The protection of personal data of users of this website is a major concern of Desitin Arzneimittel GmbH ("Desitin"). The following privacy notice describes what personal data of users are collected on the website and how they are used.
You can display and print out this entire notice here.
The controller for processing your data in connection with this online offer is Desitin Arzneimittel GmbH ("Desitin"); exceptions are explained in this privacy statement.
Our contact data are as follows:
Desitin Arzneimittel GmbH
Weg beim Jäger 214
Tel.: +49 (0)40-591010
2. Contact Data of our Data Protection Officer
Should you have any questions regarding this privacy statement or generally about the processing of your data by Desitin, please contact our data protection officer:
Desitin Arzneimittel GmbH
Weg beim Jäger 214
3. Processing of Personal Data
Personal data are all information referring to an identified or identifiable natural person, such as names, addresses, telephone numbers, e-mail addresses, photos or online identifiers. When we process personal data, this means - for example - that we collect, store, use, transmit or delete such data. Hereinafter we will initially specify the processing purposes and legal bases of processing; thereafter we will go into details of the individual categories of personal data collected by us.
3.1. Processing purposes and legal bases
We and service providers contracted by us process your personal data for the processing purposes listed below. We point out that, according to the "legitimate interest" as legal basis, you are entitled to exercise a special right to object to processing (see section Rights of users):
Purpose of Processing
Legal Basis of Processing
Description of the Legitimate Interest in Processing, where relevant
performance of a contract, respectively our legitimate interest
We have a legitimate interest in providing an internet presence also for non-registered users, in order to generally inform about our enterprise.
Collecting statistical information about the use of the website (so-called web analysis)
We have a legitimate interest in obtaining information about the website use, especially in order to improve our offer.
Tracking malfunctions and guaranteeing the system security, including the detection and tracing of unauthorised access attempts and accesses to our web server
Compliance with our legal obligations in the field of data security, and our legitimate interest
We have a legitimate interest in removing malfunctions, guaranteeing the system security, as well as detecting and tracing unauthorised accesses or access attempts.
Safeguarding and defending our rights
We have a legitimate interest in exercising and defending our rights.
3.2. Automatically collected data
During your visit to the website Desitin automatically collects the following access data, which are relevant for system security and data security, in the so-called logfiles of the web server. This in particular involves the following data:
- Domain and Host, from where you use the internet;
- Internet address of the web page, from where you have come through a link to this website;
- Date and time;
- Duration and selection of visited web pages on our website;
- Amount of data transferred;
- Internet protocol (IP) address of your computer;
- Operating system and information about the browser used, including add-ons installed, if any (for example for the flash player); and
- http status code (for example "Request successful" or "Requested file not found").
The logfiles are stored for up to seven days for the purpose of tracking malfunctions and guaranteeing system security, including detecting and tracing unauthorised access attempts and accesses to our web servers, and are thereafter deleted, unless a suspect case of unlawful access to our web servers has occurred until then. The logfiles are only analysed in such suspect cases and only by authorised persons. Logfiles which must continue to be stored for evidentiary purposes are excluded from deletion until final clarification of the particular case, and may be forwarded to investigation authorities or lawyers to the required extent. The logfiles are additionally also stored for the web analysis, however without (complete) IP address. For web analysis purposes, the files are evaluated in aggregated form only (for details see section Web analysis).
3.3. Processing of other personal data
Personal or business data are only collected from you when you give them to us voluntarily, for example when you register with Desitin, order brochures or send a request to Desitin via a contact form. These data are only collected, processed and used to the extent necessary for the particular purpose and legally permitted, or subject to your consent (for example to process a brochures order, to register and subsequently verify the access authorisation for the protected areas on our website, or to reply to a request). No link is created between your details and the automatically collected data.
3.4. Recipient of personal data
3.4.1. Disclosure of data to other controllers (general)
Your personal data are in principle only transferred to the extent required for the particular purpose and to other controllers only in cases where this is necessary for contract performance, where we or the third party have a legitimate interest in such disclosure, or where you have given your consent for that purpose. Furthermore data may be transferred to other controllers insofar as we are obligated to make such disclosure due to statutory provisions or enforceable orders issued by public authorities or courts having jurisdiction.
3.4.2. Service providers (general)
Desitin reserves the right to employ service providers for data processing (for example, Desitin may commission a service provider to send you requested information material; for this purpose the mailing company must know your name, address and the specifically requested material). In these cases Desitin will enter into processing agreements with the service providers to the necessary extent.
In concrete terms the following types of service providers are concerned:
- IT service providers (technical support), Germany;
- Analysis tool suppliers with registered seat in Germany or the USA (for details see section Web analysis).
3.5. Duration of storage; retention periods
In principle, we store your data as long as this is necessary for providing this website and the related services, or as we have a legitimate interest in further storage (for example we can still have a legitimate interest in postal marketing even subsequent to performance of a contract). In all other cases we delete your personal data, except for data that we must continue to store in order to comply with statutory obligations (due to retention periods prescribed under tax and commercial law we are, for example, obliged to preserve documents such as contracts for a certain period of time).
The following specific retention periods apply:
- Automatically collected data (for security reasons): 7 days;
- Analysis tool Matomo: Data are permanently retained in anonymised form;
- Data which you made available to us in connection with ordering a brochure are deleted after 1 year;
- You find information about the duration of storage of cookies used by us in the following section Cookies.
Some of the web pages of the Desitin website use so-called "cookies". Cookies are small files that are stored on the user's computer when visiting a website. Cookies can store various types of data and help to provide additional functions (and thus make the website as a whole more user-friendly, more effective and safer). If cookies are used, these do not contain any personal data, unless you have given your explicit consent.
Desitin also uses a so-called analysis cookie in conjunction with the web analysis (see section Web analysis).
Hereinafter you find a summary of cookies used by us, which shall inform you about the purpose and type of the cookie concerned, and the respective storage duration.
Purpose of Cookie
Type of Cookie
Name of Application
Name of Cookie
Reference to Cookie
Selected font size
Matomo (formerly Piwik)
Matomo (formerly Piwik) ID
(allocation: visits of the same user at different times)
Google Analytics (performance: if used via the Google day manager function)
(distinction between users)
(distinction between users)
The settings options do not cover cookies set by other providers during your visit to web pages of third parties.
5. Web Analysis
5.1. Matomo (formerly Piwik)
Our website uses the web analysis service Matomo, which analyses the accesses of website visitors. Matomo generates Cookies [LINK] for the analysis of logfiles showing your use of our website. These data are stored on a server in Germany. As user, you remain anonymous for us, since your IP address is anonymised prior to storage. The data are not disclosed to third parties. If you do not agree with the storage and analysis of such data, please change the cookie settings in your internet browser accordingly. This may lead to a situation where you can no longer use our website to the full extent.
You can also object to the collection or analysis of your data through this tool by clicking here.
5.2. Google Analytics
Google Analytics is provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). We use Google Analytics with the additional function offered by Google for anonymising IP addresses: Here, the IP address is normally stored by Google within the EU already and only in exceptional cases shortened in the USA, and is at all events stored in a shortened form only.
You can object to the collection or analysis of your data through this tool by downloading and installing the available Browser Plugin here
6. External Links
Our online offer may include links to web pages of third parties. We have no influence on the processing of any personal data transferred to third parties by clicking the link (like for example your IP address or the URL of our website where the link is located). We assume no liability for the processing of such personal data by third parties. The third party's privacy notice shall apply.
Our employees and the service companies contracted by us are obliged to maintain secrecy and comply with the regulations of the applicable data protection laws.
We take all necessary technical and organisational measures, in order to guarantee a level of protection appropriate to the risk involved and to protect your data managed by us, especially against risks arising from unintended or unlawful destruction, loss, change or unauthorised disclosure or unauthorised access. Our security measures are continuously improved in line with the technological development.
8. Confidentiality of E-Mails
If you send an e-mail to Desitin via this website, these data are transmitted in encrypted form.
9. Your Rights as Data Subject
Exercising of your rights: In order to exercise your rights as data subject affected by the processing of your personal data, please use the details in section Contact. Please ensure for this purpose that a clear identification of your person is possible for us.
Right to information and access: You are entitled to receive information about the processing of your data from us. You may require us to confirm whether we process any personal data concerning you, and you have the right to access your data processed by us.
Right of rectification and erasure: If your data are inaccurate or incomplete, you may demand that your data should be rectified or completed. If we disclosed your data to third parties, we inform them about the rectification to the extent prescribed by law. You have the right to obtain erasure of your personal data from us, if the legal prerequisites are fulfilled for that purpose. This situation particularly applies in cases where:
- your personal data are no longer needed for the purposes for which they have been collected;
- the legal basis for processing was exclusively your consent, and you withdrawn such consent;
- you objected to direct marketing;
- you objected to processing based on our legitimate interests as legal basis on grounds that relate to your particular situation and there are no overriding legitimate grounds for the processing;
- your personal data have been subject to unlawful processing; or
- your personal data must be erased, so as to comply with a legal obligation.
When we disclose your data to third parties, we inform them about the deletion to the extent prescribed by law. Please note that your right of deletion is subject to restrictions. For example, we are not committed or permitted to delete any data which we must continue to preserve due to statutory retention periods. Likewise, data which we need in order to establish, exercise or defend legal claims are excluded from your right of deletion.
Restriction of processing: You may require us to restrict the processing of your data, if the legal prerequisites are fulfilled for that purpose. This situation particularly applies in cases where:
- the accuracy of your personal data is contested by you, and then until we have been able to correct or verify the accuracy;
- the processing is unlawfully done and you request a restriction of use instead of erasure (see also above);
- we no longer need your data for processing purposes, but you need such data in order to establish, exercise or defend your legal claims;
- you objected to the processing for personal reasons, and then until it is established whether your interests are predominant.
If the right to have processing restricted exists, we mark the data concerned in order to make sure that these data only continue to be processed within the narrow limits applying to such restricted data (i.e. especially in order to defend legal claims, or with your consent).
Right to data portability: Under the General Data Protection Regulation (GDPR) to be observed as from 25 May 2018, you are furthermore entitled to receive transmission of your data provided to us in a structured, commonly used and machine-readable format, or to request - if technically feasible - that the data be transmitted to a third party.
Rights of objection: You have the right to object to data processing on grounds relating to your particular situation, if such processing is based on legitimate interest as legal basis. You may furthermore always object to the processing of your data for marketing purposes. Please also note in this context section Information about your rights of objection.
Withdrawal of consent: If you have given us your consent to the processing of your data, you may always withdraw such consent with effect for the future. The lawfulness of processing your data remains unaffected until withdrawal.
Right to lodge a complaint with the Supervisory Authorithy: You have the right to lodge a complaint with a Supervisory Authority. For this purpose you may particularly contact the Supervisory Authority competent for your place of residence or your federal state, or the Supervisory Authority competent for us. This is:
Der Hamburgische Beauftragte für Datenschutz und Informationsfreiheit
("The Hamburg Officer for Data Protection and Freedom of Information")
Klosterwall 6 (Block C), 20095 Hamburg
Tel.: +49 (0)40 / 428 54 - 4040
Fax: +49 (0)40 / 428 54 - 4000
10. Obligation to Provide Data
You can also visit our website without disclosing your personal data to us. For registration purposes and for making use of the "Desitin Login" you are, however, obliged to provide us with the personal data needed for contract establishment and performance (for example the name, address, e-mail address); we mark these mandatory details with an asterisk*. If you do not want this, you may unfortunately not use the "Desitin Login".
11. Amendment of the Privacy Statement
Desitin reserves the right to amend the contents of this privacy statement in accordance with the statutory requirements. We will post changes on this website that materially affect you or have an impact on you and will inform affected registered users in advance. Please also keep yourself informed about updates of this privacy notice on our website.
If you wish to contact us, you reach us under the address specified in section Controller.