Data privacyCovestro is aware that the protection of your private information is a very important concern as you use our websites. We take the protection of your personal data very seriously. Therefore, we would like to take this opportunity to explain the basic principles we apply in handling your personal data. This information is always provided whenever such data is collected.
The following document refers to the statutory regulations of the EU General Data Protection Regulation, as an example. To ensure better legibility, this global Data Privacy Declaration does not refer to national regulations, which are frequently comparable. If necessary, these and other information are listed in a country-specific explanation (please see the “You are here” column).
If we obtain consent from a data subject to process personal data, Art. 6 para. 1 lit. a. of the EU General Data Protection Regulation (GDPR) serves as the legal basis for processing such personal data. When processing personal information necessary to fulfill a contract to which the data subject is a contractual party, Art. 6 para. 1 lit. b GDPR serves as the legal basis. This also applies to processing procedures necessary to take steps prior to entering into a contract. If personal data must be processed to fulfill a legal obligation of our company, Art. 6 para. 1 lit. c GDPR serves as the legal basis. If data processing is required to safeguard a legitimate interest of our company or a third party, and if the interests, basic rights, and basic freedoms of the data subject do not outweigh the above interest, Art. 6 para. 1 lit. f GDPR serves as the legal basis for processing. Our company has a legitimate interest in carrying out and improving our business activities and in ensuring and improving the proper and error-free operation of the website and further coordinating website operations to the needs of users.
Collecting and processing information
You can use Covestro's website without providing any personal data to us. Some offers and services available on our websites, however, do require personal information to access.
Recording technical access data
When you visit our websites, Covestro uses an automated system to collect data and information. However, this information is not associated with any individual for the purpose of assessing their behavior. Technical access data saved in server log files includes, for instance, the following data:
- Information on the user’s browser type and version
- The user’s operating system
- The user's internet service provider
- The user’s IP address
- The date and time of access
- Websites by which the user’s system was referred to our website (referrer)
- Websites accessed by the user’s system through our website.
Data is processed to deliver the content of our website, to ensure the functionality of our IT systems, and to optimize our website, as well as to protect our justifiable interests and clarify any issues in case of unauthorized access or attempts to access our website (Art. 6 (1, f GDPR).
You can prevent cookies from being saved by changing your browser settings at any time. Saved cookies can be deleted at any time.
We would like to note that, if you deactivate cookies, you may not be able to use all of the functions of our website to their fullest extent.
Cookies/pixels on this website*
* Cookies regularly deleted at the end of a session are not listed here.
Google Analytics (Cookie)
Google Analytics is integrated into our website.
The information saved by Google Analytics cookies includes the date and time the website was visited, the frequency with which the user visited the website and the user’s approximate location. To determine the user’s approximate location, Google first records the user’s IP address. On our website, however, we have activated IP anonymization. As a result, within the member states of the European Union or in other contracting states to the Agreement on the European Economic Area, your IP address is shortened by Google before it is transmitted to the USA; for example, by deleting the last octet of IPv4 user IP addresses or the last 80 bits of IPv6 addresses.
On our behalf, Google will use the above-mentioned information to evaluate your use of the website, compile reports about website activities and provide the website operator with additional services connected with the use of the website and the internet. You can prevent Google Analytics from saving cookies by selecting the appropriate settings in your browser (“Private Mode”, found under Settings on most browsers). It should be noted, however, that you may not be able to make full use of all functions of this website in this case. In addition, you can prevent Google from collecting the data, which is generated by the cookie and related to your use of the website (including your IP address), and from processing this data by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de. Additional information on data protection in relation to Google Analytics can be found directly on Google.
Marketing Data Management
Covestro and its associated regional branch offices use data and communication technology to process and profile personal information (personal data). Data processing is carried out for two primary purposes, for which the communication channels listed below are used:
- Fulfillment of requested digital services: Covestro offers a range of digital services and online services that require data processing and communication with users, based on their nature. These services include, but are not limited to: registering for webinars and digital events (such as online exhibition booth), inquiries submitted via the contact form, exclusive downloads of PDF documents, sample orders, general inquiries, newsletter registration, survey registration, meeting inquiries, text chat. The communication channel used to fulfill these requests will depend on the specific service ad from the data provided by the user. Generally, one of the following channels will be used: e-mail, telephone, text chat or web browser notification.
- Advertising / marketing communication: in addition to the aforementioned fulfillment of digital services, users can consent to advertising / marketing communication (opt-in). the purpose of the advertising communication is to inform the user regarding in-person and digital events, products, job functions or industry-relevant expertise and surveys, in order to improve user and customer experiences with Covestro.
The communication channel used depends on the type of good purchased, and the data provided by the user. Generally, one or more of the following channels will be used: e-mail, telephone, text chat or web browser notification, LinkedIn Matched Audience, Facebook Custom Audience, Google Ads Audience.
Users may revoke their consent to advertising / marketing communication at any time by sending a notification to Covestro. Furthermore, they can revoke this consent via the contact form.
Data processing includes collecting information applicable to known and unknown users of Covestro websites, as well as to known stakeholders and customers with and without contractually agreed business relationships.
Data management also includes comparing and assembling current and historical information. This type of data processing is used both for information from the same source (such as from the same web form, if it was completed twice), as well as for data that comes from different sources (such as a contact form to order a brochure at a Covestro exhibition booth). The comparative criterion used is a combination of the user's last name and e-mail address, or last name and WeChat name.
The goal of collecting and managing the above information is to create a contact profile. The contact profile is supplemented using analytic and statistical methods based on heuristic algorithms. This approach is also called contact scoring and segmenting.
In some cases, your data may also be processed in countries outside of the European Union (“EU”) or European Economic Area (“EEA”), e.g. In areas which may have a lower level of data privacy protection than the EU. In such cases, we conclude contractual agreements or other measures with our contractual partners to ensure they provide a sufficient level of protection for your data, or we ask you for your explicit consent.
Generally, users must be registered to access content or services. Registered individuals may request that their stored data be deleted or modified at any time.You have the right to object to the processing of your personal data at any time. Data subjects can receive information regarding their saved personal data at any time.
Social networks and other websites
Other personal information is only collected if you provide it to us, for instance by filling out a form, sending e-mails, while placing an order for services or products, or while making an inquiry or requesting materials.
Our website includes a contact form that can be used to contact us electronically. If you choose this option to contact us, personal information you provide will be saved automatically. Data is saved only for the purpose of processing or contacting the person in question.
Alternatively, you can also contact us at the provided telephone number or in writing via the provided address.
If you subscribe to our company newsletter, the data you enter in the input fields will be submitted to the entity responsible for data processing.
When a user registers for our newsletter, their IP address and the date and time of registration are saved. This is done to prevent a misuse of services or misuse of the individual’s e-mail address. Data is never transmitted to third parties, except if we are required to transmit such data by law.
This data is only used to send the newsletter. The affected person can cancel their newsletter registration at any time. They can also revoke their consent to have their personal information saved at any time. A link is provided in each newsletter for this purpose.
Transmitting data for the purpose of contract data processing
In some cases, we use specialized service providers to process your data. These providers only process personal information on our behalf, acting strictly in accordance with our instructions and based on relevant agreements for contract data processing.
Data processing outside of the EU / EEA
In some cases, your data may also be processed in countries outside of the European Union (“EU”) or European Economic Area (“EEA”), areas which may have a lower level of data privacy protections than the EU. In such cases, we establish contractual agreements or other methods with our contractual partners for ensuring they provide a sufficient level of protection for your data, or we ask you for your explicit consent.
Storing your data
We save your personal information as long as necessary to complete a service you have requested or consented to, unless we are subject to other legal obligations such as commercial or tax law retention periods or those related to ongoing court proceedings.
(Log files on websites 2 years, contact inquiries - response center - 6 years).
Data you provide to us is protected using suitable technical and organizational means, with the objective of securing it against accidental or intentional manipulation, loss, destruction, unauthorized access, or unauthorized disclosure to third parties. Our security measures are continuously reviewed and improved in accordance with technological developments and organizational possibilities.
Your personal data is only transmitted to service providers in a third country if the specific requirements of Art. 44 et seqq. GDPR are fulfilled.
Information about your rights
You have the right to:
- receive information on your personal data saved by us;
- have your personal information corrected, deleted, or to have processing restricted;
- ·object to processing that serves our justifiable interest, the public interest, or profiling, unless we can show that there are mandatory grounds for this processing which outweigh your interests, rights, and freedoms, or unless the processing is completed to assert, exercise, or defend legal claims;
- have your data transmitted to the extent allowed under the law, such as in Art. 20 GDPR, and
- submit a complaint to a supervisory authority in your country if available, or to the State Officer of Data Privacy and Freedom of Information of North Rhine Westphalia, P.O. Box 20 04 44 40102 Düsseldorf.
You can revoke any consent you have granted to have your personal information collected, processed, and used at any time, effective for the future. Further information is provided in the individual sections describing data processing to which you must consent.
A written letter sent to the Group Data Privacy Office will be sufficient (for address and contact form see below).
Protecting the privacy of children
We do not knowingly collect the personal information of children. Typically, we have no way of knowing how old visitors to our site are. Since it is highly important to us to protect children as they use the internet, we advise all parents and guardians to teach their children how to use the internet safely and responsibly. Children should not transmit personal information to Covestro without the express consent of their parent or guardian.
Covestro AG is responsible for the content of this website.
51373 Leverkusen, Germany
Phone: +49 214 6009 2000.
If you have any questions or suggestions related to data privacy, please contact the Covestro AG Group Data Privacy Office
51373 Leverkusen, Germany
Phone: +49 214 6009 200
Ongoing development on the internet requires that we adjust our data privacy declaration from time to time. We reserve the right to make such changes at any time.