Last updated: 21 December 2022
The protection of your personal data is very important to us, so we would like to list here all the information about the processing and storage of your data when you visit our website and in our companies
In order to be able to use all the functions and services of our site, it is necessary to collect your personal data. However, processing and storage is only carried out in accordance with the legal guidelines and requirements of the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (Bundesdatenschutzgesetz - BDSG).
Wiedemann Pharma GmbH
Tel: +49 / (0)8177 / 9314 - 0
Fax: +49 / (0)8177 / 9314 - 14
More information in the imprint
All employees are obliged to maintain confidentiality and to handle your data properly and to enter it correctly into our data processing systems.
COLLECTION AND PROCESSING OF PERSONAL DATA ON THIS WEBSITE
Note: To protect your data as comprehensively as possible from unwanted access, we take so-called technical and organisational measures and use an encryption process on our website. Your data is transmitted over the Internet from your computer to our computer and vice versa using so-called TLS encryption. TLS means "Transport Layer Security" and is an encryption protocol for data transmission on the Internet. You can usually recognise "TLS" by the fact that the lock symbol in the status bar of your browser is closed and the address begins with https://.
1. COLLECTION OF ACCESS AND LOG DATA
This website automatically collects and stores server log file information that your browser sends to us.
- IP address of the user,
- Date and time of access,
- Type of request,
- Customer information such as type and version,
- Operating system of the user (device, OS version of the device),
- Referrer information (i.e. the source of the access)
The legal basis for this data processing is the legitimate interest according to Art. 6 para. 1 lit. f) GDPR. The legitimate interest is based on being able to identify indications of illegal use of our website (e.g. defence against hacker attacks) and to ensure a smooth connection.
We have concluded an order processing contract with the provider of this website, IONOS SE GmbH, based in Germany, in accordance with Art. 28 GDPR. This is a contract required by data protection law, which ensures that IONOS SE only processes the personal data of our website visitors according to our instructions and in compliance with the GDPR. Under certain circumstances, other service providers such as web developers may have access to personal data; in such cases, we have also concluded a contract for commissioned processing in accordance with Article 28 GDPR.
The collected data is stored in server log files, which your browser automatically transmits to us in encrypted form, for 7 days. We only store the server log files longer in the event of attacks on our server infrastructure or other legal violations. This longer storage period is based on our legitimate interest according to Art. 6 para. 1 lit. f) GDPR and only serves to preserve evidence.
2. ENQUIRIES VIA THE CONTACT FORM, E-MAIL AND TELEPHONE
Any personal information that you provide to us on a voluntary basis will of course be treated confidentially. We use the personal data you provide exclusively to process and respond to your enquiry. The legal basis for data processing is our legitimate interest according to Art. 6 Para. 1 lit. f) GDPR. This results from our interest in answering enquiries from our customers, business partners and interested parties and in promoting or maintaining customer satisfaction. Another legal basis for natural persons is the initiation or fulfilment of a contract according to Art. 6 para. 1 lit. b) GDPR. The hosting of our emails is also carried out by IONOS SE, with which a contract for order processing exists
All personal data that you transmit to us with your enquiry will be deleted or anonymised by us no later than 180 days after the final reply to you, unless a contract is concluded. The retention period of 180 days is due to the fact that it may occasionally happen that you contact us again about the same matter after a reply and refer to the previous correspondence. Experience has shown that after 180 days no further queries follow our replies.
3. USE OF WEB ANALYTICS TOOLS AND COOKIES
Cookies themselves do not contain any personal data about users, they only serve to uniquely identify what our customers find interesting and useful on our website. We also use "web beacons" (small graphic images, also known as "pixel tags" or "clear GIFs") on our website. They are used together with cookies to track general user behaviour on the website.
The legal basis for the processing of personal data using cookies and other technologies is your consent pursuant to Art. 6 (1) lit. a) GDPR, which you give us via the so-called "Consent Banner" as soon as you access our website for the first time.
- Technically necessary: These are cookies and similar methods without which you cannot use our services, for example to display our website correctly or to use functions you have requested.
- Statistics: These techniques allow us to compile anonymous statistics on the use of our services. This allows us to determine, for example, how we can better adapt our website to the habits of our users.
- Marketing: This enables us to show you advertising content tailored to you based on the analysis of your usage behaviour. Your usage behaviour can also be tracked across different websites, browsers or end devices using a user ID (unique identifier)
The data processed by necessary cookies are required for the purposes listed below to protect our legitimate interests and those of third parties in accordance with Art. 6 para. 1 lit. f) GDPR
Once cookies have been stored, you can delete them at any time via the settings of your web browser. You can also adjust the settings of your web browser so that no cookies are stored. In this case, not all functions of our website may be available.
|_ga||Used to distinguish users.||2 years||HTML|
|_gat||Used to throttle request rate.||1 day||HTML|
|_gid||Used to distinguish users.||1 day||HTML|
|_ga_--container-id--||Persists session state.||2 years||HTML|
|_gac_--property-id--||Contains campaign related information for the user. If you have linked your Google Analytics and Google Ads accounts, Google Ads website conversion tags will read this cookie unless you opt-out.||3 months||HTML|
|_gcl_au||Used by Google AdSense to experiment with advertisement efficiency.||3 months||HTML|
|AMP_TOKEN||Contains a token that can be used to retrieve a Client ID from AMP Client ID service. Other possible values indicate opt-out, request in progress or an error retrieving a Client ID from AMP Client ID service.||1 year||HTML|
|_dc_gtm_--property-id--||Used by DoubleClick (Google Tag Manager) to help identify the visitors by either age, gender or interests.||2 years||HTML|
We may use specialised service providers, in particular from the online marketing sector, as part of data processing (using cookies and similar techniques to process usage data). These process your data on our behalf as order processors, are carefully selected in each case and are contractually bound in accordance with Article 28 GDPR. All of the companies listed as providers in our Cookie Notice act as processors for us.
We use cookie consent technology to obtain your consent under data protection law to the storage of certain cookies on your end device or to the use of certain technologies and to document this in accordance with data protection law.
Data is not passed on to third parties.
Use of IONOS WebAnalytics
We use the web analytics tool of our web hoster IONOS SE GmbH, provided that you give your voluntary consent in accordance with Art. 6 Para. 1 lit. a) GDPR. No cookies are set by WebAnalytics. The analysis tool does not store any personal data of website visitors. The purpose of using WebAnalytics is the statistical evaluation and technical optimisation of our website.
The following data is collected:
- Referrer (previously visited website)
- Requested web page or file
- Browser type and version
- Operating system used
- Device type used
- Time of access
- IP address in anonymised form (only used to determine the location of the access)
We have concluded an order processing contract with the provider of this website, IONOS SE GmbH, based in Germany, in accordance with Art. 28 GDPR. This is a contract required by data protection law, which ensures that IONOS SE only processes the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR. Any further transfer of data to third parties does not take place.
Use of Google Analytics
This website uses Google Analytics if you give your consent within the meaning of Art. 6 (1) a) GDPR Art. 49 (1) a) GDPR. This is a service provided by Google Ireland Limited ("Google"), a company incorporated and operated under the laws of Ireland (registration number: 368047) with its registered office at Gordon House, Barrow Street, Dublin 4, Ireland and Google LLC (USA) ("Google").
Google Analytics uses so-called "cookies". These are text files that are stored on your computer and enable an analysis of the use of the website by the user. The information acquired through the cookies about your usage behaviour of this website is usually transferred to a Google server in the USA and stored there. The data processing is also essentially carried out by Google. Both Google and, under certain circumstances, government authorities in the USA have access to this data. We have made the setting that your IP address is anonymised. The IP addresses are anonymised by Google, but within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there.
On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator.
The anonymised IP address transmitted by your browser as part of Google Analytics is linked to other data about you, such as search history, personal accounts, usage data from other devices and any other data Google may have about you.
We do not store user and event data.
You can view the cookies that are set in connection with Google Analytics in the list above.
You can revoke your consent at any time by making the corresponding settings directly via our banner. The user and event data will be deleted after 50 months.
We use Google Ads with your consent pursuant to Art. 6 (1) a) GDPR in order to be able to display advertisements to you on websites of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google") and other third-party providers.
You can find more information about cookies in the cookie list above.
For more information on the privacy of Google services, please visit: https://policies.google.com/privacy?hl=de
Google Tag Manager
We use the Google Tag Manager of the provider Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland
Through Google Tag Manager, website tags are managed through one interface. This allows us as marketers to manage website tags through one interface. Tags are small sections of code that, for example, record (track) your activities on our website. The Google Tag Manager itself does not set cookies, but ensures that other tags are activated, which in turn may collect data, such as Google Analytics. Google Analytics itself sets cookies. You can find more information on this in the chapter "Web tracking measures".
By implementing the Google Tag Manager, your IP address is transferred anonymously to Google. This may also result in data being transferred to Google servers in the USA. We have concluded an order processing contract with Google in accordance with Art. 28 GDPR and the data transfer to third countries, such as the USA, takes place on the basis of standard contractual clauses
In the Tag Manager account settings, we have not allowed Google to receive anonymised data from us
The storage period of the integrated tracking tools, such as Google Analytics, depends on the respective tool used, which is loaded via the Google Tag Manager
1. Therapist login and search
We also offer therapists and other medical experts the opportunity to create a user account for our "Therapist Login". The purpose of this protected member area is to make further information on our products available centrally.
Registration and creation of a user account: To register and create your user account, we collect your email address and password. You will receive an e-mail via "Forgotten password" to change your password. The legal basis for this data processing is Art. 6 para. 1 lit. b) GDPR. Your data is processed for the purpose of fulfilling (pre)contractual obligations.
Therapist search: You have the option of being listed as a therapist on our website. We publish your first and last name, address, telephone number, email address, your web presence and your practice focus incl. type of practice after your consent according to Art. 6 para. 1 lit. a) GDPR. The purpose of the data processing is to advertise your practice. You can revoke your consent at any time without affecting the lawfulness of the previous processing.
Storage period: We store your data until the deletion of your user account or your revocation. This does not affect the fulfilment of retention obligations, such as under the Federal Tax Code.
2. Processing operations in connection with the exercise of data protection rights
Insofar as your data has been provided on the basis of consent pursuant to Art. 6 (1) a), Art. 9 (2) a) or Art. 49 (1) a) GDPR, we will process your data exclusively for the intended purpose and after separate information in order to be able to prove within the scope of the accountability incumbent upon us pursuant to Art. 5 (2) GDPR that you have consented to the data processing in question. If you withdraw your consent, your data will be deleted within the legally prescribed period - please note, however, that data that fall under the tax law or other retention obligations must be stored for at least 10 years and, if necessary, extended by the duration of proceedings by the (tax) authority. The legal basis for data processing is Art. 6 para. 1 lit. c) GDPR.
Insofar as you assert data subject rights against us pursuant to Art. 15 to 21 of the GDPR, we also process and store your data in order to be able to prove within the scope of accountability pursuant to Art. 5 (2) of the GDPR that we have complied with the GDPR when processing your request. The legal basis for this processing is Article 6 (1) (c) of the GDPR in conjunction with the asserted data subject right(s).
Data processing in the context of application procedures
In order to receive and manage the application and thus for the purpose of (possibly) establishing an employment relationship, you can send us your application documents by e-mail. The legal basis for this data processing is Art. 6 para. 1 lit. b) GDPR. In the context of the application process, we only collect the data from you that is required to establish the employment relationship with us.
Within our company, only those people who are involved in the decision-making process will have access to your personal data.
In the event of a successful application, your personal data will be stored for the duration of your employment relationship. In addition, after its termination, your tax-relevant data will be archived within the framework of the statutory retention periods. In the event of an unsuccessful application, your personal data will be deleted 4 months after the rejection.
Operating social media presences
We operate the following social media presences:
Instagram and Facebook are products of Meta Platforms Inc (formerly Facebook Inc): facebook.com/help/1561485474074139/? helpref=related
Data processing by us:
3. Maintenance of the above-mentioned social media pages and placement of ads
The personal data entered on social media sites, such as comments, videos, pictures, likes, public messages, etc. are published by the respective social media platform. We reserve the right to delete content should this be necessary. Where appropriate, we share content on our site and contact you via the social media platform, for example via the messengers offered. In addition, we regularly place advertisements ("ads") via our social media pages. The legal basis for this data processing is the legitimate interest according to Art. 6 para. 1 lit. f) GDPR, which is in the interest of our public relations and communication.
4. Page Insights
The social media platforms provide anonymised statistics and insights that help us gain knowledge about the types of actions people take on our site (called "page insights"). These page insights are created based on certain information about people who have visited our site
The legal basis for this data processing is our legitimate interest according to Art. 6 para. 1 lit. f) GDPR, which is based on obtaining information about the actions as well as visitors to our pages
This processing of personal data is carried out by the social media platform and us as so-called joint controllers according to Art. 26 GDPR. In the event of joint responsibility, a separate agreement must be concluded
Instagram and Facebook: https://www.facebook.com/legal/terms/page_controller_addendu
If you wish to object to certain data processing over which we have control (e.g. deletion of comments), please contact us using the contact details above
Note: The provision of your data is neither legally nor contractually required or necessary for the conclusion of a contract. You are not obliged to provide your personal data. The consequence of not providing it is that you will not be able to communicate or interact with us via our social media pages or participate in the competition. To contact us, please use the above-mentioned e-mail address
Data processing by the operator of the social media platform:
In addition to us, there is also the operator of the social media platforms themselves. From a data protection point of view, this operator is also considered to be another responsible party that carries out its own data processing. This means that the operator is also a separate responsible entity according to the GDPR. However, we have only limited influence on the data processing by the operator. At the points where we can exert influence (e.g. through parameterisation), we work towards data protection-compliant handling by the operator of the social media platform within the scope of our possibilities. In many places, however, we cannot influence the data processing by the operator of the social media platform and also do not know exactly what data they process. The respective operator will inform you about the processing of personal data in its own data protection declaration:
Note: The operator of the social media platform uses web tracking methods. The web tracking can also take place regardless of whether you are logged in or registered with the social media platform. As already explained, we can unfortunately hardly influence the web tracking methods of the social media platform. For example, we cannot switch this off. Please be aware of this: It cannot be ruled out that the provider of the social media platform uses your profile and behavioural data, for example, to evaluate your habits or personal relationships and preferences etc. We have no influence on the processing of your data by the provider of the social media platform.
Data subjects' rights
Your rights as a data subject
In accordance with Art. 15 (1) GDPR, you have the right to request information free of charge about the personal data stored about you. Furthermore, if the legal requirements are met, you have the right to rectification (Art. 16 of the GDPR), deletion (Art. 17 of the GDPR) and restriction of processing (Art. 18 of the GDPR) of your personal data. If you have provided the processed data yourself, you have a right to data transfer according to Art. 20 DS GDPR GVO.
If the data processing is based on Art. 6 (1) e) or f) GDPR, you have the right to object pursuant to Art. 21 GDPR. If you object to data processing, this will not take place in the future unless the controller can demonstrate compelling legitimate grounds for further processing that outweigh the interest of the data subject in objecting.
If the data processing is based on consent pursuant to Art. 6 (1) a), Art. 9 (2) a) or Art. 49 (1) a) GDPR, you may revoke your consent at any time with effect for the future without affecting the lawfulness of the previous processing
You also have the right to lodge a complaint with a data protection supervisory authority. In particular, the complaint may be lodged with a supervisory authority in the EU Member State of your place of residence, place of work or place of the alleged infringement.
No automated decision making
We do not carry out automatic decision-making or profiling.
Unless otherwise stated in the previous chapters, the provision of personal data is neither legally nor contractually required or necessary for the conclusion of a contract. Failure to provide your personal data may mean that we are unable to respond to your enquiries, for example.
This data protection notice was created in cooperation with the consulting firm SCALELINE. The legal texts are subject to copyright.