Privacy Policy Kaffee-Konzepte

Privacy policy


1) Information about the collection of personal data and contact details of the person responsible
1.1 We are pleased that you are visiting our website and thank you for your interest. Below we inform you about the handling of your personal data when using our website. Personal data are all data with which you can be personally identified.

1.2 Responsible for the data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is "Kaffee-Konzepte GmbH & Co. KG Rudolf-Diesel-Str. 2 23611 Bad Schwartau Germany Tel .: + 49 451 38 45 399 Fax: + 49 451 38 45 388 email: info@kaffeekonzepte.de ". The person responsible for the processing of personal data is the natural or legal person who alone or together with others decides on the purposes and means of processing personal data.

1.3 For security reasons and to protect the transmission of personal data and other confidential content (e.g. orders or inquiries to the person responsible), this website uses an SSL or TLS encryption. You can recognize an encrypted connection by the string "https: //" and the lock symbol in your browser line.


2) Data collection when visiting our website
When using our website for information purposes only, i.e. if you do not register or otherwise provide us with information, we only collect data that your browser transmits to our server (so-called "server log files"). When you visit our website, we collect the following data, which is technically necessary for us to display the website to you:
• Our website visited
• Date and time at the time of access
• Amount of data sent in bytes
• Source / reference from which you came to the page
• Browser used
• Operating system used
• IP address used (if necessary: ​​in anonymous form)
Processing takes place in accordance with Art. 6 Para. 1 lit. f GDPR based on our legitimate interest in improving the stability and functionality of our website. The data will not be passed on or used in any other way. However, we reserve the right to check the server log files retrospectively if there are specific indications of illegal use.

 

3) Cookies
In order to make visiting our website attractive and to enable the use of certain functions, we use so-called cookies on various pages. These are small text files that are stored on your device. Some of the cookies we use are deleted after the end of the browser session, i.e. after you close your browser (so-called session cookies). Other cookies remain on your device and enable you to recognize your browser the next time you visit (so-called persistent cookies). If cookies are set, they collect and process certain user information such as browser and location data as well as IP address values ​​to the individual extent. Persistent cookies are automatically deleted after a specified period, which may differ depending on the cookie. The duration of the respective cookie storage can be found in the overview of the cookie settings in your web browser.
In some cases, cookies are used to simplify the ordering process by saving settings (e.g. remembering the content of a virtual shopping cart for a later visit to the website). If personal data is also processed by individual cookies we use, the processing is carried out in accordance with Art. 6 Para. 1 lit. b GDPR either to implement the contract, in accordance with Art. 6 Para. 1 lit. a GDPR in the case of a given consent or according to Art. 6 Para. 1 lit. f GDPR to protect our legitimate interests in the best possible functionality of the website and a customer-friendly and effective design of the page visit.
Please note that you can set your browser so that you are informed about the setting of cookies and decide individually whether to accept them or to exclude the acceptance of cookies for certain cases or in general. Each browser differs in the way it manages the cookie settings. This is described in the help menu of each browser, which explains how you can change your cookie settings. You can find these for the respective browser under the following links:
Internet Explorer: https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies
Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen
Chrome: https://support.google.com/chrome/answer/95647?hl=de&hlrm=en
Safari: https://support.apple.com/de-de/guide/safari/sfri11471/12.0/mac/10.14
Opera: https://help.opera.com/de/latest/web-preferences/#cookies
Please note that the functionality of our website may be restricted if cookies are not accepted.

 

4) Contact us
When contacting us (e.g. via contact form or email), personal data is collected. Which data is collected in the case of a contact form can be seen from the respective contact form. This data is stored and used exclusively for the purpose of answering your request or for contacting you and the associated technical administration. The legal basis for processing this data is our legitimate interest in answering your request in accordance with Art. 6 Para. 1 lit. f GDPR. If your contact is aimed at the conclusion of a contract, then an additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR. Your data will be deleted after your request has been processed. This is the case if it can be inferred from the circumstances that the matter concerned has been finally clarified and provided that there are no statutory retention requirements.

 

5) Data processing when opening a customer account and for contract processing
According to Art. 6 Para. 1 lit. b GDPR, personal data will continue to be collected and processed if you provide it to us for the execution of a contract or when opening a customer account. Which data is collected can be seen from the respective input forms. It is possible to delete your customer account at any time. This can be done by sending a message to the address of the person responsible. We save and use the data you provide for contract processing. After completion of the contract or deletion of your customer account, your data will be blocked with due regard to tax and commercial law retention periods and deleted after this period, unless you have expressly consented to further use of your data or reserve a legally permitted further data use on our part has been.

 

6) Use of your data for direct advertising
Sign up for our email newsletter
If you register for our e-mail newsletter, we will send you regular information about our offers. The only mandatory information for sending the newsletter is your email address. The provision of further data is voluntary and is used to address you personally. We use the so-called double opt-in procedure to send the newsletter. This means that we will only send you an e-mail newsletter if you have expressly confirmed to us that you consent to receiving the newsletter. We will then send you a confirmation email asking you to click the corresponding link to confirm that you want to receive the newsletter in the future.
By activating the confirmation link, you give us your consent to the use of your personal data in accordance with Art. 6 Para. 1 lit. a GDPR. When registering for the newsletter, we save your IP address entered by the Internet service provider (ISP) as well as the date and time of registration in order to be able to trace a possible misuse of your email address at a later date. The data collected by us when registering for the newsletter will only be used for advertising purposes in the form of the newsletter. You can unsubscribe from the newsletter at any time using the link provided in the newsletter or by sending a message to the person named above. After unsubscribing, your email address will be deleted from our newsletter mailing list immediately, unless you have expressly consented to further use of your data or we reserve the right to use the data beyond this, which is permitted by law and about which we inform you in this declaration.

 

7) Data processing for order processing
7.1 In order to process your order, we work with the following service provider (s) who support us in whole or in part in the execution of contracts. Certain personal data is transmitted to these service providers in accordance with the following information.
The personal data collected by us will be passed on to the transport company commissioned with the delivery as far as this is necessary for the delivery of the goods. We pass on your payment data to the commissioned credit institution as part of the payment processing, if this is necessary for the payment processing. If payment service providers are used, we will inform you explicitly below. The legal basis for the transfer of the data is Art. 6 Para. 1 lit. b GDPR.

7.2 Use of payment service providers (payment services)
- Paypal
When paying via PayPal, credit card via PayPal, direct debit via PayPal or - if offered - "purchase on account" or "installment payment" via PayPal, we pass your payment details on to PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal"). The transfer takes place in accordance with Art. 6 Para. 1 lit. b GDPR and only to the extent that this is necessary for payment processing.
PayPal reserves the right to carry out a credit check for the payment methods credit card via PayPal, direct debit via PayPal or - if offered - "purchase on account" or "installment payment" via PayPal. For this purpose, your payment details may be processed in accordance with Art. 6 para. 1 lit. f GDPR passed on to credit agencies on the basis of PayPal's legitimate interest in determining your solvency. PayPal uses the result of the credit check with regard to the statistical probability of default for the purpose of deciding on the provision of the respective payment method. The credit report can contain probability values ​​(so-called score values). As far as score values ​​are included in the result of the credit report, they are based on a scientifically recognized mathematical-statistical procedure. Address data is used, among other things, but not exclusively, to calculate the score values. For more information on data protection law, including information on the credit agencies used, please refer to PayPal's privacy policy: https://www.paypal.com/de/webapps/mpp/ua/privacy-full
You can object to this processing of your data at any time by sending a message to PayPal. However, PayPal may still be entitled to process your personal data if this is necessary for the contractual payment processing.
- "SOFORT",

If you select the payment method "SOFORT", the payment will be processed by the payment service provider SOFORT GmbH, Theresienhöhe 12, 80339 Munich, Germany (hereinafter "SOFORT"), to whom we will provide the information you provided during the ordering process and the information about your order in accordance with Art. 6 para. 1 lit. b Pass on GDPR. Sofort GmbH is part of the Klarna Group (Klarna Bank AB (publ), Sveavägen 46, 11134 Stockholm, Sweden). Your data will only be passed on for the purpose of payment processing with the payment service provider SOFORT and only to the extent that it is necessary for this. You can find more information about SOFORT's data protection regulations at the following Internet address: https://www.klarna.com/sofort/datenschutz.

8) Web analytics services
Google (Universal) Analytics
This website uses Google (Universal) Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"). Google (Universal) Analytics uses so-called "cookies", which are text files that are stored on your computer and that enable an analysis of your use of the website. The information generated by the cookie about your use of this website (including the shortened IP address) is usually transferred to a Google server and stored there, which can also be transmitted to the servers of Google LLC. in the US.
This website uses Google (Universal) Analytics exclusively with the extension "_anonymizeIp ()", which ensures anonymization of the IP address by shortening and excludes a direct personal reference. The extension will shorten your IP address from Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google LLC server in the USA and shortened there. In these exceptional cases, this processing takes place in accordance with Art. 6 Para. 1 lit. f GDPR based on our legitimate interest in the statistical analysis of user behavior for optimization and marketing purposes.
On our behalf, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide us with other services related to website activity and internet usage. The IP address transmitted by your browser as part of Google (Universal) Analytics will not be merged with other Google data.
You can prevent the storage of cookies by setting your browser software accordingly. However, please note that if you do this you may not be able to use the full functionality of this website. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading the browser plug-in available under the following link and install:
https://tools.google.com/dlpage/gaoptout?hl=de
As an alternative to the browser plug-in or within browsers on mobile devices, please click on the following link to set an opt-out cookie that will prevent Google Analytics from collecting data on this website in the future (this opt-out cookie only works in this browser and only for this domain. If you delete your cookies in this browser, you must click this link again): Deactivate Google Analytics
Further information on Google (Universal) Analytics can be found here: https://policies.google.com/privacy?hl=de&gl=de
In the event of transmission of personal data to Google LLC. based in the United States, Google LLC. certified for the US-European data protection convention "Privacy Shield", which guarantees compliance with the data protection level applicable in the EU. A current certificate can be viewed here: https://www.privacyshield.gov/list
As far as legally required, we have given your consent to the processing of your data as described above in accordance with Art. 6 Para. 1 lit. a GDPR obtained. You can revoke your consent at any time. To exercise your revocation, please follow the above-mentioned option to object.

 

9) Tools and other
9.1 - Google Web Fonts
For the uniform display of fonts, this page uses so-called web fonts provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"). When you visit a page, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly.
For this purpose, the browser you are using must connect to the Google servers. In this case, personal data may also be transmitted to the servers of Google LLC. in the US. In this way, Google becomes aware that our website has been accessed via your IP address. Google Web Fonts are used in the interest of a uniform and appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If your browser does not support web fonts, a standard font will be used by your computer.
In the event of transmission of personal data to Google LLC. based in the United States, Google LLC. certified for the US-European data protection convention "Privacy Shield", which guarantees compliance with the data protection level applicable in the EU. A current certificate can be viewed here: https://www.privacyshield.gov/list
Further information on Google Web Fonts can be found at https://developers.google.com/fonts/faq and in Google's data privacy: https://www.google.com/policies/privacy/

9.2 Applications for job advertisements by email
On our website, we are currently posting vacancies in a separate section, to which interested parties can apply by e-mail to the contact address provided.
In order to be accepted into the application process, applicants must provide us with all of the personal data required for a well-founded and informed assessment and selection together with the application by email.
The required information includes general information about the person (name, address, telephone or electronic contact options) as well as performance-specific evidence of the qualifications required for a job. If necessary, health-related information is also required, which in the interest of social protection must be given special consideration by the applicant in terms of labor and social law.
The respective job advertisement shows which components an application must contain in individual cases in order to be considered and in which form these components are to be sent by email.
After receipt of the application sent using the specified email contact address, we will save the applicant data and evaluate it exclusively for the purpose of processing the application. For any queries that arise during the course of processing, we use either the email address provided by the applicant with his application or a specified telephone number.
The legal basis for this processing, including contacting for queries, is basically Art. 6 Para. 1 lit. b GDPR in conjunction Section 26 (1) BDSG, in the sense of which the application process is considered to be an employment contract initiation.
Insofar as special categories of personal data within the meaning of Art. 9 Para. 1 GDPR (e.g. health data such as information on the severely disabled) are requested from applicants, processing takes place in accordance with Art. 9 Para. 2 lit. b. GDPR, so that we can exercise the rights arising from labor law and the law of social security and social protection and fulfill our obligations in this regard.
Cumulatively or alternatively, the processing of the special data categories can also be based on Art. 9 Para. 1 lit. h GDPR if they are used for the purposes of preventive health care or occupational medicine, for the assessment of the applicant's ability to work, for medical diagnostics, care or treatment in the health or social field or for the administration of systems and services in the health or social field he follows.

If the applicant is not selected in the course of the evaluation described above or if an applicant withdraws his application early, the data transmitted by email and all electronic correspondence including the original application email will be deleted after a corresponding notification after 6 months at the latest. This deadline is based on our legitimate interest in answering any follow-up questions to the application and, if necessary, in being able to meet our obligations to provide evidence from the regulations on equal treatment of applicants.
In the case of a successful application, the data provided will be processed on the basis of Art. 6 Para. 1 lit. b GDPR in conjunction Section 26 (1) BDSG for the purposes of carrying out the employment relationship.

9.3 - Google Maps
On our website we use Google Maps (API) from Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”). Google Maps is a web service for displaying interactive (land) maps to visually display geographic information. By using this service, our location will be shown to you and any travel will be easier.
As soon as you call up the sub-pages in which the Google Maps map is integrated, information about your use of our website (such as your IP address) is transmitted to Google servers and stored there, which can also be transmitted to the servers Google LLC. in the US. This takes place regardless of whether Google provides a user account that you are logged in to or whether there is a user account. If you are logged in to Google, your data will be assigned directly to your account. If you do not want your profile to be assigned to Google, you must log out before activating the button. Google stores your data (even for users who are not logged in) as usage profiles and evaluates them. The collection, storage and evaluation are carried out in accordance with Art. 6 Para. 1 lit. f DSGVO based on Google's legitimate interest in displaying personalized advertising, market research and / or the needs-based design of Google websites. You have the right to object to the creation of these user profiles, but you must contact Google to exercise them.
In the event of transmission of personal data to Google LLC. based in the United States, Google LLC. certified for the US-European data protection convention "Privacy Shield", which guarantees compliance with the data protection level applicable in the EU. A current certificate can be viewed here: https://www.privacyshield.gov/list
If you do not agree to the future transmission of your data to Google when using Google Maps, there is also the option of completely deactivating the Google Maps web service by switching off the JavaScript application in your browser. Google Maps and thus the map display on this website cannot be used then.
You can view Google's terms of use at https://www.google.de/intl/de/policies/terms/regional.html, the additional terms of use for Google Maps can be found at https://www.google.com/intl /de_US/help/terms_maps.html
Detailed information on data protection in connection with the use of Google Maps can be found on the Google website ("Google Privacy Policy"): https://www.google.de/intl/de/policies/privacy/
As far as legally required, we have given your consent to the processing of your data as described above in accordance with Art. 6 Para. 1 lit. a GDPR obtained. You can revoke your consent at any time for the future. To exercise your revocation, please follow the above-mentioned option to object.

 

10) Rights of the relevant people

10.1 The applicable data protection law grants you comprehensive data protection rights (information and intervention rights) to the person responsible with regard to the processing of your personal data, about which we inform you below:
• Right to information in accordance with Art. 15 GDPR: In particular, you have a right to information about your personal data processed by us, the processing purposes, the categories of processed personal data, the recipients or categories of recipients to whom your data has been or will be disclosed planned storage period or the criteria for determining the storage period, the existence of a right to correction, deletion, restriction of processing, objection to processing, complaint to a supervisory authority, the origin of your data if we have not collected it from you, the existence of automated decision-making, including profiling and, if applicable, meaningful information about the logic involved and the scope that affects you and the intended effects of such processing, as well as your right to be informed about the guarantees according to Art. 46 GDPR for forwarding your data exists in third countries;
• Right to correction in accordance with Art. 16 GDPR: You have the right to immediate correction of incorrect data concerning you and / or completion of your incomplete data stored by us;
• Right to deletion according to Art. 17 GDPR: You have the right to request the deletion of your personal data if the requirements of Art. 17 Para. 1 GDPR are met. However, this right does not exist in particular if the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
• Right to restriction of processing in accordance with Art. 18 GDPR: You have the right to request the restriction of the processing of your personal data as long as the correctness of your data, which you disputed, is checked, if you refuse to delete your data due to unauthorized data processing and instead request the restriction of the processing of your data if you need your data for the establishment, exercise or defense of legal claims, after we no longer need this data after the purpose has been achieved or if you have objected to reasons of your particular situation, as long as it is not certain whether ours legitimate reasons prevail;

  • Right to information in accordance with Art. 19 GDPR: If you have asserted the right to correction, deletion or restriction of processing against the person responsible, he is obliged to correct or delete the data to all recipients to whom the personal data concerning you have been disclosed or to restrict processing, unless this proves to be impossible or involves a disproportionate effort. You have the right to be informed about these recipients.
    • Right to data portability according to Art. 20 GDPR: You have the right to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request the transfer to another person responsible, insofar as this is technically feasible;
    • Right to revoke consent given in accordance with Art. 7 Para. 3 GDPR: You have the right to revoke your consent to the processing of data at any time with future effect. In the event of revocation, we will delete the data concerned immediately, unless further processing can be based on a legal basis for processing without consent. Withdrawing consent does not affect the lawfulness of processing based on consent before its withdrawal;
    • Right to lodge a complaint in accordance with Art. 77 GDPR: If you believe that the processing of your personal data violates the GDPR, you have the right to lodge a complaint with a supervisory authority, in particular without prejudice to any other administrative or judicial remedy the Member State of your whereabouts, your place of work or the place of the alleged violation.

 

10.2 RIGHT OF OBJECTION

WHEN WE PROCESS YOUR PERSONAL DATA ON THE BASIS OF OUR PRINCIPLE OF INTERESTED LEGAL INTEREST, YOU HAVE THE TO OBJECT THIS PROCESSING WITH EFFECT FOR THE FUTURE FOR REASONS FOR YOUR SPECIAL SITUATION.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED. PROCESSING IS SUBJECT TO BE PROVIDED IF WE CAN PROVIDE OBLIGATORY PROTECTED REASONS FOR THE PROCESSING, WHICH EXERCISE YOUR INTERESTS, FUNDAMENTAL RIGHTS AND BASIC FREEDOMS, OR IF THE PROCESSING OF PUBLICITY OR PEDICTION.
IF YOUR PERSONAL DATA IS PROCESSED BY US TO OPERATE DIRECT ADVERTISEMENT, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO PROCESS PERSONAL DATA FOR THE PURPOSE OF SUCH ADVERTISING. YOU CAN EXERCISE THE CONTRADICTION AS DESCRIBED ABOVE. IF YOU MAKE USE OF YOUR RIGHT TO OBJECT, WE WILL STOP PORCESSING THE DATA CONCERNED FOR DIRECT MARKETING.

 

11) Duration of storage of personal data
The duration of the storage of personal data is measured on the basis of the respective legal basis, the purpose of processing and - if relevant - also on the basis of the respective statutory retention period (e.g. retention periods under commercial and tax law).
When processing personal data on the basis of express consent in accordance with Art. 6 Para. 1 lit. a DSGVO, this data is stored until the data subject withdraws their consent.
Are there legal retention periods for data that is part of legal or similar legal obligations on the basis of Art. 6 Para. 1 lit. b GDPR are processed, this data will be routinely deleted after the retention periods have expired, provided that they are no longer required to fulfill the contract or initiate a contract and / or we do not have a legitimate interest in further storage.
When processing personal data on the basis of Art. 6 Para. 1 lit. f GDPR, this data is stored until the data subject exercises his right to object pursuant to Art. 21 Para. 1 GDPR, unless we can demonstrate compelling legitimate reasons for the processing that outweigh the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims.
When processing personal data for the purpose of direct advertising on the basis of Art. 6 Para. 1 lit. f GDPR, this data is stored until the data subject exercises his right to object in accordance with Art. 21 Para. 2 GDPR.
Unless otherwise stated in the other information in this declaration on specific processing situations, stored personal data will be deleted when they are no longer necessary for the purposes for which they were collected or otherwise processed.

 

Status: 09.01.2020

Vertreten durch die IT-Recht Kanzlei