Data Protection for Homepage-Visitors

According to Article 13 and 14 DSGVO

We are pleased that you are visiting our website and you are interested in us. The protection of your personal data which we are saving on the occasion of your visit on our website is important to us.
With the following references we want to inform you about processing your personal data by us as far as they incurred when visiting our website. Additionally you get an overview of your Rights under the Data Protection Act.

1. Responsible office 
Name, address and contact details of the company
Amapharm GmbH
Am Ochsenwald 3
66539 Neunkirchen
Email: Info@amapharm.de
Tel: +49 6821 95 97 30

The data protection officer of our company you reach us
by E-Mail: datenschutzbeauftragter@amapharm.de
or by post to the address above, “to the attention of the data protection officer”


2. Purpose of processing and legal basis
2.1. Automatically processed web server data
By visiting our website the webserver automatically saves some record information. We evaluate this data only for statistical purposes, for reasons of system security (for example to protect against misuse) and for fault diagnosis. Automatically processed data are:

  • Domain-name or IP-address of the requested computer
  • Name of the called page
  • Access status (Transfer file, file not found, etc.)
  • Used operating system
  • Used language and name of the internet service providers
  • Time of the call
  • Transferred amount of data
  • Type and version of the browser used
  • Website from which the file was called

This data are stored only temporarily. That usually means 7 days and only in special problem situations longer, until the problems are solved. The legal basis for processing ist Atricle 6 (1) lit. f DSGVO, because our company is very interested in the functionality of the website.

2.2 Cookies
Our website uses cookies. Cookies are text files that are stored in the Internet browser or from the Internet browser on the user’s computer system. By visiting the website, a cookie may be stored on the user’s operating system. This cookie contains a characteristic string that allows the browser to be uniquely identified when the website is reopened.
We use cookies to create our website more user-friendly. Some elements of our website require that the calling browser be identified even after paging.
The legal basis for the processing of cookie data is Article 6 (1) lit. f DSGVO, insofar as the technical functionality of the website depends on these cookies, because this is in the special interest of our company.
For cookie data that is processed without any technically compelling necessity, we ask for your consent in accordance with Article 6 paragraph 1 lit. a GDPR.
Cookies are stored on the computer of the user and transmitted by this on our side. Therefore, as a user, you have full control over the use of cookies. By changing the settings in your internet browser, you can disable or restrict the transmission of cookies. Cookies that are already saved can be deleted at all times. This can also be done automatically. If cookies are disabled for our website, it may not be possible to use all the functions of the website to the full extent. 

2.3 Web analysis-tool Matoma (formerly Piwik)
On our website we use the Open-Source-Software-Tool Matoma (formerly Piwik) to analyse the surfing patterns of the users. The software sets a cookie on the user’s computer (for cookies see above). If individual pages of our website are called, the following data is stored:
(1) Two bytes of the IP-address of the user’s systemThe called website
(2) The called website
(3) The website from which the user came to the accessed website (referrer)
(4) The subpages that are called from the called website
(5) The length of staying on the website
(6) The frequency of calling the website

The software runs exclusively on the servers of our website. Only there takes a storage of the personal data of users place. A transfer of the data to third parties does not take place. 
The Software is adjusted that the IP-addresses are not completely stored but 2 bytes of the IP-address are masked (e.g. 192. 168. xxx.xxx). In this way, an assignment of the shortened IP-address to the calling computer is no longer possible.
The legal basis for processing users' personal data is Article 6 (1) lit. f DSGVO. The processing of users' personal data enables us to analyze their surfing patterns. By analyzing the data obtained, we are able to compile information about the use of the individual components of our website. This helps us to improve our website and the user-friendliness constantly. For these purposes, our legitimate interest lies in the processing of the data according to Art. 6 para. 1 lit. f DSGVO. Because of the anonymization of the IP-addresses, the interest of the users in protecting their personal data is ensured. 
The data will be deleted as soon as they are no longer needed for our recording purposes, namely after 365 days at the latest.

2.4. Contact form
Our website contains a contact form, which can be used for electronic approach. If a user realizes this option so the data entered in the input mask will be transmitted to us and saved.  The data to be processed can be took out of the contact form. 
For the processing of the data in the context of the sending process we obtain your consent and refer to this privacy statement.
We expressly point out that the delivery of this data to us is partly unencrypted. Therefore, we ask for not submitting special categories of personal data (such as health information) via the contact form; use certain methods such as the postal service.
The legal basis for the processing of the data is Art. 6 para. 1 lit. a GDPR, if  the consent of the user is existent. If the consent of the user is not available, the legal basis is Art. 6 para. 1 lit. f DSGVO. The company is legitimate interested in proper processing of communication data supplied to it.
In addition, the following data will also be collected upon registration:
(1) IP-addresses of the called computer
(2) Date and time of registration
The collection of this data as part of the registration process is intended to prevent misuse of the services or the email address used. This is a legitimate interest of the company.
The processing of the personal data from the input mask serves us only to deal with the request of the contact. The other personal data processed during the sending process is intended to prevent misuse of the contact form and to ensure the security of our information technology systems. 
The data will be deleted as soon as it is no longer necessary for the purpose of its collection. For the personal data from the input mask of the contact form, this is the case when the respective conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the relevant facts have been finally clarified. 
2.5. Contact by e-Mail
You are welcome to contact us by e-mail. We expressly point out that the delivery of this data to us is unencrypted. Therefore, we ask for not submitting special categories of personal data (such as health information) via the contact form; use certain methods such as the postal service. 
The legal basis for the processing of the data transmitted in the course of sending an e-mail is Article 6 (1) lit. f DSGVO. If the e-mail contact aims to conclude a contract, then additional legal basis for the processing is Art. 6 para. 1 lit. b DSGVO. In the case of contact via e-mail, this also includes the required legitimate interest in the processing of the data.
The data will be deleted as soon as it is no longer necessary for the purpose of its collection. For the personal data sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the relevant facts have been finally clarified. As far as e-mails are to be regarded as business letters or these could be tax-relevant, legal storage periods of up to 10 years apply. 

2.6. Social-Media-Components
Our website refers to various social media sites (Facebook, Twitter etc.). We do not use active components, but only links to the external offers. Therefore, by calling our website, no data will be transmitted to third parties. 
When you access a social media page from our website, we use the so-called "two-click method", that means we first show information about this page again. Only when you actively click on the link to the social media page, you will get to the page you are looking for. 

ADVICE ON DATA PROTECTION AT FACEBOOK

You can reach our Facebook page via the following link. Please note that it is not our company but Facebook that operates this site.
https://de-de.facebook.com/yayagermany/

This site is operated by Facebook Inc., 1601 Willow Road, Menlo Park, CA 94025, USA, or its affiliate, Facebook Ireland Ltd., Hanover Reach, 5-7 Hanover Quay, Dublin 2, Ireland.

When the link is activated, your internet browser sends various data to Facebook to retrieve the page. If you are logged into your Facebook account, Facebook may be able to assign your visit to our homepage to your Facebook account. We do not know what additional data Facebook collects and how Facebook links and handles it.

Activate social media offers, please note their privacy policy. For information about Facebook's privacy policy, please visit https://www.facebook.com/policy
Once you activate a social media page, the operator receives information. We have no knowledge of what data the external operator collects and how it associates or uses them. By activating social media pages, their privacy policy must be observed.
This Website uses AddThis to share content. AddThis implies the use of Social-Media-Components which will be used upon agreement of the user. The cookies saved in relation with this have been agreed / denied by the user at the stage of the first visit.

2.7. Other web analysis tools
This site uses Google Services. Which data is collected here can be seen under 2.9.

2.8. Google Maps
This website uses the product Google Maps from Google Inc. By using this website, you consent to the collection, processing and use of the automated data collected by Google Inc, its agents and third parties.
The terms of use of Google Maps can be found under "Terms of Use of Google Maps (https://cloud.google.com/maps-platform/terms/)".

2.9. Advertising and marketing services
Privacy Policy for using Google Analytics and AdWords.
The website uses Google Analytics, a web analytics service provided by Google Inc. ("Google"). Google Analytics uses so-called "cookies", text files that are stored on your computer and allow the analysis of your use of the website. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. However, if IP anonymization is activated on this website, your IP address will be shortened by Google beforehand within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the US and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator. The IP address provided by Google Analytics within the framework of Google Analytics will not be merged with other data provided by Google. You can prevent the storage of cookies by a corresponding setting of your browser software; however, please note that if you do this, you may not be able to use all the features of this website to the fullest extent. You may also prevent the collection of cookie-generated data related to your use of the hard drive (including your IP address) to Google and the processing of such data by Google by downloading the browser plug-in available at the following link and install: tools.google.com/dlpage/gaoptout. 
As an AdWords customer, we also use Google Conversion Tracking, an analytics service provided by Google Inc. (1600 Amphitheater Parkway, Mountain View, CA 94043, USA; "Google"). Google Adwords sets a cookie on your computer ("conversion cookie") if you have reached our website via a Google ad. These cookies lose their validity after 30 days and are not used for personal identification. If you visit certain pages of us and the cookie has not expired, we and Google may recognize that someone clicked on the ad and was redirected to our site. Each advertiser receives a different cookie. Cookies cannot be tracked through the websites of advertisers. The information gathered using the conversion cookie is used to generate conversion statistics for AdWords advertisers who have opted for conversion tracking. Advertisers will see the total number of users who clicked on their ad and were redirected to a conversion tracking tag page. However, they do not receive information that personally identifies users. If you do not want to participate in the tracking process, you can also refuse the required setting of a cookie - for example, via a browser setting that generally disables the automatic setting of cookies. You can also disable cookies for conversion tracking by setting your browser to block cookies from the domain "googleadservices.com". If you have any questions about the above mentioned hints, you can also send us an e-mail.

2.10. Use of special third-party components (pictures, etc.)
This page uses AddThis. AddThis transmits upon usage certain data (e.g. IP Address). We are unable to give further information about the processing of this data.


3. Recipient of your data
In addition to the aforementioned recipients, we have engaged specialized service providers to help us operate our IT applications, including web hosts, software vendors, system administrators and data center operators. These only have access to personal data to the extent necessary for the provision of the services. 


4. Erasure of data
As far as this is not already described, we delete data in principle, if the purpose of the processing is fulfilled. If statutory retention periods exist, we may only delete them after expiration of these periods. Otherwise, we keep data stored as far as there is a predominant operational interest. 
For example, the legal retention periods are up to ten years for commercial and tax records, and six years for contracts and business letters.
In addition, we store personal data during the periods in which claims can be asserted against us. There are statutory limitation periods of three to thirty years.


5. Your rights
You have the right to information about the personal data stored about you at any time. In addition, under certain conditions you may request the correction and deletion of your data. 
In addition, you have the right to data portability, and you may be entitled to restrict the processing of your data. In the given circumstances, you also have the right to object to the processing of your data and profiling. Equally you have the right to complain to a data protection authority. 
A consent given to us can be canceled at any time. The revocation of consent does not impair the lawfulness of the processing that was done until then. 


6. Are data transmitted to a third country?
Google, Facebook and Instagram are not headquartered in the EU. Therefore, it cannot be followed whether the data transmitted to Google leave the EU. 


7. Is there automated decision making or profiling?
We do not practice automated decision making and profiling.


Revised 19th September 2018