Data Privacy Declaration

The issue of data protection and confidentiality is a topic we take very seriously and we follow the applicable national and European data protection regulations.


General information

We take data protection and privacy issues very seriously and comply with the applicable national and European data protection regulations. Therefore, we would like to inform you with this declaration about data protection measures and which data we may store and how we use this data.

What kind of data is collected and how is it used?

What kind of data is collected and how is it used?

Data collection by this website

Whenever a user accesses the website, the user's internet browser automatically transfers the following data to our web server for technical reasons:

  • IP address of the requesting computer
  • date and time of access
  • name and URL of the retrieved file
  • transferred data volume
  • access status (file transferred, file not found etc.)
  • identification data of the browser and operating system used
  • name of the provider of user's internet access
  • website from which access is made

This data is collected, processed and used for enabling the use of the website (connection setup), system security and technical administration of the network infrastructure. A comparison with other databases or a transfer to third parties, also in excerpts, does only take place after an anonymization of the IP address of the accessing computer. The legal basis for processing is Art. 6 para. 1 b GDPR.

The data collected as part of the voluntary entries under "Contacts & Service" will be used and processed exclusively for processing the enquiry and to carry out the services you may have requested.

Use of Google Analytics

This website uses Google Analytics, a web analytics service provided by Google Inc. ("Google"). Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. However, if you activate the IP anonymization on this website, your IP address will be shortened previously by Google within Member States of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases the full IP address is transferred to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide the website operator with further services related to website and internet use. The IP address transmitted by your browser within the scope of Google Analytics will not be aggregated with other Google data. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=en. You can prevent Google Analytics from collecting data by clicking on the following link. An opt-out cookie is set that prevents future collection of your data when you visit this website: https://tools.google.com/dlpage/gaoptout/eula.html?hl=en

For more information on terms of use and privacy, please visit http://www.google.com/analytics/terms/en.html or https://www.google.com/intl/en/privacy.html. Please note that on the website Google Analytics has been extended by the code "anonymizeIP" in order to guarantee an anonymous registration of IP addresses (so-called IP masking).

The legal basis for processing is Art. 6 para. 1 f GDPR, whereby our authorization arises from the fact that, on the one hand, Merck KGaA, Darmstadt, Germany, has an interest in evaluating the website data for purposes of website optimization and, on the other hand, a concerned person can reasonably foresee at the time when the personal data is collected and in view of the circumstances under which it is carried out (in particular the above-mentioned measures) that it will possibly be processed for this purpose.

Social media plugins

Social media plugins

We use social media plugins from various social networks (e. g. Facebook).  With the help of these plugins you can share content or recommend products. The plugins are deactivated by default and therefore do not send data to other websites. By clicking on the button “Share" and the confirmation by a second click on “OK” you can activate plugins (so-called 2-click solution).

If these plugins are activated, your browser establishes a direct connection with the servers of the respective social media network as soon as you access the operator's website. The content of the respective plugin is transmitted directly from the social media network to your browser and embedded into the website.

By embedding the plugins, the social media network receives the information that you have visited the respective page of the operator. If you are logged in to the social media network, it can allocate the visit to your account. When you interact with the plugins, the corresponding information is transferred directly from your browser to the social media network and stored there.

For the purpose and scope of data collection and the further processing and use of the data by social media networks, as well as your rights and options for the protection of your privacy, please refer to the data protection notices of the respective networks.

If you do not want social media networks to collect information about you through the operator's website, you must log out or disable the social media plugins before you visit our website.

Even if you are not logged in to social media networks, websites with active social media plugins can still send data to these networks. With an active plugin, a cookie with an identifier is placed each time the website is accessed. Since your browser sends this cookie every time you connect to a network server without being asked, the network could basically use it to create a profile of the websites visited by the user associated with the ID. And it would then also be possible to assign this identifier to a person again later - for example when logging on later to the social network.

Further information can be found in the data privacy statements of the social media platforms following these links: FacebookTwitterLinkedInGoogle+ and YouTube, Instagram and Xing. In case you disagree with the data collection by these platforms you can deactivate the plugins in your browser. To avoid the connection with your existing user profile on these platforms you have to logout from the following platforms prior to your visit of our websites:

The operator uses the following plugins:

Is other personal data collected and processed?

Is other personal data collected and processed?

We collect and process your personal data only if you request certain  services and we need your data for this purpose or if you have voluntarily given us your express consent. The legal basis for processing is Art. 6 Para. 1 b GDPR and Art. 6 Para. 1 a GDPR.

You can do this, for example, by completing a registration form or sending us an email, ordering products or services, submitting inquiries to us, requesting materials or registering. Unless otherwise required by law, we will only use your personal data for the purposes for which you have given your consent.

The data collected within the scope of our whistleblower system ("SpeakUp-Line") are processed exclusively for the processing and follow-up of the reports received. The legal basis for the processing is Art. 6 para. 1 f DSGVO.

For special services such as newsletters, sweepstakes, etc. the respective special data protection provisions apply.

Will my data be transferred to third parties, e. g. authorities?

Will my data be transferred to third parties, e. g. authorities?

At Merck KGaA, Darmstadt, Germany, those bodies within our company receive your data that are required to fulfill our contractual and legal obligations. Somedata must be disclosed under strict contractual and legal requirements:

  • Due to legal obligation:
    In certain cases, we are required by law to transfer data to a requesting public authority.
    Upon submission of a court order, we are obliged pursuant to § 101 of the German Copyright Act to provide owners of copyright and ancillary copyrights with information about customers who are alleged to have offered copyright-protected works on internet file-sharing sites. In these cases, our information contains the user ID of an IP address allocated at the time requested and, if known, the name and address of the customer.
    In other respects, personal data will only be transferred to state institutions and public authorities within the framework of mandatory national legal provisions or if disclosure is necessary in the event of attacks on the network infrastructure for legal or criminal prosecution. The legal basis for processing is Art. 6 Para. 1 c GDPR or § 24 Para. 2 No. 1 German Federal Data Protection Act.

  • To external service providers for data processing:
    When service providers get access to our customers' personal data, this usually takes place in the course of so-called order processing of personal data. This is expressly provided for by law. In this case, Merck KGaA, Darmstadt, Germany, remains responsible for the protection of your data – in addition, the processor may also be responsible. The service provider works strictly in accordance with our instructions, which we ensure by means of strict contractual regulations, technical and organizational measures and supplementary controls.
    Merck KGaA, Darmstadt, Germany, works with service suppliers as processors. These are Group companies and service providers for IT services (e. g. for technical-administrative tasks and for usage analysis), telecommunications, consulting and advisory services as well as sales and marketing.
    The data protection regulations for instruction-bound order processing of personal data are complied with.

  • To Group companies:
    Merck KGaA, Darmstadt, Germany, may transfer your personal data to Group companies to carry out a business relationship with you or for the purposes of legitimate interests.
    If data are transferred abroad, they are based within the EU or the EEA or in a country which, according to the decision of the EU Commission, has an appropriate level of data protection. In the case of data transfers to Group companies domiciled in other countries, Merck KGaA, Darmstadt, Germany,ensures by way of guarantees that the data-importing Group company has been obligated to an appropriate level of data protection.

Beyond this, we do not transfer data to third parties unless you have given your express consent, the transfer is obviously necessary for the provision of an offer or service requested by you or this is provided for by law. We also do not intend to transfer your data beyond this to a third country or international organization.

How long will my data be stored?

How long will my data be stored?

We store data as long as it is legally necessary or necessary for the provision of the service requested by you, or as long as it has been agreed upon in a declaration of consent.

Do I have a right to information and rectification of my stored data?

Do I have a right to information and rectification of my stored data?

What other rights do I have regarding my stored data?
You may at any time and free of charge request information about the scope, origin and recipients of the stored data as well as the purpose of the storage; in addition, you have the right to rectification, erasure or restriction of the processing of your data in accordance with data protection regulations, a right to object to the processing as well as a right to data portability. Please note that there is a right of appeal to a supervisory authority.

Can I withdraw my consent to the use of my data?

Can I withdraw my consent to the use of my data?

You have the right to withdraw your consent to the use of your data at any time. Just send an email or send a letter to the following address:

Merck KGaA | Frankfurter Str. 250 | 64293 Darmstadt | Germany

The data processing performed based on your consent is legal until the time of withdrawal.

Who is my contact person if I have questions about data protection?

Who is my contact person if I have questions about data protection?

If you have any questions or comments, please feel free to contact the Group Data Protection Officer of Merck KGaA, Darmstadt, Germany, at any time:

Merck KGaA, Darmstadt, Germany
Group Data Protection Officer

Frankfurter Strasse 250
64293 Darmstadt
Email

How long is this data privacy declaration valid?

How long is this data privacy declaration valid?

This data privacy declaration is up-to-date and dates from May 25, 2018. We reserve the right to amend the data privacy declaration at any time with effect for the future, in particular to adapt it to a further development of the website or the implementation of new technologies.

Which cookies are used?

We use cookies on our website. If you do not want to take advantage of our cookies, you can find out in the help function of your browser how to set your browser to prevent it from accepting new cookies or deleting existing cookies. There you will also learn how to block your browser for all new cookies or which settings you should make to receive a notification of new cookies.

The legal basis for processing is Art. 6 para. 1 f GDPR, whereby our authorization arises from the fact that, on the one hand, Merck KGaA, Darmstadt, Germany, has an interest in evaluating the website data for purposes of website optimization and, on the other hand, a concerned person can reasonably foresee at the time when the personal data is collected and in view of the circumstances under which it is carried out (in particular the above-mentioned measures) that it will possibly be processed for this purpose.

Please see the following table for cookies that we currently use on our website:

Cookie List (03/2019)

Name of Cookie 1st or 3rd party Cookie? If 3rd party: Who is setting it? Purpose of the Cookie? What data holds the Cookie? Is it a session or persistent Cookie? If persistent, how long is its lifespan?
___utmvc 3rd party - mwfs.merckgroup.com     persistent 23 seconds
__sharethis_cookie_test__ 1st party     session  
__stid 3rd party - .sharethis.com Used to monitor “click-stream” activity, e.g. web pages viewed, navigation from page to page, time spent on each page etc.   persistent 1 year
__unam 1st party Used to monitor “click-stream” activity, e.g. web pages viewed, navigation from page to page, time spent on each page etc.   persistent 9 months
_fbp 3rd party - .facebook.com Used by Facebook to deliver a series of advertisement products on Facebook.   persistent 3 months
_ga 3rd party - google-analytics.com Used to distinguish users. different values persistent 2 years
_gat 3rd party - google-analytics.com Used to throttle request rate. different values persistent 10 minutes
_gid 3rd party - google-analytics.com Used to throttle request rate against Google Analytics. Stores the number of requests against Google Analytics. persistent 1 minute
_pk_id... 1st party     persistent 1 year
_pk_ses... 1st party     persistent 30 minutes
_utma 3rd party - google-analytics.com Used to distinguish users and sessions. The cookie is created when the javascript library executes and no existing __utma cookies exists. The cookie is updated every time data is sent to Google Analytics. different values persistent 2 years from set/update
_utmb 3rd party - google-analytics.com Used to determine new sessions/visits. The cookie is created when the javascript library executes and no existing __utmb cookies exists. The cookie is updated every time data is sent to Google Analytics. different values persistent 30 mins from set/update
_utmt 3rd party - google-analytics.com Used to throttle request rate. different values persistent 10 minutes
_utmv 3rd party - google-analytics.com Used to store visitor-level custom variable data. This cookie is created when a developer uses the _setCustomVar method with a visitor level custom variable. This cookie was also used for the deprecated _setVarmethod. The cookie is updated every time data is sent to Google Analytics. different values persistent 2 years from set/update
_utmz 3rd party - google-analytics.com Stores the traffic source or campaign that explains how the user reached your site. The cookie is created when the javascript library executes and is updated every time data is sent to Google Analytics. different values persistent 6 months from set/update
ACOOKIE 3rd party - sdc01.merck.de     persistent 10 years
ADRUM_BT 3rd party - pub.s7.exacttarget.com Used to give real-time insight into application performance.   persistent 32 seconds
AKA_A2 1st party     persistent 1 hour
AMCV S_... 1st party     session  
AMCV_... 1st party Used to identify a unique visitor.   persistent 2 years
AMP_TOKEN 3rd party - google-analytics.com Contains a token that can be used to retrieve a Client ID from AMP Client ID service. Other possible values indicate opt-out, inflight request or an error retrieving a Client ID from AMP Client ID service. different values persistent 30 seconds to 1 year
ASP.NET_SessionId 3rd party - sitetours.merckgroup.com Used to keep the user's status for all page requests.   session  
AWSALB 3rd party - qfx.tools.investis.com Used to deliver the provider´s service seamlessly from multiple services using a load balancer, so the cookie simply records which server cluster is serving you.   persistent 7 days
AWSELB 3rd party - irs.tools.investis.com Used to map the session to the instance.   session  
demdex 3rd party - .demdex.net Used to assign a unique ID to a site visitor.   persistent 6 months
dpm 3rd party - .dpm.demdex.net     persistent 6 months
dtCookie 1st party Tracks a visit across multiple requests.   session  
dtLatC 1st party Measures server latency for performance monitoring.   session  
dtPC 1st party Required to identify proper endpoints for beacon transmission; includes session ID for correlation.   session  
dtSa 1st party Intermediate store for page-spanning actions.   session  
ev_sync_dd 3rd party - .everesttech.net Used to record the date when synchronization will be performed.   persistent 1 month
everest_g_v2 3rd party - .everesttech.net Used to map clicks to other events on the client's website.   persistent 2 years
everest_session_v2 3rd party - .everesttech.net     session  
FORMASSEMBLY 3rd party - advenio.tfaforms.net Used to provide our users with online forms. User´s session will be stored within a cookie.   persistent 25 years
fr 3rd party - .facebook.com Used to display a range of advertising products, such as real-time bids from third party advertisers.   persistent 3 months
gac_<property-id> 3rd party - google-analytics.com Contains campaign related information for the user. If you have linked your Google Analytics and AdWords accounts, AdWords website conversion tags will read this cookie unless you opt-out. different values persistent 90 days
GPS 3rd party - .youtube.com Used to enable tracking based on geographical GPS location (mobile devices).   persistent 30 minutes
has_js 1st party Used to indicate whether or not the visitor´s browser has JavaScript enabled.   session  
IDE 3rd party - .doubleclick.net Used to register and report the user's actions on the website after viewing or clicking on one of the provider's ads.   persistent 1 year
igodigitalst 3rd party - .igodigital.com Used to capture customer behavior to improve the quality of the experience of our online customers, including enhanced browsing experiences.   session  
igodigitaltc2 3rd party - .igodigital.com Used to capture customer behavior to improve the quality of the experience of our online customers, including enhanced browsing experiences.   persistent 10 years
incap_ses_... 3rd party - .tools.investis.com  Used for visitor recognition.   session  
JSESSIONID 1st party Session ID needed for e.g. Registration SESSION ID session  
loglevel 1st party     session  
m_survey… 3rd party - .myaudience.de      persistent 1 year
mbox 1st party Used to collect user identification information and individual browser settings.   persistent 2 years
merck_survey... 3rd party - mafo1.myaudience.de   different values persistent 1 year
muser 1st party Used to detect if the user is a Merck KGaA, Darmstadt, Germany, employee based on their IP address different values persistent 30 days
nlbi_... 3rd party - .tools.investis.com Used for visitor recognition.   session  
OldSearchTerm 1st party     session  
personalization_id 3rd party - .twitter.com Allows users to share posts.   persistent 2 years
PHPSESSID 1st party Identify the current browser session SESSION ID session The cookie is deleted when the browser is closed
PREF 3rd party - .youtube.com Used to keep statistics on how visitors use YouTube videos on various websites.   persistent 8 months
RT 1st party Used to interface with LinkedIn.   persistent 7 days
rxVisitor 1st party Used to monitor site performance, analyze website usage and to track user behavior. Visitor ID session  
s_cc 1st party Set and read by the JavaScript code to determine if cookies are enabled.   session  
s_getNewRepeat 1st party     persistent 1 year
search 1st party     session  
st_shares_... 1st party     session  
TAFSessionId 1st party   SESSION ID session  
TAFTrackingId 1st party     persistent 90 years
UID 3rd party - .scorecardresearch.com Used to monitor “click-stream” activity, e.g. web pages viewed, navigation from page to page, time spent on each page etc.   persistent 2 years
visid_incap_... 3rd party - .tools.investis.com Used for visitor recognition.   persistent 1 year
VISITOR_INFO1_LIVE 3rd party - .youtube.com Used to estimate user bandwidth on pages with built-in YouTube videos.   persistent 6 months
water-webgl-open-ids 1st party Used for animated pages.   session  
WT_FPC 3rd party - Webtrends Used to distinguish users different values persistent 2 years
YSC 3rd party - .youtube.com Used to register a unique ID to keep statistics of YouTube videos that the user has seen.   session  

Storage and use of data

Storage and use of data

As a visitor to our website, you will remain anonymous. The data we store and analyze is used for statistical purposes only, for instance to ensure the continuous improvement of our services. The data we store on our servers comprises the name of your internet service provider, the website from which you visited us, the Merck KGaA, Darmstadt, Germany, web pages you have looked up, your IP address and the date and duration of your visit.

Collection, processing and use of personal data

Collection, processing and use of personal data

We only collect and process personal data if you make use of specific services and we therefore require your data or if you have voluntarily given us your express consent. You may do so, for instance, as part of a registration procedure, by completing a form or by sending an e-mail, ordering products or services, sending us a query or requesting materials. Unless we are subject to other legal commitments, we only use your personal data for the purposes for which you have given your consent.

Your personal data will only be shared by us with third parties if that is required in order to provide a service you have requested or if you have given your consent. If data has been released for use by our subsidiaries and if such permission involves data transfer to other countries, Merck KGaA, Darmstadt, Germany, will ensure that the data importer is placed under a suitable level of data protection commitment.

Data retention

Data retention

We store data as required by legal obligation or for the period of time that is required to provide a service you have requested or as agreed in applicable consent.

Right to review, correct and object

Right to review, correct and object

You are entitled to review and correct any of your personal data we have stored, and you may withdraw your consent to the use of your data at any time, affecting all future use. All you need to do is to send an e-mail to: privacy@emdgroup.com

Data protection and security

Data protection and security

Our employees involved in data processing are obliged to confidentiality in the use of personal data. Our data protection measures are continually updated, reflecting technical developments.

Data Privacy Disclaimer for Social Plugins

Data Privacy Disclaimer for Social Plugins

Social plugins are integrated on certain webpages of our website, e.g. Facebook, Twitter, LinkedIn, Google+ and/or Youtube. The social plugins are identified with the companies’ logo, comment fields or what are known as a »Like« or »+1« button. When you visit a page that displays such a plugin your browser will create a direct connection to the respective social media provider server. At the same time Facebook, Twitter, LinkedIn and/or Google will know that the respective page on our website has been visited. If you are registered and have logged in with the provider concerned, your visit can also be assigned to your user account. Social media provider such as Facebook, Twitter, LinkedIn, Google+ and Youtube do not provide specific information about which data is transmitted in the use of their social plugins. We therefore have no knowledge regarding the content and scope of the transmitted data or its use by Facebook, Twitter, LinkedIn, Google+ and Youtube. Please refer to the further information about this in the data protection regulations of the social media services which are found here: FacebookTwitter, LinkedInGoogle+ and Youtube. If you do not wish a provider to collect data on you through our website, please deactivate the plugins in your web browser. If you wish to avoid a link to any existing user account, you must log out before your visit to our website.

Google Analytics

Google Analytics

This website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of the website will be transmitted to and stored by Google on servers in the United States. In case IP-anonymisation is activated on this website, your IP address will be truncated within the area of Member States of the European Union or other parties to the Agreement on the European Economic Area. Only in exceptional cases the whole IP address will be first transferred to a Google server in the USA and truncated there. The IP-anonymisation is active on this website. Google will use this information on behalf of the operator of this website for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing them other services relating to website activity and internet usage. The IP-address, that your Browser conveys within the scope of Google Analytics, will not be associated with any other data held by Google. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also opt-out from being tracked by Google Analytics with effect for the future by downloading and installing Google Analytics Opt-out Browser Addon for your current web browser: "http://tools.google.com/dlpage/gaoptout?hl=en".

Google AdWords

Google AdWords

This website may use Google AdWords Remarketing to advertise specific informational content, exclusively for recruiting purposes, across the Internet, in particular on the Google Display Network of websites. AdWords remarketing may be used to display ads to you only in the case of career-related pages which you have viewed by placing a cookie on your web browser. This cookie does not identify you personally and is only used to serve you with limited-time ads based on the specific career-related page that you have visited. Google AdWords Remarketing allows us to tailor our marketing to better suit your needs and only display ads that are relevant to you. If you do not wish to see remarketing ads from this website, you can opt out by either visiting Google's Ads Settings or by visiting the Network Advertising Initiative opt-out page.

Group Data Protection Officer

at Merck KGaA, Darmstadt, Germany

Redirect

You have accessed https://www.emdgroup.com, but for users from your part of the world, we originally designed the following web presence https://www.merckgroup.com.

Let's go

Share Disclaimer

By sharing this content, you are consenting to share your data to this social media provider. More information are available in our Privacy Statement