Data protection

Here you can find our Privacy Policy.

Thank you for visiting our website and for your interest in our company. The protection of your personal data is important to us. We inform you below about how we handle your personal data when you use our website at: https://www.farco.de/.

Thank you for visiting our website and for your interest in our company. The protection of your personal data is important to us. We inform you below about how we handle your personal data when you use our website at https:

I. Controller

FARCO-PHARMA GmbH
Gereonsmühlengasse 1-11
50670 Cologne
Postfach 10 14 45
50454 Cologne
Tel. +49 (0) 221 594061
Fax +49 (0) 221 593614
E-Mail: [email protected]

II. Data Protection Officer

Mr. Alexander Bugl
Bugl & Kollegen Gesellschaft für Datenschutz und Informationssicherheit mbH
Eifelstraße 55
93057 Regensburg
Office phone: 0941-630-49-789
E-Mail: [email protected]

III. Purposes of and legal bases for data processing

1. Use of the website for information purposes
You can visit our website without providing any personal information. If you only use our website for information purposes or otherwise provide us with information about yourself, we do not process any personal data, with the exception of the data that your browser transmits to enable you to visit the website.

Technical provision of the website
For the purpose of the technical provision of the website, it is necessary for us to process certain information that is transmitted automatically from you so that your browser can display our website and you can use the website. This information is automatically collected each time our website is accessed and is stored in our server log files. This information relates to the computer system of the accessing computer. The following data are collected:

  • IP address;
  • Browser type/version (e.g.: Firefox 59.0.2 (64 Bit));
  • Browser language (e.g.: German);
  • Operating system used (e.g.: Windows 10);
  • Internal resolution of the browser window;
  • Screen resolution;
  • JavaScript activation;
  • Java on/off;
  • Cookies on/off;
  • Color depth;
  • Referrer;
  • Time of access.

We also use permanent and temporary (session) cookies to make our website available for you to use. Cookies are text files that are stored in the internet browser or by the internet browser on your computer system when you access a website. A cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is accessed at a later stage. We use these cookies exclusively to make our website and its technical functions available to you. Some functions on our website cannot be offered without using cookies. The following information is stored in the cookies and transmitted to us: cookie ID, login information.

We do not use the information collected by us using the above-mentioned cookies to create user profiles or to analyze your surfing behavior.

We process your personal data for the purpose of the technical provision of our website in accordance with the following legal bases:

  • for the performance of a contract or for the taking of steps prior to entering into a contract in accordance with point (b) of Article 6(1) GDPR, where you visit our website to obtain information about us; and
  • to safeguard our legitimate interests in accordance with point (f) of Article 6(1) GDPR in order to make the website technically available to you. Our legitimate interest is to be able to provide you with an attractive, technically functioning and user-friendly website and to take measures to protect our website from cyber risks and to prevent our website from giving rise to cyber risks for third parties.

Content delivery networks (CDNs)
We use “content delivery networks” (CDNs) in order to be able to display the content of our pages as quickly as possible and to shorten the loading time of a page for the end user. When the files are retrieved from the server, data such as the IP address (or other information as specified above) are transmitted to the CDN server and stored temporarily at that location in log files. By caching content, CDNs help us to display content quickly and flexibly on all devices, even in the event of increased traffic on our website. We use CloudFlare on our website.

The provider is CloudFlare, Inc. 665 3rd St. #200, San Francisco, CA 94107, USA.

The operator of this website uses services provided by CloudFlare. CloudFlare offers a globally distributed content delivery network with DNS. On a technical level, the transfer of information between your browser and our website is routed through the CloudFlare network. CloudFlare is thus able to analyze data traffic between users and our website in order for instance to detect and prevent attacks on our services. Under certain circumstances, CloudFlare may also store cookies on your computer for optimization and analysis purposes.

The legal basis for the processing of your data is our legitimate interest in accordance with point (f) of Article 6(1) GDPR in ensuring the proper functioning of our website and enabling error-free operation for our users.

Further information can be found in the CloudFlare Privacy Policy at: https://www.cloudflare.com/security-policy.
The following two networks are currently used: unpkg.com, cdnjs.cloudflare.com.

2. Processing for the purposes of analysis, advertising and remarketing
We use cookies and the tools described below for the purpose of advertising and remarketing.

We only process your personal data if you have granted us your consent. The legal basis is point (a) of Article 6(1) GDPR. You can withdraw consent previously granted either entirely or in part with future effect by clicking on “Cookie settings” at the foot of the page and altering your selection.

Google Analytics
This website uses Google Analytics, a web analytics service provided by Google LLC (“Google”).

Google Analytics uses “cookies”. These are text files stored on your device that enable your use of the website to be analyzed. The information generated by the cookie about how you use this website (such as browser type/version, operating system used, referrer URL (the previously visited page), host name of the accessing computer (IP address), time of the server request) is usually transmitted to a Google server in the USA and stored at that location. The IP address transmitted by your browser within the ambit of Google Analytics is not cross-referenced with any other data held by Google. We have also supplemented Google Analytics with the code “anonymizeIP” on this website. This ensures that your IP address is masked so that all data are collected anonymously. The full IP address will only be transmitted to a Google server in the USA and truncated at that location in exceptional cases.

Acting on behalf of the operator of this website, Google will use this information to analyze how you interact with the website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator.

Browser plugin
You can object to the use of cookies by selecting the appropriate settings on your browser; however, please note that if you do so you may not be able to use all functions on this website. You can also prevent Google from collecting the data generated by the cookie relating to your use of the website (including your IP address) and also prevent Google from processing these data by downloading and installing the browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout?hl=de.
You can find more information about how Google Analytics handles user data in Google’s Privacy Policy: https://support.google.com/analytics/answer/6004245?hl=de.

Google Tag Manager
We use Google Tag Manager on our website. Google Tag Manager is a solution that enables marketers to manage website tags via an interface. The Google Tag Manager service itself (which implements the tags) is a cookie-less domain and does not collect any personal data. The Google Tag Manager service triggers other tags, which in turn may collect data. Google Tag Manager does not access these data. In the event of deactivation at domain or cookie level, it will remain operational for all tracking tags that are implemented with Google Tag Manager.

3. Active use of the website
In addition to using our website purely for information purposes, you can also actively use our website to contact us. As well as processing your personal data as described above in relation to purely informational use, we will also then process further personal data from you as described below.

Contact enquiries
In order to be able to process and answer the enquiries you send to us e.g. via the contact form (after forwarding to www.farco.de) or to our e-mail address, we process the personal data you provide in this context. This includes in any case your name and email address, in order to send you a reply, as well as the other information you send us in your message.

We process your personal data when answering contact enquiries for the purpose of upholding our legitimate interests in accordance with point (f) of Article 6(1) GDPR; our legitimate interest consists in properly answering customer enquiries.

IV. Categories of recipient

Within our company, only those employees who require your personal data in order for us to fulfill our contractual and legal obligations have access to them. As a general rule, your data are only shared with external bodies where permitted or required, or with your consent.

We list below the categories of external recipients of your data:

  • Private organizations outside the corporate group such as in particular online media agencies, which support us in the implementation of advertising measures on our websites, as well as IT service providers that support us, among other things, in operating, administering and maintaining our websites.
  • Public bodies and institutions, insofar as we are legally obliged to do so. For example, under the terms of our legal obligations, we report quality defects affecting our products (e.g. complaints and counterfeits) to the state authorities responsible for the companies in the Klosterfrau Group. We report your data collected by us in the context of non-interventional studies or observational studies to the respective competent authorities, towards which we are subject to a reporting duty under the terms of our legal obligations.

V. Transfer to third countries

We only transfer data to countries outside the European Union or the European Economic Area (known as “third countries”) if this is necessary, legally permitted or required, if you have given us your consent, or within the ambit of order processing.

If service providers in a third country are used, they are obliged to comply with the level of data protection in Europe by agreeing to the EU standard contractual clauses. Alternatively, we transmit data on the basis of an adequacy decision by the European Commission.

For further information, please contact our Data Protection Officer.

VI. Duration of storage

If you use our website purely for information purposes, we store your personal data on our servers exclusively for the duration of your visit to our website. After you have left our website, your personal data are erased immediately.

Whenever you actively use our website, we initially store your personal data for the duration of the response to your enquiry.

In addition, we also store your personal data until the limitation period for any legal claims arising under the relationship with you has expired, so that it can be used as evidence if necessary. The limitation period is usually between 12 and 36 months.

We erase your personal data once the limitation period expires, unless a statutory retention obligation applies, for example under the German Commercial Code (HGB) (Sections 238 and 257(4)) or under the German Tax Code (AO) (Section 147(3) and (4)). These retention obligations may apply for between two and ten years.

VII. Your rights as a data subject

Provided that the statutory prerequisites are met, you have the following rights as a data subject, which you can invoke against us:

Right of access:
In accordance with Article 15 GDPR, you have the right at any time to obtain confirmation from us as to whether or not we are processing personal data concerning you; if so, you also have the right in accordance with Article 15 GDPR to receive information concerning these personal data as well as certain other information (including the purposes of processing, categories of personal data, categories of recipient, planned storage period, the origin of the data, the use of automated decision-making and, in the event of transfer to a third country, appropriate safeguards) along with a copy of your data.

Right to rectification:
In accordance with Article 16 GDPR, you have the right to obtain the rectification of any personal data stored by us if they are inaccurate or incorrect.

Right to erasure:
You have the right, subject to the prerequisites laid down in Article 17 GDPR, to obtain from us the erasure of any personal data concerning you without undue delay. The right to erasure is not available, inter alia, if the processing of personal data is necessary for (i) exercising the right of freedom of expression and information, (ii) compliance with a legal obligation to which we are subject (e.g. statutory retention obligations) or (iii) for the establishment, exercise or defense of legal claims.

Right to restriction of processing:
You have the right, subject to the prerequisites laid down in Article 18 GDPR, to require us to restrict the processing of your personal data.

Right to data portability:
You have the right, subject to the prerequisites laid down in Article 20 GDPR, to request that we furnish to you with the personal data concerning you that you have provided to us in a structured, commonly used and machine-readable format.

Right to withdraw consent:
You have the right to withdraw your consent to the processing of personal data at any time with future effect.

 

Information concerning your right to object in accordance with Article 21 GDPR

1. You have the right to object at any time to the processing of your data on the basis of point (f) of Article 6(1) GDPR (data processing on the basis of a balancing of interests) or point (e) of Article 6(1) GDPR (data processing in the public interest) on grounds relating to your particular situation. This also applies to profiling based on this provision within the meaning of Article 4(4) GDPR.

If you object, we shall no longer process your personal data unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.

2. We also process your personal data in individual cases for the purpose of direct advertising. If you do not wish to receive advertising, you have the right to object to this at any time; this also applies to profiling insofar as associated with such direct advertising. We shall comply with this objection in future.

We shall no longer process your data for direct marketing purposes if you object to processing for these purposes.

 

You can submit enquiries concerning the exercise of the aforementioned data protection rights either to us using the contact details of the controller provided above or to our external Data Protection Officer using the contact details provided above.

You also have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR.

VIII. Scope of your obligations to provide data

As a general rule, you are not obliged to provide us with your personal data. However, if you do not do so, we may not be able to make our website available to you in full and without any technical errors and may not be able to answer any enquiries submitted by you to us. Any personal data that we absolutely require for the above-mentioned purposes of processing is marked with an “*” or another symbol as mandatory information.

IX. Absence of automated individual decision making (including profiling)

We do not operate any processes involving purely automated individual decision making (including profiling) in accordance with Article 22 GDPR.

 

Last updated in September 2024