Privacy Policy

INFORMATION ON THE COMPILATION AND PROCESSING OF PERSONAL DATA PURSUANT TO THE REQUIREMENT OF TRANSPARENCY IN ACCORDANCE WITH SECTION 12 et. seqq. GENERAL DATA PROTECTION REGULATION

SPECIFICATION OF PURPOSE

ROTOP Pharmaka GmbH compiles and processes personal data for the purpose of entering into business relationships and the performance of contracts. Affected are all data categories relevant for the performance of pre-contractual and contractual obligations. Personal data shall only be disclosed to third parties if this is necessary for the performance of the business objective. The disclosure of personal data to third parties in third countries with an uncertain data-protection level (generally countries outside the European Union), which have no part in the business objective shall not take place or shall only take place with the consent of the data subject.

The compilation, processing and use of personal data shall be conducted to the extent that is legally permissible pursuant to Section 5 and 6 GDPR. If personal data are collected from the data subject, the data subject shall be entitled to the right of transparent information pursuant to Section 12 et. seqq. GDPR and in accordance with Section 32 FDPA. In general, only this information is processed and used that is necessary for the performance of tasks by the company and is directly connected to the purpose of the processing. In this case, the special conditions for the compilation, processing and use of the particular categories of personal data pursuant to Section 9 GDPR and Sections 22 et. seqq. shall be taken into account. The compilation and processing of sensitive data pursuant to the GDPR shall only be permitted within the scope of the principle of reservation of authorization or upon presentation of legal grounds.

THE RIGHTS OF DATA SUBJECTS

Pursuant to Sections 15 et. seqq. GDPR, data subjects shall be entitled to the disclosure, correction, erasure, limitation and objection against the compilation and processing of their personal data.

Pursuant to Section 13 Sub-section 2 Point c GDPR, data subjects shall further have the right to withdraw their consent regarding the future compilation and processing of personal data if the data processing is based on Section 6 Sub-section 1 a or Section 9 Sub-section 2 a GDPR. The legitimacy of the data processing done based on the consent given until its withdrawal shall remain unaffected.

However, a withdrawal of consent as well as the non-provision of the required data usually leads to the purpose, for which the data were or would have to be collected, being impossible to achieve. In order to exercise these rights, the written form is required. For this purpose, please contact us via email at
datenschutz@rotop-pharmaka.de.

ERASURE OF PERSONAL DATA

Personal data shall be erased once the purpose for their storage ceases to exist and no legal norm (e.g. statutory retention period) requires the data to be kept. The stipulations of Section 17 GDPR in conjunction with Section 35 FDPA shall apply. Insofar as the erasure for statutory and/or contractual reasons, or for reasons related to commercial and/or tax law is impossible, the data subject may be granted a limitation for the processing of personal data upon his/her request. In order to exercise this right, the written form is required.

THE DATA SUBJECT’S RIGHT TO DATA PORTABILITY

The company shall ensure the rights to data portability pursuant to Section 20 GDPR. Any data subject shall have the right to receive a copy of his/her personal data in a common, machine-readable data format.

CONTROLLER WITHIN THE MEANING OF GDPR AND FDPA
ROTOP Pharmaka GmbH
Bautzner Landstraße 400, 01328 Dresden

DATA PROTECTION SUPERVISOR OF THE COMPANY
Steve Vetter, Vetter Consulting
Oschatzer Str. 46 | 01127 Dresden, Germany

RIGHT TO FILE A COMPLAINT
All data subjects shall have the right of complaint with the state’s supervisory authority pursuant to Section 77 GDPR. You may contact the State Data Protection Commissioner via email: saechsdsb@slt.sachsen.de.

GDPR = General Data Protection Regulation
FDPA = Federal Data Protection Act

Last revision of the text: 25/05/2018