The following detailed privacy notice explains what data is collected on our websites and which data we process and use, and how.
You can print out this document by using your browser’s standard print function (usually “File” -> “Print”).
The operator of the website and controller with regard to data protection is:
2. General information on the processing of personal data
We process your personal data in compliance with the data protection laws of the Federal Republic of Germany and the European General Data Protection Regulation. Under no circumstances will we transfer your personal data to third parties outside the B. Braun Group for advertising or marketing purposes without your consent.
Within our company, compliance with legal requirements and this policy is monitored by our data protection officers. Our employees have been trained on how to handle personal data and have committed in writing to comply with data protection regulations.
It is generally possible to use our website without providing personal data. Insofar as personal data (e.g. name, address or e-mail addresses) is collected on our website, it is always collected on a voluntary basis where possible.
We would like to remind you that data transfer over the internet (e.g. when communicating by e-mail) can have security gaps. We try to protect your data against unauthorised access by third parties through precautions such as pseudonymisation, data minimisation, observance of deletion periods and by taking into account the current state of the art. However, despite these security measures, we cannot completely rule out unlawful processing by third parties.
3. Data processing for access from the internet
When you visit our websites, our web servers temporarily save each access in a log file. The following data is collected and processed until it is automatically deleted:
- Anonymised IP address of the requesting computer
- Date and time of access
- Time zone difference to Greenwich Mean Time (GMT)
- Access status/http status code
- Data volume transferred for each access
- Operating system and its interface
- Recognition data for the browser and operating system used
- Browser software language and version
- Name and URL of the data retrieved, content of the request
- Report on whether the retrieval was successful
- Website access was made from
- Name of your Internet access provider.
When using this website for purely informational purposes, TETEC AG only collects the personal data that is technically necessary for the display and use of the website (establishing a connection), system security, system stability, technical administration of the network infrastructure, and the optimisation of the website. The legal basis for this is TETEC AG’s legitimate interest (Art. 6(1)(1)(f) GDPR). You have the option of refusing this data processing. If you object to the use of the data, we would like to remind that you will only be able to use our services to a limited extent.
4. Purpose of processing
In accordance with the principle of data minimisation and data economy of the General Data Protection Regulation, we only process personal data on our website if it is necessary for your desired purpose, we are obliged to do so by legal regulations or a contract, if we have a legitimate interest, and/or if you voluntarily provide one to us. When entering personal or business data (e.g. email address, name, address) your data is disclosed on an expressly voluntary basis. We process your contact, business and business-relevant data on the basis of legal regulations within the context of the existing or upcoming business relationship. In addition, by entering your data, you agree to the data entered being processed for the legitimate purpose or for the purpose specified by you. The data you provide will only be processed by us for as long as is required for the purpose and will be deleted after fulfilment of the purpose or after the end of the corresponding retention periods. There will be no processing for another purpose. If you object to the processing of the data, we would like to remind that you will only be able to use our services to a limited extent. In order to provide you with a comprehensive service, your data will be transmitted and used within the framework of the B. Braun Group.
The following are ways in which we may use the data:
Based on legal requirements:
- Enforcement of our general terms and conditions
- Managing our business
- Protecting against or detection of possible fraudulent transactions
Based on contractual purposes:
- Processing payments for purchases and other services
- Processing your application documents
Based on our legitimate interest:
- Determining the effectiveness of our advertising
- Developing new products and services
- Analysing the use of our products, services and websites
- Knowing how you accessed our website
- Stability and security of website display
Your personal data will only be processed on the basis of statutory permission or your consent (Art. 6(1)(a) GDPR). Your consent to processing can be revoked at any time with future effect. Your consent to the processing of your personal data may be required in various cases:
- Shipping of samples, prizes, products and information
- Registration for competitions, programmes or offers at your request
- Delivery of other services we have offered you
- Surveys on our websites
- Development and delivery of advertising tailored to your interests
6. Duration of storage
Your data will only be stored by TETEC AG for as long as it is required for specific purposes. Therefore, your data will be deleted by TETEC AG when:
- the corresponding legal basis for processing your data no longer exists,
- the purpose for the processing of your data no longer exists,
- you withdraw your consent to the processing of your data,
- a legal obligation requires deletion, or
- you have objected to the processing of your personal data,
unless there are stipulated statutory retention periods. For example, the German Fiscal Code (Abgabenordnung) or the German Commercial Code (Handelsgesetzbuch) stipulate certain retention periods. Only after these periods may TETEC AG permanently delete your data. This does not apply to data whose deletion involves a disproportionate effort. In such a case, TETEC AG has a legitimate interest under Art. 6 (1)(f) GDPR in storing your data.
7. Automated decision-making
As a general principle, we do not use fully automated decision-making in accordance with Art. 22 GDPR to establish and conduct business relationships. Should we use these procedures in individual cases, we will inform you of this separately, insofar as this is required by law. We process some of your data automatically with the aim of evaluating certain personal aspects (profiling). For example, we use profiling for the targeted provision of products of interest to you.
8. Obligation to provide personal data
In the context of our business relationship, you must provide the personal data required for the initiation and conduct of the respective business relationship and the fulfilment of the associated contractual obligations or that we are legally obliged to collect. Without this data, we will generally not be able to enter into a business relationship with you or fulfil any resulting obligations.
TETEC AG’s online content may contain links to third-party websites whose content TETEC AG has no influence over. When clicking on a link, you leave TETEC AG’s sphere of control. The subsequent processing of your data is no longer within TETEC AG’s sphere of influence.
10. Protection of minors
As a rule, children and persons under the age of 18 years do not transfer personal data to us without the consent of their parents or legal guardians. We do not request any personal data from children and we state that we will not knowingly collect, use in any way or disclose to third parties any child's personal data.
11. Transfer of data over the internet
The internet is a global open platform. Due to the way the internet works and the system-related risks, all data transfers you initiate take place at your own risk. For your security, we only offer our services via encrypted transmission.
12. Data transfer to third countries (non-EU countries)
We only transfer your data to countries outside the European Economic Area (third countries) if:
- it is necessary for the execution of your orders,
- it is required by law, or
- you have given us your consent.
If we transfer your data to a third country or an international organisation, this is, in principle, carried out in accordance with the provisions of the GDPR. In addition, in accordance with the principle of data minimisation, we limit the amount of data transferred to the minimum amount required.
In some cases, we use service providers whose registered office, parent company or sub-service provider is located in a third country. Your data will only be transferred if the European Commission has decided that an adequate level of protection exists in a third country (Art. 45 GDPR), appropriate safeguards are provided (e.g. standard contractual clauses adopted by the European Commission), and enforceable rights and effective legal remedies are available to you as a data subject. We have contractually regulated compliance with the European General Data Protection Regulation and its requirements with the service provider.
A distinction must be made between two types of cookies:
- Transient cookies: Most of the cookies we use are “transient cookies”, in particular “session cookies”. They are deleted automatically after the end of your visit. Other cookies remain stored on your end device until you delete them. These cookies allow us to recognise your browser the next time you visit our website within the same session,
- Persistent cookies: Other cookies, known as “persistent cookies”, are only automatically deleted from your end device after a specified period (which varies depending on the type of cookie).
14. Security precautions
We have taken extensive precautions to ensure the security of your data. Your data that has been transferred to us, that you have entered, for example, in HTML pages (Contact forms), is transferred to TETEC AG in encrypted form (SSL – Secure Socket Layer) via the public data network and processed.
This site uses SSL encryption for security reasons and to protect the transfer of confidential content, such as the requests you send to us as the site operator. You can recognise an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and that there is a lock symbol in your browser bar.
If SSL encryption is activated, the data you transfer to us cannot be read by third parties.
15. Processing of your communication requests
If you send us enquiries via the Contact form, your information provided in the enquiry form, including the contact details entered, will be stored by us for the purpose of processing the enquiry and for any follow-up questions. We will not pass on this data without your consent. The data generated in this context will be deleted after storage is no longer necessary, or processing will be restricted if there are statutory retention obligations.
When you use this portal, data may be transferred from you to the USA to a contractually bound and carefully selected service provider. Current data protection in the USA cannot be compared with the German or European standards. Therefore, adequate data protection cannot be guaranteed permanently. Nevertheless, in order to ensure the security of your data as far as possible, our company takes the necessary security measures. Therefore, your data is transferred to the USA in line with the principles of purpose limitation and data minimisation, so that only the information provided by you that is absolutely necessary is stored.
16. Disclosure of data to third parties
Your personal data will not be disclosed to third parties unless you have given us your prior consent. This does not apply to disclosure to service partners, such as parcel delivery services or freight forwarders, insofar as the transfer is necessary for order processing or delivery of the goods.
The logistics service providers will receive the data required for delivery for their own independent use. We limit ourselves to the transfer of the data required for delivery.
In addition, other service providers are also involved in contract initiation and contract processing, such as IT service providers and the website hosting service provider. These companies work for TETEC AG as data processors and may only use the personal data in accordance with our instructions. TETEC AG has contractually bound these service providers to the German level of data protection and monitors this compliance.
Furthermore, no data is transferred to third parties without your consent. In all of these cases, the data will be transferred in accordance with the applicable national and European data protection regulations; the scope of the transferred data is limited to the minimum required.
To protect input forms on our site against spam and misuse, we use the “Friendly Captcha” service provided by Friendly Captcha GmbH (Germany). By using this service, we are able to determine whether an input is of human origin or is maliciously generated by automated machine processing.
The tool prevents automated and malicious requests from “bots”. As part of this process, your IP address is collected by Friendly Captcha in order to send a cryptographic task to your end device. This task is solved in the background and as soon as it has been solved, Friendly Captcha confirms to the server that it is dealing with a natural person.
- Friendly Captcha processes and stores the following data for this:
- IP address of the requesting computer (anonymised via one-way hashing)
- Information about the browser and operating system used
- Anonymised counters per IP address to control cryptographic tasks
- Website that the access originated from (referrer URL).
Further information on data processing can be found on the Friendly Captcha website: https://friendlycaptcha.com/legal/privacy-end-users/
19. (Social media) plugins
Third-party content may be used on TETEC AG's website (known as plugins). These can take the form of YouTube videos, RSS feeds or graphics from other websites or also social media buttons, such as the Facebook share button.
If you are on a TETEC AG website which has integrated third-party content, a connection may be established with the respective social network. This enables the content of the buttons to be transmitted to your browser for it to integrate the content into the website. This means that the respective provider always receives the information that you have accessed TETEC AG's website. It does not matter whether you are a member of a social network or not logged into one. Furthermore, information is automatically collected by the social network regardless of whether you actually interact with the integrated content. The following data may be transmitted: IP address, browser information and operating systems, screen resolution, installed browser plugins (e.g. Adobe Flash Player), origin of the visitors (if you followed a link) and the URL of the current page. If you are logged into a social network while using the TETEC AG website, the information about your visit to the website may be linked to your member data and stored. If you are a member of a social network and do not want this data transfer to take place, you must log out of the social network before visiting the TETEC AG website.
TETEC AG has no influence on the scope of the data collected by social networks. Please refer to the data protection regulations of the respective social network for information on the type, scope and purpose of data processing, information on the further processing of the data as well as your rights in this regard and setting options for protecting your privacy. You also have the option of blocking social media plugins through add-ons in your browser and thus preventing data transfer.
In order to show you interactive maps directly on the website and to make the comfortable use of the map function possible, we integrate Google Maps from the service provider Google LLC (USA) on our websites. In order to use these services, the IP address of the user is transferred to Google. The IP address is required for the display of this content, but is only used to deliver the content. Your location data will not be collected by Google without your consent (usually part of your device settings).
In the context of applications (for advertised positions or on our own initiative), we collect and process the following categories of personal data:
- Contact details (first and last name, e-mail, telephone number)
- Information from the application form (e.g. working hours, salary expectations and availability, if applicable)
- Application documents (e.g. CV, cover letter, professional development data, qualifications and language skills)
Your personal data will only be processed for the following purposes:
- Initiation and establishment of the employment relationship
- To contact you if you are eligible for an alternative position, provided that you have given us your consent to do so.
This processing takes place regardless of whether your application reaches us via the applicant portal (form on website) or (in the case of unsolicited applications) via the e-mail inbox firstname.lastname@example.org. The legal basis for the processing is Art. 88 GDPR in conjunction with Art. 6 (1) (b) GDPR. The provision of your personal data as part of the application process is voluntary. However, the provision of personal data is necessary for the processing of your application or the conclusion of an employment contract with us.
We use a provider of applicant management systems that processes personal data on our behalf on the basis of contracts pursuant to Art. 28 GDPR. There is no transfer of personal data to third parties.
We will store your personal data for a period of 6 months after the end of the respective selection process. This is necessary for the burden of proof in proceedings under the General Equal Treatment Act (AGG). If you have given us your consent, we will store your data beyond this period in order to be able to send you suitable job offers. You can revoke your consent at any time with effect for the future. All you need to do is send an e-mail to email@example.com.
21. Your rights as a data subject
You have the right to:
- Access, free of charge, the information about your stored personal data, its origin and recipients, and the purpose of the data processing as well as:
- Data processing
- Deletion of this data
- Receive your data in a structured, commonly used and machine-readable format (right to data portability),
- Withdraw your consent to the processing of your personal data
- Complain to the competent supervisory authority
Object to processing based on legitimate interest
You also have the right to object to the processing of your personal data at any time if this is necessary for TETEC AG’s legitimate interest (in accordance with Art. 6(1)(f) GDPR). As a consequence, the processing of your data will be stopped, unless TETEC AG can justify the continuation of the processing based on legal requirements or due to legitimate interests. This is the case, for example, if data is still required in order to be able to enforce legal claims.
Object to processing for direct marketing purposes
You can object to the processing of your personal data for the purposes of advertising and data analysis at any time (“Objection to advertising”). Please let us know of such an objection by emailing firstname.lastname@example.org.
22. Your contact persons for data protection issues
If you have any questions about the processing of your personal data, you can contact our Data Protection Officer and his team directly. They are also available for any for requests for information, other requests or complaints:
Data Protection Officer
If you wish to exercise your right to lodge a complaint with the competent supervisory authority, please contact:
Der Landesbeauftragte für Datenschutz und Informationsfreiheit Baden-Württemberg [The Baden-Württemberg State Commissioner for Data Protection and Freedom of Information]
23. Customer Journey/ Conversation Tracking / Google ads
Facebook conversion tracking
We use “Facebook pixel” from Meta Platforms Inc. (USA) on our website. This enables us to track the behaviour of users after they have seen or clicked on a Facebook advertisement. This process is used to evaluate the effectiveness of Facebook advertisements for statistical and market research purposes and can help to optimise advertising campaigns.
LinkedIn Insight conversion tracking
We use the LinkedIn Insight Conversion Tool from LinkedIn Inc. (USA), which enables us to obtain information about the use of our website and to present you with advertising content tailored to your interests on other websites. For these purposes, a cookie with a validity of 120 days is set in your browser. This enables LinkedIn to recognise you when you visit a website. LinkedIn uses this data to create anonymous advertising activity reports and information on how you interact with our website.
You can deactivate the LinkedIn Insight Conversion Tool and interest-based advertising by opting out at the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out
If you are a LinkedIn member, click on the “Opt Out on LinkedIn” button. Other visitors should click on “Opt Out”.
Further information on data protection at LinkedIn can be found here: https://www.linkedin.com/legal/privacy-policy#choices-oblig
Twitter conversion tracking
We use the universal website tag from Twitter Inc. (USA) which enables us to obtain information about how visitors use our website and to use this information to present personalised Twitter advertising content tailored to your interests. For this purpose, a cookie that enables Twitter to recognise you when you visit a website is set in your browser. It also allows us to identify users who have viewed our advertising on Twitter on their mobile device and later visit our website with a desktop computer. Twitter conversion tracking enables us to assign data such as link clicks, retweets or “like” information. The collected data is always in aggregated and anonymous form.
You can deactivate Twitter’s interest-based advertising via several opt-out functions, which are explained here: https://help.twitter.com/safety-and-security/privacy-controls-for-tailored-ads.
We have agreed to the terms and conversions of Twitter’s Conversion Tracking Program: https://legal.twitter.com/ads-terms/us.html#twitterconversiontrackingprogramt%26cs.
Further information on data protection on Twitter can be found at https://twitter.com/privacy.
Google Ads & conversion tracking
To draw attention to our products, we place Google Ads advertisements and use Google Conversion Tracking, a service provided by Google Inc. (USA), in this context. These advertisements are displayed when users enter search queries on websites in the Google advertising network. We have the option of combining our advertisements with certain search terms. Cookies enable us to place advertisements based on previous visits by users to our website.
Using this technology, Google and us are informed when users click on an advertisement and are redirected to our websites. The information obtained in this way is used exclusively for statistical analysis for display optimisation. We do not receive any information that can be used to personally identify visitors. The statistics provided to us by Google include the total number of users who have clicked on one of our advertisements and, if applicable, whether they were redirected to a page on our website tagged with a conversion tag. Using these statistics, we can track which search terms led to our advertisements being clicked on most often and which advertisements led to contact via the Contact form.
If you do not want to provide this information, you can prevent the storage of the cookies required for these technologies, e.g. via your browser settings. In this case, your visit will not be included in the use statistics.
You also have the option of selecting which types of Google advertisements are displayed or deactivating interest-based ads on Google via the ad setting. Alternatively, you can deactivate the use of third-party cookies by following the Network Advertising Initiative’s deactivation guide. See: http://www.networkadvertising.org/choices/ and http://www.youronlinechoices.com/
However, we and Google continue to receive statistical information on how many users visited this page and when. If you do not want to be included in these statistics either, you can prevent this using browser add-ons (e.g. with the Ghostery add-on).
The data collected by Funnelytics is IP address (recorded and only stored in anonymised form), device type (unique device identifiers), browser information and geographical location (country only).
As at: 30/11/2022