← Zur Startseite

Privacy notice

Last updated: April 2026

This privacy notice explains how ESH Pharma GmbH ("we", "us") processes personal data when you use our website eshpharma.de (or associated pages served from this domain).

Controller

ESH Pharma GmbH
Bismarckstr. 19 a
32756 Detmold
Germany
Email: info@eshpharma.de

Purposes and legal bases

  • Providing and securing the website (legitimate interests under Art. 6(1)(f) GDPR: stable operation, IT security).
  • Responding to enquiries you send by email (Art. 6(1)(b) GDPR if pre-contractual/contractual; otherwise Art. 6(1)(f) GDPR).
  • Compliance with legal obligations, e.g. commercial or tax retention where applicable (Art. 6(1)(c) GDPR).

Categories of data

Depending on use, we may process server log data (e.g. IP address in truncated form where technically possible, timestamp, requested resource, referrer, user agent), and the content of emails you send us (sender address, message text, attachments).

Hosting

The website is delivered via infrastructure operated for LyonTrack / ESH Pharma. Technical hosting and connection data are processed to display the site. Further details can be provided on request.

Cookies and local storage

The language preference on this site may be stored in your browser (local storage) to remember your selection. No advertising cookies are set for this informational site beyond what is technically required for delivery and security.

Recipients and transfers

We use processors (e.g. hosting, CDN) where necessary. A transfer to countries outside the EU/EEA only occurs on an appropriate legal basis (e.g. adequacy decision or suitable safeguards under Chapter V GDPR).

Storage periods

We store personal data only as long as necessary for the respective purpose or as required by statutory retention periods. Log data are typically kept for a limited period for security purposes unless longer retention is legally required.

Your rights

Where the GDPR applies, you have the right to access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction (Art. 18), data portability (Art. 20), and objection (Art. 21), as well as the right to lodge a complaint with a supervisory authority (Art. 77 GDPR).

Supervisory authority

The lead data protection supervisory authority for us may be determined once our establishment and main establishment are final. For North Rhine-Westphalia, the state commissioner for data protection and freedom of information is a common point of contact: www.ldi.nrw.de.

Changes

We may update this notice when our website or legal requirements change. The version dated at the top applies.