Last updated: June 1, 2024
Introduction and scope
Welcome to the website www.420pharma.de , which is operated by Four 20 Pharma GmbH. This privacy policy explains how we collect, use, share, and protect your personal information when you use our website. We process your data in accordance with applicable data protection laws, including the EU General Data Protection Regulation (GDPR).
Who we are
Responsible for data processing on this website within the meaning of the GDPR is: Four 20 Pharma GmbH Friedrich-List-Straße 67 33100 Paderborn. As the person responsible, we determine the purposes and means of processing personal data collected via our website.
What personal data do we collect?
When you visit our website, we collect certain information from your browser, including:
• Pages you have visited on our website
• Date and time of access
• Amount of data transferred
• Referral source
• Browser type and browser version
• Operating system
• IP address (anonymized)
We process this data to display the website, ensure its stability and security, and improve its functionality, based on our legitimate interests.
How we use your personal information
We process your personal data for the following purposes:
• To provide and improve our services
• Communicate with you
• To personalize your experience
• For marketing and advertising
We only process your data if there is a valid legal basis for doing so, such as:
• When it is necessary to provide our services (performance of a contract)
• When you have consented to processing
• To comply with legal obligations
• For our legitimate business interests, such as improving our website and offerings
user interactions
When you interact with our website, such as by contacting us, registering an account, or posting a comment, we collect and process the personal information you provide. This may include your name, email address, IP address, and any other information you choose to share with us.
We use this information to respond to your inquiries, provide the services you require, and improve our website. The legal bases for processing are contract performance (Art. 6 (1) (b) GDPR), legitimate interests (Art. 6 (1) (f) GDPR) and, where applicable, consent (Art. 6 (1) (a) GDPR).
When you register an account, we store your information until you delete your account. If you leave a comment, it will remain visible indefinitely, but you can request that it be deleted at any time.
marketing communication
When you subscribe to our newsletter, we use your email address to send you regular news about our products and services. We need your consent to send you these messages (Art. 6 (1) (a) GDPR) and you can unsubscribe at any time via the link contained in every email.
We use Sendinblue to manage our email marketing. Sendinblue may use web beacons to track open rates and other analytics. For more information, see Sendinblue's privacy policy.
If you are an existing customer, we may send you marketing emails about similar products and services based on our legitimate interests (Art. 6 (1) (f) GDPR). You can unsubscribe from these communications at any time.
analysis
We use Google Analytics to understand how visitors interact with our website. For this purpose, cookies are set and data such as your IP address is collected, which is passed on to Google. You can deactivate analytics tracking via the Cookie Consent Tool. For more details, see our full Google Analytics statement.
online advertising
We work with third parties to show you relevant ads on other websites. These partners may use cookies and similar technologies to collect data about your interests. You can control your preferences using our cookie consent tool or opt out. For details on how we use Google Ads and LinkedIn Marketing Solutions, read our full message.
Cookies and similar technologies
We use cookies (small files that are stored on your device) and similar technologies to operate our website, personalize content and ads, provide social media features, and analyze traffic. Some cookies are essential for the website to work, while others help us improve performance and provide a better user experience.
We use the following types of cookies:
• Strictly necessary cookies: These are required for the website to function and cannot be deactivated.
• Analytical cookies: These help us understand how visitors interact with our website by collecting and reporting information anonymously.
• Marketing cookies: These are used to track visitors across websites and to display relevant advertising.
We also use web beacons, which are small electronic images that help us analyze site usage.
You can manage your cookie preferences at any time using our cookie consent tool. Please note that disabling cookies may affect the functionality of the website.
You can find out more about the cookies we use and their purposes below.
Necessary (1)
Necessary cookies help make a website usable by enabling basic functions such as page navigation and access to secure areas of the website. Without these cookies, the website cannot function properly.
surname
vendors
purpose
expiry
type
Cookie consent
Saves the user's cookie consent status for the current domain
1 year
HttpCookie
statistics (2)
Statistical cookies help website operators understand how visitors interact with websites by collecting and reporting information anonymously.
surname
vendors
purpose
expiry
type
_ pk_id #
Collects statistics about the user's visits to the website, such as the number of visits, average time spent on the website, and which pages were read.
1 year
HttpCookie
_ pk_ses #
Used by the Piwik Analytics Platform to track page requests made by the visitor during the session.
0 days
HttpCookie
How we share your personal information
We may share your personal information with:
• Service providers who help us operate our business and deliver our services
• Group companies and business partners
• Authorities when required by law
We don't sell your personal information to third parties.
Whenever we share data, we take contractual security measures to protect your information. We may transfer your data internationally, including to the USA, using appropriate measures such as EU standard contractual clauses.
Third party services
Our site uses various third-party services, including:
• YouTube to embed videos
• Adobe fonts for custom fonts
• FontAwesome for icon fonts
These services may collect and process personal data when you interact with them. The third-party services we use include:
1. YouTube
We embed YouTube videos on our website to provide rich media content. When you visit a page with an embedded YouTube video, your browser connects directly to YouTube's servers. YouTube, a subsidiary of Google, may process your IP address, browser information, and cookies to enable video playback, track usage, and save preferences. Data can be transferred to servers in the USA. YouTube processes data in accordance with Google's privacy policy. The legal basis for processing is your consent (Art. 6 para. 1 lit. a GDPR), which you can withdraw at any time using our cookie consent tool.
2nd Adobe Fonts
We use Adobe Fonts to display custom fonts on our website. When you visit a page that contains these fonts, your browser connects directly to Adobe's servers to load the required files. In doing so, Adobe can process your IP address and other browser information. Data may be transmitted to servers in the USA. Adobe complies with the EU-US Privacy Shield Agreement to ensure an adequate level of data protection. For more information, see Adobe's privacy policy. The legal basis for processing is your consent (Art. 6 para. 1 lit. a GDPR), which you can revoke at any time via our Cookie Consent Tool.
3rd FontAwesome
We use FontAwesome to display vector icons on our website. When you visit a page that contains these icons, your browser connects directly to FontAwesome's servers to load the required files. FontAwesome can process your IP address and other browser information. For more information, please see FontAwesome's privacy policy. The legal basis for processing is your consent (Art. 6 para. 1 lit. a GDPR), which you can withdraw at any time using our cookie consent tool.
Please note that certain features of our website may not work correctly if you disable these third-party services. We have no control over the data collected by these services and recommend that you check their respective privacy policies for more information.
When you visit a page that contains these services, your browser connects directly to the provider's servers and transmits your IP address and other browser information. These providers may use cookies and other tracking technologies. The legal basis is your consent (Art. 6 para. 1 lit. a) GDPR), which you can withdraw at any time via our cookie consent tool.
Hosting and content delivery networks
We use content delivery networks (CDNs) to efficiently deliver website content to users based on their geographical location. The CDNs we use are:
• Cloudflare : Cloudflare is a US-based company that provides CDN and security services. When you visit our website, your browser connects directly to Cloudflare's servers. Cloudflare can process your IP address and other browsing information to optimize content delivery and protect against malicious traffic. Data transferred to Cloudflare can be stored on servers in the USA. Cloudflare complies with the EU-US Privacy Shield Agreement to ensure an appropriate level of data protection. For more information, see Cloudflare's privacy policy.
• IONOS : IONOS is a Germany-based company that provides web hosting and CDN services. When you visit our website, your browser may connect to IONOS servers to load certain content. IONOS processes your IP address and other browser information to efficiently deliver this content. Data processing is based on our legitimate interests (Art. 6 (1) (f) GDPR) in providing a functional and secure website. We have concluded a data processing agreement with IONOS to ensure the protection of your personal data.
The use of these CDNs is based on our legitimate interests (Art. 6 (1) (f) GDPR) to provide a fast, secure and efficient website experience. If you do not agree to the processing of your data by these CDNs, you can disable the CDN functionality in your browser settings. However, this may affect the performance of the website.
Your rights
Under the GDPR, you have rights with respect to your personal data, including the right to access, correct, delete, restrict processing, transfer of your data, and object to processing. You also have the right to withdraw your consent at any time and to lodge a complaint with a supervisory authority.
To exercise your rights, please contact us at dpo@420pharma.de . We may need to verify your identity. Please note that your rights may be limited in certain cases — for example, if we are required by law to store data.
How long do we store your personal data
We only keep your personal information for as long as is necessary for the purposes for which it was collected, to comply with legal obligations, resolve disputes, and enforce our agreements. The specific retention periods vary depending on the type of data and the purpose for which it was collected.
In general, we retain data based on the following criteria:
• Consent-based processing: The data is stored until consent is withdrawn.
• Contractual obligations: The data will be deleted after the legal retention periods have expired, unless they are necessary to fulfill the contract or for legitimate interests.
• Legitimate interests: The data will be stored until the right of objection is exercised, unless there are overriding legitimate reasons.
• Direct marketing: The data is stored until you object.
In any case, personal data will be deleted or anonymized when they are no longer necessary for the purposes for which they were collected or processed.
After the applicable retention period has elapsed, personal data will be securely deleted or anonymized. Anonymized data may be kept for statistical purposes.
If you would like more detailed information about our specific data retention periods, please contact us using the information provided in the “Contact Us” section. We'll be happy to provide you with more details.
surety
We use technical and organizational security measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access. However, no method of transmission over the Internet or electronic storage is 100% secure, so we cannot guarantee absolute security. For security reasons and to protect the transmission of personal data and other sensitive content, we use SSL or TLS encryption.
Changes to this privacy statement
We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. The latest version is always available on our website.
contact us
If you have any questions or concerns about this Privacy Policy or our privacy practices, please contact:
Four 20 Pharma GmbH, Friedrich-List-Strasse 67, 33100 Paderborn, Germany
Phone: +49 5251 3903210
Fax: +49 5251 3903219
email: info@420pharma.de
Contact details of the data protection officer
If you have any questions or concerns about data protection, you can contact our data protection officer:
HewardMills Ltd
77 Farringdon Road
london
EC1M 3JU
email: dpo@curaleafeu.com (TBC)
Telephone: +44 (0) 20 4540 5853
Feel free to contact our data protection officer if you need help with data protection issues or would like to exercise your rights under the GDPR.