- Name and contact data of the data controller and the company data protection officer
This data protection notice applies for data processing performed by:
DIANOVA GmbH, Warburgstrasse 45, 20354 Hamburg, Germany
Phone: + 49 40 450 670
Fax: + 49 40 450 67 490
The company data protection officer for Dianova can be contacted via the address indicated above, for the attention of Mr Gert Brinkmann, or via datenschutz(at)dianova.de
- Collection and storage of personal data and type and purpose of data use
a) When visiting the website
When visiting our website https://www.dianova.com/ the browser used on your device will automatically send information to our website’s server. This information is saved temporarily in the form of a logfile. The following information is recorded without your active contribution and is saved until it is erased automatically:
- IP address in anonymised form (used only for determining the place from where the page is accessed)
- access date and time
- name and URL of the accessed file
- website from which the page was accessed (referrer URL)
- browser used and possibly your computer’s operating system.
The data listed above is processed by us for the following purposes:
- ensuring that a connection to the website is established smoothly
- ensuring that our website can be used comfortably
- analyses of system security and stability and
- further administrative purposes.
The legal basis for data processing is Article 6, paragraph 1, section 1, point f of the GDPR. Our legitimate interest arises due to the data collection purposes listed above. Under no circumstances will we use the data collected to draw conclusions about your identity.
b) When placing orders via our website
On our website you can place orders without registering as a guest, or you may register as a customer of our shop for future orders. The advantage of a registration is that in the case of future orders, you can log into our shop directly, using your email address and password, rather than having to re-enter your contact data.
For this purpose, your personal data is entered into an entry screen, then saved and transmitted to us. If you place an order via our website, we will record the following data, for both guest orders and registration for our shop:
- title, first name, surname,
- a valid email address,
- phone number (landline and / or mobile)
We record this data in order to
- be able to identify you as our customer;
- process, fulfil and handle your order;
- communicate with you;
- handle the billing process;
- process any liability claims, and for asserting possible claims against you;
- ensure technical administration of our website;
- manage our customer data base.
Data processing for the purposes listed above, takes place after you have placed an order and / or registered and it is required for us to be able to adequately handle your order and for both parties to fulfil their duties that arise from the purchasing contract, pursuant to Article 6, paragraph 1, section 1, point b of the GDPR.
The personal data that we collect for handling your order is stored for the duration of the statutory retention period and then erased, unless we are obliged to save the data for a longer period for reasons regarding retention or documentation duties related to tax law or commercial law pursuant to Article 6, paragraph 1, section 1, point c of the GDPR, or in the case that you have granted consent for continued data storage, pursuant to Article 6, paragraph 1, section 1, point a of the GDPR.
c) When subscribing to our newsletter
Provided that you have expressly agreed to this pursuant to Article 6, paragraph 1, section 1, point a of the GDPR, we are going to use your email address for sending our regular newsletter. To receive the newsletter, it is sufficient if you provide only an email address.
You may unsubscribe at any time, for example using the link that is included at the bottom of each newsletter. You may also email your request to unsubscribe to email@example.com at any time.
- Google reCAPTCHA
We use „Google reCAPTCHA“ (hereinafter „reCAPTCHA“) on our websites. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA („Google“).
The purpose of reCAPTCHA is to check whether the data input on our websites (e.g. in a contact form) is made by a person or by an automated program.
To this end, reCAPTCHA analyzes the behavior of the website visitor using various characteristics. This analysis begins automatically as soon as the website visitor enters the website.
For the analysis, reCAPTCHA evaluates various information (e.g. IP address, length of stay of the website visitor on the website or mouse movements made by the user). The data collected during the analysis is forwarded to Google.
The reCAPTCHA analyses run completely in the background. Website visitors are not informed that an analysis is taking place.
Data processing is based on Art. 6 para. 1 lit. f DSGVO. The website operator has a legitimate interest in protecting his web offers against abusive automated spying and against SPAM.
d) When using our contact form
If you have any questions, you are able to contact us using a form provided on our website. For this purpose you will have to indicate a valid email address, to enable us to tell who the query is from and to be able to reply. Any further information you provide is voluntary.
Data processing in the context of contacting us is performed pursuant to Article 6, paragraph 1, section 1, point a of the GDPR, based on your voluntarily granted consent.
The personal data that we collect when you use our contact form, is erased automatically after your request has been completed.
- Disclosure of data
We will only disclose your personal data to third parties that are service providers involved in processing the contract, such as the shipping company tasked with delivery or the banking institute that is instructed to handle payment related issues. Where your personal data is disclosed to third party, the amount of data transmitted is restricted to the necessary minimum.
Your personal data will not be disclosed to third parties under any other circumstances than those listed below. We will only disclose your personal data to third parties, if:
- you have expressly agreed to such disclosure pursuant to Article 6, paragraph 1, section 1, point a of the GDPR,
- such disclosure is necessary pursuant to Article 6, paragraph 1, section 1, point f of the GDPR to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding and legitimate interest in non-disclosure of your data,
- we are legally obliged to such a disclosure pursuant to Article 6, paragraph 1, section 1, point c of the GDPR, and
- such disclosure is permitted by law and necessary for handling contractual relations with you, pursuant to Article 6, paragraph 1, section 1, point b of the GDPR.
A cookie is used to store information that is generated in connection to the specific device used. However, this does not mean that we receive any direct information about your identity.
Cookies are used on the one hand, to make our services more convenient for you. We use so called session cookies, in order to recognise that you have already visited individual pages of our website. These cookies are automatically erased, when you leave our website.
Furthermore, we use temporary cookies that are stored on your device for a specific period of time, and that also have the purpose to optimise user friendliness of our website. If you return to our website to use our services, it is automatically detected that you have visited before and which settings and entries you have made, so you will not have to enter this information again.
On the other hand we are using cookies for the purpose of gathering statistical data about the use of our website for purposes of analysis, in order to optimise our services for you (see item 5). When you visit our website again, these cookies enable us to automatically tell that you have visited before. These cookies are automatically erased after a specific time.
The data that is processed by cookies is required for the purposes stated above, to guard our legitimate interests and those of third parties, pursuant to Article 6, paragraph 1, section 1, point f of the GDPR.
Most browsers will accept cookies automatically. However, you may configure your browser to prevent it from saving any cookies to your computer or to arrange that a message will appear, before any new cookies are created. Please note that you may not be able to use all of our website’s functions, if cookies are disabled completely.
- Analysis tools
The tracking measures that we use and that are listed below are performed based on Article 6, paragraph 1, section 1, point f of the GDPR. The purpose of the tracking measures used, is to achieve a demand oriented design for our website and to optimise it continuously. Furthermore, we are using tracking measures for the purpose of gathering statistical data about the use of our website for purposes of analysis, in order to optimise our services for you. These interests are considered legitimate in the sense of the regulation mentioned above.
Please refer to the respective tracking tools for specific information about data processing purposes and data categories.
– Google Analytics
For the purpose of achieving a demand oriented design for our website and to optimise it continuously, we are using Google Analytics, a web analysis service by Google Inc. (https://www.google.de/intl/de/about/) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; subsequently referred to as “Google”). Pseudonymised user profiles are created and cookies (see item 4) are used in this context. The information generated by the cookie about the use of the website, such as
- browser type / version,
- operating system used,
- referrer URL (the website visited before),
- host name of the accessing computer (IP address),
- time of the server request,
is transmitted to and saved on a server operated by Google in the USA. The information is used for analysing the use of the website, for compiling reports about website activity, as well as for further services relating to website and internet use, for market research services and a demand oriented design of these pages. Furthermore, this information may be transmitted to third parties, if this is legally required or if third parties have been commissioned to process the data. Your IP address will not be combined with any other data collected by Google, under any circumstances. IP addresses are anonymised, so they cannot be matched (IP masking).
You can set up your browser software to prevent that cookies are installed. However, we would like to point out that you may not be able to fully use all functions of this website, if you do so.
You are also able to prevent that the data generated by the cookie regarding your use of the website (including your IP address) is recorded and that this data is processed by Google, by downloading and installing a browser add-on(https://tools.google.com/dlpage/gaoptout?hl=de).
As an alternative to the browser add-on, especially for mobile devices, you can also prevent that your data is captured by Google Analytics, by clicking this link. An opt-out cookie is then created that will prevent your data from being recorded on future visits to this website. The opt-out cookie applies only to this browser and only to our website and it is stored on your device. You will have to reset the opt-out cookie, if you delete cookies from your browser.
Or click here:Deactivate Google Analytics
One of the sources for further information about data protection with regard to Google Analytics is the Google Analytics support page (https://support.google.com/analytics/answer/6004245?hl=de).
- Rights of the data subjects
You have the right:
- pursuant to Article 15 of the GDPR, to request information about your personal data processed by us. You may in particular request information about the purposes of data processing, the categories of personal data, the categories of recipients to whom your data has been or will be disclosed, the intended duration of storage, the existence of a right to demand correction, erasure, restriction of processing or of a revocation, the existence of a right to appeal, the origin of your data, if it was not collected by us, as well as the existence of an automated decision-making process including profiling and – if applicable – a meaningful account of related details;
- pursuant to Article 16 of the GDPR, to demand that any incorrect data is corrected or that any data missing from your personal data record stored with us is added.
- pursuant to Article 17 of the GDPR, to demand that the personal data recorded by us is erased, provided that the processing of such data is not required to exercise freedom of expression and information, for fulfilling legal duties, for reasons of public interest or for asserting, exercising or defending legal claims.
- pursuant to Article 18 of the GDPR, to demand that processing of your personal data is restricted, provided that you challenge the correctness of this data, that it is being processed illegitimately, but you object against the data being erased and that we no longer need the data, but it is required for asserting, exercising or defending legal claims, or that you have objected to processing pursuant to Article 21 of the GDPR;
- pursuant to Article 20 of the GDPR, to receive the personal data you have submitted to us in a structured, common and machine-readable format or to demand that the data is transmitted to another data controller;
- pursuant to Article 7, paragraph 3 of the GDPR, to revoke your previously granted consent at any time. If you do so, we must no longer continue to perform the data processing that was based on this consent and
- pursuant to Article 77 of the GDPR, to submit a complaint to a regulatory authority. For this purpose you can usually contact the competent regulatory authority for your usual place of residence or work or for our office location.
- Right of objection
If your personal data was processed based on legitimate interests pursuant to Article 6, paragraph 1, section 1, point f of the GDPR, you reserve the right to object to the processing of your personal data pursuant to Article 21 of the GDPR, provided that there are reasons for your objection that arise from your particular situation or if you are objecting against direct advertising. In the latter case, you have a general right of objection that we are going to implement without you needing to indicate any special circumstances.
To assert your revocation or objection right, simply send an email to firstname.lastname@example.org
- Data security
We are going to take all appropriate technical and organisational measures to protect your personal data against loss, unauthorised access, modification and disclosure. However, when communicating via email we cannot guarantee full data security. We therefore recommend that you send any confidential information by postal mail. Our security measures are subject to ongoing improvement in line with technical advancement.
- Up-to-dateness and modification of this data protection statement
This data protection statement is currently valid as of June 2020.
As our website and services evolve, or due to changing legal or regulatory provisions, it may become necessary to amend this data protection statement. You can view and print the latest version of our data protection statement on our website at any time: https://www.dianova.com/en/data-security/