Privacy Policy

 

 

1.     Preamble

This privacy notice is addressed to all visitors and users of our websites and apps (“user” or “you”) of the Merck Group (“Merck”, “us”).

 This privacy policy describes how Merck will use the personal data of the users within the scope of the operation of our websites and/or apps (“services”). “Personal Data” in this document means all information that relates to a natural person and with which this person can be directly or indirectly identified.

 Should you have questions or queries regarding the processing of your personal data by Merck, please feel free to contact our Group Data Protection Officer via privacy@merckgroup.com or the other contact details provided below.

 

2.     General Information

This section informs you who is the controller of the processing of your personal data, how you may contact the controller and which rights you have as a data subject in this context.

 

2.1.    Controller

The data controller means the person who determines the purposes and means of the processing of your personal data. For the processing activities described of in this privacy notice, the controller is

Merck KGaA

Frankfurter Strasse 250

64293 Darmstadt, Germany

Phone: +49 6151 72-0

Telefax: +49 6151 72-2000

 

2.2.    Data Protection Officer

Merck has appointed a Data Protection Officer. You may reach him/her as follows:

GROUP DATA PRIVACY OFFICER

Merck KGaA

Frankfurter Strasse 250

64293 Darmstadt, Germany

Phone: +49 6151 72-0

privacy@merckgroup.com

 If you have any requests or questions, please feel free to contact our Deputy Information Officer:

 Deputy Information Officer

1 Friesland Drive

Longmeadow Business Estate

Modderfontein

1645

South Africa

Email:  elsa.moroney@merckgroup.com or popiacompliancesa@merckgroup.com.

You are also welcome to exercise your data protection rights by submitting your request directly in our Data Privacy Portal.

 

3.     The Processing Activities in Detail

This section explains the different data processing activities in which Merck processes your personal data for the operation of our services and the provision of information and functionalities.

 In general, you are neither contractually nor statutorily obliged to provide your personal data for the below purposes, however your decision to not provide your data may lead to negative consequences, such as reduced features and functionalities and/or, in rare cases, the impossibility to use our information and services offered in this context.

 

3.1.    Operation of our Services

We process your personal data for the purpose of the operation of our services. Whenever you access our services, you automatically transfer personal data to our servers for technical reasons.

 This processing activity may include the following data categories:

  • Your temporary IP address.
  • The time and date of your visit and visited subpages of our website.
  • Your referrer URL (i.e., the URL of the page from which you visit us).
  • The Merck website that you looked at.
  • The data volume accrued during your visit to our website.
  • Access status (file transferred, file not found, etc.); and
  • Name of the provider of your internet access.

The data processing is based on our legitimate business interests. We process these data for the purpose of presenting our services and to ensure its technical stability and security (e.g., to prevent hacker attacks).

 Your data is regularly deleted after a period of seven days, beginning from your use of our service.

 No automated decision-making or profiling takes place.

 

3.2.    Google Maps

Google Maps is available for you to search for clinics in a specific area.  The processing is based on your input in the searching functionality.  No data is captured.

 

3.3.    Cookies

Cookies improve the user experience on our services because they allow, e.g., the system to recognize returning visitors. The term “cookies” in this privacy notice refers to cookies and similar technologies. The term “computer” in this privacy notice refers to computers, smartphones and all other devices with internet access. Cookies are small, usually randomly coded text files that are sent to your computer and stored there. These cookies allow your browser to track certain information that may be retrieved and used by internet servers at a later stage. Merck uses cookies and similar technologies on its services for several reasons, for example:

  • Websites load faster.
  • Websites may be browsed faster.
  • Your settings, such as language and time zone, may be saved.
  • Security on websites is improved since your identity may be verified; and
  • Your log-in to secured websites is facilitated.

We included the following three categories of cookies on our services:

 Necessary Cookies

We use cookies in order to enable and facilitate the use of the website, for example to optimize the presentation or display of country-specific content (such as in your national language).  You can disable or block cookies in your browser software; however, this may result in restrictions regarding the usability of this website.   In addition to cookies, we also use other web technologies such as pixel tags, web beacons or clear GIFs (hereinafter also referred to as “cookies”) for these purposes.

This website uses Adobe Analytics, a web analytics service provided by Adobe Systems Software Ireland Limited (“Adobe”) to store “analytical cookies” on your device. This means that information about users and the use of our website is transmitted to Google and processed on our behalf for the purpose of compiling reports on website activity, measuring website visits and visitors and providing similar services for us. This includes the transmission of your IP address, but it will not be merged with other Google data. In addition, it is shortened (usually within the European Union) and saved by Google only in an abridged form. For storage in the United States, Google’s self-certification according to the Privacy Shield provides an appropriate level of data protection.

You can object to the processing of your data for statistical purposes by using the following link (“Use of Adobe Marketing Cloud by our business customers” section): http://www.adobe.com/de/privacy/opt-out.html.

 Management and Deletion of Cookies

Some computer browsers automatically accept all cookies. In this case, you may not see the Cookie Center which allows you to manage your cookies individually. However, you can change your browser settings to block all cookies. You may also be able to configure your browser settings so that only certain types of cookies are blocked or so that you are notified as soon as a new cookie is to be stored on your computer. In this case, you can accept or reject cookies individually. If this function is available to you, you will find more detailed explanations in the help function of your browser. There you will also find information on how to delete all or certain cookies for which you have given us your consent. For more information on managing and deleting cookies for popular browsers, please see the following links: Google Chrome, Mozilla Firefox, Microsoft Internet Explorer, Microsoft Edge, Apple Safari.

 

4.      Data Transfers

We transfer your personal data as follows.

 

4.1.    Merck Group

To our worldwide affiliates, to the extent that this is permissible within the framework of the purposes and legal bases stated under 3. In these cases, our group companies will use the personal data for the same purposes and under the same conditions as described in this privacy notice (e.g., answering your inquiry about a product that falls within the area of expertise of a foreign Merck affiliate). A list of our affiliated group companies and their contact details can be found here. If and to the extent we transfer your personal data in this context to a country outside the EU or the EEA and to which no adequacy decision of the European Commission exists, we safeguard an adequate level of data protection by entering into the EU standard contractual clauses with such affiliate. You may obtain these EU standard contractual clauses here.

 

4.2.    Service Provider

We may also engage service providers (data processors) within (e.g. shared service centers) or outside the Merck Group (e.g. hosting providers, support service providers) to process personal data in accordance with our instructions. In these cases, we retain control over and remain fully responsible for your personal data. We will take all reasonable safeguards required by applicable law to ensure the integrity and security of your personal data when engaging such service providers and will, should these service providers process your personal data in a country outside the EU or the EEA, safeguard an adequate level of data protection by entering into the EU standard contractual clauses with such service provider. You may obtain these EU standard contractual clauses here.

 

4.3.    Public Authorities

In certain cases, we are required by law to transfer data to a requesting public authority.

 Upon submission of a court order, we may be obliged by national Copyright Acts to provide owners of copyright and ancillary copyrights with information about customers who are alleged to have infringed copyright laws. In these cases, we may be obliged to transfer your personal data, in particular your user ID of an IP address allocated at the time requested and, if known, your name and address.

 In other respects, personal data will only be transferred to state institutions and public authorities within the framework of mandatory national legal provisions or if disclosure is necessary in the event of attacks on the network infrastructure for legal or criminal prosecution.

 

5.     Your Data Protection Rights

You have or might have the following data protection rights: 

  • Right of access: You have the right to obtain information on the processing of your personal data and to receive a copy these data. 
  • Right to rectification: You have the right to request that we correct or complete your inadequate, incomplete, or inaccurate personal data. 
  • Right to erasure: Under certain circumstances, you have the right to request that we delete your personal data.  
  • Right to restriction of processing: Under certain requirements, you may request us to restrict the processing of your personal data. 
  • Right to data portability: You might have the right to receive your personal data in a structured, common, and machine-readable format and request that these data are transferred to another data controller, if applicable under the specific circumstances. 
  • Right to object: You might have the right to object to the processing of your personal data by us, if the processing of your personal data is based on (i) the necessity of the performance of a task in the public interest, or (ii) legitimate interests. We will then stop the processing of your personal data unless we remain legally authorized to do so. 
  • Right to lodge a complaint with a supervisory authority: You might have the right to lodge a complaint with a supervisory authority against the processing of your personal data if you believe that the processing of your personal data violates data protection regulations. 

 

5.1.    Exercise your data protection rights. 

You may exercise your data protection rights by submitting a request in our Data Privacy Portal. We take our responsibility for the protection of your rights very seriously. Our privacy experts will examine your request and answer it as soon as possible.  

 

5.2.    Withdrawal of consent 

In case you granted us your consent to process your personal data, you may withdraw this consent with effect for the future, depending on the specifications of the respective processing activity. We will then stop the processing of your personal data, unless we have a legal permission to do so. Please note that your withdrawal has effect for future processing operations only and does not make data processing operations, which we executed before such withdrawal, unlawful.

 To withdraw your consent, you may send an email to service@merckgroup.com. If you withdraw your consent, you may no longer be able to use the services affected by the withdrawal. Apart from that, you will not suffer any further disadvantages. 

If you do not specify your withdrawal to a specific processing operation, we will assume that you withdraw your consent regarding all processing of your personal data that is based on your consent. 

 

This Data Privacy Statement is up-to-date and dates from November 2024. We reserve the right to amend the data privacy declaration at any time with effect for the future, in particular to adapt it to a further development of the website or the implementation of new technologies. 

 

ZA-NONF-00168 November 2024