Provider and Responsible Entity according to Data Protection Regulation
Aventis Foundation
Industriepark Höchst
65926 Frankfurt am Main
Germany
Contact:
Foundation headquarter Frankfurt
Tel.: +49 69 305 7256
Fax: +49 69 305 80554
Email: info@aventis-foundation.org
Responsible for the content of this domain according to Section 55 (2) RStV:
Ulrike Hattendorff, Aventis Foundation, Industriepark Höchst, D-65926 Frankfurt am Main, Germany
ulrike.hattendorff@aventis-foundation.org
This privacy statement explains how and why we collect and process personal data for the operation and provision of our online service and all associated websites, functions and content (hereinafter collectively referred to as “online service” or “website”). Our privacy policy applies to all domains, systems, platforms and devices (both desktop and mobile) that access and execute our online service.
The legal framework for this privacy statement is established by the General Data Protection Regulation (GDPR). When terms like “personal data” and their “processing” are used in this statement, we refer to the definitions provided in Article 4 of the General Data Protection Regulation (GDPR).
The personal data processed for the operation of the online service include inventory data (such as the names and email addresses of newsletter subscribers), usage data (such as the web pages visited while using the online service) and content data (such as individual posts in comment sections).
The term “user” applies to every individual whose data are processed by us to provide our online service. This includes every individual who visits our website to access and use our online service. The terminology used, including terms like “user”, is intended to be gender-neutral.
When we process our users’ personal data, we strictly adhere to the relevant data protection regulations. This means that we will only collect and process user data if we have the legal permission to do so, or in other words: if we are contractually or legally required to collect and process them to perform our contractual obligations (e.g. to process orders) and provide our online service; if the users explicitly consent to the collection and processing of their personal data; and if it is necessary for the purposes of the legitimate interests pursued by us (i.e. for the analysis, optimization, efficiency and security of our online service pursuant to Art. 6 (1) of the General Data
Protection Regulation GDPR, in particular for the measurement of target reach parameters).
We explicitly refer to the following legal texts as the legal grounds for the following requirements: Art. 6 (1) lit a and Art. 7 GDPR for consent; Art. 6 (1) lit b GDPR for the processing of personal data for the fulfillment of our contractual obligations; Art. 6 (1) lit c GDPR for the processing of personal data for the fulfillment of our legal obligations; and Art. 6 (1) lit f GDPR for the processing of personal data for the pursuit of our legitimate interests.
All of our security measures, be they of organizational, contractual or technical nature, live up to state-of-the-art standards and procedures, to ensure that all relevant data protection regulations are adhered to, and in order to protect the data we process against any accidental or intentional manipulation, loss, destruction or unauthorized access.
One example is the encryption of all data transferred between your browser and our server.
To pursue our legitimate interests in accordance with Art. 6 (1) lit f GDPR, we collect data that record information on the access to the server that hosts this service (so-called server log files). These access data include the name of the website or file accessed by the user, the time and date of the access, the volume of data transmitted, the report of successful retrieval, the browser type and version and operative system used by the user, the HTTP referer, the IP address and the name and address of the accessing provider.
These log files are stored for security purposes (e.g. to investigate abusive or fraudulent activities) and retained for a maximum of seven days before they are deleted. Any data needed as potential evidence will be retained until the respective incident is resolved.
Cookies are small files or pieces of data sent from our web server or third-party web servers and stored in our users’ web browsers for later retrieval. Their purpose is to record information on the user’s browsing activity and to provide this information to the server that sent them.
We use “session cookies” that are only stored in your computer’s temporary memory while you navigate our website (e.g. to enable you to save your login status, use the shopping cart function and to use our online service in general). Session cookies record a randomly generated but unique identification number, the so-called session ID. Unlike other cookies, session cookies do not carry any information on their origin and expiration date. They are not able to store any other data and are deleted as soon as you stop navigating our website or close your browser.
We will inform our users in advance if we want to use cookies for the anonymized measurement of target reach parameters.
If you do not want our servers to send cookies to your computer, please disable cookies in your browser settings. You can use your settings to delete all cookies that have been stored in your browser. Please note that disabling certain types of cookies may interfere with the use of certain functions on our website.
This website uses the self-hosted web analysis tool “Matomo”. Matomo allows us to compile statistics about visitors to our website in order to constantly improve our services. Below we explain which data we collect and store with Matomo, how Matomo works and how you can object to data collection by Matomo.
Matomo collects the following data:
Your IP address
This data is stored in a Matomo database on our server. However, Matomo anonymises your IP address before it is saved. We use the “AnonymizeIp” plugin for this purpose. By using the “AnonymizeIp” plugin, the last two blocks (octets) of your IP address are deleted. It is then no longer possible to assign the anonymised IP address to you personally. We cannot intervene in the anonymisation process and therefore do not know your full IP address. With an IP address truncated in this way, we can only recognise the country and approximate region (e.g. federal state, city) from which you are visiting our website.
Tracking cookie
The Matomo cookie contains a combination of letters and numbers (“hash value”) with which Matomo can recognise you the next time you visit our website. Matomo calculates the hash value from your IP address, your operating system, your browser, the plug-ins installed in your browser and your screen resolution. We have no influence on this internal process and in particular cannot access your IP address. It is also not possible for us to calculate your IP address or other information from the hash value. The cookie is set via the domain “matomo.aventis-foundation.org” and has the following name: pkid.12.345 (number is individual)
The cookie has a lifespan of almost 13 months and not only allows users who have already visited the website to be recognised, but also enables non-personal analysis of behaviour on the website. For example, it is possible to recognise from which page users came to this website and which “click path” they then took. It is also possible to see which documents have been downloaded, for example.
In addition, Matomo also sets a so-called session cookie: pkses.12345 (number is individual). The cookie is automatically deleted at the end of each session. As mentioned above, these cookies cannot be used to establish a personal reference.
Your right to object
You can object to the collection, storage and processing of your data by Matomo at any time. To do so, please deactivate the corresponding checkbox at the beginning of these notes under Cookie Control (Borlabs Consent Manager). As a result of this click, Matomo will place an opt-out cookie in your browser, delete the tracking cookie and data about your visit to our website will no longer be collected and stored by us. Please note the following technical information: If you occasionally or regularly delete the cookies stored in your browser, this will also delete the opt-out cookie. If you visit our website again, you will have to save the selection again so that another opt-out cookie is stored in your browser.
The following paragraphs will provide you with information on the content of our newsletter, the registration and notification process, the statistical evaluation procedures as well as your right to cancel the service and revoke your consent. By subscribing to our newsletter, you agree to receive the newsletter and consent to the procedures described below.
Content of the newsletter: We will only send newsletters, emails or any other digital messages with advertising information (hereinafter referred to as “newsletter”) if the recipient has explicitly agreed to receive the newsletter, or if we have any other kind of legal permission to do so. If the content of the newsletter is explicitly described in the context of the subscription process, the user will be explicitly asked to consent to the receipt of this kind of content. Our newsletters also contain information on our products, offers, promotions and organization.
Double opt-in and logging: If you want to sign up for our newsletter, you have to go through a so-called double opt-in process. That means that after signing up, you will receive an email asking you to verify your email address and confirm your registration. This is necessary to ensure that no-one is able to register with an email address that is not rightfully owned by himself. Since we are legally required to document the registration process, all subscriptions will be registered in a log file. This means that we will also save the exact time and date when you subscribed for the newsletter and confirmed your email address. We will also log any changes to your data stored with the newsletter operator.
Newsletter operator: The newsletter will be operated and sent by the newsletter servicing platform Evalanche, provided by its operator SC-Networks. SC-Networks will process and store the collected data exclusively on servers located in Germany. The contact details for the newsletter operator are as follows: SC-Networks, Enzianstr. 2, 82319 D-Starnberg, Tel.: +49 8151 555 16 0, Fax: +49 8151 555 16 29, https://www.sc-networks.de.
Subscription data: To sign up and subscribe for the newsletter, you only have to provide your name and email address. Information on your corporate affiliation is optional.
Statistical analysis: The newsletters contain a so-called “web beacon”. A web beacon is a pixel-sized file that delivers certain data to the newsletter operator as soon as the subscriber opens and reads a newsletter message. This includes mostly technical information, such as information on your browser and operating system, your IP address and the time and date of the data retrieval. This information will help the newsletter operator to improve the technical performance of its services by providing specific insights on the users’ reading and usage habits. Statistical data analysis includes determining if the newsletters is opened, when it is opened and which links are clicked. Technically speaking, it is possible to link this information to the individual newsletter recipients. However, neither we nor the newsletter operator intend to observe and monitor individual users. We merely intend to use the statistical and analytical data to learn more about the reading habits of our users and to adapt and develop the content we send them, or to customize the content we send them to their individual preferences.
For the contraction of the newsletter operator and the collection of statistical and analytical data or subscription data, we refer to our right to pursue our legitimate interests pursuant to Art. 6 (1) lit f of the GDPR. We are genuinely interested in using a user-friendly and secure newsletter system that serves both our own professional
interests and the expectations of our users.
Cancellation/Revocation: You have the right to unsubscribe from or cancel our newsletter and revoke your consent at any given time. If you chose to do so, you automatically revoke your consent to receive messages from the newsletter operator and have your usage and subscription data collected. Please note that it is not possible to only revoke your consent to one of these procedures: the services provided by the newsletter operator or the collection of usage data for statistical purposes. To unsubscribe from and cancel our newsletter, please look for the respective link at the bottom of each newsletter message. If you have only subscribed to the newsletter, your personal data will be deleted as soon as you unsubscribe and cancel.
Our users have the right to request information on the collection and storage of their personal data. This information will be provided free of charge.
They also have the right to request the correction of inaccurate data, the restriction of the data collection and processing as well as the deletion of their personal data. Wherever applicable, they are of course also free to assert their rights to data portability and to file a complaint with the competent legal authorities if they feel like their personal data may have been unlawfully collected and processed.
Users have the right to revoke their consent to specific data processing procedures. If they do so, they automatically acknowledge the implications that this may have on the services we provide.
The personal data collected by us will be deleted as soon as they are no longer needed for their specific purpose, provided that we are not legally required to retain them. If we are not yet allowed to delete personal user data because they are still needed for other lawful purposes, we will automatically limit their processing. This means that the data will be blocked and not used for any other purposes than the ones they are specifically needed for. This may apply to user data that we are required to retain due to commerce and tax regulations.
We are legally required to retain personal data for 6 years according to Section 257 (1) of the German Commercial Code HGB (trading books, inventories, opening balance sheets, annual accounts, trade letters, accounting documents, etc.), as well as for 10 years according to Section 147 (1) of the German Fiscal Code AO (books, records, management reports, accounting documents, commercial and business letters, documents relevant for taxation, etc.).
We reserve the right to change this privacy statement, so as to adapt it to new legal situations or changes in the service and data processing procedures. However, this only applies to the parts in which we explain and inform you on general or specific data processing procedures. As soon as we need our users’ explicit consent, and as soon as parts of the privacy statement concern the contractual relationship with our users, the changes will only be implemented after our users have agreed to them.
We also ask our users to actively and regularly seek new information on the content of this privacy statement.
Users have the lawful right to object to the further processing of their personal data, especially when it comes to the processing of personal data for purposes of direct and personalized marketing.