Politique de confidentialité
Data protection has a particularly high priority for BUCHI. It is possible to use the BUCHI website without providing any personal data. If a data subject wants to use special services of our enterprise via our website, processing of personal data could become necessary. If processing of personal data is necessary, this will only be done on the basis of legal regulations or your consent and solely for the purposes for which the data was collected or transmitted to us.
The processing of personal data, such as the name, address, e-mail address, or telephone number of a data subject shall always be in line with the EU General Data Protection Regulation (GDPR), and in accordance with the country-specific data protection regulations applicable to BUCHI.
As the controller, BUCHI has implemented numerous technical and organizational measures to ensure the most complete protection of personal data processed through this website. Nevertheless, Internet-based data transmissions can have security gaps, so that absolute protection cannot be guaranteed. For this reason, every data subject is free to transmit personal data to us by alternative means, for example by telephone.
This applies in particular to the websites (hereinafter also referred to as ”our website“ or ”our site” or with “we”, “us” or “our”).
In addition to our online offering, we provide free mobile apps that you can download to your mobile device. In no. 12, we therefore provide additional information on the collection of personal data when using our "BUCHI" mobile apps (hereinafter referred to as "apps").
- Name and contact details of the controller, data protection officer
- Definition of terms
- Collection of general data, personal data and information
- Use of service providers, transfer of data
- Web and apps analysis
- Use of social media links and plug-ins
- YouTube video integration
- Data security
- Your rights
- Tools and other third-party plug-ins
- Links to external websites
- Mobile applications
1. Name and contact details of the controller, data protection officer
The controller within the meaning of the General Data Protection Regulation, other data protection laws applicable in the Member States of the European Union and other provisions of a data protection nature is:
BÜCHI Labortechnik AG
Tel.: +41 (0)71 394 63 63
You can reach our data protection officer, Mr. Denkinger, at the e-mail address email@example.com or the aforementioned postal address with the addition of c/o "Data Protection Officer".
2. Definition of terms
a) Personal data
Personal data is any information relating to an identified or identifiable natural person (hereinafter "data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
b) Data subject
A data subject is any identified or identifiable natural person whose personal data is processed by the controller.
Processing means any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organization, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
d) Restriction of processing
Restriction of processing is the marking of stored personal data with the aim of limiting its future processing.
Profiling is any type of automated processing of personal data that consists of using such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects relating to that natural person's job performance, economic situation, health, personal preferences, interests, reliability, behavior, location or change of location.
Pseudonymization is the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separate and is subject to technical and organizational measures to ensure that the personal data is not attributed to an identified or identifiable natural person.
g) Controller or data controller
A controller or data controller is the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data.
Processor means a natural or legal person, public authority, agency or other body that processes personal data on behalf of the controller.
Recipient means a natural or legal person, public authority, agency or other body to whom personal data is disclosed, regardless of whether or not it is a third party. However, government agencies that may receive personal data as part of a specific investigative mission are not considered recipients.
j) Third party
Third party means a natural or legal person, public authority, agency or other body other than the data subject, the controller, the processor and the persons authorized to process the personal data under the direct responsibility of the controller or the processor.
Consent means any freely given indication of the data subject's wishes for the specific case in an informed and unambiguous manner in the form of a statement or any other unambiguous affirmative act by which the data subject indicates that they consent to the processing of personal data relating to them.
3. Collection of general data, personal data and information
When you visit our website, information is automatically transmitted to us by the browser used on your terminal device. When you use content on our websites, we collect the data described below to enable you to use functions conveniently. When you visit our website, the following data is collected without your intervention and temporarily stored in a so-called log file:
- IP address
- Date and time of the request
- Time zone difference from Greenwich Mean Time (GMT)
- Request content
- Access status / HTTP status code
- Data volume transferred in each case
- Website from which the request comes
- Browser used
- Language and version of the browser software
- Operating system and its interface
- App version
When using general data and information, BUCHI does not draw any conclusions about the data subject. Rather, this information is needed to
- deliver the contents of our website correctly
- optimize the content of our website and the advertising for it
- ensure the long-term functionality of our information technology systems and the technology of our website, and
- provide law enforcement authorities with the information necessary for prosecution in the event of a cyberattack.
Therefore, BUCHI analyzes anonymously collected data and information on one hand for statistical purposes and on the other for the purpose of increasing the data protection and data security of our enterprise, with the aim of ensuring an optimal level of protection for the personal data we process.
The anonymous data of the server log files is stored separately from any personal data provided by a data subject. The legal basis for data processing is Art. 6 para. 1 s. 1 let. b and let. f GDPR. Our legitimate interest follows from the aforementioned purposes for data collection.
In no. 8, we provide information about the integration of YouTube videos.
Using a contact form or via e-mail
When you contact us via a contact form or by e-mail, the data you provide (e-mail address, name, telephone number, address and information provided by you in the contact form) will be stored by us in order to answer your questions. If required by your request, the data may also be transmitted to companies affiliated with BUCHI or to market organizations and processed by them.
Data processing for the purpose of contacting us via our contact form is based on your voluntarily given consent according to Art. 6 para. 1 s. 1 let. a GDPR. If you contact us by e-mail, the data processing is based on our legitimate interest according to Art. 6 para. 1 s. 1 let. f GDPR.
Downloading of free downloads
We provide you with the option of free downloads (e.g., for brochures, technical data sheets, application notes and instructions, manuals, etc.) on our websites or apps. Before you can start the downloads, it is necessary for you to fill out a form by providing your name, e-mail address, zip code, and city, as well as other information, if any. We store this data and, if necessary, pass it on to the respective organization / area of operations.
The purpose of the processing is the statistical recording of the executed downloads as well as the promotional approach by BUCHI or the respective organization. The legal basis for this is Art. 6 para. 1 s. 1 let. a GDPR.
If you have also consented to the use of your data for the sending of newsletters and other marketing and advertising-related e-mails, we process the data for direct marketing purposes and link it to other information that BUCHI has stored about you in a customer profile. The legal basis for this is Art. 6 para. 1 s. 1 let. a GDPR.
4. Use of service providers, transfer of data to third parties
- You have given your express consent in accordance with Art. 6 para. 1 s. 1 let. a GDPR.
- According to Art. 6 para. 1 s. 1 let. f GDPR, the disclosure is necessary for the assertion, exercise or defense of legal claims or for the provision of our website or apps and there is no reason to assume that you have an overriding legitimate interest in the non-disclosure of your data.
- In the event that a legal obligation exists for the disclosure pursuant to Art. 6 para. 1 s. 1 let. c GDPR.
- The disclosure is permitted by law and is necessary for the processing of a contractual relationship with you according to Art. 6 para. 1 s. 1 let. b GDPR.
A cookie is a small text file that is stored on your hard drive or in the device memory of your mobile device and assigned to the apps or the browser you are using and through which we receive certain information. However, this does not mean that we thereby obtain direct knowledge of your identity.
Cookies allow us to tailor and optimize your experience on the website or to automatically fill out web forms for you. We also collect anonymous traffic data. You can set your Internet browser to block or remove cookies, but you may not be able to use certain features of our website if you do so. Some cookies, such as those from the content management system (CMS) Drupal, expire after one year. Some other cookies are deleted immediately after the browser session when you close your Internet browser.
We use so-called session cookies to recognize that you have already visited individual pages of our website or apps. These are automatically deleted after you leave our site or app.
In addition, we also use temporary cookies to optimize user-friendliness, which are stored on your terminal device for a certain specified period of time. If you revisit our site or apps to use our services, it is automatically recognized that you have already visited us in the past and which entries and settings you made. This means that you do not have to enter them again.
The data processed by cookies is necessary for the aforementioned purposes to protect our legitimate interests as well as those of third parties pursuant to Art. 6 para. 1 s. 1 let. f GDPR.
You can configure your browser setting or mobile operating system and app settings according to your preferences and, for example, decline to accept third-party cookies or all cookies. We would like to point out that you may not be able to use all functions of our website or apps if you decline cookies.
Technically necessary cookies are set on the basis of Art. 6 para. 1 s. 1 let. f GDPR.
Further information on the cookies we use on the respective websites can be found in our cookie lists:
Cookie Usage for Google Analytics 4:
- _ga (expiration time 2 years)
- _gid (expiration time 24 hours)
- _ga_<container-id> (expiration time 2 years)
- _ga_gb_<container-id> (expiration time 90 days)
Cookie Usage for Universal Analytics:
- _ga (expiration time 2 years)
- _gid (expiration time 24 hours)
- _gat (expiration time 1 minute)
- AMP_TOKEN (expiration time 30 seconds to 1 year)
- _gac_<property-id> (expiration time 90 days)
Absolutely necessary cookies
These cookies are necessary for the website to function and cannot be disabled in your systems. Typically, these cookies are set only in response to actions you take that correspond to a service request, such as setting your privacy preferences, logging in, or filling out forms. You can set your browser to block these cookies or to notify you about these cookies. However, some areas of the website will not work in this case. These cookies do not store any personal data.
With these cookies, the website is able to provide advanced functionality and personalization. They may be set by us or by third parties whose services we use on our site. If you do not allow these cookies, some or all of these services may not function properly.
These cookies allow us to count visits and traffic sources so that we can measure and improve the performance of our website. They help us answer questions about which pages are most popular, which are least used, and how visitors move around our site. All information collected by these cookies is aggregated and therefore anonymous. If you do not allow these cookies, we will not be able to know when you visited our website.
Cookies for marketing purposes
These cookies may be set via our website by our advertising partners. They may be used by these companies to profile your interests and show you relevant ads on other websites. They do not directly store personal information, but are based on a unique identification of your browser and Internet device. If you do not allow these cookies, you will receive less targeted advertising on the web.
Tracking pixels are small graphic files embedded in websites or emails. Tracking pixels may be used to communicate with cookies, count visitors to a website, and understand usage habits. Tracking pixels may also be included in e-mails to learn whether messages have been opened, edited, or forwarded. You can prevent information from being collected in this way through tracking pixels; to do this, you must block cookies as described above under ”Cookies”.
6. Web and apps analysis
Our websites use Google Analytics, a web analytics service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google“). By using Google Analytics, we want to ensure the needs-oriented design and ongoing optimization of our website as well as statistically record the use of our website in order to optimize our offer for you. The legal basis for this is Art. 6 para. 1 s. 1 let. f GDPR.
Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of this website is usually transmitted to a Google server and stored there. Our websites use Google Analytics with the extension “_anonymizeIp()”. This means that IP addresses are processed in abbreviated form, which means that they cannot be traced back to a specific person. Insofar as the data collected about you has a personal reference, this is therefore immediately excluded, and the personal data is thus immediately deleted. Google maintains data centers worldwide (inside and outside the EU, USA). We do not know whether your data may also be transmitted by Google to servers outside the EU and USA.
On our behalf, Google will use this information for the purpose of evaluating your use of our website, compiling reports on website activity and providing other services relating to website activity and Internet usage to the website operator (e.g., display advertising features such as remarketing, Google Display Network impression reports, DoubleClick Campaign Manager integration or Google Analytics reports on performance according to demographic characteristics and interests).
Under certain circumstances, Google may analyze your usage behavior across several end devices (PC, smartphone, tablet, etc.) by means of so-called cross-device functions and evaluate them for BUCHI. For this purpose, Google may link information generated via the respective end devices with each other and with data from your Google account for the purpose of personalized advertising, if you have a Google account and your settings there are such that Google can link your browser history with your Google account and that information from your Google account can be used to personalize advertisements.
As an alternative to the browser plug-in or within browsers on mobile devices, you can set an opt-out cookie that will prevent Google Analytics from collecting data within this website in the future (this opt-out cookie only works in this browser and only for this domain, so if you delete your cookies in this browser, you must click this link again).
Google AdWords Conversion Tracking
In addition, our websites use Google AdWords Conversion Tracking, a web analytics service provided by Google. The legal basis for this is Art. 6 para. 1 s. 1 let. f GDPR.
The conversion tracking cookie is set when a user clicks on an ad placed by Google. These cookies lose their validity after 30 days and are not used for personal identification. If you visit certain pages of our website within these 30 days, Google and we can recognize that you have clicked on the ad and have been redirected to this page. Each Google AdWords customer receives a different cookie. Cookies can therefore not be tracked through the websites of AdWords customers. The information collected using the conversion cookie is used to create conversion statistics for us. We learn the total number of users who clicked on our ad and were redirected to our site. However, we do not receive any information that personally identifies you. Google maintains data centers worldwide (inside and outside the EU, USA). We do not know whether your data may also be transmitted by Google to servers outside the EU and USA.
If you do not wish to participate in this tracking, you can easily deactivate the Google Conversion Tracking cookie via your Internet browser under User Settings. They will then not be included in the conversion tracking statistics. You can find further setting options on the page for deactivating Google advertising at https://www.google.com/policies/technologies/ads/.
The information provided under no. 6. "Google Analytics" regarding the third-party provider Google apply accordingly.
Google AdWords Remarketing
In addition to Adwords Conversion Tracking, we use the Google Remarketing application from Google. This is another procedure we use for reaching out to you. Through this application, our advertisements can be displayed to you during your subsequent Internet use after visiting our website. This is done by means of cookies stored in your browser, via which your usage behavior is recorded and evaluated by Google when you visit various websites. This allows Google to determine your previous visit to our website. According to its own statements, Google does not combine the data collected in the course of remarketing with your personal data that may be being stored by Google. In particular, according to Google, pseudonymization is used in remarketing.
The legal basis for the use of Google AdWords Remarketing is Art. 6 para. 1 s. 1 let. f GDPR. The underlying promotional purpose is to be considered a legitimate interest within the meaning of the GDPR.
The information provided under "Google Analytics" regarding the third-party provider Google applies accordingly.
Google Tag Manager
BUCHI uses the Google Tag Manager, a service provided by Google. This service allows website tags (tags are small code elements on websites that are used, among other things, to measure traffic and visitor behavior) to be managed through one interface. The Google Tag Manager itself (which implements the individual tags) is a cookie-less domain. Personal data is not collected by the Google Tag Manager. It merely ensures that other tags are triggered, which in turn may collect data. However, Google Tag Manager does not access this data. If a deactivation has been made at the domain or cookie level, this remains in place for all tracking tags implemented with Google Tag Manager.
The information provided under "Google Analytics" regarding the third-party provider Google applies accordingly.
For the evaluation of user behavior, information about the website or app usage is linked with an individually generated customer ID and, if applicable, with other data, with information about actions performed by the user on our websites or apps, with the data mentioned in section 3, and with other data that may already be stored in a customer profile about the respective user. User behavior is recorded and evaluated in a user profile if consent has been given to receive advertising and information material. If such consent is not given, the cookie only records anonymized data of the user.
You can disable cookies at any time, but this may result in the website or apps no longer being fully usable. Alternatively, you can opt-out. In this case Salesforce.com, Inc. deletes all existing Salesforce.com cookies and attempts to set a new cookie (no-tracking cookie) so that the objection is preserved for future visits to the website or app. The no-track cookie tells the Salesforce.com server not to create any user analytics for you in the future. If your browser is set to generally not accept cookies, a no-track cookie cannot be set. In addition, if you delete your cookies, use a different computer or a different web browser, you will need to perform the opt-out process again.
The legal basis for this is Art. 6 para. 1 s. 1 let. a GDPR, if and insofar as consent has been given, otherwise Art. 6 para. 1 s. 1 let. f GDPR.
BUCHI uses the Showpad sales promotion system from Showpad, Moutstraat 62, 9000 Ghent, Belgium, which measures the behavior of specific individuals in contact with BUCHI, e.g., during a customer or consultation meeting, and makes reports available to the sales organization. For the processing of the information collected, BUCHI asks for consent depending on local laws. Find out more at: https://www.showpad.com/gdpr
7. Use of social media links and plug-ins
Social media links/plug-ins
We use links/plug-ins to our profiles on the social networks Facebook, Instagram, Twitter, LinkedIn, XING and the video portal YouTube on our website or apps in order to make BUCHI better known via these services.
These services are only included as links to the corresponding social networks. No data is transmitted to the providers of these social networks if you do not click on the respective links. After clicking on the embedded links, you will be redirected to the page of the respective provider. Only then is user information transmitted to the respective provider.
Addresses of the respective providers and URLs with their privacy notices:
a) Facebook Inc, 1601 S California Ave, Palo Alto, California 94304, USA; https://www.facebook.com/policy.php; further information on data collection: https://www.facebook.com/help/186325668085084, https://www.facebook.com/about/privacy/your-info-on-other#Appslications as well as https://www.facebook.com/about/privacy/your-info#everyoneinfo.
b) Google LLC., 1600 Amphitheater Parkway, Mountainview, CA 94043, USA; https://www.google.com/policies/privacy/partners/?hl=de.
c) YouTube LLC., 901 Cherry Ave, San Bruno, CA 94066, USA; https://www.google.de/intl/de/policies/privacy.
d) XING https://www.xing.com/privacy
e) LinkedIn https://www.linkedin.com/legal/privacy-policy
8. YouTube video integration
We have integrated YouTube videos from YouTube LLC, 901 Cherry Ave, San Bruno, CA 94066, USA (“YouTube”), into our online offering. These videos are stored on https://www.youtube.com and can be played directly from our website or apps. YouTube videos are integrated to enable you to use our website or apps comfortably. The legal basis for this is Art. 6 para. 1 s. 1 let. f GDPR.
The YouTube videos on our website or apps are all embedded in “extended data protection mode”, which means that no data about you as a user is transmitted to YouTube if you do not play the videos. The data mentioned below is transferred to YouTube only when you play a video. We have no influence on this data transmission.
Google maintains data centers worldwide (inside and outside the EU, USA). We do not know whether your data may also be transmitted by Google to servers outside the EU and USA.
9. Data security
Within a website visit, we use the widespread TLS (Transport Layer Security) procedure in conjunction with the highest encryption level supported by your browser.
We take reasonable steps to protect personal information from loss and misuse. Please keep in mind that no Internet transmission is 100 percent secure. Some e-mails sent to or from websites may not be secure. Please take this into account when sending information to us by e-mail. Under no circumstances shall we be liable for any damages resulting from such inherent technical risks or security vulnerabilities of any kind.
10. Your rights
- the right to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data if it has not been collected by us, as well as the existence of automated decision-making, including profiling, and, if applicable, meaningful information about its details
- the right, in accordance with Art. 16 GDPR, to immediately demand the correction of incorrect data or completion of your personal data stored by us
- the right, in accordance with Art. 17 GDPR, to request the erasure of your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise or defense of legal claims
- the right to request the restriction of the processing of your personal data in accordance with Art. 18 GDPR, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure and we no longer require the data, but you need it for the assertion, exercise or defense of legal claims or you have objected to the processing in accordance with Art. 21 GDPR
- the right, in accordance with Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request that it be transferred to another responsible party
- the right, in accordance with Art. 7 para. 3 GDPR, to revoke your consent once given to us at any time. This has the consequence that we may no longer continue the data processing based on this consent for the future
To exercise the aforementioned rights, please send an e-mail to firstname.lastname@example.org or send us a message to the contact details provided on buchi.com.
Right of objection
If we process your personal data to protect legitimate interests within the meaning of Art. 6 para. 1 s. 1 let. f GDPR, you have the right to object to this processing on grounds relating to your particular situation in accordance with Art. 21 para. 1 GDPR. You may object to the processing of your data for direct marketing purposes in accordance with Art. 21 para. 2 GDPR at any time without giving reasons. In order to exercise your right of objection, it is sufficient to send us an informal message, for instance by e-mail to email@example.com.
Right to lodge a complaint
If you believe that the processing of personal data concerning you violates the General Data Protection Regulation, you have the right to lodge a complaint with a data protection supervisory authority pursuant to Art. 77 GDPR.
11. Tools and other third-party plug-ins
The BUCHI Service Team uses the Teamviewer application to access customer devices. Each individual access is based on the prior consent of the customer. Data protection statement: https://www.teamviewer.com/en/privacy-policy
GoToMeeting and GoToWebinar
To hold webinars, BUCHI uses the GoToMeeting and GoToWebinar applications. Data protection statement: https://www.logmeininc.com/en/legal/privacy
12. Links to external websites
Our websites may also contain links to other websites outside of our company and to websites not owned by our company.
If you choose to access other websites that may be linked to or from our websites, we encourage you to review the privacy policies of those other websites to learn if/how they collect and/or use information from you or your computer, as their privacy policies may differ from this one.
13. Mobile applications
A list of mobile applications used by BUCHI can be found here:
The applications acquire the information you provide when you download and register the application. Registration with us is optional. However, keep in mind that you may be able to use some features of the application only if you register with us. When you register with us and use the application, you typically provide the following information about yourself: (a) name, (b) address, (c) company name, (d) town, (e) country, (f) e-mail address. We may use the information you provide to contact you from time to time with important information and marketing promotions.
An application may obtain data from your camera with your permission. The use of the camera sensor data is optional. If you allow our apps to access your camera sensor, we only use it to scan BUCHI-specific QR codes. This data is treated in a protected manner. It is transmitted only via HTTPS protocol.
We may share your user details with other companies in our group. In addition, the details are also passed on to our vicarious agents and subcontractors if necessary for processing (pursuant to no. 4).
We do not use the application to knowingly solicit data from or market to children. If a parent or guardian becomes aware that their child has provided us with information without their consent, they should contact us at firstname.lastname@example.org. We delete such information from our files within a reasonable period of time.
In addition to mobile apps, BUCHI also offers web apps that can be launched and used in the browser. Here is a list of the apps currently in use:
In the event of being hired, the data you provide as part of the application process will be stored and processed as employee data. The legal basis for the processing of your data is Art. 6 para. 1 let. a GDPR.
By applying for a vacant position, you are providing BUCHI with your personal data. Your personal data is collected, compiled and used by BUCHI for the sole purpose of processing your application and managing the staffing process.
At BUCHI, vacancies are filled in cooperation with the responsible members of our HR department and managers from the specialist department. Your personal data will only be made available to and processed by employees who are entrusted by us with filling vacancies.
The managers from the specialist departments as well as our HR department employees may belong to different companies of the BUCHI Group. Thus, your data may be exchanged worldwide within the BUCHI Group.
Your personal application data will not be passed on to third parties. If you are unsuccessful in the application process, your application data will be automatically deleted six months after this process has been completed, unless a legal provision prevents deletion, further storage is necessary for the purpose of providing evidence, or you have expressly consented to longer storage. If the position for which you have applied is filled by someone else, BUCHI will delete all your personal data.