Data Privacy Statement
for the website www.coffein-compagnie.de
Data processing occurs every time you visit the website. On this page we explain to you which data are processed, and how.
2. RESPONSIBLE PARTY (CONTROLLER)
Coffein Compagnie GmbH & Co. KG
Segelsbrück 7, D-28309 Bremen
Contact data: see legal notice
3. DATA PROTECTION OFFICER
Ralf Lohmann – certified external data protection officer – HUBIT Datenschutz
Data protection tel: 0421-89830294
4. GENERAL INFORMATION ON DATA PROTECTION
Data processing on website visits
When you view a website, multiple data – including personal data – are automatically transmitted via the Internet. This is technically necessary for the website visit to function at all and in order to supply you with the best possible result.
Whenever you visit a website that loads a picture from a server, streams a video or uses one of the many other transmission possibilities available, to do this, your computer uploads external plugins or scripts. Your computer sends data to the server from which you obtain the desired data. When you visit a website, your browser (e.g. Firefox, Internet Explorer, Edge, Opera, Safari) automatically sends certain information from your system. These data are, for example:
The website from which a file (image, script, video or other website) is viewed or into which the file is embedded (referrer)
- The operating system
- The screen resolution
- The keyboard (language)
- The IP address from which the website or file is viewed
- The name of the website or file viewed
- The time stamp (date and time) of the visit
- The name and version of the browser
- The data volume transferred
- The access status (file transferred, error code)
- These data are logged by every server. By way of an example, the logging takes place for purposes of storage and verification of the IT security and IT operation (e.g. in order to recognise hacker attacks)
- statistical evaluation (on use of the website)
- improvement of the website
- suitable display of the website or files, so that it can be optimally shown on your end device
For security protocol, no pseudonymization or anonymization is used, as otherwise no inferences as to potential attackers are possible. For other purposes, the evaluation of data is generally speaking anonymized and no profiles are developed. More information can be found further down in this data privacy statement.
The “data subject” (affected party) is the person whose personal data are collected and processed. Hereinafter the “data subject” is referred to as the “website visitor” or “user”.
INFORMATION ON DATA SUBJECT RIGHTS
Every data subject may exercise his or her rights (data subject rights) against the controller. This can be done by e-mail, post or a ready-prepared form. Telephone enquiries are also possible, but will only be accepted and not answered on the telephone. The controller chooses the medium (post, e-mail, other media) and sends the data subject the answer to his or her enquiry via this medium. Answers to enquiries regarding data subject rights are given free of charge. A fee may be collected when there is excessive accumulation of enquiries on data subject rights. The reply is given within the legal period of one month. In exceptional cases, this period may be extended (e.g. due to a high number of enquiries or more complex enquiries). The extension of the period must be justified. Data subject rights are listed below. Each listing is linked to detailed explanations on the page of our data protection officer.
- Right to information
- Right to rectification
- Right to erasure
- Restriction of processing
- Right to data portability
- Withdrawal of consent
- Right to object
- Right to lodge a complaint
The data subject must authenticate him or herself to the controller in order to verify that he or she is entitled to exercise the rights of the data subject.
On our data protection officer’s site, you will find a form which you can use to exercise your data subject rights with us Form for exercise of data subject rights
We use session cookies. They are automatically erased when you close your browser.
It is possible for you to erase cookies using your browser settings. On our data protection officer’s site you can find further information on cookies and how you can delete them.
6. ENCRYPTION OF THE WEBSITE
All web pages are transferred unencrypted.
You can contact us using our contact form. Please fill out all the mandatory fields. Alternatively, you can contact us by telephone, e-mail or in person.
The legal basis for data processing with consent is Article 6 Paragraph 1 lit. a GDPR.
The legal basis for data processing by sending an e-mail is Article 6 Paragraph 1 lit. f GDPR. If the object of making contact by e-mail is to conclude a contract, Article 6 Paragraph 1 lit. b GDPR is the legal basis for the data processing.
Processing of personal data from the contact form is only for the processing of your enquiry, or the reason you contacted us. If you contact us by e-mail, there is also a legitimate interest in the processing of the personal data.
Other data processed in the context of the dispatch and associated processes are used to prevent or resolve misuse and guarantee the security of the IT systems.
The data are erased as soon as the purpose for which they were collected is fulfilled. This is the case if the data given in the contact form, or the data that have been sent by e-mail, are no longer required for the conversation or reply, unless prevented by other legal retention periods.
Data additionally collected in connection with the dispatch of the data are erased at the latest after a period of 7 days.
Consent to data processing can be withdrawn at any time. In this case the conversation cannot be continued, or the enquiry cannot be further processed. In cases of objection, all data saved for contact reasons are erased, unless legal retention periods apply.
On our data protection officer’s website, there is a form for submitting your withdrawal of consent. Your enquiry will be accepted by our data protection officer and forwarded to the necessary people in our firm.
8. LOCALLY STORED VIDEOS
Videos are stored locally on our domain. When these videos are displayed, no other providers are used.
9. OTHER DATA PROCESSING
Data are often still available via the archive function of external search engines, if the information has already been removed from the aforementioned Internet offer or changed. In such cases you may exercise your data subject rights [e.g. right to erasure (“right to be forgotten”) – Article 17 EU General Data Protection Regulation (EU GDPR)] with the search engine provider.