BASF Construction Chemicals South Africa (Pty.) Ltd. is delighted that you have visited our website and thanks you for your interest in our company. We take data protection very seriously.
Who is the controller and who is the data protection contact?
The data controller is:
You may also contact our data protection coordinator Nafisa Hendricks via the e-mail address
You may lodge a complaint with our data protection coordinator or with a supervisory authority, in particular in the country of your habitual residence, place of work or place of the alleged infringement.
Alternatively, you can contact the supervisory authority responsible for us:
- What personal data we collect when you visit and interact with our website, for what purposes and what is the legal basis for the processing
- What recipients may receive your personal data
- How we protect your personal data
- Your rights regarding the processing of your personal data
- Data protection for minors
1. What personal data do we collect when you visit and interact with our website, for what purpose, and what is the legal basis for this?
1.1 When you visit our website without contacting us or signing in, your browser transmits the following information automatically to our server:
- IP address of your computer
- Information about your browser
- Website that you were on right before you landed on our website
- URL or file requested
- Date and time of your visit
- Volume of data transmitted
- Status information, e.g. error messagesThe purpose of this data processing is to
- Send the requested content to your browser. In doing so, we store the complete IP address only to the extent necessary to serve the requested content to you.
- Send your IP address to a service provider to map your public IP address with company- and industry-related information (no personal information). We will store this industry-related information. In this process, your IP address is not stored at our service provider or in our system at any time.
- Protect us from attacks and to safeguard the proper operation of our website. In doing so, we store said data transiently and with restricted access for a maximum period of 180 days. Excluded from this deletion following a maximum of 180 days is data regarding access required for the further tracking of attacks and faults.
The legal basis for the processing of this data is Art. 6 para. 1 letter (f) General Data Protection Regulation (GDPR). Our legitimate interests are derived from the data processing purposes mentioned above.1.2 If you contact us by e-mail or via the contact form on our website, we receive the following information:
- Name and surname
- Your e-mail address and further personal data that you provide by e-mail or fields in a contact form
- Any further information provided voluntarilyAt the time of sending the message, the following data is also saved:
- The date and time of your messageThe purpose of this data processing is to
- Process your message
Any other personal data processed during sending is used to prevent misuse of the contact form and ensure the security of our technical information systems.
The legal basis for the processing of this data is Art. 6 para. 1 letter (f) GDPR. Our legitimate interests are derived from the data processing purposes mentioned above, in particular answering your requests, ensuring our overall responsiveness and evidence in case of any questions or disputes.1.3 Our website offers the option of subscribing to a free newsletter. When a user registers for the newsletter, the following data entered into the input screen are transmitted to us:
- IP address of the accessing computer
- Name and surname
- Your e-mail address
- Any further information provided voluntarilyAt the time of registration, the following data is also saved:
- Date and time of registrationThe purpose of this data processing is to
- Send you the newsletter to which you have subscribed
Any other personal data processed during the registration procedure is used to prevent misuse of the contact form and ensure the security of our technical information systems.
The legal basis for sending of the newsletter to which you have subscribed is your consent pursuant to Art. 6 para. 1 letter (a) GDPR. Please note that you can withdraw this consent at any time. The withdrawal, however, will not affect the legitimacy of the processing occurred before the withdrawal.
Further, you have the right to object to the processing of your personal data for the purposes of direct marketing (Art. 21 para. 2 GDPR).
For our newsletter’s registration process, we use what is known as the “Double Opt-In” procedure. When you subscribe to the newsletter on our website, you will receive an e-mail to the e-mail address provided during registration asking you to confirm your registration.The purpose of this data processing is to
- prevent incorrect or unauthorized e-mail addresses being used for registration
The legal basis for the processing of your e-mail address for the Double-Opt-In procedure is Art. 6 para. 1 letter (f) GDPR. Our legitimate interests are derived from your registration to the newsletter mailing list, this representing a relevant and appropriate relationship in the sense of recital 47 of the GDPR, as well as from the fact that the provision of information about new products or services as well as activities and events, is common in the business and both expected and appreciated by the majority of our customers.1.4 We provide free, downloadable information on our website (for example, white papers, webinars, planning tools, and similar). Before you can download the free information, the following information will be transmitted to us via an input screen:
- The user's IP address
- Date and time of registration
- Name and surname
- E-mail (as user name)
- User group (e.g. architect)
- Any further information supplied voluntarilyAt the time of registration, the following data are also saved:
- Date and time of the downloadThe purpose of this data processing is to
- Provide the desired information
- Approach you with offers
Any other personal data processed during the registration procedure is used to prevent misuse of the input screen and ensure the security of our technical information systems.The legal basis for the processing of this data is Art. 6 para. 1 letter (b) GDPR. The commercial use of your personal data is part of the benefits of our mutual relationship.
Some cookies will be always activated as they are necessary for the operation and the functioning of the website. The legal basis for such cookies will be Art. 6 para. 1 letter (f) GDPR (our legitimate interest in a proper functioning of the website). Therefore, you will not be asked to give your consent to the activation of these cookies.
Other cookies, e.g. analytical or performance measurement cookies, are used to collect information about how you interact with our website and allow us to remember you. We use this information in order to improve and customize your browsing experience and for analytics and metrics about our visitors both on this website and other media. Our cookie banner will offer you the option to give or deny your consent for the activation of these cookies. The legal basis for such cookies is Art. 6 para. 1 letter (a) GDPR.
2.3 The following cookies are necessary for the smooth operation and specific services of our website:
Cookie Purpose Deletion
MBS Country Language Selector CountryLanguage nameAnti Xsrf Token The cookie is only set and stored with the value "true" when a user hits a selection value in the country and language sector, provided that the automatic display of the same is active. Otherwise the cookie doesn’t exist.This cookie and its value are regenerated with each session. It ensures that requests are made from the same browser to prevent tampering. For details see https://www.owasp.org/index.php/Anti_CSRF_Tokens_ASP.NET 1 year after you visit our siteWill be deleted as soon as you clear your cache or close your browser ASP.NET SessionId Unique browser session. Currently only needed for the CAPTCHA. Will be deleted as soon as you clear your cache or close your browser File_Download Only set if a document download occurs in the same window (via a hidden iFrame). Current query, then immediately validated FedAuth Ensures the logged on access after a user has successfully logged in. Will be deleted as soon as you clear your cache or close your browser [UserName]_userProject Saves the configuration of the project currently compiled so that it can later be sent to the server; in addition, the project is retained so newcomers to the site do not lose it. Will be deleted as soon as you clear your cache or close your browser [UserName]_tempData Stores temporary information about the user/account status for corresponding UI handling: newsletter, user locked, draft for administrators. Will be deleted as soon as you clear your cache or close your browser IdsrvauthIdssrvauth Ensures logged in access after a user logs in successfully. Will be deleted as soon as you clear your cache. If “keep me logged in” selected: 1 year after you visit our site IdSrvUserLang Saves the currently selected language so that it will be displayed again the next time you visit. 1 year after you visit our site wsfedsignout Saves the return URL back to the external application for after a successful login/logout process during the same session. Will be deleted as soon as you clear your cache or close your browser.
2.4 We use the following cookies to measure our web audience:
2.5 We have integrated HubSpot, a customer relationship analysis service, into our website. HubSpot uses what are known as “web beacons" and cookies that are stored on your computer.
If, while on our website, you
and you have given consent via the cookie banner to the use of more than necessary cookies by our website, HubSpot will use the cookies listed below to collect the described data:
- Subscribe to our newsletter
- Use our download area, or
- Fill out our contact form,
Cookie Purpose Deletion __hstc The main cookie for tracking visitors. It contains the domain, utk (see below), initial timestamp (first visit), last timestamp (last visit), current timestamp (this visit), and increments for each subsequent session. 13 months after you visit our site hubspotutk This cookie is used to keep track of a visitor's identity. This cookie is passed to HubSpot on form submission and used when deduplicating contacts. 13 months after you visit our site __hssc This cookie stores the sessions. This is used to decide if the session number and timestamp in the _hstc-Cookie should be increased. It contains the domains, view count (increases every page view in a session) and the session start timestamp. 30 minutes after you visit our site __hssrc Whenever HubSpot changes the session cookie, this cookie is also set. We set it to 1 and use it to determine if the user has restarted their browser. If this cookie does not exist during cookie management, we assume it is a new session. Will be deleted as soon as you close your browser
3. To what recipients do we transmit your data?
We transmit the personal data mentioned in Sections 1.1 to 1.4 to data processors based in the European Union. Such data processors process personal data only on instructions from us and the processing is carried out on behalf of us.
The personal data mentioned in Section 2.5 is transmitted to the operator HubSpot. The data processing by HubSpot is based on the standard contractual clauses pursuant to the European Commission Decision of 5 February 2010.
4. How do we protect your personal data?
We implement technical and organizational measures to ensure an appropriate level of security to protect your personal data against accidental or unlawful alteration, destruction, loss or unauthorized disclosure. Our security measures will be continuously enhanced in line with technological developments.
5. What rights do you have?
You have certain rights under the GDPR:
Right of access: You have the right to receive information about your personal data processed by us and about certain other pieces of information (such as, for example, what is provided in this Privacy notice).
Right to correction: If your personal data is inaccurate or incomplete, you have the right to have your personal information rectified.
Right to deletion: Based on what is known as 'the right to be forgotten', you can request the deletion of your information regarding such personal data where we are under no retention obligation. The right to deletion is not free from exceptions. We have the right to continue using your personal data if such use is necessary for compliance with our legal obligations or for the establishment, exercise or defense of legal claims.
Right to restrict processing: This right concerns the restriction of the use or type and manner of use of your data. Please note that this right is limited in certain situations. When we are processing your personal information that we collected from you with your consent you can only request restriction on the basis of: (a) inaccuracy of data; (b) where our processing is unlawful and you don’t want your personal information erased; (c) you need it for a legal claim; or (d) if we no longer need to use the data for the purposes for which we hold it. When processing is restricted, we can still store your information, but may not use it further. We keep lists of people who have asked for restriction of the use of their personal information to make sure the restriction is respected in future.
Right to data portability: This refers to your right to request that we copy, move or transfer, where technically feasible, your personal information in a structured, commonly used and machine-readable format, for your own purposes.
Right to object: You can object to our use of your personal information including where we use it for our legitimate interests, particularly in the case of direct marketing.
Right to withdraw consent: If you have given your consent to us processing your personal data, you have the right to withdraw your consent at any time. Any such withdrawal of consent does not affect the legality of processing carried out based on the granting of consent until the point of withdrawal.
The exercise of these rights is free of charge for you. However, you are required to prove your identity with two pieces of approved identification. We will use reasonable efforts consistent with our legal duty to supply, correct or delete personal information about you in our filing system.
To make inquiries or exercise any of your rights set out above, please contact us by e-mailing or write to us. We will endeavor to respond within 30 days. You can find our contact details at the top of this Privacy notice.
If we receive formal written complaints, we will contact the person who made the complaint to follow up. If necessary, we will work with the appropriate regulatory authorities, including local data protection authorities, to resolve any complaints that we cannot resolve directly.
If you are not satisfied with the way any complaint is handled that you make in relation to how your personal information is processed by us, then you may refer your complaint to the relevant data protection supervisory authority (see section 6 below).
6. Data protection for minors
This website is intended to be used by persons aged 18 and older. We do not seek to collect information about persons under the age of 18.
No information should be submitted to or posted on the website by persons younger than 18 years of age. If such a person submits personal information via the website, we shall delete that information as soon as we are made aware of their age and thereafter shall not process it any further.