May 25, 2018
Personal data are information that can identify you or could be used to potentially identify you personally. JPT only accepts requests for any kind of communication if you are a representative of a company, university, institute or another legal entity in the field of science and technology. You cannot inquire about products nor can you place orders with JPT if you are acting as an individual and are not affiliated with a recognized scientific institution or registered company. Thus, any personal information collected by us in the course of conducting business with you or providing information to you will only identify you as an agent of the institution you are employed by, are associated with or acting on behalf of. You must be at least 18 years of age and of full legal capacity in order to engage in communication with us. This means that JPT will not knowingly store any personal data of children. If you are aware that any minor has provided us with information please contact us by any of the means detailed below.
Purpose of Collecting Personal Data
Generally, we only collect personal data from your requests in order to provide you JPT’s products and services and communicate with you. This means that we will use these data to initiate, conduct and finalize contractual business interactions with you, process payments or respond to business or scientific inquiries, discuss your concerns or react if you report issues with our products or services. To that end, we will add data from your transmission to our customer database in order to process the request and to provide progress updates if applicable. JPT will never sell, rent or pass on any personal data to any third party except a) in the case of legal requirements or b) for the fulfilment of contractual obligations e.g. the recruitment of outside services and resources when it is agreed upon in the contract between the customer and us. As we are constantly striving to improve upon our existing products and developing new ones, we may also use your contact information to notify you of products, services or promotions that are relevant to your research. Such communication may include information about third party activities if we think this is appropriate to your area of interest. If you do not wish to receive this information, simply notify us. All communications that you receive from JPT will provide the opportunity to opt out of future exchanges.
We may also use part of the data we collect from you for internal marketing and business purposes in order to improve upon the products and service we offer. That means that we may collate part of the data you provide in anonymized or pseudomized form to produce statistics and other analyses for internal use.
Types of Personal Data We Collect and What We Do With Them
The kind of personal data we may collect when you use the JPT digital services or when you contact us personally by any means of communication are described in this section. This includes data you provide us or we collect automatically.
Data you provide
To access most of the information or services provided by the JPT website, you don’t have to register with us. However, in order to request a quote or place an order, registration is compulsory through either our website or written communication. Typically, personal data collected, processed and stored by JPT upon registration include names, academic title, position, phone numbers, email addresses and postal, billing and delivery addresses of the institution or company you are affiliated with. We may also ask you to provide information about your areas of research interest. When an order is placed with JPT we will obviously also ask you for and store billing information such as account or credit card details. We will never collect personal data from anyone but you directly except when authorized by you.
Data we collect automatically
By using JPT’s websites certain types of information are automatically stored in the hosting company’s computer log files. These data may include the following information: browser type and version, IP number of the user, date and time of access, referring websites. These data only serve the purpose of maintaining functionality of the website and delivering its content to you. They are not used to track you or identify you personally.
Cookies and other tracking technologies
JPT on Social media
We maintain a presence on several social media platforms such as Facebook, Linkedin and Twitter to facilitate interactions with customers or interested persons. However, we do not collect personal data via these platforms nor do we use so-called “social media buttons” to monitor the usage of JPT’s websites when being logged in to any such platform. Thus, to use interactive features of social media platforms like "Share buttons", "Like buttons" and so on, you must be a registered user of the platform and navigate to JPT’s site on the platform yourself. There are links to those platforms from JPT’s websites but they will not track your activities for any of the platforms.
Newsletters and general announcements
From time to time JPT sends out newsletters by email to all registered customers who have not objected to the use of their email for that purpose. These newsletters serve to inform institutional customers or interested persons of innovations, new products or changes in JPT’s business areas and can also be subscribed to without registering by sending your contact information to JPT. No other data other than name, affiliation and email address is necessary to receive our newsletter and no data from processing the newsletter will be shared with third parties. Email addresses that reject reception of the newsletter are seen as invalid and are removed from the recipient list.
Customer credit card and other billing account numbers will be used only for the fulfilment of individual transactions. We utilize SSL (Secure Sockets Layer) to ensure safe and secure payment transactions made in our online shop. With SSL, information sent via the Internet is encrypted, and can be trusted to arrive privately and unaltered. We believe this element provides the most effective way to ensure that your order information is protected while offering a very secure shopping environment.
Sanction Breach Prevention
JPT is required by law to ensure that no business is conducted with persons or entities sanctioned by national and international bodies for their links to terrorism, money laundering and other crimes. In order to comply with those requirements, JPT will search names and affiliations of any potential, new or existing customers against appropriate databases containing lists of sanctioned individuals and institutions. If a customer is based within the European Union, the matching is done within JPT’s computer systems in Germany by loading the EU and the UN sanction databases from the internet and executing a search-and-match algorithm. Customer names from institutions originating from outside the EU will additionally be checked against appropriate databases from US government agencies. Here, data processing is done on computer systems in the United States. If a customer name or customer institution is flagged by the search algorithms a remark is stored within JPT’s customer database preventing any dealings with the suspicious person without further review by the management. Customer names and affiliations that are already stored in JPT’s database will be subject to periodical review with regard to sanction lists at least once a year.
Storage, Correction and Deletion of Personal Data
Any personal data we collect may be stored for the duration of time required for the purposes specified when you gave the information to us or that is appropriate and necessary for the fulfilment of that purpose. In general, any contact information you gave to us by sending us a request for information or quotes is stored in our databases for an indeterminate period of time to enable us to review contact history and react more swiftly and comprehensively to any new requests. However, the personal details of any customer not having had any contact with us for more than five years will be reviewed by the management where after a decision will be made to keep or delete the record from our databases. You may at any time notify us of inaccuracies with regard to your personal data in which case we will correct that information as soon as reasonably possible. Furthermore, you may at any time demand deletion of your personal data stored in our systems the completion of which will be confirmed in a timely fashion. In any case, personal data of customers will be stored at least as long they are necessary for the processing and completion of pending contractual obligations and at least as long as legal requirements e.g. for storing and archiving data or for reporting to government authorities demand.
Automatically collected information from visiting our websites as explained above are deleted when you leave the website or in case of storage in a log file after a maximum of 7 days. Information stored in cookies can only be deleted by you as this is dependent on your browser settings.
Legal Basis for Processing of Personal Data
A legal basis is required by law for all personal data collected by JPT in its interactions. If you register with JPT through either its websites or by written communication you will be asked for your consent to collect, process and store your personal data necessary for any interaction with you. The legal basis for this within the European Union is set forth in Article 6 (1a,b) of the EU General Data Processing Regulation (GDPR) “Lawfulness of processing”. You may at any time withdraw your consent in oral or written form, however, this will lead to us being unable to interact in any meaningful way with you thenceforth. The withdrawal of consent will have no impact on any data processing having occurred in the past nor will it influence any contractual obligations of which you are a part of at the time of withdrawal.
Legal obligations such as prevention of sanction breach as detailed above do not require consent of the affected person. Here, Article 6 (1c) is applicable as a reason for processing of personal data within the EU.
In other cases, e.g. when temporarily storing IP addresses and other information to maintain usability and functionality of JPT’s website or by using cookies as explained above, JPT has a legitimate interest to react in a meaningful and comprehensive manner to your requests while on the other hand not imposing significantly on any interests or fundamental rights of you. Therefore, collection of these types of data described above is in covered by GDPR Article 6 (1f).
Third party suppliers, contractors and resources
JPT may recruit outside companies or institutions in order to be able fulfil contracts with the customer. Examples would be the outsourcing of certain assays, tests or other services. In those cases, names and affiliations of customers may be accessible to the third party. We will always instruct third-party contractors not to use your personal data for any purpose other than the agreed business operation and to handle personal data in accordance with this privacy notice.
Security of your personal data
JPT employs extensive technical, organisational and physical controls to make sure that your personal data collected by us are secure and protected from unauthorized access. However, there will always be a non-negligible risk that your communication could be intercepted or that computer systems may be compromised with malicious intent. Should there be a breach of information system integrity and should that lead to a loss of personal data, we will inform the affected customers ideally immediately after but in any case at most 72h after becoming aware of the incident. JPT will in this case also inform the local Data Protection Authority as required by law. Please be advised to assess the risks of sending personal data to JPT before submitting your details.
Privacy Choices and Responsible Persons
If you have questions or remarks about this policy or any of the personal data we collect from you please contact us by any means detailed below. You may also seek disclosure about what personal data we have collected from you at any time and obtain a copy of those data in machine-readable format. At any time you may object to JPT’s collecting personal data from you, opt-out or unsubscribe from newsletters or other communication by simply telling us. However, be aware that those choices may impact our ability to communicate with you.
If you wish to contact us with regard to privacy issues please direct your communication to:
JPT Peptide Technologies GmbH
D-12489 Berlin, GERMANY
Dr. Tobias Knaute, Data Protection Officer
Dr. Holger Wenschuh, Managing Director