Privacy Policy Chromsystems

1. Information about the collection of personal data

(1) In the following, Chromsystems Instruments & Chemicals GmbH (hereinafter referred to as “Chromsystems”) informs you about the collection of personal data upon use of this website. Personal data are defined as all data which can be attributed to your person, e.g. name, address, e-mail address, user behaviour.

 (2) The Controller in terms of Article 4 (7) of the EU General Data Protection Regulation (GDPR) is Chromsystems Instruments & Chemicals GmbH, Am Haag 12, 82166 Gräfelfing/Munich, Germany, E-mail: mailbox@chromsystems.de (see imprint).

The Chromsystems Data Protection Officer is available to answer your questions about the processing of your personal data by filling out the respective contact form, by e-mail to datenschutz(at)chromsystems.de, or by post to the above-mentioned data controller with the addition “The Data Protection Officer” in the address.

(3) When you contact Chromsystems by e-mail or via the contact form, the data you have provided (your e-mail address and, where applicable, your name and your telephone number) will be stored by Chromsystems for the purpose of responding to your enquiry. The data collected in this context are deleted once storage is no longer required; if there is a statutory duty to retain the data, processing will be restricted.

 

2. Your rights

You have the following rights in your relationship with Chromsystems with regard to the personal data concerning your person:

–         Right to information (Art. 15 GDPR),

–         Right to correction or erasure (Art. 16 & 17 GDPR),

–         Right to limit processing (Art. 18 GDPR),

–         Right to data portability (Art. 20 GDPR),

–        Right to object to processing (Art. 21 GDPR).

 

(2) You also have the right to complain to a data protection supervisory authority about the processing of your personal data by Chromsystems.

The designated data protection supervisory authority is Bayerisches Landesamt für Datenschutzaufsicht, Promenade 27 (Schloss),

91522 Ansbach, Germany,

Telephone: +49 (0) 981 53 1300,

Fax: +49 (0) 981 53 98 1300,

E-mail: poststelle@lda.bayern.de

 

3. Collection of personal data upon visiting this website

(1) If you are using the website only on an informational basis, i.e. you do not register or otherwise transmit information to Chromsystems, Chromsystems will only collect the personal data transmitted to the server by your browser. If you wish to view the website, Chromsystems collects the following data (including server log files), which are technically required in order to display this website to you and ensure stability and security (the legal basis is Article 6 (1) (f) GDPR):

–         IP address

–         Date and time of access

–         Time zone difference to Greenwich Mean Time (GMT)

–         Content of request (specific page)

–         Access status/HTTP status code

–         Amount of data transferred

–         Website from which the request is made

–         Browser

–         Operating system and its user interface

–         Language and version of browser software.

 

(2) In addition to the aforementioned data, cookies are stored on your computer when you use this website. Cookies are small text files which are stored on your hard drive and allocated to the browser used by you and through which the agency which sets the cookie (in this case Chromsystems) is provided with particular pieces of information. Cookies cannot execute applications or transfer viruses to your computer. Their purpose is to make the online service generally more user-friendly and effective.

(3) Use of cookies:

a) This website uses the following types of cookies, the scope and functioning of which are explained below:

–         Transient cookies (see b)

–         Persistent cookies (see c).

b) Transient cookies are automatically deleted when you close your browser. This particularly includes session cookies. These store a so-called session ID, through which different requests by your browser may be allocated to a single session. This enables your computer to be recognised when you return to this website. Session cookies are deleted when you log out or close the browser.

c) Persistent cookies are deleted automatically after a pre-set period, which may differ depending on the type of cookie. You may at any time delete cookies in your browser’s security settings.

d) You may configure your browser settings according to your preferences and, for example, reject the acceptance of third-party cookies or all cookies. This may mean that you will not be able to use all functions of this website.

e) For more information on the use of cookies on our website and their rejection, please read section 12.

 

4. Further functions and services of this website

(1) Alongside the purely informational use of this website, Chromsystems offers a number of different services which you may use if they are of interest to you. For this purpose, you will normally have to supply some additional personal data which Chromsystems will use to provide the respective service and to which the aforementioned principles of data processing apply.

(2) Chromsystems uses external service providers for some parts of the processing of your data. These providers have been carefully selected and engaged by Chromsystems, are bound to instructions and are monitored regularly.

(3) Furthermore, Chromsystems may provide your personal data to third parties if participation in promotions, contract conclusions or similar services of Chromsystems are offered in conjunction with associates. You will receive detailed information on this when you supply your personal data, or in the service description below.

(4) If these service providers or associates are domiciled in a state outside the European Economic Area (EEA), Chromsystems will inform you of the consequences of this fact in the service description.

 

5. Objection or revocation of consent to the processing of your data

(1) If you have given your consent for your data to be processed, you may revoke it at any time. Such a revocation affects the lawfulness of processing of your personal data once you have declared it to Chromsystems.

(2) If the processing of your personal data is based on a weighing up of interests, you may object to the processing. This is the case particularly if the processing is not required to fulfil a contract with you, which is explained by Chromsystems in each case in the following description of functions. If you wish to declare such an objection, Chromsystems requests that you stipulate the reasons why you wish no processing of your personal data to take place. In the event of a justified objection, Chromsystems will investigate the circumstances and either cease or adjust data processing, or notify you of mandatory reasons meriting protection, due to which the processing must be continued.

(3) You may, of course, at any time object to the processing of your personal data for the purposes of advertising and data analysis. Please use the following contact details to inform Chromsystems of your objection to advertising:

Chromsystems Instruments & Chemicals GmbH
Am Haag 12
82166 Gräfelfing/Munich, Germany

Telephone: +49 89 18930-0
Fax: +49 89 18930-299
E-mail: mailbox@chromsystems.de

 

6. Customer account (registration and ordering)

 (1) Registration for a customer account

If you wish to register on the Chromsystems website, you must provide your email address, full personal and company details and a password of your choice. Chromsystems uses the so-called double-opt-in procedure for registration, i.e. your registration will only be processed if you have confirmed your registration by clicking on the link contained in a confirmation email sent to you for this purpose. If you do not confirm registration within 72 hours, your registration will be deleted from the Chromsystems database. Provision of the aforementioned data is compulsory; all other data may be provided on a voluntary basis. The account will only be activated after verification by Chromsystems. You may submit a request to delete your customer account informally as an e-mail to mailbox@chromsystems.com. 

 (2) Ordering

If you place an order in the Chromsystems online shop, you must provide your personal details in order to conclude a contract. Chromsystems needs this information to process your order. In doing so, Chromsystems uses the data you have stored in your customer account. Chromsystems processes this data in order to process your order.

 (3) Encryption

In order to prevent unauthorised access to your personal data by third parties, the connection is encrypted using TLS technology.

 (4) Overview of the data collected in the registration and order area:

When you register and/or place an order, Chromsystems will store the data required for registration, the order history and the data you provide voluntarily for the duration of your use of the portal. You can manage and edit all details in the secure customer area. The legal basis for this is Article 6 (1) 1 (f) GDPR.

Due to provisions of commercial and tax law, Chromsystems is obliged to store your address, payment and order data for a period of ten years. However, after two years, Chromsystems restricts the processing of this data, i.e. your data will only be used to comply with the statutory obligations.

 (5) Data collected

The following data is collected and stored for registration and ordering (fields marked with * are mandatory): title, first and last name*, company/institution*, department, street*, postcode*, city*, country*, telephone number, your message, email address*, password* (this cannot be viewed by Chromsystems), time stamp of the registration and last activity.

(6) Reasons for collection

  • Clear identification of the person
  • Allocation to a suitable internal account manager
  • As a basis for decisions on the activation of the account
  • As a basis for business communication, provision of product information and, if applicable, for processing orders.

(7) Disclosure to third parties

The data collected in connection with registration and ordering will be stored solely for internal processing.

 

7. Newsletter

(1) Subscription

With your consent, you may subscribe to the Chromsystems newsletter. The goods and services advertised are specified in the declaration of consent. Subscription to the newsletter via the website currently takes place by voluntarily placing a tick in enquiry forms.

(2) Double-opt-in procedure

Chromsystems uses a double-opt-in procedure for newsletter subscription. This means that following your registration for subscription Chromsystems will send you an e-mail to the e-mail address provided in which you are asked to confirm that you wish to receive the newsletter. If you do not confirm your subscription within 72 hours, your information will be blocked and deleted after one month. In addition, Chromsystems stores the IP addresses used by you in each case, and the time of registration and confirmation. The purpose of this procedure is to be able to prove your registration and investigate and solve any potential misuse of your personal data.

(3) Revocation

You may at any time revoke your consent for the newsletter to be sent and unsubscribe from the newsletter. You may declare revocation by clicking on the link provided in each newsletter e-mail, by e-mail to marketing@chromsystems.de, or by a message to the contact details included in the Imprint.

(4)  Overview of the data collected for Newsletters and Tracking

Please note that we analyse your user behaviour when we send newsletters. For this purpose, the e-mails sent contain so-called web beacons or tracking pixels, which consist of a one-pixel image file stored in our e-mailings. For our analysis we link the data specified in paragraph 3 and the web beacons with your e-mail address and an individual ID.

Links contained in the newsletter likewise contain this ID.

The data collected in this way inform us of the time you read our newsletter, which links you click on in the newsletter, and very generally track the user behaviour of the users of our website.

You may object to this tracking at any time by e-mail to marketing@chromsystems.de. The information is stored for as long as you are subscribed to the newsletter. Following unsubscription we store the data purely for statistically purposes and anonymously.

Furthermore, the tracking described above is not possible if you have disabled the display of images in your e-mail application by default. In this case the newsletter will not be fully displayed and you may not be able to use all functions. If you manually cause the images to be displayed, tracking will be enabled as described above.

(5) Data collected

The following data is collected and stored to send the newsletter: first and last name, company, country, email address, IP address and time of subscription and unsubscription

Data in addition to the email address and first and last name are collected because the newsletter subscription is currently only possible as an additional offer of other enquiry forms.

(6) Reasons for collection

Chromsystems stores your email address and, if applicable, other information provided by you for the purpose of sending the newsletter in a personalised and target group-specific manner.

The IP address used and the date of subscription and unsubscription to the newsletter are stored in our internal customer database on the website in order to be able to prove lawful consent or unsubscription and, if necessary, to be able to clarify any possible misuse of your personal data.

(7) Disclosure to third parties

The data collected in connection with the newsletter subscription is stored for internal processing, among other things.

In order to send the newsletter, Chromsystems transfers your email address and, in the case of personalised dispatch, your surname to Inxmail GmbH based in Freiburg/Germany. Further information on the data protection at our service provider can be found at https://www.inxmail.com/data-conditions.

 

8. Quote Request

(1) Purpose

As a guest or logged-in customer, you have the option of using a form to request a non-binding offer for one or more products in our product range (. (Legal basis is Art. 6 para. 1 p. 1 lit. f GDPR).

(2) Data collected

The following data is collected and stored for enquiries (fields marked with * are mandatory): title, first and last name*, company/institution*, department, street*, postcode*, city*, country*, telephone number, your message, email address*, selection of items you are enquiring about.

(3) Reasons for collection

  • Clear identification of the person
  • Allocation to a suitable internal account manager
  • As the basis for preparing a country-specific offer

(4) Disclosure to third parties

The data collected in connection with the enquiry will be stored for internal processing. If necessary, data is passed on to regional dealers who ensure country-specific support. Only data from customers outside the EU leave the European Union.

 

9. General Request, Technical Support, Sales Enquiry (Your Local Representative)

(1) Purpose

As a user of our website, you have the option of using forms to send enquiries to Chromsystems on general topics of clinical diagnostics, technical problems or on products and their field of application (Legal basis is Art. 6 para. 1 p. 1 lit. f GDPR).

(2) Data collected

The following data is collected and stored for the types of enquiry specified under (1) (fields marked with * are mandatory): title, first and last name*, company/institution*, country*, your message, email address*.

(3) Reasons for collection

  • Clear identification of the person
  • Allocation to a suitable internal customer advisor in order to be able to answer the question professionally and quickly.

 (4) Disclosure to third parties

The data collected in connection with the enquiry forms specified above will be stored for internal processing. If necessary, data is passed on to regional dealers who ensure country-specific support. Only data from customers outside the EU leave the European Union.

 

10. Workshop enquiry

(1) Purpose

On our website you can enquire about a participation in one of our workshops (Legal basis is Art. 6 para. 1 p. 1 lit. f GDPR).

(2) Data collected

The following data is collected and stored for workshop enquiries (fields marked with * are mandatory): title, first and last name*, company/institution*, country*, your message, email address*.

(3) Reasons for collection

  • Clear identification of the person
  • Allocation to a suitable internal customer advisor in order to be able to answer the question professionally and quickly.

 (4) Disclosure to third parties

The data collected in connection with the workshop enquiry will be stored for internal processing. If necessary, data is passed on to regional dealers who ensure country-specific support. Only data from customers outside the EU leave the European Union.

 

11. Download of brochures

(1) Purpose

On our website you can download brochures, flyers and other documents. After the form has been filled out and submitted, Chromsystems will send the link to download the desired document to the email address provided (Legal basis is Art. 6 para. 1 p. 1 lit. f GDPR).

(2) Data collected

The following data is collected and stored when downloading brochures (fields marked with * are mandatory): title, name*, company/institution*, country*, your message, email address*, downloaded document.

(3) Reasons for collection

  • Sending the link to download the requested document
  • Sending personalised, country-specific product information

 (4) Disclosure to third parties

The data collected in connection with the brochure download will be stored for internal processing. If necessary, data is passed on to regional dealers who ensure country-specific support. Only data from customers outside the EU leave the European Union.

12. Privacy policy for social media channels 

(1) Legal basis of the processing

The operation of social media profiles involving the processing of users' personal data is based on our legitimate interest in providing a timely and supportive information and interaction channel for our users pursuant to Art. 6 para. 1 lit. f. GDPR, as well as in the presence of user consent pursuant to Art. 6 para. 1 lit a GDPR.

(2) Purpose of data processing

By operating social media profiles, we demonstrate that our company is in line with today's zeitgeist by providing both an information and interaction platform to users. As more and more customers use social media profiles, we want to increase our accessibility and possibility of interaction by operating social media profiles. By sharing internal company operations and offering our services and products on social media channels, we can present ourselves more publicly and increase our transparency to customers. At the same time, customers can contact us informally via the social media profiles.

13. Facebook

(1) Facebook profile details

For the information service offered here, the company uses the technical platform and the services of 
Facebook Ireland Ltd.
4 Grand Canal Square 
Grand Canal Harbour 
Dublin 2
Ireland 

We would like to point out that you use our Facebook page and its functions on your own responsibility. This applies in particular to the use of the interactive functions (e.g. commenting, sharing, rating). Alternatively, you can also access the information offered via this page on our website at URL of the company www.chromsystems.com.

(2) Processing of personal data by Facebook

When you visit our Facebook page, Facebook collects, among other things, your IP address and other information that is present on your PC in the form of cookies. This information is used to provide us, as operators of the Facebook pages, with statistical information about the use of the Facebook page.
Facebook provides more detailed information on this at the following link:
https://www.facebook.com/help/pages/insights

The data collected about you in this context is processed by Facebook Ltd. and may be transferred to countries outside the European Union in the process. Facebook describes in its general terms what information it receives and how it is used in its data usage guidelines. There you will also find information about contact options for Facebook as well as about the settings options for advertisements. The data usage guidelines are available at the following link:
https://www.facebook.com/privacy/policy/

In what way Facebook uses data from visits to Facebook pages for its own purposes, to what extent activities on the Facebook page are assigned to individual users, how long Facebook stores this data and whether data from a visit to the Facebook page is passed on to third parties, is not conclusively and clearly stated by Facebook and is not known to us.
When you access a Facebook page, the IP address assigned to your end device is transmitted to Facebook. According to Facebook, this IP address is anonymised for "German" IP addresses. Facebook also stores information about the end devices of its users (e.g. as part of the "login notification" function); this may enable Facebook to assign IP addresses to individual users.
If you are currently logged in to Facebook as a user, a cookie with your Facebook ID is located on your end device. This enables Facebook to track that you have visited this page and how you have used it. This also applies to all other Facebook pages. Via Facebook buttons embedded in websites, it is possible for Facebook to record your visits to these website pages and assign them to your Facebook profile. Based on this data, content or advertising can be offered tailored to you. If you want to avoid this, you should log out of Facebook or disable the "stay logged in" feature, delete the cookies on your device, and exit and restart your browser. In this way, Facebook information through which you can be directly identified will be deleted. This will allow you to use our Facebook page without revealing your Facebook identifier. When you access interactive features of the page (Like, Comment, Share, Message, etc.), a Facebook login screen will appear. After any login, you will again be recognisable to Facebook as a specific user.

Information on how to manage or delete information about you can be found on the following Facebook support pages:
https://www.facebook.com/help/

According to Facebook, it stores data until it is no longer needed to provide the services and Facebook products or until the user's respective account is deleted, whichever comes first. This depends on the circumstances of the individual case, in particular the type of data, why it is collected and processed, and the relevant legal or operational storage needs. 
For more information on data storage, please see:
https://www.facebook.com/privacy/policy

(3) Facebook Page Insights

Facebook processes a number of personal data of page visitors in its so-called "page insights" for its own purposes. This processing takes place regardless of whether page visitors are registered on Facebook or not and whether page visitors are members of the Facebook network. Users who access the Facebook pages without being registered or logged in to Facebook also have the option of influencing the scope of data processing by means of a cookie banner set by Facebook. 
More information on Facebook cookies can be found at: 
https://www.facebook.com/policies/cookies/

Page insights are aggregate statistics based on certain "events" logged by Facebook servers when people interact with pages and the content associated with them. Page operators themselves do not have access to the personal data processed as part of "events," only the aggregated, anonymised Page insights. 
More information can be found at:
https://www.facebook.com/legal/terms/page_controller_addendum 

(4) Rights of the data subject

The Facebook fan page offers you the opportunity to respond to our posts, comment on them and send us private messages. Please carefully consider what personal data you share with us via our Facebook fan page. If you would like to avoid Facebook processing personal data you submit to us, please contact us by other means, such as the contact options on our www.chromsystems.com.

Facebook Ireland has committed under the Page Insights Supplement to respond to requests from data subjects in accordance with Facebook's obligations under the Page Insights Supplement (available at https://www.facebook.com/legal/terms/page_controller_addendum). 

Facebook provides further information on data subject rights here: 
https://www.facebook.com/help/2069235856423257

Inquiries from users regarding data processing when visiting a Facebook fan page are forwarded by us to Facebook in accordance with the Insights Page Supplement. 
Users can find out more about their data subject rights at the following link: 
https://de-de.facebook.com/about/privacy

14. Linkedin

(1) Information on the LinkedIn profile 

The company uses the web-based social networking service offered by LinkedIn, based in Sunnyvale, California, USA, to maintain a company profile and share contributions.
The company points out that you use the LinkedIn network service offered and its functions on your own responsibility. This applies in particular to the use of the interactive functions (e.g. following, reposting, liking, commenting).

(2) Processing of personal data by LinkedIn

We cannot conclusively assess the extent to which LinkedIn offers its services in compliance with European data protection regulations. However, every user of the LinkedIn network must carefully check for himself or herself which personal data he or she shares with and via LinkedIn. This also applies to the use of our own company profile. We expressly draw attention to the fact that LinkedIn stores the data of its users (e.g. personal information, IP address, etc.) in accordance with its data usage guidelines and also uses this data for business purposes. LinkedIn informs about how and to what extent this data is processed in its privacy policy (https://de.linkedin.com/legal/privacy-policy). The company has no influence on the data collection and further use by LinkedIn.

Furthermore, it is not clear for Chromsystems to what extent, at which location and for how long the data is stored, to what extent LinkedIn complies with existing deletion obligations, which evaluations and links are made with the data and to whom the data is passed on.
Chromsystems itself does not collect any personal data from visitors to the LinkedIn page. "To the Internet - with security" also applies to social networks. Therefore, we ask you to carefully consider what personal data you provide and disclose to LinkedIn.

(3) Privacy settings on LinkedIn

The LinkedIn profile of Chromsystems offers you the opportunity to respond to our posts, comment on them, etc. Please carefully consider what personal data you share with us through our LinkedIn profiles. If you would like to avoid LinkedIn processing personal data you submit to us, please contact us through other means URL company contact page such as via www.chromsystems.com.

You have options to restrict the processing of your data in your LinkedIn account under "Account" at "Setting & Privacy". There you can control and manage the use of your data under "How LinkedIn uses your data". In addition, for mobile devices (smartphones, tablet computers), you can restrict LinkedIn's access to contact and calendar data, photos, location data, etc. in the settings options there. However, this depends on the operating system used. 

More information on these points is available on the following LinkedIn support pages: 
https://www.linkedin.com/help/linkedin/answer/a1337839/ihre-konto-und-datenschutzeinstellungen-verwalten-ubersicht?lang=en 

 

15. Use of Third Party Services and Cookies - Cookie Consent

We use the following carefully selected or system-related third-party services and cookies in order to meet legal requirements, to be able to execute functional processes on our pages in a stable manner and to measure user behavior on our website so that we can continuously improve.