In B. Braun, we are committed to a trust based cooperation with all parties whom we deal with such as our clients, doctors, advisers and employees. Keeping information in particular personal information secure is an aspect of this trust which we take seriously.
The operator of the website and entity responsible for data protection is:
B. Braun Lanka (Pvt) Ltd
Level 11, HNB Towers,
No. 479, T. B. Jayah Mawatha,
In Sri Lanka, B. Braun, as part of the B. Braun Group will abide by data protection principles under the European Union’s General Data Protection Regulations and this notice is intended to outline how we intend to keep secure the personal data of individuals (“data subjects”) and to ensure that the rights of data subjects are protected.
In this policy, we seek to inform data subjects of the purpose for which their personal data is collected and processed and the data subject’s right to access or refuse to provide such personal data.
Amendment of this privacy statement may become necessary in the course of further development if our website and the implementation of new legal requirements or new technologies, or in order to improve our service for you. Therefore, the processing and collection of personal data will be in accordance with the privacy statement as applicable from time to time.
Notice and Choice and Rights as a Data Subject
Please be aware that you have the right to make a choice not to provide your personal data and may revoke your consent to the collection and processing of personal data. Please however be aware that certain services we provide and the continuation thereof may require the processing of such data.
You always have a right to access your personal data, the origin and recipients and the purpose of data processing free of charge as well as a right to seek rectification, erasure or restrict the processing of such personal data. The information, if requested shall be provided in a machine-readable format.
All queries are to be directed to the Compliance Officer of the Company.
General Information on Processing of Personal Data
This data protection statement applies to data, including personal data which B. Braun collects about a data subject. Personal data may be individual data or source or from a combination of individual data by which data subject can be identified.
The process by which we gather, process and use the personal data of a data subject is in compliance with data protection regulations of the Federal Republic and Germany and also of the European Union.
Under no circumstances will B. Braun pass on the personal data of a data subject to third parties outside of the B. Braun Group of companies (being B. Braun Melsungen AG and its subsidiaries worldwide) without the data subjects consent.
Within the B. Braun Group, compliance with legal requirements applicable in Sri Lanka and with this Policy is monitored.
Categories of personal data we collect and hold
The nature and type of data we collect and the source of such data varies depending on the nature of the relationship we have with the data subject and may include:
- personal data which we collect from our website (as more particularly detailed in subsequent paragraphs), if such data has been voluntarily provider or where such data is required for the purposes of providing the service which a data subject requires
- personal data which we collect on application forms or other information forms such as name, address, email, telephone, occupation, income
- personal data from credit bureau reports and credit reporting agencies
- personal data from governmental agencies.
Purpose of collecting personal data
Personal data is used to provide products and services and to inform about products and services offered by B. Braun and may include:
- for the purposes of technical administration of our website
- statistical analysis
- developing new products and services
- registration for programs or offers upon your request
- providing services offered to you
- payment processing for purchases
- protection against or identifying possible fraudulent transactions,
- where permitted by law, to supply customized, unsolicited offers and information about B. Braun and services
- developing and providing advertising adapted to our customers
- profiling and determining service preferences
- finance and marketing operations and/or as required by the terms and conditions of business and other business administration purposes including credit monitoring and control purposes
- to meet regulatory and legal requirements
- for risk management
- for all other purposes incidental and associated with the above.
Disclosure of Personal Data
Personal Data will be kept confidential and will not be forwarded to third parties outside of the B. Braun Group of companies (being the Company and its related Corporations worldwide) without your prior consent.
Information may however be disclosed to the following categories of parties for the purposes who are service providers and for the purposes as set out:
- to any B. Braun Group company/ corporation.
- to our advisers, including consultants, advocates and solicitors for purposes of determining our rights and enforcing any agreement with data subjects
- any agent, contractor or service provider to whom we may have outsourced services to, subject always that such parties acknowledge the confidentiality and rights of the data user and to comply with the provisions of the Act
- to regulatory authorities or notified bodies including bodies providing quality certification of our products upon their request
- to such other parties as may be permitted under the law of the jurisdiction which the Company is operating in
Data forwarded will be restriction to data necessary for delivery of the relevant services/ or as required by law.
Data Subject’s Rights
A data subject has the right to access personal data which an organization holds about the data subject. At a data user’s request, we will inform you in writing and in accordance with applicable law, whether we have stored any personal data and if so, the data.
Data users have a right to correct and block such personal data. Data users may also withdraw consent to the processing and storage of personal data, if not needed for legal reasons or for processing and existing contractual relationship. Data may also be deleted if such data is no longer subject to retention policies.
In order to assist us in validating the identity of any person requiring access, we will ask for verification documents to substantiate identity.
Protection of minors
As a general rule, children and persons under the age of 18 years should not disclose personal data to us without the consent of their parents or guardians. We do not solicit personal data from children and we do not knowingly collect personal data from children, use said data in any way or disclose said data to third parties without authorization.
Transmission of data over the Internet
The Internet is a global platform. By using our websites, or communicating with us electronically via contact forms, you agree to the unencrypted transfer of all data that you want to send us. Due to the nature of operations on the Internet, and the inherent systemic risks, all data transfers initiated by you occur at your own risk. The only exception to this is if we offer you an encrypted transmission path.
We have taken extensive precautions to ensure the security of your data. Your personal data, as stored by us, which you for example have entered on HTML pages (contact forms), are transferred in an encrypted format (SSL – Secure Socket Layer) over the public data network to our Internet service provider, from there to the respective data processing systems of the B. Braun companies responsible for the triggered transactions, or to the appropriate contractual partners of B. Braun and are placed into storage.
Data Collection and Processing from Internet Access
Access via our website, social media pages and plugins as well as queries on various platforms may result in the collection and processing of data. Following are details of specific policy measures which relate to such collection and processing:
Data collection and processing in case of access from the Internet
When you visit our website, our web servers save each access temporarily to a log file. The following data are entered and saved until automated deletion:
- Anonymized IP address of the requesting computer
- Date and time of the access
- Name and URL of the called data
- Report whether the call was successful
- Identification data of the used browser and operating system
- Website, from which the access is carried out
- Name of your Internet access provide
These personal data are not processed beyond the cases indicated above, unless you explicitly consent to further processing.
Processing of your communication inquiries - Salesforce Marketing Cloud
If you send us inquiries by using the contact form your details from the inquiry form including the contact details entered by you there will be saved by us for the purpose of processing the inquiry and for the event of follow-up questions. We will not forward these data without your consent.
Use of the Salesforce Marketing Cloud
We use the remarketing functions of the Salesforce Marketing Cloud of the service provider salesforce.com, Inc. The Landmark @ One Market Street, Suite 300, San Francisco, CA 94105, USA (“Salesforce”). If you have consented to the receipt of our newsletter and visit our Website via a newsletter, web beacons are used. This way it is possible for us to track the effectiveness of our newsletter, e.g. whether you have opened an e-mail or which part of the newsletter was particularly interesting.
For this purpose we use e.g. the tracking methods “Email Open Tracking” and “Email-Link Tracking”.
Email Open Tracking: Here we track whether you have opened the newsletter via the 1x1 pixel in the HTML template described below.
Email-Link Tracking: It is tracked here whether a link was clicked within the e-mail (Click-Trough). For this purpose the links are converted by the Marketing Cloud into trackable links.
Salesforce uses so-called “web beacons” in the majority of the used e-mails. Web beacons (also called “ClearGIFs” or “tracking pixels”) are small graphics (GIF files with a size of approx. 1×1) that are used among others on websites or in HTML e-mails. Web beacons fulfill similar functions as cookies, can however not be noticed by the user. Via web beacons information can, in particular, be obtained whether the e-mail was opened and whether the system of the user is capable of receiving HTML e-mails. No personal data are collected via the web beacon.
If you would not like to receive any e-mail notifications with web beacons, you can alternatively also receive your e-mails in a text form (not in the HTML format) by changing the corresponding settings to this extent within your e-mail client and by blocking the receipt of HTML formated e-mails.
Consent to the transmission of data within the scope of the services
Within the use of Salesforce, the scope of the use of this portal data from a user can be transmitted to the USA to a contractually bound and carefully selected service provider. The data protection existing in the USA is however not comparable with European standards and may also differ from Malaysian standards. Appropriate data protection cannot be guaranteed continuously but in order to provide security of your data as far as possible, our company takes necessary protective measures and transmits data to the USA according to the principle of purpose limitation and data economy so that only the absolutely essential information that is provided by you is retained.
The contract concluded with Adobe for the contract data processing concluded by the B. Braun Group for use of Adobe Analytics allow for the implementation of the strict stipulations of the German data protection.
To protect forms on our website from spam and misuse, we use the "Friendly Captcha" service from Friendly Captcha GmbH (Germany). By using this service, it is possible to distinguish whether the corresponding input is of human origin or is abusive due to automated machine processing.
The tool prevents automated and abusive requests by so-called "bots". As part of this process, your IP address is captured by Friendly Captcha in order to send a cryptographic task to your device. This task is solved in the background and once solved, a confirmation is sent by Friendly Captcha to the server that this is a natural person.
In this regard, Friendly Captcha processes and stores the following data:
- IP address of the requesting computer (anonymized via one-way hashing).
- Information about the browser and operating system used
- Anonymized counter per IP address to control the cryptographic tasks
- Website from which the access took place (referrer URL)
For more information on this data processing, please visit the Friendly Captcha website: https://friendlycaptcha.com/legal/privacy-end-users/
Customer Journey Tracking
On this website through technologies of Pixelpark GmbH (https://www.publicispixelpark.de) data is collected in an anonymized form (Marketing Cookies) and sent to Pixelpark GmbH. These cookies are set for the design in line with the needs, as well as to optimize this website and for the determination of statistical analyses and for cross-medial use. Pixelpark GmbH uses so-called “cookies” for this purpose. Text files that are saved on the computer and which enable an analysis of the use of the website (cf. “8. Cookies”).
The data is not used to personally identify the visitor of this website.
These anonymized usage data can be used both by website operators as well as by other advertisers and partners of Pixelpark GmbH in order to identify usage interests without it being possible to draw a conclusion about your identity as a visitor of a website.
This data protection policy applies to all data gathered and processed by B. Braun. In rare cases, the B. Braun Internet sites link directly to the websites of another party, for which the respective party itself is then responsible. However, any switching of this kind to external websites will be clearly announced to you in advance. We accept no responsibility for the handling of your data by the operators of other websites. When you exit B. Braun Internet sites, we therefore recommend that you ask all operators of the linked websites for their data protection policies.
Cookies, which collect and store data exclusively in pseudonymous form, may be utilized for this website. Based on this data, usage profiles are creased under a pseudonym. The data are not used to personally identify any visitor to this website and are not merged with the data relating to the holder of the pseudonym. You can object to this data being collected and stored at any time; this objection will then continue to apply in the future.
Social Media Plug-ins
As part of B. Braun's internet presence, third-party content may sometimes be used (plug-ins). This can take the form of Youtube videos, RSS feeds or graphics of other pages, or social media buttons, such as the Facebook Share button. Some data may be transmitted to and collected by the social networks, such as IP address, browser information and operating systems.
B. Braun has no influence on the amount of data collected by the social networks. The nature, scope and purpose of the data collection, information on the further processing of the data, your rights in relation to these and setting options for protecting your privacy are explained in the data protection policies of the respective social network.
Accessing the data protection policy
Contact person in data protection matters
If you have any questions regarding the processing of your personal data, please contact us via the following:
E-mail to our Compliance Officer email@example.com or to the Deputy Compliance Officer Chathuranga.firstname.lastname@example.org
or write to us:
B. Braun Lanka (Pvt) Ltd
Level 11, HNB Towers,
No. 479, T. B. Jayah Mawatha,
Attn: Compliance Officer