We, UFAG Laboratorien AG, Kornfeldstrasse 4, 6210 Sursee (hereinafter ‘we/our’), take the protection of your personal data very seriously and adhere strictly to all applicable laws and regulations on data protection in the EU (European General Data Protection Regulation, GDPR). The following explanations give you an overview of how we ensure this protection and what data we process for which purpose.
Dr. Martin Knauf
Chief Executive Officer
UFAG Laboratorien AG
Tel .: +41 58 434 42 00
2. Usage data
Each time our website is accessed and each time a file is called up, general data about this process is automatically saved in a log file. This storage is solely for system-related and statistical purposes.
The data will not be passed on to third parties or otherwise exploited unless a legal obligation exists to do so.
Specifically, the following dataset is stored each time the website is accessed:
• The name of your internet service provider,
• Your IP address or the IP address of your proxy server,
• Your browser software version,
• Your computer’s operating system,
• The website from which you accessed us,
• The pages you visit on our site,
• Any search words that you may have used with us or that you have used to find our website
There is no merging of this data with other data sources. This basis of this data processing is Article 6 (1) (b) GDPR, processing necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.
3. Personal data
We only process personal data if we are legally permitted to do so or if you have given us your consent.
a. Contact/contact form:
If you contact us, we will save your data for the purpose of processing your request, and for the event that further correspondence, e.g. for follow-up questions, may take place.
The basis for this data processing is Article 6 (1)(b) GDPR, which allows the processing of data for performing a contract or for taking steps at the request of the data subject prior to entering into a contract.
Data transmitted to us via the contact form will remain with us until you ask us to delete it or there is no longer any need for the data to be stored. Statutory provisions, e.g. retention periods, remain unaffected.
Regular customers providing regular samples have the option of having their own user profile created for use with our customer portal. The profile enables you to use certain functions of the customer portal. The data transmitted in registration is used exclusively for the purpose of accessing the particular offer or service.
For this we need various information from you, such as your company name (for legal entities), your first and last name, your address and e-mail address.
Your data will only be used by us for the purpose of administering your profile and if necessary for contacting you in connection with your registration.
You also have the option of contacting our team at any time to change your profile or data.
The basis for processing the data entered during registration is your consent (Article 6 (1)(a) GDPR).You can revoke your consent at any time. The lawfulness of the processing already carried out remains unaffected by the revocation.
We store your data that you entered during registration for the period in which you remain registered on our website. If you cancel your registration, your data will be deleted. Statutory retention periods remain unaffected.
4. Data transfer when concluding a contract for services
Personal data will only be transmitted to third parties if there is a need to do so in the course of executing the contract. Examples of third parties include logistics companies, subcontractors and payment service providers. No further transmission of your data takes place, or only takes place if you have given your express consent to this.
The basis of this processing is Article 6 (1)(b) GDPR, which allows the processing of data for performing a contract or for taking steps at the request of the data subject prior to entering into a contract.
In some areas of our website we use what are known as cookies.These are file elements that enable your computer to be identified as a technical unit during your visit to this website, in order to facilitate your use of what we offer, including on subsequent repeat visits.
As a rule, however, you have the option of setting your web browser so that you are informed about the occurrence of cookies so that you can allow or exclude them or delete existing cookies.
Cookies do not enable a server to read private data from your computer or the data stored by another server. They do no harm to your computer and do not contain viruses.
We process cookies to improve the functionality of our website, and this is therefore necessary for safeguarding our legitimate interests.
The setting of cookies necessary to enable electronic communication processes or to provide certain functions you require (e.g. a shopping cart) is based on Article 6 (1)(f) GDPR. As the operator of the website, we have a legitimate interest in the storage of cookies to enable us to provide our services smoothly and free of technical errors. If other cookies are used (e.g. for analysis functions), these will be treated separately in this data protection declaration.
6. Google Analytics
We use Google Analytics, a web analysis service of Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA.
Google Analytics uses‘cookies’, text files that are stored on your computer and that enable an analysis of your use of the website. The information generated by the cookies about your use of this website is normally transferred to a Google server in the USA and stored there. If IP anonymization is activated on this website, your IP address will be anonymized (shortened) beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. The full IP address will only be transmitted to a Google server in the USA and anonymized there in exceptional cases. Google will use this information on our behalf to evaluate your use of the website, to compile reports on website activity and to provide us with other services relating to website activity and internet usage. The IP address transmitted by your browser within Google Analytics will not be merged with other Google data. You can block the storage of cookies by setting your browser software accordingly; however, we would point out that if you do this, you may not be able to use all functions of this website to their full extent. You can also prevent the data generated by the cookie and relating to your use of the website (including your IP address) being collected or processed by Google by downloading and installing the browser plugin available by clicking the following link: (http: //tools.google.com/dlpage/gaoptout?hl=de). An opt-out cookie is then set that prevents any further collection of your data when you visit this website. This procedure is particularly recommended when accessing our site using mobile devices.
We would point out that on this website Google Analytics has been expanded to include the code ‘gat._anonymizeIp ();’ to ensure that IP addresses are collected anonymously (‘IP masking’).
You can find more information on the terms and conditions of use and data protection at www.google.com/analytics/terms/de.html or at www.google.com/intl/de/analytics/privacyoverview.html.
The use of Google Analytics cookies is based on Art. 6 (1)(f) GDPR. As the operator of this website, we have a legitimate interest in analyzing user behavior in order to optimize our website, and where appropriate, our advertising.
7. Google Adsense
This website uses Google AdSense, a service of Google Inc. (‘Google’) for the integration of advertisements. Google AdSense uses ‘cookies’, text files that are stored on your computer and that enable the use of the website to be analyzed. Google AdSense also uses what are known as web beacons (invisible graphics). These web beacons can be used to evaluate information such as visitor traffic on these pages.
The information generated by cookies and web beacons about the use of this website (including your IP address) and the provision of advertising formats are transmitted to and stored on a server of Google in the USA. This information can be passed on by Google to contractual partners of Google. Google will however not merge your IP address with other data stored about you.
You can block the installation of cookies by making the appropriate settings in your browser software; we would point out, however, that if you do this you may not be able to use all the functions of this website to their full extent. By using this website, you state your consent to the processing of the data collected about you by Google in the manner described above and for the purpose stated above.
8. Google Ad Manager
Our website uses Google Ad Manager (formerly DoubleClick for Publishers (Small Business)) from Google LLC., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (‘Google’) to deliver and optimize advertisements.
The information stored in the cookie can be recorded, collected and evaluated by Google or also by third parties. In addition, the Ad Manager uses ‘web beacons’ (small invisible graphics) that collect information about visitors to our site (e.g. browser, operating system, site visited beforehand, IP address, date/time). The use of these elements enables simple actions such as visitor traffic on the website to be recorded, collected and evaluated.
The information generated by the cookie and/or web beacon about your use of this website is transmitted to and stored on a server of Google in the USA. Google observes the data protection provisions of the US Privacy Shield and is registered with the US Privacy Shield program of the US Department of Commerce. The information obtained in this way is used by Google to evaluate your usage behavior with regard to the ads managed by Ad Manager.
Google may also transfer this information to third parties if this is required or permitted by law or if third parties are contracted to process the data on behalf of Google.
You can block the storage of cookies on your hard drive and the display of web beacons. To do this, you must select ‘Do not allow cookies’ in your browser settings. You can find more information here (http://www.google.com/policies/technologies/ads/). You can deactivate personalized advertising by Google here (https://adssettings.google.com/anonymous?hl=de). Further information on how you can block certain advertisements by Google can be found here (https://support.google.com/ads/answer/2662922?hl=de).
9. Social plugins
We use social plugins so that you can share articles from our website on your social media channels.
We use the plugin of the Facebook social network on our website. Facebook is an internet service provided by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA, hereinafter referred to as ‘Facebook’.
If the plugin is stored on one of the pages you visit on our website, your web browser will download an image of the plugin from the Facebook servers in the USA. For technical reasons, it is necessary for Facebook to process your IP address. The date and time of your visit to our website are, however, are also recorded.
If you are logged into Facebook while visiting one of our web pages containing the plugin, the information collected by the plugin about your specific visit will be recognized by Facebook. Facebook will assign the information thus collected to your personal Facebook user account where possible. Thus if, say, you press the ‘Like’ button on Facebook, this information will be saved in your Facebook user account and may be publicized on the Facebook platform. If you wish to prevent this, you must either log out of Facebook before visiting our website or use an add-on for your web browser to prevent the Facebook plugin being loaded.
Further information about the collection and use of data, together with your associated rights and protection options, can be consulted in Facebook’s data privacy statements available at www.facebook.com/policy.php.
If the plugin is stored on one of the pages you visit on our website, your web browser will download an image of the plugin from the LinkedIn servers in the USA. For technical reasons, it is necessary for LinkedIn to process your IP address. The date and time of your visit to our website are, however, are also recorded.
If you are logged into LinkedIn while visiting one of our web pages containing the plugin, the information collected by the plugin about your specific visit will be recognized by LinkedIn. LinkedIn will assign the information thus collected to your personal LinkedIn user account where possible. Thus if, say, you press the ‘Share’ button on LinkedIn, this information will be stored in your LinkedIn user account and may be published on the LinkedIn platform. If you wish to prevent this, you must either log out of LinkedIn before visiting our website or make the appropriate settings in your LinkedIn user account.
Further information about the collection and use of data, together with your associated rights and protection options, can be consulted in LinkedIn’s data privacy statements available at www.linkedin.com/legal/privacy-policy.
We use the plugin from the Xing social network on our website. Xing is an internet service provided by New Work SE, Dammtorstrasse 30, 20354 Hamburg, Germany, hereinafter referred to as ‘Xing’.
If the plugin is stored on one of the pages you visit on our website, your web browser will download an image of the plugin from the Xing servers in Germany. For technical reasons, it is necessary for Xing to process your IP address. The date and time of your visit to our website are, however, are also recorded.
If you are logged into Xing while visiting one of our web pages containing the plugin, the information collected by the plugin about your specific visit will be recognized by Xing. Xing will assign the information thus collected to your personal Xing user account where possible. Thus if, say, you press the ‘Share’ button on Xing, this information will be stored in your Xing user account and may be published on the Xing platform. If you wish to prevent this, you must either log out of Xing before visiting our website or make the appropriate settings in your Xing user account.
Further information about the collection and use of data, together with your associated rights and protection options, can be consulted in Xing’s data privacy statements available at www.xing.com/privacy.
10. Duration of storage
Your personal data will be stored for the duration of the relevant statutory retention period and then routinely deleted, unless your personal data is still required after this to achieve the purpose for which it was stored (e.g. to execute or initiate a contract).
After 5 years at the latest, we will check whether your data is still required and whether any statutory retention obligations are preventing its deletion.
11. Your rights as the data subject
Under to the GDPR, you as the data subject have the following rights (Article 15 ff GDPR):
a. Right of access:
Under Article 15 GDPR you have the right to request information at any time. In response you will receive information about the data held about you in the data collection plus other information concerning the processing of your data. To make such a request, simply send an e-mail to email@example.com
If you discover that your data is incorrect, under Article 16 GDPR you can request that the controller correct the data immediately.
To make such a request, simply send an e-mail to firstname.lastname@example.org
If the legal requirements are met, Article 17 GDPR allows you to request the deletion of your data.In this case, data that is linked to you will be irrevocably deleted. The erasure takes place provided that there is no statutory retention obligation for the data or that the data is necessary for the execution of the contract.
To make such a request, simply send an e-mail to email@example.com
d. Restriction of processing:
You may request the restriction of processing in accordance with Article 18 GDPR if the correctness of the personal data is disputed, if the processing is unlawful, if the controller no longer needs the data for the purposes or if an objection to the processing as per Article 21 Para. 1 DSGVO has been filed because it is uncertain whether there are legitimate reasons for the processing.
e. Data portability:
Under Article 20 GDPR, you have the right to receive the personal data concerning you that you have made available to the controller in a structured, standardized and machine-readable format. You may transmit this data to another controller without hindrance of the controller. This applies if the processing is based on consent or where the processing is carried out using automated procedures.
f. Right to object:
For reasons that arise from your particular situation, under Article 21 GDPR you can object to the processing of data about you by the controller at any time. If the legal requirements are met, the controller will no longer process your data.
Further restrictions, modifications, and if necessary, exclusions of the aforementioned rights can result from the GDPR or national legal provisions.
12. Our data protection officer
We use the most modern internet technologies to ensure the security of your data. During the online request process, your details are secured with SSL encryption. To ensure secure storage of your data, our systems are protected by firewalls that prevent unauthorized access from outside.
In addition, we use technical and organizational security measures to protect the personal data you have made available to us from accidental or willful manipulation, loss, destruction or access by unauthorized persons. Any of our contractual partners that have access to your data in order to provide you with services on our behalf are contractually obliged to maintain data protection and non-disclosure.
14. Right of modification
We reserve the right to modify this data privacy statement from time to time so that it always complies with current legal requirements or in order to implement changes to our services in the data privacy statement, e.g. when introducing new services. The new data privacy statement will then apply to your next visit.
15. Links to other websites
Our online offer contains links to websites from other providers. We have no influence as to whether their operators comply with data protection regulations.