Hommel Pharma Logistics

Privacy Policy

1) Introduction and Contact Details of the Controller

1.1 We are pleased that you are visiting our website and thank you for your interest. Below we inform you about the handling of your personal data when using our website. Personal data is any data with which you can be personally identified.

1.2 The controller responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is Hommel Pharma GmbH & Co. KG, Auf dem Quellberg 8, 48249 Dülmen, Germany, Tel.: 0800 / 500 70 70, Fax: 0800 / 500 70 71, e-mail: info@hommel-pharma.de. The controller for the processing of personal data is the natural or legal person who, alone or jointly with others, decides on the purposes and means of processing personal data.

1.3 The controller has appointed a data protection officer who can be reached as follows: “F. Luther (DSB Luther), Herner Str. 299 A, 44809, Bochum, hommelpharma@dsb-luther.de”.

2) Data Collection When Visiting Our Website

2.1 When you use our website for purely informational purposes, i.e., if you do not register or otherwise transmit information to us, we only collect the data that your browser transmits to the page server (so-called “server log files”). When you access our website, we collect the following data, which is technically necessary for us to display the website to you:

  • Our visited website
  • Date and time at the time of access
  • Amount of data sent in bytes
  • Source/referrer from which you came to the page
  • Browser used
  • Operating system used
  • IP address used (if applicable: in anonymized form)

Processing is carried out in accordance with Art. 6 (1) lit. f GDPR on the basis of our legitimate interest in improving the stability and functionality of our website. There is no disclosure or other use of the data. However, we reserve the right to subsequently check the server log files if there are specific indications of unlawful use.

2.2 For security reasons and to protect the transmission of personal data and other confidential content (e.g., orders or inquiries to the controller), this website uses SSL or TLS encryption. You can recognize an encrypted connection by the string “https://” and the lock symbol in your browser’s address bar.

3) Hosting & Content-Delivery Network

For hosting our website and for displaying the page content, we use a provider that provides its services itself or through selected subcontractors exclusively on servers within the European Union.

All data collected on our website is processed on these servers.

We have concluded a data processing agreement with the provider that ensures the protection of the data of our website visitors and prohibits unauthorized disclosure to third parties.

4) Cookies

To make visiting our website attractive and to enable the use of certain functions, we use cookies, i.e., small text files that are stored on your end device. Some of these cookies are automatically deleted after closing the browser (so-called “session cookies”), while others remain on your end device for a longer period and enable the saving of page settings (so-called “persistent cookies”). In the latter case, you can find the storage duration from the overview in your web browser’s cookie settings.

If personal data is also processed through individual cookies used by us, processing takes place in accordance with Art. 6 (1) lit. b GDPR either for the performance of the contract, in accordance with Art. 6 (1) lit. a GDPR in the case of consent given, or in accordance with Art. 6 (1) lit. f GDPR to safeguard our legitimate interests in the best possible functionality of the website as well as a customer-friendly and effective design of the site visit.

You can set your browser to inform you about the setting of cookies and decide individually about their acceptance or exclude the acceptance of cookies for certain cases or in general.

Please note that if you do not accept cookies, the functionality of our website may be restricted.

5) Contact

As part of contacting us (e.g., via contact form or e-mail), personal data is collected. Which data is collected when using a contact form can be seen from the respective contact form. This data is stored and used exclusively for the purpose of answering your request and for the contact and the associated technical administration.

The legal basis for processing this data is our legitimate interest in answering your request in accordance with Art. 6 (1) lit. f GDPR. If your contact aims at concluding a contract, the additional legal basis for processing is Art. 6 (1) lit. b GDPR. Your data will be deleted after final processing of your inquiry. This is the case if it can be inferred from the circumstances that the matter in question has been conclusively clarified and provided that there are no statutory retention obligations to the contrary.

6) Use of Customer Data for Direct Advertising

Advertising by postal mail
On the basis of our legitimate interest in personalized direct advertising, we reserve the right to store your first and last name, your postal address and – insofar as we have received these additional details from you in the context of the contractual relationship – your title, academic degree, year of birth and your professional, industry or business designation pursuant to Art. 6 (1) lit. f GDPR and to use them for sending interesting offers and information about our products by postal mail.
You can object to the storage and use of your data for this purpose at any time.

7) Online Marketing

Google AdSense
This website uses Google AdSense, a web advertising service of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”). Google AdSense uses so-called cookies, i.e., text files that are stored on your computer and enable an analysis of your use of the website. In addition, Google AdSense also uses so-called “web beacons” (small invisible graphics) to collect information; their use allows simple actions such as visitor traffic on the website to be recorded, collected, and evaluated. The information generated by the cookie and/or web beacon (including your IP address) about your use of this website is usually transmitted to a Google server and stored there. This may also involve transmission to the servers of Google LLC in the USA.

Google uses the information obtained in this way to evaluate your usage behavior with regard to the AdSense ads. The IP address transmitted by your browser as part of Google AdSense is not merged with other data from Google. The information collected by Google may be transferred to third parties if this is required by law and/or if third parties process this data on behalf of Google.

All processing operations described above, in particular reading information on the end device used via cookies and/or web beacons, will only be carried out if you have given us your express consent pursuant to Art. 6 (1) lit. a GDPR. Without this consent, the use of Google AdSense will be discontinued during your visit to our site.

You can revoke your consent at any time with effect for the future by deactivating this service in the “cookie-consent tool” provided on the website.

For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.

Further information on Google’s privacy policies can be found here: https://business.safety.google/intl/de/privacy/ and https://www.google.de/policies/privacy/

8) Web Analytics Services

8.1 Google Analytics 4

This website uses Google Analytics 4, a web analytics service provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”), which enables an analysis of your use of our website.

By default, when visiting the website, Google Analytics 4 sets cookies, which are stored as small text modules on your end device and collect certain information. This information also includes your IP address, which, however, is shortened by Google by the last digits in order to exclude a direct personal reference.

The information is transmitted to Google’s servers and further processed there. Transfers to Google LLC based in the USA are also possible.

Google uses the information collected on our behalf to evaluate your use of the website, compile reports on website activity for us, and provide other services related to website and Internet usage. The IP address transmitted by your browser and shortened as part of Google Analytics will not be merged with other data from Google. The data collected as part of the use of Google Analytics 4 is stored for a period of two months and then deleted.

All of the processing described above, in particular the setting of cookies on the end device used, will only take place if you have given us your express consent pursuant to Art. 6 (1) lit. a GDPR.

Without your consent, the use of Google Analytics 4 will be discontinued during your visit. You can withdraw your consent at any time with effect for the future. To exercise your right of withdrawal, please deactivate this service via the “cookie-consent tool” provided on the website.

We have concluded a data processing agreement with Google that ensures the protection of the data of our website visitors and prohibits unauthorized disclosure to third parties.

Further legal notices on Google Analytics 4 can be found at https://business.safety.google/intl/de/privacy/, https://policies.google.com/privacy?hl=de&gl=de and at https://policies.google.com/technologies/partner-sites

Demographic characteristics
Google Analytics 4 uses the special “demographic characteristics” function and can use it to create statistics that make statements about the age, gender and interests of website visitors. This is done by analyzing advertising and information from third-party providers. This allows target groups for marketing activities to be identified. However, the collected data cannot be assigned to a specific person and is deleted after a storage period of two months.

Google Signals
As an extension to Google Analytics 4, Google Signals can be used on this website to create cross-device reports. If you have activated personalized ads and linked your devices to your Google account, Google can, subject to your consent to the use of Google Analytics pursuant to Art. 6 (1) lit. a GDPR, analyze your usage behavior across devices and create database models, including for cross-device conversions. We do not receive any personal data from Google, only statistics. If you want to stop cross-device analysis, you can deactivate the “Personalized advertising” function in your Google account settings. Follow the instructions on this page: https://support.google.com/ads/answer/2662922?hl=de

Further information on Google Signals can be found at the following link: https://support.google.com/analytics/answer/7532985?hl=de

UserIDs
As an extension to Google Analytics 4, the “UserIDs” function can be used on this website. If you have consented to the use of Google Analytics 4 pursuant to Art. 6 (1) lit. a GDPR, have set up an account on this website and log in to this account on different devices, your activities, including conversions, can be analyzed across devices.

For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.

8.2 Google Tag Manager

This website uses the “Google Tag Manager”, a service of the following provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter: “Google”).

Google Tag Manager provides a technical basis for bundling various web applications, including tracking and analytics services, and calibrating, controlling and linking them to conditions via a unified user interface. Google Tag Manager itself does not store or read any information on user end devices. Nor does the service perform any independent data analyses. However, when the page is accessed, your IP address is transmitted to Google by the Google Tag Manager and may be stored there. Transfer to servers of Google LLC in the USA is also possible.

This processing is only carried out if you have given us your express consent pursuant to Art. 6 (1) lit. a GDPR. Without this consent, the use of Google Tag Manager will be discontinued during your visit to our site. You can revoke your consent at any time with effect for the future. To exercise your revocation, please deactivate this service in the “cookie-consent tool” provided on the website.

We have concluded a data processing agreement with the provider that ensures the protection of the data of our website visitors and prohibits unauthorized disclosure to third parties.

For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.

Further legal information on Google Tag Manager can be found at https://business.safety.google/intl/de/privacy/ and https://policies.google.com/privacy?hl=de&gl=de

9) Retargeting/Remarketing and Conversion Tracking

9.1 Google Ads Remarketing

This website uses retargeting technology from the following provider: Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

For this purpose, Google sets a cookie in the browser of your end device, which automatically enables interest-based advertising by means of a pseudonymous cookie ID and on the basis of the pages you have visited. Further data processing only takes place if you have agreed to Google linking your web and app browsing history to your Google account and using information from your Google account to personalize ads that you view on the web. If you are logged in to Google during your visit to our website in this case, Google uses your data together with Google Analytics data to create and define target group lists for cross-device remarketing. For this purpose, your personal data is temporarily linked by Google with Google Analytics data to form target groups. In the context of the use of Google Ads Remarketing, personal data may also be transmitted to the servers of Google LLC in the USA.

All processing operations described above, in particular the setting of cookies for reading information on the end device used, are only carried out if you have given us your express consent pursuant to Art. 6 (1) lit. a GDPR. Without this consent, the use of retargeting technology will be discontinued during your visit to our site.

You can revoke your consent at any time with effect for the future. To exercise your revocation, please deactivate this service in the “cookie-consent tool” provided on the website.

For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission. Details of the processing initiated by Google and how Google handles data from websites can be found here: https://policies.google.com/technologies/partner-sites

Further information on Google’s privacy policies can be found here: https://business.safety.google/intl/de/privacy/ and https://www.google.de/policies/privacy/

9.2 Google Ads Conversion Tracking

This website uses the online advertising program “Google Ads” and, as part of Google Ads, conversion tracking from Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”). We use the Google Ads offering to draw attention to our attractive offers on external websites with the help of advertising media (so-called Google AdWords). In relation to the data of the advertising campaigns, we can determine how successful the individual advertising measures are. Our aim is to show you advertising that is of interest to you, to make our website more interesting for you and to achieve a fair calculation of the advertising costs incurred.

The conversion tracking cookie is set when a user clicks on an Ads ad placed by Google. Cookies are small text files that are stored on your end device. These cookies usually lose their validity after 30 days and are not used for personal identification. If the user visits certain pages of this website and the cookie has not yet expired, Google and we can recognize that the user clicked on the ad and was redirected to this page. Each Google Ads customer receives a different cookie. Cookies can therefore not be tracked across the websites of Google Ads customers. The information collected using the conversion cookie is used to compile conversion statistics for Google Ads customers who have opted for conversion tracking. Customers learn the total number of users who clicked on their ad and were redirected to a page tagged with a conversion tracking tag. However, they do not receive any information that can be used to personally identify users. In the context of the use of Google Ads, personal data may also be transmitted to the servers of Google LLC in the USA.

Details of the processing initiated by Google Ads conversion tracking and how Google handles data from websites can be found here: https://policies.google.com/technologies/partner-sites

All processing operations described above, in particular the setting of cookies for reading information on the end device used, are only carried out if you have given us your express consent pursuant to Art. 6 (1) lit. a GDPR. You can revoke your consent at any time with effect for the future by deactivating this service in the “cookie-consent tool” provided on the website.

You can also permanently object to the setting of cookies by Google Ads conversion tracking by downloading and installing the browser plugin available at the following link: https://www.google.com/settings/ads/plugin?hl=de

Please note that certain functions of this website may not be usable or only to a limited extent if you have deactivated the use of cookies.

Google’s privacy policies can be found here: https://business.safety.google/intl/de/privacy/ and https://www.google.de/policies/privacy/

For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.

10) Site Functionality

10.1 Microsoft Teams

To conduct online meetings, video conferences and/or webinars, we use this provider: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399 USA

The provider processes different data, the scope of which depends on which data you provide before or during participation in an online meeting, video conference or webinar. Your data as a communication participant is processed and stored on the provider’s servers. This can include, in particular, your registration data (name, e-mail address, telephone number (optional) and password) and session data (topic, participant IP address, device information, description (optional)).

In addition, image and sound contributions from participants as well as speech input in chats can be processed.

For the processing of personal data that is necessary for the performance of a contract with you (this also applies to processing operations that are necessary for carrying out pre-contractual measures), Art. 6 (1) lit. b GDPR serves as the legal basis. Insofar as you have given us consent to process your data, processing is carried out on the basis of Art. 6 (1) lit. a GDPR. You can revoke consent given at any time with effect for the future.

Otherwise, the legal basis for data processing when conducting online meetings, video conferences or webinars is our legitimate interest pursuant to Art. 6 (1) lit. f GDPR in the effective conduct of the online meeting, webinar or video conference.

We have concluded a data processing agreement with the provider that ensures the protection of the data of our website visitors and prohibits unauthorized disclosure to third parties.

For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.

10.2 Applications for Job Postings by E-mail

On our website, we advertise currently vacant positions in a separate section, for which interested parties can apply by e-mail to the contact address provided.

Applicants must provide all personal data necessary for a well-founded assessment, including general information such as name, address and contact details, as well as performance-related evidence and, where applicable, health-related information. Details of the application can be found in the job posting.

After receipt of the application by e-mail, the data is stored and evaluated exclusively for the purpose of processing the application. If we have any questions, we will use either the applicant’s e-mail address or telephone number. Processing is carried out on the basis of Art. 6 (1) lit. b GDPR (and § 26 (1) BDSG, where applicable), according to which undergoing the application procedure is deemed initiation of an employment contract.

Insofar as special categories of personal data within the meaning of Art. 9 (1) GDPR (e.g., health data such as information about severe disability) are requested from applicants in the course of the application process, processing is carried out in accordance with Art. 9 (2) lit. b GDPR so that we can exercise rights arising from labor law and social security and social protection law and comply with our related obligations.

Cumulatively or alternatively, the processing of special categories of data can also be based on Art. 9 (1) lit. h GDPR if it is carried out for purposes of preventive health care or occupational medicine, for the assessment of the applicant’s working capacity, for medical diagnosis, the provision of health or social care or treatment, or for the management of systems and services in the health or social sector.

If an applicant is not selected or an applicant withdraws their application prematurely, the data transmitted by the applicant as well as all electronic correspondence including the application e-mail will be deleted after corresponding notification at the latest after 6 months. This period is based on our legitimate interest in answering any follow-up questions regarding the application and, if necessary, being able to comply with our proof obligations under the provisions on equal treatment of applicants.

In the event of a successful application, the data provided will be processed on the basis of Art. 6 (1) lit. b GDPR (if processed in Germany together with § 26 (1) BDSG) for the purpose of carrying out the employment relationship.

10.3 Online Applications via a Form

On our website, we advertise currently vacant positions in a separate section, for which interested parties can apply via an appropriate form.

Applicants must provide all personal data necessary for a well-founded assessment, including general information such as name, address and contact details, as well as performance-related evidence and, where applicable, health-related information. Details of the application can be found in the job posting.

When the form is submitted, the applicant data is transmitted to us in encrypted form in accordance with the state of the art, stored by us and evaluated exclusively for the purpose of processing the application. Processing is carried out on the basis of Art. 6 (1) lit. b GDPR (and § 26 (1) BDSG, where applicable), according to which undergoing the application procedure is deemed initiation of an employment contract.

Insofar as special categories of personal data within the meaning of Art. 9 (1) GDPR (e.g., health data such as information about severe disability) are requested from applicants in the course of the application process, processing is carried out in accordance with Art. 9 (2) lit. b GDPR so that we can exercise rights arising from labor law and social security and social protection law and comply with our related obligations.

Cumulatively or alternatively, the processing of special categories of data can also be based on Art. 9 (1) lit. h GDPR if it is carried out for purposes of preventive health care or occupational medicine, for the assessment of the applicant’s working capacity, for medical diagnosis, the provision of health or social care or treatment, or for the management of systems and services in the health or social sector.

If an applicant is not selected or an applicant withdraws their application prematurely, the data transmitted via the form as well as all electronic correspondence including the application e-mail will be deleted after corresponding notification at the latest after 6 months. This period is based on our legitimate interest in answering any follow-up questions regarding the application and, if necessary, being able to comply with our proof obligations under the provisions on equal treatment of applicants.

In the event of a successful application, the data provided will be processed on the basis of Art. 6 (1) lit. b GDPR (if processed in Germany together with § 26 (1) BDSG) for the purpose of carrying out the employment relationship.

11) Tools and Miscellaneous

Cookie-Consent Tool

This website uses a so-called “cookie-consent tool” to obtain effective user consents for cookies and cookie-based applications requiring consent. The “cookie-consent tool” is displayed to users when the page is accessed in the form of an interactive user interface on which consents for certain cookies and/or cookie-based applications can be granted by ticking a box. When the tool is used, all cookies/services requiring consent are only loaded if the respective user grants the corresponding consents by ticking the box. This ensures that such cookies are only set on the respective user’s end device in the event of consent being given.

The tool sets technically necessary cookies to store your cookie preferences. As a rule, no personal user data is processed in this context.

If, in individual cases, personal data (such as the IP address) is processed for the purpose of storing, assigning or logging cookie settings, this is carried out in accordance with Art. 6 (1) lit. f GDPR on the basis of our legitimate interest in a legally compliant, user-specific and user-friendly consent management for cookies and thus in a legally compliant design of our online presence. Another legal basis for processing is Art. 6 (1) lit. c GDPR. As controllers, we are under the legal obligation to make the use of technically unnecessary cookies dependent on the respective user’s consent.

Where necessary, we have concluded a data processing agreement with the provider that ensures the protection of the data of our website visitors and prohibits unauthorized disclosure to third parties. Further information about the operator and the setting options of the cookie-consent tool can be found directly in the corresponding user interface on our website.

12) Rights of the Data Subject

12.1 The applicable data protection law grants you the following data subject rights vis-à-vis the controller with regard to the processing of your personal data (rights to information and intervention), whereby reference is made to the legal basis indicated for the respective conditions for exercising these rights:

  • Right of access pursuant to Art. 15 GDPR;
  • Right to rectification pursuant to Art. 16 GDPR;
  • Right to erasure pursuant to Art. 17 GDPR;
  • Right to restriction of processing pursuant to Art. 18 GDPR;
  • Right to notification pursuant to Art. 19 GDPR;
  • Right to data portability pursuant to Art. 20 GDPR;
  • Right to withdraw consent given pursuant to Art. 7 (3) GDPR;
  • Right to lodge a complaint pursuant to Art. 77 GDPR.

12.2 RIGHT TO OBJECT
IF WE PROCESS YOUR PERSONAL DATA ON THE BASIS OF OUR OVERRIDING LEGITIMATE INTERESTS AS PART OF A BALANCING OF INTERESTS, YOU HAVE THE RIGHT TO OBJECT TO THIS PROCESSING AT ANY TIME WITH EFFECT FOR THE FUTURE ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION.
IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED. HOWEVER, FURTHER PROCESSING IS RESERVED IF WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, FUNDAMENTAL RIGHTS AND FREEDOMS, OR IF THE PROCESSING SERVES THE ESTABLISHMENT, EXERCISE OR DEFENSE OF LEGAL CLAIMS.
IF YOUR PERSONAL DATA IS PROCESSED BY US FOR THE PURPOSE OF DIRECT ADVERTISING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSE OF SUCH ADVERTISING. YOU CAN EXERCISE THE OBJECTION AS DESCRIBED ABOVE.
IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED FOR THE PURPOSES OF DIRECT ADVERTISING.

13) Duration of the Storage of Personal Data

The duration of the storage of personal data is determined on the basis of the respective legal basis, the purpose of processing and – if applicable – additionally on the basis of the respective statutory retention period (e.g., commercial and tax retention periods).

When processing personal data on the basis of explicit consent in accordance with Art. 6 (1) lit. a GDPR, the data concerned will be stored until you revoke your consent.

If statutory retention periods exist for data that is processed within the framework of legal or quasi-legal obligations on the basis of Art. 6 (1) lit. b GDPR, this data will be routinely deleted after the retention periods have expired, provided that it is no longer required for the performance of the contract or the initiation of a contract and/or we have no legitimate interest in continuing to store it.

When processing personal data on the basis of Art. 6 (1) lit. f GDPR, this data will be stored until you exercise your right to object under Art. 21 (1) GDPR, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the establishment, exercise or defense of legal claims.

When processing personal data for the purpose of direct advertising on the basis of Art. 6 (1) lit. f GDPR, this data will be stored until you exercise your right to object pursuant to Art. 21 (2) GDPR. Unless otherwise stated in the other information in this declaration regarding specific processing situations, stored personal data will otherwise be deleted when it is no longer necessary for the purposes for which it was collected or otherwise processed.

Copyright notice: This privacy policy was created by the specialist lawyers of the IT-Recht Kanzlei and is protected by copyright (https://www.it-recht-kanzlei.de)