BASF is delighted that you
have visited our website and thanks you for your interest in our company.
BASF takes data protection
seriously. This Privacy Statement describes:
·
the personal data BASF collects when you visit our website
·
the purposes for which BASF uses such data
·
the legal basis for the processing of personal data
·
the recipients of such personal data
·
the period for which such personal data will be stored
·
whether you are obliged to provide personal data
Furthermore, we would like to
inform you about:
·
the existence of your rights regarding the processing of your personal data
·
the Controller in the meaning of data protection laws and, where
applicable, our Data Protection Officer
1. What personal data does
BASF collect when you visit our website?
(1)
When you visit our website without contacting us or signing in, your
browser transmits the following information automatically to our server:
·
IP address of your computer
·
Information about your browser
·
Website that you were on right before you landed on our website
·
URL or file requested
·
Date and time of your visit
·
Volume of data transmitted
·
Status information, e.g. error messages
(2)
If you contact us by email or by contact form on our website, we receive
the following information:
·
Your email address and further information that you provide by email or
contact form
·
Date and time of your message
2. To what extent and for what
purposes does BASF process such data?
(1)
When you visit our website, we use your IP address and the other data that your
browser transmits automatically to our server (see Section 1 (1)) in order to:
a) send the
requested content to your browser. In doing so, we store the complete IP
address only to the extent necessary to serve the requested content to you.
b) send your IP
address to a service provider to map your public IP address with company and industry
related information (no personal information). This company- and industry
related information will be processed to our web measurement system. In this
process step your IP address is not stored at our service provider or in our system
at any time.
c) protect us
from attacks and to safeguard the proper operation of our website. In doing so,
we store said data transiently and with restricted access for a maximum period
of 180 days. Such period may be extended if and to the extent necessary to prosecute
attacks and incidents.
BASF will investigate the user
of an IP address only in case of an illegal attack.
(2)
We store the IP address of your computer after having removed the last
octet of the IP address, i.e. in anonymous form, for web audience measuring
that allows us to improve our website. We remove the last octet of the IP
address immediately after collection. That is why we do not collect personal
data about your use of our website.
(3)
If you contact us by email or by contact form on our website, we use the
data under Section 1 (2) to answer and, if possible, to meet your request. We
store such data to the extent necessary to answer and meet your request.
3. Are you required to provide
the data? Are you entitled to object to processing?
When you visit our website,
your browser transmits the information under Section 1 (1) automatically to our
server. You are free to transmit such data. Without providing such data we are
not able to serve you the requested content.
You are not obliged to let us
use your anonymized data for web audience measuring. You are also not obliged
to let us use your IP address for mapping with your company or industry
information.
Such objection has no
consequences. You can continue using our website.
If you want to contact us by
email or by contact form on our website, you are free to transmit the data
under Section 1 (2). We will mark mandatory fields, if any, of a contact form. Without
providing the required data you may prevent us from answering and meeting your
request properly.
4. What is the legal basis for
the processing?
The legal basis for the
processing under Section 2 is point (f) of Article 6 (1) General Data
Protection Regulation. The legitimate interests are determined by the purposes
described under Section 2.
5. To what recipients do we transmit
your data?
As part of a global organization
BASF is working together with affiliated companies and service providers on a global level.
As a consequence BASF may transfer the data mentioned in section 1 for the purposes determined
in Section 2 to Data Processors and affiliated companies located in countries outside the
European Union. Such Data Processors process personal data only on instructions from us and the processing
is carried out on behalf of us. This might include countries that do not provide an adequate level
of data protection. In these cases the transfer of personal data to such affiliated
companies or service providers is based on standard contractual clauses
(EU Commission 2010\87\EU) to ensure an adequate level of data protection
6. How do we protect your
personal data?
BASF implemented technical and
organizational measures to ensure an appropriate level of security to protect
your personal data against accidental or unlawful alteration, destruction, loss
or unauthorized disclosure. Such measures will be continuously enhanced in line
with technological developments.
7. Do we use
cookies on our website?
We will inform you about using
cookies in our cookie banner when you visit our website. You accept the use of
cookies by further using our website. We would like to inform you about the
cookies we use and how you may decline cookies.
(1)
The following cookies are important for the smooth operation and specific
services of our website:
Cookie
|
|
Purpose
|
End-of-life
|
SessionPersistence
(CLIENTCONTEXT and PROFILEDATA)
|
|
Allows us to save preferences that you set during your visit on our website.
|
Will be erased as soon as you clear your cache
(or one year after your visit)
|
|
SessionPersistence
(Cookie Layer)
|
|
This cookie stores your consent to the use of cookies.
|
Will be erased as soon as you clear your cache
(or one year after your visit)
|
|
SessionPersistence
(Cookie Disclaimer)
|
|
This cookie stores your acknowledgment of and consent to any disclaimers
on our website.
|
Will be erased as soon as you clear your cache
(or one year after your visit)
|
|
TS<pool_name>
|
|
This cookie enables us to distribute the load of requests of our users properly
to our servers. It facilitates the stability of our website.
|
Will be erased as soon as you close your browser
|
|
(2)
Cookies for web audience measuring:
Cookie
|
|
Purpose
|
|
End-of-life
|
EU_COOKIE_LAW_CONSENT
|
|
This
cookie stores your consent to the use of cookies.
|
|
30 days from set/update
|
ASP.NET_SessionId
|
|
This
Cookie is used to create a session ID for the user, so that the system itself
can identify the user as a unique and individual user, distinct from anyone
else looking at the website
|
|
End of browser session
|
AWSELB
|
|
This
cookie allows Amazon Web Services Elastic Load Balancing to distribute the
load of requests of our users properly to our servers. It facilitates the stability of our website.
|
|
End of browser session
|
.ASPXAUTH
|
|
This
cookie is used to determine if a user is authenticated.
|
|
End of browser session
|
You may use your browser
settings to decide which cookies to accept and to decline. Please be aware that
you may not be able to use all features of our website if you decline cookies
under Section 7 (1).
8. What
rights do you have?
You have certain rights under
the General Data Protection Regulation including the right to request a copy of
the personal information we hold about you, if you request it from us in
writing:
8.1. Right to access:
the right to obtain access to your information (if we’re processing it), and
certain other information (like that provided in this Privacy Policy);
8.2. Right to correct: if
your personal is inaccurate or incomplete you have the right to have your
personal information rectified;
8.3. Right to erasure:
this is also known as ‘the right to be forgotten’ and, in simple terms, enables
you to request the deletion or removal of your information where there’s no
compelling reason for us to keep using it. This is not a general right to
erasure; there are exceptions. For example, we have the right to continue using
your personal data if such use is necessary for compliance with our legal
obligations or for the establishment, exercise or defense of legal claims.
8.4. Right to restrict our
use of your information: the right to suspend the usage of your personal
information or limit the way in which we can use it. Please note that this
right is limited in certain situations: when we are processing your personal
information that we collected from you with your consent you can only request
restriction on the basis of: (a) inaccuracy of data; (b) where our processing
is unlawful and you don’t want your personal information erased; (c) you need
it for a legal claim; or (d) if we no longer need to use the data for the purposes
for which we hold it. When processing is restricted, we can still store your
information, but may not use it further. We keep lists of people who have asked
for restriction of the use of their personal information to make sure the
restriction is respected in future;
8.5. Right to data
portability: the right to request that we move, copy or transfer (where
technically feasible) your personal information in a structured, commonly used
and machine-readable format, for your own purposes across different services;
8.6. Right to object:
the right to object to our use of your personal information including where we
use it for our legitimate interests, direct marketing;
8.7. Right to be informed:
you have the right to be provided with clear, transparent and easily
understandable information about how we use your personal information; and
8.8. Right to withdraw
consent: if you have given your consent to anything we do with your
personal information, you have the right to withdraw your consent at any time
(although if you do so, it does not mean that anything we have done with your
personal information with your consent up to that point is unlawful).
The exercise of these rights
is free of charge for you, however you are required to prove your identity with
2 pieces of approved identification. We will use reasonable efforts consistent
with our legal duty to supply, correct or delete personal information about you
on our files.
To make inquiries or exercise
any of your rights set out in this Privacy Policy and/or make a complaint
please contact us by emailing or write to us and we will endeavor to respond
within 30 days. Contact details can be found in section 10 below.
When we receive formal written
complaints, we will contact the person who made the complaint to follow up. We
work with the appropriate regulatory authorities, including local data
protection authorities, to resolve any complaints that we cannot resolve
directly.
If you are not satisfied with
the way any complaint you make in relation to your personal information is
handled by us then you may refer your complaint to the relevant data protection
supervisory authority.
9. Where can
you lodge a complaint?
You have the right to lodge a
complaint with our Data Protection Officer or with the following competent
supervisory authority:
Der Landesbeauftragte für den
Datenschutz und die Informationsfreiheit Rheinland-Pfalz
Hintere Bleiche 34
55116 Mainz
10. Who is
Controller and Data Protection Officer?
You can find
the Controller in the meaning of data protection laws see first page of this
document.
Please use
the address of the Controller above or the following address to contact our
Data Protection Officer or Data Protection Coordinator
The Data
Protection Officer at BASF SE
Alexandra
Haug
EU Data
Protection Officer of BASF
67056
Ludwigshafen
+49 (0) 621
60-0
The Data
Protection Officer at BASF COATINGS GMBH:
Wolfgang Lange
BASF Coatings GmbH
E-FFE/BW
Glasuritstraße 1
48165
Münster
Germany
Phone: +49
(0) 2501-14-3460
Fax: +49 (0) 2501-14-713460
Contact the EU Data Protection Officer of BASF
11. Privacy of Children
This Website is intended to be
used by persons aged 18 and older. We do not seek to collect information about
persons under the age of 18.
No information should be
submitted to or posted on the Websites by persons younger than 18 years of age.
If such a person submits personal information via the Websites, we shall delete
that information as soon as we are made aware of their age and thereafter shall
not use it for any purpose whatsoever.