Data protection

I

Information on data protection under the General Data Protection Regulation (GDPR)

Here you will find all information regarding the collection and processing of your personal data:
Data protection information pursuant to Art. 13 paragraph 3 GDPR (PDF, 424 KB)

---

 

1.Data protection at a glance

 

General information

The following notes provide a simple overview of what happens to your personal information when you visit our website. Personal data is all data with which you can be personally identified. Detailed information on the subject of data protection can be found in our data protection declaration listed under this text.

Data collection on our website

Who is responsible for data collection on this website?

The data on this website is processed by the website operator. You can find the contact details of the website operator in the imprint of this website.

How do we collect your data?

On one hand, your data is collected by you communicating it to us. This can be data that you enter in a contact form, for example.
Other data is automatically collected by our IT systems when you visit the website. This is mainly technical data (e.g. Internet browser, operating system, or time of the page view). This data is collected automatically as soon as you enter our website.

What do we use your data for?

Some of the data is collected to ensure that the website is error-free. Other data may be used to analyse your user behaviour.

What rights do you have with regard to your data?

You have the right to receive information about the origin, recipient, and purpose of your stored personal data at any time and free of charge. You also have the right to request that this data be corrected, blocked, or deleted. You can contact us at any time at the address given in the imprint for this and other questions on the subject of data protection. Furthermore, you have the right to appeal to the competent supervisory authority.

Under certain circumstances, you also have the right to request that your personal data be restricted. Details on this can be found in the data protection declaration under “Right to limitation of processing”.

Third-party analysis tools

When you visit our website, your browsing behaviour can be statistically evaluated. This is done primarily with cookies and analysis programs. The analysis of your browsing behaviour is usually anonymous; the browsing behaviour cannot be traced back to you. You may object to this analysis or prevent it by not using certain tools. You will find detailed information on this in the following data protection declaration.

You can object to this analysis. We will inform you about the possibilities to object in this data protection declaration.

2. General notes and mandatory information

 

Data protection

The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration.

When you use this website, various personal data is collected. Personal data is data with which you can be personally identified. This data protection declaration explains which data we collect and for what purpose we use it. It also explains how and for what purpose this is done.

We would like to point out that data transmission over the Internet (e.g. communication by email) can be subject to security vulnerabilities. Complete protection of the data against access by third parties is not possible.

Note on the responsible body

The responsible body for data processing on this website is:

Käserei Champignon Hofmeister GmbH & Co. KG

Kemptener Str. 17 - 24

87493 Lauben/Allgäu

Telephone: 08374/92-0

Email:

The responsible body is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (e.g. names and email addresses).

Revocation of your consent to data processing

Many data processing operations are possible only with your express consent. You can revoke your consent at any time. For this purpose, an informal email will suffice. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

Right to object to data collection in special cases and to direct advertising (Art. 21 GDPR)

If data processing is carried out on the basis of Art. 6 paragraph 1 lit. e or f GDPR, you have the right at any time to object to the processing of your personal data for reasons arising from your particular situation; this also applies to profiling based on these provisions. The respective legal basis on which processing is based can be found in this data protection declaration. If you file an objection, we will no longer process your personal data concerned unless we can prove compelling reasons for the processing that outweigh your interests, rights, and freedoms or the processing serves the assertion, exercise, or defence of legal claims (objection according to Art. 21 paragraph 1 GDPR).

If your personal data is processed for the purpose of direct advertising, you have the right to object at any time to the processing of your personal data for the purpose of such advertising; this also applies to profiling insofar as it is connected with such direct advertising. If you object, your personal data will no longer be used for direct marketing purposes (objection according to Art. 21 paragraph 2 GDPR).

Right of appeal to the competent supervisory authority

In the event of infringements of GDPR, the persons concerned have the right to appeal to a supervisory authority, in particular in the Member State of their habitual residence, workplace, or place of presumed infringement. The right of appeal shall be without prejudice to other administrative or judicial remedies.

Right to data transferability

You have the right to have data that we process automatically (on the basis of your consent or in fulfilment of a contract) handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another data controller, this will only be done as far as it is technically feasible.

SSL or TLS encryption

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content (e.g. orders or requests that you send to us as the site operator). You can recognise an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” as well as by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Information, blocking, deletion, and correction

Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, their origin and recipient, and the purpose of data processing. If applicable, you also have a right to the correction, blocking, or deletion of this data. You can contact us at any time at the address given in the imprint for this and other questions on the subject of data personal data.

Right to restrict processing

You have the right to request that the processing of your personal data be restricted. For this, you can contact us at any time at the address given in the imprint. The right to limitation of processing exists in the following cases:

• If you dispute the accuracy of your personal data stored with us, we usually need time to verify this. For the duration of the examination, you have the right to request that the processing of your personal data be restricted.
• If your personal data has been processed unlawfully, you can demand the restriction of data processing instead of deletion.
• If we no longer need your personal data but you need it for the exercise, defence, or assertion of legal claims, you have the right to demand the limitation of the processing of your personal data instead of deletion.
• If you have filed an objection in accordance with Art. 21 paragraph 1 GDPR, you must weigh your interests against ours. As long as it is not yet clear whose interests will prevail, you have the right to request that the processing of your personal data be restricted.

If you have limited the processing of your personal data, such data may be processed only with your consent or for the purpose of asserting, exercising, or defending legal rights or protecting the rights of another natural or legal person, or for reasons of an important public interest of the European Union or a Member State.

3. Data protection officer

 

Statutory data protection officer

We have appointed a data protection officer for our company.

Thomas Hug

IDKOM Networks GmbH

Dieselstraße 1

87437 Kempten (Allgäu)

Telephone: 0831-59090-0

Email:

4. Data collection on our website

 

Cookies

Server log files

The provider of the pages automatically collects and stores information in server log files, which your browser automatically transmits to us. These are:

• Browser type and browser version
• Operating system used
• Referrer URL
• Host name of the accessing computer
• Time of the server request
• IP address

This data will not be merged with other data sources.

This data is collected on the basis of Art. 6 paragraph 1 lit. f GDPR. The website operator has a justified interest in the technically error-free presentation and optimisation of the website; for this purpose, the server log files must be recorded.

Contact form

If you send us enquiries via the contact form, your details from the enquiry form including the contact data you provided there will be stored by us for the purpose of processing the enquiry and in the event of follow-up questions. We do not pass on this data without your consent.

The data entered in the contact form is therefore processed exclusively on the basis of your consent (Art. 6 paragraph 1 lit. a GDPR). You can revoke this consent at any time. For this purpose, an informal email will suffice. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.

The data entered by you in the contact form will remain with us until you request us to delete it or revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory statutory provisions – in particular retention periods – remain unaffected.

Inquiry by email, telephone, or fax

If you contact us by email, telephone or fax, your request including all personal data (name, request) will be stored and processed by us for the purpose of processing your request. We do not pass on this data without your consent.

This data is processed on the basis of Art. 6 paragraph 1 lit. b GDPR if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on your consent (Art. 6 paragraph 1 lit. a GDPR) and/or on our legitimate interests (Art. 6 paragraph 1 lit. GDPR) because we have a legitimate interest in the effective processing of the inquiries addressed to us.

The data sent to us by you via contact requests will remain with us until you request deletion or revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory statutory provisions – in particular legal retention periods – remain unaffected.

Processing of data (customer and contract data)

We collect, process, and use personal data only to the extent necessary for the establishment, content, or modification of the legal relationship (inventory data). This is done on the basis of Art. 6 paragraph 1 lit. b GDPR, which permits the processing of data for the fulfilment of a contract or pre-contractual measures. We collect, process, and use personal data about the use of our Internet pages (usage data) only to the extent necessary to enable the user to make use of the service or to bill the user.

The collected customer data will be deleted after completion of the order or termination of the business relationship. Legal retention periods remain unaffected.

5. Analysis tools and advertising

 

Matomo (formerly Piwik)

This website uses the open source web analysis service Matomo. Matomo uses cookies. These are text files that are stored on your computer and which enable the analysis of your use of the website. For this purpose, the information generated by the cookie about the use of this website will be stored on our server. The IP address is anonymised before storage.

Matomo cookies remain on your device until you delete them.

The storage of Matomo cookies and the use of this analysis tool are based on Art. 6 paragraph 1 lit. f GDPR. The website operator has a justified interest in the anonymous analysis of user behaviour in order to optimise both the website and advertising. The information generated by the cookie about the use of this website will not be disclosed to third parties. You can refuse the use of cookies by selecting the appropriate settings on your browser software. However, you may not be able to utilise all the functions of this website.

If you do not agree with the storage and use of your data, you can deactivate the storage and use here. In this case, an opt-out cookie will be stored in your browser to prevent Matomo from storing usage data. If you delete your cookies, the Matomo opt-out cookie will also be deleted. The opt-out must be reactivated when you visit our site again.

Facebook Pixel

To measure conversion rates, this website uses the visitor activity pixel of Facebook. The provider of this service is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to Facebook’s statement the collected data will be transferred to the USA and other third-party countries too. This tool allows the tracking of page visitors after they have been linked to the website of the provider after clicking on a Facebook ad. This makes it possible to analyze the effectiveness of Facebook ads for statistical and market research purposes and to optimize future advertising campaigns.

For us as the operators of this website, the collected data is anonymous. We are not in a position to arrive at any conclusions as to the identity of users. However, Facebook archives the information and processes it, so that it is possible to make a connection to the respective user profile and Facebook is in a position to use the data for its own promotional purposes in compliance with the Facebook Data Usage Policy. This enables Facebook to display ads on Facebook pages as well as in locations outside of Facebook. We as the operator of this website have no control over the use of such data.

The use of Facebook Pixel is based on Art. 6(1)(f) GDPR. The operator of the website has a legitimate interest in effective advertising campaigns, which also include social media. If a corresponding agreement has been requested (e.g., an agreement to the storage of cookies), the processing takes place exclusively on the basis of Art. 6(1)(a) GDPR; the agreement can be revoked at any time. Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here:

https://www.facebook.com/legal/EU_data_transfer_addendum and

https://de-de.facebook.com/help/566994660333381.

Insofar as personal data is collected on our website with the help of the tool described here and forwarded to Facebook, we and Facebook Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 DSGVO). The joint responsibility is limited exclusively to the collection of the data and its forwarding to Facebook. The processing by Facebook that takes place

after the onward transfer is not part of the joint responsibility. The obligations incumbent on us jointly have been set out in a joint processing agreement. The wording of the agreement can be found under: https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing the privacy information when using the Facebook tool and for the privacy-secure implementation of the tool on our website. Facebook is responsible for the data security of Facebook products. You can assert data subject rights (e.g., requests for information) regarding data processed by Facebook directly with Facebook. If you assert the data subject rights with us, we are obliged to forward them to Facebook.

In Facebook’s Data Privacy Policies, you will find additional information about the protection of your privacy at:

https://www.facebook.com/about/privacy/.

You also have the option to deactivate the remarketing function “Custom Audiences” in the ad settings section under

https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. To do this, you first have to log into Facebook.

If you do not have a Facebook account, you can deactivate any user-based advertising by Facebook on the website of the European Interactive Digital Advertising Alliance:

http://www.youronlinechoices.com/de/praferenzmanagement/.

6. Plug-ins and tools

 

Google web fonts

This page uses web fonts provided by Google for the uniform display of fonts. The Google fonts are installed locally. A connection to Google servers does not take place.

Google Maps

This page uses the Google Maps map service via an API. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

To use the functions of Google Maps, it is necessary to store your IP address. This information is usually transferred to a Google server in the US and stored there. The provider of this site has no influence on this data transfer.

The use of Google Maps is in the interest of an appealing presentation of our on-line offers and an easy retrievability of the places indicated by us on the website. This constitutes a legitimate interest within the meaning of Art. 6 paragraph 1 lit. f GDPR.

For more information on the handling of user data, please refer to the data protection declaration of Google.

Social Media (Facebook Like & Share Button)

We have integrated plug-ins of the social network Facebook on this website. The provider of this service isFacebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to Facebook’s statement thecollected data will be transferred to the USA and other third-party countries too.You will be able to recognize Facebook plug-ins by the Facebook logo or the “Like” button on this website. An overview of the Facebook plug-ins is available under the following link:

https://developers.facebook.com/docs/plugins/.

Whenever you visit this website and its pages, the plug-in will establish a direct connection between your browser and the Facebook server. As a result, Facebook will receive the information that you have visited this website with your plug-in. However, if you click the Facebook “Like” button while you are logged intoyour Facebook account, you can link the content of this website and its pages with your Facebook profile. As a result, Facebook will be able to allocate the visit to this website and its pages to your Facebook user account. We have to point out, that we as the provider of the website do not have any knowledge of the transferred data and its use by Facebook. For more detailed information, please consult the Data Privacy Declaration of Facebook at:

https://www.facebook.com/privacy/explanation.

If you do not want Facebook to be able to allocate your visit to this website and its pages to your Facebook user account, please log out of your Facebook account while you are on this website. The use of the Facebook plug-in is based on Art. 6(1)(f) GDPR. The operator of the website has a legitimate interest in being as visible as possible on social media. If a respective declaration of consent has been obtained, the data shall be processed exclusively on the basis of Art. 6(1)(a) GDPR. This declaration of consent may be revoked at any time. Insofar as personal data is collected on our website with the help of the tool described here and forwarded to Facebook, we and Facebook Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 DSGVO). The joint responsibility is limited exclusively

to the collection of the data and its forwarding to Facebook. The processing by Facebook that takes place after the onward transfer is not part of the joint responsibility. The obligations incumbent on us jointly have been set out in a joint processing agreement. The wording of the agreement can be found under: https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing the privacy information when using the Facebook tool and for the privacy-secure implementation of the tool on our website. Facebook is responsible for the data security of Facebook products. You can assert data subject rights (e.g., requests for information) regarding data processed by Facebook directly with Facebook. If you assert the data subject rights with us, we are obliged to forward them to Facebook.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here:

https://www.facebook.com/legal/EU_data_transfer_addendum,

https://de-de.facebook.com/help/566994660333381 and

https://www.facebook.com/policy.php.