Data protection:

from www.mertz-pharma-handel.de
This application collects personal data from its users.

Provider and responsible person

Mertz Pharma Handel GmbH
Fangdieckstrasse 36
22547 Hamburg
Germany
Provider’s email address: info@mertz-pharma-handel.de


Types of data collected

Among the types of Personal Data that this Application processes, by itself or through third parties, there are: Cookies and Usage Data.
Complete details on each type of Personal Data processed are provided in the dedicated sections of this privacy policy or, specifically, by explicit instructions displayed before the Data is collected. Personal Data may be freely provided by the User, or, in case of Usage Data, collected automatically when using this Application. Unless otherwise specified, all Data requested by this Application is mandatory. Failure to provide the Data may make it impossible for this Application to provide its services to the User. In cases where this Application specifically states that some Personal Data is mandatory, Users are free not to provide such Data without consequences for the availability or the functioning of the service. Users who are unsure about which Personal Data is mandatory can contact the Owner. Any use of Cookies – or of other tracking tools – by this Application or by the owners of third-party services used by this Application serves the purpose of providing the Service required by the User, in addition to any other purposes described in the present document and in the Cookie Policy, if available.
Users are responsible for any third-party Personal Data obtained, published or shared through this Application and confirm that they have the third party’s consent to provide the Data to this Application.


Type and location of data processing

Processing methods
The Owner processes User Data properly, taking appropriate security measures to prevent unauthorized access, disclosure, alteration or destruction of Data. The Data Processing is carried out using computers or IT-based systems, in accordance with organizational procedures and practices specifically tailored to the purposes indicated. In addition to the Owner, in some cases, other types of persons, involved in the operation of this Application (human resources, sales, marketing, legal, system administrators) or external to it - such as third-party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) - may have access to the Data and thus have access to the Data. An up-to-date list of such parties may be requested from the Owner at any time.


Legal basis for processing

The provider may only process personal data of users if one of the following applies:
* Users have given their consent for one or more specific purposes. Note: In some jurisdictions the Owner may be allowed to process Personal Data until the User objects to such processing ("opt-out"), without having to rely on consent or any other of the following legal bases. However, this shall not apply where the processing of Personal Data is subject to European Data Protection Law;
* the data collection is necessary for the performance of a contract with the user and/or for pre-contractual measures arising from this;
* processing is necessary for compliance with a legal obligation to which the controller is subject;
* the processing is related to a task carried out in the public interest or in the exercise of official authority vested in the controller;
* processing is necessary to protect the legitimate interests of the provider or a third party.
In any case, the provider will gladly provide information about the specific legal basis on which the processing is based, in particular whether the provision of personal data is a legal or contractual obligation or a prerequisite for entering into a contract.


Location

The Data is processed at the Owner's offices and in any other places where the entities involved in the Data processing are located. Depending on the location of the Users, data transfers may involve the transfer of the Users' Data to a country other than their own. To find out more about the place of processing of the Data transferred, Users can consult the section containing the detailed information on the processing of Personal Data.
Users also have the right to know the legal basis of any Data transfer to a country outside the European Union or to any international organization governed by public international law or set up by two or more countries, such as the UN, as well as the security measures taken by the Owner to protect their Data. Should such a transfer take place, the User can find out more by checking the relevant sections of this document or by contacting the Owner using the information provided in the contact section.


Storage period

Personal data will be processed and stored for as long as required for the purpose for which it was collected.
Therefore:
* Personal data collected for the purpose of fulfilling a contract concluded between the provider and the user will be stored until this contract has been fully fulfilled.
* Personal Data collected to pursue the legitimate interests pursued by the Owner will be retained for as long as necessary to fulfill such purposes. Users may find more information about the Owner's legitimate interests in the relevant sections of this document or by contacting the Owner.
Furthermore, the provider is allowed to store personal data for a longer period if the user has consented to such processing, as long as the consent is not withdrawn. In addition, the provider may be obliged to retain personal data for a longer period if this is necessary to fulfill a legal obligation or upon order of an authority. After the expiry of the retention period, personal data will be deleted. Therefore, the right to information, the right to erasure, the right to rectification and the right to data portability cannot be asserted after the expiry of the retention period.


Purposes of processing

The Data concerning the User is collected to allow the Owner to provide its Services. Furthermore, the Data is collected for the following purposes: Analytics.
Users may find further detailed information on these processing purposes and on the Personal Data used for each purpose in the relevant sections of this document.
Detailed information on the processing of personal data
Personal data is collected for the following purposes and using the following services:
* Analytics


The rights of users
Users may exercise certain rights regarding their Data processed by the Owner.
In particular, users have the right to do the following:
* Revoke consent at any time. If the user has previously consented to the processing of personal data, he or she can revoke his or her consent at any time.
* Object to the processing of their data. The user has the right to object to the processing of his data if the processing is based on a legal basis other than consent. Further information on this is provided below.
* Obtain information regarding their data. The user has the right to know whether the data is being processed by the provider, to obtain information about certain aspects of the processing and to obtain a copy of the data.
* Check and correct. The user has the right to check the accuracy of his data and to request that it be updated or corrected.
* Request restriction of processing of their data. Users have the right to restrict the processing of their data under certain circumstances. In this case, the Owner will not process the data for any purpose other than storage.
* Request erasure or other removal of Personal Data. Users have the right, under certain circumstances, to request the Owner to erase their Data.
* Receive your Data and have it transmitted to another controller. The User has the right to receive his/her Data in a structured, commonly used and machine-readable format and, where technically feasible, to have it transmitted to another controller without hindrance. This provision is applicable provided that the Data is processed by automated means and the processing is based on the User's consent, on a contract to which the User is party or on pre-contractual obligations.
* File a complaint. Users have the right to file a complaint with the competent supervisory authority.


Details on the right to object to processing

Where personal data is processed in the public interest, in the exercise of an official authority vested in the owner or to safeguard the legitimate interests pursued by the owner, the user may object to such processing by providing a justification related to his or her particular situation.
Users are informed that they can object to the processing of their Personal Data for direct marketing purposes at any time without providing any justification. To find out whether the Owner processes Personal Data for direct marketing purposes, Users can refer to the relevant sections of this document.
How the rights can be exercised
Any requests to exercise User rights can be directed to the Owner using the contact details provided in this document. Requests can be exercised free of charge and will be processed by the Owner as soon as possible and at the latest within one month.
Further information on the collection and processing of data
Legal measures
The User's Personal Data may be processed by the Owner for legal purposes in Court or in the stages leading to possible legal action arising from improper use of this Application or the related services. The User declares to be aware that the Owner may be required to disclose his Personal Data by the authorities.
Further information about the user’s personal data
In addition to the information contained in this privacy policy, this Application may provide the User with additional and contextual information concerning particular Services or the collection and processing of Personal Data upon request.
System logs and maintenance
For operation and maintenance purposes, this Application and any third-party services may collect files that record interaction with this Application (System logs) or use other Personal Data (such as the IP Address) for this purpose.
Information not contained in this privacy policy
Further information regarding the collection or processing of personal data can be requested from the provider at any time using the contact details provided.
How “Do Not Track” requests are handled
This application does not support "Do Not Track" requests through web browsers. To determine whether integrated third-party services support the Do Not Track protocol, users should refer to the privacy policy of the respective service.

Changes to this privacy policy
The Owner reserves the right to make changes to this privacy policy at any time by informing its Users on this page and possibly within this Application and/or - as far as technically and legally feasible - by sending a notice to Users via any of the contact details available to the Owner. Users are therefore advised to regularly visit this page and check the date of the last modification indicated at the bottom of the page. If changes affect a use of data based on the User's consent, the Owner will - if necessary - obtain a new consent.

Definitions and legal notices

Personal data (or data)
Any information that can be used to identify a natural person, either directly or in combination with other information.
Usage data
Information that this Application (or third-party services employed by this Application) automatically collects, such as: the IP addresses or domain names of the computers utilized by the Users who use this Application, the URI addresses (Uniform Resource Identifier), the time of the request, the method utilized to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server's response (successful outcome, error, etc.), the country of origin, the features of the browser and the operating system utilized by the User, the various time details per visit (e.g., the time spent on each page within the Application) and the details about the path followed within the Application with special reference to the sequence of pages visited, and other information about the device operating system and/or the User's IT environment.
Users
The individual using this Application who, unless otherwise specified, coincides with the Data Subject.
Affected
The natural person to whom the personal data refers.
Processor (or data processor)
Natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller, as described in this privacy policy.
Responsible(or provider, sometimes also owner)
The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data, including the security measures concerning the operation and use of this Application. Unless otherwise specified, the Data Controller is the natural or legal person through whom this Application is offered.
This application
The hardware or software tool used to collect and process User Personal Data.
service
The service provided by this Application as described in the relative terms (if available) and on this page/application.
European Union (or EU)
Unless otherwise stated, all references in this document to the European Union refer to all current Member States of the European Union and the European Economic Area (EEA).
Cookies
Small file that is stored on the user's device.

Legal notice
This privacy policy has been drafted based on provisions from various legislations, including art. 13/14 of the Regulation (EU) 2016/679 (General Data Protection Regulation).This privacy policy relates exclusively to this Application, unless otherwise specified within this document.
Last updated: 30 May 2018 ·