Privacy Statement

BASF takes data protection seriously. This Privacy Statement describes:

  • the personal data BASF collects when you visit our website
  • the purposes for which BASF uses such data
  • the legal basis for the processing of personal data
  • the recipients of such personal data
  • the period for which such personal data will be stored
  • whether you are obliged to provide personal data

Furthermore, we would like to inform you about:

  • the existence of your rights regarding the processing of your personal data
  • the Controller in the meaning of data protection laws and, where applicable, our Data Protection Officer

1. What personal data does BASF collect when you visit our website?

(1) When you visit our website without contacting us or signing in, your browser transmits the following information automatically to our server:

  • IP address of your computer
  • Information about your browser
  • Website that you were on right before you landed on our website
  • URL or file requested
  • Date and time of your visit
  • Volume of data transmitted
  • Status information, e.g. error messages

(2) If you contact us by email or by contact form on our website, we receive the following information:

  • Your email address and further information that you provide by email or contact form
  • Date and time of your message

2. To what extent and for what purposes does BASF process such data?

(1) When you visit our website, we use your IP address and the other data that your browser transmits automatically to our server (see Section 1 (1)) in order to:

a) send the requested content to your browser. In doing so, we store the complete IP address only to the extent necessary to serve the requested content to you.

b) send your IP address to a service provider to map your public IP address with company and industry related information (no personal information). This company- and industry related information will be processed to our web measurement system. In this process step your IP address is not stored at our service provider or in our system at any time.

c) protect us from attacks and to safeguard the proper operation of our website. In doing so, we store said data transiently and with restricted access for a maximum period of 180 days. Such period may be extended if and to the extent necessary to prosecute attacks and incidents.

BASF will investigate the user of an IP address only in case of an illegal attack.

(2) We store the IP address of your computer after having removed the last octet of the IP address, i.e. in anonymous form, for web audience measuring that allows us to improve our website. We remove the last octet of the IP address immediately after collection. That is why we do not collect personal data about your use of our website.

(3) If you contact us by email or by contact form on our website, we use the data under Section 1 (2) to answer and, if possible, to meet your request. We store such data to the extent necessary to answer and meet your request.

3. Are you required to provide the data? Are you entitled to object to processing?

When you visit our website, your browser transmits the information under Section 1 (1) automatically to our server. You are free to transmit such data. Without providing such data we are not able to serve you the requested content.

You are not obliged to let us use your anonymized data for web audience measuring. You are also not obliged to let us use your IP address for mapping with your company or industry information.

If you want to contact us by email or by contact form on our website, you are free to transmit the data under Section 1 (2). We will mark mandatory fields, if any, of a contact form. Without providing the required data you may prevent us from answering and meeting your request properly.

4. What is the legal basis for the processing?

The legal basis for the processing under Section 2 is point (f) of Article 6 (1) General Data Protection Regulation. The legitimate interests are determined by the purposes described under Section 2.

5. To what recipients do we transmit your data?

We transmit the data mentioned in Section 1 to Data Processors based in the European Union for the purposes determined in Section 2. Such Data Processors process personal data only on instructions from us and the processing is carried out on behalf of us. We do not intend to transfer your personal data to a third country.

6. How do we protect your personal data?

BASF implemented technical and organizational measures to ensure an appropriate level of security to protect your personal data against accidental or unlawful alteration, destruction, loss or unauthorized disclosure. Such measures will be continuously enhanced in line with technological developments.

7. Do we use cookies on our website?

We will inform you about using cookies in our cookie banner when you visit our website. You accept the use of cookies by further using our website. We would like to inform you about the cookies we use and how you may decline cookies.

(1) The following cookies are important for the smooth operation and specific services of our website:

Cookies, which are important for the smooth functioning of specific services of the website

Cookie name

 

Purpose

Lifespan

PHPSESSID

 

Identify the current browser session

Duration of the session: the cookie is deleted when the browser is closed.

Web analytics

In the context of this offer, we use the open-source software Matomo - a web analytics open-source software to help the website analyse how users use the site. We process the anonymize data for statistically evaluation and use these information solely to enhance the attractiveness, content and functionalities of our website.

You may use your browser settings to decide which cookies to accept and to decline.

8. What rights do you have?

You have certain rights under the General Data Protection Regulation including the right to request a copy of the personal information we hold about you, if you request it from us in writing:

8.1. Right to access: the right to obtain access to your information (if we’re processing it), and certain other information (like that provided in this Privacy Policy);

8.2. Right to correct: if your personal is inaccurate or incomplete you have the right to have your personal information rectified;

8.3. Right to erasure: this is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of your information where there’s no compelling reason for us to keep using it. This is not a general right to erasure; there are exceptions. For example, we have the right to continue using your personal data if such use is necessary for compliance with our legal obligations or for the establishment, exercise or defense of legal claims.

8.4. Right to restrict our use of your information: the right to suspend the usage of your personal information or limit the way in which we can use it. Please note that this right is limited in certain situations: when we are processing your personal information that we collected from you with your consent you can only request restriction on the basis of: (a) inaccuracy of data; (b) where our processing is unlawful and you don’t want your personal information erased; (c) you need it for a legal claim; or (d) if we no longer need to use the data for the purposes for which we hold it. When processing is restricted, we can still store your information, but may not use it further. We keep lists of people who have asked for restriction of the use of their personal information to make sure the restriction is respected in future;

8.5. Right to data portability: the right to request that we move, copy or transfer (where technically feasible) your personal information in a structured, commonly used and machine-readable format, for your own purposes across different services;

8.6. Right to object: the right to object to our use of your personal information including where we use it for our legitimate interests, direct marketing;

8.7. Right to be informed: you have the right to be provided with clear, transparent and easily understandable information about how we use your personal information; and

8.8. Right to withdraw consent: if you have given your consent to anything we do with your personal information, you have the right to withdraw your consent at any time (although if you do so, it does not mean that anything we have done with your personal information with your consent up to that point is unlawful).

The exercise of these rights is free of charge for you, however you are required to prove your identity with 2 pieces of approved identification. We will use reasonable efforts consistent with our legal duty to supply, correct or delete personal information about you on our files.

To make inquiries or exercise any of your rights set out in this Privacy Policy and/or make a complaint please contact us by emailing or write to us and we will endeavor to respond within 30 days. Contact details can be found in section 10 below.

When we receive formal written complaints, we will contact the person who made the complaint to follow up. We work with the appropriate regulatory authorities, including local data protection authorities, to resolve any complaints that we cannot resolve directly.

If you are not satisfied with the way any complaint you make in relation to your personal information is handled by us then you may refer your complaint to the relevant data protection supervisory authority.

9. Where can you lodge a complaint?

You have the right to lodge a complaint with our Data Protection Officer (for contact details see below) or with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement. Or you can contact our Lead Data Protection Authority:

Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit Rheinland-Pfalz

Hintere Bleiche 34

55116 Mainz

https://www.datenschutz.rlp.de/de/general-storage/footer/ueber-den-lfdi/kontakt/

E-Mail: poststelle@datenschutz.rlp.de

10. Who is Controller and Data Protection Officer?

You can find the Controller in the meaning of data protection laws here.

Our Data Protection Officer is:

Alexandra Haug
EU Data Protection Officer of BASF
67056 Ludwigshafen
+49 (0) 621 60-0

data-protection.eu@basf.com

11. Privacy of Children

This Website is intended to be used by persons aged 18 and older. We do not seek to collect information about persons under the age of 18.

No information should be submitted to or posted on the Websites by persons younger than 18 years of age. If such a person submits personal information via the Websites, we shall delete that information as soon as we are made aware of their age and thereafter shall not use it for any purpose whatsoever.