Privacy policy

We take the protection of personal data very seriously. Personal data is treated confidentially and in accordance with the statutory data protection regulations and this privacy policy.

As a rule, it is possible to use our website without providing personal data. If personal data (e.g., name, address, or email address) is collected on our website, this is always done on a voluntary basis as far as possible.

1. Data processing on the website

We process personal data on this website as follows:

Server log files

The provider of the pages automatically collects and stores information in so-called server log files, which are automatically transmitted by the browser. These are in particular:

  • Browser type and browser version
  • Operating system used
  • Referrer URL (previously visited page)
  • Host name of the accessing computer
  • Date and time of the server request
  • IP address

This data is not merged with other data sources.

Processing is carried out on the basis of Art. 6 (1) lit. f GDPR. The legitimate interest lies in the secure and trouble-free operation of the website, as well as in technical administration and the prevention of attacks.

The log files are deleted as soon as they are no longer required to achieve the purpose for which they were collected.
 

Cookies

Our websites use cookies. Cookies do not harm your device and do not contain viruses. They serve to make the website more user-friendly, effective, and secure.

Cookies are small text files that are stored on your device and saved by your browser.

Some cookies are technically necessary for the website to function properly. Other cookies are only set with your consent.

Technically necessary cookies are stored on the basis of Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in the technically error-free and optimized provision of our services.

Cookies requiring consent are processed exclusively on the basis of Art. 6 (1) lit. a GDPR.

Consent can be revoked or changed at any time via the privacy settings in the footer of the website.

You can also set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases or generally exclude them.
 

Cookiebot (consent management platform)

To manage the cookies and similar technologies we use, as well as to obtain and document the necessary consent, we use the consent management tool Cookiebot from Usercentrics A/S, Havnegade 39, 1058 Copenhagen, Denmark.

Cookiebot allows users to choose how cookies are used when they visit the website and to manage their consent in compliance with data protection regulations. In addition, you can open and adjust your cookie settings at any time by clicking the round link button at the bottom left of the screen.

The processing is carried out to fulfill a legal obligation to which we are subject (Art. 6(1)(c) GDPR and Art. 7(1) GDPR).

The following data is processed using cookies:

  • IP address (in anonymized form, with the last three digits deleted)
  • Date and time of consent
  • Browser information
  • URL of the website from which consent is sent
  • Consent status

To document consent, an anonymous, random, and encrypted key is stored. This key and the consent status are stored in the “CookieConsent” cookie on your device for a period of 12 months. This ensures that your cookie preference is retained for subsequent page requests. The key allows the consent granted to be traced and verified.

Processing takes place within the European Union.

Your personal data will be deleted on an ongoing basis after no later than 12 months or immediately upon termination of the contractual relationship between us and Usercentrics.

Further information and details regarding options to object to or have your data removed by Usercentrics can be found at:
https://www.cookiebot.com/de/privacy-policy/
 

Content Delivery Network (Cloudflare)

This website uses a content delivery network (CDN) provided by Cloudflare Inc., 101 Townsend St., San Francisco, CA 94107, USA.

Cloudflare enables faster and more secure delivery of our website content. Personal data such as IP addresses may be processed in this process.

Cloudflare processes data for the following purposes, among others:

  • Optimization of loading times
  • Ensuring IT security
  • Defense against attacks

Processing is based on Art. 6 (1) lit. f GDPR. The legitimate interest lies in the secure and efficient operation of our website.

Data is transferred to the USA on the basis of the EU-US Data Privacy Framework and appropriate safeguards in accordance with Art. 46 GDPR.

Further information:
https://www.cloudflare.com/privacypolicy/
 

Google Fonts

On our websites, we use so-called web fonts provided by Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) to ensure consistent font display.

Some of the fonts used are hosted locally on our server. However, when using services such as Google Maps, fonts may be loaded from Google’s servers. In this case, your browser establishes a connection to Google’s servers, thereby informing Google that our website has been accessed via your IP address.

The use of Google Fonts and any subsequent loading thereof is based exclusively on your consent pursuant to Art. 6(1)(a) GDPR. You can revoke your consent at any time with future effect by adjusting your settings in our consent tool.

The use of Google services may involve the transfer of personal data to the United States. Google is certified under the EU-U.S. Transatlantic Data Privacy Framework, which ensures an adequate level of data protection.

For more information about Google Fonts, please visit:
https://developers.google.com/fonts/faq

as well as in Google’s Privacy Policy:
https://www.google.com/policies/privacy
 

Contact form

When inquiries are sent to us via the contact form, the data entered there is stored for the purpose of processing the inquiry and for possible follow-up questions.

Mandatory fields are marked accordingly. The remaining information is provided voluntarily.

Processing is based on Art. 6 (1) lit. a GDPR (consent).

The data remains with us until:

  • deletion is requested
  • consent is revoked
  • the purpose of storage no longer applies

Statutory retention periods remain unaffected.
 

Google Analytics

This website uses Google Analytics 4, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics enables an analysis of the use of the website. Among other things, the following data is processed:

  • Pages accessed
  • Length of stay
  • Technical information about the end device
  • Anonymized IP address

Google Analytics uses cookies or comparable technologies.

Processing is based exclusively on your consent in accordance with Art. 6 (1) (a) GDPR.

The data may be transferred to Google servers in the USA. The transfer is based on the EU-US Data Privacy Framework.

The data is stored for 14 months.

Further information:
https://policies.google.com/privacy
 

Google Maps

This website uses the Google Maps map service provided by Google Ireland Limited.

To use the functions of Google Maps, it is necessary to store the IP address. This information is usually transferred to a Google server in the USA.

Google Maps is only loaded if consent has been given via the cookie banner.

The legal basis is Art. 6 (1) lit. a GDPR.

Further information:
https://policies.google.com/privacy
 

Business partners and contact persons

Personal data of business partners (e.g., customers, suppliers, or service providers) and their contact persons is processed.

This includes in particular:

  • Name
  • Contact details
  • Company affiliation
  • Professional position

The processing is carried out for the purpose of establishing and initiating contractual relationships and for communication with business partners.

The legal basis is Art. 6 (1) (f) GDPR and Art. 6 (1) (b) GDPR.

The data is only stored for as long as is necessary for the purposes mentioned or for as long as there are legal retention periods.
 

Applications

Applications can be submitted voluntarily via our website or by email.

Processing is carried out exclusively for the purpose of conducting the application process.

The legal basis is Art. 6 (1) lit. b GDPR and § 26 BDSG.

If special categories of personal data are transmitted during the application process (e.g., health data or severely disabled status), their processing is based on Art. 9 (2) GDPR.

Applicant data will be deleted no later than 6 months after completion of the application process, unless consent has been given for longer storage.
 

SSL or TLS encryption

This website uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content.

You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://”.

2. Rights of data subjects

Data subjects have the following rights:

  • Right to information (Art. 15 GDPR)
  • Right to rectification (Art. 16 GDPR)
  • Right to erasure (Art. 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to object (Art. 21 GDPR)

Consent that has been given can be revoked at any time with effect for the future.

In addition, you have the right to lodge a complaint with a data protection supervisory authority.

3. Responsible body and data protection officer

Responsible body:

Aristo Pharma GmbH
Wallenroder Straße 8-10
13435 Berlin

Tel.: +49 (0) 30 - 710 94 - 4200
Fax: +49 (0) 30 - 710 94 - 4250

E-Mail: info@aristo-pharma.de

External data protection officer:

fox-on Datenschutz GmbH
Pollerhofstr. 33a
51789 Lindlar

E-Mail: dsb@fox-on.com