Privacy Statement

1.  Are you required to provide the data? Are you entitled to object to processing?

When you visit our website, your browser transmits the information under Section 5 automatically to our server. You are free to transmit such data. Without providing such data we are not able to serve you the requested content.

2. What is the legal basis for the processing?

The legal basis for the processing under Section 52 is point (f) of Article 6 (1) General Data Protection Regulation (GDPR). The legitimate interests are determined by the purposes described under Section 2. The legal basis for sending the newsletter to you is your consent according to point (a) of Article 1 GDPR.

3. To what recipients do we transmit your data?

Within our company, only persons and departments are granted access to your personal data as far as they need it to fulfil the below mentioned purposes. If it is necessary, we also transmit your personal data to the responsible BASF group companies in order to provide you with an efficient and customized service. You can find a list of BASF group companies here.

We also involve service providers. These service providers will only act on our instructions and are contractually obliged to comply with the applicable data protection requirements. 

Otherwise, we will only pass on your data to third parties if:

• you have given your express consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR,
• the disclosure pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR is necessary for the assertion, exercise or defense of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data,
• there is a legal obligation for us to pass on the data in accordance with Art. 6 para. 1 sentence 1 lit. c GDPR, or
• this is legally permissible and, in accordance with Art. 6 para. 1 sentence 1 lit. b GDPR, is necessary for the fulfilment of contractual relationships with you.

A transfer of your personal data to service providers in a third country will only take place if the special requirements of Art. 44 ff. GDPR are fulfilled. If and to the extent service providers are located in a third country, it may be that either the servers of the respective service provider are located in the third country or that the servers are located in the EU, but accessed in cases of support from a third country. Some third countries do not have a level of data protection adequate to that of the EU, e.g. the USA or China, as authorities might have simplified access to personal data in a simplified manner or that there are limited rights to such actions. If and to the extent you give consent, you expressly give consent to the transfer of personal data into the respective third country.

4. How do we protect your personal data?

BASF implemented technical and organizational measures to ensure an appropriate level of security to protect your personal data against accidental or unlawful alteration, destruction, loss or unauthorized disclosure. Such measures will be continuously enhanced in line with technological developments.

5. Logfiles and cookies

You can find information about the usage of cookies on our website here.

6. Contact form and e-mail

6.1. Data processing
Our web pages contain contact forms as well as links to send us an e-mail directly. If you use one of these contact forms, the data which you provide in such forms will be transmitted to us and processed. The mandatory data that must be filled in for electronic contact via the respective contact form are marked with (*). If you provide us with additional data, this is done voluntarily.

If you send us an e-mail, we will process the associated metadata and the content of the message. For the purpose of answering your inquiry properly, we might transfer it internally to BASF companies responsible for the task that might have been inquired.

6.2. Purpose and legal basis

Your data will be processed to enable us to contact you, to process your request and to provide you with our respective services, to prevent misuse of the contact form and to ensure the security of our information technology systems.

The legal basis for the processing of data classified as being mandatory is Art. 6 para. 1 sentence 1 lit. f GDPR. The afore mentioned purposes also include a legitimate interest in the processing of the data. If the purpose of the contact is the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 sentence 1 lit. b GDPR. The legal basis for the processing of the data that you have voluntarily provided us with is your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. 

6.3. Storage period

The personal data of the person concerned will be deleted or made unavailable as soon as the purpose of the storage does no longer apply. Furthermore, data may be stored if this has been provided for by the European or national legislator in EU regulations, laws or other regulations to which the person responsible is subject. Data will also be deleted or made unavailable when a storage period prescribed by the above-mentioned provisions expires, unless there is a need to continue storing the data for the purpose of concluding or fulfilling a contract.

In case of a consent, you have the right to revoke such consent at any time, without affecting the lawfulness of the processing carried out on the basis of the consent until revocation. To do so, please change the settings in the Privacy Preference Center.

7. Registration for web seminar or event

If you register for a web seminar, Book the Expert appointment or event, the information provided through the web seminar or event registration form as listed below will be processed for the purpose of organizing and performing the respective webinar. 
Usual required personal data fields are: First Name, Last Name, Company, Country and Mail Address. Should the registration for an event or seminar include a delivery address (e.g. for shipping of goods), we will process such information only for the purpose of shipping the respective materials to the given address. During or after the web event, web seminar or meeting, it might be possible that we provide you with some communication, depending on the appointment’s subject, e.g. event updates or documentation, web seminar presentation or recording or to provide you with product information, that you have requested in the web seminar, event or Book the Expert appointment. Should we already have collected your personal data suitable for such follow-up communication, we will process those for the purpose of performing the respective communication. Otherwise, we will ask you to provide us with the personal data required. If necessary, for accomplishing the respective purpose, we will forward and transmit your personal data to the responsible BASF group companies in accordance with chapter 5 of this privacy policy. The legal basis for this processing is Art. 6 Sec. 1 lit. b) and f) GDPR.

8. Direct marketing 

If you have given us your consent to do so, we will process your personal data to provide you with personalized information on BASF products, events, web seminars and services we consider relevant for you and to conduct customer surveys via the communication channels you have selected. In order to determine your professional needs and interests, we combine and analyse the personal data that we have collected about you in the course of your relationship with BASF as a customer or user of BASF products and services (in particular your contract and master data, the products you have purchased, samples, demos, brochures or whitepapers that you have requested or downloaded, webinars for which you have registered, surveys that you have completed, etc.). The legal basis for the processing of your personal data for the above-mentioned purposes is your consent. Due to the global nature of BASF’s marketing teams, BASF will share your personal data with the relevant BASF entities and therefore transmit your personal data to the following BASF companies being the regional Marketing Headquarters: 

I. BASF SE, Germany, Carl-Bosch-Str. 38, 67056 Ludwigshafen
II. BASF Corporation, 11501 Steele Creek Road, 28273 Charlotte, USA 
III. BASF Brasil SA , Av das Nações Unidas No 14171, 04794-000 São Paulo, Brazil 
IV. BASF East Asia Reg. HQ's, 45th Floor, Jardine House, No1 Connaught Place, Hong Kong
V. BASF Construction Additives GmbH, Dr.-Albert-Frank-Straße 32, 83308 Trostberg, Germany

In addition, BASF will share your personal data between those BASF companies which are responsible for you as a (prospective) business partner. Both of the Wording to be added to the respective Privacy Statement 5 Templates for Consent Clauses Internal aforementioned transfers serve the purpose of administration of customer data across the BASF Group and preparation of global marketing campaigns and sales-related activities.

The legal basis for this data sharing is our legitimate interest in maintaining your personal data in our company group.

We will share your personal data with other affiliated companies of the BASF Group if they provide IT services for us or if this is necessary for operational reasons, such as follow ups from sales managers or developing personalized marketing materials and content. Furthermore, we will pass on your personal data to the technical IT service providers we use from whom we obtain services. Our IT service providers are carefully selected and regularly checked by us. They process personal data only on our behalf and strictly in accordance with our instructions on the basis of corresponding contracts for order processing.

We store your personal data collected within the scope of your consent for the above-mentioned purposes until your consent is revoked. You can revoke your consent at any time with effect for the future by notifying us of your revocation under our consent preference center. Each marketing mail we will send to you based on this consent, will contain a separate link to revoke your consent. You are at liberty to grant or withhold consent. This has no effect on your visit of this website and platform. If you revoke your consent, we will no longer use your personal data for marketing purposes unless we have another legal basis for this. The revocation of your consent does not affect the legality of the data processing that has taken place up to that point.

9. Social media hyperlink

We have included hyperlinks to the following social media services on our website: LinkedIn, Twitter, Facebook, YouTube and Slideshare.

10. Google ads campaign analytics

We work with the search engine operator Google LLC, Mountain View, California, USA, so that customers can find our websites and offers more easily using search engines. As a result, our website and products are particularly highlighted or displayed in the Google search if you enter certain key words in the Google search.

The links shown in the search results that lead to our pages are enriched with parameters. This enables us to evaluate the success rate of the campaign using Google search. This method processes the following information when the link is clicked:

Information to identify which campaign was the origin of the click:

• medium (at_medium)

• campaign ID (at_campaign)

• platform (at_platform) 

• ad format (at_creation) 

• ad variant (at_variant) 

• search term (at_term)

The link is evaluated by the range measurement and analytics tool AT Internet, about which you can find more information in the section on cookies. No cookies are set as part of this analysis. The legal basis for this data processing is Art. 6 Para. 1 lit. f) GDPR.

You can find Google's privacy policy here.  

11. Youtube retargeting

On our YouTube channels, we utilize Google Ads, a service provided by Google LLC, D/B/A YouTube. 901 Cherry Ave., San Bruno, CA 94066, USA (hereinafter as ‘Google’). Google Ads allows us to display advertisements on YouTube by defining target audiences. Based on information collected about your engagement on YouTube, Google will identify the persons fitting into our defined target group. We define our target audiences on the following criteria for the purpose of advertising our company and our products via YouTube:

• Keywords

• Videos 

• Channels

   

We are at no point in time able to identify a single user while using Google Ads on YouTube. The legal basis for this processing is Art. 6 Sec. 1 lit. f) GDPR.

You can find Google's privacy policy here.

12. Linkedin marketing

12.1. Linkedin Advertising
For the purposes of creating attention and awareness for our products, we utilize the LinkedIn Campaign Manager provided by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland ("LinkedIn"). By using the LinkedIn Campaign Manager, we define target groups based on the following criteria:

• Location (e.g. country, region, city)

• Company (e.g. company industries, names, size)

• Interests (e.g. member groups, interests)

• Job experience (e.g. job titles, functions, seniority, skills)

• Education (e.g. degrees, schools, fields of study)

• Demographics (e.g. gender, age)

Based on its algorithm, LinkedIn will display our content on its platform to its users fitting to the defined target group. We will not define too narrow target groups or address our content only to a handful or less individuals. The legal basis for this kind of processing is Art. 6 Sec. 1 lit. f) GDPR.

You can find more information about the usage of LinkedIn at BASF here.

You can find the privacy policy of LinkedIn here
 

12.2. Linkedin Lead Generation
We display content on our LinkedIn business account, which will be presented to you based on the processing as described under No. 9 of this privacy policy. If you engage with the aforementioned content, e.g. by subscribing to the download or stream of a video or any other offered asset e.g. whitepaper, we process your name and your company for the purpose to provide you with information on the products and services related to the specific contents by sending you private messages or posts.

We store your personal data in the LinkedIn Campaign Manager provided by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland ("LinkedIn"). In cases of technical support, teams of LinkedIn Inc., 1000 W Maude, Sunnyvale, CA 94085, USA, might access your personal data. The USA are a country which does not have a level of data protection comparable to that of the EU. If you subscribe to our content, you expressly consent to the transmission of your personal data into the USA.

The legal basis for the aforementioned processing is your consent, Art. 6 Sec. 1 lit. a) GDPR. You can revoke your consent any time by sending a message to the BASF representative you may be contacted by.

13. Showpad

As part of our customer relationship, we share documents with our customers via the Showpad service. Showpad is an application of Showpad NV, Moutstraat 62, 9000 Ghent, Belgium (hereinafter "Showpad"). Responsible for the use of Showpad is the BASF company with which our customer has a contractual business relationship (hereinafter for this chapter "BASF")

Through Showpad, BASF processes the following personal data:

•  E-mail address

The data processing serves the purpose of sharing documents required for the respective contract fulfillment with our customers. The legal basis for this data processing is Art. 6 para. 1 lit. f) DSGVO.

In addition, BASF will carry out in Showpad the interactions that arise in the handling of the shared documents by the contact persons of our customers (hereinafter "you"), provided that you have given us your consent for this. In particular, we replicate the following interactions when using Showpad

• Visits
• Clicks 
• Time spent on the documents
• Downloads 
• Sharing
   

The legal basis for this data processing is your consent, Art. 6 para. 1 lit. a) DSGVO.

14. What rights do you have?

You have certain rights under the General Data Protection Regulation including the right to request a copy of the personal information we hold about you, if you request it from us in writing:

14.1. Right to access: the right to obtain access to your information (if we’re processing it), and certain other information (like that provided in this Privacy Policy); 

14.2. Right to correct: if your personal information is inaccurate or incomplete you have the right to have your personal information rectified;

14.3. Right to erasure: this is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of your information where there’s no compelling reason for us to keep using it. This is not a general right to erasure; there are exceptions. For example, we have the right to continue using your personal data if such use is necessary for compliance with our legal obligations or for the establishment, exercise or defense of legal claims; 

14.4. Right to restrict our use of your information: the right to suspend the usage of your personal information or limit the way in which we can use it. Please note that this right is limited in certain situations: When we are processing your personal information that we collected from you with your consent you can only request restriction on the basis of: (a) inaccuracy of data; (b) where our processing is unlawful and you don’t want your personal information erased; (c) you need it for a legal claim; or (d) if we no longer need to use the data for the purposes for which we hold it. When processing is restricted, we can still store your information, but may not use it further. We keep lists of people who have asked for restriction of the use of their personal information to make sure the restriction is respected in future;

14.5. Right to data portability: the right to request that we move, copy or transfer (where technically feasible) your personal information in a structured, commonly used and machine-readable format, for your own purposes across different services; 

14.6. Right to object: the right to object to our use of your personal information including where we use it for our legitimate interests, direct marketing;

14.7. Right to be informed: you have the right to be provided with clear, transparent and easily understandable information about how we use your personal information; and 

14.8. Right to withdraw consent: if you have given your consent to anything we do with your personal information, you have the right to withdraw your consent at any time (although if you do so, it does not mean that anything we have done with your personal information with your consent up to that point is unlawful).

The exercise of these rights is free of charge for you, however, you are required to prove your identity with 2 pieces of approved identification. We will use reasonable efforts consistent with our legal duty to supply, correct or delete personal information about you on our files. 

To make inquiries or exercise any of your rights set out in this Privacy Policy and/or make a complaint please contact us by emailing or write to us and we will endeavor to respond within 30 days. Contact details can be found in section 10 below.

When we receive formal written complaints, we will contact the person who made the complaint to follow up. We work with the appropriate regulatory authorities, including local data protection authorities, to resolve any complaints that we cannot resolve directly. 

If you are not satisfied with the way any complaint you make in relation to your personal information is handled by us then you may refer your complaint to the relevant data protection supervisory authority.

15. Where can you dodge a complaint?

You have the right to lodge a complaint with our Data Protection Officer (for contact details see below) or with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement. Or you can contact our Lead Data Protection Authority:

Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit Rheinland-Pfalz

Hintere Bleiche 34

55116 Mainz 

https://www.datenschutz.rlp.de/de/general-storage/footer/ueber-den-lfdi/kontakt/

E-Mail:  poststelle@datenschutz.rlp.de

16. Who is controller and data protection officer?

You can find the Controller in the meaning of data protection laws here. 

Our Data Protection Officer is:

Alexandra Haug 
EU Data Protection Officer of BASF 
67056 Ludwigshafen 
+49 (0) 621 60-0

data-protection.eu@basf.com 

17. Privacy of children

This Website is intended to be used by persons aged 18 and older. We do not seek to collect information about persons under the age of 18.

No information should be submitted to or posted on the Websites by persons younger than 18 years of age. If such a person submits personal information via the Websites, we shall delete that information as soon as we are made aware of their age and thereafter shall not use it for any purpose whatsoever.