We take the protection of personal data very seriously. In the following, we would like to inform you of the purpose for which we collect personal data (such as name, address, e-mail address, telephone number) from you, how we deal with it and to whom we may make it available.
I. Responsible and Data Protection Officer
Alacris Theranostics GmbH
Max Planck Street 3
represented by its Managing Director Bodo Lange
Tel .: (+49) 0 30 8431 225-0
Fax: (+49) 0 30 8431 225-40
Our company data protection officer is reachable at aforementioned address or at firstname.lastname@example.org
II. Collection and storage of personal data
1. When visiting our website
When you visit our website www.alacris.de, the browser used on your device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file. The following information will be collected without your intervention and stored until automated deletion after three months:
- IP address of the requesting computer,
- date and time of access,
- name and URL of the retrieved file,
- website from which access is carried out (referrer URL),
- browser used and, if applicable, the operating system of your computer as well as the name of your access provider.
The data mentioned are processed by us for the following purposes:
- ensuring a smooth connection of the website,
- ensuring comfortable use of our website,
- evaluation of system security and stability as well as
- for further administrative purposes.
The legal basis for data processing is Art. 6 para. 1 p. 1 lit. f GDPR. Our legitimate interest follows from the data collection purposes listed above. In no case we use the collected data for the purpose of drawing conclusions about you as an individual.
2. When using our contact form
For questions of any kind, we offer you the opportunity to contact us via a form provided on the website. This requires the specification of a valid e-mail address. This serves for the assignment of the request and the subsequent answering of the request. The specification of further data is optional. The e-mail address will be saved so that we can process your request and contact you.
The data processing for the purpose of contacting us is in accordance with Art. 6 para. 1 p. 1 lit. a GDPR based on your voluntarily granted consent. The personal data collected by us for the use of the contact form will be deleted after the request has been made.
3. When registering for our newsletter
By e-mail newsletter we inform you about our offer or our company. If you register for our newsletter and confirm this by e-mail, we will save your e-mail address to send you regular e-mail newsletters (consent pursuant to Art. 6 para. 1 p. 1 lit. a GDPR). For the receipt of the newsletter the indication of your e-mail address is sufficient.
When you sign up to receive our newsletter, the data you provide will be used exclusively for this purpose. Subscribers may also be notified by email about circumstances relevant to the service or registration (such as changes to the newsletter offer or technical conditions).
For an effective registration we only need a valid e-mail address. In order to verify that a registration is actually made by the owner of an e-mail address, we use the ‘double-opt-in’ procedure. For this purpose we record the request of the newsletter, the dispatch of a confirmation mail and the receipt of the requested confirmation. Further data is not collected. The data will be used exclusively for the newsletter and will not be passed on to third parties.
The consent to the storage of your personal data and their use for the newsletter can be revoked at any time. Each newsletter contains a link to it. In addition, you can unsubscribe at any time directly on this website or tell us your request via the contact information specified under I.
The use of our website should be pleasant and meaningful for the visitor. To do this, we capture user behavior in order to constantly improve our website. These data are collected via cookies, ie small text files that are transmitted to your computer via your browser and stored there. Cookies do not retrieve information stored on your hard drive and do not affect your PC or files. Most of the cookies we use are so-called “session cookies”. They are automatically deleted after your visit. Other cookies remain stored on your device until you delete them. These cookies allow us to recognize your browser the next time you visit the website.
The data processed by cookies are required for the aforementioned protection of our legitimate interests as well as those of third parties according to Art. 6 para. 1 p. 1 lit. f GDPR. Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or always a hint appears before a new cookie is created. However, disabling cookies completely may mean that you can not use all features of our website.
5. Use of Google Maps
We use the Google Maps service of Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043 USA, hereafter “Google”, on our website.
Each time you visit Google Maps, Google sets a cookie to process user settings and data when viewing the page that has Google Maps embedded. This cookie is usually not deleted by closing the browser, but will expire after a certain amount of time unless it is manually deleted by you.
and the additional terms and conditions for “Google Maps”
The IP address provided by Google Analytics as part of Google Analytics will not be merged with other Google data. You can prevent the storage of cookies by a corresponding setting of your browser software. We point out, however, that in this case you may not be able to use all the functions of this website in full. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.
You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en. In addition, you can prevent the collection by Google Analytics by clicking on the following link. An opt-out cookie will be set which will prevent future collection of your data when visiting this website: https://tools.google.com/dlpage/gaoptout
6. Social Media plugins
On the basis of Art. 6 para. 1 sentence 1 lit. f GDPR, our website uses social media plugins (“plugins”) from various providers to make our company better known. The underlying commercial purpose is to be regarded as a legitimate interest within the meaning of the GDPR. Responsibility for the operation compliant with data protection is to be guaranteed by their respective providers. The integration of the plugins by us is done by means of the so-called two-click method in order to best protect visitors to our website.
a) Embedded YouTube videos
On our website, we embed YouTube videos. The corresponding plugins are operated by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. When you visit a page with the YouTube plugin, it will connect to YouTube’s servers. It tells YouTube which pages you visit. If you are logged in to your YouTube account, YouTube may personally associate your browsing behavior with you. This can be prevented by logging out of your YouTube account beforehand.
Anyone who has disabled the storage of cookies for the Google Ad program will not have to expect any such cookies when watching YouTube videos. However, YouTube also stores non-personal usage information in other cookies. If you want to prevent this, you must block the storage of cookies in the browser.
Our website uses the Share feature of the LinkedIn network, which is operated by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA.
The “Share-button” (“plugin”) establishes a direct connection between your browser and the LinkedIn server. LinkedIn receives the information that you have visited our website with your IP address. In addition, LinkedIn will be able to associate your visit to our website with you and your user account. We point out that we have no knowledge of the content of the transmitted (personal) data and their use by LinkedIn.
7. Integration of services and content of third parties
It may happen that content from third parties, such as map data from Google Maps, videos from YouTube (for more detail under Section II. 5. and 6.), RSS feeds or graphics from other websites are included in this online offer. This always presupposes that the providers of this content (hereinafter referred to as “third party provider”) perceive the IP address of the users. Because without the IP address they could not send the contents to the browser of the respective user. The IP address is therefore required for the presentation of this content. We endeavor to use only content whose respective providers use the IP address solely for the delivery of the content. However, we do not have any influence on this if the third party providers save the IP address e.g. for statistical purposes. As far as we know, we will inform users about it.
8. Google Analytics
III. Contractual relationship
We point out that we collect and save personal data that we need for the purpose of contract initiation and processing and that we have received from you for this purpose (Article 6 paragraph 1 p. 1 letter b GDPR), in the context of the legal requirements. The data processed by us include the basic data (e.g. names and addresses), contact data (e.g. e-mail addresses and telephone numbers) as well as contract data (e.g. services used, contract contents, contractual communication, names of contact persons) and payment details (bank details, payment history).
We will delete this data if the data for the fulfillment of contractual or legal obligations (in particular warranty obligations) are no longer required; otherwise, the statutory retention requirements apply (for further details, see Section IX.).
IV. Data security
We take appropriate technical measures in accordance with Art. 32 GDPR, taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the processing as well as the different likelihood and severity of the risk to the rights and freedoms of natural persons and organizational measures to ensure a level of protection appropriate to the risk.
Measures include, in particular, ensuring the confidentiality, integrity and availability of data by controlling physical access to the data, as well as their access, input, transmission, availability and separation. We have also set up procedures to ensure the claim of data subject rights, deletion of data and reactions to possible data vulnerabilities. Furthermore, we consider the protection of personal data already in the development or selection of hardware, software and procedures, according to the principle of data protection through technology design and privacy-friendly default settings (Art. 25 GDPR).
To protect the security of your data during transmission, we use state-of-the-art encryption techniques (such as SSL) over HTTPS.
V. Disclosure of data to third parties
A transfer of your personal data to third parties for purposes other than those listed below does not take place. We only share your personal information with third parties if:
- You have given express consent to this according to Art. 6 para. 1 sentence 1 lit. a GDPR
- transmission pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR is required to assert, exercise or defend legal claims and there is no reason to assume that you have a predominantly legitimate interest in not transmitting your data,
- in the event that transmission pursuant to Art. 6 para. 1 sentence 1 lit. c GDPR is a legal obligation, as well as
- this is legally permissible and according to Art. 6 para. 1 sentence 1 lit. b GDPR is required for the processing of contractual relationships with you.
VI. Rights of persons affected
If you would like to make use of the following rights, please address your inquiries or the like in writing to the person named under item I. or the data protection officer.
1. Information and correction of your data
You have the right to obtain without charge information from us on whether and which personal data about you are stored. If, in spite of our efforts to be accurate and up-to-date, incorrect information is stored, we will correct it immediately upon your request.
2. Right to delete your data
In addition, you may request the deletion of your personal data stored by us, unless the processing is required to exercise the right of freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims.
3. Right to restrict the processing of your data
You may request the restriction of the processing of your personal data in case the accuracy of the data is disputed by you, the processing is unlawful, but you reject its deletion and we no longer need the data, however you need the data for the assertion, exercise or defense of legal claims or you have filed an objection against the processing in accordance with Art. 21 GDPR.
4. Right to data portability
You also have the right to receive your personal information provided to us in a structured, common and machine-readable format, or to request the transmission to another person responsible.
5. Right of appeal
You can complain to a regulator. As a rule, you can contact the supervisory authority of your usual place of residence or work or our company headquarters. A list of the non-public-sector supervisory authorities can be found at:
VII. Right to object
If your personal data are processed based on legitimate interest according to Art. 6 para. 1 sentence 1 lit. f GDPR, you have the right to object to the processing of your personal data in accordance with Art. 21 GDPR, as far as there are reasons for this arising from your particular situation.
You have the right to revoke consent in accordance with. Art. 7 para. 3 GDPR at any time with effect for the future. Please send your revocation by e-mail to email@example.com or to our address stated in the imprint.
IX. Deletion of data
The data processed by us are deleted or limited in their processing in accordance with Articles 17 and 18 GDPR. Insofar as no specific deletion date is specified in this data protection declaration, the data stored with us will be deleted as soon as they are no longer required for their intended purpose and the deletion does not conflict with any statutory storage requirements. Unless the data is deleted because it is required for other legitimate purposes, its processing will be restricted. This applies in particular to data that must be kept for commercial or tax law reasons (§ 147 Tax Code, § 257 Commercial Code).