Data Privacy Notice

Configurator - Single-Use Assembly Design Platform and AR App

Sartorius Commitment to Data Privacy Protection
Last update: 07th February 2019

Protecting the security and privacy of your personal data is important to
Sartorius Stedim Biotech GmbH, August-Spindler-Straße 11, 37079 Göttingen (“Sartorius”).
Therefore Sartorius processes personal data in compliance with applicable laws on data protection and data security.

The following policy explains what data

  • our Single-Use Assembly Design Platform (“Website”) and
  • our Single-Use Assembly Design Platform AR App (“App”)

may collect and how we deal with your personal data.

  1. Contact details of the controller
  2. Contact details of our Data Protection Officer
  3. Collection of personal data, purpose of the processing and legal basis
  4. Cookies
  5. App permissions
  6. Transfer and disclosure of personal data
  7. Retention periods
  8. Your rights
  9. Children
  10. Changes to the Data Privacy Notice

1. Contact details of the controller

Responsible for the processing of your data is:

Sartorius Stedim Biotech GmbH
August-Spindler-Straße 11
37079 Göttingen

Email: info@sartorius-stedim.com

2. Contact details of our Data Protection Officer

You can reach our Data Protection Officer at:

Sartorius Corporate Administration GmbH
Data Protection
Otto Brenner Straße 20
37079 Göttingen

Email:

  • datenschutz@sartorius.com
  • dataprotection@sartorius.com

3. Collection of personal data, purpose of the processing and legal basis

When visiting the Website, Sartorius may processes the following personal data about you:

  • Personal data that you voluntarily provide (e.g., when registering, contacting us, etc.), such as name, e-mail address, telephone number, information submitted as part of a support request, etc.; and
  • Information that is automatically sent to us by your web browser or device, such as your IP-address, device type, browser type, referring site, sites accessed during your visit, the date and time of each visitor request.

When using the App, Sartorius may processes the following personal data about you:

  • Personal data that you voluntarily enter when using the app (i.e. when registering or contacting us, etc.), such as name, e-mail address, telephone number or information provided as part of a support request.

We process your personal data for the following purposes:

  • Personal data that you voluntarily enter when using the app (i.e. when registering or contacting us, etc.), such as name, e-mail address, telephone number or information provided as part of a support request.
  • To offer the website’s and app’s services and functions and to administer your use of these offerings;
  • To verify your identity;
  • To answer your specific requests;
  • As reasonably necessary to enforce our terms of use, to establish or preserve a legal claim or defense, to prevent fraud or other illegal activities, including attacks on Sartorius’ information technology systems.

The processing of personal data is necessary in order to achieve the above mentioned purposes. We only process your personal data if we are permitted by applicable law to do so. In particular, if you are based in the European Economic Area, the legal basis for Sartorius processing your personal data is that such processing is necessary for the purposes of:

  • Sartorius exercising its rights and performing its obligations in connection with any contract we make with you (Art. 6 (1) (b) GDPR),
  • Compliance with Sartorius’ legal obligations (Art. 6 (1) (c) GDPR), and/or
  • Legitimate interests pursued by Sartorius (Art. 6 (1) (f) GDPR). Generally the legitimate interest pursued by Sartorius in relation to our use of your personal data is the efficient operation, management and support of the Website and App.

4. Cookies

In the context of our Website or App (“online service”), cookies and tracking mechanisms may be used. Cookies are small text files that may be stored on your device when visiting our online service.

4.1. Types of cookies

Cookies can be assigned to four categories, depending on their function and intended purpose: absolutely necessary cookies, performance cookies, functional cookies, and cookies for marketing purposes.

Technically required cookies
are essential and help you navigate, move around on the online service and see certain features. These cookies are required to enable core functionality. These cookies are stored for the duration of your browsing session.

Functional and Analytics cookies
can give you an even smoother customer experience. These cookies allow us to analyse site usage so we can measure and improve performance. These cookies may be placed by us or a third party on our behalf and are stored for the duration of your browsing session.

Marketing cookies
are used to offer more relevant content to users, based on their specific interests. They are also used to measure and control the effectiveness of advertising campaigns. They register whether users have visited a website or not, and which contents were used. This information may possibly also be shared with third parties, such as advertisers, for example.

4.2. Cookies we use

Currently we do not use any Cookies for our online service.

5. App permissions

To use certain functions of the app you may be required to provide certain App permissions. App permissions allow the App to access information stored on your device.

The App works with the following permissions:

  • Photos/Media/Files: If you want to save your favorites, your offline cache, your support requests, and other files created in the app locally on the device.
  • Camera: To read QR-codes to identify joint position for retrieval of 3D data.
  • Wi-Fi connection: For Wi-Fi access of the app.

You may manage the use of App permissions in the settings of your operating system. Please note that the use of certain functions of the App may not or no longer be possible if you deactivate the respective App permission.

6. Transfer and disclosure of personal data

For the purposes mentioned above Sartorius may transfer or disclose your personal data to:

  • Other Sartorius companies, if this is necessary in the context of offering and operating our online service and answering your support request,
  • Service providers (so-called data processors) such as hosting or IT-maintenance service providers, which only act upon instructions of Sartorius and are contractually bound to act in compliance with applicable data protection law.
  • Courts, law enforcement authorities, regulators or attorneys if necessary to comply with the law or for the establishment, exercise or defense of legal claims.

If you are located within the European Union or the European Economic Area, please be aware that sometimes the recipients to whom Sartorius transfers or discloses your personal data are located in countries in which applicable laws do not offer the same level of data protection as the laws of your home country.

In such cases, if required by applicable law, Sartorius takes measures to implement appropriate and suitable safeguards for the protection of your personal data.

We transfer personal data to external recipients in third countries only if the recipient has entered into EU Standard Contractual Clauses with Sartorius, implemented Binding Corporate Rules in its organization or – in case of US recipients – the recipient is certified under the Privacy Shield.

7. Retention periods

We erase your personal data if the retention of that personal data is no longer necessary for the purposes for which they were collected or otherwise processed, or to comply with legal obligations (such as retention obligations under tax or commercial laws).

8. Your rights

Under applicable data protection law you may have the right to:

  • Obtain confirmation as to whether or not personal data concerning you are being processed, and where that is the case, access to the personal data;
  • Obtain the rectification of inaccurate personal data concerning you;
  • Obtain the erasure of your personal data;
  • Obtain restriction of processing regarding your personal data;
  • Data portability concerning personal data, which you actively provided; and
  • Object, on grounds relating to your particular situation, to processing of personal data concerning you;
  • Withdraw your consent to the processing of your data you have given us with future effect at any time, i.e. the withdrawal of the consent does not affect the lawfulness of processing based on the consent before its withdrawal;
  • Submit an appeal to a data protection supervisory authority.

9. Children

This online offer is not directed at children under an age of 16 years.

10. Changes to the Data Privacy Notice

We may update this Data Privacy Notice from time to time to reflect, for example, changes to the cookies we use or for other operational, legal or regulatory reasons.

The date of this Data Privacy Notice indicates when it was last updated.