Information on the responsible authority

The following party is responsible for processing your personal data:

R-Biopharm AG
An der neuen Bergstraße 17
64297 Darmstadt, Germany
Tel.: +49 (0) 6151 – 8102-0
Fax: +49 (0) 6151 – 8102-40


Further information can be found in the imprint.

We at R-Biopharm AG (“Biopharm”) take the privacy of your personal data very serious. Your privacy is an important matter for us. We process your personal data in accordance with the applicable statutory data protection requirements for the purposes listed below.

Personal data, in the context of the data protection information presented here, includes all data with reference to your person. This covers, contractual data including your contact data, your settlement data, plus details on communication with you (“personal data”). We process your personal data in accordance with the applicable statutory data protection requirements for the purposes listed below.

Some of the processes or services are performed by carefully selected and contracted service providers. We transmit or receive personal information about these service providers solely based on a processing agreement. If the service provider is located outside the European Union or the European Economic Area, a third country transmission takes place. With these service providers, data protection agreements that comply with the legal requirements are established in order to guarantee an adequate level of data protection.

Information on your rights

You have the right

  • to request confirmation from us as to whether your personal information is being processed;
    if this is the case, you are entitled to obtain details about this personal data; you may also receive the information specified in Art. 15 of the GDPR.
  • to request that we correct your data if it is deemed to be incorrect, inapplicable and/or incomplete. Such rectification of data also covers duties of completion through explanation or notification.
  • to request that we delete personal data relevant to you without delay
    if one of the reasons specified in Art. 17 of the GDPR applies.
    Unfortunately, we may not delete data that is subject to a legal retention period.
    If you would prefer that we never collect data from you or never contact you again in the future, we shall store such relevant contact details in a blacklist.
  • to revoke any consent given by you with future effect and without any negative consequences for you.
  • to request from us that processing be restricted if one of the prerequisites listed in Art. 18 of the GDPR is provided.
  • to object at any time to the processing of personal data relevant to you on grounds relating to your particular situation.
    We shall no longer process personal data in the event of an objection, unless we can demonstrate compelling legitimate grounds to do so, which override your interests, rights and freedoms,
    or such processing is required for the establishment, exercise or defence of legal claims (Art. 21 of the GDPR).
  • to request that the data relevant to you be issued in a commonly used electronic and machine-readable format. This also covers the issuance (if possible) to another responsible party specified by you directly. (Art. 20 of the GDPR)
  • without prejudice to another administrative or judicial remedy and if you believe that
    the processing of your personal data is in breach of the GDPR, to file a complaint with

    • our data protection or by post (see imprint)
    • to assert claims vis-à-vis the supervisory authority in the member state of your place of stay, your place of work or the location where the alleged violation took place.

If you have any questions or comments on data protection (for example, with regard to information about/updating your personal data), please send them to the following email address or by post (see imprint) using the keywords “Data Protection”.

Deletion of your data

Unless otherwise regulated in the more detailed data protection declarations, we will delete your personal data once the contractual relationship with you has ended, you have exercised your right to deletion, all mutual claims have been met and there are no other legal storage obligations or legal justifications for storage. As a rule, storage periods under commercial law for financially relevant data are up to 10 years. We may also store data for as long as is necessary to protect ourselves from claims that may be asserted against us. These periods can be up to 30 years.

Changes to the Privacy Policy

We reserve the right to change our privacy policy if necessary and to publish it here. Please check this page regularly. Subject to the applicable legal provisions, the updated declaration will enter into force upon publication. If we have already collected information about you that is affected by the change and/or is subject to a statutory duty to provide information, we will also inform you of any material changes to our privacy policy.