Data protection policy
1. Data protection at a glance
The following information provides a straightforward overview of what happens to your personal data when you visit our website. Personal data is any data that can be used to identify you as an individual. You can find detailed information about data protection in the data protection policy provided below.
Data collection on our website
Who is responsible for data collection on this website?
The website operator carries out the data processing for this website. You can find their contact details on the website’s imprint page.
How do we collect your data?
One of the ways we collect your data is by you providing it to us. This may include, for example, information you enter into a contact form.
Other data is automatically captured by our IT systems when you visit the website. This is primarily technical data (e.g. your internet browser, operating system or the date and time when you accessed the website). This data is collected automatically when you access our website.
What do we use your data for?
Some of the data is collected in order to ensure the correct operation of the website. Other data may be used to analyse your user behaviour.
What are your rights when it comes to your data?
You have the right to be informed of the source, recipient and purpose of your collected personal data free of charge at any time. You also have the right to demand the rectification, restriction or deletion of this data. You can contact us about this or with other questions concerning data protection at any time using the address provided in the imprint. Furthermore, you have the right to lodge a complaint with the responsible supervisory authority.
You additionally have the right to request the restriction of the processing of your personal data under certain circumstances. You can find further details on this in the section of the data protection policy called “Right to restriction of processing”.
2. General information and statutory information
The operators of these web pages take the protection of your personal data very seriously. We treat your personal data as confidential and in accordance with both the statutory data protection regulations and this data protection policy.
When you use this website, various pieces of personal data are collected. Personal data is data that can be used to identify you as an individual. This data protection policy explains what data we collect and what we use it for. It also explains how and for what purposes we do this.
Please note that security vulnerabilities may exist when transferring data through the internet (e.g. when communicating via email). It is not possible to completely protect data from being accessed by third parties during the transfer.
Identification of the data controller
The data controller responsible for data processing on this website is:
InnFood GmbH (Company with limited liability)
D-84570 Polling OT Weiding
The data controller is the natural person or legal entity that, alone or together with others, determines the purposes and means of processing of personal data (e.g. names, email addresses and similar).
Revoking your consent to the processing of personal data
Many data-processing operations can only be carried out with your express permission. You have the right to revoke previously provided consent at any time. You can do this by sending us an email, which does not need to follow any specific format. The lawfulness of data processing carried out prior to the revocation of consent will not be affected.
Right to object to data processing based on your particular situation and in the case of direct marketing (Art. 21 GDPR)
If data processing is being carried out on the basis of GDPR Article 6 paragraph 1 points e or f, you have the right to object to the processing of your personal data on grounds relating to your particular situation at any time; this also applies to profiling based on those provisions. This data protection policy indicates the relevant legal basis for our data processing operations. If you object, we will no longer process your personal data unless we are able to demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or if the processing is being carried out for the purposes of establishing, exercising or defending legal claims (Right to object on basis of GDPR Article 21 paragraph 1).
If your personal data is being processed in order to carry out direct marketing, you have the right to object to the processing of your personal data for the purposes of such marketing at any time; to the extent that it is related to such direct marketing, this also applies to profiling. If you object, your personal data will no longer be used for the purposes of direct marketing (Right to object on basis of GDPR Article 21 paragraph 2).
Right to lodge a complaint with a supervisory authority
In the case of contravention of the GDPR, the data subject has the right to lodge a complaint with a supervisory authority, in particular in the EU member state of their usual place of residence, their place of work or the place of the alleged infringement. The right to lodge a complaint is not affected by any other administrative or judicial remedies.
Right to data portability
You have the right for the data we process by automated means on the basis of your consent or in order to carry out a contract to be provided to you or to a third party in a commonly used and machine-readable format. Should you request that your data be transferred directly to another controller, this will only be carried out to the extent that it is technically feasible.
SSL and TLS encryption
For security reasons and in order to protect the transfer of confidential information (such as any orders or queries you send to us as the website operators), this web page uses SSL or TLS encryption. You can recognise an encrypted connection by checking the address bar on your browser. If the connection is encrypted, the address line will change from “http://” to “https://” and show a lock symbol.
When the SSL or TLS encryption is active, the data you transmit to us cannot be read by third parties.
Information, restriction, erasure and rectification
Within the scope of the applicable legal regulations, you have the right to be informed of your stored personal data, its source, its recipient and the purpose of the data processing free of charge and at any time. You also have the right to rectification, restriction or erasure of this data as applicable. You can direct any questions about this, as well as any other questions regarding personal data, to us at the address provided in the imprint.
Right to restriction of processing
You have the right to request that the processing of your personal data be restricted. You can contact us at the address provided in the imprint to do this at any time. The right to the restriction of processing applies under the following circumstances:
If you contest the accuracy of the personal data we hold on you, we will generally need time to verify this. You have the right to request that the processing of your personal data be restricted for the period during which we verify your data.
If your personal data was or is being processed unlawfully, you may request that the processing of your data be restricted as an alternative to the erasure of your data.
If we no longer need your personal data, but you need them for the establishment, exercise or defence of legal claims, you have the right to request that the processing of your data be restricted as an alternative to the erasure of your data.
If you have objected to the processing of your data on the basis of Article 21 paragraph 1, an assessment must be made of whether your or our interests outweigh those of the other party. Until it has been determined whose interests predominate, you have the right to request that the processing of your personal data be restricted.
If you have restricted the processing of your personal data, this data may – with the exception of its storage – only be processed with your consent or in order to establish, exercise or defend legal claims, to protect the rights of another natural person or legal entity or for reasons pertaining to an important public interest of the European Union or one of its member states.
Objection to marketing emails
Permission to use the contact details made public under the obligation to provide an imprint for the transmission of marketing and information materials that have not been explicitly requested is hereby denied. The operators of the website expressly retain the right to take legal measures in the case of the unsolicited transmission of marketing information, for example via the medium of spam emails.
3. Data collection on our website
Some of our web pages use data files known as cookies. Cookies do not harm your computer and do not contain viruses. Cookies are used to make our online services more user friendly, more effective and safer. Cookies are small text files that are stored on your computer and saved by your browser.
Most of the cookies we use are of a type known as “session cookies”. They are automatically deleted when you leave the site. Other cookies remain saved on your device until you delete them. These cookies allow us to recognise your browser the next time you visit our site.
You can set your browser to inform you when cookies are being used and only allow cookies on a case-by-case basis, to refuse permission for cookies under certain circumstances or as a general rule and to automatically delete cookies when the browser is closed. The functionality of this website may be restricted if cookies are deactivated.
Cookies that are needed in order to carry out electronic communications or to provide specific functions you wish to use (such as the shopping basket function) are stored on the basis of GDPR Article 6 paragraph 1 point f. The website operator has a legitimate interest in storing cookies to provide optimised services free of technical errors. If other cookies (e.g. cookies used to analyse your browsing behaviour) are stored, these are addressed separately in this data protection policy.
Server log files
The provider of the web pages automatically collects and saves information that is transmitted automatically by your browser in server log files. The following information is collected:
browser type and version
operating system used
hostname of the computer accessing the site
time and date of the server request
This data is not combined with data from other sources.
This data is collected on the basis of GDPR Article 6 paragraph 1 point f. The website operator has a legitimate interest optimising and presenting the website without technical errors. Server log files need to be captured in order to do this.
Enquiries via email, telephone or fax
If you contact us via email, telephone or fax, your enquiry and all the personal data it contains (name, enquiry) will be recorded and processed by us in order to deal with your query. We will not share this information without your consent.
Where your enquiry concerns the fulfilment of a contract or is necessary to carry out pre-contractual measures, the processing of this data is carried out on basis of GDPR Article 6 paragraph 1 point b. In all other cases, processing is carried out on the basis of your consent (GDPR Article 6 paragraph 1 point a) and/or on the basis of our legitimate interests (GDPR Article 6 paragraph 1 point f), which applies because we have a legitimate interest in effectively processing any enquiries directed to us.
We will retain the data you send to us when making a request for contact until you ask us to erase it or revoke your consent for us to store it, or until the purpose for which the data was stored is no longer applicable (e.g. after your query has been processed and resolved). Any mandatory legal provisions – particularly statutory storage requirements – remain unaffected.