Privacy policy

BASF is delighted that you have visited our website and thanks you for your interest in our company.
BASF takes data protection very seriously. As a result, we would like to inform you in detail about:

  • The personal data BASF collects when you visit our website
  • The purposes for which BASF uses such data
  • The legal basis for the processing of personal data
  • The recipients of such personal data
  • The period for which such personal data will be stored
  • Whether you are obliged to provide personal data

Furthermore, we would like to inform you about:

  • Your rights regarding the processing of your personal data
  • Who acts as Controller in the meaning of data protection laws and, where applicable, contact information for our Data Protection Officer

1. What personal data does BASF collect when you visit our website, for what purpose, and what is the legal basis for this?

1.1   When you visit our website without contacting us or signing in, your browser transmits the following information automatically to our server:

  • IP address of your computer
  • Information about your browser
  • Website that you were on right before you landed on our website
  • URL or file requested
  • Date and time of your visit
  • Volume of data transmitted
  • Status information, e.g. error messages

The purpose of this data processing is to

  • Send the requested content to your browser. In doing so, we store the complete IP address only to the extent necessary to serve the requested content to you.
  • Send your IP address to a service provider to map your public IP address with company- and industry-related information (no personal information). We will store this industry-related information. In this process step, your IP address is not stored at our service provider or in our system at any time.
  • Protect us from attacks and to safeguard the proper operation of our website. In doing so, we store said data transiently and with restricted access for a maximum period of 180 days. Excluded from this deletion following a maximum of 180 days is data regarding access required for the further tracking of attacks and faults.

The legal basis for the processing of this data is Article 6 (1) lit f) GDPR. Our legitimate interests are derived from the data processing purposes mentioned above.

1.2   If you contact us by email or by the contact form on our website, we receive the following information:

  • Name and surname
  • Your email address and further information that you provide by email or fields in a contact form
  • And further information provided voluntarily

At the time of sending the message, the following data is also saved:

  • The date and time of your message

The purpose of this data processing is

  • Solely the processing of your message

Any other personal data processed during the mailing procedure is used to prevent misuse of the contact form and ensure the security of our technical information systems.
The legal basis for the processing of this data is Article 6 (1) lit f) GDPR. Our legitimate interests are derived from the data processing purposes mentioned above.

1.3   Our website offers the option of subscribing to a free newsletter. When a user registers for the newsletter, the following data entered into the input screen is transmitted to us:

  • IP address of the accessing computer
  • Name and surname
  • Your email address
  • And further information provided voluntarily

At the time of registration, the following data is also saved:

  • Date and time of registration

The purpose of this data processing is

  • Solely for sending you the newsletter to which you have subscribed


Any other personal data processed during the registration procedure is used to prevent misuse of the contact form and ensure the security of our technical information systems.

We use what is known as the “Double Opt-In” procedure for our newsletter’s registration process. As soon as you subscribe to the newsletter on our website, you will receive an email to the email address provided during registration asking you to confirm your registration. In doing so we hope to prevent incorrect or unauthorised email addresses being used for registration.

The legal basis for the processing of this data and the sending of the newsletter to which you have subscribed is Article 6 (1) lit f) GDPR. Our legitimate interests are derived from your registration to the newsletter mailing list, this representing a relevant and appropriate relationship in the sense of recital 47 to the GDPR, as well as from the fact that the provision of information about new products or services, as well as activities and events is usual in the business and both expected and appreciated by the majority of our customers.

1.4   We provide free, downloadable information on our website (for example, white papers, webinars, planning tools, and similar). Before you can download the free information, the following information will be transmitted to us via an input screen:

  • The user's IP address
  • Date and time of registration
  • Name and surname
  • Email (as user name)
  • Postcode
  • Country
  • Password
  • User group e.g. architect
  • And further information supplied voluntarily


At the time of registration, the following data is also saved:

  • Date and time of the download

The purpose of this data processing is
  • The provision of the desired information and
  • Promotional material
Any other personal data processed during the registration procedure is used to prevent misuse of the input screen and ensure the security of our technical information systems.

The legal basis for the processing and use of this data is Article 6 (1) lit b) GDPR. The commercial use of your personal data is part of the benefits of our mutual relationship.

You have the right to withdraw your consent at any time for the processing of your data for the purposes of direct marketing (Article 21 (2) GDPR).

2. Do we use cookies on our website?

We will inform you about using cookies in our cookie banner when you visit our website. You accept the use of cookies by further using our website. We would like to inform you about the cookies we use and how you may decline cookies below. Cookies are text files that are stored in the internet browser or by the internet browser on your computer system. If you call up our website, a cookie can be stored on your operating system.

2.1   The following cookies are important for the smooth operation and specific services of our website:

Cookie

Purpose

Deletion

MBS Cookie Advice / BASF Cookie Advice Name

The cookie is only set and stored with the value true if a user has clicked OK on the cookie advice. Otherwise the cookie doesn’t exist.

1 year after you visit our site

MBS Country Language Selector BASF Country
Language name

The cookie is only set and stored with the value "true" when a user hits a selection value in the country and language sector, provided that the automatic display of the same is active. Otherwise the cookie doesn’t exist.

1 year after you visit our site

Anti Xsrf Token

This cookie and its value are regenerated with each session. It ensures that requests are made from the same browser to prevent tampering. For details see https://www.owasp.org/index.php/Anti_CSRF_Tokens_ASP.NET

Will be deleted as soon as you clear your cache or close your browser

ASP.NET SessionId

Unique browser session. Currently only needed for the CAPTCHA.

Will be deleted as soon as you clear your cache or close your browser

File_Download

Only set if a document download occurs in the same window (via a hidden iFrame).

Current query, then immediately validated

FedAuth

Ensures the logged on access after a user has successfully logged in.

Will be deleted as soon as you clear your cache or close your browser

[UserName]_userProject

Saves the configuration of the project currently compiled so that it can later be sent to the server; in addition, the project is retained so newcomers to the site do not lose it.

Will be deleted as soon as you clear your cache or close your browser

[UserName]_tempData

Stores temporary information about the user/account status for corresponding UI handling: newsletter, user locked, draft for administrators.

Will be deleted as soon as you clear your cache or close your browser

Idsrvauth
Idssrvauth

Ensures logged in access after a user logs in successfully.

Will be deleted as soon as you clear your cache. If “keep me logged in” selected: 1 year after you visit our site

IdSrvUserLang

Saves the currently selected language so that it will be displayed again the next time you visit.

1 year after you visit our site

wsfedsignout

Saves the return URL back to the external application for after a successful login/logout process during the same session.

Will be deleted as soon as you clear your cache or close your browser.

2.2   We use the following cookies to measure our web audience:

Cookie

Purpose

Deletion

ACOOKIE

This cookie allows the web analytics tool Webtrends to collect anonymous information about how our website is used. This anonymous information shows us inter alia how many people visited our website, the websites that the users were on right before they landed on our website, and which pages they visited. 

2 years after you visit our site

WT_FPC

By default, Webtrends tracks visitors across the primary domain and all sub-domains.

2 years after you visit our site

Id

We use the DoubleClick cookie to collect data regarding user interactions with ad impressions and other ad service functions in relation to our website.

2 years after you visit our site

utag_main

The Tealium Tag Management library creates and manages a single cookie called utag_main. Within that cookie are several built-in values that keep track of the anonymous visitor session. Such as a unique identifier for the session and a Unix/Epoch time stamp in milliseconds.

1 year after you visit our site

D41ID

We use this cookie from Dun and Bradstreet to derive anonymous information concerning businesses visiting our websites.

1 year after you visit our site

The data collected in this manner is pseudonymised using technical measures. It is therefore not possible to associate this data with you personally.
You can reject the storage of cookies using your browser settings.

2.3   In addition, we have integrated HubSpot into our website. This relates to what are known as customer relationship cookies. HubSpot uses what are known as “web beacons” and cookies that are stored on your computer.

The operating company is HubSpot Inc., 25 First Street, 2nd Floor, Cambridge, MA 02141 USA. You can find HubSpot’s privacy policy at:
https://legal.hubspot.com/de/privacy-policy

If, while on our website, you
  • Subscribe to our newsletter
  • Use our download area, or
  • Fill out our contact form


HubSpot will use the cookies listed below to collect the following data from the data you provide and will save this data as indicated:

Cookie

Purpose

Deletion

__hstc

The main cookie for tracking visitors. It contains the domain, utk (see below), initial timestamp (first visit), last timestamp (last visit), current timestamp (this visit), and increments for each subsequent session.

2 years after you visit our site

 hubspotutk

This cookie is used to keep track of a visitor's identity. This cookie is passed to HubSpot on form submission and used when duplicating contacts.

10 years after you visit our site

 __hssc

This cookie stores the sessions. This is used to decide if the session number and timestamp in the _hstc-Cookie should be increased. It contains the domains, view count (increases every page view in a session) and the session start timestamp.

30 minutes after you visit our site

__hssrc

Whenever HubSpot changes the session cookie, this cookie is also set. We set it to 1 and use it to determine if the user has restarted their browser. If this cookie does not exist during cookie management, we assume it is a new session.

Will be deleted as soon as you close your browser

__hs_opt_out

This cookie is used by the opt-in privacy policy to remember not to ask the user to accept cookies again. This cookie is set when you give users the choice to opt out of cookies.

2 years after you visit our site

__hs_do_not_track

This cookie can be set to prevent the tracking code from sending any information to HubSpot. Setting this cookie is different from opting out of cookies, which still allows anonymised information to be sent to HubSpot.

2 years after you visit our site

__hs_testcookie

This cookie is used to test whether the visitor has support for cookies enabled.

Will be deleted as soon as you close your browser

hsPagesViewedThisSession

This cookie is used to keep track of page views in a session.

Will be deleted as soon as you close your browser

The legal basis for the processing of this data is Article 6 (1) lit f) GDPR. Our legitimate interests are derived from your registration to the newsletter mailing list, you contacting us, and/or you downloading our information, this representing a relevant and appropriate relationship in the sense of recital 47 to the GDPR, as well as from the fact that the provision of information about new products or services, as well as activities and events is usual in the business and both expected and appreciated by the majority of our customers

You can reject the storage of these cookies using your browser settings.

3. To what recipients do we transmit your data?

We transmit the personal data mentioned in Sections 1.1 to 1.4 to Data Processors based in the European Union. Such Data Processors process personal data only on instructions from us and the processing is carried out on behalf of us.

The personal data mentioned in Section 2.3 is transmitted to the operator HubSpot. HubSpot Inc. is certified under the EU-US Privacy Shield and has committed itself to adhering to the provisions of the GDPR.

4. How do we protect your personal data?

BASF implements technical and organisational measures to ensure an appropriate level of security to protect your personal data against accidental or unlawful alteration, destruction, loss or unauthorised disclosure.  Our security measures will be continuously enhanced in line with technological developments.

5. What rights do you have?

You have certain rights under the General Data Protection Regulation:

Right to information: the right to information about your personal data processed by us and about certain other pieces of information (such as, for example, that provided in this Privacy Policy).

Right to correction: if your personal is inaccurate or incomplete, you have the right to have your personal information rectified.

Right to deletion: on the basis of what is known as 'the right to be forgotten', you can request the deletion of your information where we are under no retention obligation. The right to deletion is not free from exceptions. We have the right to continue using your personal data if such use is necessary for compliance with our legal obligations or for the establishment, exercise or defence of legal claims.

Right to restrict processing: this right concerns the restriction of the use or type and manner of use of your data. This right is limited to specific situations and can principally be invoked if: 
(a) the data is inaccurate;
(b) where our processing is unlawful and you don't want your personal information deleted;
(c) we no longer require the data but you need it for the establishment, exercise or defence of a legal claim.
When processing is restricted, we can still store your information, but may not use it further. We keep lists of people who have asked for restriction of the use of their personal information to make sure the restriction is respected in future.

Right to data portability: this is the right to request that we transfer, where technically feasible, your personal information in a structured, commonly used and machine-readable format, for your own purposes.

Right to object: you can object to our use of your personal information including where we use it for our legitimate interests, particularly in the case of direct marketing.

Right to be informed: you have the right to be provided with clear, transparent and easily understandable information about how we use your personal data; and

Right to withdraw consent: if you have given your consent to anything we do with your personal information, you have the right to withdraw your consent at any time. Any such withdrawal of consent does not affect the legality of processing carried out on the basis of the granting of consent until the point of withdrawal.

The exercise of these rights is free of charge for you. However, you are required to prove your identity with two pieces of approved identification. We will use reasonable efforts consistent with our legal duty to supply, correct or delete personal information about you in our filing system.

To make inquiries or exercise any of your rights set out in this Privacy Policy and/or make a complaint, please contact us by emailing or write to us. We will endeavour to respond within 30 days.
You can find our contact details under Section 7.

If we receive formal written complaints, we will contact the person who made the complaint to follow up. If necessary, we will work with the appropriate regulatory authorities, including local data protection authorities, to resolve any complaints that we cannot resolve directly.

If you are not satisfied with the way any complaint you make in relation to your personal information is handled by us, then you may refer your complaint to the relevant data protection supervisory authority.

6. Where can you lodge a complaint?

You have the right to lodge a complaint with our Data Protection Officer (for contact details see below) or with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement. Alternatively, you can contact:

Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit Rheinland-Pfalz
Hintere Bleiche 34
55116 Mainz
https://www.datenschutz.rlp.de/de/general-storage/footer/ueber-den-lfdi/kontakt/
Email:  poststelle@datenschutz.rlp.de

7.  Who is the Controller and who is the Data Protection Officer?

You can find the Controller for data processing here.

Y
our contact partner for matters concerning data protection law is:
BASF S.R.L.
Seseaua Pipera 43
014254 Bucuresti, Romania
Tel: +40 21 5299-012

Please use the address of the contact partner named above to contact our Data Protection Officer Dna. Aura Bratu. You can also contact our Data Protection Officer via the email address data-protection.ro@basf.com

8. Privacy of children

This website is intended to be used by persons aged 18 and older. We do not seek to collect information about persons under the age of 18.

No information should be submitted to or posted on the websites by persons younger than 18 years of age. If such a person submits personal information via the websites, we shall delete that information as soon as we are made aware of their age and thereafter shall not process it any further.