Sustainability Hub 2023

Privacy policy

We appreciate your interest in Fresenius SE & Co. KGaA. Protecting your privacy is important to us. We are pleased to provide you with the following essential information.

The data protection notice for business partners, visitors and recipients of public relations work, information on our binding corporate rules (BCR) and our contact form for general requests about data protection and the exercise of your rights under the General Data Protection Regulation (e.g. access requests) are available here

Data Protection Notice

The processing of personal data is subject to the EU General Data Protection Regulation (GDPR) and the Telecommunications Digital Services Data Protection Act (TDDDG). This data protection notice informs you how Fresenius SE & Co. KGaA ("we" or "Fresenius") process personal data and information in your terminal equipment (e.g. laptop or smartphone) as a visitor ("you") when using the websites  and what data is involved.

By "personal data" we mean all information about you as a data subject.

By "processing" we mean any operation performed upon personal data, such as collection, storage, organization, structuring, adaptation or alteration, retrieval, consultation, use, disclosure, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

With this data protection information, we explain to you, among other things,

  • who is responsible for the processing of your personal data and whom you can contact if you have questions or wish to make a complaint (Section 1); 
  • how we collect your data, what data we collect and for what purposes we process these personal data, which legal bases we rely on in this regard and how long we store your personal data (section 2); 
  • to whom we may transfer your data (sections 3); 
  • how you can arrange for the updating, correction or also the deletion of this data and assert other rights in relation to your data (section 4).

1. Controller and contact details

The data controller responsible for the processing of your personal data is Fresenius SE & Co. KGaA, Else-Kröner-Straße 1, 61352 Bad Homburg vor der Höhe, email address sustainability@fresenius.com.

According to the GDPR, we are obliged to provide you with the contact details of the data protection officer. You can contact the data protection officer by sending a letter to the postal address of the controller for the attention of the Data Protection Department or by e-mail via dataprotection@fresenius.com.

2. Processing of your personal data

2.1 Recording of technical characteristics when visiting the website

We collect information about your visit to our Donation and Sponsoring website, as we do with most other websites. When you visit our website, the web server temporarily records

  • the domain name or IP address of your computer,
  • the file request of the client (file name and URL),
  • the http response code,
  • the website from which you are visiting us,
  • which Internet browser and which operating system you are using,
  • the nature of your device,
  • the date of your visit,
  • as well as how long you've been here.

Your IP address is only recorded anonymously - shortened by the last block of numbers (octet). The logging of data is necessary for navigation through the pages and use of essential functions (Sec. 25 (2) (2) TDDDG, Art. 6 (1) (1) (b) GDPR). In addition, the data is used for the purpose of detecting and tracking abuse on the basis of the legitimate interests of data security and the functionality of the service (Art. 6 (1) (1) (f) GDPR, Sec. 25 (2) (2) TDDDG). In particular, no overriding interest of the data subject is opposed to a use for the defense against attempted attacks on our web server to ensure proper use.

The data will neither be used for the creation of individual profiles nor passed on to third parties and will be deleted after seven days at the latest.

2.2 Usage of Cookies

When you visit a website, it may retrieve or store information about your browser. This usually takes the form of cookies and similar technologies. These are small text files that are stored locally on your device by your web browser. This can be information about you, your settings or your device. In most cases, the information is used to ensure that the website functions as expected. This information does not normally identify you directly. However, it can provide you with a more personalised web experience. Because we respect your right to privacy, you can choose not to allow certain types of cookies. We would like to give you the choice of which cookies you allow via the cookie settings. You can access these settings again at any time to manage your preferences.

However, blocking certain types of cookies may result in a compromised experience with the website and services we provide.  

You can delete cookies at any time, even if they have already been used. Via the query that appears when you visit our website and the cookie settings, you have the option of fully agreeing to or rejecting cookies, as well as setting specific preferences. We store your consent and your rejection for one year. Cookies that are necessary to provide the web service (see explanation below) cannot be rejected.

Please note that your cookie settings always refer to the Internet browser used. If you use a different Internet browser, you must make this setting again. How you can adjust the use of cookies browser-based, see the descriptions of your respective Internet browser: Chrome, Firefox, Internet Explorer, Safari.

Required cookies

These cookies are necessary so that you can navigate through the pages and use essential functions. They enable basic functions, such as access to secure areas or setting your privacy preferences. The legal basis for these cookies is Sec. 25 (2) (2) TDDDG, Art. 6 (1) (1) (b) GDPR. If you block these cookies via your browser settings, some or all of these functions may not work properly.

Type: first-party cookie
Name
: nxrCookieAgreement
Reason: Storing of consent or rejection.
Lifespan: seven days.

Analytical cookies

These cookies help us to improve the performance of our website and enhance the user experience. The collection of anonymous and pseudonymous information allows us to compile statistics on the operation of the website (for example, the number of visits and traffic sources) and user behavior on it (for example, movement paths and interaction with the website). The legal basis for these cookies is Article 6 (1) (1) (a) GDPR. If you block these cookies via your browser settings, we cannot know, for example, when you visited our website or how you interacted with it in order to correct structural errors.

Type: first-party cookie
Name:
MATOMO_SESSID
Reason: Temporäres Nonce-Cookie zum Schutz von CSRF (https://matomo.org/faq/general/faq_146/).
Lifespan: The cookie is deleted, when the browser is closed.

2.3 If you provide Fresenius with information by making a general contact

For the purpose of communicating with you, we process personal data that you provide when contacting us (in particular name, company, business contact details, content and nature of your enquiry). This is done on the basis of legitimate interest in external communication (Art. 6 (1) (1) (f) GDPR). In particular, as you have contacted us, there is no overriding interest of the data subject to the contrary. The data will be deleted after six months unless the processing of your request is not yet completed.

3. Possible recipients of personal data

In order to fulfill the aforementioned purposes, we may share your personal data in whole or in part with other group companies and/or service providers. In addition, the following categories of recipients may receive your personal data:

  • Authorities, courts, parties to a legal dispute or their designees to whom we are required to provide your personal data by applicable law, regulation, legal process or enforceable governmental order, e.g. tax and customs authorities, regulatory authorities and their designees, financial market regulators, public registries,
  • auditors or external consultants such as lawyers, tax advisors, insurers or banks, and
  • another company in the event of a change of ownership, merger, acquisition or disposal of assets.

3.1 International data transfers

In order to fulfill the aforementioned purpose, we may transfer your personal data to recipients outside Germany. Transfers within the European Economic Area (EEA) always take place in accordance with the uniform EU data protection level. Transfers to third countries are always carried out in compliance with the supplementary requirements of Art. 44 et seq. GDPR.

Your personal data may be transferred to certain third countries for which an adequacy decision of the EU Commission determines that an adequate level of protection exists in accordance with the uniform EU level of data protection. The full list of these countries is available here (https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions).

As a rule, EU standard contractual clauses (“SCC”) are concluded with the recipient for transfers to other third countries. These have been issued by the EU Commission to safeguard such international data transfers and a copy can be requested via dataprotection@fresenius.com. To transfer personal data outside the EEA among group companies of the business segments Fresenius Kabi (Fresenius Kabi AG and its affiliated companies) and Fresenius Corporate, we implemented binding corporate rules (“BCR”) approved by the data protection authorities in accordance with Art. 47 GDPR. A copy of the BCR is available on our website (https://www.fresenius.com/de/datenschutz). Ultimately, personal data may be transferred on the basis of an exceptional circumstance under Art. 49 GDPR.

4. Your data subject rights

According to the GDPR you are entitled to various rights. You have the right to access your personal data (Article 15 GDPR, section 34 et seq. BDSG), to correct incorrect personal data (Article 16 GDPR), to delete your personal data under certain circumstances (Article 17 GDPR, section 34 et seq. BDSG) and to restrict the processing of your personal data under certain circumstances (Article 18 GDPR).

In case the processing is based on Article 6 (1) (1) (f) GDPR including profiling based on those provisions, you have the right to object to the processing of your personal data on grounds relating to your particular situation (Article 21 (1) GDPR).

You also have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or of an alleged infringement of the GDPR (Article 77 GDPR in conjunction with section 19 BDSG). The competent data protection authority for Fresenius is "Der Hessische Beauftragte für Datenschutz und Informationsfreiheit", Postfach 3163, 65021 Wiesbaden. The right of appeal is without prejudice to any other administrative or judicial remedy.

If you have any questions about data protection at Fresenius, please contact dataprotection@fresenius.com.

1 Sustainability-hub.fresenius.com/ 2023/en, sustainability-hub.fresenius. com/2023/en/group, sustainability-hub.fresenius.com/2023/en/fresenius-kabi, sustainability-hub.fresenius. com/2023/en/helios, sustainability-hub. fresenius.com/2023/en/quironsalud, sustainability-hub.fresenius.com/2023/de, sustainability-hub.fresenius.com/ 2023/de/konzern, sustainability-hub. fresenius.com/2023/es