Privacy Policy for the Profiles on Facebook and Instagram

1. General and scope

This privacy policy applies to the processing of personal data in the context of accessing and using the profiles of Sebapharma GmbH & Co. KG on Facebook and Instagram (hereinafter together referred to as “fan page”).

 

The fan page gives us the opportunity to present ourselves to users of Facebook and Instagram and to get in contact with you.

 

So-called Insights data (Facebook Insights or Page Insights) are collected when the fan page is accessed. These data are anonymised and enable us to view statistical evaluations of the fan page usage.

 

When collecting these Insights data, personal data are also processed. Facebook and we are jointly responsible for this processing in accordance with Art. 26 GDPR. The main content of the Agreement concluded between Facebook and us is explained below.

 

2. Controller

We and Facebook are jointly responsible for processing your personal data in the context of using the fan page.

 

You can contact us at:
Sebapharma GmbH & Co. KG
represented by the General Partner Sebapharma Verwaltungs GmbH
that in turn is represented by the Managing Directors Thomas Maurer und Dr. Rüdiger Mittendorff

 

Binger Str. 80
56154 Boppard, Germany
Phone: +49 (0) 6742 - 9000
Fax: +49 (0) 6742 - 9001 76
E-mail: info@sebamed.de

 

The contact details of Facebook are:

Facebook Ireland Limited
represented by the Board Gareth Lambe und Shane Crehan
4 Grand Canal Square
Dublin 2, Ireland

 

3. Data protection officer

We have appointed a data protection officer, who can be contacted at MORGENSTERN consecom GmbH, Grosse Himmelsgasse 1, 67346 Speyer, Germany, and by phone at +49 (0) 6232 - 100 119 44.

Moreover, Facebook has appointed a data protection officer, who can be contacted here.

 

4. Level of responsibility

Facebook assumes primary responsibility for the processing of Insights data on the fan page with regard to the fact that a legal basis for their processing exists.

 

5. Opportunity to object

If you want to object to the processing of your data on the fan page in whole or for individual measures, you can send a personal message via our fan page. You can even directly object to Facebook with regard to the processing of Insights data. Moreover, you can object to data processing on Facebook by contacting us. We will forward the objection to Facebook accordingly.

Please note that in the event of such an objection, access to the fan page will be restricted or not possible at all.

 

6. Details on data processing

6.1 Page Insights

When the fan page is accessed and used, statistics on access to the fan page are processed with the feature “Page Insights data”. There is no way for us to identify you personally or to assign you to your account. This feature is a mandatory part of the User Agreement with Facebook. This means that we cannot unilaterally decide whether or not to collect the Page Insights data.

 

Further information about “Page Insights data” and the use of cookies as well as the setting options can be found here.

 

Please note that via “Page Insights data”, personal data may also be collected from people who do not have a profile on Facebook or Instagram.

 

If your personal data are processed when you visit the Facebook fan page, the legal admissibility of this processing is based on Art. 6 para. 1 f) GDPR (legitimate interest). We would like to optimise the content of the fan page with the evaluation of the anonymised Insights data and thus attract more users. In order to market our services in the most effective way, many fan page views are required. The Page Insights data are helpful here.

 

The Insights data collected via the fan page are processed anonymously. This means that the personal data collected are changed in such a way that they can no longer be assigned to an identified or identifiable natural person or can only be assigned with a disproportionate large amount of time, costs and effort.

 

If you are registered with Facebook and Instagram, the provision of your personal data is prescribed contractually by Facebook. Otherwise, you will not be able to create an account. For non-registered users, the processing of Insights data is voluntary. However, objection to the processing or deactivation of certain settings means that you will not be able to access the fan page.

 

6.2 Communications via the fan page features

It is possible to contact us via direct messages, the like button or comments on the fan page. When you contact us, the name that is saved in your profile as your user name will be displayed.

 

The legal admissibility of this processing is based on Art. 6 para. 1 f) GDPR (legitimate interest). Communication with users is important for us to answer questions, respond to criticism, build a relationship and exchange information. This is the only way we can improve our services and respond to the needs of our customers. Communication via social media is an important element in reaching younger customers in particular. Comments are saved on the fan page for an unlimited period of time and can be viewed by other users. The same applies to the use of the like button.

 

Direct messages are also saved, but deleted at regular intervals. The rhythm is based on our internal deletion concept. Messages can be forwarded to our employees in different departments, especially if a competent answer is expected.

 

6.3 Contests and product tests

We regularly organise contests and product tests via the fan page. Participation generally requires the publication of a comment under the corresponding contest or contacting us using your own Facebook account. Various data are requested which are necessary for the execution of the contest or product test.

 

The legal admissibility of this processing is based on Art. 6 para. 1 f) GDPR (legitimate interest). We organise contests to promote our products and attract new customers. The provision of your data is required for participation. If you do not provide your data, you will not be able to participate in the contest or product test.

 

After completion of the contest or product test, the participants’ data will be deleted, including the communication made via Facebook and Instagram. The comments under the contest on the fan page will not be deleted.

 

7. Rights of the data subject

In the context of using the fan page, you have the right to assert all rights described in this section against Facebook as well as against us. Under the terms of the Agreement that has been concluded between us and Facebook, provided that Facebook is solely responsible for complying with your data subject rights, we will immediately forward your request to Facebook.

 

You have the following rights: You have the right of access (Art. 15 GDPR), rectification (Art. 16 GDPR), erasure (Art. 17 GDPR), restriction of processing (Art. 18 GDPR) and data portability (Art. 20 GDPR).

 

If your personal data are processed according to Art. 6 para. 1 f) GDPR, you have the right to object on grounds relating to your particular situation or if you object to direct marketing (Art. 21 GDPR). If you object to direct marketing, you will no longer receive any advertising messages from us.

 

Any consent given to the processing of your personal data can be withdrawn at any time with effect for the future. However, the lawfulness of processing remains unaffected until withdrawal.

 

You have the right to lodge a complaint with the competent supervisory authority at any time. You can obtain an overview of the competent supervisory authorities by following this link.

 

8. Recipients

The data collected when you access and use the fan page and the information you provide when contacting us will be transmitted to Facebook and stored there. In addition, your data can also be viewed by employees who are responsible for maintaining the fan page and who respond to your messages.

 

Your personal data collected via the Page Insights data are partly transferred to Facebook servers in the USA and stored there. This third country transfer is permitted due to the Adequacy Decision applicable to Facebook. Further information can be found here.

 

Status of this Privacy Policy: 30 June 2020