Privacy Statement

Information on the use of your personal data (GDPR)

Information about the use of your personal data on our website

We are very serious about protecting your personal data, and we comply with applicable data protection law. We would like to inform you here about how we process your personal data. You can review this information at any time below on each page of our website under the heading "Legal Notice & Privacy Policy".
 

1          Data controller and data protection officer

The controller of the data within the meaning of Article 4 number 7 General Data Protection Regulation ("GDPR") is

Eppendorf AG
Barkhausenweg 1
22339 Hamburg

(hereinafter referred to in this Privacy Statement also as "Eppendorf", "we" or "us").

If you have questions or suggestions with regard to data protection, please also feel free to contact us by email at the address datenschutz@eppendorf.de.

You can reach our data protection officer at datenschutzbeauftragter@eppendorf.de.

If the website you have accessed is operated by another company in the Eppendorf Group, that company is responsible for the data processing that takes place on the relevant website. The following information about the use of your personal data applies accordingly. If you have questions or if you would like to assert any rights, please use the contact information set forth in the publisher's information for the relevant website.
 

2          Subject of data protection and processed data

The subject of data protection consists of personal data. These are all information according to Art. 4 no. 1 GDPR which relate to an identified or identifiable natural person, such as the name or an identification number.

Many of the data we process result directly from the respective context of the processing.

As soon as you visit our website, we automatically collect and store certain user data. This includes the IP address assigned to your computer which we need for transmitting the content of our website you have accessed to your computer or other end-device (a "device") (e.g. texts, images, games and product information as well as data files provided for download etc.).

We also collect and store information about the use of the website such as e.g. the used type of browser and the used operating system as well as the date and time of day when you have used the website as well as the URL of the previously visited website. We process your data, in order to provide to you the website and the related functions.

If you use special functions, for example, submitting an order on our website, we also process the data needed for providing the function. In the context of an order, we process the data you have entered, for example, for processing the order. If you fill out the contact form, we use the data to conduct correspondence with you.

In addition, we will describe additional categories of personal data we process in the context of this Privacy Statement when we discuss the respective topics.
 

3          Purposes of processing and legal basis

3.1       We process your data on the basis of a consent you have issued (Art. 6 para. 1 lit. a GDPR) in the extent set forth in the respective consent and for the purposes of the processing explained there.

3.2       We process your personal data for the following purposes on the basis of fulfilling a contract or performing a pre-contractual measure (Art. 6 para. 1 lit. b GDPR):

  • to present our website
  • to process your orders, including payment as well as providing customer service (for example, returns)
  • to carry out our special functions in the area of myEppendorf (e.g. epPoints, product registration) 
  • to implement orders or cancellation of orders for subscriptions, email newsletters and webinars
  • to process online applications
  • to conduct competitions and contests

3.3       We process your personal data for the following purposes, in order to preserve our legitimate interests especially for protection of our IT infrastructure, assuring satisfactory customer communications and promoting the sale of our products (Art. 6 para. 1 lit. f GDPR):

  • to get to know our customers better
  • to process other contacts you have made (e.g. in the case of questions, suggestions or other notifications, also in the context of our social media presence)
  • to operate our social media presence and optimize our social media activities
  • for protection against fraud
  • to optimize our offering (especially also designing our website so that it meets the needs)
  • to maintain IT security
  • to be able to send you information about products and activities which might interest you
  • to display online advertising that corresponds to your interests

We process these data unless your interests, fundamental rights or fundamental freedoms (especially for protection of your personal data) outweigh our above-described legitimate interests.

3.4       A situation can also arise in exceptional circumstances under which we process your data to fulfill a legal obligation (Art. 6 para. 1 lit. c GDPR), to protect interests that are important for life (Art. 6 para. 1 lit. d GDPR) or to carry out a responsibility in the public interest (Art. 6 para. 1 lit. e GDPR).
 

4          Further collection and use of your data

4.1       Cookies

We store so-called "cookies", in order to offer you an extensive scope of functions and design the use of our websites (for example, the online purchases) in a manner which is more comfortable for you. "Cookies" are small data files which are stored on your computer with the assistance of your internet browser.

You can regulate the use of individual cookies through your privacy settings on your browser or at the following website: http://www.meine-cookies.org/cookies_verwalten/praeferenzmanager-beta.html. Please note that – depending on the type of affected cookie – the functionality and the scope of functioning of our offering can be limited as a result.

4.2       Google services

We use various services from Google on our website. These services – to the extent not stated otherwise – are provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA. You can find further information about how Google uses your data in the privacy policy of Google: https://policies.google.com/privacy?hl=de. Based on the Google services that are used, your browser automatically establishes a direct connection to the server of Google. As a result of including Google services, Google receives, for example, the information that you have accessed a corresponding section of our internet presence or have clicked on one of our advertisements. If you are registered at a service of Google, Google can attribute the visit to your account. Even if you are not registered with Google and have not logged in, there is a possibility that the provider can learn about and store your IP address. Please also note that Google might combine the data collected through this website with other information if you are logged in in your Google account at the time of use. Google may transmit personal data to third parties if this required by law or to the extent third parties process these data on behalf of Google.

4.2.1    Google Analytics

We also Google Analytics, a web analysis service of Google LLC ("Google"). This Google service uses "cookies" which permit an analysis of your use of the website. The information produced by the cookie with regard to your use of this website (including your IP address which is shortened to the last octet and, thus, anonymized) are transmitted to a server of Google in the USA and stored there. Google will use this information at our instruction, in order to analyze your use of the website, compile statistical reports for us about the activity on the website and to provide other services involved with using our website and the internet.

You can deactivate the data storage by Google Analytics by means of a browser add-on if you do not wish to have website analysis. You can download this add-on here: http://tools.google.com/dlpage/gaoptout?hl=de. You can also object to the use of Google Analytics by clicking on the following link: Click here to be excluded from the collection via Google Tag Manager. Please note that you may have to repeat this step after cancelling the cookies on your end-device. Aside from this, we erase the data collected with Google Analytics after 14 months.

4.2.2    Google Remarketing

We use the application Google Remarketing. Under this application, Google uses cookies to record your use of our website and to display to you on other pages in the Google Display Network as well as in the world wide web interest-based online advertising for our products in the form of display adds using Display & Video 360. The information is transmitted accordingly to Google and the partners of Google. Any further data processing only takes places if you have granted consent to Google to link your browser use on Google to a Google account and to the extent that information from the Google account is used for personalizing advertisements which you see in the internet. If you are logged in at Google in this situation during the visit to our visit, Google uses your data together with Google Analytics data, in order to produce and define target group lists for remarketing that is independent of the device. Your personal data are temporarily linked for this purpose with Google Analytics data to establish the target groups.

If you do not want Google to record your surfing in order to display advertising, you also have the following possibilities to the privacy settings in your browser and the choice of cookie preferences (see on this point above in Section 4.1):

Please note that you may have to repeat this step after erasing the cookies on your end-device.

4.2.3    Google Ads

We use the service Google Ads in order to activate search displays in the search results of Google as well as advertising based on your interests within the Google advertising network by means of the remarketing function in Google Ads.

4.2.3.1 Google Ads Conversion Tracking

We use the service Google Ads Conversion Tracking to analyze and improve the success and effectiveness of our advertising measures in the Google network. As soon as you have clicked on one of our advertisements in the Google network, a cookie is placed on your end-device for this purpose. This cookie enables Google to recognize your internet browser. The information obtained by means of the conversion cookie serve the purpose of producing conversion statistics for us in Google Ads. These cookies, which are set through our website, become invalid after 30 days and are automatically erased.

If you do not want Google to record your surfing in order to display advertising, you also have the following possibilities to the privacy settings in your browser and the choice of cookie preferences (see on this point above in Section 4.1):

Please note that you may have to repeat this step after erasing the cookies on your end-device.

4.2.3.2 Google Ads Remarketing

We use the remarketing function in the Google Ads service. We can present to you on other websites within the Google advertising network by means of this remarketing function (in Google search or on YouTube, so-called "Google advertisements" or on other websites) advertisements which are based on your interests. Your surfing behavior on our website is analyzed in an anonymized manner for Eppendorf, e.g. with regard to which products or offerings you have viewed on our website. This enables us to display on the online search engine Google itself so-called "Google advertisements" and individualized advertising on other third-party websites even after your visit to our website.

As soon as you arrive at our website through a display activated on Google, Google Ads places a cookie on your computer. These cookies which are placed through our website lose their validity after 30 days. If you visit certain pages on our website and the cookie has not yet expired, we and Google can recognize that you have clicked on the advertisement and have been forwarded to that page.

If you do not want Google to record your surfing in order to display advertising, you also have the following possibilities to the privacy settings in your browser and the choice of cookie preferences (see on this point above in Section 4.1):

Please note that you may have to repeat this step after erasing the cookies on your end-device.

4.2.4    Google Display & Video 360

We use Google Display & Video 360 to activate banner advertisements (also referred to "displays") in the internet as well as to activate banner advertisements based on your interests. We use targeting functions within the Google Display & Video 360 service for this purpose, including the remarketing function.

Display & Video 360 places cookies in order to present relevant advertisements to you which improve the reporting on campaign performance or in order to avoid you from seeing the same advertisements multiple times. Google uses cookie ID to determine which advertisements are activated in which browser, and Google can accordingly prevent these advertisements from being displayed multiple times.

4.2.4.1 Google Display & Video 360 Remarketing

We use the remarketing function within Google Display & Video 360 service. We can use the remarketing function to present to you advertisements based on your interests on other websites. Your surfing pattern on our website is analyzed in an anonymized manner for this purpose on behalf of Eppendorf to see e.g. which products or offerings you have looked at after you have accessed one of our display/video advertisements on Google or on another platform using Display & Video 360 or if you have clicked on such advertisements (conversion tracking). Display & Video 360 uses cookies to understand the content which you have interacted with on our websites, in order to be able to be sent to you targeted advertising later.

Users who reach our website through banner advertising of Eppendorf which was activated by means of Google Display & Video 360 receive a cookie placed on their computer from Google Display & Video 360. These cookies, which are placed through our website, lose their validity after 350 days. If you visit certain pages on our website and the cookie has not yet expired, we and Google can recognize that you have clicked on the advertisement and have been forwarded to that page.

If you do not want Google to record your surfing in order to display advertising, you also have the following possibilities to the privacy settings in your browser and the choice of cookie preferences (see on this point above in Section 4.1):

Please note that you may have to repeat this step after erasing the cookies on your end-device.

4.2.5    Invisible reCAPTCHA

We use the service Invisible reCAPTCHA. This service helps us to examine whether the visitors to our website are human beings and not robots. This enables us to protect our website against spam messages and misuse. Cookies are placed by Google and information on your surfing patterns as well as log data files, for example information on your end-device, your browser or your IP address, are processed for this purpose.

4.2.6    Google Maps

We use the Google Maps API (an interface to Google Maps to our website). This serves on our website, for example, to enable you to plan how to drive to us. When using Google Maps, information about your use of our website (including your IP address) is transmitted to Google. Google Maps is linked through the programming language JavaScript. You can interrupt the connection and the data transmission to Google by installing a JavaScript blocker.

4.3       Additional data analysis with pseudonymized use profiles

4.3.1    MediaMath

We use MediaMath Analytics & Insights, a web analysis service from MediaMath, Inc. ("MediaMath"). MediaMath uses cookies which are stored on your end device and which make it possible to analyze how you use the website. The data storage here can e.g. include the type of browser, the operating system, the browser language, the IP address and the internet provider.

MediaMath processes the data linked to your end-device to make a pseudonym, a so-called "MediaMath-ID". This unique MediaMath-ID is then possibly stored in a cookie in your end-device and then helps to provide relevant advertisements for you. The MediaMath-ID and other information collected through the platform can also help us to measure your activity on our website and accordingly determine the effectiveness of the advertisements provided through the platform. Your needs can be better fulfilled in this manner. Furthermore, we can show you advertisements for the types of products for which you might have an interest.

MediaMath will transfer this information as needed to third parties if this is required by law or to the extent third parties process these data at the instruction of MediaMath. More detailed information about how MediaMath uses your data as well as about the possibility to prevent the use of cookies by MediaMath can be found in the data protection statement of MediaMath at: http://www.mediamath.com/de/datenschutzrichtlinien/. If you do not want MediaMath to process your described personal data in the context of this website, you can also, for example, opt out using the privacy settings on your web browser or here: http://www.mediamath.com/ad-choices-opt-out/. In the alternative, you can opt out of the cookies here: http://www.meine-cookies.org/cookies_verwalten/praeferenzmanager-beta.html.  

4.3.2    Dynamic Yield

We use the services of Dynamic Yield Ltd., Highlands House Basingstoke Road, Spencers Wood, Reading, Berkshire, England, RG7 1NT, ("Dynamic Yield"). Our web offering is optimized with Dynamic Yield, in order to make your visit to our website a personal experience by providing fitting recommendations and content. We use for this purpose the page content you have accessed, in order to recommend to you equivalent or related content or other content that is relevant for you. Dynamic Yield collects for this purpose pseudonymized information about your activity when using our site. Cookies are used through which the exclusively anonymize information is stored under a random generated ID (pseudonym). Your IP addresses are stored exclusively in anonymized form. A direct connection to a person is accordingly not possible. You can object at any time to the collection of information by Dynamic Yield by clicking on the following link and confirming the opt out: https://www.dynamicyield.com/privacy-policy/#optinout. This place is an opt-out cookie which prevents the future collection of data when you visit this website. You can find more detailed information about the used tracking technology at the following link: https://www.dynamicyield.com/privacy-policy/

4.4       Including payment service providers in Australia, Canada and the USA

We use various service providers who support us when processing payments (e.g. when you purchase products from us). Our online shop in Australia uses the provider CyberSource Corporation HQ ("CyberSource"), our online shops in Canada and the USA use the provider Paymetric Inc. ("Paymetric").

CyberSource and Paymetric also use data entered by you when you order, in order to process the respective order at our instruction.

Other information about the purpose and extent of processing of your personal data by CyberSource can be found at: https://www.cybersource.com/privacy/.

You can find additional information about the purpose and scope of the processing of your personal data by Paymetric at: https://www.paymetric.com/privacy-policy-2/.

4.5       Social media remarketing

We have placed various remarketing services on our website. By using these services – if applicable, for multiple devices – we collect information about which pages and which products you have viewed on our website, in order to display to you advertising in accordance with your interests on social networks. The corresponding information is collected and accessed through cookies and similar technologies. You can prevent the use of these services by corresponding settings on your internet browser or using ad-blockers.

We specifically use the following services:

4.5.1    Facebook-Pixel

The Facebook-Pixel is integrated on our website. This involves Javascript code. The Facebook-Pixel is used to collect information when you perform certain actions on our website or visit certain areas on our website. By using the Facebook-Pixel we also collect use data (such as the URL, referrer URL, IP address, device and browser characteristics as well as a time stamp). The Facebook-Pixel generates a test value (hash-value) using this information and transmits this hash-value to Facebook Ireland Ltd., Ireland, or to Facebook Inc., USA, as well as possibly to other Facebook companies. To the extent available, the Facebook cookie is also addressed and your Facebook ID is transmitted. If you have a Facebook profile and log in there, individualized advertising for our products can be presented to you by using the data transmitted through the pixel. Data of users who do not have a Facebook profile are discarded by Facebook without using the data.

Additional information about the purpose and extent of collecting data and the further processing and use of the data by Facebook as well as your possibilities for settings to protect your privacy in the case of Facebook can be found in the data protection guidelines of Facebook at https://de-de.facebook.com/privacy/explanation. You will find information about how you can prevent data processing in connection with the Facebook-Pixel at: https://de-de.facebook.com/help/769828729705201/. Aside from this, the information collected using the Facebook-Pixel is erased after 30 days.

Facebook is operated for users in the EU by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland, and by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, for users in the USA. Your data can also be provided to other Facebook companies. This can result in transmission of personal data to the USA or other third party countries outside the European Economic Area. In order to preserve a reasonable level of data protection within the meaning of the GDPR, Facebook Ireland, according to its own statements, uses the standard contract clauses approved at the EU Commission, which constitute a suitable guarantee for transmission to third party countries pursuant to Art. 46 para. 2 lit. c GDPR.

4.5.2    LinkedIn Insight Tag

The LinkedIn Insight Tag is a piece of lightweight JavaScript code, which is integrated in our website. The LinkedIn Insight Tag collects information if you conduct certain actions on our website or visit certain areas on our website. The LinkedIn Insight Tag also collects usage data (such as the URL, referrer URL, IP address, device and browser features as well as a time stamp). This data is transmitted encrypted to LinkedIn so that LinkedIn can play targeted advertising on the own platform.

You can find information about your possibilities for settings at LinkedIn and about how you can prevent the use of the LinkedIn Insight Tags in the settings in your LinkedIn account. The indirect designations of the members are removed within seven days, in order to pseudonymize the data. The remaining pseudonymized data are erased then within 180 days.

In the case of users domiciled in the European Economic Area in Switzerland, LinkedIn is operated by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland, ("LinkedIn Ireland") and, in the case of users domiciled in the USA, LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. You can find the data protection guideline of LinkedIn Ireland here: https://www.linkedin.com/legal/privacy-policy?trk=organization-guest_footer-privacy-policy. You can also find information about the possibilities for settings in your LinkedIn profile. LinkedIn Ireland transmits personal data also to third party countries outside the European Economic Area. You can find corresponding information at: https://www.linkedin.com/help/linkedin/answer/62533?trk=microsites-frontend_legal_privacy-policy&lang=de. LinkedIn accordingly regularly secures a reasonable level of data protection by concluding standard contract clauses approved by the EU Commission which represent a suitable guarantee for transmission to third party countries pursuant to Art. 46 para. 2 lit. c GDPR.
 

5          Our presence on social media

We operate pages and profiles on various social media platforms. This presence serves to have better, active communication with our customers and interested parties. The following described processing of personal data occurs in this context.

If you interact with our social media presence or our articles, we will collect and process the information you have provided, if applicable, together with your user name and any profile photos, for example, if you mark a contribution with "like" or if you share or "retweet" or comment or provide other content. Please also note that this content is published in accordance with your account settings on our relevant social media presence and can be accessed by everyone worldwide. We can conduct additional data processing, in order to receive and be able to respond to inquiries or messages through or social media presence. Finally, your publicly disclosed profile data can be processed to the extent we have a legitimate interest in doing so.

Furthermore, the respective operators collect and process personal data from you under their own responsibility under their data protection law if you visit one of our social media presences and/or interact with the presence or our contributions. This applies especially if you are registered and logged in at the corresponding social media platform. Even if you are not registered at the respective platform, the operators collect certain personal data when the site is accessed, for example, clear designations which are linked to your browser or your device. Please note that these data might possibly be combined through various platforms and services if they are operated by the same operator. For example, both Facebook as well as Instagram are operated by Facebook Ireland Limited. You can find additional information in the data protection statements of the respective operators to which we refer below.

We operate specifically the following presences in social media:

5.1       Facebook

Eppendorf maintains various Facebook presences, including at https://www.facebook.com/eppendorf/ 

Facebook is operated by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland ("Facebook Ireland Ltd.”). You can find the data protection guideline of Facebook at: https://de-de.facebook.com/policy.php. You will also find their information about the possibilities for settings in your Facebook account.

Your personal data can also be provided to other Facebook companies. This can result in a transmission of personal data to the USA or other third party countries outside the European Economic Area. In order to preserve a reasonable level of data protection in the sense of the GDPR, Facebook Ireland, according to the own statements, uses standard contract clauses approved by the EU Commission which constitute an appropriate guarantee for transmission to third party countries pursuant to Art. 46 para. 2 lit. c GDPR.

We are also responsible together with Facebook Ireland for the processing of so-called page insights in the course of operating our Facebook page. Facebook Ireland uses these page insights to analyze the activity on our Facebook page and provides us this information in a form which does not relate to the specific person. We have concluded for this purpose an agreement with Facebook Ireland about joint responsibility under data protection law which you can see at the following link: https://de-de.facebook.com/legal/terms/page_controller_addendum. Facebook Ireland undertakes in this agreement, among other points, to assume the primary responsibility under the GDPR for the processing of page insights and to fulfill all duties under GDPR with regard to the processing of the page insights.

We use a chatbot for our Facebook page to answer your questions and your concerns. This chatbot is provided by knowhere GmbH, Hamburg, Germany. To the extent knowhere GmbH has access to personal data, knowhere GmbH acts as a contract data processer for us (see on this point also Section 7.1 of this Privacy Statement).

5.2       Instagram

Eppendorf has various presences on Instagram, including at www.instagram.com/eppendorfuk/ and https://www.instagram.com/eppendorf_usa.   

Instagram is operated by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland ("Facebook Ireland"). The Instagram data protection statement can be found at: https://help.instagram.com/519522125107875. You will also find their information about the possibilities for settings in your account.

Your personal data can also be provided to other Facebook companies. This can result in a transmission of personal data to the USA or other third party countries outside the European Economic Area. . In order to preserve a reasonable level of data protection in the sense of the GDPR, Facebook Ireland, according to the own statements, uses standard contract clauses approved by the EU Commission which constitute an appropriate guarantee for transmission to third party countries pursuant to Art. 46 para. 2 lit. c GDPR.

We also use the function Instagram Insights. Under this function, we receive from Facebook Ireland data about the use of our account which are not personal data. We can use this information to analyze and optimize the effectiveness of our Instagram activities.

5.3       Twitter

Eppendorf has various presences on Twitter, including at https://twitter.com/eppendorf_AG.

Twitter is operated by Twitter International Company, One Cumberland Place, Fenian Street Dublin 2, D02 AX07 Ireland ("Twitter International") for users outside the USA. The data protection statement of Twitter can be found at: https://twitter.com/de/privacy. You will also find information there about possibilities for settings in your Twitter Account.

Please note that Twitter International transmits personal data also to third party countries outside the European Economic Area. To the extent there is such transmission and no reasonable level of data protection has been identified by the EU Commission in the country where the data are received, Twitter International provides a reasonable level of data protection by using the standard contract clauses approved by the EU Commission which represent an appropriate guarantee under Art. 46 para. 2 lit. c GDPR for the transmission to third party countries. Twitter also transmit personal data to US companies which are certified under the EU-U.S. Privacy Shield. The European Commission made the decision in a resolution dated 12 July 2016 with regard to the USA that a reasonable level of data protection exists under the provisions in the EU-U.S. Privacy Shield (resolution on reasonableness, Art. 45 GDPR).

We also use the function Twitter Analytics. We receive with this function from Twitter International data about the use of our account which are not personal data. We can use this information to analyze and optimize the effectiveness of our Twitter activities.

5.4       YouTube

You can find our YouTube channel at https://www.youtube.com/user/Eppendorf.

YouTube is operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google Ireland"). You can find the data protection statement of Google Ireland here: https://policies.google.com/privacy?hl=de. You will also find their information about the possibilities for settings in your Google account. Please note that your Google account might be used for various Google services (e.g. Gmail, YouTube, Google Search) and that Google Ireland can combine personal data for the Google services you use in accordance with the settings in your Google account.

This can also result in processing by US American Company Google LLC and its subsidiaries. Google LLC is certified under the EU-U.S. Privacy Shield. One hundred percent subsidiaries of Google LLC are also covered by the certification. With regard to the USA, the EU Commission has made the decision with a resolution dated 12 July 2016 that a reasonable level of data protection exists under the provisions in the EU-U.S. Privacy Shield (resolution on reasonableness, Art. 45 GDPR). You can obtain further information about the certification of Google LLC here: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.

Finally, Google Ireland receives information and analyses about the use of our account and interactions with our videos which do not include personal data. We can use this information to analyze and optimize the effectiveness of our YouTube activities.

5.5       LinkedIn

Eppendorf has various presences on LinkedIn, especially at https://de.linkedin.com/company/eppendorf-ag .

LinkedIn is operated for users domiciled in the European Economic Area and Switzerland by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland, ("LinkedIn Ireland") and for users domiciled in the USA by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. The data protection statement of LinkedIn Ireland can be found here: https://www.linkedin.com/legal/privacy-policy?trk=organization-guest_footer-privacy-policy. Your also find their information about the possibilities for settings in your LinkedIn profile.

LinkedIn Ireland transmits personal data also to third party countries outside the European Economic Area. You can find corresponding information at https://www.linkedin.com/help/linkedin/answer/62533?trk=microsites-frontend_legal_privacy-policy&lang=de. LinkedIn accordingly regularly secures a reasonable level of data protection by including standard contract clauses approved by the EU Commission which represent an appropriate guarantee for the transmission to third party countries pursuant to Art. 46 para. 2 lit. GDPR.

Finally, we receive from LinkedIn Ireland information and analyses about the use of our accounts and interaction with our contributions which do not include personal data. We can use this information to analyze and optimize the effectiveness of our LinkedIn activities.

5.6       Social Media Management Tool

In order to manage our presence on various social media, we use the service "Falcon" provided by Falcon.io ApS, H.C. Andersens Boulevard 27, 1., 1553 Copenhagen V, Denmark. We use this service, for example, to prepare, plan, publish, like and share contributions. We also use the service to observe relevant discussion in the social web concerning our company, brands and our services and products. Falcon.io ApS is active as our contract data processor and can accordingly only process your personal data in accordance with our instructions (see on this aspect, Section 7.1 of this Privacy Statement).

5.7       Social Data Intelligence Tool

We use the Social Data Intelligence Tool "Talkwalker" provided by Talkwalker S.à r.l., 16, Avenue Monterey L-2163 Luxembourg. We can use this tool to monitor the social media channels and online media to identify when our company and our brands are mentioned and learn what customers are thinking about the brands, our advertising campaigns, products and events. We can also recognize early and observe trends and potential risks by using Talkwalker. The goal is to optimize our marketing measures accordingly. Talkwalker collects and processes the actions executed by your in social media channels and through the data publicly disclosed in your corresponding profiles such as name, user name, user ID, geolocalization data, age, gender, consumption practices, hobbies and interests, professional and educational background as well as photographs and videos. Talkwalker S.à r.l. works as our contract data processor and can accordingly only process your personal data in accordance with our instructions (see on this aspect, Section 7.1 of this Privacy Statement).
 

6          E-Mail Newsletter

You have the possibility on http://www.eppendorf.com to register for Eppendorf's E-Mail Newsletter. You are regularly informed about Eppendorf products, limited offerings, events or the bonus program and receive tips for application in these E-Mail Newsletters. The E-Mail Newsletters are provided by us as well as Eppendorf Vertrieb Deutschland GmbH, Peter-Henlein-Str. 2, 50389 Wesseling-Berzdorf. Eppendorf Vertrieb Deutschland GmbH is accordingly also responsible for the processing of personal data in connection with the E-Mail Newsletters sent to you.

If you have questions about the processing of your personal data by Eppendorf Vertrieb Deutschland GmbH or if you would like to assert your rights, you can contact Eppendorf Vertrieb Deutschland GmbH or the electronic contact channels set forth in this document. This applies accordingly if you would like to contact the data protection officer at Eppendorf Vertrieb Deutschland GmbH.

In order to be able to register for the E-Mail Newsletter, you must state your email address and choose how you wish to be addressed. All other information is voluntary. After you have registered, you first receive an email in which you are asked to confirm your registration. You will regularly receive the E-Mail Newsletter only after you have submitted your confirmation (so-called double opt in process). In order to be able to have proof of your registration, certain information is stored (time of registration and confirmation, IP address).

Upon registration and confirmation of your registration, you grant your consent that we as well as Eppendorf Vertrieb Deutschland GmbH can use your email address to send the described E-Mail Newsletter. After your registration has been confirmed, your email address is processed on the basis of this consent, in order to send you the E-Mail Newsletter. You can again cancel the E-Mail Newsletter and revoke your consent at any time. Each E-Mail Newsletter contains a link through which you can cancel our E-Mail Newsletter with effect for the future. You can also cancel our E-Mail Newsletter using one of the above-mentioned electronic contact channels. This does not affect the legality of the E-Mail Newsletters that were sent out prior to your cancellation.

If you have issued a special consent in the registration process, your reading patterns are also analyzed, for example, which article you have clicked on and have read. This processing serves the purpose of improving our E-Mail Newsletter and its content and tailoring it to the wishes of the subscribers. You can revoke your consent to analysis at any time by sending a message to the above-mentioned electronic contact channels. The legality of the analysis that has taken place prior to your cancellation is not affected.
 

7          Consequences of potentially not providing data

Aside from the data which serve to fulfill the contract (for example, your name, the delivery address, the ordered product, payment data, etc.), we also collect some data, in order to provide to you the corresponding functions on our website or to be able to react to your inquiries, for example, if you use our contact form for questions.

If you provide these data yourself, you have no obligation to provide the above voluntary information. However, we are not able to provide the corresponding functions on our website or process your inquiries without these data.
 

8          Forwarding data

8.1       Forwarding data to contract processors

We need third party companies and external processors (“contract processors“) who are tied to us by contract in order to render these services. In such situations, personal data are forwarded to these contract processors, in order to enable the further processing. These contract processors are carefully chosen by us and regularly examined, in order to make sure that your privacy is preserved. The contract processors can use the data exclusively for the purposes we have stated, and the processors are furthermore under a contractual obligation towards us to treat your data exclusively in accordance with this Privacy Statement as well as the applicable data protection laws.

8.2       Other transmission of data

In addition, we only disclose your personal data without your consent in those situations permitted by the law. Such data transmission can especially be legally permissible in the following situations:

  • The processing is necessary to fulfill a legal obligation or is in the legitimate interest of Eppendorf, for example, due to a corresponding demand by public authorities for surrender of the data.
  • The processing is necessary to perform a responsibility which lies in the public interests or the processing takes place in the exercise of governmental power which has been assigned to Eppendorf.

8.3       Data transfers to third party countries

We may potentially transmit your personal data in the context of a business relationship to the relevant local company in the Eppendorf Group. You can find a complete list of our branches here.

When we transmit the data, we regularly secure a reasonable level of data protection by concluding standard contract clauses of proof by the EU Commission which represent a suitable guarantee for transmission to third party countries pursuant to Art. 46 para. 2 lit. c GDPR. You can access these clauses here.

Data are transmitted to countries outside the European Area (“third party countries“), e.g. in the USA, when using the analysis tools. In order to also assure protection of your privacy rights in this regard, Eppendorf never transmits your data to third party countries if there is no security about the level of data protection being equivalent to the level under the GDPR.

The European Commission made the decision for the USA on 12 July 2016 that a reasonable level of data protection exists under the provisions in the EU-U.S. Privacy Shield (so-called ”resolution on reasonableness” under Art. 45 GDPR). We use the following service providers who are certified under the EU-U.S. Privacy Shield.

We also use the standard contract clauses of the EU Commission pursuant to Art. 46 para. 2 lit. c GDPR when structuring contractual relationships with service providers in third party countries. These clauses can be accessed here.
 

9          Erasure of your data

We do not store your personal data any longer than is necessary to achieve the respective purposes of the data processing (see Section 3). The following time periods especially apply:

  • If you have concluded a contract with us and use our services, we generally process your data so long as necessary for the processing of the respective contract and providing the respective service, if applicable, plus the period of time for any warranty or guarantee periods. If you have purchased a product from us, the time period is normally two years after receipt of the product.
  • If you send us a message or if we send you a message which is classified as a commercial letter or business letter, we erase the message six years after the end of the year in which the letter was received.
  • When some applications on our website are used, it is possible that we retain back-up copies with regard to certain information for a very limited period of time. When the related interest no longer applies (for example, when the error is corrected or when defending against cyber-attacks), we erase these data.

10        Your rights as a data subject

10.1     Right of access by data subject

You have the right to receive from us at any time upon request information about the personal data related to you which we process in accordance with Art. 15 GDPR.

This right is limited by the exceptions set forth in § 34 German Data Protection Act [Bundesdatenschutzgesetz, "BDSG"], according to which the right to information especially does not apply if the data are only stored on the basis of retention requirements in the law or for the purpose of data back-up and monitoring data protection or if providing information would require a disproportionate effort and if improper use of data processing is prevented by appropriate technical and organizational measures.

10.2     Right to rectification

You have the right to demand that we correct personal data related to you without undue delay if the data are incorrect.

10.3     Right to erasure

You have the right, under the prerequisites described in Art. 17 GDPR, to demand from us that we erase the personal data related to you. These prerequisites especially exist if the respective purpose of the processing has been achieved or otherwise no longer applies as well as if your data have been illegally processed or if you have revoked a consent without the data processing being able to be continued on another legal basis and if you have successfully objected to the data processing (see  Section 10.6) and in those cases where there is a duty to erase on the basis of the law of the European Union or the law of an EU Member State to which we are subject.

This right is subject to the restrictions in § 35 BDSG, according to which the right of erasure can especially not apply if there is a disproportionately high effort for the erasure in cases where there is not automated data processing and if your interest in erasure is considered to be small.

10.4     Right to restriction of processing

You can demand from us pursuant to Art. 18 GDPR that we only process your personal data to a limited degree. This right exists especially if the accuracy of the personal data is disputed or if you demand restricted processing instead of erasure under the prerequisites that would justify a request for erasure (Section 10.3); this also applies in the event that the data are no longer needed for the purposes intended by us but if you need the data to assert, exercise or defend against legal claims as well as if the success of an objection is still in dispute.

10.5     Right to data portability

You have the right to receive from us in accordance with Art. 20 GDPR the personal data related to you which you have provided to us in a structured, common, machine-readable format and to transmit these data to another controller.

10.6     Right to object

You have the right to submit an objection against the processing of your personal data conducted in either the public interest or to preserve our legitimate interest for reasons which result from your special situation. We will stop the processing of your personal data unless we can provide proof of mandatory reasons for the processing that deserve protection which outweigh your interests, rights and freedoms or if the processing serves to assert, exercise or defend against legal claims.
 

If you object to the processing of your personal data for advertising purposes, we will stop this processing, in any event.​​

10.7     Exercise of these rights

If you would like to exercise these rights, please contact us, for example, by email at:  datenschutz@eppendorf.de.

10.8     Right to object

If you have issued a consent for the processing of your personal data, you can revoke this consent at any time, for example, at datenschutz@eppendorf.de. Starting at that point in time, we will stop the processing of your personal data covered by the consent unless we conduct the data processing on another legal basis (e.g. in order to continue to be able to fulfill contracts with you).


10.9     Data processing when your rights are exercised

Finally, we wish to inform you that upon the exercise of your rights, your personal data can be processed for the purpose of implementing these rights and to provide proof about this.

10.10   Right to logde a complaint

You also have the right to lodge a complaint with a supervisory authority, especially in the Member State where you are domiciled or where you have your work place or where the suspected violation has occurred if you are of the view that the processing of the personal data related to you violates the GDPR.
 

11        Amendments to this Privacy Statement

The services provided by Eppendorf can be changed from time to time, especially to continue to improve the functionality of our website. Such changes can also have an effect on the use of your personal data. Eppendorf accordingly reserves the right to amend this Privacy Statement. You will find the respectively current version on each page in our web presence under the heading ”Legal Notice & Privacy Policy”. Please inform yourself regularly about the current status of the Privacy Statement.

Status: March 2020