DATA PRIVACY STATEMENT
NAME AND CONTACT DATA OF THE PARTY RESPONSIBLE FOR DATA PROCESSING
Responsible party pursuant to Article 4 Sect. 7 General Data Protection Regulation (GDPR):
Foodigital GmbH (hereinafter referred to as “We”)
Hochbrückenstraße 8
80331 München, Germany
E-Mail: info@foodigital.de
Telefon: +49 89 614219511
CONTACT DATA FOR DATA PROTECTION ENQUIRIES
For replies to questions concerning the processing of personal data, information, correction, blocking or deletion of data, as well as in the case of revocation of consent issued, please contact:
Foodigital GmbH (hereinafter referred to as “We”)
Hochbrückenstraße 8
80331 München, Germany
E-Mail: info@foodigital.de
Telefon: +49 89 614219511
VALIDITY OF OUR DATA PRIVACY STATEMENT
With this data privacy statement, we fulfil the information requirements of the General Data Protection Regulation (GDPR) for our website offer and for the personal data collected by us via our websites. For third-party applications and websites to which reference is made, e.g. via links, the data protection declarations there apply. Unless otherwise stated, we are not responsible for the processing of your data in the context of websites or applications and their content, that are not operated by us.
PROCESSING OF PERSONAL DATA WHEN VISITING OUR WEBSITE
(1) If you call up our website merely to obtain information, the server of our website only records the data that your terminal device (computer, laptop, tablet, smartphone etc.) sends to our server on the basis of the Internet protocol https. The allocation of the server's automatic requests and feedback is based on your IP address, which may be used to establish a reference to your person. The purpose of processing the connection data is to make it technically possible for you to use our website.
(2) When you call up our website, the browser of your respective terminal device automatically sends information to the server of our website and temporarily stores it in log files. The log files contain information such as your IP address, the URL of the accessed website, date and time of access, information about a successful page access, loading time, the website from which you accessed our website, type and version of your browser, operating system of your terminal device, name of your internet service provider.
(3) The collected technical data do not allow any direct conclusion on your identity. We do not store the data together with other personal data about you.
(4) The legal basis for data processing is our legitimate interest (Article 6 paragraph 1 sentence 1 lit. f GDPR). The data is technically necessary for us to display our website, to ensure a smooth connection, the stability and security of the system and to protect against misuse.
(5) Since the processing of data is absolutely necessary for the provision and operation of our website, you have no right to object.
(6) The connection data is deleted immediately after the https call has been made. The log file data is automatically deleted after seven days.
USE OF COOKIES
(1) When you visit our website, our web server sends so-called cookies. Cookies are very small text files that are stored on the hard disk of your terminal device (computer, laptop, tablet, smartphone, etc.) and assigned to the browser you use when you visit our website. Cookies cannot execute programs or transfer viruses or trojans to your end device. Personal data is not stored in a cookie.
(2) In order to make the use of our offer more pleasant for you, we use temporary cookies (also known as "session cookies"). These store a so-called session ID, with which various requests from your browser can be assigned to your session. Temporary cookies are automatically deleted when you close your browser. We also use permanent cookies (also known as "persistent cookies"). When you visit our website again, we automatically recognize that you have already visited our website and which entries and settings you have made so that you do not have to enter them again. Persistent cookies are automatically deleted after a specified period of time, which may vary depending on the cookie. You can delete the cookies in the security settings of your browser at any time. In addition to our own cookies, we also use cookies from other providers ("third-party cookies") in order to record the use of our website statistically and to evaluate them for the purpose of optimising our offer for you. We provide separate and individual information on the use of third-party cookies in the following sections; these cookies are automatically deleted after a defined period of time.
(3) Most browsers accept cookies by default. In the security settings of your browser you can allow or forbid temporary, permanent and other cookies independently of each other. Help menus for the most common browsers can be found under the following links:
Internet Explorer: support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies
Firefox: https://support.mozilla.org/de/kb/
Chrome: https://support.google.com/chrome/
Safari: https://support.apple.com/kb/
Opera: http://help.opera.com/Windows/10.20/
If cookies are deactivated, you can surf our website without restriction, but you may not be able to use all functions of our website.
(4) The use of technically necessary cookies and functionality cookies is based on legitimate interests (Article 6 (1) sentence 1 letter f GDPR). Our legitimate interest is to ensure the functioning of our websites and their optimal usability. We also use third-party cookies (such as analysis cookies) on the basis of legitimate interests in order to optimise the quality of our websites and content.
CONSENT TO THE USE OF COOKIES, OBJECTION
(1) The use of technically necessary cookies is neither subject to consent nor is there any possibility of objection. Technically necessary cookies include, for example, session cookies which temporarily save certain settings on your part (e.g. log-in data, language settings or other settings on our website), session cookies for load distribution on the server, multimedia cookies for the reproduction of media content (e.g. Flash Player), cookies that are set by integrated payment service providers (which do not analyze specific usage behavior, but only serve to prepare possible payments or to verify payment legitimacy), opt-out cookies that allow cookie consent to be revoked, the cookie that records the consent status for other cookies, cookies from live chat systems and messenger services. The only way you can disable such cookies is by adjusting your browser settings.
(2) We require your consent for the storage and readout of cookies that are not technically necessary. We point this out on our website.
(3) If you do not agree with the storage and evaluation of the data from your visit, you can object to the storage and use of technically not necessary cookies at any time. If you object, the use of cookies and the associated data processing will be omitted for the future. Your objection will not have any disadvantages for the use of our website, unless you also deactivate the functions of the technically necessary cookies.
(4) You can object to the use of third-party cookies and the associated data processing at any time as follows: (i) You can make a setting in your browser that prevents the setting of cookies by our website. (ii) You can click on the opt-out link provided by the respective service provider for each processing operation and deactivate the further use of cookies and the associated data processing there. (iii) You can, for example, download and install the "Opt-Out" add-on from Google for your browser. Opt-out cookies prevent future collection of your information when you visit this and other websites through Google services. To prevent data collection on different devices, you must install the opt-out add-on on each device you use.
(5) An overview of all cookies used can be found at: www.foodigital.de/cookie-policy/
USE OF GOOGLE ANALYTICS
(1) Our website uses the web analysis service "Google Analytics". The provider of "Google Analytics" is the third-party provider Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland ("Google").
(2) Google Analytics uses cookies that enable an analysis of your use of our website. The information generated by the cookie about your use of our website (including your IP address) is usually transferred to a Google server in the USA and stored there. For our website we use Google Analytics with the extension "anonymizeIP()". As a result, your IP address is processed by Google in a shortened form within the member states of the European Union or in other signatory states to the Agreement on the European Economic Area, which means that it is impossible to identify you personally. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and anonymised there by truncation.
(3) On our behalf, Google will use this information to evaluate your use of the website, to compile reports on website activities and to provide us with further services related to website and internet use. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. The IP address transmitted by your browser within the framework of Google Analytics is not merged with other data from Google.
(4) You can prevent the storage of cookies by adjusting your browser software accordingly. We would like to point out, however, that you may not be able to use all functions of our website to their full extent. You can also prevent the collection of the data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plug-in available under the link http://tools.google.com/dlpage/gaoptout?hl=de.
(5) We use Google Analytics to analyse and regularly improve the use of our website. We can use the statistics obtained to improve our offer and make it more interesting for you as a user. If you have set up a customer account with us, we also use Google Analytics for a cross-device analysis of visitor flows, which is carried out using a user ID. You can deactivate the cross-device analysis of your usage in your customer account under "My data".
(6) The legal basis for the use of Google Analytics is your consent pursuant to Article 6 paragraph 1 sentence 1 lit. a GDPR.
(7) Informationen zu Zweck und Umfang der Datenerhebung und -verarbeitung durch Google erhalten Sie unter policies.google.com/privacy. Die Nutzungsbedingungen finden Sie unter marketingplatform.google.com/about/
PROCESSING OF PERSONAL DATA WHEN CONTACTING US
(1) If you contact us by letter, telephone, fax, e-mail or via a contact form, we process the personal data you provide us with and the content of the communication only in order to process your request and, where applicable, to comply with existing statutory recording obligations.
(2) The data processing for the purpose of contacting us is generally voluntary. The legal basis depends on the specific purpose of the communication. In many cases the legal basis for data processing will be the protection of our legitimate interests in accordance with Article 6 paragraph 1 sentence 1 letter f GDPR (such as conducting business correspondence, answering data protection inquiries). Insofar as further processing is carried out in order to comply with statutory storage obligations, Article 6 paragraph 1 sentence 1 lit. c GDPR is the legal basis.
(3) We shall delete the communication data as soon as the storage is no longer necessary for the fulfilment of the purpose, unless statutory storage obligations prevent deletion.
PROCESSING OF PERSONAL DATA IN THE CASE OF APPLICATIONS
(1) If you (applicant) apply to us electronically (e.g. by e-mail) and send us your application documents electronically, we will process the personal data you provide for the purpose of carrying out the application procedure.
(2) If we conclude an employment contract with an applicant, we process the data for the purpose of handling the employment relationship in accordance with the statutory provisions.
(3) Where no employment contract is formed between an applicant and us, the application documents are deleted automatically six months after notice of rejection of the application unless we have other legitimate interests which prevent deletion. Such an interest could be the duty to provide proof in proceedings pursuant to the General Equal Treatment Act (AGG).
(4) The legal basis for data processing is Article 6 (1) sentence 1 letter b GDPR and Section 26 (1) sentence 1 no. 1 Federal Data Protection Act (BDSG) (decision on the establishment of an employment relationship).
PROCESSING OF PERSONAL DATA OF BUSINESS PARTNERS
(1) In the context of our cooperation with business partners, we process personal data of contact persons at interested parties, customers, sales partners, suppliers, service providers and other partners. These data include in detail:
(i) Contact information such as name, first name and (business) address, telephone number, mobile phone number, fax number, e-mail address,
(ii) Information for processing payment transactions, such as bank details, account numbers, credit card information,
(iii) Information whose processing is necessary in the context of the execution of a contractual relationship with us or which is voluntarily provided by business partners,
(iv) personal data collected from publicly available sources, from credit agencies or from information databases
(v) any other personal data that may be legally required to identify our business partner, such as date of birth, ID card date, ID card number.
(2) We process personal data for the following purposes:
(i) Communication with business partners within the framework of the initiation, establishment, execution and termination of business relationships,
(ii) Implementation and administration of the business relationship (e.g. processing of orders for products and services, accounting, invoicing),
(iii) assertion of and defence against legal claims,
(iv) Execution of marketing activities (e.g. invitations to events, newsletter distribution to existing customers),
(v) Maintaining and protecting the safety of our products and services,
(vi) Prevention, prevention and detection of security risks and criminal offences,
(vii) Compliance with legal requirements (e.g. tax and commercial retention requirements),
(viii) Compliance with statutory investigation obligations (e.g. under the Money Laundering Act).
(3) The processing of personal data is necessary to achieve the purposes mentioned above. Unless expressly stated otherwise when collecting personal data, are legal bases for data processing:
(i) the execution and performance of a contract with you (Article 6 (1) sentence 1 letter b GDPR)
(ii) the fulfilment of legal obligations to which we are subject (Article 6 (1) sentence 1 lit. c GDPR)
(iii) the protection of our legitimate interests (Article 6 paragraph 1 sentence 1 lit. f GDPR), whereby our legitimate interest lies in the initiation, implementation, handling and support of the business relationship.
If you have expressly given your consent to the processing of your personal data in individual cases, your consent is the legal basis for the processing in accordance with Article 6 paragraph 1 sentence 1 lit. a GDPR.
(4) We shall delete the personal data as soon as the storage is no longer necessary for the fulfilment of the purpose, unless further statutory periods of limitation or statutory storage obligations (e.g. up to 10 years in accordance with the German Commercial Code or the German Fiscal Code) prevent deletion.
PROCESSING OF PERSONAL DATA UPON NEWSLETTER SUBSCRIPTION
(1) If we offer a newsletter, we will send you our newsletter by e-mail on request, even outside a business relationship, to inform you about news and current offers. Your e-mail address is the only mandatory information for the sending of our newsletter. The provision of further data is voluntary; we use this information to contact you personally if necessary.
(2) For the registration to our newsletter we use the so-called double opt-in procedure. This means that after your registration we will send you an e-mail to the e-mail address you have provided and ask you to confirm that you wish to receive the newsletter. If you do not confirm your registration within 48 hours, your data will be blocked and automatically deleted after one month. When you register for the newsletter, we save your IP address and the time of registration and confirmation in order to be able to clarify a possible misuse of your personal data.
(3) We may pass on your data to a service provider who produces and sends the newsletter for us. This service provider is contractually obliged by us neither to use personal data for its own purposes nor to pass them on to third parties.
(4) The legal basis for processing your data for our newsletter is Article 6 paragraph 1 sentence 1 lit. a GDPR.
(5) We will process your personal data only until you unsubscribe from the newsletter. As soon as you revoke your consent or unsubscribe from the newsletter, we will delete your personal data processed for this purpose.
(6) You can object to the newsletter transmission as well as the sending of e-mails at any time with effect for the future. For this purpose, it is sufficient to use the unsubscribe option at the end of the newsletter or to send a message in text form to the contact data given in the imprint (e.g. by e-mail, fax, postal letter).
TRANSMISSION AND DISCLOSURE OF PERSONAL DATA
(1) We only pass on personal data to third parties if
(i) you have expressly consented (Article 6 (1) sentence 1 lit. a GDPR), or
(ii) this is necessary to carry out a pre-contractual measure requested by you or to fulfil a contractual relationship with you (Article 6 (1) sentence 1 lit. b GDPR), or
(iii) we are legally obliged to do so (Article 6 (1) sentence 1 lit. c GDPR), or
(iv) the disclosure pursuant to Article 6 paragraph 1 sentence 1 letter f GDPR is necessary for the assertion, exercise or defence of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data.
(2) Personal data which you publish via one of our online services (e.g. in forums) may be accessible to other registered users of our online services worldwide.
SOCIAL MEDIA NETWORKS
(1) On our website we currently link to the following social media networks: Facebook, YouTube, LinkedIn, Xing.
(2) The legal basis is Article 6 paragraph 1 sentence 1 lit. f GDPR. Our legitimate interest lies in the promotional purpose of increasing the attractiveness of our website and raising the profile of our company.
(3) No additional data processing is carried out by setting the links. We use the so-called two-click solution, i.e. only when you click on the button of a network and thereby activate it, does your browser establish a connection to the respective network and the contents are loaded from its side. The network operator receives the information that you have called up the corresponding web page of our website. In addition, the data mentioned in the section "Processing of personal data when visiting our website" is transmitted to the respective operator and processed there (in the case of US providers in the USA). In the case of Facebook and Xing, according to the respective operators in Germany, the IP address is anonymised immediately after it is collected.
(4) We have no influence on the data and data processing procedures collected by the respective operator, nor are we aware of the full extent of the data collection, the purposes of the processing, the storage periods. We also have no information about the deletion of the collected data by the respective network operator.
(5) Since network operators use cookies in particular for data collection, we recommend that you delete all cookies before clicking on the button of a network in the security settings of your browser. In addition, we recommend that you log out of the corresponding networks before visiting our website, and especially before clicking a button, if you want to avoid that the operators assign the data collected during your visit to our website directly to your profile. You also have the right to object to the creation of user profiles, whereby you must contact the respective network operator in order to exercise this right.
(6) Further information on the type, scope, purpose and further processing of your data by network operators can be obtained from the respective operator. There you will also receive further information on your rights in this regard and setting options for the protection of your privacy:
Facebook: Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland; information on data protection: https://www.facebook.com/
YouTube: Google Ireland Limited, Gordon House, Barrow St, Dublin 4, Ireland;
information on data protection https://policies.google.com/privacy?hl=de&gl=de
LinkedIn: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland;
information on data protection https://www.linkedin.com/legal/privacy-policy
Xing: New Work SE, Dammtorstraße 30, 20354 Hamburg, Deutschland;
information on data protection https://privacy.xing.com/de/
RIGHTS OF PARTIES CONCERNED
(1) Under the legal requirements, you have the following rights with regard to the personal data concerning you:
- Right to information (Article 15 GDPR)
- Right of rectification (Article 16 GDPR)
- Recht auf Löschung (Artikel 17 DSGVO)
- Right of cancellation (Article 17 GDPR)
- Right to object to processing (Article 21 GDPR)
- Right to data transferability (Article 20 GDPR)
(2) If you have given us your consent to process your personal data, you have the right to revoke this consent at any time with effect for the future (Article 7 paragraph 3 GDPR). Revocation does not affect the lawfulness of processing in the past. After revocation, we may further process your personal data only to the extent that we can base the processing on another legal basis (e.g. to fulfil a contract).
(3) You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us (Article 77 GDPR).
DATA SECURITY
Within the website visit we use the common TLS procedure in connection with the highest encryption level supported by your browser. Usually this is a 256 bit encryption. You can tell whether an individual page of our website is being transmitted in encrypted form by the closed display of the key or lock symbol in the lower status bar of your browser. We also use suitable technical and organisational security measures to protect your data against accidental or deliberate manipulation, partial or complete loss, destruction or unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.
UPDATE AND CHANGE OF THE PRESENT DATA PRIVACY STATEMENT
This data protection declaration has the status given at the end. Due to the further development of our website and the services offered via the website or due to changed legal or official requirements, it may become necessary to amend this data protection declaration. The current data protection declaration can be called up and printed out at any time on our website.