Data Protection

DATA PROTECTION DECLARATION

 

DATA PROTECTION

The providers of these pages take the protection of your personal data very seriously. We treat your person-related data confidentially, in compliance with the legal data protection regulations as well as this data protection declaration.

As a rule, this website can be used without providing person-related data. As far as person-related data (such as name, address or email addresses) is raised on our sites, this is always done on a voluntary basis if possible. This data is not passed on to third parties without your explicit permission.

We would like to point out that datatransfer on the Internet (such as communication per email) may be exposed to safety gaps. A complete data protection against access by third parties is not possible.

1. Name and Address of the Data Controller

The data controller is the responsible function in the sense of the „Datenschutz-Grundverordnung“ (DSGVO) (General Data Protection Regulation), of other data protection laws valid in the Member States of the European Union, and of other rules of legal data protection:

Coffee Fellows GmbH

Feringastraße 10a

85774 Unterföhring

Deutschland

Tel.: +49 (0)89 – 68 99 97 9-0

E-Mail: info@coffee-fellows.com

Website: www.coffee-fellows.com

2. Name and Address of Data Protection Officer

The data protection officer in charge of the data controller is:

Mr. Alexander Lang

DDIPO GmbH

Feringastraße 10

85774 Unterföhring

Deutschland

Tel.: +49 (0) 89 262 0458 71

E-Mail: privacy@ddipo.de

Website: www.ddipo.de

3. Use of Cookies

The websites of Coffee Fellows Ltd. include cookies. Cookies represent data that is stored by the Internet browser on the user's computer system. When accessing a site, cookies can be transmitted to the site concerned, thus enabling allocation of the user. Cookies my help to simplify the use of websites for the user.

It is possible at any time to contradict the setting of cookies by a corresponding change of the setting in the Internet browser. Cookies set can be deleted. It is pointed out here that posssibly not all functions of our Website can be fully used when cookies get deactivated.

4. Creation of Logfiles

Whenever the website is accessed, Coffee Fellows Ltd. records data and information through an automated system. This data gets stored in the logfiles of the server.

The following data can be collected:

  • information on the type of browser and the applied version
  • the operatings system of the user
  • the Internet service provider of the user
  • the IPO-address of the user
  • the date and time of access
  • websites from which the user's system gets onto our Website (referrer)
  • websites being accessed by the user's sytem via our website

The processing of data is to serve the delivery of the contents of our website, the warranty as to functionality of our IT systems and the optimisation of our Websites. In this process, the data of the logfiles is hereby always stored separately from other person-related data of the users.

5. Registration on our Website

If the person concerned uses the opportunity to get registered with person-related data on the Website of the data controller, the data in the corresponding entry panel gets transmitted to the data controller. The data gets stored to the data controller solely for the purpose of internal use.

On registration, the IP address of the user as well as date and time of registration get stored. This serves to prevent the abuse of the services. The data will not be transferred to third parties. An exception is made when there is a legal obligation to transfer data.

The registration of data is required for making contents or services available. Registered persons always have the option to have the stored data deleted or modified. The persons concerned do at any time get informed on the person-related data that is stored about them.

6. Newsletter

If you subscribe to the Newsletter of our company, your data in the corresponding entry panel is transferred to the data controller.

On subscription to the Newsletter, the user's IP address as well as date and time of registration get stored. This serves to prevent the abuse of the services or the email address of the person concerned. Data will not be transferred to third parties. An exception is made when there is a legal obligation to transfer data.

The data is used solely for sending out the Newsletter. The subscription to the Newsletter can be given notice at any time by the person concerned. Likewise, consent to storing the person-related data can be revoked at any time. For this purpose, every Newsletter contains a corresponding link.

7. Contacts

There is a contact form available on the Coffee Fellows website, which can be used for electronic contacts. Alternatively, contacts can be established through the email address offered. If the person concerned establishes a contact with the data controller via one of these channels, the person-related data transmitted by the person concerned gets stored automatically. The storage solely serves the purpose of processing the data or of establishing a contact to the person concerned. The data will not be transferred to any third parties.

8. Routinely Deletion and Blocking of Person-related Data

The data controller processes and stores person-related data of the person concerned only as long as this is required for fulfilling the purpose of storage. Storage beyond that can be applied as far as this was intended by the European or national legislator in regulations, laws or other rules related to the European Union the data controller is subject to.

As soon as the purpose of storage ceases to apply or the storage period prescribed through the above-mentioned regulations expires, the person-related data gets routinely blocked or deleted.

9. Rights of the Person Concerned

If your person-related data gets processed, you are a person concerned with the DSGVO (see page 1), and you are granted with the following rights towards the data controller:

9.1 Right to Obtaining Information

You are entitled to obtain confirmation from the data controller on whether person-related data concerning you gets processed by us.

If that kind of processing is carried out, you may demand from the data controller information on the following:

  • the purposes for which the person-related data gets processed;
  • the categories of person-related data which gets processed;
  • the recipients and categories of recipients respectively to whom the person-related data concerning you has been disclosed or is being disclosed;
  • the planned period of storage of the person-related data concerning you or, if concrete information about it is not possible, criteria for determining the period of storage;
  • the existence of a right to correction or deletion of the person-related data concerning you, a right to restriction of processing the data by the data controller, or a right to contradiction against this way of processing;
  • the existence of a right of complaint to a supervisory authority;
  • all the available information on the origin of the data if the person-related data is not collected from the person concerned;
  • • the existence of automated decision-making including profiling according to art. 22 par. 1 and 4 DSGVO and - at least in these cases – substantial information about the logics involved as well as the implication of and the desired impact on such a way of processing data for the person concerned.

You are entitled to obtain information on whether the person-related data concerning you gets transmitted to a third-party nation or an international organisation. In this context, you may demand to get informed on the appropriate guarantees according to art. 46 DSGVO related to the transmission.

9.2 Right of Correction

You have the right to correction and/or completion towards the data controller as far as the processed person-related data concerning you is incorrect or incomplete. The data controller has to immediately make a correction.

9.3 Right to Processing Restriction

On the following conditions, you may demand restriction of he processing of person-related data concerning you if:

  • you deny the correctness of the person-related data concerning you for a period that enables the data controller to examine the correctness of the person-related data;
  • the processing of the data is unrightful and you reject the deletion of the person-related data and demand restriction of the use of the person-related data instead;
  • the data controller does no longer need the person-related data for the purpose of processing them, but you need them for making, exercising or defending legal claims, or
  • you have lodged an appeal against the processing according to art. 21 par. 1 DSGVO and it has not yet been stated whether the legitimate reasons of the data controller outweigh your own reasons.

If the processing of the person-related data concerning you has been restricted,except for its storage this data may be processed only if you consent to it or if you make, exercise or defend legal claims, or the rights of another natural or legal person shall be protected, or there is good reason for a significant public interest of the European Union or a Member State thereof.

If the restriction of data processing according to the above-mentioned conditions has been further restricted, you will get informed by the data controller before the restriction gets cancelled.

9.4 Right to Deletion

9.4.1. 

You can demand from the data controller that the person-related data concerning you gets immediately deleted, and the data controller is obliged to immediately delete this data as far as one of the following reasons applies:

  • The person-related data concerning you is no longer required for the purposes for which it has been collected or has otherwise been processed;
  • You cancel your consent on which the processing according to art. 6 par. 1 lit. a or art. 9 par. 2 lit. a DSGVO was based, and there is no other legal base for processing.
  • You appeal according to art. 21 par. 1 DSGVO against processing, and there are no legitimate top priority reasons for processing, or you appeal against processing according to art. 21 par. 2 DSGVO.
  • The person-related data concerning you was processed unlawfully.
  • The deletion of the person-related data concerning you is required to fulfil a legal obligation according to the legislation of the European Union or of the legislation of the Member States the data controller is subject to.
  • The person-related data concerning you was collected with relation to services offered by the information society according to art. 8 par. 1 DSGVO

9.4.2. 

If the data controller has made public the person-related data concerning you and if he is obliged according to art. 17 par. 1 DSGVO to erase it, he will, after considering the available technology and implementation costs, take appropriate (if necessary also technical) steps in order to inform the functions responsible for the processing of person-related data that you, as the person concerned, have demanded the deletion of all links to this person-related data or of copies or replications thereof.

9.4.3.  

The right to data deletion does nor apply as far as processing is necessary

  • for exercising the right to freedom of expression and information;
  • for fulfilling a legal obligation that requires the processing according to European Union law or the law of the Member States the data controller is subject to, or for carrying out a task - being of public interest or being performed in exercising public powers – that has been transmitted to the data controller;
  • for reasons of public interest in the field of public health according to art.9 par. 2 lit. h and i as well as art. 9 par. 3 DSGVO;
  • for archival purposes being of public interest, for scientific or historical research purposes, or for statistical purposes according to art. 89 par. 1 DS-GVO, as far as the law mentioned in par. 1 presumably makes impossible or seriously affects the realisaton of the goals of this way of processing, or
  • for making, exercising or defending legal claims.

9.5 Right to Appropriate Spreading of Information

If you have claimed the right to correction, deletion or restriction of processing towards the data controller, there is a duty to inform all recipients to whom the person-related data concerning you have been disclosed about the correction or deletion of the data or the restriction of processing it – unless it proves impossible or implies an inappropriate effort.

You are entitled towards the data controller to get informed about these recipients.

9.6 Right to Transferability of Data

You have the right to obtain the person-related data concerning you, which you have made available for the data controller, in a structured, conventional and machine-readable format. You also have the right to transmit this data to another data controller without obstruction by the data controller the person-related data has been made available to, if

  • the processing is based on a consent according to art. 6 par. 1 lit. a DSGVO or art. 9 par. 2 lit. a DSGVO or on a contract according to art. 6 par. 1 lit. b DSGVO, and
  • the processing is carried out by means of automated procedures.

Exercising this right, you also have the right to make sure that the person-related data concerning you gets transmitted directly from one data controller to another as far as this is feasible. The freedoms and rights of other persons must not be impaired by this.

The right of transferabilty of data cannot be applied to the processing of person-related data, which is required for performing a task that is of public interest or exercised through public powers which were transferred to the data controller.

9.7 Right to Objection

For reasons originating from your special situation, you have the right to appeal at any time against the processing of the person-related data concerning you and following art. 6 par. 1 lit. e or f DSGVO; this also applies for profiling supported by these regulations.

The data controller no longer processes the person-related data concerning you – unless compelling protectionable reasons for the processing can be proved which outweigh those of your interests, rights and freedoms, or the processing serves to make, exercise or defend legal claims.

If the person-related data concerning you gets processed in order to carry out direct advertising, you have the right at any time to appeal against the processing of the person-related data concerning you; this also applies for profiling as far as it is in connection with such direct advertising.

If you appeal against the processing for the purpose of direct advertising, the person-related data concerning you are no longer processed for these purposes.

You are entitled in connection with the use of services of the information society to exercise your right to objection – notwithstanding guideline 2002/58/EG – by means of automated procedures technical specifications are applied with.

9.8 Right to Withdrawal from Data Protection Declaration

You have the right to cancel at any time your Data Protection Declaration. The withdrawal from the declaration does not touch the rightfulness of the performed processing until the cancellation based on your consent.

9.9 Automated Decision in Single Cases including Profiling

You have the right not to become subject to a decision based exclusively on automated processing, including profiling, that develops towards it legal effect or, in a similar way, impairs it considerably. This does not apply if the decision

  • is required for conclusion or fulfilment of a contract between you and the data controller,
  • is permitted due to legal regulations of the European Union or its Member States the data controller is subject to, and these legal regulations contain appropriate steps to safeguard their rights and freedoms as well as their legitimate interests, or
  • is made with your explicit consent.

However, these decisions may not be based on special categories of person-related data according to art. 9 par. 1 DS-GVO, unless art. 9 par. 2 lit a. or g applies and appropriate steps were taken for the protection of the rights and freedoms as well as their legitimate interests.

With regard to the cases mentioned in a. and c., the data controller takes appropriate measures in order to retain the rights and freedoms as well as their legitimate interests, which comprises at least the right to intervene for a person on part of the data controller, to present one's own viewpoint, and to challenge the decision.

9.10 Right to Complain to a Supervisory Authority

Notwithstanding another adminstrative or judicial appeal, you are entitled to complain to a supervisory authority, in particular in the Member State of your residence, your workplace or the place of the suspected violation if you are of the opinion that the processing of the person-related data concerning you contravenes DSGVO.

The supervisory authority the complaint was submitted to informs the complainant about the status and the results of the complaint, including the possibility of a court advice according to art. 78 DSGVO.

10. Transmission of Data to Third Parties

Coffee Fellows may transmit your person-related data to:

  • other Coffee Fellows associations if this is required in connection with the offer and processing of offers or the initiation, coordination or execution of the business relationship,
  • IT service providers processing data in the frame of their performance delivery.

11. Legal Base for Processing

As far as we seek consent of the person concerned for processing operations of person-related data, art.6 par. 1 lit. a EU DSGVO serves as the legal basis.

 

On processing person-related data which are required for fulfilling a contract the contractual party of which is the data controller, art. 6 par. 1 lit. b DSGVO serves as the legal basis. This also applies for processing operations which are necessary for the implementation of pre-contractual measures.

As far as the processing of person-related data is required for fulfilling a legal obligation our enterprise is subject to, art. 6 par. 1 lit. c DSGVO serves as the legal basis.

For the case that vital interests of the person concerned or of another natural person require the processing of person-related data, art. 6 par. 1 lit. d DSGVO serves as the legal basis.

If the processing is necessary to safeguard legitimate interests of our company or of a third party and if the interests, basic rights and basic freedoms of the person concerned do not outweigh the interest first mentioned, art. 6 par. 1 lit. f DSGVO serves as the legal basis for processing the data. The legitimate interest of our company lies in the performance of our business activities.

12. Period of Storage of Person-Related Data

Person-related data is stored for the duration of the corresponding legal retention period. After expiry of the period, the data gets routinely deleted unless there is a requirement for the initiation or fulfilment of a contract.

13. Use of Facebook-Plugins (Like-Button)

On our sites, plugins of the social network provider Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA, are integrated. You can recognize the Facebook plugins by the Facebook logo or the 'like' button („Gefällt mir“) on our Website. You find an overview of the Facebook plugins at: ttp://dhevelopers.facebook.com/docs/plugins/..

When you visit our sites, a direct connection between your browser and the Facebook server gets established via the plugin. Thus, Facebook receives the information that you visited our site with your IP address. If you click the Facebook 'like' button while you are logged in to your Facebook account, you can link the contents of our sites on your Facebook profile. Thus, Facebook can allocate the visit of our sites to your user account. We would like to point out here that we as the provider of these sites do not get informed about the contents of the transmitted data or about the utilisation by Facebook. Further information on this can be found in the Facebook Data Protection Declaration at: ttph://de-de.facebook.com/policy.php..

If you do not want Facebook to be able to allocate the visit of our sites to your Facebook user account, please log off your Facebook user account.

14. Use of Google Analytics

This website utilises functions of the Web analysis service Google Analytics. Provider is Google Inc. 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. Google Analytics uses 'cookies“. These are text files which get stored on your computer and enable an analysis of the use of the website by you. As a rule, the information on your usage of this website created by the cookie gets transmitted to a Google server in the USA and stored there.

In the case of activating the IP-anonymisation on this website, however, your IP address gets abridged in Google beforehand within Member States of the European Union or in other contract states of the Agreement on the European Economic Area. Only in exceptional cases, the full IP address gets transmitted to a Google server in the USA and abridged there. Under the authority of the provider of this website, Google will use this information to evaluate your use of the website, to compile reports on the website activities and to perform further services to the website provider that are associated with the website and Internet use. The IP address transmitted by your browser within the framework of Google Analytics does not get combined with other Google data. You can prevent the storage of the cookies by means of a corresponding setting in your browser software; however, we would like to point out that in that case you may not be able to fully use all functions of this website. Moreover, you can prevent collecting the data created by the cookie and related to your use of the website (including your IP address) as well as the processing of this data by Google by downloading and installing the browser plugin available under the following link at: http://tools.google.com/dlpage/gaoptout?hl=de..

15. Use of Google +1

Our sites utilise functions of Google +1. Provider is Google Inc. 1600 Amphitheatre Parkway Mountain View, CA 94043, USA.

Collecting and forwarding information: By means of Google+1 Apply button, you may publisize information worldwide. The Google +1 button leads you and other users to personalised contents of Google and our partners. Google stores both the information that you have given +1 for contents, and information on the site you were watching when clicking +1. Your +1 can be faded in as hints together with your profile name and your photo in Google services, such as in search results or in your Google profile or on other spots on websites and Internet adverts. Google records information on your +1 activities in order to improve the Google services for you and others. In order to be able to use the Google +1 button, you need a public, worldwide visible Google profile which must contain at least the name chosen for the profile. This name is used in all Google services. In some cases, this name can replace another name which you were using when you divided up contents via your Google account. The identity of your Google profile can be displayed to users who know your email address or dispose of other identifying information about you.

Use of collected information: Beside the purposes of the use explained above, the information provided by you is used according to the up-to-date Google data protection regulations. Google possibly publisizes condensed statistics on the +1 activities of the users and passes them on to users and partners, such as Publisher, advertisers or linked websites.

16. Use of Instagram

We have integrated on our websites functions of the Instagram service. These services are offered by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. When logged on to your Instagram account, you can link the contents of our sites to your user account by clicking the Instagram button. Thus, Instagram can allocate the visit to our sites to your user account. We would like to pint out that we as providers of the sites do not get informed on the contents of the transmitted data or on their use by Instagram.

Further information on this can be found in the Instagram Data Protection Declaration at: http://instagram.com/about/legal/privacy/.

17. Use of LinkedIn

Our website uses functions of the network LinkedIn. Provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Accessing one of our sites which contain LinkedIn functions, a link to LinkedIn servers is being built up. LinkedIn gets informed that you visited our Web sites with your IP address.

Clicking the LinkedIn 'Recommend“ button when logged onto your LinkedIn account enables LinkedIn to allocate your visit to our Website to you and your user account. We would like to point out that, as a provider of the sites, we do not get informed on the contents of the transmitted data or on the use by LinkedIn. Further information on this can be found in the LinkdedIn Data Protection Declaration at: https://www.linkedin.com/legal/privacy-policy

18. Use of Pinterest

We are using on our site social plugins of the social network Pinterest run by Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, USA. When you access a site that contains such a plugin, your browser establishes a direct link to the Pinterest servers. The plugin hereby transmits protocol data to the Pinterest server in the USA. This protocol data possibly contains your IP address, the addresses of the visited websites that contain Pinterest functions as well, the type and settings of the browser, date and time of thre request, your use of Pinterest and cookies.

Further information about purpose, volume and further processing and use of data by Pinterest as well as their corresponding rights and possibilities for the protection of their privacy can be found in the Pinterest Data Protection Declaration at: https://about.pinhterest.com/de/privacy-policy.

19. Use of Twitter

On our sites, functions of the Twitter service have been integrated.These functions are offered by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. Using Twitter and the function 'Re-Tweet', the websites visited by you get linked to your Twitter account and made known to other users. Hereby, data are also transmitted to Twitter. We would like to point out that we, as providers of the sites, do not get informed about the contents of the transmitted data or their use by Twitter. Further information on this can be found in the Twitter Data Protecion Declaration at http://twitter.com/privacy. ..

You can change your data protection settings in the account settings of Twitter at: http://twitter.com/privacy.

20. Use of XING

Our website uses functions of the XING network. Provider is the XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany.

When you access one of our sites which contains Xing functions, a connection to Xing servers gets established. To our knowledge, person-related data is not stored there. In particular, neither IP addresses get stored nor the user behaviour gets evaluated. Further information on data protection and the Xing 'Share' button can be found in the Xing Data Protection Declaration at https://www.xing.com/app/share?op=data_protection

21. Use of Youtube

Our website uses plugins of the Google-run YouTube site. Provider of the sites is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.

If you visit one of our sites provided with a YouTube plugin, a link to the YouTube servers gets established. The YouTube server gets informed on which of our sites you visited. If you are logged on to your YouTube account, you enable YouTube to allocate your surfing behaviour directly to your personal profile. You can prevent this by logging off your YouTube account. Further information on handling user data can be found in the YouTube Data Protection Declaration at: https://www.google.de/intl/de/policies/privacy.

22. Use of Google Maps

This website uses Google Maps for the illustration of maps and for presenting map directions.

Google Maps is run by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

By using this website, you give your consent to Google, one of their representatives or third-party providers to collect, process and use the data collected automatically as well as those entered by you.

The terms of use for Google Maps can be found at Nutzungsbedingungen für Google Maps..

Greater details can be found in the Google Data Protection Center of google.de at: Transparenz und Wahlmöglichkeiten as well as Datenschutzbestimmungen. sowie Datenschutzbestimmungen.