|
|
Astrum CRO Germany GmbH
Oskar-Messter-Strasse 29
85737 Ismaning
Germany
Commercial Register No.: HRB 71741
Managing Directors:
Holger Stammer, Constanze Stammer, Dr. Jens Milde
Telephone: +49 544637-0
Email: Germany@AstrumCRO.com
|
|
|
Our data protection officer
Sven Lenz
Deutsche Datenschutzkanzlei Datenschutzkanzlei Lenz GmbH & Co. KG
Bahnhofstrasse 50
87435 Kempten
Germany
If you have any questions relating to data protection or any other concerns
relating to data protection regulations, please do not hesitate to contact us
by sending an email to the following email address: datenschutz@pharmalog.com
|
|
A. General information
For better comprehensibility, we do not
differentiate between genders. For the purposes of equal treatment, terms
used apply to all genders. Article 4 of the GDPR explains the meaning of the
terms used, e.g., "personal data" or "processing".
The personal data of users processed within the scope of this website include
- usage data (e.g., pages visited on our website) and
- content data (e.g., entries in the online forms).
|
|
B. Specifics
Privacy policy
We guarantee that we process your data only in connection with the processing
of your enquiries and for internal purposes as well as to provide services or
content requested by you.
|
|
|
Data processing principles
We process your personal data only in compliance with the relevant data
protection regulations for the following purposes and on the following legal
basis:
- Provision of our contractual services, Article 6 (1) b) GDPR
- Processing is a legal requirement, Article 6 (1) c) GDPR
- You have given your consent, Article 6 (1) a) and Article 7 GDPR
- Pursuance of our legitimate interests, Article 6 (1) f) GDPR
|
|
|
Data transmission to third parties
No data is transferred to third parties. If we use
subcontractors to provide our services, we take appropriate legal precautions
as well as appropriate technical and organisational measures to ensure the
protection of personal data in accordance with the relevant legal
regulations.
|
|
|
Transfer of data to a third country or
international organisation
Third countries are countries in which the GDPR law is not directly
applicable. In principle, this includes all countries outside the EU and the
European Economic Area.
No data is transferred to a third country or an international organisation
without a legal basis.
|
|
|
Storage duration of your personal data
We adhere to the principles of data economy and data avoidance. This means
that we only store your data for as long as necessary to fulfil the aforementioned purposes or for as long as the various
storage periods stipulated by the legislator. If the respective purpose
becomes obsolete or after the expiry of the corresponding periods, your data
will be blocked or deleted routinely and in accordance with the statutory provisions.
We have developed an internal company concept to ensure this procedure.
|
|
|
Contact
If you contact us via the website, you agree to electronic communication.
When you contact us by electronic means, personal data is processed. The
information you provide will only be stored for the purpose of processing
your enquiry and for possible follow-up questions (processing for the
performance of our services and implementation of contractual measures,
Article 6 (1) b) GDPR). We use software for the maintenance of customer data
(CRM system), in which we process personal data for the duration of the
customer relationship (processing for the purpose of our legitimate
interests, Article 6 (1) f) GDPR).
Please note that emails can be read or changed without authorisation and
unnoticed during transmission. Please also note that we use software for
filtering unsolicited emails (spam filter). The spam filter can reject emails
that have been falsely identified as spam by certain features.
|
|
|
What are your rights?
a)
The right of access
You have the right to obtain information about your stored data free of
charge. Upon request, we will inform you in writing as to which personal data
we have stored about you. This also includes the origin and recipients of
your data as well as the purpose of data processing.
|
|
|
b) The right to rectification
If your data stored with us is incorrect, you have the right to have it
corrected. You can request restricted processing, e.g. if you dispute the
accuracy of your personal data.
|
|
|
c) The right to data blocking
You can also have your data blocked. To ensure that your data can be blocked
at any time, these data must be kept in a block file for control purposes.
|
|
|
d) The right to erasure
You can request the deletion of your personal data, as far as no legal
storage obligations exist. If such an obligation exists, we will block your
data upon request. If the relevant legal requirements are met, we will delete
your personal data even if you do not request it.
|
|
|
e) The right to data portability
You are entitled to ask us to provide the personal data transmitted to us in
a format that permits the transmission to another location.
|
|
|
f) Right of appeal to a supervisory
authority
You have the option to file a complaint with one of the data protection
supervisory authorities.
Our competent data protection supervisory authority:
Bayerisches Landesamt für
Datenschutzaufsicht (BayLDA)
Promenade 27, 91522 Ansbach, Germany
Telephone: +49 981 53-1300
Fax: +49 981 53-981300
You can open the complaint form via the following link:
https://www.lda.bayern.de/de/beschwerde.html
Note:
A complaint can also be submitted to any data protection supervisory
authority in the EU.
|
|
|
g) The right to object
You have the right to object, on grounds relating to your particular
situation, at any time to processing of personal data concerning you
which is based on Article 6 (1) e) and f) GDPR, including profiling based on
those provisions.
Astrum CRO Germany GmbH shall no longer process
your personal data unless it can provide compelling legitimate grounds for
the processing which override your interests, rights and freedoms, or where
such processing is necessary for the assertion, exercise or defence of legal
claims.
If personal data are processed for the purpose of direct advertising, you
have the right to object to the processing of your personal data at any time
for the purposes of such advertising; this also applies to profiling where
connected to such direct advertising. In the event of such an objection, we
will no longer process your personal data for the purposes of direct
marketing. All you need to do is send us an email accordingly.
h) The right to withdraw
You are entitled at any time to withdraw your consent to the processing of
your data with effect for the future without stating any reasons. You will
not be at any disadvantage as a consequence of
withdrawing your consent. All you need to do is send us an email accordingly.
However, such revocation does not affect the legality of the processing
carried out up to that point on the legal basis of Article 6 (1) a) GDPR.
To assert your data subject rights, send an email to us at the following
address:
datenschutz@pharmalog.com
|
|
|
Protection of your personal data
We take contractual, technical and organisational security measures in
accordance with the state of the art in order to
ensure that the data protection laws are observed and thus to protect the
processed data against accidental or intentional manipulation, loss,
destruction or against access by unauthorised persons.
|
|
|
The security measures include, in particular, the encrypted transfer of data between
your browser and our servers.
A TLS encryption system is used for this purpose.
|
|
|
Your personal data are protected in the
context of the following points (excerpt):
a)
Protecting the confidentiality of your personal data
In order to protect the confidentiality of your data stored with us, we have
taken various access and control measures.
b) Protecting the integrity of your personal data
In order to protect the integrity of your data stored with us, we have taken
various transfer and input control measures.
c) Protecting the availability of your personal data
In order to protect the availability of your data stored with us, we have
taken various order and availability control measures.
Our applied security measures are continuously improved in line with
technological developments. Despite these precautions, and due to the
uncertain nature of the Internet, we cannot guarantee the security of your
data transmission to our website. Therefore, any data transmission by you is
at your own risk.
|
|
|
Protection of adolescents
Personal information may only be made available to us by persons under the
age of 16 with the express consent of their legal guardians. These data will
be processed in accordance with this privacy policy.
|
|
|
Server log files
The provider of the pages collects and automatically stores information in
so-called server log files that your browser transmits to us automatically.
These are:
Browser type and browser version
Operating system used
Referrer URL
Host name of the accessing computer
Time of the server query
IP address
These data are not combined with other data sources.
The legal basis for the data processing is, in accordance with Article. 6 (1)
f) GDPR,
our legitimate interest.
|
|
|
Data processing within the framework of the
job application process
On our website we offer job applicants the possibility of submitting
applications to us in writing or by email.
Information required as part of the application process includes general
personal information (name, address, telephone or electronic means of
contact) and performance-specific documentation of qualifications required
for a position. Where applicable, health-related information may also be
required, which must be given special consideration under employment and
social security law in the interest of the applicant's social protection.
When you send us your application documents, your data will be transmitted to
us via the selected communication method and processed exclusively for the
purpose of dealing with your application. We would like to draw your
attention to the fact that an email application is voluntary and that
transmission is not secure, as unauthorised persons can intercept emails and
possibly use the contents for their own purposes.
The legal basis for the processing is Article 6 (1) b) GDPR in conjunction
with Section 26 (1) of the German Federal Data Protection Act (BDSG), for the
purposes of which the application process is considered to be the initiation
of a contract of employment. Insofar as special categories of personal data
within the meaning of Article 9 (1) GDPR (e.g., data concerning health such
as information on severe disability) are requested from applicants as part of
the application process, processing will be in accordance with Article 9 (2)
b) GDPR, so that we can exercise the specific rights and carry out our
obligations in the field of employment and social security law and social
protection law.
Based on the above or alternatively the special categories of data may also
be processed based on Article 9 (1) h) GDPR, if it is for the purpose of
preventive or occupational medicine, for the assessment of the working
capacity of the applicant, medical diagnosis, the provision of health or
social care or treatment or the management of health or social care systems
and services.
If the applicant is not selected in the course of
the evaluation described above or if an applicant withdraws his/her application
prematurely, the data provided up to that point will be deleted after four
months at the latest following appropriate notification. This period is
defined on the basis of our legitimate interest in
being able to answer any follow-up questions about the application and, if
necessary, to comply with our obligations to provide evidence under the
regulations on equal treatment of applicants.
In the event of a successful application, the data which have been provided
will be processed further on the basis of Article 6 (1) b) GDPR in
conjunction with Section 26 (1) of the German Federal Data Protection Act
(BDSG) for the purpose of the implementation of the employment relationship.
In the application process you are also entitled to the data subject rights
under Chapter III of the GDPR (e.g., right of access, right to erasure or
rectification) as well as the the right to lodge a
complaint with the competent supervisory authority.
|
|
|
Cookies
Cookies are small text files that are stored
locally in the cache of your Internet browser. Cookies enable, e.g., the
recognition of the Internet browser. The files are used to help the browser
navigate through the website and use all functions to their full extent.
We only use cookies that are of relevance for the system or are necessary.
|
|
Changes to our privacy policy
We reserve the right to amend our privacy policy at short notice so that it
always comply with current legal requirements or to
implement changes to our services. This may, for example, concern the
introduction of new services. The new privacy policy will then apply for your
next visit.
|
|
Astrum CRO
●
Careers
|
Imprint
●
Legal Notices
●
Data Protection
|
|
