Customer Login

Login

Customer Login
Please fill in your customer ID and password to log in.
Did you forget your passwort?
You have not been a partner of Florapharm and had no customer number for login, yet?

Then please register under the following link:

Become a customer
Register for newsletter

 

Our privacy statement

We would like to thank you for your interest in our company. The protection of your data is of particularly high significance for us.

1. General information

The processing of your personal data is carried out in line with the EU General Data Protection Regulation and with the country-specific data protection provisions that are applicable for us. With our privacy statement, we would like to inform you among others about the collection and storage of personal data, about the type and the purpose of their use, the legal basis that is respectively decisive for this purpose as well as about the rights to which you are entitled.

This privacy statement can, for example, be supplemented or changed in future owing to statutory requirements. Therefore, please inform yourself regularly about the current status. The respective current privacy statement can be retrieved by you on our website at all times under https://www.florapharm.de/rechtliches/datenschutz.html and printed out.

2. Name and contact data of the party responsible for the processing

This privacy statement shall apply to the data processing by:

Responsible party:

FLORAPHARM® Pflanzliche Naturprodukte GmbH

Am steinernen Kreuz 7

D-96110 Schesslitz

Tel.: +49 (0) 9542 / 94 12 - 707

Fax: +49 (0) 9542 / 94 12 - 65

E-mail: info@florapharm.de

Website: https://www.florapharm.de

3. Name and contact data of our external data protection officer

Stephan Eschenbacher,

acting for business purposes under Eschenbacher IT-Consulting & Service
Eckenstraße 50
90480 Nuremberg
Tel.: +49 (0) 911/40 18 23
Fax: +49 (0) 911/40 18 25
mail: se@eschenbacher-it.de
Website: http://www.eschenbacher-it.de/home.html

4. Definitions

In our privacy statement, we use among others the following terms, which we would like to explain below:

  1. Personal data


Personal data is all information, which refers to an identified or identifiable natural person (hereinafter "relevant person"). A natural person will be seen as identifiable, who can be identified directly or indirectly, in particular by means of allocation to an identifier such as a name, a code number, to location data, to an online code or to one or several special features, which are an expression of the physical, physiological, genetic, mental, financial, cultural or social identity of this natural person.

  1. Relevant person

The relevant person is each identified or identifiable natural person, whose personal data is processed by the party responsible for the processing.

  1. Processing


Processing is each activity carried out with or without the help of automatic processes or each such series of activities in connection with personal data, such as the collection, the entry, the organisation, the classification, the storage, the adjustment or change, the reading out, the query, the use, the disclosure by transmission, distribution or another form of provision, the comparison or the linking, the limitation, the deletion or the destruction.

  1. Limitation to the processing


Limitation to the processing is the marking of stored personal data with the aim to limit their future processing.

  1. Profiling


Profiling is each type of automatic processing of personal data, which consists of the fact that this personal data is used in order to assess certain personal aspects, which refer to a natural person, in particular in order to analyse or foresee aspects with regard to work performance, financial position, health, personal preferences, interests, reliability, conduct, place of abode or change in location of this natural person.

  1. Pseudonymisation


Pseudonymisation is the processing of personal data in a manner in which the personal data can no longer be allocated to a specific relevant person without involving additional information, insofar as this additional information is stored separately and is subject to technical and organisational measures, which guarantee that the personal data is not allocated to an identified or identifiable natural person.

  1. Responsible party or party responsible for the processing


Responsible party or party responsible for the processing is the natural person or legal entity, authority, institution or other body, which solely or jointly with others decides about the purposes and means of the processing of personal data. If the purposes and means of this processing are stipulated by Union law or the law of the member state, the responsible party or the certain criteria of his naming can be envisaged according to Union law or the law of the member states.

  1. Contract processor


The contract processor is a natural person or legal entity, authority, institution or other body, which processes personal data by order of the responsible party.

  1. Recipient


A recipient is a natural person or legal entity, authority, institution or other body, to which personal data is disclosed, irrespective whether said recipient is a third party or not. Authorities, which possibly receive personal data within the scope of a certain investigation order according to Union law or the law of the member states, are, however, not deemed recipients.

  1. Third party


A third party is a natural person or legal entity, authority, institution or other body except the relevant person, the responsible party, the contract processor and the persons, who under the direct responsibility of the responsible party or the contract processor are authorised to process the personal data.

  1. Consent


A consent is each announcement of intent voluntarily submitted by the relevant person for the certain case in an informed manner and unmistakeably in the form of a declaration or any other clear confirming act, with which the relevant person gives to understand that he agrees with the processing of the personal data relating to them.

  1. Breach of the protection of personal data

Breach of the protection of personal data is a breach of the security, which leads to the destruction, the loss or the change, whether unintentionally or unlawfully or for the unauthorised disclosure of respectively for the unauthorised access to personal data, which were transmitted, stored or were processed in any other manner.

5. Collection and storage of personal data as well as the type and purpose of their use

a) when visiting our website

When viewing our website https://www.florapharm.de, information will be automatically sent to the server of our website by the browser used on your terminal device. This information is temporarily stored in a so-called logfile. The following information is entered hereby without any action on your part and is stored until the automatic deletion after you leave our website:

  • IP address of the requesting computer

  • Date and time of the access

  • Name and URL of the called file

  • Website from which the access is carried out (Referrer-URL)

  • Used browser and, if applicable, the operating system of your computer as well as the name of your access provider

The stated data is processed by us for the following purposes:

  • Guarantee of the establishment of a smooth connection of the website

  • Guarantee of an easy use of our website

  • Evaluation of the system security and stability as well

  • for further administrative purposes

The legal basis for the data processing is Art. 6 Para. 1 S. 1 lit. f GDPR. Our legitimate interest is derived for the purposes listed above for the data collection. In no way do we use the collected data for the purpose of drawing conclusions about your person.

b) when you contact us by e-mail or via our contact form

We collect personal data when you communicate this to us voluntarily when contacting us by e-mail at info@florapharm.de or via a contact form. Which data is collected, can be seen from the input form. We use the data communicated by you for processing your enquiries and for the contract processing. After the full processing of your enquiry or after the full processing of the contract or after deletion of your user account, your data will be blocked for further use and deleted after expiry of the storage deadlines under tax and commercial law, insofar as you have not explicitly consented to a further use of your data or we reserve the right to a data use beyond this, which is permitted by law and regarding which we inform you below.

The data processing for the purpose of contacting us or in case of concerns of a user account with us is carried out according to Art. 6 Para.

The data processing is carried out according to Art. 6 Para. 1 S. 1 lit. a GDPR based on your voluntarily granted consent or according to Art. 6 Para. 1 S. 1 lit. b DSG for the fulfilment of the contract.

You can object to the storage and use of your data for these purposes at all times by a message to the contact possibilities stated above under Sub-clause 1.

c) Information relating to electronic post (e-mail)

The data transfer in the internet (e.g. with the communication by e-mail) can feature security gaps. Information, which you send to us non-encrypted by electronic post (e-mail) to us, can be read, stored and be used for other purposes than those intended by third parties while en route. Therefore, please do not send any confidential information without using an encryption programme.

d) Password-protected dealer zone
We have set up a password-protected login-area for our dealers. Personal data; according to the aforementioned paragraph; will in this context also be used in order to enable the login in the personal login area. The login area offers the direct access to stored personal data and their management by the dealer. Access data for the login area must be treated confidentially and may not be forwarded to third parties.

The data processing is carried out according to Art. 6 Para. 1 S. 1 lit. a GDPR based on your voluntarily granted consent or according to Art. 6 Para. 1 S. 1 lit. b DSG for the fulfilment of the contract.

e) Other forwarding of data

A transmission of your personal data to third parties for other purposes than those purposes listed below will not take place.

We will only forward your personal data to third parties, if:

  • You have granted your explicit consent hereto according to Art. 6 Para. 1 S. 1 lit. a GDPR,

  • the forwarding according to Art. 6 Para. 1 S. 1 lit. f GDPR for the assertion, exercising or defence of legal claims is necessary and there is no reason to assume that you have an overriding interest that is worthy of protection in not forwarding your data,

  • for the event that a statutory obligation exists for the forwarding according to Art. 6 Para. 1 S. 1 lit. c GDPR, as well as

  • this is permitted by law and according to Art. 6 Para. 1 S. 1 lit. b GDPR is necessary for the processing of contractual relationships with you.


6. Cookies


Like many other websites, we also use "cookies", small text files, which make it possible to store specific information relating to the device on the access device of the user (PC, tablet, smartphone). They serve, on the one hand, to make our website more user-friendly and thus serve the user, on the other hand, however for the statistical entry of the data of the website use and, therefore, the improvement of our offer. Several of the cookies used by us will be deleted again after the end of the browser session, thus after closing your browser, so-called session cookies. Other cookies will remain on your terminal device and enable us to recognise your browser with the next visit, persistent cookies.

As a user, you can influence the use of cookies. The majority of browsers have an option, with which the storage of cookies can be reduced or prevented completely. However, we would like to point out that the use and the comfort of use on our website can be restricted by excluding cookies.

Detailed information regarding cookies

You will find detailed information regarding cookies, e.g. how you can determine, which cookies were set and how you can deal with this and can delete these on the following site: http://www.allaboutcookies.org/ge/

You can find further information on deleting cookies in standard browsers here:

The legal basis for the data processing, i.e. for the use of so-called cookies, is Art. 6 Para. 1 S. 1 lit. f GDPR. Our legitimate interest is derived from our interest in the user-friendliness of our website and in the improvement of our offer.

7. Use of Matomo (formerly Piwik)

Our website uses Matomo, an Open-Source-Software for the statistical evaluation of the user accesses. Matomo uses cookies, which are stored on your access device and enable an analysis of the use of the website by the user.

The information generated by the cookie regarding the use of our offer is stored on the server of the provider in Germany. The IP address will be anonymised immediately after the processing.

Matomo supports the "Do Not Track" process of current web browsers. If you generally want to prevent the analysis of your web behaviour, we recommend you to activate this option in your browser.

You can obtain information regarding the data protection of Matomo under: https://matomo.org/privacy-policy/.

The legal basis for the use of Matomo is Art. 6 Para.1 S. 1 lit. f GDPR. We have a legitimate interest in the statistical evaluation of the user accesses for the optimisation of our web presence.

 

8. Links to web presences of third parties

Our websites contain links to web presences of third parties. The compliance with the data protection on these third party websites is beyond our scope of influence and responsibility. Please inform yourself, if applicable, on the linked websites about the data protection information provided there.

9. Link to Facebook

Our website is connected with our Facebook presence via an external link. This does not concern a plugin of Facebook. Therefore, none of your personal data are transmitted from our site to Facebook.

You can find information relating to data protection of Facebook under:

https://de-de.facebook.com/about/privacyshield

10. Link to Instagram

Our website is connected with our Instagram presence via an external link. This does not concern a plugin of Instagram. Therefore, none of your personal data are transmitted from our site to Instagram.

You can find information relating to data protection of Instagram under: https://help.instagram.com/155833707900388

11. Newsletter

On our website there is the possibility to subscribe to a free newsletter. With the registration to the newsletter the data from the input mask will be transmitted to us in this case. In particular the following data are collected with the registration:

● Your e-mail address

● IP address of the calling computer

● Date and time of the registration

For the processing of the data within the scope of the registration process, your consent will be obtained and reference made to this privacy statement.

In connection with the data processing for the sending of newsletters, no data will be forwarded to third parties. The data is exclusively used for sending the newsletter.

The collection of your e-mail address serves to serve the newsletter. The collection of other personal data within the scope of the registration process serves to prevent a misuse of the services or the used e-mail address.

The data will be deleted as soon as it is no longer required for the achievement of the purpose for which it was collected. The e-mail address of the user is accordingly stored as long as the subscription of the newsletters is active.

The legal basis for the processing of the data after the registration for the newsletter by you is your consent, Art. 6 Para. 1 lit. a GDPR.

The subscription to the newsletter can be terminated by the relevant user at all times. A corresponding link can be found in each newsletter for this purpose.

Newsletter - Delivery service provider CleverReach GmbH & Co. KG

Delivery of the newsletter is carried out by the delivery service provider CleverReach GmbH & Co. KG, Mühlenstr.


43, 26180 Rastede, Deutschland.

You can see the privacy policy of the delivery service provider here: https://www.cleverreach.com/de/datenschutz/ The delivery service provider has been employed in our justified interests in accordance with Art. 6 Para. 1 lit. f. GDPR and an order processing contract in accordance with Art. 28 para. 3. Clause 1 GDPR.
The delivery service provider can use the recipient's data in pseudonymous form i.e. without assignation to a user for technical optimisation of delivery and the display of the newsletter or for statistical purposes as examples. The delivery service provider does not however use our newsletter recipient's data to write to them themselves or to forward it to third parties.
You can see the privacy policy of the provider on the following link: https://www.cleverreach.com/de/datenschutz/

The legal basis for sending our newsletter through the delivery service provider CleverReach GmbH & Co. KG is your consent, Art. 6 Para. 1 lit. a GDPR.

12. Applications and application process

We collect and process the personal data of applicants for the purposes of conducting the application process. Data processing may also occur through electronic channels. This is particularly the case if a candidate sends us their relevant application documents through electronic channels e.g. by email or through the online form located on our website.

If we conclude an employment contract with a candidate, the data transferred will be saved for the purposes of executing the employment relationship in accordance with legal provisions.

If we do not conclude an employment contract with a candidate, the application documents will be automatically deleted 6 months after notification of the negative decision, insofar as deletion does not contradict any other justified interests for the data controller within the bounds of Art. 6Para. 1S 1 lit f. GDPR. Other justified interests in this sense could be for example a reporting obligation in a lawsuit according to the General Act on Equal Treatment (AGG).

The legal basis for the processing of your data in the application process is your consent, Art. 6 Para. 1 lit. a GDPR. The legal basis for the use of your data for the purposes of executing the employment contract is Art. 6 Para. 1 lit b GDPR.

13. Rights of data subjects

You have the right:

  • pursuant to Art. 15 GDPR, to request information about your personal data processed by us. In particular you can request information about the processing purposes, the category of the personal data, the categories of recipients, towards whom your data were or will be disclosed, the planned storage duration, the existence of a right to rectification, deletion, limitation to the processing or objection, the existence of a right to lodge a complaint, the origin of the data, insofar as these were not collected in our company, as well as regarding the existence of an automatic decision-making including profiling and, if applicable, feasible information relating to their details;

  • pursuant to Art. 16 GDPR, to request without delay the rectification of incorrect or completion of your personal data stored in our company;

  • pursuant to Art. 17 GDPR, to request the deletion of your personal data stored in our company, insofar as the processing is not necessary to exercise the right to free expression of an opinion and information, to fulfil a legal obligation, for reasons of the public interest or in order to assert, exercise or defend legal claims;

  • pursuant to Art. 18 GDPR, to request the limitation to the processing of your personal data, insofar as the accuracy of the data is disputed by you, the processing is unlawful, However, you refuse their deletion and we no longer require the data, However, you require these in order to assert, exercise or defend legal claims or you have filed an objection against the processing pursuant to Art. 21 GDPR;

  • pursuant to Art. 20 GDPR, to request to receive your personal data, which you have provided to us, in a structured, common and machine-readable format or the transmission to another responsible party;

  • pursuant to Art. 7 Para. 3 GDPR, to revoke your once granted consent at all times towards us.

  • pursuant to Art. 77 GDPR, to complain irrespective of a legal remedy otherwise under administrative law or in court at a supervisory authority, in particular in the member state of your customary place of abode, your workplace or the location of the presumed breach. A list of the supervisory authorities with the respective contact data can be seen from the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

14. Right of objection

If your personal data is processed owing to legitimate interests pursuant to Art. 6 Para. 1 S. 1 lit. f GDPR, you are entitled pursuant to Art. 21 GDPR to file an objection against the processing of your personal data, insofar as reasons exist for this, which arise from your special situation or the objection is directed against direct advertising. In the latter case, you have a general right of objection that will be implemented by us without stating a special situation.

Would you like to exercise your right of revocation and /or objection, an e-mail to info@florapharm.de is sufficient.

15. Data security

Our website uses, for reasons of security, an SSL (Secure Socket Layer) encryption. Whether an individual site of our internet presence is transmitted encrypted, you can recognise by the fact that the address line of the browser changes from "http://" to "https://" and on the closed presentation of the key or lock symbol in the status bar of your browser.

We further use suitable technical and organisational security measures in order to protect your data against accidental or wilful manipulation, partial or full loss, destruction or against the unauthorised access of third parties. Our security measures are continuously improved in line with the technological development.