Data Privacy Policy

Thank you for your interest in our website. We routinely comply with data privacy laws, including the EU Data Privacy Regulation, the German Data Privacy Act (BDSG) and the Telemedia Act (TMG).

We are very pleased with your interest in our company. For the management of Münchner Leukämielabor GmbH [Munich Leukemia Laboratory Ltd] data privacy is an extremely important issue. You generally do not need to provide any personal information to use the Münchner Leukämielabor website. However, if you wish to use our website to access the company's special services, personal information processing may be required. If personal information processing is required and there is no legal basis for processing, we generally ask for consent from the affected party.

Personal information, for example your name, address, e-mail address or telephone number, is always processed in accordance with the General Data privacy Regulation (pursuant to Article 4 paragraph 1 EU GDPR) and in compliance with the domestic data privacy laws applicable to Münchner Leukämielabor GmbH (para. 46 BDSG new). We are publishing our data privacy policy to inform the public about the nature, scope and purpose of the personal information that we gather, use and process. Furthermore we inform you of your rights under this data privacy policy.

Münchner Leukämielabor GmbH as the controller has implemented numerous technical and organizational measures to ensure the most complete protection of all personal information processed via this website. Nevertheless, transmitting data via the internet can be insecure, so we cannot guarantee absolute protection. Therefore you are free to submit your personal information to us by other means, for example by telephone.


To subscribe to our company’s newsletter, please visit the Münchner Leukämielabor GmbH website. Which items of your personal information will be transmitted to the data controller when you subscribe to our newsletter depends on which input mask you use for this purpose.

Those who subscribe to Münchner Leukämielabor GmbH receive a newsletter at regular intervals on research results, events and other news relevant to the company and to the discipline, especially regarding diagnosis and subsequent therapy for leukemia and lymphoma.

You can only subscribe to the Münchner Leukämielabor GmbH newsletter if (1) you have a valid e-mail address and (2) you have registered for the newsletter. When you subscribe to our newsletter, you will receive a reply to the registered email address asking you to confirm your subscription on legal grounds, in a so-called double opt-in procedure. By confirming your subscription you prove that the e-mail address you provided is really yours.

When you subscribe to our newsletter, we record the date and time of registration and the IP address of the computer you are using, which is assigned by your internet Service Provider (ISP). We must record this information to detect and warn you of any (possible) future misuse of the e-mail address. This limits the controller’s liability if a mishap occurs.

The personal information collected when you subscribe to our newsletter is used solely for sending you our newsletter. Subscribers to our newsletter may receive notices via e-mail if required for purposes of newsletter subscriptions or registration for same. This might happen if there are changes in the newsletter content or because of operational requirements. None of the personal information recorded in connection with newsletter subscriptions is disclosed to third parties. You may cancel your subscription to our newsletter at any time. You may at any time revoke the consent to storage of your personal information that you gave us on subscribing. To revoke your consent click on the applicable link found in every newsletter.

Newsletter tracking

The Münchner Leukämielabor GmbH newsletters contain so-called counting pixels. A counting pixel is a miniature graphic embedded in our e-mails sent in HTML format. They enable recording and analysis of log files. This lets us make a statistical evaluation and measure performance. By means of the embedded pixel, Münchner Leukämielabor GmbH can detect if and when you opened an e-mail and which links you accessed in the e-mail.

Personal information collected by the counting pixels in the newsletters will be stored and evaluated by the controller in order to optimize the newsletter’s distribution and to better adapt the content of future newsletters to the readers’ interests. This personal information will not be disclosed to third parties. You are entitled at any time to revoke the separate declaration of consent that you issued by means of the double-opt-in procedure. After any revocation, the controller will delete this personal information. If you unsubscribe from our newsletter it is automatically handled as a revocation by Münchner Leukämielabor GmbH.

Recording of general data and information

Every time somebody or an automated system accesses the Münchner Leukämielabor GmbH website, the website records certain items of data and general information. This data and general information is then stored in the server’s log files. The following data might be collected:
(1) browser type and version used,
(2) the operating system used by the accessing system,
(3) the webpage from which our website is accessed (so-called referrer),
(4) the sub-page that is accessed on our website
(5) the date and time of access,
(6) an Internet Protocol address (IP address),
(7) the internet service provider of the accessing system and
(8) other comparable information that might be useful for warding off attacks on our computer systems.

When using this general information, Münchner Leukämielabor draws no inferences about the affected person. This information is used solely to
(1) correctly display our website’s contents,
(2) to optimize our website’s contents,
(3) to ensure that our computer systems and the technology of our website continue to function, and
(4) for reporting to law enforcement after cyber-attacks. In summary Münchner Leukämielabor GmbH evaluates this anonymously gathered information statistically and in order to ensure data privacy and our company’s data security, thus ensuring optimal protection of the personal information we process. The anonymous data of the server log files are stored separately from all personal information reported by the affected person.

Registering on our website

You may register on the controller’s website providing your personal information. Which personal information will be disclosed to the data controller depends on the input mask you use for registering. Any personal information you enter is recorded and stored by the controller solely for internal use and for the controller’s own purposes; The controller may transfer information to one or several of its contractors, such as a parcel service, which also uses the personal information only for internal use and for processing data from the controller.

When you register on the controller’s website, it also stores the date and the time of registration and the IP address assigned by your internet service provider (ISP). The purpose of storing the data is to prevent misuse of our services, and in order to report them to police if any criminal offenses are committed. In other words the data is stored to protect the controller. Data is never disclosed to third parties unless the law compels us to disclose them or their disclosure is necessary for investigating a crime.

By registering and voluntarily providing your personal information, you allow the data controller to provide you with content or services that due to their nature can only be made available to registered users. Registered persons are free at any time to alter the personal information that they provided on registering, or even have it completely deleted from the data controller’s database.

You may at any time ask the controller which personal information of yours is stored on its database, and the controller must report it to you. In addition, the controller must correct or erase whatever personal information you instruct, unless the law requires that such information be kept available. For this purpose, you may regard any employee of the controller as a contact partner.

Contact via website

Pursuant to law, the Münchner Leukämielabor website contains information that enables swift electronic contact to our company and direct communication with us. This information includes e-mail addresses. Whenever you contact the data controller via e-mail or through a contact form, any personal information that you disclose is automatically recorded. Any such personal information that you provide voluntarily to the controller is stored for the purpose of processing or of contacting you. None of this personal information is disclosed to third parties.

Routine deletion and blocking of personal information

The controller will process and store your personal information only for as long as needed to achieve the purpose of the storage or, if storage is required by the European directive or domestic law, for as long as the controller is legally bound to do so.

Whenever the purpose of storage is no longer desired or the storage period stipulated by the European directive or domestic law has expired, personal information is automatically blocked or deleted pursuant to law.


The website uses so-called cookies. Cookies do not harm your computer and contain no viruses. Cookies are small text files that are filed on your computer and stored by your browser. Two sorts of cookies are used. Temporary or session cookies are automatically deleted when you close your browser. Long-term cookies have a maximum lifespan of one month. This sort of cookie makes you easy to recognize when you access the website again later. For example they are used in the "stay logged in" feature.

You can set your browser to be notified whenever cookies are stored, to allow cookies on a case-by-case basis, to reject all cookies or certain kinds of cookies, and to delete all cookies automatically on closing the browser.


This website uses Matomo, an open-source solution for web analysis. Matomo uses so-called cookie text files that are stored on your computer and enable statistical analysis of website use. Data is stored anonymously on a server belonging to the provider and located in Germany. IP addresses are anonymized before being stored and cannot be used for the purpose of identifying individuals.

Data stored by Matomo is not linked to other data sources and is not disclosed to third parties.

Furthermore you may challenge and disallow recording of the data that Matomo generates on how this website is used. To do this you must activate an opt-out cookie. If your IT system is deleted, reformatted or reinstalled at a later stage, the opt-out cookie must be installed anew.

If you install an opt-out cookie, you might then be unable to access some features of the controller's website.

You can read more information and Matomo's data privacy policy on


Our pages contain plug-ins and a stream from the Facebook social network, provider Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA. You can recognize Facebook plug-ins by the Facebook logo on our site. An overview of Facebook plug-ins can be found here.

Whenever you visit our page while logged in to Facebook, the plug-in and the Facebook stream will establish a direct connection between your browser and the Facebook server, Facebook will use the information recorded by the plug-in to tell which page you are visiting and will include this information in your Facebook account.

If you click on the Facebook button or add a Like or a comment to the Facebook stream while you are logged in to your Facebook account, this information will be transmitted to your Facebook account and stored there. In addition, Facebook will be informed that you visited our site. This will happen even if you do not actually click on the button. This allows Facebook to record your visit to our website in your user account. Please note that as the provider of the pages, we do not know which information is transmitted or how Facebook uses it.

If you want to prevent Facebook from receiving and storing data about you and about what you do on our website, you must log off from Facebook before visiting our site. Facebook’s data privacy policy provides more detailed information, in particular on how Facebook collects and uses your data, on your rights in this regard and the setting options for protecting your privacy.


Our website uses features of the LinkedIn network. The provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Data privacy policy outside the United States is handled by LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland. Every time you visit any of our pages that contains LinkedIn features, it connects to LinkedIn servers. LinkedIn is informed of your IP address and of the fact that you visited our website. If you click on the LinkedIn button while you are logged in to LinkedIn, LinkedIn will be able to link your visit to our website to you and to your user account. Please note that as the provider of the pages, we do not know which information is transmitted or how LinkedIn uses it.

Here LinkedIn lets you unsubscribe from e-mail messages, text messages, and targeted ads, and lets you manage ad settings. LinkedIn also uses partners like Quantcast, Google Analytics, BlueKai, DoubleClick, Nielsen, Comscore, Eloqua and Lotame, all of which are authorized to file cookies. You may decline these cookies. LinkedIn's current data privacy policy is available here. LinkedIn's cookie policy is available here.


Our website uses features of the XING network. XING is provided by XING AG, Dammtorstrasse 29-32, 20354 Hamburg, Germany. Every time you visit one of our pages that contains XING features, it will connect to XING servers. As far as we know, no personal information is recorded when you visit our pages. In particular, no IP addresses are stored and user behavior is not evaluated.

Further information on data privacy and the XING Share button can be found in
XING’s data privacy statement.

Routine deletion and blocking of personal information

The controller will process and store your personal information only for as long as needed to achieve the purpose of the storage or, if storage is required by the European directive or domestic law, for as long as the controller is legally bound to do so.

Whenever the purpose of storage is no longer desired or the storage period stipulated by the European directive or domestic law has expired, personal information is automatically blocked or deleted pursuant to law.

Right to be informed and right to revoke

You may at any time request information free of charge about your data stored with us, including matters concerning the right to transfer data. You may at any time have your data corrected or deleted. You may also at any time revoke the consent you gave us to record and use your information, without giving any reason. To revoke your consent, please write to the contact address on the imprint page. We are always happy to answer any additional questions you may have regarding our recommendations, data privacy matters and how we process your personal information.

Legal basis for our processing of information

Article 6 I letter a GDPR is the legal basis for our company’s processing procedures that involve obtaining consent to process for a specific purpose. Whenever we have to process personal information in order to fulfil a contract to which you are a party, for example when we process information to supply goods, render a service or make a payment, the processing procedure is based on article 6 I letter b GDPR. The same applies to any processing needed to perform pre-contractual acts, for example when we receive inquiries about our products or services. If the law obliges our company to process personal information, for example for the fulfilment of tax obligations, then processing is based on article 6 I letter c GDPR. In rare cases we might have to process your personal information to protect the vital interests of the affected party or those of another natural person. This would be the case, for example, if a visitor to our premises had an accident and his or her name, age, health insurance or other vital information had to be disclosed to a physician, a hospital or other third party. In such cases processing would be based on article 6 I letter d GDPR. Lastly, processing operations can be based on article 6 I letter f GDPR. This is the legal basis for processing procedures that are not covered by any of the above legal grounds, if processing is necessary to safeguard the legitimate interests of our company or a third party, unless your interests, fundamental rights or fundamental freedoms are more worthy of protection. These processing procedures are permitted in particular because European law expressly permits it. In this connection, the law states that a legitimate interest might be assumed if you are a customer of the controller (recital 47, second sentence, GDPR).

Legitimate interest of the controller or a third party in processing

If processing of personal information is based on article 6 I letter f GDPR, then the legitimate interest in question is our interest in conducting our business for the benefit of all of our employees and shareholders.

How long personal information is stored

The length of time for which personal information can be stored is determined by the applicable retention period provided by law. Once this period has elapsed, the data is routinely deleted unless it is still needed in order to fulfil an existing contract or to initiate a new one.

Legal or contractual duty to supply personal information; information needed for a contract; your duty to provide personal information; possible consequences of not providing personal information

You are hereby informed that you may be obligated to supply personal information either by law (e.g. taxes) or by contract (e.g. information on the contracting party). Sometimes it may be necessary for the conclusion of a contract to provide personal data, which we consequently process. For example, you are required to give us your personal information whenever you conclude a contract with our company. Unless you give us your personal information, we cannot conclude a contract with you. Before you provide any personal information, you must speak with one of our employees. Our employee will inform you on a case-by-case basis whether supplying the personal information is required by law or by contract or is needed to conclude a contract, whether you are obliged to provide the personal information and what would happen if you refused to provide it.

Use of automated decision-making

As we are a responsible company, we do not allow automatic decision-making or profiling.

Änderung der Datenschutzbestimmung

Wir behalten uns vor, unsere Datenschutzbestimmungen gelegentlich anzupassen, damit sie stets den aktuellen rechtlichen Anforderungen entspricht oder um Änderungen unserer Leistungen in der Datenschutzerklärung umzusetzen. Wir empfehlen Ihnen, diese Datenschutzbestimmungen regelmäßig zu lesen, um über den Schutz der von uns erfassten persönlichen Daten auf dem Laufenden zu bleiben. Durch die fortgesetzte Nutzung des Dienstes erklären Sie sich mit diesen Datenschutzbestimmungen und deren Aktualisierung einverstanden.