InfectoPharm Arzneimittel und Consilium GmbH
Von-Humboldt-Str. 1
64646 Heppenheim
E-Mail: info@InfectoPharm.com
You can contact our Data Protection Officer at:
InfectoPharm Arzneimittel und Consilium GmbH
Mr. Thomas Fletschinger
Von-Humboldt-Strasse 1
64646 Heppenheim
E-Mail: dsb@InfectoPharm.com
By using the services provided on the website and by using the website and thereby submitting your data, you agree to the following data protection provisions.
You also agree to the data protection provisions by checking the box next to the sentence “Yes, I agree to the terms of use and data protection provisions of InfectoPharm.”
Please read the following terms carefully to understand how we handle your personal data.
Our handling of personal data is based on global principles and standards regarding transparency in the use of personal data, respect for and provision of individual choices, access regulations, rules on data integrity, data security, data sharing, and the monitoring of the lawfulness of processing.
By using this website, you consent to the electronic storage and use of your data as described below. Any changes to this privacy policy will always be published on this page so that you are always informed about what data InfectoPharm stores and how it is used.
Where applicable data protection laws require it, we will also explicitly ask for your consent to further process any personal data collected on this website or provided by you.
If you have given your consent to data processing, we process your personal data on the basis of Article 6(1)(a) GDPR or, if special categories of data are processed, on the basis of Article 9(2)(a) GDPR in conjunction with Article 9(1) GDPR. If you have consented to the storage of cookies or access to information on your device (e.g., via device fingerprinting), data processing is also carried out on the basis of § 25(1) of the German Telecommunications and Digital Services Data Protection Act (TTDSG). Consent can be withdrawn at any time.
If your data is required for the performance of a contract or for pre-contractual measures, we process your data on the basis of Article 6(1)(b) GDPR. Furthermore, if the processing is necessary to fulfill a legal obligation, it is carried out on the basis of Article 6(1)(c) GDPR. Data processing may also be based on our legitimate interest according to Article 6(1)(f) GDPR.
Details on the specific legal basis applicable in each individual case are provided in the following sections of this privacy policy.
InfectoPharm Arzneimittel und Consilium GmbH aims to better understand your wishes and interests and to provide you with optimal service. Therefore, InfectoPharm Arzneimittel und Consilium GmbH collects and uses personal information as described below and in accordance with applicable data protection laws.
When you visit our website, we collect your IP address and use cookies as well as other internet technologies (hereinafter referred to as “automated tools” and “integrated weblinks”) to obtain general information about the visitors to our website and their interests. Below, we explain which technologies are used and what types of information are collected.
In addition, we collect and process data that you voluntarily provide to us, for example when you register for events, subscribe to newsletters, participate in online surveys, join discussion groups or forums, or make purchases.
Use of Google Tag Manager: Google Tag Manager is a solution that allows marketers to manage website tags through a single interface. The Tag Manager tool itself (which implements the tags) is a cookie-free domain and does not collect any personal data. The tool triggers other tags that may, in turn, collect data. Google Tag Manager does not access this data. If a deactivation is made at the domain or cookie level, it remains effective for all tracking tags implemented via Google Tag Manager. https://www.google.de/tagmanager/use-policy.html
IP addresses are used to analyze malfunctions, manage the website, and obtain demographic information. Furthermore, we use IP addresses and, if applicable, other information you provide on this website to learn which pages from our offerings are accessed and which topics interest our visitors. The insights gained are used to provide you with an optimized information offer about our products and services. InfectoPharm generally collects such data only in anonymized form and will not link it to a registered user’s profile without their consent. When you visit our website, only the domain name is recorded by default.
a) We use cookies on our website(s). These are small files automatically created by your browser and stored on your device (notebook, tablet, smartphone, etc.) when you visit our websites. Cookies do not harm your device and do not contain viruses, trojans, or other malware. The cookie stores information related to the specific device used. However, this does not mean that we directly obtain knowledge of your identity. Cookies serve, on the one hand, to make using our services more convenient for you. For example, we use so-called session cookies to recognize that you have already visited certain pages of our website. These cookies are automatically deleted after you leave our site.
b) In addition, we use temporary cookies to optimize user-friendliness, which are stored on your device for a defined period. When you visit our website again to use our services, it is automatically recognized that you have visited before and which inputs and settings you made, so you don’t have to enter them again.
c) Furthermore, we use cookies to statistically record the usage of our website and to analyze it for optimizing our offerings for you. These cookies enable us to automatically recognize on a return visit that you have already been to our site. These cookies are automatically deleted after a defined period.
d) The cookies process data and are necessary for the purposes mentioned above to protect our legitimate interests as well as those of third parties according to Art. 6 (1) sentence 1 lit. f) GDPR.
e) Most browsers accept cookies automatically. However, you can configure your browser to refuse cookies or to notify you before a new cookie is stored. Completely disabling cookies may result in you not being able to use all functions of our website.
f) Our website uses the cookie consent technology from Borlabs Cookie to obtain your consent for the storage of certain cookies in your browser and to document this in compliance with data protection regulations. The provider of this technology is Borlabs – Benjamin A. Bornschein, Rübenkamp 32, 22305 Hamburg (hereinafter Borlabs).
When you visit our website, a Borlabs cookie is stored in your browser in which your given consents or their withdrawal are saved. These data are not passed on to the provider of Borlabs Cookie.
The collected data are stored until you request deletion, delete the Borlabs cookie yourself, or the purpose of data storage no longer applies. Mandatory statutory retention periods remain unaffected. Details on data processing by Borlabs Cookie can be found at https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/.
The use of Borlabs cookie consent technology is to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 (1) sentence 1 lit. c GDPR.
If you provide us with your email address or submit it via the contact form, we will also communicate with you by email.
Depending on the settings of your email program, information may be automatically transmitted to InfectoPharm when you send an email to InfectoPharm.
Our website contains order forms that you can fill out to request information, products, and services.
Through our online portal (participant management system Venturi® by Up2Date), you can also register for our events.
Use of External Service Providers
We cooperate with service providers who process certain data on our behalf. This is done exclusively in accordance with the applicable data protection laws. In particular, we have concluded data processing agreements with our service providers that comply with the requirements of Article 28 of the GDPR.
If you wish to receive the newsletter offered on the website, we require your email address as well as information that allows us to verify that you are the owner of the provided email address and consent to receive the newsletter. No further data is collected, or only on a voluntary basis. These data are used exclusively for sending the requested information and are not shared with third parties.
The processing of the data entered in the newsletter registration form is carried out solely based on your consent (Art. 6 (1) lit. a GDPR).
You can revoke your consent to the storage of data, the email address, and its use for sending the newsletter at any time, for example via the “unsubscribe” link in the newsletter. The lawfulness of data processing carried out prior to the revocation remains unaffected.
The data you provide to us for the purpose of receiving the newsletter will be stored by us until you unsubscribe from the newsletter and deleted after cancellation. Data stored for other purposes (e.g., email addresses for the member area) remain unaffected.
Registration for our newsletter is carried out using a so-called double opt-in procedure. This means that after signing up, you will receive an email asking you to confirm your registration. This confirmation is necessary to ensure that no one can register using someone else’s email address. Newsletter registrations are logged in order to document the registration process in accordance with legal requirements. This includes storing the date and time of registration and confirmation, as well as the IP address.
The following notes inform you about the content of our newsletter, the registration, delivery, and statistical evaluation processes, as well as your rights to object. By subscribing to our newsletter, you agree to receive it and to the procedures described.
We send newsletters (via CleverReach) and emails containing promotional information (hereinafter referred to as “newsletter”) only with the recipients’ consent or a legal permission. The content described during newsletter registration is decisive for the users’ consent.
As an internationally operating company, InfectoPharm maintains a global internet presence. Information you provide on any of our websites may therefore be transmitted to a server in this or another country. Your privacy is protected worldwide, as we apply the data protection policies described here to all our websites.
We process your data within InfectoPharm globally to handle your inquiries and orders and to continuously improve our services and products.
If necessary, InfectoPharm may also share information with business partners, service providers, third parties, or subcontractors. This may be required to provide a service you have requested, such as participation in a training event, for customer service purposes, or to inform you about services or products.
If you provide us with personal data, including health or medical information, as part of reporting adverse drug reactions, other drug risks, or related reports on medical devices, cosmetics, or nutritional products, we will share this information only to fulfill legal obligations for recording and documentation with authorized third parties (service providers, business partners), and/or use it to comply with mandatory reporting requirements to authorities, all in accordance with data protection regulations.
We collect personal data about business partners from public or external information sources, particularly to verify their professional qualifications and identity. This data also helps us in communication and consulting according to your interests and preferences:
a) OneKey: To inform and advise you, we maintain your contact details and information about your specializations using OneKey™, a database operated by IQVIA Commercial GmbH & Co. OHG, Unterschweinstiege 2-14, 60549 Frankfurt am Main, which contains up-to-date contact and specialization data on medical professionals.
b) Publicly available information sources (publications, websites, memberships)
c) From third parties: We collect publicly available data about your publications, participation in seminars, memberships in scientific or professional associations, whether you operate a website, and how it is designed.
The processing is based on the so-called balancing of interests clause of the European General Data Protection Regulation (GDPR).
If you provide us your data directly or we receive it in another way, the data will not be automatically stored in the OneKey™ database. IQVIA may receive a notification from us and may then contact you—usually by phone—to verify your data. You may object to the inclusion of your data with IQVIA and InfectoPharm at any time or contact the respective data protection officer.
Your data is mainly processed in Germany. However, access to the data by foreign group companies or business partners may sometimes be necessary.
InfectoPharm also processes personal data of medical professionals who are contacted or visited by InfectoPharm for the execution of their activities, e.g., by the sales department.
This includes especially the following personal data: (name, position, business contact details, email address, telephone and fax number).
We process this data to distribute our products and maintain the data in our IT systems. InfectoPharm processes these data for company-wide business processes, such as scheduling, conducting, and follow-up of sales visits or other sales activities, or maintaining interest lists. Furthermore, the data may be used for business analyses, such as an analysis of sales figures, trends, etc. The processing is based on Art. 6 (1) 1 b, f GDPR. If the processing is based on legitimate interest under Art. 6 (1) 1 f GDPR, our legitimate interest lies in optimizing sales processes and marketing activities.
If the data collection is direct: Providing your personal data is not a legal or contractual requirement. This means you are not obliged to provide us with your personal data. If you decide not to provide your personal data, InfectoPharm cannot contact you via digital channels.
If the data collection is not direct: We obtained your personal data from the following sources: IQVIA Commercial GmbH & Co. OHG as well as, if applicable, from public sources or third parties.
We transfer your personal data to the following categories of recipients: group companies for IT system maintenance, IT service providers, and, if applicable, further business partners.
The transmission of your personal data to third parties for purposes other than those listed below does not take place. We only share your personal data with third parties if:
a) You have given your explicit consent according to Art. 6(1) sentence 1 lit. a) GDPR, § 26(2) German Federal Data Protection Act (BDSG),
b) the disclosure is necessary under Art. 6(1) sentence 1 lit. f) GDPR for asserting, exercising, or defending legal claims and there is no reason to believe that you have an overriding legitimate interest in not disclosing your data,
c) the disclosure is required by law according to Art. 6(1) sentence 1 lit. c) GDPR, or
d) it is legally permissible and necessary under Art. 6(1) sentence 1 lit. b) GDPR, § 26(1) BDSG for the execution of a contractual relationship with you or for pre-contractual measures taken at your request.
If necessary, InfectoPharm Arzneimittel and Consilium GmbH may also disclose information to business partners, service providers, third parties, or subcontractors. This may be required to provide a service or transaction requested by you, such as order processing, for customer service purposes, or to inform you about services, products, and offers.
Your personal data will not be disclosed, sold, or otherwise made available to third parties for marketing purposes without your prior consent.
InfectoPharm Arzneimittel and Consilium GmbH may be required to disclose your data and related information in response to judicial or official orders. We also reserve the right to use your data to assert or defend legal claims.
In the event of a takeover or merger with another company, disclosure or transfer of personal data to potential or actual buyers may be necessary. InfectoPharm Arzneimittel and Consilium GmbH will seek to ensure the highest possible level of data protection in such cases.
In accordance with applicable law, we reserve the right to store and disclose personal and other data to detect and combat illegal activities, fraud attempts, or violations of the terms of use of InfectoPharm Arzneimittel and Consilium GmbH.
If a transfer of your personal data to countries outside the EU/EEA takes place, whose data protection standards do not correspond to those of the EU, we ensure the required level of data protection through appropriate contractual clauses with the recipients of the data, if no adequacy decision justifies such a transfer. This ensures the protection of your personal data. The mentioned standard contractual clauses can be downloaded from the following website: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en
For the transfer of data from the EU to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection based on an adequacy decision by the European Commission.
The tracking measures listed below and used by us are carried out based on Article 6(1) sentence 1 lit. f) GDPR. With the tracking measures employed, we aim to ensure a needs-based design and continuous optimization of our website. Additionally, we use these tracking measures to statistically record the usage of our website and to evaluate it for the purpose of optimizing our offerings for you. These interests are to be considered legitimate within the meaning of the aforementioned provision. The respective purposes of data processing and data categories can be found in the tracking tools described in more detail below.
This website uses Google Analytics 4, a service provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”), which allows the analysis of website usage.
When using Google Analytics 4, so-called “cookies” are used by default. Cookies are text files stored on your device that enable the analysis of your use of the website. The information collected by cookies about your use of the website (including your IP address transmitted by your device, shortened as described below) is usually transmitted to a Google server and stored and processed there. This may also involve the transfer of information to servers of Google LLC, based in the USA, where further processing of the information may take place.
When using Google Analytics 4, the IP address transmitted by your device when using the website is always collected and processed in an anonymized form by default, so that direct identification of the recorded information with an individual person is excluded. This automatic anonymization occurs by Google shortening the IP address transmitted by your device within member states of the European Union (EU) or other contracting states of the Agreement on the European Economic Area (EEA) by the last digits.
On our behalf, Google uses this and other information to evaluate your use of the website, to compile reports on website activity and user behavior, and to provide us with other services related to website and internet usage. The IP address transmitted and shortened within the scope of Google Analytics 4 is not merged with other data from Google. The data collected within the use of Google Analytics 4 are stored for 2 months and then deleted.
Google Analytics 4 also allows, via a special function called “demographic features,” the creation of statistics on age, interest-based advertising, and third-party information. This makes it possible to determine and distinguish user groups of the website for the purpose of target group-optimized marketing measures. However, the data collected via the “demographic features” cannot be assigned to a specific person and thus not to you personally. These data collected via the demographic features function are stored for two months and then deleted.
All the above-described processing, especially the setting of Google Analytics cookies for storing and reading information on the device you use to access the website, only takes place if you have given us your explicit consent in accordance with Art. 6 (1) lit. a GDPR. Without your consent, the use of Google Analytics 4 during your website visit will not take place. You can revoke your once given consent at any time with effect for the future. To exercise your revocation, please deactivate this service via the “cookie consent tool” provided on the website.
In connection with this website, the Google Analytics 4 extension function “UserIDs” is also used. By assigning individual UserIDs, we can have Google create cross-device reports (so-called “Cross Device Tracking”). This means that, subject to your consent to the use of Google Analytics 4 under Art. 6 (1) lit. a GDPR, your usage behavior can be analyzed across devices if you have created a personal account by registering on this website.
We have concluded a so-called data processing agreement with Google for our use of Google Analytics 4, which obliges Google to protect the data of our website users and not to disclose it to third parties.
For data transfer to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European data protection level based on an adequacy decision by the European Commission.
Furthermore, we use Google Analytics reports on demographic characteristics, in which data from Google’s interest-based advertising and visitor data from third parties (e.g., age, gender, and interests) are used. These data cannot be traced back to any specific person and can be disabled at any time via ad settings.
User data collected via cookies are automatically deleted after 14 months.
Google’s privacy policies can be viewed here:
https://www.google.de/policies/privacy/
Details about the processing initiated by Google Analytics 4 and how Google handles data from websites can be found here:
https://policies.google.com/technologies/partner-sites
This website uses the Google Maps API, a mapping service provided by Google LLC (“Google”), to display an interactive map and to create directions.
Google Maps is operated by Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001. The legal basis for processing is Art. 6 (1) lit. a, f GDPR, based on your voluntary provision of data to generate directions and our legitimate interest in displaying our location and making the places listed on our website easily findable.
By using Google Maps, information about your use of this website (including your IP address) may be transmitted to and stored on a Google server in the USA. Google may share the information obtained through Maps with third parties if required by law or if third parties process this data on Google’s behalf.
Google will never associate your IP address with other data held by Google. Nevertheless, it is technically possible that Google could identify individual users based on the data received. It is also possible that personal data and user profiles collected by Google from users of this website may be processed for other purposes beyond our control or influence.
You can disable the Google Maps service and thus prevent data transfer to Google by disabling JavaScript in your browser. However, please note that in this case you will not be able to use the map display on our pages.
For data transfers from the EU to the USA, Google relies on so-called Standard Contractual Clauses issued by the European Commission to ensure compliance with the European data protection level in the USA.
Google’s Privacy Policy and additional terms for Google Maps can be found here:
https://www.google.com/analytics/terms/de.html
Privacy overview: https://support.google.com/analytics/answer/6004245?hl=de
Google Privacy Policy: https://policies.google.com/privacy?hl=de&gl=de
You can also change the loading of Google plugins in your privacy settings at: https://myaccount.google.com/intro
The website operator uses Google Ads, an online advertising program by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Ads enables us to display advertisements in the Google search engine or on third-party websites when users enter certain search terms on Google (keyword targeting). Additionally, targeted ads can be shown based on user data available to Google (e.g., location data and interests) (audience targeting). As the website operator, we can quantitatively analyze this data, for example by evaluating which search terms triggered the display of our ads and how many ad clicks resulted.
The use of this service is based on your consent according to Art. 6 (1) lit. a GDPR and § 25 (1) TTDSG. Consent can be revoked at any time.
Data transfer to the USA is based on the Standard Contractual Clauses of the European Commission. Details can be found here:
https://policies.google.com/privacy/frameworks and https://privacy.google.com/businesses/controllerterms/mccs/
This website uses Google Conversion Tracking. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
With the help of Google Conversion Tracking, Google and we can determine whether users have performed certain actions. For example, we can analyze which buttons on our website were clicked how often and which products were viewed or purchased most frequently. This information is used to create conversion statistics. We learn the total number of users who clicked on our ads and what actions they performed. We do not receive any information that would allow us to personally identify the user. Google itself uses cookies or similar recognition technologies for identification.
The use of this service is based on your consent according to Art. 6 (1) lit. a GDPR and § 25 (1) TTDSG. Consent can be revoked at any time.
More information about Google Conversion Tracking can be found in Google’s privacy policy: https://policies.google.com/privacy?hl=de
This website uses plugins from the video platform Vimeo. The provider is Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA.
When you visit one of our pages equipped with a Vimeo video, a connection to the Vimeo servers is established. In doing so, the Vimeo server is informed which of our pages you have visited. Vimeo also obtains your IP address. This applies even if you are not logged into Vimeo or do not have a Vimeo account. The information collected by Vimeo is transmitted to the Vimeo server in the USA.
If you are logged into your Vimeo account, you allow Vimeo to directly associate your browsing behavior with your personal profile. You can prevent this by logging out of your Vimeo account.
Vimeo uses cookies or comparable recognition technologies (e.g., device fingerprinting) to recognize website visitors.
The use of Vimeo is in the interest of presenting our online offerings attractively.
This constitutes a legitimate interest within the meaning of Art. 6 (1) lit. f GDPR. If consent has been obtained, processing takes place exclusively on the basis of Art. 6 (1) lit. a GDPR and § 25 (1) TTDSG, insofar as the consent includes the storage of cookies or access to information on the user’s device (e.g., device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission and, according to Vimeo, on “legitimate business interests.” Details can be found here: https://vimeo.com/privacy.
Further information on handling user data can be found in Vimeo’s privacy policy at: https://vimeo.com/privacy.
Newsletter / Information Request / Use of CleverReach
(1) With your consent, you can subscribe to our newsletter, through which we inform you about our company and our investor relations news.
(2) For newsletter registration, we use the so-called double opt-in procedure. This means that after your registration, we send an email to the provided email address asking you to confirm that you wish to receive the newsletter. If you do not confirm your registration within 24 hours, your information will be blocked and automatically deleted after one month. In addition, we store the IP addresses used and the times of registration and confirmation. The purpose of this procedure is to document your registration and, if necessary, clarify possible misuse of your personal data.
(3) The only mandatory information required to send the newsletter is your email address. After your confirmation, we store your email address for the purpose of sending the newsletter. The legal basis is Article 6(1) sentence 1 lit. a GDPR.
(4) You can revoke your consent to receive the newsletter at any time and unsubscribe. You can withdraw your consent by clicking the unsubscribe link provided in every newsletter email or by sending an email to service@infectopharm.com.
(5) Please note that we analyze your user behavior when sending the newsletter. The emails sent contain so-called web beacons or tracking pixels, which are one-pixel image files stored on our website. The data is collected only in pseudonymized form. In the evaluation, we record whether a newsletter was viewed and which links were clicked, without linking this data to your personal information.
The information is stored as long as you are subscribed to the newsletter. Tracking of viewed newsletters and clicked links is not possible if you have disabled automatic image display in your email program. In this case, the newsletter may not be fully displayed, and you may not be able to use all functions. If you manually enable images, the above-mentioned tracking will take place.
(6) Third-party information: CleverReach GmbH & Co. KG, Schafjückenweg 2, 26180 Rastede, Fax: +49 (0) 4402 97390-99.
Privacy policy: https://www.cleverreach.com/en/privacy-policy/
Our website uses plugins from YouTube, a site operated by Google. The provider is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.
When you visit one of our pages that features a YouTube plugin, a connection to the YouTube servers is established. In doing so, the YouTube server is informed which of our pages you have visited. If you are logged into your YouTube account, YouTube can associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account.
The use of YouTube is in the interest of presenting our online content in an appealing way. This constitutes a legitimate interest pursuant to Art. 6(1)(f) GDPR.
Further information on how user data is handled can be found in YouTube’s privacy policy at:
https://www.google.com/intl/en/policies/privacy/
We use the Microsoft Clarity service for statistical analysis of how users interact with our website. The provider of this service is Microsoft Corporation, One Microsoft Way, Redmond, WA 98052, USA (“Microsoft”).
Legal basis: Consent, Data Privacy Framework
Microsoft participates in the EU-U.S. Data Privacy Framework:
https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000KzNaAAK&status=Active
Microsoft Clarity uses cookies and a tracking code that is executed when the service is loaded. The information collected, such as your IP address, location, time, and frequency of visits to our website, is transmitted to Microsoft and stored there. According to Microsoft, this data may also be used for advertising purposes and for providing other services related to the use of our website and the internet.
We use Microsoft Clarity with an anonymization feature. This means that Microsoft shortens the IP address within the EU or EEA before storing it.
Data processing is based on your consent pursuant to Art. 6(1)(a) GDPR. You may withdraw your consent at any time with effect for the future.
For more information about how Microsoft handles personal data, please refer to the Microsoft Privacy Statement:
https://privacy.microsoft.com/en-us/privacystatement
Further information and the privacy terms of Microsoft Clarity can be found at:
https://clarity.microsoft.com/terms
(1) We process applicant data solely for the purpose and within the scope of the application process in accordance with legal requirements. The processing of applicant data is carried out to fulfill our (pre-)contractual obligations within the meaning of Art. 6 (1) lit. b GDPR and Art. 6 (1) lit. f GDPR, insofar as data processing becomes necessary, for example, in the context of legal proceedings (in Germany, § 26 BDSG also applies).
(2) Collection and storage of personal data as well as the type, purpose, and use of such data
You apply electronically for open positions at InfectoPharm Arzneimittel und Consilium GmbH via our applicant management tool. For this purpose, you must register as a user by entering a personal username and password. In the online application form, we only ask for data that we need to process your application. Data that is mandatory to assess your suitability for a position is marked as required fields. In addition, you have the option in the form to provide further information that may facilitate the processing of your application (for example, salary expectations, earliest possible starting date). These details are voluntary.
By using the application portal, you expressly consent to us processing and using the data you submit to us for the purpose of processing your application in accordance with the statutory data protection provisions and this privacy notice.
Each time you access our applicant management tool, technical information such as the browser you use, information about the operating system, and the time and date of your visit are automatically transmitted by your web browser to us. The use of this information is exclusively for statistical purposes and to optimize the design of our website. The user remains anonymous at all times.
(3) Access to the data
The data you provide is treated confidentially. Only persons involved in filling the respective position will have access to the data you disclose during the application process. This particularly includes employees of the HR department at InfectoPharm, the management, and the respective department heads.
(4) Data security
Data transmission is carried out via a secure encrypted connection. InfectoPharm takes appropriate measures within its area of responsibility to protect your data against unauthorized access by third parties. For the technical processing of the online application process, we use the service provider Haufe Lexware, who exclusively provides the technical infrastructure. We have ensured that the service provider has implemented all necessary technical and organizational measures to ensure data protection in the online application process.
(5) Deletion of data
We store and use your data only as long as it is necessary to decide on the establishment of an employment relationship with you. Once you receive a rejection regarding your application, the application process is concluded. Six months after receipt of the rejection notice, the documents you uploaded will be deleted and your data anonymized. This anonymized data set serves statistical evaluation purposes only and does not allow conclusions to be drawn about individuals.
If, however, you have consented during the application process that we may retain your data beyond the application process to consider you for future job openings, the deletion of the documents and anonymization of your data will only take place 12 months after receipt of the rejection notice. The deletion of anonymized data sets takes place after 24 months.
If you are successful in obtaining a position through the application process, the data from the applicant system will be transferred to our personnel information system and deleted 10 years after termination of the employment relationship.
Invoices for any travel expense reimbursements will be archived in accordance with tax regulations.
Our website may contain links to third-party websites. InfectoPharm is not responsible for the data protection measures or the content of third-party websites or websites that do not belong to InfectoPharm or its affiliated companies.
Data Storage
InfectoPharm retains personal data only as long as the purpose or the legal requirements for which they were collected require.
You have the right to request information from us in accordance with:
a) Article 15 GDPR to obtain confirmation as to whether personal data concerning you is being processed by us and, if so, to request access to the personal data, including information about the purposes of processing, the categories of personal data concerned, the categories of recipients to whom the data have been or will be disclosed, the planned storage period, the existence of the right to rectification, erasure, restriction of processing or objection, the right to lodge a complaint, the source of the data if it was not collected from you directly, as well as information about the existence of automated decision-making including profiling and, where applicable, meaningful details about its specifics;
b) Article 16 GDPR to request the immediate correction of inaccurate personal data concerning you or the completion of incomplete personal data stored by us;
c) Article 17 GDPR to request the deletion of personal data stored by us, unless the processing is necessary for exercising the right to freedom of expression and information, to comply with a legal obligation, for reasons of public interest, or for the establishment, exercise or defense of legal claims;
d) Article 18 GDPR to request the restriction of processing of your personal data if you contest the accuracy of the data, if the processing is unlawful but you oppose deletion and we no longer need the data but you require them for the establishment, exercise or defense of legal claims, or if you have objected to the processing pursuant to Article 21 GDPR;
e) Article 20 GDPR to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format, or to request the transfer of this data to another controller;
f) Article 7(3) GDPR to withdraw your consent at any time, which means that we will no longer be allowed to process the data based on this consent for the future; and
g) Article 77 GDPR to lodge a complaint with a supervisory authority. Usually, you can contact the supervisory authority of your usual place of residence, place of work, or the location of our company.
The competent supervisory authority for data protection at InfectoPharm Arzneimittel und Consilium GmbH is:
The Hessian Commissioner for Data Protection and Freedom of Information
Gustav-Stresemann-Ring 1, 65189 Wiesbaden
P.O. Box 31 63, 65021 Wiesbaden
Phone: +49 611 14080
Fax: +49 611 1408-900
Email: poststelle@datenschutz.hessen.de
https://datenschutz.hessen.de/
To exercise the above rights or for any questions regarding data protection, you can contact the responsible party or send an email to dsb@infectopharm.com.
If your personal data is processed based on legitimate interests pursuant to Art. 6(1) sentence 1 lit. f) GDPR, you have the right to object, pursuant to Art. 21 GDPR, to the processing of your personal data insofar as there are reasons related to your particular situation, or if the objection is directed against direct marketing. In the latter case, you have a general right to object, which we will implement without requiring you to provide any specific reason.
To exercise your right of revocation or objection, a simple email to dsb@infectopharm.com is sufficient.
a) To protect sensitive data, we use standard technologies to secure internet connections through transport layer encryption based on SSL/TLS in conjunction with the highest encryption level supported by your browser. This is usually a 256-bit encryption. If your browser does not support 256-bit encryption, we fall back to 128-bit v3 technology. You can recognize whether an individual page of our website is transmitted encrypted by the closed representation of the key or padlock icon in the lower status bar of your browser. The data you enter into the registration form on the job portal is also transmitted to us only in encrypted form.
b) In addition, we employ appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction, or unauthorized access by third parties. Our security measures are continuously improved in accordance with technological developments.
For our sales and deliveries of goods, exclusively our general terms and conditions of sale and delivery valid at the time of the conclusion of the contract shall apply.
Due to current circumstances, such as changes to the applicable data protection regulations, we will update this privacy policy if necessary.
Version date: August 1, 2024