cookie-information
Dallmayr

Data privacy policy


Last updated on: 06 Juli 2023

Thank you very much for visiting our website and for your interest in our company. We take the protection of your privacy, when you use our website, very seriously. Therefore, please note the following information about how your personal data is handled:

1. Responsible data controller and contact details

The responsible data controller within the meaning of the EU General Data Protection Regulation (GDPR) is:
Alois Dallmayr KG
Dienerstrasse 14–15
D-80331 Munich
Germany

Switchboard: +49 (0)89/ 2135-0
Customer service: +49 (0)89/ 2135-130
Email: infodallmayrde

In order to exercise your rights, report data protection incidents, to make any suggestions and complaints regarding the processing of your personal data, or to withdraw consent to the processing of your personal data, we recommend that you contact our data protection officer:

Karsten Greibel

Alois Dallmayr KG
z.Hd. des Datenschutzbeauftragten
Dienerstr. 14-15
D-80331 München

privacydallmayrcom

2. Scope

This data privacy statement applies to our website, which can be accessed at the domain https://www.dallmayr.com (“website”). It does not apply to internet sites or services (from ourselves or from third party providers) to which our website merely links.

3. Personal data

Personal data is any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified directly or indirectly, in particular by means of an identifier such as a name, an identification number, location data, online identifier or one or more specific characteristics that express the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. This includes information such as your first name and surname, your address and email address, your telephone number or your date of birth.

4. Data processing and legal basis

In principle, you can visit our website without having to submit personal data. We collect, process and use your personal data on our website as follows:

4.1 Data when visiting our website

When you visit our website, the data mentioned in Section 5 of this document will be processed for technical reasons. This processing is based on our legitimate interests in handling the communication (point (f) of Article 6 (1) GDPR). Since this communication is required in order to display the website, we assume that this is also in your interests. You can object at any time to the processing of your data for this purpose with future effect, without having to give any reasons. However, we would like to point out that even after you have made an objection, your personal data may continue to be processed when you visit our website. This is because opening our website requires certain data to be processed for technical reasons, and it is not possible to prevent this processing for individual users who visit the website, or in general. This constitutes compelling legitimate grounds for processing data that override your interests, rights and freedoms. If you wish to prevent your data being processed as described above, we would ask you not to visit our website.

4.2 Erasure of data and data storage period

We shall delete or block your personal data as soon as the purpose for storing this data ceases to apply. Please note that due to statutory retention periods, we may be obliged to store certain data for a legally specified period of time. This data shall also be blocked or deleted as soon as a legally required retention period as mentioned above expires, unless it is necessary for the data to be retained for the conclusion or performance of a contract.

4.3 Contacting us using a contact form or by email

If you contact us (e.g. via a contact form or by email), then Alois Dallmayr KG shall save and process the personal data that you provide on the contact form or in the email. This data shall be stored and used only for replying to your query and/or establishing contact, as well as for any related technical administration. Processing this data is necessary for the performance of a contract or pre-contractual measures (point (b) of Article 6 (1) GDPR) and/or is in our legitimate interests. Your interests are not overriding in this case because processing your query is in the interests of both parties (point (f) of Article 6 (1) GDPR). After the processing of this query ends, we shall retain the correspondence for three years from the end of the calendar year in which processing ended. We shall then delete your data, or retain it only if legal, statutory or contractual retention periods apply or if further retention is necessary for the establishment, exercise or defence of legal claims.

4.4 Data for subscription to the newsletter

If you subscribe to our newsletter service, Dallmayr will save and process your personal data (email address and if necessary name, address and date of birth) for the purpose of sending the newsletter. The processing of this data is based on your consent (point (a) of Article 6 (1) GDPR) and/or is necessary for the performance of a contract (point (b) of Article 6 (1) GDPR). In this case, we shall send you regular promotional information about goods and services associated with our products.

We send newsletters, emails and other electronic notifications containing promotional information (hereinafter referred to as “newsletter”) only with the consent of the recipient or with legal permission. If the contents of the newsletter are specifically described when the user subscribes to the newsletter, then they are decisive for the consent of the user.

Subscribing to our newsletter takes place using what is known as a double opt-in procedure. This means that after subscribing, you will receive an email asking you to confirm your subscription. This confirmation is necessary to prevent anyone from registering with an email address that is not theirs. Each newsletter subscription is logged in order to prove the subscription process was carried out in line with the legal requirements. This includes storing the time when the subscription and confirmation took place, as well as the IP address.

The newsletter is sent using Brevo, a newsletter mailing and marketing platform provided by a German company.

Using this platform means that your data is transferred to the platform operator Brevo GmbH, Köpenicker Straße 126, 10179 Berlin, Germany and processed on their servers. This transfer and processing take place with your consent.

Registration data

To subscribe to the newsletter, all you need to do is enter your email address and name.

If necessary, we may also require your address and a telephone number in case of any queries. The collection of this data may be necessary, for example, for participation in competitions.

The newsletters contain a so-called “web-beacon”, i.e. a pixel-sized file that is retrieved from the server when the newsletter is opened. This retrieval will initially collect technical information, such as information about your browser and system, as well as your IP address and the time of retrieval. This information is used to improve the technical performance of services based on the technical data or the target audience and their reading behaviour based on location (which can be determined from the IP address) or access times.
The collection of statistical data also includes determining whether newsletters are actually opened, when they are opened, and which links are clicked. While this information can be assigned to individual newsletter recipients for technical reasons, it is not our intention to monitor individual users. The analysis of this data helps us to understand the reading habits of our users and to adapt our content accordingly, or to send different content according to the interests of our users.

There are instances where we direct newsletter recipients to Brevo’s websites. For example, our newsletters contain a link that newsletter recipients can use to open the newsletter online (e.g. in the event of display issues in the email application). Furthermore, newsletter recipients can subsequently correct their data, such as their email address. Brevo’s privacy policy is also only available on their website.
In this context, we would like to point out that Brevo’s websites also use cookies and that personal data is therefore processed by Brevo, its partners and its service providers (e.g. Google Analytics). We have no influence on the collection of this data. For more information, please refer to Brevo’s privacy policy (https://www.brevo.com/en/legal/privacypolicy/). We would also like to point out the options you have for objecting to the collection of data for advertising purposes on the websites https://www.aboutads.info/choices/ and https://www.youronlinechoices.com/ (for the European area).

Unsubscribing to the newsletter

You can cancel the receipt of our newsletter, i.e. revoke your consent, at any time. This also revokes your consent to receive the newsletter via Brevo and your consent to the statistical analysis. Unfortunately, it is not possible to withdraw consent to either of these points separately.

You can also unsubscribe from the newsletter at any time by contacting the address provided in Section 1 of this document, or by using the unsubscribe link at the bottom of each newsletter. After unsubscribing, your email address will be deleted without delay from our newsletter distribution list.

4.5 Use of data for advertising purposes

4.5.1 Use of data for advertising purposes based on consent

In order to provide you with exclusive information on invitations, events and offers, we process your data (surname, first name, address, email address) on the basis of the consent you have given us in accordance with point (a) of Article 6 (1) GDPR.
This shall not affect your rights under Section 11 of this document, and you have the option to object at any time in an informal manner to this processing.

4.5.2 Use of data for advertising purposes based on our legitimate interests

We reserve the right to save your first name, surname, postal address and – as long as we have received these additional details from you within the context of the contractual relationship – your title, academic degree, year of birth, job title, the sector you work in and your trade name in summarised lists for our own promotional purposes and to use this data to send you interesting offers and information in the post about our products. The processing of your data for this purpose is based on the legitimate interests of Dallmayr (point (f) of Article 6 (1) GDPR) to promote Dallmayr’s products and services. We assume that you are interested in receiving such advertising by post; if not, you can withdraw consent to the future storage and use of your data for these purposes at any time and without having to give reasons by contacting the address provided in Section 1 of this document. In the event of withdrawing consent, we shall delete your data for postal advertising without delay unless there is another legal basis for processing this data, or if legal, statutory or contractual retention periods apply, or if further retention is necessary for the establishment, exercise or defence of legal claims.

4.6 Data processing for participation in competitions

If you take part in a competition, we shall process your personal data solely for the purpose of running and managing the competition for which you have actively registered. Processing this data is required in order to run the competition and is therefore necessary for the performance of a contract (point (b) of Article 6 (1) GDPR). After the competition has ended, the winners have been announced and the prizes have been sent, your personal data shall be blocked from any further use and deleted after a period of one year, provided that when you took part in the competition, you did not expressly consent to your data being used further.

For extended or differing processing operations and responsibilities, please refer to the corresponding information and conditions of participation for the competition.

5. Usage data

Each time you visit our website, your IP address and further usage data (such as the time and date of your visit, name of the page accessed, data volume transmitted and the requesting provider) shall, where necessary, be collected and processed on our server for technical reasons. This is necessary in order to carry out the communication process, requested by you, between you and our website.

Log data (server log files)

The webpage provider automatically collects and stores information in server log files, which your browser automatically transmits to us. This information is as follows:

  • The IP address and, if applicable, host name of the accessing computer
  • Date and time of access
  • Name and URL of the requested file
  • Website from which access is made (referrer URL)
  • Browser used and, where required, your computer’s operating system and the name of your access provider.

A pooling of this data with other data sources, in particular with the user’s other personal data, does not take place.

6. Transfer of personal data

We do not pass on any personal data to third parties unless this is necessary for the performance of a contract (for example transferring address data to a delivery company as part of an order), is otherwise permissible under relevant legal provisions, or you have given us consent to do so.

6.1 Some of our business processes are supported by service providers (e.g. for the provision of the website or other IT services, or for maintenance) that may come into contact with your personal data. These service providers process the personal data purely on our instructions and only for our business purposes. These service providers are bound to us under the provisions of order processing contracts in order to ensure processing in accordance with our instructions. The service providers receive access to such personal data only if this is required for them to complete the respective activity. In particular, it is not permitted for these service providers to process or use your personal data for any other purpose.

6.2 If other categories of recipients of personal data arise during future data collection, we will inform you of this at the time this information is collected for this purpose.

7. Cookies

With your consent, we use cookies on our website to make it attractive to you as a user and to enable certain functionality. Cookies are small text files that are saved on your end device. Some of the cookies we use are deleted at the end of your browser session, i.e. after you have closed your browser (session cookies). Other cookies remain on your end device and allow us or our service providers to identify your browser on your next visit (persistent cookies). You can find further details about this here .

Please note that the use of cookies may involve the transfer of your data to recipients outside the EEA where there is no adequate level of data protection in accordance with the GDPR (e.g. USA).

8. Use of analytics tools

Please note that the use of analytics tools may involve the transfer of your data to recipients outside the EEA where there is no adequate level of data protection in accordance with the GDPR (e.g. USA).

8.1 Google Analytics

If you have granted your consent, this website will use Google Analytics 4, a web analytics service provided by Google LLC. The responsible party for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”).

Scope of processing
Google Analytics uses cookies that allow your use of our websites to be analysed. The information collected by these cookies about your use of this website is normally transferred to a Google server in the USA and stored there.

In Google Analytics 4, the anonymization of IP addresses is enabled by default. As a result of IP anonymization, Google will truncate your IP address within member states of the European Union or in other states that are party to the agreement on the European Economic Area. Only in exceptional cases will a full IP address be transferred to a Google server in the USA and truncated there. According to Google, the IP address transferred by your browser within the scope of Google Analytics will not be associated with any other data held by Google.
When visiting the website, your user behaviour is recorded in the form of “events”. Events can be:

  • Page views
  • The first time a user visits the website
  • The start of the session
  • Your “click path”, interaction with the website
  • Scrolls (whenever a user reaches the bottom of the page (90% vertical depth))
  • Clicks on external links
  • Internal search queries
  • Engagement with videos
  • File downloads
  • Seeing or clicking on an advert
  • Language settings

The following is also recorded:

  • Your approximate location (region)
  • Your IP address (in truncated form)
  • Technical information about your browser and the end devices you are using (e.g. language settings, screen resolution)
  • Your internet service provider
  • The referrer URL (the website / advertising medium from which you came to this website)

Purposes of the processing
On behalf of the operator of this website, Google will use this information for the purpose of evaluating your pseudonymous use of the website and compiling reports on website activity. The reports provided by Google Analytics serve to analyse the performance of our website and the success of our marketing campaigns.

Recipients
Recipients of the data are / may be Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (as processor in accordance with Article 28 GDPR) Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA Alphabet Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA Access by US authorities to the data stored by Google cannot be ruled out.

Transfer to third countries
Insofar as data is processed outside the EU/EEA and the level of data protection does not correspond to the European standard, we have concluded EU standard contractual clauses with the service provider to establish an adequate level of data protection. Google LLC – the parent company of Google Ireland – is based in California, USA. The transfer of data to the USA and access by US authorities to the data stored by Google cannot be ruled out. The USA is currently considered a third country with regards to data protection; you do not have the same rights there as you do within the EU/EEA and you may not be entitled to any legal remedies against access by authorities.

Data storage period
The data sent by us and linked to cookies is automatically deleted after 14 months. Data whose retention period has been reached is automatically deleted once a month.

Legal basis
The legal basis for this data processing is your consent in accordance with point (a) of Article 6 (1) GDPR.

Withdrawal
You have the right to withdraw your consent at any time with future effect by opening the and changing your selection there. This shall not affect the lawfulness of processing based on consent before its withdrawal.
You can also prevent cookies being saved from the outset by selecting the appropriate settings in your browser software. However, configuring your browser to reject all cookies may limit the functionality of this and other websites. In addition, you can prevent the data generated by the cookie and relating to your use of the website (including your IP address) from being collected and processed by Google by:

  1. not giving your consent to the setting of the cookie or
  2. downloading and installing the browser add-on to deactivate Google Analytics.

Further information about the terms of use of Google Analytics and about data protection at Google is available at https://marketingplatform.google.com/about/analytics/terms/us/ and https://policies.google.com/?hl=en.

8.2 Matelso

Our website contains a tracking code from matelso, a service provided by the company matelso GmbH, Heilbronner Strasse 150, 70191 Stuttgart, Germany (hereinafter referred to as matelso).
If you call us on a number provided by matelso, information about the telephone call (call duration, call status, time of the call) is transferred to a web analysis service used by us (e.g. Google Analytics).
Matelso also reads cookies set by our analysis service or other parameters of the web page you visit, e.g. referrer, document path and remote user agent. The corresponding information is processed by matelso in accordance with our instructions and stored on servers in the EU. Processing is based on point (a) of Article 6 (1) GDPR (consent). You can prevent the use of cookies by selecting the appropriate settings within your browser. However, please note that if you do this, you may not be able to use the full functionality of this website. Further information can be found at: https://www.matelso.com/en/privacy-policy/.

8.3 Google Ads remarketing

Our website uses the remarketing feature provided by Google Ads services. This feature is used to present interest-based advertisements to visitors of the website as part of the Google advertising network. The website visitor’s browser stores cookies – text files that are placed on their device to allow the visitor to be recognised when they visit websites that belong to Google’s advertising network. These pages can then display advertisements to the visitor that are related to content that the visitor previously viewed on websites that use Google’s remarketing feature. Google says that it does not process any personal data during this process. In particular, Google says that it uses pseudonymisation for remarketing.

The service is legitimised by the conclusion of a contract between Alois Dallmayr KG and Google and your consent.

If, however, you do not want Google’s remarketing feature to be used, you can disable it by changing the settings at https://www.google.com/settings/ads.

Alternatively, you can disable the use of cookies for interest-based advertising through the advertising network by following the instructions at https://www.networkadvertising.org/managing/opt_out.asp.

For more information about Google remarketing and Google’s privacy policy, please visit: https://www.google.com/privacy/ads/.

8.4 Bing Universal Event Tracking (UET)

Our website uses Bing Ads technology. This is a service provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA.

The service is legitimised by the conclusion of a contract between Alois Dallmayr KG and Microsoft and your consent.

This service enables us to track the activities of users on our website that reach our website via adverts from Bing Ads. If you reach our website via such an advert, a cookie is placed on your computer. A Bing UET tag is integrated on our website. This is a code that is used in conjunction with the cookie to save some non-personal data about your use of the website. This includes, among other things, the time spent on the website, which sections of the website were opened and which advert the user clicked to access the website. Whenever you visit a specific page of our website and the cookie is still valid, both we and Microsoft can recognise that you have been forwarded to that page by clicking on an advertisement. Microsoft collects, processes and uses information via the cookie to create user profiles using pseudonyms. These profiles are used to analyse visitor behaviour and to decide how advertisements are delivered. No personal information about the identity of the user is processed.

Processing is based on a legitimate interest (point (f) of Article 6 (1) of the EU General Data Protection Regulation (GDPR)) in targeted advertising and in analysing the impact and effectiveness of this advertising. You have the right, on grounds relating to your particular situation, to object at any time to the processing of your personal data based on point (f) of Article 6 (1) GDPR.

The information collected is transferred to Microsoft servers in the USA and stored there for a maximum of 180 days. You can prevent the collection of data generated by the cookie and related to your use of the website as well as the processing of this data by disabling cookies on your device. This may limit the functionality of the website.

In addition, Microsoft may use cross-device tracking to track your usage patterns across multiple electronic devices, enabling it to display personalised ads on Microsoft websites and apps. You can disable this tracking at https://choice.microsoft.com/opt-out . In general, you can use the browser’s settings to control whether it will accept cookies and if so, which ones.

For more information about privacy at Microsoft and Bing, please see Microsoft’s privacy policy: https://privacy.microsoft.com/en-GB/privacystatement.

More information on Bing’s analysis services can be found on the Bing Ads website: https://help.bingads.microsoft.com/#apex/3/en/53056/2.

8.5 Using the MediaMath analysis service / pixel-based retargeting

This website uses retargeting technology provided by the company MediaMath Inc. (MediaMath UK Ltd, Attn: Melinda Clemans, 230 Blackfriars Road, London, SE1 8NW, United Kingdom).

This feature is used to display interest-based advertisements to visitors of the website as part of the MediaMath advertising network. These advertisements are related to content that the visitor has previously viewed on websites. MediaMath processes data related to your end device to create a pseudonym known as a “MediaMath ID”. The MediaMath ID and other information collected via the platform can also help us to measure your activity on our website and thereby determine the effectiveness of the adverts provided via the platform. This means that your needs can be better met. It also allows us to show you advertisements for the types of products you may be interested in.

This takes place only on websites that use MediaMath retargeting technology. Like most digital marketing platforms, MediaMath also uses cookies, mobile advertising IDs, web beacons or pixel tags to identify you, and collects information from your end device about the type of browser (e.g. Chrome or Internet Explorer), operating system (e.g. Mac OS or Windows), browser language (e.g. German or English), IP address and internet service provider (e.g. Comcast or Verizon) you are using in order to create a pseudonymous user profile. This user profile is used as a basis to display relevant advertising, as well as to optimise the delivery and reporting of advertising via the MediaMath platform. The pseudonymous user profile is stored by MediaMath for between 30 days and 13 months after the last use. The temporary cookie loses its validity after 60 days.

MediaMath may transfer the information to third parties if required to do so by law or if third parties process this data on MediaMath’s behalf. MediaMath says that it does not collect any personal data during this process.

For more information about how MediaMath uses your data, as well as how to prevent the use of cookies by MediaMath, please see MediaMath’s privacy policy at https://www.mediamath.com/privacy-policy/.

You can object at any time to the processing of your data by deselecting the corresponding option in your web browser’s privacy settings or by deactivating it here: https://www.mediamath.com/ad-choices-opt-out/. Alternatively, you can disable the cookies here: https://www.youronlinechoices.com/de/. Please note that the deactivation process must be carried out individually for each browser and each end device.

8.6 Use of the Facebook pixel

On our country website for Greece (https://www.dallmayr.com/gr/) and its subpages, we use the Facebook pixel from Facebook.

We have implemented a code on our website for this purpose. The Facebook pixel is a small piece of JavaScript code. It loads a collection of functions that allows Facebook to track your user actions if you were directed to our website via Facebook ads.

Provider of the pixel: Meta Platforms Ireland Ltd, 4 Grand Canal Square, Dublin 2, Ireland.

How it works: If, for example, you purchase a product on our website, the Facebook pixel is triggered and stores your actions on our website in one or several cookies. These cookies allow Facebook to match your user data (customer data such as IP address and user ID) with your Facebook account data. Facebook then deletes this data again. The collected data is anonymous to us, we cannot view this data and it can be used only in the context of ad placements. If you are a Facebook user and are logged in, your visit to our website will be automatically assigned to your Facebook user account.

We want to show our services and/or products only to those people who are really interested in them. The Facebook pixel helps us to tailor our advertising activities more closely to your preferences and interests. As a result, Facebook users (if they have allowed personalised advertising) see advertising that is relevant to them. Furthermore, Facebook uses this collected data for the purpose of analysis and for its own advertisements.

If you are logged in to Facebook, you can change your advertising settings yourself at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. If you are not a Facebook user, you can manage your general usage-based online advertising settings If you are not a Facebook user, you can manage your general usage-based online advertising settings at https://www.youronlinechoices.com/uk/your-ad-choices. This website provides you with the option to disable or enable providers.

To learn more about Facebook’s privacy policy, we recommend that you review its data guidelines at https://www.facebook.com/policy.php.

9. Other applications

9.1 Google Maps

Our website links to functions from Google Maps, provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland („Google“).

Google sets a cookie each time you visit Google Maps to process user settings and data when the page on which Google Maps is integrated is displayed. As a rule, this cookie is not deleted when you close your browser, but expires after a certain period of time, unless it is manually deleted beforehand.

If you do not agree with the processing of your data in this way, it is possible to deactivate the Google Maps service and thus prevent data from being transmitted to Google. To do this, you must disable JavaScript in your browser. However, please note that in this case, you will not be able to use Google Maps on our website, or only to a limited extent. You can find Google’s privacy policy and other information at: https://www.google.de/intl/en/policies/privacy/.

9.2 Google ReCaptcha

Our website uses ReCaptcha, a service provided by the company Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland („Google“). This plug-in checks whether an enquiry on our contact form has been made by an automated bot.

The service involves sending Google your IP address and, where necessary, any other data Google requires for their ReCaptcha service. This data is subject to a different privacy policy from the company Google.
You can find Google’s privacy policy and other information at: https://www.google.de/intl/en/policies/privacy/.

9.3 IFrame UTZ Certified

IFrame from UTZ Certified allows you to trace the origin of your coffee.
You can find UTZ Certified’s privacy policy at: https://utz.org/wp-content/uploads/2018/05/18-05-Rainforest-Alliance-Privacy-Policy.pdf, and their cookies policy at: https://utz.org/cookie-policy/.

10. Online social media presence (Facebook, Instagram, TikTok, YouTube)

We maintain fan pages, accounts or channels on the networks mentioned above in order to also provide you with information about our offers and services on social networks, as well as to offer you additional ways of contacting us and finding out about our products. Below, we provide you with information about the data that we and/or the respective social network process when you visit and use our fan pages/accounts.

Your data and what we process

If you wish to contact us via messenger or direct message through the respective social network, we generally process the username you are using when you contact us and may store further data provided by you insofar as this is necessary for processing and/or answering your request.

The legal basis is point (f), sentence 1 of Article 6 (1) GDPR (processing is necessary for the purposes of the legitimate interests pursued by the controller).

(Statistical) usage data that we receive from the social networks

We receive automated statistics made available via the Insights functions of our accounts. These statistics include total page views, likes, details on page activity and post interactions, reach, video views, and details on the proportion of men/women among our fans/followers.

The statistics contain only aggregated data that cannot be attributed to individual persons. It is not possible for us to identify you via this data.

Data processed by the social networks

In order to view the content of our fan pages and/or accounts, you do not have to be a member of the respective social network. This means that no user account for the respective social network is required.

However, please note that social networks also collect and store data (e.g. technical data in order to display the website) from website visitors without a user account when they open the respective social network, and use cookies and similar technologies over which we have no influence and control. For details, please refer to the privacy policy of the respective social network (see the corresponding links below)

If you wish to interact with the content on our fan pages/accounts, e.g. comment on, share or like our posts/contributions and/or contact us via messenger functions, then you will need to register with the respective social network and provide personal data.

We have no influence on the data processed by the social networks when you are using their service. To our knowledge, your data is stored and processed in particular in connection with the provision of services by the respective social network, as well as for the analysis of user behaviour (using cookies, pixel/web beacons and similar technologies) on the basis of which advertising based on your interests is displayed both within and outside the respective social network. Here, it cannot be ruled out that the social networks store your data outside the EU/EEA and pass it on to third parties.

For more information, including the exact scope and purposes for the processing of your personal data, the data storage period/deletion, as well as guidelines on the use of cookies and similar technologies when registering for and using social networks, please refer to the privacy policy / cookie policy of the respective social network, where you will also find information about your rights and options for objecting to the processing of this data.

10.1 Facebook page

When you visit our Facebook pages, Meta collects data including your IP address and other information present on your computer in the form of cookies. This information is used to provide us, as the operator of the Facebook pages, with statistical information about the use of the Facebook page. For more information, please refer to the following link provided by Facebook: https://de-de.facebook.com/help/pages/insights.

It is not possible for us to draw conclusions about individual users from the statistical information we receive. We use this information solely to respond to the interests of our users and to continuously improve and ensure the quality of our online presence.

We only collect your data via our fan pages to provide you with the opportunity to communicate and interact with us. The collection of this data usually includes your name, message content, the content of comments, and the profile information that you “publicly” provide.

The processing of your personal data for the purposes we mention above is based on our legitimate business and communicative interest in offering an information and communication channel in accordance with point (f) of Article 6 (1) GDPR. If you as a user have given the respective social-network provider consent to data processing, then the legal basis for the processing extends to point (a) of Article 6 (1), and Article 7 GDPR.

Because the actual data processing is carried out by the social-network provider, our ability to access your data is limited. Only the provider of the social network is authorised to have full access to your data. For this reason, only the provider can directly take and implement appropriate measures to fulfil your user rights (request for information, request for deletion, objection, etc.). The assertion of corresponding rights is therefore most effectively carried out directly with the respective provider.

We are jointly responsible with Meta for the personal content of the fan pages. The rights of those affected can be exercised with Meta Ireland as well as with us.

In accordance with the GDPR, the primary responsibility for the processing of Insights data lies with Facebook, and Facebook complies with all obligations from the GDPR in relation to the processing of Insights data. Facebook Ireland will make the essence of this Page Insights Addendum available to data subjects.

We do not make any decisions regarding the processing of Insights data and any other information resulting from Article 13 GDPR, including legal basis, identity of the controller and storage period of cookies on users’ end devices.

For further information, please refer to the information provided by Facebook (supplementary agreement with Facebook): https://www.facebook.com/legal/terms/page_controller_addendum.

10.2 Instagram page

When you visit our Instagram pages, Instagram collects data including your IP address and other information present on your computer in the form of cookies. This information is used to provide us, as the operator of the Instagram pages, with statistical information about the use of the Instagram page. For more information, please refer to the following link provided by Instagram: https://de-de.facebook.com/help/pages/insights.

It is not possible for us to draw conclusions about individual users from the statistical information we receive. We use this information solely to respond to the interests of our users and to continuously improve and ensure the quality of our online presence.

We only collect your data via our fan pages to provide you with the opportunity to communicate and interact with us. The collection of this data usually includes your name, message content, the content of comments, and the profile information that you “publicly” provide.

The processing of your personal data for the purposes we mention above is based on our legitimate business and communicative interest in offering an information and communication channel in accordance with point (f) of Article 6 (1) GDPR. If you as a user have given the respective social-network provider consent to data processing, then the legal basis for the processing extends to point (a) of Article 6 (1), and Article 7 GDPR.

Because the actual data processing is carried out by the social-network provider, our ability to access your data is limited. Only the provider of the social network is authorised to have full access to your data. For this reason, only the provider can directly take and implement appropriate measures to fulfil your user rights (request for information, request for deletion, objection, etc.). The assertion of corresponding rights is therefore most effectively carried out directly with the respective provider.

We are jointly responsible with Instagram for the personal content of the fan pages. The rights of those affected can be exercised with Meta Ireland as well as with us.

In accordance with the GDPR, the primary responsibility for the processing of Insights data lies with Meta, and Meta complies with all obligations from the GDPR in relation to the processing of Insights data. Meta Ireland will make the essence of this Page Insights Addendum available to data subjects.

We do not make any decisions regarding the processing of Insights data and any other information resulting from Article 13 GDPR, including legal basis, identity of the controller and storage period of cookies on users’ end devices.

For further information, please refer to the information provided by Instagram (supplementary agreement with Facebook): https://www.facebook.com/legal/terms/page_controller_addendum.

10.3 YouTube

We integrate videos from the platform “YouTube” in our online offering. YouTube is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). The Javascript library for embedding videos is loaded from the YouTube server for this purpose. This tells the YouTube server which of our pages you have visited.

If you are logged into your YouTube account, you allow Google to associate your browsing behaviour directly with your personal profile. You can prevent this by logging out of your YouTube account.

The legal basis for processing your personal data using cookies in connection with the use of YouTube is point (a) of Article 6 (1) GDPR if consent has been granted in this regard.

Google is bound by standard contractual clauses with us, thereby offering a guarantee to comply with European data protection law.

For further information on how user data is handled, please see Google’s privacy policy at: https://policies.google.com/privacy?hl=en.

10.4 TikTok channel

Our company also has a presence on the video portal TikTok. The operator and data protection controller is TikTok Inc., 10100 Venice Blvd, Culver City, CA 90232, USA; the representative of TikTok Inc. in the EU within the meaning of Article 27 GDPR is News Republic SAS, Rue Robert Caumont, 33049 Bordeaux Cedex, France.

The data collected about you when you use the service is processed by TikTok Inc. and may be transferred to countries outside the European Union. This includes, but is not limited to, your IP address (excluding GPS data), device information or other unique device identifiers, browsing history, mobile phone service provider, time-zone and local settings, the mobile-phone or device model, operating system, and information about your use of the app. This data is associated with your TikTok account information and/or your TikTok profile. We do not know whether further data is collected and processed.

For more information about what data is processed by TikTok and for what purposes, please refer to TikTok’s privacy policy https://www.tiktok.com.

Here, you will also find information about the use of cookies and how you can manage or delete information that TikTok has about you.

Dallmayr receives anonymous statistics from TikTok from which no conclusions can be drawn about individual users.

Dallmayr receives personal data via TikTok if you actively communicate this to us via a personal message on TikTok. We use your data (e.g. first name, last name) to answer your query. Your data is stored in our system for this purpose. Dallmayr also receives personal data via TikTok if you submit the data to us using a form with pre-filled fields containing data from your profile and you actively send this data to us by clicking a button.

Dallmayr uses your data when using the chat function to answer your enquiry. The information collected in this way is used to contact you in order to provide you with the requested information and offers.

We would once again like to expressly point out that user data may be processed outside the European Union when using these platforms.

11. Your rights to withdraw consent, rights to access, rectification, erasure and data portability

11.1 Right to object

If the processing of your personal data is based on point (a) of Article 6 (1) GDPR (processing based on consent) or on point (f) of Article 6 (1) GDPR (processing necessary for the purposes of the legitimate interests pursued by the controller), you have the right to object at any time to this processing under the conditions specified by the law, e.g. on grounds relating to your particular situation or in the case of processing for direct marketing purposes.

11.2 Your right to withdraw consent

If you have given us consent to process your data, you have the right to withdraw this consent at any time with future effect. This shall not affect the lawfulness of processing before withdrawal of this consent.

11.3 Right of access

You have the right to request information about what personal data (name, address, etc.) we store about you. Please submit your request in writing using the contact details provided on this website or to our data protection officer.

11.4 Right to lodge a complaint

You may exercise your right to lodge a complaint through the responsible supervisory authority:

Data Protection Commissioner of Hungary
Szilagyi Erzsebet fasor 22/C
H-1125 Budapest

Tel. +36 1 3911 400
e-mail: peterfalvi.attilanaihhu
Website: http://www.naih.hu/

11.5 Right to rectification

If the data concerning you is inaccurate or incomplete, you may request at any time to have the inaccurate data rectified or the incomplete data completed.

11.6 Right to erasure

Please note that due to statutory retention periods, we may be obliged to store certain data for a legally specified period of time. Should this not be the case, your data shall be erased if this data is no longer necessary for the purposes for which it was collected or processed, or you withdraw consent for the processing of this data and statutory retention periods no longer apply. If data is collected to provide access to the website, this shall be deleted at the end of the respective session, and in cases where data is stored in log files after no later than 30 days.

11.7 Right to restriction of processing

As the data subject, you have the right to obtain from the data controller restriction of processing where one of the following applies:

  1. You are contesting the accuracy of the personal data, for a period enabling the controller to verify the accuracy of the personal data;
  2. The processing is unlawful and you oppose the erasure of the personal data and request the restriction of its use instead;
  3. The controller no longer needs the personal data for the purposes of processing, but it is required by you for the establishment, exercise or defence of legal claims;
  4. You have objected to processing pursuant to Article 21 (1) GDPR pending the verification whether the legitimate grounds of the controller override those of the data subject.

11.8 Right to data portability

You have the right to receive the personal data that you have provided to us (based on you giving us consent or for the performance of a contract) in a structured, commonly used and machine-readable format. You also have the right to have the data transmitted to another party provided this is technically possible.

12. SSL encryption

This site uses SSL encryption for security reasons and to protect the transmission of confidential content, such as requests you send to us as the website operator. You can recognise that the connection is encrypted from the address line in your browser, as this changes from “http://” to “https://”, and also from the padlock symbol in the browser bar.
If SSL encryption is activated, the data you transmit to us cannot be read by third parties.

13. Minors

Neither this website nor its services are directed at persons under 18 years of age. Those under the age of 18 should only transmit personal data with the consent of their parents or legal guardians.

14. Changes to this data privacy policy

Due to the continuous development of our website, its services and other technical advances, we reserve the right to make adjustments at any time to our security and data protection measures. Therefore, please be sure to observe the current version of our data privacy policy.