubleshooting. For this purpose, it is necessary to log the technical data of the retrieving computer in order to be able to react as early as possible to misrepresentations, attacks on our IT systems and / or errors in the functionality of our website. In addition, the data is used to optimize the website and generally ensure the security of our information technology systems.

III. Duration of storage

The deletion of the aforementioned technical data takes place as soon as they are no longer needed to ensure the compatibility of the website for all visitors, but no later than 3 months after retrieval of our website.

IV. Opposition and removal possibility

The possibilities of objection and elimination are governed by the general regulations on data protection right of objection and cancellation claim described below in this privacy policy.

4. Integration of external web services and processing of data outside the EU

On our website, we use active Java Script content from external providers, so-called web services. By calling our website these external providers may receive personal information about your visit to our website. This privacy policy statement only applies exclusively to our websites. We have no influence and do not control whether other providers comply with the applicable data protection regulations.

This may involve the processing of data outside the EU. You can prevent this by using a java script blocker such as the browser plug-in 'NoScript' (www.noscript.net) or disable JavaScript in your browser. This may result in functional restrictions on websites that you visit.

We use the following external web services:

"Website-check.de"

On our Site, a web service of the company Website Check GmbH, Beethovenstraße 24 in 66111 Saarbrücken, Germany (hereinafter: website-check.de) is uploaded. We use this data to ensure the full functionality of our website. In this context, your browser may transfer personal data to website-check.de. The legal basis for data processing is Art. 6 (1) lit. f GDPR (legitimate interest). The legitimate interest consists in a faultless function of the website. The deletion of the data takes place as soon as the purpose of its collection has been fulfilled. Further information on the handling of the transferred data can be found in the privacy policy of website-check.de: https://www.website-check.de/datenschutzerklaerung/. You can prevent the collection and processing of your data by website-check.de by disabling the execution of script code in your browser or install a script blocker in your browser (this can be found either at www.noscript.net or www.ghostery.com).

Google

A web service is being uploaded to our website from Google LLC, 1600 Amphitheater Parkway, 94043 Mountain View, USA (hereafter: Google). We use this data to ensure the full functionality of our website. In this context, your browser may transfer personal information to Google. The legal basis for data processing is Art. 6 (1) lit. f GDPR. The legitimate interest consists in a faultless function of the website. Google has self-certified under the EU-US Privacy Shield Agreement (see https://www.privacyshield.gov/list). The deletion of the data takes place as soon as the purpose of its collection has been fulfilled. For more information on the handling of the transferred data, please refer to the Google Privacy Policy: https://www.google.com/intl/en/policies/privacy/.

You can prevent the collection and processing of your data by Google by disabling the execution of script code in your browser or install a script blocker in your browser (this can be found at www.noscript.net or www.ghostery.com).

Google APIs

A web service is being uploaded to our website from Google LLC, 1600 Amphitheater Parkway, 94043 Mountain View, USA (hereafter: Google-Apis). We use this data to ensure the full functionality of our website. In this context, your browser may transfer personal information to Google-Apis. The legal basis for data processing is Art. 6 (1) lit. f GDPR. The legitimate interest consists in a faultless function of the website. Google-Apis has self-certified under the EU-US Privacy Shield Agreement (see https://www.privacyshield.gov/list). The deletion of the data takes place as soon as the purpose of its collection has been fulfilled. For more information on the handling of the transferred data, please refer to the Google Apis Privacy Policy: https://www.google.com/intl/en/policies/privacy/. You can prevent the collection and processing of your data by Google-Apis by disabling the execution of script code in your browser or installing a script blocker in your browser (this can be found at www.noscript.net or www. ghostery.com).

gstatic

A web service from Google LLC, 1600 Amphitheater Parkway, 94043 Mountain View, USA (hereinafter: gstatic) is being downloaded from our website. We use this data to ensure the full functionality of our website. In this context, your browser may transfer personal data to gstatic. The legal basis for data processing is Art. 6 (1) lit. f GDPR. The legitimate interest consists in a faultless function of the website. gstatic has self-certified under the EU-US Privacy Shield Agreement (see https://www.privacyshield.gov/list). The deletion of the data takes place as soon as the purpose of its collection has been fulfilled. For more information on the handling of the transferred data, see gstatic's Privacy Policy: https://www.google.com/intl/en/policies/privacy/. You can prevent the collection and processing of your data by gstatic by disabling the execution of script code in your browser or installing a script blocker in your browser (this can be found at www.noscript.net or www.ghostery.com). com).

5. Cookies

Cookies are small files that are temporarily stored on your hard disk. The information contained in cookies facilitates navigation and allows a high degree of user-friendliness of a website. On our websites, we generally do not use cookies.

Only exceptionally, session cookies are used that store technical session control data in your browser's memory. These data are no personal data and will be deleted at the latest when you close your browser.

Of course you can also visit our website without cookies. Most browsers accept cookies automatically. You can prevent cookies by setting this in your browser settings. For details, refer to the instructions of your browser manufacturer. If you do not accept cookies, this may result in functional restrictions of our offers.

6. Data security and data protection, communication by e-mail

You’re collected, stored and processed personal data will be protected by technical and organizational measures in a way that they are not accessible to third parties. In the case of unencrypted email communication, we cannot guarantee complete data security which is why we recommend encrypted communication or regular mail for information requiring a high degree of confidentiality.

7. Use and disclosure of personal data

Any use of your personal data takes place only for the stated purposes and to the extent necessary to achieve these purposes.
Transfer of personal data to governmental bodies and authorities is only possible within the boundaries of mandatory national legislation or if and when disclosure is required as part of law enforcement or in the event of attacks on our network infrastructure.

8. Right to information and contact details

You have a right of access to the personal data stored about you and also a right to correction of incorrect data, blocking and deletion.

We expressly confirm that our employees are obliged to data protection according to § 5 Federal Data Protection Act (BDSG).

If you would like information about your personal data or its correction or deletion or have further questions about the use of your personal data provided to us, please contact us via the address given in point 2.

If you contact us by e-mail, we repeat our warning that confidentiality of the transmitted information is not guaranteed. The content of non-encrypted e-mails can be viewed by third parties. We therefore recommend that you send us confidential information by regular mail.

9. Right to rectification

You have the right to demand immediate correction of incorrect personal data concerning you. Taking into account the purposes of processing, you have the right to request the completion of incomplete personal data, including the release of an intermediate statement.

10. Right to cancellation ("right to be forgotten")

According to Art. 17 (1) GDPR, you have the right to ask us to delete your personal data without delay and we are obliged to delete your personal data immediately if one of the following reasons applies:

a) Personal data are no longer necessary for the purposes for which they were collected or otherwise processed.
b) You withdraw your consent on which the processing was based in accordance with Article 6 (1) sentence 1 a) GDPR or Article 9 (2) (a) GDPR and there is no other legal basis for the processing. c) In accordance with Art. 21 (1) GDPR, you object to the processing and there are no legitimate reasons for the processing, or you object to the processing according to Art. 21 (2) GDPR. d) The personal data were processed unlawfully. e) The deletion of personal data is required to fulfill a legal obligation under European Union or national law to which we are subject. f) The personal data were collected in relation to information society services offered pursuant to Art. 8 (1) GDPR.

If we have made the personal data openly available and if we are obliged to delete it in accordance with Art. 17 (1) GDPR, we shall take appropriate measures, including technical ones, for data controllers who are responsible for the personal data, taking into account the available technology and the implementation costs Process Data, informing you that you have requested deletion of any links to such personal information or copies or replications of such Personal Information.

11. Right to object

You have the right, at any time for reasons arising from your particular situation, to object to the processing of personal data concerning you pursuant to Article 6 (1) sentence 1 (e) or (f) GDPR.

We no longer process personal information, unless we can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing is for the purposes of asserting, exercising or defending legal claims.

You have the right, for reasons arising from your particular situation, to object to the processing of personal data concerning you for scientific or historical research purposes or for statistical purposes under Article 89 (1) of the GDPR unless the processing is necessary to fulfill a public interest task.

12. Right to withdraw a data protection consent

You have the right to withdraw your consent to the processing of personal data at any time.

13. Right to complain to a supervisory authority

If you have the suspicion that your data is processed unlawfully on our site, you can of course always file a cause to clarify the problem. Irrespective of this, you have the option of contacting a supervisory authority. The right to complain is open to you in the EU Member State of your whereabouts, your place of work and / or the place of the alleged infringement, you can choose the supervisory authority you are looking for at the above locations. The supervisory authority to which the complaint has been submitted will then inform you of the status and results of your petition, including the possibility of a judicial remedy pursuant to Art. 78 GDPR.

Homburg, 25.05.2018

The Chief Excecutive Officer

The Data Protection Officer