Data protection information in accordance with Art. 13 and Art. 14 of the General Data Protection Regulation (GDPR)

We take data protection and confidentiality very seriously. Here we provide you a brief overview of the most important aspects of our privacy policy.


General Information


Management

BIOTECON Diagnostics GmbH
Hermannswerder 17
D-14473 Potsdam
Phone: +49 (0) 331 2300-200
Fax: +49 (0) 331 2300-299
bcd@bc-diagnostics.com
www.bc-diagnostics.com

Dr. Kornelia Berghof-Jäger (CEO)
Alois Schneiderbauer (CBO)

Data Protection Representative

BIOTECON Diagnostics GmbH
H.-U. Bierhahn
Hermannswerder 17
D-14473 Potsdam
Phone: +49 (0)151 226 499 45


Collection, Processing and Use of Personal Data


BIOTECON Diagnostics collects and processes personal data of the following types:

Persons who contact BIOTECON Diagnostics
Contact with BIOTECON Diagnostics is possible via the web form. Other methods include by telephone, letter, Email or fax. The following applies to this data obtained:

Personal Data:
Name, Email address, company, country, telephone number
as well as any other information shared with us

Processing Purposes:
Processing of your request

Legal Basis:
Article 6 paragraph 1, letter a GDPR

Data Recipient:
Internal Departments, Management and places to which we forward the data upon request

Data Retention Period:
After processing is complete, the data is archived. The data in the archive will be deleted after 10 years.

Submission of all data is voluntary. However, messages can only be processed when contact details are provided.

Visitors of the BIOTECON Diagnostics’ Website
When you visit our website, the following data is automatically processed:

Personal Data:
IP address (Internet identification number of your device), Information that the visitor’s browser automatically transmits (operating system, browser name, browser version, as well as pages accessed).

Cookies:
Only a so-called “session cookie” is set. This is technically necessary. It is automatically deleted by your browser after leaving our website. No other cookies are used.

Tracker:
Use of Matomo (formerly Piwik). With this open source software, we create statistical reports of visitor access for our own needs. The collected data will never be transferred to servers of other companies. They will not be passed on to third parties. BIOTECON Diagnostics uses the statistical data exclusively in anonymous form.

Processing Purposes:
Operation of the website, evaluation of faults, compilation of anonymous usage statistics

Legal Basis:
Article 6, paragraph 1, letter f GDPR

Data Recipient:
None

Data Retention Period:
3 months

Newletter Recipients
Our newsletter is available upon request. The following processing takes place for this:

Personal Data:
Email address, surname, first name, company, country, industry, title, telephone number (optional)

Processing Purposes:
Sending the newsletter

Legal Basis
Article 6 paragraph 1, letter a GDPR

Data Recipient:
Internal departments

Data Retention Period:
None, the data will be deleted immediately after the cancellation of the newsletter.

After submitting the registration form, you will receive a confirmation email from us. Subscription registration for the selected information only becomes effective after you have clicked on the link in the confirmation email. You can unsubscribe at any time. Please use the unsubscribe function on our website or the link to unsubscribe at the bottom of each Email. All data will then be deleted immediately.

Contact persons of customers and suppliers
The contact data of contact persons will be processed as follows:

Personal Data:
Name, company, company address, department, function, telephone number, fax number, email address

Processing Purposes:
Arrangement for the services ordered

Legal Basis:
Article 6, paragraph 1, letter f GDPR

Data Origin:
Notification by the contact person himself, notification by another body of the service provider

Data Recipient:
Management and internal departments

Data Retention Period:
Once collaboration is complete, the data is archived. The data in the archive will be deleted after 10 years.

There is no obligation to transmit this data. Processing is also not absolutely necessary for the service.
However, the effort required for agreements would be excessively higher without a designated contact person.
Furthermore, there would be an increased risk of misunderstandings or miscommunication. There is therefore a legitimate interest in processing such information.

Job Applicants:
BIOTECON Diagnostics processes the following data from job applicants:

Personal Data:
All data sent with the application

Processing Purposes:
Hiring decisions

Legal Basis:
Article 88 GDPR in conjunction with §26 BDSG
Article 6 paragraph 1, letter a GDPR (consent to longer storage of documents)

Data Recipient:
Management and internal departments

Data Retention Period:
When hired: 10 years after termination of employment

In case of rejection: 3 months after rejection (if applicant does not agree to longer retention)
Data processing is required for hiring purposes. An employment contract is not possible without this data.

Employees
The following employee data is processed by BIOTECON Diagnostics:

Personal Data:
First and last name, address, telephone number, email address, social security data, tax data, qualification details, working times, absence times and reasons, travel activity, salary information, employment contract, employee performance reviews, application documents

Processing Purposes:
Execution / termination of the employment relationship

Legal Basis:
Article 88 GDPR in conjunction with §26 BDSG

Data Recipient:
Management and internal departments
Health insurance / pension insurance / tax authorities (only the information required by law)

Data Retention Period:
10 years after termination of employment

Processing is necessary for the fulfilment of the employment contract. Some processes (tax data, social insurance data) are required by law.


Rights of Data Subjects


All persons whose personal data are processed by BIOTECON Diagnostics have the following rights:

  • Information about your stored personal data (Article 15 GDPR)
  • Correction of inaccurate data (Article 16 GDPR)
  • Cancellation, if this is legally permitted (Article 17 GDPR)
  • Restrictions on processing (Article 18 GDPR )
  • Receipt of your data in a structured, common and machine-readable format (Article 20 GDPR)
  • Objection to processing (Article 21 GDPR)
  • Complaint to a supervisory authority (Article 77 GDPR)