Our privacy policy explains what information we collect, for what reason and how we use this information. In particular, we provide information in accordance with the requirements of Art. 12 – 14 DSGVO and your rights as a data subject.

    Controller

    Bio-Gen Milchserum Marketing GmbH

    Graf-von-Zeppelin-Straße 2-4
    D 56410 Montabaur

    Phone +49 (0) 2602 10 666 1-0
    Fax +49 (0) 2602 10 666 1-19
    E-Mail: info@biogen-online.com

    Contact

    Please direct any privacy-related enquiries to

    Bio-Gen Milchserum Marketing GmbH

    An den Datenschutzbeauftragten
    Graf-von-Zeppelin-Straße 2-4
    D 56410 Montabaur

    Preferably also by e-mail to info@biogen-online.com

    Scope

    The following privacy policy applies to all websites of the Bio-Gen Milchserum Marketing GmbH and associated companies that refer to it.

    Purpose of Procesing

    The purposes of the processing are the provision of the website, optimization of our content, identification of error sources, securing the website and performance optimization.
    In the case of the use of our contact form, a further purpose of the processing is also the handling of the communication

    Categories of Data Subjects

    • Website visitors
    • Customers and other contractual partners
    • Interested parties

    Types of Data Processed

    • Inventory data (e.g. names, addresses)
    • Content data (e.g. text input, photographs, videos)
    • Contact details (e.g. e-mail, telephone numbers)
    • Meta/communication data (e.g. device information, IP addresses)
    • Usage data (e.g. websites visited, interest in content, access times)

    Relevant Legal Bases

    In order to legitimately process personal data, the processing must be lawful. Below are our relevant legal bases on which we process your personal data in connection with your visit to this website:

    Consent according to Art. 6 para. 1 lit. a) GDPR

    The processing is legitimate through the granting of consent for a specific purpose, which can be revoked at any time for the future.

    Contract fulfilment or pre-contractual measures according to Art. 6 para. 1 lit. b) GDPR

    Processing is necessary for the performance of a contract to which the data subject is party or for the implementation of pre-contractual measures taken at the data subject’s request.

    Legal obligation according to Art. 6 para. 1 lit. c) GDPR

    Processing is necessary for compliance with a legal obligation to which the controller is subject.

    Legitimate interests according to Art. 6 para. 1 lit. f) GDPR

    Processing is necessary for the purposes of the legitimate interests of the controller or of a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require the protection of personal data.

    National regulations

    In addition to the General Data Protection Regulation, national legal regulations also apply in connection with data protection. Here, the Federal Data Protection Act (BDSG) specifies the rights of data subjects, the processing of special categories of personal data according to Art. 9 GDPR, profiling, data processing in the context of an employment relationship (Section 26 BDSG), in particular with regard to the establishment, implementation or termination of employment relationships, and the consent of employees. Ultimately, data protection laws at the federal state level may also apply.

    Security Measures

    We take appropriate technical and organisational measures to ensure a level of protection appropriate to the risk in accordance with the legal requirements, taking into account the state of the art, the implementation costs and the type, scope, circumstances and purposes of the processing as well as the different probabilities of occurrence and the extent of the threat to the rights and freedoms of individuals.

    The measures include, in particular, ensuring the confidentiality, integrity and availability of data by controlling physical and electronic access to the data, as well as access to, entry into, disclosure of, assurance of availability of and segregation of the data. We also have procedures in place to ensure the exercise of data subjects’ rights, the deletion of data and responses to data compromise. Furthermore, we already take the protection of personal data into account in the development or selection of hardware, software and procedures in accordance with the principle of data protection, through technology design and through data protection-friendly default settings.

    In order to protect your data transmitted via our online offer, we use SSL encryption. You can recognise such encrypted connections by the prefix https:// in the address bar of your browser.

    Information About Cookies

    We use cookies. Cookies are text files that are stored in the internet browser or by the internet browser on the user’s computer system. When a user calls up a website, a cookie may be stored on the user’s operating system. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again. We use cookies to make our website more user-friendly. Some elements of our website require that the calling browser can be identified even after a page change. The following data is stored and transmitted in the cookies: Language settings, items in a shopping cart, log-in information, etc.

    The purpose of using technically necessary or functional cookies is to enable the website to function at all (necessary) or to simplify the use of websites for users (functional). Some functions of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognised even after a page change. We require cookies for the provision of shopping baskets, adoption of language settings, remembering search terms, etc. The processing of cookies therefore takes place on the basis of Art. The processing therefore takes place on the basis of Art. 6 Para. 1 lit. b or f GDPR.

    We also use cookies on some of our websites that enable an analysis of the user’s surfing behaviour. In this way, search terms entered, frequency of page views, use of website functions, etc. are transmitted. The user data collected in this way is pseudonymised by technical precautions. Therefore, it is no longer possible to assign the data to the calling user. The data is not stored together with other personal data of the user.

    Legal basis for data processing using cookies: The legal basis for the processing of personal data using technically necessary cookies is Art. 6 para. 1 lit. f) GDPR. The legal basis for the processing of personal data using cookies for analysis purposes is Art. 6 para. 1 lit. a) GDPR if the user has consented to this, otherwise Art. 6 para. 1 lit. f) GDPR in conjunction with. EC 47.

    External Integrations as well as Tracking and Retargeting

    On our website, we use external integrations due to technical necessities as well as for the needs-based design, which we inform about in the following.

    Google Maps

    We use the Google Maps service to integrate interactive map material. Parameters such as the website accessed, behavior on the website (e.g. clicking on links and buttons, scrolling), your IP address, the referrer url (the page from which you came to our website) and technical information about your terminal device are collected.
    The legal basis is your consent according to Art. 6 (1) lit. a GDPR. We obtain this consent by clicking on “Load Google Maps”. Further information can be found under the following link:
    https://policies.google.com/privacy

    Google ReCaptcha

    We use the Google ReCaptcha service to protect ourselves from spam and security-critical attacks on our website.
    The legal basis is our legitimate interest according to Art. 6 para. 1 lit. f GDPR, which is to increase website security. Further information can be found at the following link: https://policies.google.com/privacy

    Vimeo

    On some of our pages we use the video portal Vimeo of Vimeo LLC. The purpose of the service is the integration of videos that are stored on the servers of Vimeo and the per-formance and geo-location optimized delivery of the content. We use the data protection-friendly integration method of Vimeo. It may happen that your IP address is passed on and also data about your usage behavior.
    Therefore, we use consent in accordance with Art. 6 (1) a) GDPR as the legal basis for the external integration. Further information on data protection can be found at the following link: https://vimeo.com/privacy

    Contact

    In the context of contacting us via a contact form, by e-mail, telephone or social media, the information provided is processed in order to answer the enquiry and, if necessary, to carry out the requested measures. The response to your enquiry is based on Art. 6 para. 1 lit. b) GDPR for the fulfilment of contractual obligations or response to pre-contractual enquiries. In addition, in certain cases a legitimate interest according to Art. 6 para. 1 lit. f) GDPR is the legal basis.

    Data Subject Rights

    You have the right

    • to confirm whether personal data relating to you are being or have been processed by us and may request information about this from us in accordance with Art. 15 GDPR;
    • demand the correction of incorrect or incomplete personal data stored by us without delay in accordance with Art. 16 GDPR;
    • pursuant to Art. 17 GDPR to request the erasure of your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the assertion, exercise or defence of legal claims;
    • to request the restriction of the processing of your personal data in accordance with Art. 18 DSGVO, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure and we no longer require the data, but you need it for the assertion, exercise or defence of legal claims or you have objected to the processing in accordance with Art. 21 GDPR;
    • pursuant to Art. 20 DSGVO to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request the transfer to another controller;
    • revoke your consent at any time in accordance with Art. 7 (3) GDPR. This has the consequence that we may no longer continue the data processing based on this consent for the future, and
    • pursuant to Article 77 of the GDPR, you have the right to lodge a complaint with a supervisory authority, without prejudice to any other administrative or judicial remedy. As a rule, you can contact the supervisory authority of your usual place of residence or place of work or the place of the alleged infringement for this purpose if the data subject is of the opinion that the processing of personal data concerning him or her violates the EU General Data Protection Regulation (GDPR).

    Data Deletion

    Your data will generally be deleted when the client relationship has ended, the data is not subject to any statutory retention periods, all claims have been fulfilled and you have not exercised your right to deletion in accordance with Art. 17 GDPR.