QUALITY CONTROL

The Cosmochem Chemicals Quality Assurance System is ISO 9001:2015 Certified by TÜV Austria, ensuring that the services we provide always meet customer requirements.

Our Quality Control is a continuous, well-structured process, which helps ensure consistency and growth for our Company, along with quality services and products.

Click on the following link to find out more about the Cosmochem Chemicals Quality Control Policy.

QUALITY CONTROL

PRIVACY POLICY

We have composed this Privacy and Cookie Policy, in response to our respect to your personal data and in accordance with the General Data Protection Regulation (EU) 2016/679 that defines the information we are legitime to collect, how we use this information data and to let you know what decision options you have by visiting this website.

  1. Who we are and what we do? Cosmochem Chemicals (hereinafter referred to as the “Company” or “we” or “our”), a company with its registered seat in Athens, at 7-9 Anagenisseos Str. and website www.cosmochemchemicals.gr and www.creativepeopleit.co.uk, is mainly engaged in IT Services under the applicable national and European legislation.

For the purposes of providing its professional services, the Company may proceed to the collection and processing of natural persons’ personal data in accordance with Greek legislation in force, as well as with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation, hereinafter “GDPR”) and thus it may act as a “data controller”.

This Privacy Policy aims to clarify our personal data processing practices, by explaining what type of personal data or other personally identifiable information we may gather during the use of our website and our services by you, how and why we gather such information, what we use your personal information for, when and to whom we might share and disclose information about you, as well as how you can manage information about you and exercise your rights, as envisaged under the GDPR.

By providing your personal data to us (whether via our website, by email, in person or over the phone), you agree to the processing as per this Privacy Policy.

  1. What personal information do we collect and how we collect it? We may collect and further process different types of personal data in the course of operating our business and providing our services. These data may include:

Basic personal data and contact information, such as your name, job title, postal address, business address, telephone number, mobile phone number, fax number and email address; Financial and tax-related data, such as payment related information necessary for processing payments as well as for fraud prevention, such as bank account details, credit/debit card numbers, security code numbers and other related billing information, TIN etc.; Records of your communication and visits to our premises. Recruitment related data such as your Curriculum Vitae, your education and employment history, details of professional memberships and other information relevant to potential recruitment to the Company; Website Usage data, such as details of your visits to our website or information collected through cookies. Any other personal data related to you that you may provide. We may collect your personal data through a variety of means and in different ways.

In particular:

You may provide the personal information to us directly, for example through the completion and submission of a form on our website, by corresponding to us via email, letter or telephone or in person during a visit to our premises or your participation in the events that we organize; We may collect the information from third party sources, such as when we receive information about you from collaborators and external consultants with whom you may already have a business relationship, for the purposes of further cooperation with our Company; We may collect the information from publicly available sources.

  1. How do we use your personal data and for what purposes? We collect and further process your personal data for specified, explicit and legitimate purposes, as described in this Privacy Policy, that are justified under European and national data protection laws, and do not process your personal data further in a manner that is incompatible with those purposes and those data protection laws.

In particular, we use the personal data:

To provide products and services you may have requested; To manage our business operations and administer our clients’ business relationship with us, including processing payments, accounting, auditing, billing, supporting services; To analyze and improve our services to and communications with you; To protect the security of and manage access to our premises, IT systems, communication systems and our website and prevent and detect security threats, fraud or other criminal or malicious activities; For investigating purposes and to prevent unauthorized access to the services and other illegal activities; To identify persons authorized to trade on behalf of our clients, customers, suppliers and/or service providers; To comply with our legal and regulatory obligations, including reporting to and/or being audited by national and international regulatory bodies; To comply with court orders and/or defend our legal rights; To communicate with you on the latest developments, announcements, and other information about us, via newsletters, briefs etc., upon your explicit consent; For the assessment of qualifications and the probability of recruitment in our Company, To facilitate your presence at the events we organize and offer you the appropriate service, For any other purpose related and/or ancillary to any of the above or any other purpose for which your personal data was provided to us. Any potential marketing-related communication will only be carried out after you have opted in and we will provide you the opportunity to opt out anytime, if you do not wish to continue receiving marketing-related communication from us. We will not use your personal data for taking any automated decisions affecting you or creating profiles other than as described above.

  1. What is the lawful basis for processing your personal data? We process any personal data that we collect as above, based on the following lawful bases:

The personal information we hold and process, is necessary for the performance of our services contractor or other agreement, to which our clients are a party, or to supply the products and perform the services that our clients have otherwise requested. The personal information we collect and process may also be necessary for our legitimate business interests, in terms of offering the best possible solutions to our clients, in managing our everyday business needs, in providing our clients or prospective clients with information about the products and the services we offer, and about which they have expressed an interest or that we believe will be of benefit to them. In some cases, our ground for collecting and processing the information is based on your explicit consent to our collection and processing of your personal information, such as -for example- when we communicate with you in terms of providing relevant marketing information, when you submit your CV in order for it to be assessed, or for your participation in scientific conferences and similar events that we are organizing. We may also process your personal data in order to comply with a legal obligation to which the Company is subject and for the fulfillment of regulatory and statutory obligations or court or other orders (e.g. compliance with tax procedures, Anti-Money Laundering procedures, fraud detection, ensuring of traceability etc.).

  1. Who we share your personal data with? We do not sell or rent or exchange or transfer your personal data or personally identifiable information that has been collected by us, as part of a customer list or similar transaction, to any third party.

We may only share your personal data with the following indicative categories of recipients:

Banking Institutions, Insurance Institutions, Lawyers or other legal specialists (including mediators), consultants or experts or other professional advisors as the case may be (e.g. financial, business or other advisors), auditors, chartered accountants, scientific officers engaged in the course of the services we provide to our clients or prospective clients; Third party service providers to whom we outsource certain functions such as technology and IT services, accounting services, translation services, postal and transport services. In such cases, we require all such third-party service providers to act in compliance with this Privacy Policy, our instructions, and the applicable data protection laws. We commit to use appropriate safeguards as required by applicable law to ensure the confidentiality, integrity and security of your personal data when engaging such service providers; We may share your personal data with courts, government, regulatory or other public authorities;

  1. For how long do we retain your personal data? In general, we will retain your personal data for as long as is necessary for the fulfillment of the purposes for which this data was collected and any other permitted linked purpose.

When the processing of personal data is related to the establishment, exercise or defense of legal claims, we will retain your personal data until the time limit for claims has expired or the claims have been settled, or in order to comply with legal requirements regarding the retention of such data.

Our retention periods are also based on our business needs and good practice.

  1. Security of Personal Data We store your personal data securely on our servers, which are managed internally as well as with third party storage providers.

We maintain the appropriate technical and organizational security measures to protect the personal data that we hold on our networks and systems, from unauthorized access, disclosure, alteration, misuse, loss and destruction. The security measures indicatively include physical, technical, administrative, electronic and procedural safeguards, firewalls, physical access controls to our data centers and information access authorization controls. Our security procedures also mean that we may occasionally request proof of identity, in order to verify your identity before communicating with you or disclosing any personal information to you.

While we try our best to safeguard your Personal Data, once we receive it, especially as regards the data received through our website, no transmission of data over the Internet or any other public network can be guaranteed to be 100% secure.

  1. Use of third party applications and services that interact with our services · GOOGLE MAPS PRIVACY POLICY We use Google Maps from Google Inc. (1600 Amphitheater Parkway Mountain View, CA 94043, USA) on our website. By using the features of this map, data will be transmitted to Google.

To see what data Google collects and what this data is used for, visit https://www.google.com/intl/en/policies/privacy/.

· PRIVACY POLICY OF EMBEDDED SOCIAL MEDIA ELEMENTS We may integrate elements of social media services on our website to display pictures, videos and texts. By visiting pages representing these elements, data is transferred from your browser to the respective social media service and stored there. We do not have access to this data.

The following links will take you to the pages of the respective social media services where it is explained how they handle your data:

Instagram Privacy Policy: https://help.instagram.com/519522125107875 For YouTube, the Google Privacy Policy applies: https://policies.google.com/privacy?hl=en Facebook Data Policy: https://www.facebook.com/about/privacy Twitter Privacy Policy: https://twitter.com/privacy LinkedIn Privacy Policy: https://www.linkedin.com/legal/privacy-policy · Facebook Privacy Policy On this website we may use features of Facebook, a Social Media Network of Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2 Ireland.

You can read about what features (social plug-ins) Facebook provides on https://developers.facebook.com/docs/plugins/.

By visiting our website information may be transmitted to Facebook. If you have a Facebook account, Facebook can associate that information with your personal account. If you do not want that, please log out of Facebook.

The privacy policy, which information Facebook collects and how they use it can be found on https://www.facebook.com/policy.php

· Youtube Privacy Policy On this website we may use the video service YouTube of the company YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.

By accessing pages of our website that have integrated YouTube videos, data is transmitted to YouTube, where it is stored and evaluated.

If you have a YouTube account and you’re signed in, this information will be associated with your personal account and the data stored in it.

To see what data Google collects and what this data is used for, visit https://www.google.com/intl/en/policies/privacy/

· Instagram Privacy Policy On this website we may use features of the Social Media Network Instagram, of Instagram LLC, 1601 Willow Rd, Menlo Park CA 94025, USA.

We can display images and videos of Instagram content with the embedding function (Embed-Function).

By calling up pages that use such functions, data (IP address, browser data, date, time, cookies) are transmitted to Instagram, where they are stored and evaluated.

If you have an Instagram account and are signed in, this information will be associated with your personal account and the data stored in it.

The privacy policy that collects information about Instagram and how to use it can be found at https://help.instagram.com/519522125107875

· LinkedIn Privacy Policy On our website we may use functions of the Social Media Network LinkedIn of the company LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA.

By calling up pages that use such functions, data (IP address, browser data, date and time, cookies) are transmitted to LinkedIn, where they are stored and evaluated.

If you have a LinkedIn account and are signed in, this information will be associated with your personal account and the data stored in it.

You can find the privacy policy that collects information on LinkedIn and how to use it at https://www.linkedin.com/legal/privacy-policy

· Facebook Pixel Privacy Policy On our website we may use Facebook Pixel of Facebook, a social media network of the company Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2 Ireland.

The code implemented on this page can evaluate the behavior of visitors who have come to this website from a Facebook ad. This can be used to improve Facebook ads and this data is collected and stored by Facebook. The collected data is not visible to us but can only be used within the scope of advertisements. By using the Facebook pixel code, cookies are also set.

By using Facebook pixel, visiting our website is communicated to Facebook so that visitors get to see suitable ads on Facebook. If you have a Facebook account and are logged in, the visit to this website will be associated with your Facebook user account.

To find out how Facebook pixel is used for advertising campaigns, visit https://www.facebook.com/business/learn/facebook-ads-pixel.

You can change your ad settings on Facebook at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen, if you’re signed in to Facebook.

At http://www.youronlinechoices.com/ you can manage your preferences regarding usage-based online advertising. You can disable or enable many providers at once or change settings for individual providers.

More information about Facebook’s data policy can be found at https://www.facebook.com/policy.php.

  1. Other technologies we incorporate on this website
  2. TLS encryption with https We use https in order to transmit data securely over the Internet (data protection through technology design Article 25 paragraph 1 GDPR). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission over the Internet, we can ensure the protection of confidential data.

You can acknowledge the use of this safeguarding measure for the data transfer at the small lock symbol in the upper left corner of the browser and the use of the scheme https (instead of http) as part of our Internet address

  1. Google fonts privacy policy We use Google Fonts from Google Inc. (1600 Amphitheater Parkway Mountain View, CA 94043, USA) on our website.

You do not need to sign in or have a password in order to use Google Fonts. Furthermore, no cookies are stored in your browser.

The files (CSS, fonts) are requested through the Google domains fonts.googleapis.com and fonts.gstatic.com. According to Google, the requests for CSS and fonts are completely separate from all other Google services. If you have a Google Account, you do not need to worry about your Google Account information being sent to Google while using Google Fonts. Google records the use of CSS (Cascading Style Sheets) and the fonts used and stores this data securely. We will check in detail what the data storage exactly looks like.

  1. What are Google Fonts? Google Fonts (formerly Google Web Fonts) is an interactive directory with over 800 fonts that Google LLC provides for free use.

Many of these fonts are published under the SIL Open Font License, while others have been released under the Apache License. Both are free software licenses. Thus, we can use them freely without paying royalties

  1. Why do we use Google Fonts on our website? With Google Fonts we can use fonts on our own website and do not have to upload them on our own server. Google Fonts is an important building block in order to keep the quality of our website high. All Google fonts are automatically optimized for the Web, and this saves data volume and is a great advantage especially for mobile device use. When you visit our page, the low file size ensures fast loading time. Furthermore, Google fonts are so-called secure web fonts. Different image synthesis systems (rendering) in different browsers, operating systems and mobile devices can lead to errors. Such errors can partially distort texts or entire websites visually. Thanks to the fast Content Delivery Network (CDN), there are no cross-platform issues with Google Fonts. Google Fonts supports all major browsers (Google Chrome, Mozilla Firefox, Apple Safari, Opera) and works reliably on most modern mobile operating systems, including Android 2.2+ and iOS 4.2+ (iPhone, iPad, iPod).

So we use the Google Fonts in order to make our entire online service as beautiful and consistent as possible. According to Article 6 Paragraph 1 f GDPR, this already constitutes a “legitimate interest” in the processing of personal data. In this case, “legitimate interest” means legal as well as economic or ideal interests that are recognized by the legal system

  1. What data does Google store? When you visit our website, the fonts will be reloaded via a Google server. This external call sends data to the Google servers. This way, Google also recognizes that you or your IP address is visiting our website. The Google Fonts API is designed to reduce the collection, storage and use of end-user data to what is needed for efficient font delivery. Incidentally, API stands for “Application Programming Interface” and serves, among other things, as a data transmitter in the software area.

Google Fonts securely stores CSS and font requests on Google and is thus protected. Through the collected usage figures, Google can determine the popularity of the fonts. Google publishes the results on internal analysis pages, such as Google Analytics. In addition, Google also uses data from its own web crawler to determine which websites use Google Fonts. This data is published in Google Fonts’ BigQuery database. BigQuery is a Google web service for companies that want to move and analyze large amounts of data.

It should be kept in mind, however, that any Google Font request will also automatically transfer information such as IP address, language settings, browser screen resolution, browser version, and browser name to the Google servers. It is not clear or is not clearly communicated by Google whether this data is also stored.

  1. Newsletter Privacy Policy If you would like to receive our newsletter, we need your email address that will allow us to verify that you are the owner of the email address provided and that you agree to receive the newsletter.

We use a double opt-in procedure, so you receive only the emails you have agreed to get from us. In order for a potential subscriber to sign up for a newsletter, they have to complete all the steps of this process. This process is complete once a user has clicked on the confirmation link in the double opt-in email. Their email address will be activated in your contact list only once they have confirmed their subscription.

We use this data exclusively for sending information and offers you have requested.

MailChimp is the email marketing platform we use. This means your information is transmitted to MailChimp-c/o The Rocket Science Group, LLC. MailChimp is prohibited from selling your data and from using it for purposes other than sending email. MailChimp undergoes annual verification with a U.S. based third party-outside compliance reviewer under the Privacy Shield verification program, and they have certified their compliance with the EU-U.S./Swiss-U.S. Privacy Shield Frameworks.

More Info: https://mailchimp.com/about/security/

When you give us the permission to store your email address and to send you marketing emails, you can revoke this consent at any time via the unsubscribe link found on the bottom of every email receive

  1. What rights do you have with respect to personal data? Right of Access:

You have the right to access to the personal data that is being processed by us and if necessary, to receive a copy of that data and/or supplementary information with respect to their processing.

Right to Rectification (Article 16 GDPR):

If the personal information that we hold about you is inaccurate or incomplete, you have the right to rectify, update or amend it, by contacting us at the abovementioned contact details. Alternatively, you may send us a relevant request at the following email address: dpo@cosmochemchemicals.gr

Right to erasure (“Right to be forgotten”) (Article 17 GDPR):

You have the right to ask us to delete or remove your personal information in some circumstances, such as where we no longer need it or if you withdraw your consent (where applicable).

Right to restrict processing (Article 18 GDPR):

You have the right to request the restriction of the processing of your personal data in certain circumstances, such as where you contest the accuracy of your personal data or when the processing is unlawful and you object to the erasure of your personal data and you request the restriction of its use instead of its erasure, when your personal data is not required for the purposes of processing, however it is required for the establishment, exercise or defense of legal claims, and when you object to processing and pending the verification whether our legitimate grounds override your rights.

Right to object processing (Article 21 GDPR):

You have the right to object at any time to processing of your personal data in cases where this is required for the purposes of legitimate interests we pursue as data controllers.

Right to data portability (Article 20 GDPR):

You have the right, in certain circumstances, to obtain personal information that you have provided to us in a structured, commonly used and machine readable format, and to transfer it another data controller in order to reuse it or ask us to transfer this to a third party.

Right to withdraw the consent:

If we rely on your consent as our lawful basis for processing your personal data, you have the right to withdraw that consent at any time. However, please note that withdrawal of your consent does not affect the legality of consent-based processing during the period before such consent was revoked.

Right to lodge a complaint with the Hellenic Data Protection Authority:

To exercise any of your aforementioned rights you have the right to lodge a complaint to the Hellenic Data Protection Authority (www.dpa.gr), Phone Number: +30 210 6475600, Fax: +30 210 6475628, Email Address: contact@dpa.gr

  1. Updates to this Privacy Policy We reserve the right to update and change this Privacy Policy from time to time in order to reflect any changes regarding the way in which we process your personal data or changes to legal requirements.

In case of any such changes, we will post the updated Privacy Policy on our website. The changes will take effect as soon as they are posted on this website. We therefore encourage you to review the Privacy Policy when you visit the website to stay informed of how we treat and process personal data.

In addition, Data protection measures are always subject to technical innovations. For this reason, we kindly ask you to inform yourself about our data protection measures at regular intervals by consulting our data protection policy herein.

COOKIES POLICY

We have composed this Cookie Policy, in response to our respect to your personal data and in accordance with the General Data Protection Regulation (EU) 2016/679 that defines the information we are legitime to collect, how we use this information data and to let you know what decision options you have by visiting this website.

Unfortunately, some of these explanations may sound rather technical, yet we will try to make as simple and as clear as possible. Therefore, this cookie policy provides you with the information about the cookies we use and the purposes for using them. To review the privacy policy that applies to our web site visitors, prospective clients or clients of Cosmochem Chemicals, please review our Privacy Policy.

For further information about these policies, please contact dpo@cosmochemchemicals.gr.

We use and allow certain third parties cookies and other similar tracking technology on our website. This helps us provide you with a good experience when you browse our website and allows us to improve it.

  1. What are cookies? When you are surfing the Internet, you are using a browser. Well-known browsers are for example ChromeTM, SafariTM, FirefoxTM, Internet ExplorerTM and Microsoft EdgeTM. Most websites save small text data in your computer’s filesystem. These files containing those data are called Cookies.

Cookies record visitors’ data, for example language or personal page settings so when you load a web page again, your browser transmits the user-related information back to the website. Thanks to Cookies, the website knows your preferences regarding language you have chosen the previous time you visited it and offers you this particular view.

Due to recent changes in data protection laws, all websites which operate across the European Union are required to obtain consent using or storing cookies (or similar technologies) on your computers or mobile devices.

  1. Cookie types First and third-party cookies: whether a cookie is “first”, or “third” party refers to the domain placing a cookie on your computer. First-party cookies are those set by a website that is being visited by the user at the time (e.g. cookies placed by www.cosmochemchemicals.gr directly).

Third-party cookies are cookies that are set by a domain -other- than the website being visited. If a user visits a website and another entity sets a cookie through that website, this would be considered as a third-party cookie. The most common of this type of cookie is the Google AnalyticsTM cookie, you will see later on this document.

Persistent cookies: these cookies remain on a user’s device for a period specified in the cookie. They are activated each time the user visits the website that created this particular cookie.

Session cookies: these cookies allow website operators to link the actions of a user during a browser session. A browser session starts when a user opens the browser window and finishes when they close the browser window. Session cookies are created temporarily. Once you close your browser, all session cookies are deleted.

Essential Cookies: these Cookies are necessary to ensure basic functions of the website. For example, these cookies are needed when a user places a product in the shopping cart, and surfs other sites before coming back to the check-out. Through these Cookies, the shopping cart contents are not deleted, even if the user closes the browser window.

Functional Cookies: these Cookies collect information about the users’ behavior and whether the user received possible error messages during page loading. In addition, the load time and website behavior are measured in several browsers through these cookies. When you first visit a website, you are usually asked which of these types of cookies you want to allow. This choice will also be saved in a cookie which is a functional cookie.

Performance cookies: these cookies could be either “persistent” or “session” cookies that collect information about how you use a website – e.g. which pages you visit and whether you experience any errors. These cookies do not collect any information that could identify you and are only used to help administrators improve how a website works, understand what interests our visitors and measure how effective content is. Some performance cookies are managed by third parties.

A special kind of performance cookie is Google AnalyticsTM. These cookies are developed and managed by Google®. These cookies collect anonymous information, to provide web site anonymous usage statistics to the web site owners. For more information about Google analytic cookies, please visit Google’s help pages and privacy policy in the URLs below:

Google’s® Privacy Policy Google AnalyticsTM Help pages Advertising Cookies: these cookies are also called Targeting-Cookies. They serve to provide the user with individually adjusted ads. This can be very practical, but also very annoying.

More useful information about cookies can be found at http://www.allaboutcookies.org/ or https://tools.ietf.org/html/rfc6265, which is the RFC6265, a proposed standard of the Internet Engineering Task Force (IETF), namely “HTTP State Management Mechanism”.

  1. What cookies type do we use and why? a. Functional cookies, necessary cookies for optimized navigation experience. These cookies are necessary for the website to function properly. They are usually only set in response to actions made by you which responds to a service request, such as setting your privacy preferences, logging in or filling in forms and selecting a specific display language.

Apart from your opt-out ability here, you can set your browser to block or alert you about these cookies (see paragraph below), but some parts of the site will not be able to work. For example, the parts of the web site that will not be able to function properly are:

our contact or quote forms and the newsletter subscription form Those cookies, which are third party cookies, do not provide us with information that can be used to identify a visitor on our website.

The reason for using those functional cookies is based on the fact we use reCAPTCHA on our forms.

i. What is reCAPTCHA? reCAPTCHA is a free captcha service from Google® that protects websites from spam software and abuse by non-human visitors. This service is most commonly used when you fill out forms on the Internet.

A captcha service is an automatic Turing test designed to ensure that an action on the internet is made by a human rather than a bot. In the classic Turing test (named after the computer scientist Alan Turing), a person determines the distinction between bot and human. For captchas, this is also done by the computer or a software program.

Classic captchas work with small tasks that are easy to be solved by human beings yet create significant difficulties for machines. With reCAPTCHA, you do not have to actively solve any puzzles. The tool uses modern risk techniques to differentiate people from bots. All you have to do is tick the text field “I’m not a robot”.

In the Invisible reCAPTCHA (or reCAPTCHA version 3 we use) that is not needed anymore. With reCAPTCHA a JavaScript element is integrated into the source code and then the tool runs in the background and analyzes your user behavior. From these user actions, the software calculates a so-called captcha score. Google® calculates this score before captcha input how high the probability is that you are human. ReCAPTCHA or captchas in general are used whenever bots could manipulate or misuse certain actions (such as registrations, surveys, etc.).

ii. Why do we use reCAPTCHA on our website? We use Google® reCAPTCHA, so as to ensure we keep bots away. Using reCAPTCHA transmits data to Google® that Google® uses to determine if you are truly human. Thus, reCAPTCHA serves the security of our website and consequently also your safety. For example, without reCAPTCHA use in the registration process, a bot could easily register users’ email addresses. With reCAPTCHA we can avoid such bot attacks and therefore protect internet users in general.

iii. Which data are stored by reCAPTCHA? ReCAPTCHA by Google® service collects information that can be used by Google® to identify a visitor so as to determine if the actions on our site are actually human. So, the visitor’s IP address and other data that Google® needs for the reCAPTCHA service can be sent to Google. IP addresses within the member states of the EU or other parties to the Agreement on the European Economic Area are almost always truncated before the data ends up on a server in the United States. The IP address will not be combined with any other Google data unless you are logged in with your Google Account while using a reCAPTCHA service. First, the reCAPTCHA algorithm checks if your browser already has Google cookies from other Google services (YouTube, Gmail, etc.) and then reCAPTCHA sets an additional cookie through your browser to capture a snapshot of your browser window.

Cookies created by the reCAPTCHA service are third party cookies. On our effort to understand and record the information they collect we have created the following list of browser and user data. At any case, this list is not exhaustive and as this is a third-party cookie widely used on internet nowadays, we cannot guarantee that his Google® process is GDPR compliant.

Referrer URL (the address of the page from which the visitor comes) Internet IP address (e.g., 256.123.123.1) Information about the operating system (the software that enables you to operate your computer, known operating systems are Windows, Mac OS X or Linux) Cookies (small text files that store data in your browser) Mouse and keyboard behavior (any action you perform with the mouse or keyboard is saved) Date and language settings (which language or which date you have preset on your PC) All JavaScript objects (JavaScript is a programming language that allows websites to adapt to the user. JavaScript objects can collect all sorts of data under one name) Screen resolution (shows how many pixels the displayed image on your screen is made of) It is indisputable that Google uses and analyzes this data before you click on the check mark “I am not a robot”. With the Invisible reCAPTCHA version you do not even tick the box anymore and the entire recognition process runs in the background. How much and what data Google® stores exactly, cannot be learned from Google® in detail.

Here we refer to the reCAPTCHA demo version of Google® at https://www.google.com/recaptcha/api2/demo. All these cookies require a unique identifier for tracking purposes.

Here is a list of cookies that Google® reCAPTCHA has set on this demo version:

Name: IDE

Expiry time: after one year

Utilization: This Cookie is set by the firm DoubleClick (also belongs to Google®), in order to register and report the actions of a user in dealing with advertisements on the website. Thus, the advertising effectiveness can be measured, and appropriate optimization measures are taken. IDE is stored in browsers under the domain doubleclick.net.

Example value: WqTUmlnmv_qXyi_DGNPLESKnRNrpgXoy1K-pAZtAkMbHI-311109277

Name: 1P_JAR

Expiry time: after one month

Utilization: This cookie collects statistics about website usage and measures conversions. A conversion occurs, for example, when a user becomes a buyer. The cookie is also used to show users relevant ads. Furthermore, the cookie prevents a user from seeing the same ad more than once.

Example value: 2019-5-14-12

Name: ANID

Expiry time: after 9 months

Utilization: We could not get much information about this cookie. In the privacy policy of Google®, the cookie is mentioned in connection with “advertising cookies” such as “DSID”, “FLC”, “AID”, “TAID”. ANID is stored under the domain google.com.

Example value: U7j1v3dZa3111092770xgZFmiqWppRWKOr

Name: CONSENT

Expiry time: after 19 years

Utilization: The cookie stores the status of a user’s consent to use different services from Google®. CONSENT also serves security purposes by verifying users, preventing credential fraud, and protecting user data from unauthorized attacks.

Example value: YES+AT.de+20150628-20-0

Name: NID

Expiry time: after 6 months

Utilization: NID is used by Google®, in order to tailor ads to your Google-search. With the help of cookies, Google® “remembers” your most-typed searches or your earlier interaction with ads. This way you always get customized advertisements. The cookie contains a unique ID that Google® uses to collect the user’s personal settings for promotional purposes.

Example value: 0WmuWqy311109277zILzqV_nmt3sDXwPeM5Q

Name: DV

Expiry time: after 10 minutes

Utilization: Once you mark the “I’m not a robot” checkbox, this cookie will be enabled. The cookie is used by Google Analytics for personalized advertising. DV collects information in an anonymous form and is further used to make user distinctions.

Example value: gEAABBCjJMXcI0dSAAAANbqc311109277

As aforementioned the above stated list cannot be limited to the cookies and behaviors mentioned as Google® may change cookies behavior according to their business strategy and on demand.

iv. How long and where is the data stored? By inserting reCAPTCHA your data is transferred to a Google® server. Where exactly this data is stored, even Google, after repeated inquiries, does not make it clear. Without having received a confirmation from Google®, it can be assumed that data such as mouse interaction, time spent on the website or language settings are stored on the European or American Google® Servers. The IP address your browser sends to Google® will generally not be merged with other Google data from other Google® services. However, if you’re signed into your Google Account while using the reCAPTCHA plug-in, the data will be merged. For this, the deviating data protection regulations of Google® apply.

Accepting these cookies is a condition for using the website, therefore if you prevent them, we cannot guarantee how our website will perform.

b. Performance cookies. We use performance cookies that help us improve our website and get metrics regarding page visits.

The performance type cookies used on our website are the following:

Google AnalyticsTM cookies: Cosmochem Chemicals web site administrators, development and marketing department have access to anonymized statistical information provided by Google AnalyticsTM.

We use Google AnalyticsTM to get anonymous statistics on how our website is used. This cookie type is managed by Google® for the purpose stated above.

Google LLC® (1600 Amphitheater Parkway Mountain View, CA 94043, USA) is considered to be a data controller for the purpose of statistically analyze visitor data. In this scope of work Google AnalyticsTM and Google® use Advertising cookies.

i. Cookies from Google Analytics Name: _ga

Expiration time: 2 years

Use: Differentiation of website visitors

Exemplary value: GA1.2.1326744211.152311109277

Name: _gid

Expiration time: 24 hours

Use: Differentiation of website visitors

Exemplary value: GA1.2.1687193234.152311109277

Name: _gat_gtagUA

Expiry time: 1 minute

Use: Used to throttle the request rate. If Google Analytics is provided through Google Tag Manager, this cookie will be named _dcgtm .

Exemplary value: 1

For more information about Terms of Use and Privacy Policy, please visit http://www.google.com/analytics/terms/en.html or https://support.google.com/analytics/answer/6004245?hl=en.

We have turned on the advertising reporting features in Google AnalyticsTM. The Demographics and Interests reports include age, gender, and interests. This allows us – without being able to assign this data to individual persons – to get a better picture of our users.

Learn more about advertising features at https://support.google.com/analytics/answer/3450482?hl=en_AT&utm_id=ad.

We do not share our Google Analytics TM reports with any other third party other than those listed above.

  1. How to set your cookie options on our website. Use this link on our web site to view and manage your cookies consent. The access to the popup block is available throughout the website by clicking the gear icon ( ) placed on the left bottom of the screen.

  2. How to delete and block our cookies, or any other web site cookies. You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies.

However, if you use your browser’s settings to block all cookies (including functional or essential cookies) you may not be able to access all or some parts of a website, including ours.

  1. Changing your cookie settings and other opt-out options. Please note that internet browsers allow you to change your cookie settings. These settings are usually found in the ‘options’ or ‘preferences’ menu of your internet browser.

In order to understand these settings, the following links may be helpful. Otherwise you should use the ‘Help’ option in your internet browser for more details.

Cookie settings in Internet ExplorerTM Cookie settings in FirefoxTM Cookie settings in ChromeTM Cookie settings in SafariTM In addition, Google has developed the Google AnalyticsTM opt-out browser add-on for the Google AnalyticsTM JavaScript (ga.js, analytics.js, dc.js). Especially for Google AnalyticsTM opt out procedure, you can download and install the add-on for your web browser here.

For further information about deleting or blocking cookies, please visit: http://www.aboutcookies.org/Default.aspx?page=2.

  1. Can I withdraw my consent? You can withdraw your consent anytime. If you wish to withdraw your consent, you may use this link or the gear icon ( ) at the bottom left of your screen on our web site to view and manage your cookies consent. In addition, you will need to delete your cookies using your internet browser settings (see section Changing your cookie settings and other opt-out options).