PRIVACY & COOKIE POLICY
Privacy Policy
The protection of personal data of users of this website is of the upmost concern of Desitin Pharma Ltd (“Desitin“, “we“, “us“). When processing your personal data, we comply with the applicable provisions of the EU General Data Protection Regulation (“GDPR“), and the UK General Data Protection Regulations. The following privacy notice describes which personal data of users are collected on the website and how they are processed.
1. Controller
The controller for processing your personal data in connection with this website is Desitin Pharma Ltd (“Desitin“). Our contact details are:
Desitin Pharma Ltd
Fairbourne Drive
Atterbury
Milton Keynes
MK10 9RG
Tel.: +44 (0)1908 488817
E-mail: enquiries@desitin.co.uk
2. Contact Details for Data Protection Enquiries
Should you have any questions regarding this privacy notice or generally about the processing of your personal data by Desitin, please contact:
Desitin Pharma Ltd
Fairbourne Drive
Atterbury
Milton Keynes
MK10 9RG
Tel.: +44 (0)1908 488817
E-mail: enquiries@desitin.co.uk
3. Processing of Personal Data
Personal data are all information referring to an identified or identifiable natural person, such as names, addresses, telephone numbers, email addresses, photos or online identifiers. When we process personal data, this means – for example – that we collect, store, use, transmit or delete such data. In the following, we will first specify the processing purposes and legal bases of processing; thereafter we will explain details regarding the individual categories of personal data that we collect.
3.1. Processing purposes and legal bases
We and/or the service providers commissioned by us, process your personal data for the processing purposes listed below. We point out that, according to the “legitimate interest” as legal basis, you are entitled to exercise a special right to object to processing (see section 10 “Your rights as a data subject” for further details regarding the execution of this right).
| No. | Processing purpose | Legal basis of processing | Description of the legitimate interest in processing, where relevant |
| 1 | Providing a website for the general public according to our Terms of Use. | Legitimate interest | We have a legitimate interest in collecting and processing data of non-registered users for the purpose of providing an online presence. |
| 2 | Collecting statistical information about the use of the website (so-called web analysis). | Legitimate interest | We have a legitimate interest in obtaining information about the website use, especially in order to improve our offer. |
| 3 | Web tracking by use of common web analysis tools and services (Google Analytics). | Consent | |
| 4 | Tracking malfunctions and safeguarding system security, including the detection and tracing of unauthorised access attempts and accesses to our web server. | Compliance with our legal obligations regarding data security, and legitimate interest | We have a legitimate interest in removing malfunctions, guaranteeing the system security, as well as detecting and tracing unauthorised accesses or access attempts. |
| 5 | Safeguarding and defending our rights. | Legitimate interest | We have a legitimate interest in safeguarding and defending our rights and legal claims. |
| 6 | Answering a request via the contact form. | Performance of contract |
3.2. Automatically collected data (server log files)
During your visit to the website, Desitin automatically collects access data, which are relevant for system security and data security, in the so-called log files of the web server. This involves the following data in particular:
- Domain and Host from which you use the internet.
- Internet address of the web page from which you have accessed this website via a link.
- Date and time of your visit to this website.
- Visited web pages on our website and respective duration.
- Amount of data transferred.
- Internet protocol (IP) address of your computer or end device.
- Operating system and information about the browser used, including add-ons installed, if any.
- http status code (for example “request successful” or “requested file not found”).
The log files are stored for up to one calendar month for the purpose of tracking malfunctions and guaranteeing system security, including detecting and tracing unauthorised access attempts and accesses to our web servers and are deleted after this period unless a suspect case of unlawful access to our web servers has occurred until then. The log files are only analysed in such suspect cases and only by authorised persons. Log files which must continue to be stored for evidentiary purposes are excluded from deletion until final clarification of the particular case and may be forwarded to investigation authorities or lawyers to the required extent.
The log files are additionally also stored for the web analysis, however without (complete) IP addresses so they do not enable conclusions regarding a specific user. For web analysis purposes, the files are evaluated in aggregated form only (for details see section 5 “web analysis”)
3.3. Processing of other personal data
Other personal data, including business related data, are only collected from you if you provide them to us voluntarily, for example when you send a request to Desitin via a contact form. These personal data are only processed to the extent necessary for the particular purpose (e.g. performance of a contract) and legally permitted, or subject to your consent. This information is not linked to other data.
3.4. Recipient of personal data
3.4.1. Disclosure of data to other controllers
Your personal data are in principle only transferred to the extent required for the particular purpose and to other controllers only in cases where this is necessary for contract performance, where we or the third party have a legitimate interest in such disclosure, or where you have given your consent. Furthermore, personal data may be transferred to other controllers to the extent we are obligated to make such disclosure due to statutory provisions or enforceable orders issued by public authorities or courts.
3.4.2. Service providers
Desitin may use service providers for data processing. In these cases, Desitin will enter into data processing agreements with the service providers to the extent necessary.
In particular, we use the following types of service providers:
- IT service providers (technical support), UK;
- Analysis tool providers, UK or USA (see section 5 “web analysis”).
3.4.3. Disclosure of data to recipients outside the EU or the EEA
We might disclose your personal data to recipients that are located outside of the UK or European Union (“EU”) or the European Economic Area (“EEA”) in so-called third countries (e.g. service providers which act as processors on our behalf). In this case, we implement safeguards before the data transfer to make sure that there is an adequate level of data protection at the recipient or that you have consented to the transfer of your data explicitly. An adequate level of data protection may be ensured, for example, by the existence of an adequacy decision by the EU Commission for the respective third country, in which the recipient is located, or by the existence of other appropriate safeguards, e.g. if we have agreed on EU standard contractual clauses with the recipient.
You can request from us an overview of the data recipients in third countries and a copy of the specific provisions to safeguard an appropriate data protection level. Please use the contact form if you wish to do so.
3.4.4. Duration of data storage; retention periods
In principle, we store your personal data as long as necessary for providing this website and the related services, or as long as we have a legitimate interest in further storage (for example we might still have a legitimate interest in postal marketing even after performance of a contract). In all other cases we delete your personal data, except for personal data that we must continue to store in order to comply with statutory obligations (due to retention periods set forth by tax and commercial law we are, for example, obliged to preserve documents such as contracts for a certain period of time up to 10 years).
The following specific retention periods apply:
- Automatically collected personal data (for security reasons): 7 days
- Web analysis tool Google Analytics (see section 5): Data are stored permanently in anonymised form.
You find information about the duration of storage of cookies used by us in the following section “Cookies”.
4. Cookies
Some pages of the Desitin website use so-called cookies. Cookies are small files that are stored on the user’s computer or in the browser when visiting a website. Cookies can store various types of data and help to provide additional functions (and thus make the website as a whole more user-friendly, effective and secure).
We use so-called “session cookies”, which are automatically deleted when you close the browser.
Desitin also uses a so-called analysis cookie in relation to the web analysis (see section 5 “Web analysis”).
Hereinafter you find a summary of cookies used by us, which shall inform you about the purpose and type of the cookie concerned, and the respective storage duration.
| Purpose of Cookie | Type of Cookie | Application name | Name of the Cookie | Storage period |
| Essential Cookie | Permanent | Cookie banner | cb-enabled | 1 year |
| Functional Cookie | Session | Google Analytics (performance) | _gat_gtag_UA_105876084_1 | 1 minute |
| Analysis | Session | Google Analytics (performance: if used via the Google day manager function) | dc_gtm | 1 minute |
| Analysis | Session | Google Analytics (distinction between users) | _gid | 1 day |
| Analysis | Permanent | Google Analytics (distinction between users) | _ga | 2 years |
Essential Cookies are processed on the basis of our legitimate interest. All non-essential cookies are only processed on the basis of your consent.
Of course you can set your browser in a way that it does not store our cookies on your hard drive by selecting “Accept no cookies” or similar in your browser settings. Please note that certain features of our website may not be available or are no longer conveniently usable if you have disabled the use of cookies.
The settings options do not cover cookies set by other providers during your visit to web pages of third parties. Use the provided link if you would like to change your coockie settings at any time.
5. Web Analysis (Google Analytics)
With your consent, we process information about your use of our website via the analysis tool “Google Analytics”. Google Analytics is a common web analysis tool to evaluate the usage of websites and is provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). The information on your use of the website generated by the cookie are usually submitted to and stored at a Google server in the USA. We use Google Analytics with the additional function offered by Google for anonymising IP addresses. Here, the IP address is normally shortened by Google within the EU already and only in exceptional cases shortened in the USA, and is at all events stored in a shortened form only.
According to the provider, your IP address submitted by your browser in connection with Google Analytics is not combined with other data by Google.
You can prevent the collection and analysis of your data by Google by downloading and installing the browser plugin available here. In addition, you may prevent the storage of cookies by your respective browser settings (see section 4 “Cookies”).
6. External Links
Our website may include links to web pages of third parties. We have no influence on the processing of any personal data transferred to third parties by clicking the link (e.g. your IP address or the URL of our website including the link). We take no liability for the processing of such personal data by third parties. The third party’s respective privacy notices shall apply.
7. Data security
Our employees and the service providers commissioned by us and their employees are obliged to maintain secrecy and comply with the regulations of the applicable data protection laws.
We take all necessary technical and organisational measures in order to guarantee a level of protection appropriate to the risk involved with the data processing and to protect your personal data processed by us, especially against risks arising from unintended or unlawful destruction, loss, change or unauthorised disclosure or unauthorised access. Our security measures are continuously being improved in line with the technological development.
8. Confidentiality of emails
If you send an email to Desitin via the contact form, these data are transmitted in encrypted form.
9. Automated decision-making
Automated decision-making, including profiling that is based solely on automated processing, which produces legal effects concerning you or similarly significantly affects you does not take place.
10. Your rights as a data subject
Information on your rights to data privacy can be found at https://www.legislation.gov.uk/eur/2016/679/contents
11. Amendment of the Privacy Statement
Desitin reserves the right to amend the contents of this privacy notice in accordance with legal requirements. Please keep yourself informed regularly about updates of this privacy notice.
12. Contact
If you wish to contact us, you can do so under the contact data specified in section 1.
Last update: June 2025
