1) Information about the collection of personal data and contact details of the person responsible
1.1 We are pleased that you are visiting our website and thank you for your interest. Below we inform you about the handling of your personal data when using our website. Personal data are all data with which you can be personally identified.
1.2 Responsible for the data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is "Kaffee-Konzepte GmbH & Co. KG Rudolf-Diesel-Str. 2 23611 Bad Schwartau Germany Tel .: + 49 451 38 45 399 Fax: + 49 451 38 45 388 email: firstname.lastname@example.org ". The person responsible for the processing of personal data is the natural or legal person who alone or together with others decides on the purposes and means of processing personal data.
1.3 For security reasons and to protect the transmission of personal data and other confidential content (e.g. orders or inquiries to the person responsible), this website uses an SSL or TLS encryption. You can recognize an encrypted connection by the string "https: //" and the lock symbol in your browser line.
2) Data collection when visiting our website
When using our website for information purposes only, i.e. if you do not register or otherwise provide us with information, we only collect data that your browser transmits to our server (so-called "server log files"). When you visit our website, we collect the following data, which is technically necessary for us to display the website to you:
• Our website visited
• Date and time at the time of access
• Amount of data sent in bytes
• Source / reference from which you came to the page
• Browser used
• Operating system used
• IP address used (if necessary: in anonymous form)
Processing takes place in accordance with Art. 6 Para. 1 lit. f GDPR based on our legitimate interest in improving the stability and functionality of our website. The data will not be passed on or used in any other way. However, we reserve the right to check the server log files retrospectively if there are specific indications of illegal use.
In order to make visiting our website attractive and to enable the use of certain functions, we use so-called cookies on various pages. These are small text files that are stored on your device. Some of the cookies we use are deleted after the end of the browser session, i.e. after you close your browser (so-called session cookies). Other cookies remain on your device and enable you to recognize your browser the next time you visit (so-called persistent cookies). If cookies are set, they collect and process certain user information such as browser and location data as well as IP address values to the individual extent. Persistent cookies are automatically deleted after a specified period, which may differ depending on the cookie. The duration of the respective cookie storage can be found in the overview of the cookie settings in your web browser.
In some cases, cookies are used to simplify the ordering process by saving settings (e.g. remembering the content of a virtual shopping cart for a later visit to the website). If personal data is also processed by individual cookies we use, the processing is carried out in accordance with Art. 6 Para. 1 lit. b GDPR either to implement the contract, in accordance with Art. 6 Para. 1 lit. a GDPR in the case of a given consent or according to Art. 6 Para. 1 lit. f GDPR to protect our legitimate interests in the best possible functionality of the website and a customer-friendly and effective design of the page visit.
Please note that you can set your browser so that you are informed about the setting of cookies and decide individually whether to accept them or to exclude the acceptance of cookies for certain cases or in general. Each browser differs in the way it manages the cookie settings. This is described in the help menu of each browser, which explains how you can change your cookie settings. You can find these for the respective browser under the following links:
Internet Explorer: https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies
Please note that the functionality of our website may be restricted if cookies are not accepted.
4) Contact us
When contacting us (e.g. via contact form or email), personal data is collected. Which data is collected in the case of a contact form can be seen from the respective contact form. This data is stored and used exclusively for the purpose of answering your request or for contacting you and the associated technical administration. The legal basis for processing this data is our legitimate interest in answering your request in accordance with Art. 6 Para. 1 lit. f GDPR. If your contact is aimed at the conclusion of a contract, then an additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR. Your data will be deleted after your request has been processed. This is the case if it can be inferred from the circumstances that the matter concerned has been finally clarified and provided that there are no statutory retention requirements.
5) Data processing when opening a customer account and for contract processing
According to Art. 6 Para. 1 lit. b GDPR, personal data will continue to be collected and processed if you provide it to us for the execution of a contract or when opening a customer account. Which data is collected can be seen from the respective input forms. It is possible to delete your customer account at any time. This can be done by sending a message to the address of the person responsible. We save and use the data you provide for contract processing. After completion of the contract or deletion of your customer account, your data will be blocked with due regard to tax and commercial law retention periods and deleted after this period, unless you have expressly consented to further use of your data or reserve a legally permitted further data use on our part has been.
6) Use of your data for direct advertising
Sign up for our email newsletter
If you register for our e-mail newsletter, we will send you regular information about our offers. The only mandatory information for sending the newsletter is your email address. The provision of further data is voluntary and is used to address you personally. We use the so-called double opt-in procedure to send the newsletter. This means that we will only send you an e-mail newsletter if you have expressly confirmed to us that you consent to receiving the newsletter. We will then send you a confirmation email asking you to click the corresponding link to confirm that you want to receive the newsletter in the future.
By activating the confirmation link, you give us your consent to the use of your personal data in accordance with Art. 6 Para. 1 lit. a GDPR. When registering for the newsletter, we save your IP address entered by the Internet service provider (ISP) as well as the date and time of registration in order to be able to trace a possible misuse of your email address at a later date. The data collected by us when registering for the newsletter will only be used for advertising purposes in the form of the newsletter. You can unsubscribe from the newsletter at any time using the link provided in the newsletter or by sending a message to the person named above. After unsubscribing, your email address will be deleted from our newsletter mailing list immediately, unless you have expressly consented to further use of your data or we reserve the right to use the data beyond this, which is permitted by law and about which we inform you in this declaration.
7) Data processing for order processing
7.1 In order to process your order, we work with the following service provider (s) who support us in whole or in part in the execution of contracts. Certain personal data is transmitted to these service providers in accordance with the following information.
The personal data collected by us will be passed on to the transport company commissioned with the delivery as far as this is necessary for the delivery of the goods. We pass on your payment data to the commissioned credit institution as part of the payment processing, if this is necessary for the payment processing. If payment service providers are used, we will inform you explicitly below. The legal basis for the transfer of the data is Art. 6 Para. 1 lit. b GDPR.
7.2 Use of payment service providers (payment services)
When paying via PayPal, credit card via PayPal, direct debit via PayPal or - if offered - "purchase on account" or "installment payment" via PayPal, we pass your payment details on to PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal"). The transfer takes place in accordance with Art. 6 Para. 1 lit. b GDPR and only to the extent that this is necessary for payment processing.
You can object to this processing of your data at any time by sending a message to PayPal. However, PayPal may still be entitled to process your personal data if this is necessary for the contractual payment processing.
If you select the payment method "SOFORT", the payment will be processed by the payment service provider SOFORT GmbH, Theresienhöhe 12, 80339 Munich, Germany (hereinafter "SOFORT"), to whom we will provide the information you provided during the ordering process and the information about your order in accordance with Art. 6 para. 1 lit. b Pass on GDPR. Sofort GmbH is part of the Klarna Group (Klarna Bank AB (publ), Sveavägen 46, 11134 Stockholm, Sweden). Your data will only be passed on for the purpose of payment processing with the payment service provider SOFORT and only to the extent that it is necessary for this. You can find more information about SOFORT's data protection regulations at the following Internet address: https://www.klarna.com/sofort/datenschutz.
8) Web analytics services
Google (Universal) Analytics
This website uses Google (Universal) Analytics, a web analysis service provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"). Google (Universal) Analytics uses so-called "cookies", which are text files that are stored on your computer and that enable your use of the website to be analyzed. The information generated by the cookie about your use of this website (including the abbreviated IP address) is usually transferred to a Google server and stored there; it can also be transferred to the Google LLC server. come in the US.
This website uses Google (Universal) Analytics exclusively with the extension "_anonymizeIp ()", which ensures anonymization of the IP address by shortening it and excludes direct personal reference. As a result of the extension, your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google LLC. Server in the USA and shortened there. On our behalf, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide us with other services relating to website activity and internet usage. The IP address transmitted by your browser as part of Google (Universal) Analytics will not be merged with other Google data.
With a special function, the so-called "demographic characteristics", Google Analytics also enables the creation of statistics with statements about the age, gender and interests of the site visitors on the basis of an evaluation of interest-related advertising and the use of information from third parties. This allows the definition and differentiation of user groups of the website for the purpose of target group-optimized alignment of marketing measures. However, data records recorded via the “demographic characteristics” cannot be assigned to a specific person.
Details on the processing initiated by Google Analytics and how Google handles data from websites can be found here: https://policies.google.com/technologies/partner-sites
All processing described above, in particular the setting of Google Analytics cookies for reading out information on the computer used, will only be carried out if you have given us your express consent in accordance with Art. 6 Para. 1 lit. a GDPR. Without this consent, Google Analytics will not be used during your visit to the site.
You can revoke your consent at any time with effect for the future. To exercise your revocation, please deactivate this service in the "Cookie Consent Tool" provided on the website. We have concluded an order processing agreement with Google for the use of Google Analytics, with which Google is obliged to protect the data of our website visitors and not to pass them on to third parties.
For the transmission of data from the EU to the USA, Google relies on so-called standard data protection clauses of the European Commission, which are intended to ensure compliance with the European level of data protection in the USA.
Further information on Google (Universal) Analytics can be found here: https://policies.google.com/privacy?hl=de&gl=de
9) Tools and other
9.1 - Google Web Fonts
This site uses so-called web fonts provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”) for the uniform representation of fonts. When you call up a page, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly.
For this purpose, the browser you are using must connect to the Google servers. This can also result in the transmission of personal data to the servers of Google LLC. come in the US. In this way, Google learns that our website has been accessed via your IP address. The use of Google Web Fonts takes place in the interest of a uniform and appealing presentation of our online offers. This represents a legitimate interest within the meaning of Article 6 (1) (f) GDPR. If your browser does not support web fonts, a standard font will be used by your computer.
Further information on Google Web Fonts can be found at https://developers.google.com/fonts/faq and in Google's data protection declaration: https://www.google.com/policies/privacy/
9.2 Applications for job advertisements by email
On our website, we advertise currently vacant positions in a separate section, for which interested parties can apply by e-mail to the contact address provided. A prerequisite for inclusion in the application process is that applicants provide us with all the personal data required for a well-founded and informed assessment and selection by email together with the application. The required information includes general information about the person (name, address, a telephone or electronic contact option) as well as performance-specific evidence of the qualifications required for a position. If necessary, health-related information is also required, which must be given special consideration under labor and social law in the applicant's person in the interests of social protection. Which components an application must contain in individual cases in order to be considered and in which form these components are to be sent by email can be found in the respective job advertisement.
After receipt of the application sent using the specified email contact address, the applicant data will be stored by us and evaluated solely for the purpose of processing the application. For any queries that arise in the course of processing, we can choose to use either the email address provided by the applicant with his application or a telephone number provided. The legal basis for this processing, including the establishment of contact for queries, is Article 6 (1) (b) GDPR (for processing in Germany in conjunction with Section 26 (1) BDSG), in the sense of which going through the application process is considered to be the initiation of an employment contract. Insofar as special categories of personal data within the meaning of Art. 9 Paragraph 1 GDPR (e.g. health data such as information on severely disabled status) are requested from applicants during the application process, the processing takes place in accordance with Art. 9 Paragraph 2 lit. b. GDPR, so that we can exercise the rights arising from labor law and social security and social protection law and meet our obligations in this regard.
Cumulatively or alternatively, the processing of special data categories can also be based on Art. 9 Paragraph 1 lit. Treatment in the health or social field or for the management of systems and services in the health or social field. If, in the course of the evaluation described above, the applicant is not selected or if an applicant withdraws their application prematurely, their data transmitted by e-mail and all electronic correspondence including the original application e-mail will be deleted after 6 months at the latest after notification. This period is based on our legitimate interest in answering any follow-up questions about the application and, if necessary, being able to meet our obligations to provide evidence from the provisions on the equal treatment of applicants. In the event of a successful application, the data provided will be processed on the basis of Art. 6 Paragraph 1 lit. b GDPR (for processing in Germany in conjunction with Section 26 Paragraph 1 BDSG) for the purpose of implementing the employment relationship.
9.3 - Google Maps
We use Google Maps (API) from Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”) on our website. Google Maps is a web service for displaying interactive (land) maps in order to visually display geographic information. When you use this service, you will be shown our location and any journey will be made easier.
As far as legally required, we have obtained your consent for the processing of your data described above in accordance with Article 6 (1) (a) GDPR. You can revoke your consent at any time with effect for the future. In order to exercise your revocation, please follow the option outlined above to make an objection.
10) Rights of the relevant people
10.1 The applicable data protection law grants you comprehensive data protection rights (information and intervention rights) to the person responsible with regard to the processing of your personal data, about which we inform you below:
• Right to information in accordance with Art. 15 GDPR: In particular, you have a right to information about your personal data processed by us, the processing purposes, the categories of processed personal data, the recipients or categories of recipients to whom your data has been or will be disclosed planned storage period or the criteria for determining the storage period, the existence of a right to correction, deletion, restriction of processing, objection to processing, complaint to a supervisory authority, the origin of your data if we have not collected it from you, the existence of automated decision-making, including profiling and, if applicable, meaningful information about the logic involved and the scope that affects you and the intended effects of such processing, as well as your right to be informed about the guarantees according to Art. 46 GDPR for forwarding your data exists in third countries;
• Right to correction in accordance with Art. 16 GDPR: You have the right to immediate correction of incorrect data concerning you and / or completion of your incomplete data stored by us;
• Right to deletion according to Art. 17 GDPR: You have the right to request the deletion of your personal data if the requirements of Art. 17 Para. 1 GDPR are met. However, this right does not exist in particular if the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
• Right to restriction of processing in accordance with Art. 18 GDPR: You have the right to request the restriction of the processing of your personal data as long as the correctness of your data, which you disputed, is checked, if you refuse to delete your data due to unauthorized data processing and instead request the restriction of the processing of your data if you need your data for the establishment, exercise or defense of legal claims, after we no longer need this data after the purpose has been achieved or if you have objected to reasons of your particular situation, as long as it is not certain whether ours legitimate reasons prevail;
- Right to information in accordance with Art. 19 GDPR: If you have asserted the right to correction, deletion or restriction of processing against the person responsible, he is obliged to correct or delete the data to all recipients to whom the personal data concerning you have been disclosed or to restrict processing, unless this proves to be impossible or involves a disproportionate effort. You have the right to be informed about these recipients.
• Right to data portability according to Art. 20 GDPR: You have the right to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request the transfer to another person responsible, insofar as this is technically feasible;
• Right to revoke consent given in accordance with Art. 7 Para. 3 GDPR: You have the right to revoke your consent to the processing of data at any time with future effect. In the event of revocation, we will delete the data concerned immediately, unless further processing can be based on a legal basis for processing without consent. Withdrawing consent does not affect the lawfulness of processing based on consent before its withdrawal;
• Right to lodge a complaint in accordance with Art. 77 GDPR: If you believe that the processing of your personal data violates the GDPR, you have the right to lodge a complaint with a supervisory authority, in particular without prejudice to any other administrative or judicial remedy the Member State of your whereabouts, your place of work or the place of the alleged violation.
10.2 RIGHT OF OBJECTION
WHEN WE PROCESS YOUR PERSONAL DATA ON THE BASIS OF OUR PRINCIPLE OF INTERESTED LEGAL INTEREST, YOU HAVE THE TO OBJECT THIS PROCESSING WITH EFFECT FOR THE FUTURE FOR REASONS FOR YOUR SPECIAL SITUATION.
IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED. PROCESSING IS SUBJECT TO BE PROVIDED IF WE CAN PROVIDE OBLIGATORY PROTECTED REASONS FOR THE PROCESSING, WHICH EXERCISE YOUR INTERESTS, FUNDAMENTAL RIGHTS AND BASIC FREEDOMS, OR IF THE PROCESSING OF PUBLICITY OR PEDICTION.
IF YOUR PERSONAL DATA IS PROCESSED BY US TO OPERATE DIRECT ADVERTISEMENT, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO PROCESS PERSONAL DATA FOR THE PURPOSE OF SUCH ADVERTISING. YOU CAN EXERCISE THE CONTRADICTION AS DESCRIBED ABOVE. IF YOU MAKE USE OF YOUR RIGHT TO OBJECT, WE WILL STOP PORCESSING THE DATA CONCERNED FOR DIRECT MARKETING.
11) Duration of storage of personal data
The duration of the storage of personal data is measured on the basis of the respective legal basis, the purpose of processing and - if relevant - also on the basis of the respective statutory retention period (e.g. retention periods under commercial and tax law).
When processing personal data on the basis of express consent in accordance with Art. 6 Para. 1 lit. a DSGVO, this data is stored until the data subject withdraws their consent.
Are there legal retention periods for data that is part of legal or similar legal obligations on the basis of Art. 6 Para. 1 lit. b GDPR are processed, this data will be routinely deleted after the retention periods have expired, provided that they are no longer required to fulfill the contract or initiate a contract and / or we do not have a legitimate interest in further storage.
When processing personal data on the basis of Art. 6 Para. 1 lit. f GDPR, this data is stored until the data subject exercises his right to object pursuant to Art. 21 Para. 1 GDPR, unless we can demonstrate compelling legitimate reasons for the processing that outweigh the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims.
When processing personal data for the purpose of direct advertising on the basis of Art. 6 Para. 1 lit. f GDPR, this data is stored until the data subject exercises his right to object in accordance with Art. 21 Para. 2 GDPR.
Unless otherwise stated in the other information in this declaration on specific processing situations, stored personal data will be deleted when they are no longer necessary for the purposes for which they were collected or otherwise processed.