Privacy policy

1. Why does this privacy policy exist?

Welcome to the Mediapool of Sebapharma GmbH & Co. KG! Various personal data are processed during use. The General Data Protection Regulation (GDPR) contains some obligations for companies with regard to this processing. You as a data subject have the right to be informed about certain aspects of the processing of your personal data at the time of collection, in particular in accordance with Art. 13 GDPR. Therefore, you will be provided with the following information.

2. What are personal data?

The subject of privacy are personal data (hereinafter referred to as “data”), including any information relating to an identified or identifiable natural person such as name, address, profession, e-mail address, state of health, income, marital status, genetic characteristics, telephone number and, if necessary, user data such as the IP address.

3. What does processing mean?

Processing means any operation which is performed on personal data such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

4. What are cookies?

Cookies are small data packets normally consisting of letters and numbers and stored on a browser when you visit certain websites. Cookies enable the website to recognise your browser, track you visiting various sections of the website and identify you when you return to the website. Cookies do not contain any data that identify you personally. The information concerning you stored by the operator can be assigned to the data obtained from and stored in the cookies.

5. Who is responsible for the data processing in the Mediapool?

The controller for the processing of your personal data in the context of using the website (hereinafter referred to as the “website”) is Sebapharma GmbH & Co. KG (hereinafter referred to as the “operator”). The contact details are as follows:

Sebapharma GmbH & Co. KG
represented by the General Partner Sebapharma Verwaltungs GmbH,
in turn represented by the Managing Directors Thomas Maurer and Dr. Daniel Rothoeft

Binger Str. 80
56154 Boppard, Germany
Telefon: 06742-9000
Telefax: 06742-900176

6. Who is the data protection officer?

The operator has appointed a data protection officer who can be contacted at MORGENSTERN consecom GmbH, Große Himmelsgasse 1, 67346 Speyer, Germany and under the telephone number 06232-10011944.

7. What happens when accessing the Mediapool?

Whenever the website and its subpages are accessed, usage data are transmitted by the respective internet browser and stored in log files (server log files). The stored data records contain the following data: date and time of access, name of the subpage accessed, IP address, referrer URL (original URL from which you have accessed the website), data volume transferred as well as product and version information of the browser used. The log files are evaluated in anonymous form by the operator in order to further improve the website and make it more user-friendly, to find and rectify faults more quickly as well as to control server capacities. Therefore, it can be retraced at what time the use of the website is particularly popular and the operator can provide appropriate data volume.

The admissibility of this processing is based on Art. 6 para. 1 b), f) GDPR (user relationship, legitimate interest). The operator is particularly concerned with making image material available online and enabling smooth retrieval by external parties. Thus, the operator ensures the standardised presentation of its products. The data processed when the website is accessed are required to enable you accessing the website. This would not be possible without the processing of this technically necessary data.

Your IP address will be deleted or anonymised after termination of use so that no personal reference can be made.

8. What data are processed when registering?

In order to use the Mediapool and all content available through it, you need to register. For this purpose, you have to enter a username and a password. The operator accepts your registration and sends you new access data.

The admissibility of this processing is based on Art. 6 para. 1 b) GDPR (contract). You are not able to retrieve the contents without registration.

The storage of your personal data depends on the existing of your user account.

9. How does the contact form work?

If you would like to contact the operator, you can use the contact form. Within this form, you have to provide various details to enable a timely communication with the operator. Your data will be used to respond to your request and to create your user account.

The admissibility of this processing is based on Art. 6 para. 1 b) GDPR (pre-contractual measure). The provision of data is necessary otherwise you are not able to send a message to the operator and the operator cannot create a user account for you.

The messages received via the contact form are regularly deleted by the operator. If you register after contacting us, your personal data will be stored for a longer period.

10. What data are processed when downloading image material?

If you download image material from the website, the following data are processed: date and time of access, IP address and transmitted data.

The admissibility of this processing is based on Art. 6 para. 1 b) GDPR (contract). The processing of data is necessary, otherwise you are not able to download files and use the contents of the Mediapool.

The data processed when downloading images will be deleted once the contractual relationship has been terminated, all mutual claims have been fulfilled and there are no statutory retention obligations or statutory bases for storage.

11. Why are cookies set on the website?

The operator uses cookies to improve the user-friendliness, optimise the display, prevent fraud and improve the security of the website.

The admissibility of this processing is based on Art. 6 para. 1 f) GDPR (legitimate interest). The operator wants to ensure that the website can always be accessed without errors and safely by setting certain cookies regardless of the device used. Therefore, particular technical settings are logged. If you delete the cookies necessary for the operation of the website, this can lead to functional restrictions and security gaps.

The cookies set have different storage periods. However, they are automatically deleted after a specified period of time.

12. What data processing takes place when integrating Google Fonts?

The operator uses external fonts on the website via the Google Fonts service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. By using this service, information on the use of the website (e.g. date and time of access, IP address etc.) is transmitted to Google servers in Ireland and stored. If necessary, data may also be transferred to the USA. This transfer is lawful under the conditions of Art. 46 GDPR and on the basis of the standard contractual clauses effectively included in the contractual relationship with Google. They have been approved by the European Commission and ensure an adequate protection of your personal data. You will find further information directly at Google

The operator uses Google Fonts to enable you using external fonts for a better presentation of the website. The admissibility of this processing is based on Art. 6 para. 1 f) GDPR (legitimate interest). The operator wants to ensure that the contents are easily readable and displayed correctly. The use of different fonts is important and necessary. Deactivating Google Fonts will result in other fonts being displayed.

The operator does not store any personal data when integrating Google Fonts.

13. To which recipients are my data transferred?

The data collected when you were accessing and using the website and the information you provided when contacting are transmitted to the operator’s server and stored there. In addition, your data can be transferred to the following categories of recipients: internal departments involved in the processing of your personal data (e.g. marketing department) and processors (e.g. IT service providers, software manufacturers, advertising agencies). The transfer or access is always subject to a legal basis or takes place in the context of a proper processing.

14. What are the data subject rights?

You have the following rights: you have the right of access (Art. 15 GDPR), to rectification (Art. 16 GDPR), to erasure to restriction of processing (Art. 18 GDPR) and to data portability (Art. 20 GDPR).

If your personal data are processed on the basis of Art. 6 para. 1 f) GDPR, you have the right to object on grounds relating to your particular situation or if the objection is directed against direct marketing (Art. 21 GDPR). If you object to direct marketing, the operator will no longer send you advertising messages.

Please note that you can assert your rights against the operator at any time. However, this does not mean that they will be fulfilled. For example, you cannot demand the deletion of your personal data and at the same time maintain a user account.

If you have given your consent to the processing of your personal data and withdraw it, the processing remains unaffected until withdrawal.

You have the right to lodge a complaint with the competent supervisory authority at any time. You will find an overview of the competent supervisory authorities if you follow this link.