Website Privacy Policy / FUN EUROPE WEBSITE PRIVACY POLICY FOOD UNION EUROPE. Created on Page 1 of 16

Transcription

1 WEBSITE PRIVACY POLICY FOOD UNION EUROPE Created n Page 1 f 16

2 OUR PRIVACY POLICY We are very delighted that yu have shwn interest in Fd Unin enterprises. Data prtectin is f a particularly high pririty fr the management f ur cmpany. The use f the Internet pages f ur cmpany is pssible withut any indicatin f persnal data; hwever, if a data subject wants t use special enterprise services via ur website, prcessing f persnal data culd becme necessary. If the prcessing f persnal data is necessary and there is n ther statutry basis fr such prcessing, we btain cnsent frm the data subject. The prcessing f persnal data, such as the name, address, address, r telephne number f a data subject shall always be in line with the General Data Prtectin Regulatin (GDPR), and in accrdance with the cuntry-specific data prtectin regulatins applicable t the Cmpany. By means f this data prtectin declaratin, we wuld like t infrm yu f the nature, scpe, and purpse f the persnal data we cllect, use and prcess. Furthermre, data subjects are infrmed, by means f this data prtectin declaratin, f the rights t which they are entitled. We have made an effrt t make this legal dcument as understandable as pssible, hwever if yu wuld just like t view a cncise verview f the main pints cvered in this Plicy, please see ur Privacy Ntice. As the cntrller, we have implemented numerus technical and rganizatinal measures t ensure the mst cmplete prtectin f persnal data prcessed thrugh this website. Hwever, Internet-based data transmissins may in principle have security gaps, s abslute prtectin may nt be guaranteed. 1. Definitins Our data prtectin declaratin is based n the terms used in the General Data Prtectin Regulatin (GDPR). Our data prtectin declaratin shuld be legible and understandable fr the general public, as well as ur custmers and business partners. T ensure this, we wuld like t first explain sme f the terminlgy used by us in this plicy (accrding t GDPR): a) Persnal data Persnal data means any infrmatin relating t an identified r identifiable natural persn ( data subject ). An identifiable natural persn is ne wh can be identified, directly r indirectly, in particular by reference t an identifier such as a name, an identificatin number, lcatin data, an nline identifier r t ne r mre factrs specific t the physical, physilgical, genetic, mental, ecnmic, cultural r scial identity f that natural persn. b) Data subject Data subject is any identified r identifiable natural persn, whse persnal data is prcessed by the cntrller respnsible fr the prcessing. c) Prcessing Created n Page 2 f 16

3 Prcessing is any peratin r set f peratins which is perfrmed n persnal data r n sets f persnal data, whether r nt by autmated means, such as cllectin, recrding, rganisatin, structuring, strage, adaptatin r alteratin, retrieval, cnsultatin, use, disclsure by transmissin, disseminatin r therwise making available, alignment r cmbinatin, restrictin, erasure r destructin. g) Cntrller r cntrllers respnsible fr the prcessing Cntrller r cntrllers respnsible fr the prcessing is the natural r legal persn, public authrity, agency r ther bdy which, alne r jintly with thers, determines the purpses and means f the prcessing f persnal data; where the purpses and means f such prcessing are determined by Unin r Member State law, the cntrller r the specific criteria fr its nminatin may be prvided fr by Unin r Member State law. h) Prcessr Prcessr is a natural r legal persn, public authrity, agency r ther bdy which prcesses persnal data n behalf f the cntrller. i) Recipient Recipient is a natural r legal persn, public authrity, agency r anther bdy, t which the persnal data are disclsed, whether a third party r nt. Hwever, public authrities which may receive persnal data in the framewrk f a particular inquiry in accrdance with Unin r Member State law shall nt be regarded as recipients; the prcessing f thse data by thse public authrities shall be in cmpliance with the applicable data prtectin rules accrding t the purpses f the prcessing. j) Third party Third party is a natural r legal persn, public authrity, agency r bdy ther than the data subject, cntrller, prcessr and persns wh, under the direct authrity f the cntrller r prcessr, are authrised t prcess persnal data. k) Cnsent Cnsent f the data subject is any freely given, specific, infrmed and unambiguus indicatin f the data subject's wishes by which he r she, by a statement r by a clear affirmative actin, signifies agreement t the prcessing f persnal data relating t him r her. 2. Name and Address f the cntrllers Jint data cntrllers fr the purpses f the General Data Prtectin Regulatin (GDPR), ther data prtectin laws applicable in Member states f the Eurpean Unin and ther prvisins related t data prtectin are: Created n Page 3 f 16

4 AS Rīgas piena kmbināts, reg. n , legal address: Bauskas iela 180, Riga, LV- 1004, Latvia. AS Valmieras piens, reg. n , legal address: Rīgas iela 93, Valmiera, LV-4201, Latvia. SIA Rīgas Piensaimnieks, reg. n , legal address: Valmieras iela 2, Riga, LV- 1009, Latvia. AS Premia FFL, reg. n , legal address: Bauskas iela 180, Riga, LV-1004, Latvia. Mejerigaarden A/S, reg. n , legal address: Sennelsvej 1, 7700 Thisted, Denmark Hjem-IS Danmark A/S, reg. n , legal address: Kkhlm 1B, 1. Sal, DK Klding, Denmark, Den nrske Isbilen AS, reg. n , legal address: Slettebrekkdalen 11, 5303 Fllese, Nrway Premia Tallinna Külmhne AS, reg. n , legal address: Betni 4, Tallinn, Estnia AB Premia KPC, reg. n , legal address: Taiks pr. 96 Kaunas LT-51178, Lithuania Cntact infrmatin f all cntrllers can be fund n: Cntact fr all questins related t yur persnal data: dati@fdunin.cm All cntrllers tgether r separately are referred t as Cmpany r Cntrller r Fd Unin in this dcument. 3. Name and Address f the prcessr Data cntrller has designated fllwing prcessr fr the purpses f the General Data Prtectin Regulatin (GDPR), ther data prtectin laws applicable in Member states f the Eurpean Unin and ther prvisins related t data prtectin: SIA Fd Unin Management, Bauskas 180, Riga, Latvia, LV Ckies The Internet pages and servers use ckies. Ckies are text files that are stred in a cmputer system via an Internet brwser. Many ckies cntain a s-called ckie ID. A ckie ID is a unique identifier f the ckie. It cnsists f a character string thrugh which Created n Page 4 f 16

5 Internet pages and servers can be assigned t the specific Internet brwser in which the ckie was stred. This allws visited Internet sites and servers t differentiate the individual brwser f the data subject frm ther Internet brwsers that cntain ther ckies. A specific Internet brwser can be recgnized and identified using the unique ckie ID. Thrugh the use f ckies, Cmpany can prvide the users f this website with mre userfriendly services that wuld nt be pssible withut the ckie setting. By means f a ckie, the infrmatin and ffers n ur website can be ptimized with the user in mind. Ckies allw us, as previusly mentined, t recgnize ur website users. The purpse f this recgnitin is t make it easier fr users t utilize ur website. The website user that uses ckies, e.g. des nt have t enter access data each time the website is accessed, because this is taken ver by the website, and the ckie is thus stred n the user's cmputer system. Anther example is the ckie f a shpping cart in an nline shp. The nline stre remembers the articles that a custmer has placed in the virtual shpping cart via a ckie. The data subject may, at any time, prevent the setting f ckies thrugh ur website by means f a crrespnding setting f the Internet brwser used, and may thus permanently deny the setting f ckies. Furthermre, already set ckies may be deleted at any time via an Internet brwser r ther sftware prgrams. This is pssible in all ppular Internet brwsers. If the data subject deactivates the setting f ckies in the Internet brwser used, nt all functins f ur website may be entirely usable. 5. Cllectin f general data and infrmatin The website f the Cmpany cllects a series f general data and infrmatin when a data subject r autmated system calls up the website. This general data and infrmatin are stred in the server lg files. Cllected may be (1) the brwser types and versins used, (2) the perating system used by the accessing system, (3) the website frm which an accessing system reaches ur website (s-called referrers), (4) the sub-websites, (5) the date and time f access t the Internet site, (6) the Internet service prvider f the accessing system, and (7) any ther similar data and infrmatin that may be used in the event f attacks n ur infrmatin technlgy systems. When using these general data and infrmatin, the Cntrller des nt draw any cnclusins abut the data subject. Rather, this infrmatin is needed t (1) deliver the cntent f ur website crrectly, (2) ptimize the cntent f ur website as well as its advertisement, (3) ensure the lng-term viability f ur infrmatin technlgy systems and website technlgy, and (4) prvide law enfrcement authrities with the infrmatin necessary fr criminal prsecutin in case f a cyber-attack. Therefre, the Cntrller analyzes annymusly cllected data and infrmatin statistically, with the aim f increasing the data prtectin and data security f ur enterprise, and t ensure an ptimal level f prtectin fr the persnal data we prcess. The annymus data f the server lg files are stred separately frm all persnal data prvided by a data subject. Created n Page 5 f 16

6 6. Registratin n ur website (applicable, if website ffers registratin) The data subject has the pssibility t register n the website f the cntrller with the indicatin f persnal data. Which persnal data are transmitted t the cntrller is determined by the respective input mask used fr the registratin. The persnal data entered by the data subject are cllected and stred exclusively fr internal use by the cntrller, and fr his wn purpses. The cntrller may request transfer t ne r mre prcessrs (e.g. a parcel service) that als uses persnal data fr an internal purpse which is attributable t the cntrller. By registering n the website f the cntrller, the IP address assigned by the Internet service prvider (ISP) and used by the data subject date, and time f the registratin are als stred. The strage f this data takes place against the backgrund that this is the nly way t prevent the misuse f ur services, and, if necessary, t make it pssible t investigate cmmitted ffenses. Insfar, the strage f this data is necessary t secure the cntrller. This data is nt passed n t third parties unless there is a statutry bligatin t pass n the data, r if the transfer serves the aim f criminal prsecutin. The registratin f the data subject, with the vluntary indicatin f persnal data, is intended t enable the cntrller t ffer the data subject cntents r services that may nly be ffered t registered users due t the nature f the matter in questin. Registered persns are free t change the persnal data specified during the registratin at any time, r t have them cmpletely deleted frm the data stck f the cntrller. 7. Rutine erasure and blcking f persnal data The data cntrller shall prcess and stre the persnal data f the data subject nly fr the perid necessary t achieve the purpse f strage, r as far as this is granted by the Eurpean legislatr r ther legislatrs in laws r regulatins t which the cntrller is subject t. If the strage purpse is nt applicable, r if a strage perid prescribed by the Eurpean legislatr r anther cmpetent legislatr expires, the persnal data are rutinely deleted in accrdance with legal requirements. 8. Rights f the data subject a) Right f cnfirmatin Each data subject shall have the right granted by the Eurpean legislatr t btain frm the cntrller the cnfirmatin as t whether r nt persnal data cncerning him r her are being prcessed. If a data subject wishes t avail himself f this right f cnfirmatin, he r she may, at any time, cntact the cntrller. b) Right f access Created n Page 6 f 16

7 Each data subject shall have the right granted by the Eurpean legislatr t btain frm the cntrller free infrmatin abut his r her persnal data stred at any time and a cpy f this infrmatin. Furthermre, the Eurpean directives and regulatins grant the data subject access t the fllwing infrmatin: the purpses f the prcessing; the categries f persnal data cncerned; the recipients r categries f recipients t whm the persnal data have been r will be disclsed, in particular recipients in third cuntries r internatinal rganisatins; where pssible, the envisaged perid fr which the persnal data will be stred, r, if nt pssible, the criteria used t determine that perid; the existence f the right t request frm the cntrller rectificatin r erasure f persnal data, r restrictin f prcessing f persnal data cncerning the data subject, r t bject t such prcessing; the existence f the right t ldge a cmplaint with a supervisry authrity; where the persnal data are nt cllected frm the data subject, any available infrmatin as t their surce; the existence f autmated decisin-making, including prfiling, referred t in Article 22(1) and (4) f the GDPR and, at least in thse cases, meaningful infrmatin abut the lgic invlved, as well as the significance and envisaged cnsequences f such prcessing fr the data subject. Furthermre, the data subject shall have a right t btain infrmatin as t whether persnal data are transferred t a third cuntry r t an internatinal rganisatin. Where this is the case, the data subject shall have the right t be infrmed f the apprpriate safeguards relating t the transfer. If a data subject wishes t avail himself f this right f access, he r she may at any time cntact us. c) Right t rectificatin Each data subject shall have the right granted by the Eurpean legislatr t btain frm the cntrller withut undue delay the rectificatin f inaccurate persnal data cncerning him r her. Taking int accunt the purpses f the prcessing, the data subject shall have the right t have incmplete persnal data cmpleted, including by means f prviding a supplementary statement. If a data subject wishes t exercise this right t rectificatin, he r she may, at any time, cntact us. d) Right t erasure (Right t be frgtten) Each data subject shall have the right granted by the Eurpean legislatr t btain frm the cntrller the erasure f persnal data cncerning him r her withut undue delay, and the cntrller shall have the bligatin t erase persnal data withut undue delay where ne f the fllwing grunds applies, as lng as the prcessing is nt necessary: Created n Page 7 f 16

8 The persnal data are n lnger necessary in relatin t the purpses fr which they were cllected r therwise prcessed. The data subject withdraws cnsent t which the prcessing is based accrding t pint (a) f Article 6(1) f the GDPR, r pint (a) f Article 9(2) f the GDPR, and where there is n ther legal grund fr the prcessing. The data subject bjects t the prcessing pursuant t Article 21(1) f the GDPR and there are n verriding legitimate grunds fr the prcessing, r the data subject bjects t the prcessing pursuant t Article 21(2) f the GDPR. The persnal data have been unlawfully prcessed. The persnal data must be erased fr cmpliance with a legal bligatin in Unin r Member State law t which the cntrller is subject. The persnal data have been cllected in relatin t the ffer f infrmatin sciety services referred t in Article 8(1) f the GDPR. If ne f the afrementined reasns applies, and a data subject wishes t request the erasure f persnal data stred by the Cntrller, he r she may at any time cntact us. Where the cntrller has made persnal data public and is bliged pursuant t Article 17(1) t erase the persnal data, the cntrller, taking accunt f available technlgy and the cst f implementatin, shall take reasnable steps, including technical measures, t infrm ther cntrllers prcessing the persnal data that the data subject has requested erasure by such cntrllers f any links t, r cpy r replicatin f, thse persnal data, as far as prcessing is nt required. e) Right f restrictin f prcessing Each data subject shall have the right granted by the Eurpean legislatr t btain frm the cntrller restrictin f prcessing where ne f the fllwing applies: The accuracy f the persnal data is cntested by the data subject, fr a perid enabling the cntrller t verify the accuracy f the persnal data. The prcessing is unlawful, and the data subject ppses the erasure f the persnal data and requests instead the restrictin f their use instead. The cntrller n lnger needs the persnal data fr the purpses f the prcessing, but they are required by the data subject fr the establishment, exercise r defence f legal claims. The data subject has bjected t prcessing pursuant t Article 21(1) f the GDPR pending the verificatin whether the legitimate grunds f the cntrller verride thse f the data subject. If ne f the afrementined cnditins is met, and a data subject wishes t request the restrictin f the prcessing f persnal data stred by the Cntrller, he r she may at any time cntact us. f) Right t data prtability Each data subject shall have the right granted by the Eurpean legislatr, t receive the persnal data cncerning him r her, which was prvided t a cntrller, in a structured, Created n Page 8 f 16

9 cmmnly used and machine-readable frmat. He r she shall have the right t transmit thse data t anther cntrller withut hindrance frm the cntrller t which the persnal data have been prvided, as lng as the prcessing is based n cnsent pursuant t pint (a) f Article 6(1) f the GDPR r pint (a) f Article 9(2) f the GDPR, r n a cntract pursuant t pint (b) f Article 6(1) f the GDPR, and the prcessing is carried ut by autmated means, as lng as the prcessing is nt necessary fr the perfrmance f a task carried ut in the public interest r in the exercise f fficial authrity vested in the cntrller. Furthermre, in exercising his r her right t data prtability pursuant t Article 20(1) f the GDPR, the data subject shall have the right t have persnal data transmitted directly frm ne cntrller t anther, where technically feasible and when ding s des nt adversely affect the rights and freedms f thers. In rder t assert the right t data prtability, the data subject may at any time cntact us. g) Right t bject Each data subject shall have the right granted by the Eurpean legislatr t bject, n grunds relating t his r her particular situatin, at any time, t prcessing f persnal data cncerning him r her, which is based n pint (e) r (f) f Article 6(1) f the GDPR. This als applies t prfiling based n these prvisins. The Cntrller shall n lnger prcess the persnal data in the event f the bjectin, unless we can demnstrate cmpelling legitimate grunds fr the prcessing which verride the interests, rights and freedms f the data subject, r fr the establishment, exercise r defence f legal claims. If the Cntrller prcesses persnal data fr direct marketing purpses, the data subject shall have the right t bject at any time t prcessing f persnal data cncerning him r her fr such marketing. This applies t prfiling t the extent that it is related t such direct marketing. If the data subject bjects t the Cntrller t the prcessing fr direct marketing purpses, the Cntrller will n lnger prcess the persnal data fr these purpses. In rder t exercise the right t bject, the data subject may directly cntact us. h) Autmated individual decisin-making, including prfiling Each data subject shall have the right granted by the Eurpean legislatr nt t be subject t a decisin based slely n autmated prcessing, including prfiling, which prduces legal effects cncerning him r her, r similarly significantly affects him r her, as lng as the decisin (1) is nt necessary fr entering int, r the perfrmance f, a cntract between the data subject and a data cntrller, r (2) is nt authrised by Unin r Member State law t which the cntrller is subject and which als lays dwn suitable measures t safeguard the data subject's rights and freedms and legitimate interests, r (3) is nt based n the data subject's explicit cnsent. Created n Page 9 f 16

10 If the decisin (1) is necessary fr entering int, r the perfrmance f, a cntract between the data subject and a data cntrller, r (2) it is based n the data subject's explicit cnsent, the Cntrller shall implement suitable measures t safeguard the data subject's rights and freedms and legitimate interests, at least the right t btain human interventin n the part f the cntrller, t express his r her pint f view and cntest the decisin. If the data subject wishes t exercise the rights cncerning autmated individual decisinmaking, he r she may at any time directly cntact us. i) Right t withdraw data prtectin cnsent Each data subject shall have the right granted by the Eurpean legislatr t withdraw his r her cnsent t prcessing f his r her persnal data at any time. If the data subject wishes t exercise the right t withdraw the cnsent, he r she may at any time directly cntact us. 9. Data prtectin prvisins abut the applicatin and use f Facebk On this website, the cntrller has integrated cmpnents f the enterprise Facebk. The perating cmpany f Facebk is Facebk, Inc., 1 Hacker Way, Menl Park, CA 94025, United States. If a persn lives utside f the United States r Canada, the cntrller is the Facebk Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbur, Dublin 2, Ireland. With each call-up t ne f the individual pages f this Internet website, which is perated by the cntrller and int which a Facebk cmpnent (Facebk plug-ins) was integrated, the web brwser n the infrmatin technlgy system f the data subject is autmatically prmpted t dwnlad display f the crrespnding Facebk cmpnent frm Facebk thrugh the Facebk cmpnent. An verview f all the Facebk Plug-ins may be accessed under During the curse f this technical prcedure, Facebk is made aware f what specific sub-site f ur website was visited by the data subject. If the data subject is lgged in at the same time n Facebk, Facebk detects with every call-up t ur website by the data subject and fr the entire duratin f their stay n ur Internet site which specific sub-site f ur Internet page was visited by the data subject. This infrmatin is cllected thrugh the Facebk cmpnent and assciated with the respective Facebk accunt f the data subject. If the data subject clicks n ne f the Facebk buttns integrated int ur website, e.g. the "Like" buttn, r if the data subject submits a cmment, then Facebk matches this infrmatin with the persnal Facebk user accunt f the data subject and stres the persnal data. Facebk always receives, thrugh the Facebk cmpnent, infrmatin abut a visit t ur website by the data subject, whenever the data subject is lgged in at the same time n Facebk during the time f the call-up t ur website. This ccurs regardless f whether the Created n Page 10 f 16

11 data subject clicks n the Facebk cmpnent r nt. If such a transmissin f infrmatin t Facebk is nt desirable fr the data subject, then he r she may prevent this by lgging ff frm their Facebk accunt befre a call-up t ur website is made. The data prtectin guideline published by Facebk, which is available at prvides infrmatin abut the cllectin, prcessing and use f persnal data by Facebk. In additin, it is explained there what setting ptins Facebk ffers t prtect the privacy f the data subject. In additin, different cnfiguratin ptins are made available t allw the eliminatin f data transmissin t Facebk, e.g. the Facebk blcker f the prvider Webgraph, which may be btained under These applicatins may be used by the data subject t eliminate a data transmissin t Facebk. 10. Data prtectin prvisins abut the applicatin and use f Ggle Analytics (with annymizatin functin) On this website, the cntrller has integrated the cmpnent f Ggle Analytics (with the annymizer functin). Web analytics is the cllectin, gathering, and analysis f data abut the behavir f visitrs t websites. The peratr f the Ggle Analytics cmpnent is Ggle Inc., 1600 Amphitheatre Pkwy, Muntain View, CA , United States. Fr the web analytics thrugh Ggle Analytics the cntrller uses the applicatin "_gat. _annymizeip". By means f this applicatin the IP address f the Internet cnnectin f the data subject is abridged by Ggle and annymised when accessing ur websites frm a Member State f the Eurpean Unin r anther Cntracting State t the Agreement n the Eurpean Ecnmic Area. The purpse f the Ggle Analytics cmpnent is t analyze the traffic n ur website. Ggle uses the cllected data and infrmatin, inter alia, t evaluate the use f ur website and t prvide nline reprts, which shw the activities n ur websites, and t prvide ther services cncerning the use f ur Internet site fr us. Ggle Analytics places a ckie n the infrmatin technlgy system f the data subject. The definitin f ckies is explained abve. With the setting f the ckie, Ggle is enabled t analyze the use f ur website. With each call-up t ne f the individual pages f this Internet site, which is perated by the cntrller and int which a Ggle Analytics cmpnent was integrated, the Internet brwser n the infrmatin technlgy system f the data subject will autmatically submit data thrugh the Ggle Analytics cmpnent fr the purpse f nline advertising and the settlement f cmmissins t Ggle. During the curse f this technical prcedure, the enterprise Ggle gains knwledge f persnal infrmatin, such as the IP address f the data subject, which serves Ggle, inter alia, t understand the rigin f visitrs and clicks, and subsequently create cmmissin settlements. Created n Page 11 f 16

12 The ckie is used t stre persnal infrmatin, such as the access time, the lcatin frm which the access was made, and the frequency f visits f ur website by the data subject. With each visit t ur Internet site, such persnal data, including the IP address f the Internet access used by the data subject, will be transmitted t Ggle. Ggle may pass these persnal data cllected thrugh the technical prcedure t third parties. The data subject may, as stated abve, prevent the setting f ckies thrugh ur website at any time by means f a crrespnding adjustment f the web brwser used and thus permanently deny the setting f ckies. Such an adjustment t the Internet brwser used wuld als prevent Ggle Analytics frm setting a ckie n the infrmatin technlgy system f the data subject. In additin, ckies already in use by Ggle Analytics may be deleted at any time via a web brwser r ther sftware prgrams. In additin, the data subject has the pssibility f bjecting t a cllectin f data that are generated by Ggle Analytics, which is related t the use f this website, as well as the prcessing f this data by Ggle and the chance t preclude any such. Fr this purpse, the data subject must dwnlad a brwser add-n under the link and install it. This brwser add-n tells Ggle Analytics thrugh a JavaScript, that any data and infrmatin abut the visits f Internet pages may nt be transmitted t Ggle Analytics. The installatin f the brwser add-ns is cnsidered an bjectin by Ggle. If the infrmatin technlgy system f the data subject is later deleted, frmatted, r newly installed, then the data subject must reinstall the brwser add-ns t disable Ggle Analytics. If the brwser add-n was uninstalled by the data subject r any ther persn wh is attributable t their sphere f cmpetence, r is disabled, it is pssible t execute the reinstallatin r reactivatin f the brwser add-ns. Further infrmatin and the applicable data prtectin prvisins f Ggle may be retrieved under and under Ggle Analytics is further explained under the fllwing Link Data prtectin prvisins abut the applicatin and use f Ggle Remarketing On this website, the cntrller has integrated Ggle Remarketing services. Ggle Remarketing is a feature f Ggle AdWrds, which allws an enterprise t display advertising t Internet users wh have previusly resided n the enterprise's Internet site. The integratin f Ggle Remarketing therefre allws an enterprise t create user-based advertising and thus shws relevant advertisements t interested Internet users. The perating cmpany f the Ggle Remarketing services is the Ggle Inc., 1600 Amphitheatre Pkwy, Muntain View, CA , United States. The purpse f Ggle Remarketing is the insertin f interest-relevant advertising. Ggle Remarketing allws us t display ads n the Ggle netwrk r n ther websites, which are based n individual needs and matched t the interests f Internet users. Created n Page 12 f 16

13 Ggle Remarketing sets a ckie n the infrmatin technlgy system f the data subject. The definitin f ckies is explained abve. With the setting f the ckie, Ggle enables a recgnitin f the visitr f ur website if he calls up cnsecutive web pages, which are als a member f the Ggle advertising netwrk. With each call-up t an Internet site n which the service has been integrated by Ggle Remarketing, the web brwser f the data subject identifies autmatically with Ggle. During the curse f this technical prcedure, Ggle receives persnal infrmatin, such as the IP address r the surfing behaviur f the user, which Ggle uses, inter alia, fr the insertin f interest relevant advertising. The ckie is used t stre persnal infrmatin, e.g. the Internet pages visited by the data subject. Each time we visit ur Internet pages, persnal data, including the IP address f the Internet access used by the data subject, is transmitted t Ggle in the United States f America. These persnal data are stred by Ggle. Ggle may pass these persnal data cllected thrugh the technical prcedure t third parties. The data subject may, as stated abve, prevent the setting f ckies thrugh ur website at any time by means f a crrespnding adjustment f the web brwser used and thus permanently deny the setting f ckies. Such an adjustment t the Internet brwser used wuld als prevent Ggle frm setting a ckie n the infrmatin technlgy system f the data subject. In additin, ckies already in use by Ggle may be deleted at any time via a web brwser r ther sftware prgrams. In additin, the data subject has the pssibility f bjecting t the interest-based advertising by Ggle. Fr this purpse, the data subject must call up the link t and make the desired settings n each Internet brwser used by the data subject. Further infrmatin and the actual data prtectin prvisins f Ggle may be retrieved under Data prtectin prvisins abut the applicatin and use f Ggle-AdWrds On this website, the cntrller has integrated Ggle AdWrds. Ggle AdWrds is a service fr Internet advertising that allws the advertiser t place ads in Ggle search engine results and the Ggle advertising netwrk. Ggle AdWrds allws an advertiser t pre-define specific keywrds with the help f which an ad n Ggle's search results nly then displayed when the user utilizes the search engine t retrieve a keywrd-relevant search result. In the Ggle Advertising Netwrk, the ads are distributed n relevant web pages using an autmatic algrithm, taking int accunt the previusly defined keywrds. The perating cmpany f Ggle AdWrds is Ggle Inc., 1600 Amphitheatre Pkwy, Muntain View, CA , UNITED STATES. The purpse f Ggle AdWrds is the prmtin f ur website by the inclusin f relevant advertising n the websites f third parties and in the search engine results f the search engine Ggle and an insertin f third-party advertising n ur website. Created n Page 13 f 16

14 If a data subject reaches ur website via a Ggle ad, a cnversin ckie is filed n the infrmatin technlgy system f the data subject thrugh Ggle. The definitin f ckies is explained abve. A cnversin ckie lses its validity after 30 days and is nt used t identify the data subject. If the ckie has nt expired, the cnversin ckie is used t check whether certain sub-pages, e.g, the shpping cart frm an nline shp system, were called up n ur website. Thrugh the cnversin ckie, bth Ggle and the cntrller can understand whether a persn wh reached an AdWrds ad n ur website generated sales, that is, executed r cancelled a sale f gds. The data and infrmatin cllected thrugh the use f the cnversin ckie is used by Ggle t create visit statistics fr ur website. These visit statistics are used in rder t determine the ttal number f users wh have been served thrugh AdWrds ads t ascertain the success r failure f each AdWrds ad and t ptimize ur AdWrds ads in the future. Neither ur cmpany nr ther Ggle AdWrds advertisers receive infrmatin frm Ggle that culd identify the data subject. The cnversin ckie stres persnal infrmatin, e.g. the Internet pages visited by the data subject. Each time we visit ur Internet pages, persnal data, including the IP address f the Internet access used by the data subject, is transmitted t Ggle. Ggle may pass these persnal data cllected thrugh the technical prcedure t third parties. The data subject may, at any time, prevent the setting f ckies by ur website, as stated abve, by means f a crrespnding setting f the Internet brwser used and thus permanently deny the setting f ckies. Such a setting f the Internet brwser used wuld als prevent Ggle frm placing a cnversin ckie n the infrmatin technlgy system f the data subject. In additin, a ckie set by Ggle AdWrds may be deleted at any time via the Internet brwser r ther sftware prgrams. The data subject has a pssibility f bjecting t the interest-based advertisement f Ggle. Therefre, the data subject must access frm each f the brwsers in use the link and set the desired settings. Further infrmatin and the applicable data prtectin prvisins f Ggle may be retrieved under Data prtectin prvisins abut the applicatin and use f Instagram On this website, the cntrller has integrated cmpnents f the service Instagram. Instagram is a service that may be qualified as an audivisual platfrm, which allws users t share phts and vides, as well as disseminate such data in ther scial netwrks. The perating cmpany f the services ffered by Instagram is Instagram LLC, 1 Hacker Way, Building 14 First Flr, Menl Park, CA, UNITED STATES. With each call-up t ne f the individual pages f this Internet site, which is perated by the cntrller and n which an Instagram cmpnent (Insta buttn) was integrated, the Internet Created n Page 14 f 16

15 brwser n the infrmatin technlgy system f the data subject is autmatically prmpted t the dwnlad f a display f the crrespnding Instagram cmpnent f Instagram. During the curse f this technical prcedure, Instagram becmes aware f what specific sub-page f ur website was visited by the data subject. If the data subject is lgged in at the same time n Instagram, Instagram detects with every call-up t ur website by the data subject and fr the entire duratin f their stay n ur Internet site which specific sub-page f ur Internet page was visited by the data subject. This infrmatin is cllected thrugh the Instagram cmpnent and is assciated with the respective Instagram accunt f the data subject. If the data subject clicks n ne f the Instagram buttns integrated n ur website, then Instagram matches this infrmatin with the persnal Instagram user accunt f the data subject and stres the persnal data. Instagram receives infrmatin via the Instagram cmpnent that the data subject has visited ur website prvided that the data subject is lgged in at Instagram at the time f the call t ur website. This ccurs regardless f whether the persn clicks n the Instagram buttn r nt. If such a transmissin f infrmatin t Instagram is nt desirable fr the data subject, then he r she can prevent this by lgging ff frm their Instagram accunt befre a call-up t ur website is made. Further infrmatin and the applicable data prtectin prvisins f Instagram may be retrieved under and Legal basis fr the prcessing We nly cllect and prcess yur persnal infrmatin if we have a legal basis fr the prcessing under applicable laws (including GDPR): We have cllected yur cnsent, It is necessary t fulfil an agreement with yu, We legally are bliged t d s, r We have legitimate interest and the prcessing des nt harm yu. We will hwever always cllect yur cnsent as a parent r legal guardian if yur child is prviding persnal infrmatin nline. We will always infrm yu f the prcessing and the purpse f the prcessing, unless, and nly in special cases, we have a legitimate basis nt t d s. We nly prcess yur persnal infrmatin fr the riginal purpse described abve. We d nt disclse yur persnal infrmatin t third persns r cmpanies unless yu have given us yur cnsent, unless we have an agreement with yu r unless we are legally bliged t d s. Created n Page 15 f 16

16 We might supplement yur persnal infrmatin with infrmatin frm ther databases t ensure that yur data is crrect and up t date. We use high technical standards t prtect yur persnal infrmatin. Yur persnal data might be transferred t ur service prviders utside yur cuntry, and these cuntries are nt subject t adequacy decisins f the Eurpean Cmmissin and standards f privacy may vary. In rder t guarantee safe transfers f persnal data t these cuntries, we rely n Privacy Shield prgramme. Yu entitled t raise cmplaints abut the handling f yur persnal data t a Data Prtectin Supervisry Authrity. 15. The legitimate interests pursued by the cntrller r by a third party Where the prcessing f persnal data is based n Article 6(1) lit. f GDPR ur legitimate interest is t carry ut ur business: develp ur prducts and services and prmte ur prducts. 16. Perid fr which the persnal data will be stred We d nt stre yur persnal infrmatin lnger than what is necessary t serve the purpses fr which the persnal infrmatin was cllected. The criteria used t determine the perid f strage f persnal data is the respective statutry retentin perid. After expiratin f that perid, the crrespnding data is rutinely deleted, as lng as it is n lnger necessary fr the fulfilment f the cntract. 17. Prvisin f persnal data as statutry r cntractual requirement; Requirement necessary t enter int a cntract; Obligatin f the data subject t prvide the persnal data; pssible cnsequences f failure t prvide such data We clarify that the prvisin f persnal data is partly required by law (e.g. tax regulatins) r can als result frm cntractual prvisins (e.g. infrmatin n the cntractual partner). Smetimes it may be necessary t cnclude a cntract that the data subject prvides us with persnal data, which must subsequently be prcessed by us. The data subject is, fr example, bliged t prvide us with persnal data when ur cmpany signs a cntract with him r her. The nn-prvisin f the persnal data wuld have the cnsequence that the cntract with the data subject culd nt be cncluded. If yu have a request, cmment r a questin abut this Privacy Plicy, please cntact us t the address indicated abve (see Chapter 2 Name and Address f the cntrllers ). Created n Page 16 f 16