1. Person responsible for the processing of your personal data
1.1. With this data protection information, we would like to inform you about which personal data we collect and process when you visit our website and for what purposes we do so. Wir verarbeiten Ihre personenbezogenen Daten nur soweit Sie uns hierfür eine Einwilligung erteilt haben oder gesetzliche Bestimmungen uns dies gestatten.We process your personal data only insofar as you have given us your consent or legal provisions permit us to do so. The following article references refer to the GENERAL DATA PROTECTION REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (GDPR).
1.2. We the
Dr. Bronner’s Europe GmbH
Fon: +49 (0) 2137 937 9100
are "controllers" for the processing of your personal data within the meaning of Art. 4 No. 7 GDPR. Our data protection department can be reached at firstname.lastname@example.org or our postal address with the addition "data protection".
2. Personal Data
Your personal data (for example your name, your date of birth, your address, your nationality), your credentials (eg your ID data), your order and order data including your e-mail address, your technical connection data uch as your IP address, depending on the payment method your account and payment data, advertising and sales data, as well as other comparable data to understand.
3. Collection of your personal data
As part of the processing of your personal data, we distinguish between data that we collect directly from you and data that we receive from other sources.
3.1. Personal data that we collect from you:
3.1.1. When you contact us by e-mail or through the contact form on our website, we will collect the information you provide (your e-mail address, your name and telephone number if applicable) to answer your questions. We delete the data that arises in this context after the storage is no longer required, or limit the processing if there are statutory retention requirements.
3.1.2. When using our online shop and the associated contract, we process your communicated, personal data necessary for the initiation of this contract through our online store and for its implementation, and if necessary for the provision of warranty or for the rescission of the contract Art. 6 para. 1 sentence 1 lit. b) GDPR. The processed data include your address, your date of birth and your account / payment data. In addition, the electronic ordering process also collects your technical connection data.
You have the choice whether you only provide your data necessary for the order once for this order or whether you want to create a customer account where your data is stored for later purchases. If you do not create a customer account, we will store your data for the purpose of the contract and delete it as soon as we are no longer legally required to store. Mandatory information necessary for the execution of the contracts is marked separately, further details are voluntary. When you create a customer account or revise previously submitted data, the data you provide is revocable in your account settings and can be used for further orders without re-entering. The deletion of your customer account is possible at any time and can take place via a designated function in the customer account.
3.1.3. If you access and use our website for purely informative purposes, we only collect data that is transmitted automatically by your internet browser. These include, for example, the following data:
- IP address
- Date and time of the request
- Time zone difference to Greenwich Mean Time (GMT)
- Content of the requirement (concrete page)
- Access status / HTTP status code
- each transmitted amount of data
- Website from which the request comes
- Operating system and its interface
- Language and version of the browser software
These data are evaluated solely for the purpose of ensuring trouble-free operation of the site and the improvement of our offer. This is done in accordance with Art. 6 para. 1 lit. f) GDPR due to our legitimate interest in a correct presentation of our offer.
3.1.4. If you are a legal representative or employee of one of our clients, your personal information may be collected provided that you act on behalf of or on behalf of our customer in the existing relationship with us. This is done for the purpose of initiating or fulfilling the contract concluded with you, Art. 6 para. 1 sentence 1 lit. b) GDPR.
3.2. Personal information we receive from external sources
We may also use personal information that has been lawfully collected by another party and that is also lawfully transmitted to us, such as publicly available information. These include, but are not limited to, debt directories, public registers such as insolvency announcements or information from the commercial register, as well as from the press and the Internet.
4. Transmission of your personal information to third parties
We will transmit your personal data to authorized service providers in Germany and abroad, if this is necessary for economic or technical reasons. For this purpose, we will carefully select the respective service provider, agree with this contract processing contract according to Art. 28 para. 3 GDPR and carefully inspect it. For the purpose of outsourcing certain business processes, in accordance with Art. 6 para. 1 sentence 1 lit. f) GDPR a legitimate interest in the conclusion of contracts for order processing with the respective service provider.
4.1. We transfer your data for the purpose of fulfilling the contract pursuant to Art. 6 para. 1 sentence 1 lit. b) GDPR, for example, to the shipping company entrusted with the delivery of your goods.
4.3. For the purpose of fulfilling the contract pursuant to Art. 6 para. 1 sentence 1lit. b) GDPR, we can also transfer your personal data to anyone to whom we assign rights that result from the contractual relationship with you.
5. Transfer of your personal data to a third country
Should your data be transmitted to a third country, we will ensure that it is transmitted either only to countries with a corresponding level of protection within the meaning of Article 45 (1) of the GDPR or the person responsible in the respective third country provided appropriate data protection guarantees. These guarantees may consist of:
5.1. binding, internal data protection regulations according to Art. 47 GDPR, or
5.2. Standard protection clauses issued by the European Commission in accordance with the examination procedure pursuant to Art. 93 para. 2 GDPR.
6.1. When you use our website cookies are also stored on your computer. Cookies are small text files that are stored on your hard drive, assigned to the browser you are using, and that provide certain information to the body that sets the cookie. Cookies can not run programs or transmit viruses to your computer. They serve to make the Internet offer more user-friendly and effective overall.
6.2. This website uses persistent cookies and third-party cookies, the scope and operation of which are explained below:
6.2.1. Persistent cookies are automatically deleted after a specified period, which may differ depending on the cookie. You can delete the cookies in the security settings of your browser at any time.
6.2.2. Third-party cookies are cookies that are set and recorded by a third party. We use this type of cookie for the purposes of incorporating social media and reach analysis.
6.3. You can configure your browser setting according to your wishes and, for example, reject the acceptance of third-party cookies or all cookies. Please be aware that you may not be able to use all functions of this website.
7. Web analytics tools and Internet advertising
7.1. Google Analytics
7.1.1. This website uses Google Analytics, a web analytics service provided by Google Inc. ("Google"). Google Analytics uses so-called "cookies", text files that are stored on your computer and that allow an analysis of the use of the website by you. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. However, if IP anonymization is activated on this website, your IP address will be shortened by Google beforehand within the member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the US and shortened there. Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage.
7.1.2. The IP address provided by Google Analytics as part of Google Analytics will not be merged with other Google data.
7.1.3. You can prevent the storage of cookies by a corresponding setting of your browser software; however, please note that if you do this, you may not be able to use all the features of this website to the fullest extent possible. In addition, you may prevent the collection by Google of the data generated by the cookie and related to your use of the website (including your IP address) and the processing of such data by Google using the browser plug-in available at the following link Download and install: http://tools.google.com/dlpage/gaoptout?hl=de.
7.1.4. This website uses Google Analytics with the extension "_anonymizeIp ()". As a result, IP addresses are shortened processed further, a personal reference can be excluded. Insofar as the data collected about you is assigned a personal reference, it will be immediately excluded and the personal data will be deleted immediately.
7.1.5. For the exceptional cases in which personal data is transferred to the US, Google has submitted to the EU-US Privacy Shield. Information is available at https://www.privacyshield.gov/EU-US Framework.
7.2. Google AdWords conversion
7.2.1. We use the offer of Google Adwords to draw attention to our attractive offers with the help of advertising materials (so-called Google Adwords) on external websites. In relation to the data of the advertising campaigns, we can determine how successful the individual advertising measures are. We have a legitimate interest in showing you advertisements that are of interest to you, to make our site more interesting to you and to achieve a fair calculation of advertising costs.
7.2.2. These advertising materials are supplied by Google via so-called "ad servers". To do this, we use ad server cookies, which measure certain performance metrics such as ads or user clicks. If you access our website through a Google ad, Google Adwords will store a cookie on your PC. These cookies usually lose their validity after 30 days and are not intended to identify you personally. This cookie will typically use the unique cookie ID, number of ad impressions per placement (Frequency), last impression (relevant to post-view conversions), and opt-out information (mark that the user does not) as analysis values more would like to be addressed) saved.
7.2.3. These cookies allow Google to recognize your Internet browser. If a user visits certain pages of an Adwords customer's website and the cookie stored on their computer has not expired, Google and the customer will be able to detect that the user clicked on the ad and was redirected to that page. Each Adwords customer is assigned a different cookie. Cookies can not be tracked via the websites of Adwords customers. We ourselves do not collect and process any personal data in the aforementioned advertising measures. We receive only statistical evaluations provided by Google. On the basis of these evaluations, we can identify which of the advertising measures used are particularly effective. We do not receive any further data from the use of the advertising material, in particular we can not identify the users on the basis of this information.
7.2.4. Due to the marketing tools used, your browser automatically establishes a direct connection to the Google server. We have no control over the extent and the further use of the data, which are raised by the employment of this tool by Google and inform you therefore according to our knowledge level: By the incorporation of AdWords conversion Google receives the information that you the appropriate part of our Internet appearance or click on an ad from us. If you are registered with a service provided by Google, Google may associate the visit with your account. Even if you are not registered with Google or have not logged in, there is a chance that the provider will find and store your IP address.
7.2.5. You can prevent participation in this tracking process in several ways:
by setting your browser software accordingly, in particular, the suppression of third party cookies will prevent you from receiving any third party advertisements;
By deactivating conversion tracking cookies by setting your browser to block cookies from the domain "www.googleadservices.com", https://www.google.com/settings/ads, these settings will be deleted if you delete your cookies;
by disabling the interest-based ads of the providers that are part of the About Ads self-regulatory campaign through the http://www.aboutads.info/choices link, which will be deleted when you delete your cookies
By permanent deactivation in your browsers Firefox, Internet Explorer or Google Chrome under the link http://www.google.com/settings/ads/plugin. We point out that in this case you may not be able to use all the features of this offer in full.
7.2.6. For more information about privacy at Google, see http://www.google.com/intl/en/policies/privacy and https://services.google.com/sitestats.html. Google has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US Framework.
7.3. Facebook custom audience
7.3.1. The site also uses Facebook's remarketing feature "Custom Audiences" ("Facebook"). This allows the users of our website to be shown interest-based advertisements ("Facebook Ads") as part of their visit to the social network Facebook or other websites that also use the process. We are interested in showing you advertisements that are of interest to you in order to make our website more interesting to you.
7.3.2. Due to the marketing tools used, your browser automatically establishes a direct connection to the Facebook server. We have no control over the extent and the further use of the data, which are raised by the use of this tool by Facebook and inform you therefore according to our knowledge level: By the integration of Facebook Custom Audiences Facebook receives the information that you have the appropriate website of our Have visited the website, or have clicked on a message from us. If you are registered with a service of Facebook, Facebook can assign the visit to your account. Even if you are not registered with Facebook or have not logged in, there is a chance that the provider will find out and store your IP address and other identifying features.
7.3.3. You can disable the "Facebook Custom Audiences" feature at https://www.facebook.com/settings/?tab=ads#.
7.3.4. The legal basis for the processing of your data is Art. 6 para. 1 sentence 1 lit. f) GDPR. For more information about data processing through Facebook, please visit https://www.facebook.com/about/privacy.
7.4. Doubleclick by Google
7.4.2. Due to the marketing tools used, your browser automatically establishes a direct connection to the Google server. We have no control over the extent and further use of the data collected by the use of this tool by Google and therefore inform you to the best of our knowledge: By including DoubleClick, Google receives the information that you access the corresponding part of our website or clicked an ad from us. If you are registered with a service provided by Google, Google may associate the visit with your account. Even if you are not registered with Google or have not logged in, there is a chance that the provider will find and store your IP address.
7.4.3. You can prevent participation in this tracking process in several ways:
by setting your browser software accordingly, in particular, the suppression of third party cookies will prevent you from receiving any third party advertisements;
By disabling conversion tracking cookies by setting your browser to block cookies from the domain "www.googleadservices.com", https://www.google.com/settings/ads, this setting being cleared if you delete your cookies;
by disabling interest-based ads from the providers that are part of the About Ads self-regulatory campaign through the http://www.aboutads.info/choices link, which will be deleted when you delete your cookies;
through permanent deactivation in your browsers Firefox, Internet Explorer or Google Chrome under the link http://www.google.com/settings/ads/plugin. We point out that in this case you may not be able to use all the features of this offer in full.
7.5. Web fonts
7.5.1. This site uses so-called web fonts, provided by Google, for the uniform representation of fonts. When you call up a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly. To do this, the browser you use must connect to Google's servers. As a result, Google learns that our website has been accessed via your IP address.
7.5.2. The use of Google Web Fonts is in the interest of a consistent and attractive presentation of our online services. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 sentence 1 lit. f) GDPR.
7.5.3. If your browser does not support web fonts, a default font will be used by your computer.
8. Connection to social media
8.1. Use of social media plugins
8.1.1. We are currently using the following social media plugins: Facebook, Instagram. To increase the protection of your data when you visit our website, the plugins are not unrestricted, but only by using an HTML link (so-called "Shariff solution" from c't) incorporated into the site. This integration ensures that when you visit a page of our website that contains such plugins, no connection with the servers of the provider of the respective social network is established. Click on one of the buttons, opens a new window of your browser and calls the page of the respective service provider on which you can (for example, after entering your login data) eg the Like or Share button.
8.1.2. Through the plugins we offer you the opportunity to interact with the social networks and other users so that we can improve our offer and make it more interesting for you as a user. The legal basis for the use of the plugins is Art. 6 para. 1 sentence 1 lit. f) GDPR.
8.1.3. If you do not want the respective social networks to generate data about you through our website, you can take the following action: Always log out of the social networks before you visit our website or other websites.
8.1.4. For more information on the purpose and scope of the data collection and its processing by the plug-in provider, please refer to the privacy statements of these providers provided below. There you will also find further information about your rights and settings options for the protection of your privacy.
8.1.5. Addresses of the respective plugin providers and URL with their privacy notices:
- Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA; http://www.facebook.com/policy.php; further information about the data collection: https://www.facebook.com/about/privacy; Facebook has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US Framework.
- Instagram Instagram LLC, 1601 Willow Rd, Menlo Park CA 94025, USA; https://help.instagram.com/155833707900388/?helpref=hc_fnav&bc=Instagram-Hilfe&bc=Datenschutz%20und%20Sicherheitsbereich.
Our website uses plugins from the Google-powered YouTube page. Site operator is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.
When you visit one of our YouTube plug-in-enabled sites, you will be connected to the servers of YouTube. It tells the YouTube server which of our pages you've visited.
If you're logged into your YouTube account, YouTube will allow you to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account.
The use of YouTube is in the interest of an attractive presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f) GDPR.
8.3. Google Maps
8.3.1. On this website we use the offer of Google Maps. This allows us to show you interactive maps directly in the website and allow you to conveniently use the map feature.
8.3.2. By visiting the website, Google receives the information that you have accessed the corresponding subpage of our website. In addition, the items mentioned under 3.1.3. transmitted in accordance with this declaration. This is done regardless of whether Google provides a user account that you are logged in to, or if there is no user account. When you're logged in to Google, your data will be assigned directly to your account. If you do not wish to be associated with your profile on Google, you must log out before activating the button. Google stores your data as usage profiles and uses them for purposes of advertising, market research and / or tailor-made website design. Such an evaluation is done in particular (even for users who are not logged in) to provide appropriate advertising and to inform other users of the social network about their activities on our website. You have a right of objection to the formation of these user profiles, and you must comply with this to Google.
8.3.3. The use of Google Maps is in the interest of an attractive presentation of our online offers and an easy findability of the places we have indicated on the website. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 sentence 1 lit. f) GDPR.
9. Retention periods and criteria for the storage of your personal data
All processed personal data will only be stored for as long and as far as necessary for the fulfillment of our contractual and legal obligations. Among other things, data storage is required for the execution and execution of the contract, including the defense and enforcement of civil claims within the relevant limitation periods. According to §§ 195 ff. BGB, these limitation periods can be up to 30 years, whereby the regular limitation period is 3 years. Retention requirements and the resulting retention periods also exist due to tax law, money laundering, commercial law, tax law and other statutory provisions. The periods for storage / documentation provided there are 6 to 10 years. In order not to violate legal regulations or to lose the opportunity to enforce a claim or to defend ourselves against such, we reserve the right to delete the data only after the last deadline, which legitimates the data storage. By default, data collected through Analytics Analytics will be deleted after 26 months.
10. Data protection in applications and in the applivcation process
The controller collects and processes the personal data of applicants for the purpose of processing the application process. The processing can also be done electronically. This is particularly the case if an applicant submits corresponding application documents to the controller by electronic means, for example by e-mail or via a web form available on the website. If the controller concludes a contract of employment with an applicant, the data transmitted will be stored for the purposes of the employment relationship in accordance with the law. If no employment contract is concluded with the candidate by the controller, the application documents will be automatically deleted two months after the announcement of the rejection decision, provided that deletion does not prejudice any other legitimate interests of the controller. Other legitimate interest in this sense, for example, a burden of proof in a procedure under the General Equal Treatment Act.
11. Your rights
11.1. You have the following rights with respect to the personal data concerning you:
- Right to information (Article 15 of the GDPR)
- Right to rectification or erasure (Arts 16, 17 GDPR)
- Right to restriction of processing (Article 18 of the GDPR)
- Right to data portability (Article 20 of the GDPR)
- Right of objection (Art. 21 GDPR)
You have the right at any time, for reasons arising from your particular situation, to prevent the processing of personal data relating to you which, on the basis of Article 6 (1) sentence 1 lit. f) GDPR (data processing due to a legitimate interest) takes an objection. If you object, we will no longer process your personal information unless we can establish compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing is for the purposes of asserting, exercising or defending legal claims.
Furthermore, you have the right to object at any time to the processing of personal data concerning you for the purpose of direct advertising, Art. 21 (2) GDPR. If you object to the processing for direct marketing purposes, we will no longer process your personal data for these purposes.
In order to make use of your rights mentioned in Section 11.1, please contact us by e-mail to email@example.com or to the address specified in Section 1.2.
11.2. You also have the right to complain to us about the processing of your personal data by the competent data protection supervisory authority.