Privacy Policy SCIENION AG

SCIENION is pleased that you have decided to visit our website and are interested in our company and products. We treat the protection of your personal data seriously and strive to ensure that you feel secure and comfortable when visiting our Internet pages.

Due to statutory provisions we are obliged to inform you about the type, scope and purpose of the collection and use of personal data. Therefore we would kindly ask you to acknowledge the following information.

This Privacy Statement describes and governs the information collection, use, and sharing practices of Scienion AG and its corporate affiliates (collectively “SCIENION”, “we”, “us,” and “our”) with respect to SCIENION’s websites, mobile applications and other digital and interactive services that link to this Privacy Statement (together, the “Services”). Before you submit any information on or through the Services, please carefully read this Privacy Statement. By using any part of the Services, you consent to the collection, use and disclosure of your information as further outlined in this Privacy Statement.

Without prejudice to your rights under applicable law, SCIENION reserves the right to amend this Privacy Statement without prior notice to reflect technological advancements, legal and regulatory changes, good business practices and any update or expansion of the Services. If Scienion changes its privacy practices, an updated version of this Privacy Statement will reflect those changes and we will mark such changes by updating the effective date at the top of this Privacy Statement. Therefore please check this page periodically for updates. Your continued use of the Services will signify acceptance of the terms of the updated Privacy Statement.

1. Name and contact details of the controller and the company data protection officer

The following body is responsible according to the statutory provisions related to data privacy and data protection:

Scienion AG, Volmerstrasse 7b, 12489 Berlin,

Germany Phone: +49 (0) 30 6392 1700
Fax: +49 (0) 30 6392 1701
E-mail: ds@scienion.com

The company data protection officer can be reached as follows:

Mauß Datenschutz GmbH,
Dipl. Inform. Tobias Mauß,
Neuer Wall 10, 20354 Hamburg, Germany
Phone: +49 (0)40 999 9952-0
E-Mail: datenschutz@datenschutzbeauftragter-hamburg.de

2. Collection and storage of personal data as well as the nature and purpose of their use

a) When visiting the website

When you visit our website www.scienion.de and www.scienion.com the browser used on your device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file. The following information will be collected without your intervention and stored until automated deletion:

  • IP address of the requesting computer
  • date and time of access
  • name and URL of the retrieved file
  • website from which access is made (referrer URL)
  • used browser and, if applicable, the operating system of your computer as well as the name of your access provider

The data mentioned are processed by us for the following purposes:

  • ensuring a smooth connection of the website
  • ensuring comfortable use of our website
  • evaluation of system security and stability as well for further administrative purposes.

The legal basis for data processing is Art. 6(1)(f) of the EU General Data Protection Regulation (GDPR). Our legitimate interest follows from the data collection purposes listed above. In no case we use the collected data for the purpose of drawing conclusions about you. The collection and storage of personal data is necessary to provide our Services. Thus, an objection by the data subject is not possible. The data is erased after 7 days. In addition, we use cookies and analysis services when visiting our website. Further details can be found under sections 4. and 5..

b) When registering for our newsletter

If, pursuant to Art. 6(1)(a) GDPR, you have expressly consented, we use your e-mail address to regularly send you our newsletter. The following personal data is collected and stored:

  • valid e-mail address
  • name – company/institute
  • country

The collection of this data is needed and will be used exclusively to send out the newsletter as well as to verify that you are the owner of the specified e-mail address and that you agree to receive this newsletter. The following personal data is also collected and stored:

  • profile ID
  • date and time of subscription.

The collection of this data is needed to secure our systems against abuse. The deregistration is possible at any time, for example via a link at the end of each newsletter. The legality of the data processing carried out up until the point of revocation remains unaffected by the revocation of consent. Alternatively you can also send your unsubscribe request to ds@scienion.com by e-mail.

c) By using our contact form

For questions of any kind, we offer you the opportunity to contact us via a form provided on the website. Whenever a user chooses to contact us through our form, following personal data is collected and stored:

  • first and last name
  • e-mail address
  • University/Company/Institution

Further information can be provided voluntarily.

The collection of this data is needed to engage in a conversation with the user.

The data processing for the purpose of contacting us is in accordance with Art. 6(1)(a) GDPR based on your voluntarily granted consent.

The data is erased whenever the conversation with a user ends. A conversation has ended when we assume that the concern of the user has been solved. A user may request the erasure of his personal data at any time by sending us a message. In this case, the conversation with the user cannot be carried on.

The personal data of the data subject is erased or the processing is restricted as soon as the data is no longer necessary in relation to the purposes for which they were collected. Personal data may also be stored where Union law or Member State law to which the controller is subject allows such storage. The personal data of the data subject is erased or the processing is restricted as soon as a storage period runs out except for cases where there is a necessity of storage of the personal data for the performance of a contract or to comply with statutory law requirements.

3. Disclosure of data

A transfer of your personal data other than those listed below does not take place. We only share your personal information with third parties if:

  • you have given express consent to this as laid down in Art. 6(1)(a) GDPR
  • the disclosure pursuant to Art. 6(1)(f) is required to assert, exercise or defend legal claims and there is no reason to assume that you have a predominantly legitimate interest in not disclosing your data
  • in the event that disclosure is a legal obligation as per Art. 6(1)c GDPR as well as
  • this is legally permissible and according to Art. 6(1)(b) GDPR is required for the settlement of contractual relationships with you.

4. Cookies

We use cookies on our site. These are small files that your browser automatically creates and that are stored on your device (laptop, tablet, smartphone etc.) when you visit our site. Cookies do not harm your device, do not contain viruses, Trojans or other malicious software.

In the cookie information is stored, each resulting in connection with the specific terminal used. However, this does not mean that we are immediately aware of your identity.

On the one hand, the use of cookies serves to make the use of our offer more pleasant for you. For example we use so-called session cookies to recognize that you have already visited individual pages on our website. These are automatically deleted after leaving our page.

In addition, to improve usability, we also use temporary cookies that are stored on your device for a specified period of time. If you visit our website again to take advantage of our services, it will automatically recognize that you have already been with us and what inputs and settings you have made, so you do not have to re-enter them.

On the other hand, we use cookies in order to statistically record the use of our website and to evaluate it for the purpose of optimizing our offer (see section 5). These cookies allow us to automatically recognize when you visit our website again that you have already been with us. These cookies are automatically deleted after a defined time.

The data processed for cookies are required for the purposes mentioned in order to safeguard our legitimate interests as well as third parties according to Art. 6(1)(f) GDPR.

Most browsers accept cookies automatically. However, you can configure your browser to that no cookies are stored on your computer or always a hint appears before a new cookie is created. However, disabling cookies completely may mean that you cannot use all features of our website.

5. Analysis tools

Tracking tools

The tracking as described below used by us is based on Art. 6(1)(f) GDPR. With the tracking measure to be used, we want to ensure a needs-based design and the continuous optimization of our website. On the other hand, we use the tracking measures to statistically record the use of our website and evaluate it for the purpose of optimizing our offer for you. These interests are to be regarded as justified within the meaning of the aforementioned provision.

Matomo 3.5

We use Matomo open-source software for analysis and statistical analysis of website usage. Cookies are used for this purpose (see section 4.). The information generated by the cookie about the use of the website is transmitted to our servers and summarized in pseudonymous usage profiles. The information is used to evaluate the use of the website and to enable a needs-based design of our website. The information will not be passed on to third parties.

In no case will the IP address be associated with any other data concerning the user. The IP addresses are anonymized, so that an assignment is not possible (IP masking).

Your visit to this website is currently covered by the Matomo web analytics. Click here (https://matomo.org/docs/privacy/) to stop your visit.

6. Social Media Plug-ins

We use social plug-ins in order to make our company better known on the basis of Art. 6(1)(f) GDPR. The underlying commercial purpose is to be regarded as a legitimate interest within the meaning of the GDPR. Responsibility for the operation compliant with data protection is to be guaranteed by the respective providers. The integration of these plug-ins by us is done by means of the so-called two-click method to protect visitors to our website in the best possible way.

a) Twitter

On our website plug-ins of the short message network of Twitter Inc. (Twitter) are integrated. The Twitter plug-ins (tweet button) can be recognized by the Twitter logo on our site. An overview of tweet buttons can be found here (https://publish.twitter.com/#).

When you visit a page of our website that contains such a plug-in, a direct connection is established between your browser and the Twitter server. Twitter receives the information that you have visited our site with your IP address. If you click on a Twitter “tweet button” while logged in to your Twitter account, you can link the contents of our pages to your Twitter profile. This allows Twitter to associate your visit to our pages with your user account. We point out that we as a provider of the pages are not aware of the content of the transmitted data and their use by Twitter. If you do not want Twitter to associate your visit to our pages, please log out of your Twitter account.

More information can be found in the privacy policy of Twitter (https://twitter.com/en/privacy#update).

b) LinkedIn

Our website employs components provided by the network LinkedIn. LinkedIn is a service of LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Each time our website receives an access request equipped with LinkedIn component, the component prompts your browser to download an image of this component from LinkedIn. Through this process, LinkedIn is informed exactly which page of our website is being accessed. By clicking the LinkedIn “recommend button” while logged into your LinkedIn account, you can link content from our website to your LinkedIn profile. This allows LinkedIn to associate your visit to our site with your LinkedIn account. We have not control over the data that LinkedIn collects thereby, nor over the extent of the data that LinkedIn collects. Nor do we have any knowledge of the content of the data transferred to LinkedIn.

More information can be found in the privacy policy of LinkedIn (https://www.linkedin.com/legal/privacy-policy).

7. Plug-ins and Tools

a) Youtube
Our website uses plug-ins from YouTube, which is operated by Google. The operator of the website is YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.

If you visit one of our pages featuring a YouTube plug-in, a connection to YouTube’s server is established. Information about which of our pages you have visited is relayed to YouTube’s servers. If you’re logged in to your YouTube account, YouTube allows you to link your browsing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.

YouTube is used to present our online content in an appealing way. This constitutes a legitimate interest pursuant to Art. 6(1)(a) of the GDPR.

For more information on how YouTube handles users’ data see Google’s privacy policy at https://policies.google.com/privacy?hl=en&gl=en.

b) Open Streetmap
Our website uses plug-ins from OpenStreetMap which is open data, licensed under the Open Data Commons Open Database License (ODbL) by the OpenStreetMap Foundation (OSMF), 132 Maney Hill Road, Sutton Coldfield, West Midlands, B72 1JU, United Kingdom.

For more information on how the Osmo foundation handles users’ data see its privacy policy at https://wiki.osmfoundation.org/wiki/Privacy_Policy.

8. User Account and E-Commerce

We offer a webshop on our website to make purchases of some of our products. A user account is mandatory to make such purchases. We collect the following personal data and store it on our servers:

  • name
  • title
  • address
  • e-mail address
  • telephone number

The collection of this data is needed to provide the user account. The user may at any time change or delete his personal data. He may delete his account at any time. The following personal data is also collected and stored:

  • IP address
  • Date and time of subscription

The collection of this data is needed to secure our systems against abuse and thus necessary in order to safeguard our legitimate interests as well as third parties according to Art. 6(1)(f) GDPR.

Your consent is the legal basis for the processing of personal data (Art. 6(1)(a) GDPR). When the account is used to make purchases in our webshop, the legal basis for the collection and processing of this data is the necessity for the performance of a contract to which the data subject is a party or in order to take steps at the request of the data subject prior to entering into a contract (Art. 6(1)(b) of the GDPR).

During the purchase process, we highlight the information required to make purchases as mandatory. Further personal data may be provided by choice.

The processing of the personal data is needed to carry out the purchase, deliver the goods, to address warranty claims and due to fiscal requirements. Warranty claims can be made up to one year after delivery. The fiscal regulations require storage of invoices for ten years. This necessity for compliance with a legal obligation to which the controller is subject is also the legal basis for the processing of personal data (Art. 6(1)(c) of the GDPR).

A user may request the correction of his personal data at any time. A user may also request the erasure of his personal data at any time. When the user has made purchases in our webshop, the personal data may be erased when there is no more necessity for the performance of the contract to which the data subject is party or when the applicable laws allow such erasure.

When making purchases through our webshop, we may disclose the personal data of a user to third parties. This takes place in the following cases:

  • To deliver parcels, packages or other mailings, we disclose the name and address of the user to the mail carrier chosen for delivery. The disclosure is necessary to perform the contract with the customer and the legal basis for the disclosure is Art. 6(1)(b) of the GDPR.
  • To collect payments, we use third party payment providers. The user discloses his payment data to the provider who uses it to collect the due payment. The necessity arising from the contract with the customer is the legal basis for the disclosure (Art. 6(1)(b) of the GDPR).

9. Rights of the data subject

You have the right: – In accordance with Art. 15 GDPR to request information about your personal data processed by us. In particular, you can request information on the processing purposes, the category of the personal data, the categories of recipients to whom your data has been disclosed, the planned retention period, the right to rectification, deletion, limitation of processing or opposition, the existence of a right to complain, the source of your data if not collected from us as well as the existence of any automated decision-making including profiling and, where appropriate, meaningful information about their details;

  •  Pursuant to Art. 16 GDPR to demand the correction of incorrect or completion of personal data stored by us immediately;

 

  • In accordance with Art. 17 GDPR to demand the deletion of your personal data stored by us, except where the processing is required for the exercise of the right to freedom of expression and information, for the fulfillment of a legal obligation, for reasons of public interest or for the assertion, exercise or defense of legal claims;

 

  • In accordance with Art. 18 GDPR to demand the restriction of the processing of your personal data, as far as the accuracy of the data is disputed by you, the processing is unlawful, but you reject their deletion and we no longer need the data, but you need them for the assertion, exercise or defense of a legal claim or you have objected to processing in accordance with Art. 21 GDPR;

 

  • Pursuant to Art. 20 GDPR to obtain your personal data provided to us in a structured, common and machine-readable format or to request the transfer to another Controller;

 

  • Pursuant to Art. 7(3) GDPR to revoke your once granted consent to us at any time; as a result we are not allowed to continue the data processing based on this consent for the future, any processing that was carried out prior to the revocation shall not be affected thereby and

 

  •  According to Art. 77 GDPR to complain to a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or work or our office.

10. Information on the right to object

If your personal data are processed based on legitimate interests in accordance with Art. 6(1)(f) GDPR you have the right to file an objection against the processing of your personal data in accordance with Art. 21 GDPR, provided that there are reasons for this arising from your particular situation or the objection is directed against direct mail. In the latter case, you have a general right of objection, which is implemented by us without specifying any particular situation.

If you would like to exercise your right of revocation or objection, please send an e-mail to ds@scienion.com.

Mission

SCIENION wants to improve and accelerate the development of innovative, reliable, cost-efficient diagnostic and bioanalysis test platforms for the sake of patients, consumers, public health and environmental protection all over the world. We support our customers in any way to achieve this goal and we strive to be the number one partner for all players with the same objective.