Data Protection

Privacy Statement and Data Subject´s Rights in accordance with Art. 13, 14 GDPR

www.schogetten.com

The protection of your personal data is an important concern for the Ludwig Schokolade GmbH & Co. KG. Therefore, our company collects and processes your personal data strictly in accordance with the data protection regulations. On this page, we inform you about the collection and processing of your personal data according to Art. 13, 14 GDPR.

Responsible for data processing is

Ludwig Schokolade GmbH & Co. KG
Senefelderstraße 44
51469 Bergisch Gladbach
T +49 2202 105-500
F +49 2202 105-501
verwaltung@ludwig-schokolade.de

Our data protection officer is

PricewaterhouseCoopers Legal AG Rechtsanwaltsgesellschaft
Moskauer Straße 19
40227 Düsseldorf
legal@krueger.de

When visiting this website and using the various offers, we process your personal data as described in detail below.

When operating the website, we work together with an external service provider whom we have carefully selected and obliged in accordance with data protection regulations.

Table of Content

    1. Cookies
    2. Server-Logfiles
    3. Google WebFonts
    4. hCaptcha
    5. Google Analytics
    6. Matomo (previous Piwik)
    7. Facebook Fanpage
    8. Contact and Customer Complaints: form and email function
    9. Data Security
    10. Data Subject´s Rights

1. Cookies

2. Server-Logfiles

In addition, your browser transmits access data, so-called server log files, which we process each time you visit our website in order to guarantee system security and to compile usage statistics. In particular, the time of your visit, the page from which you visit us (referrer. URL), the subpages visited, your IP address, the data volume and the browser you use are transmitted to us. This data is required to ensure system security, e.g. to identify and block the hacker in the event of a hacker attack. This is in our overriding, legitimate interest and is in accordance with Art. 6 para 1 sent. 1 lit. f GDPR.

3. Google WebFonts

This website uses so-called Web Fonts provided by Google to ensure the uniform use of fonts on this site. These Google fonts are locally installed so that a connection to Google’s servers will not be established in conjunction with this application.

For more information on Google Web Fonts, please follow this link: https://developers.google.com/fonts/faq and consult Google’s Data Privacy Declaration under: https://policies.google.com/privacy?hl=en.

4. hCaptcha

We use “hCaptcha” on our websites. The provider is Intuition Machines, Inc., 2211 Selig Drive, Los Angeles, CA 90026, USA (“Intuition Machines”).

The purpose of hCaptcha is to determine whether data entered on our websites (e.g. information entered into a contact form) is being provided by a human user or by an automated program. To determine this, hCaptcha analyses the behaviour of the website visitors based on a variety of parameters. This analysis is triggered automatically as soon as the website visitor enters the site. For this analysis, hCaptcha evaluates a variety of data (e.g. IP address, time the website visitor spent on the site or cursor movements initiated by the user). The data tracked during such analyses are forwarded to Intuition Machines.

hCaptcha analyses run entirely in the background. Website visitors are not alerted that an analysis is underway.

The data is processed on the basis of Art. 6 Sect. 1 lit. f GDPR. It is in the website operators legitimate interest, to protect the operator’s web content against misuse by automated industrial espionage systems and against SPAM.

For more information about hCaptcha and to review the Data Privacy Declaration of Intuition Machines, please follow these links: hCaptcha – Privacy Policy and hCaptcha – Stop more bots. Start protecting privacy.

5. Google Analytics

a)    Purpose of data processing, recipient of personal data

We are using Google Analytics, a web analyses service provided by Google LLC. With Google Analytics we are together with Google generating user profiles and user statistics to construct a needs-oriented and user-friendly Website. As our data processor, Google processes the data generated by Google Analytics, to analyze your usage of the websites, to generate reports on your activities on the websites and to provide us with further services in terms of your website usage. The evaluation of such information and statistics helps us to improve our offer for you as our website visitor. If you have given us your consent to use the Google Analytics cookie, Google is filing such Google Analytics cookie on your device. The information gathered by such cookie is, in general, transmitted by Google onto a Google server located in the USA.

Generally, no personal data are processed with the Google Analytics cookie. Google shortens your IP address when transmitting within EU-member states or within other members underlying the European Economic Area. In exceptional cases in which your complete IP address is transferred to the Google US servers, an appropriate level of data protection is ensured, since Google has complied with the EU-US Privacy Shield (https://www.privacyshield.gov/list). In addition, we enhanced the Google Analytics tool on our websites with a plug-in called „AnonymizeIP“ to grant an anonymization of your IP address even in such exceptional cases so that your IP address cannot be related with you as person. Google does not merge your IP address with other data. There is no EU resolution confirming that the USA provides an adequate data protection level. Thus, in case of exceptions in which personal data is transferred to the US, the data privacy level is granted by the EU-US Privacy Shield (https://www.privacyshield.gov/list).

b)    Legal basis, storage period, no obligation to provide personal data

Our usage of Google Analytics is legally based on  Article 6 Sec. 1, page 1 lit. a) of the EU-GDPR. Web sessions will automatically be closed after 30 minutes of inactivity. Personal data provided in connection with campaigns are stored for a maximum time period of two years. You are neither legally nor contractually obligated to provide your personal data.

c)    Revocation of your consent

You can revoke your consent to Google Analytics’ data processing at any time and for future times. You have several options to revoke your consent:

(i) You can prohibit the Google Analytics Cookie in your browser’s software personal settings.

You will find the personal settings of your respective browser under the following links:

Internet Explorer™: http://windows.microsoft.com/de-DE/windows-vista/Block-or-allow-cookies

Safari™: https://support.apple.com/kb/ph21411?locale=de_DE

Chrome™: http://support.google.com/chrome/bin/answer.py?hl=de&hlrm=en&answer=95647

Firefox™ https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen

Opera™ : http://help.opera.com/Windows/10.20/de/cookies.html

(ii) You can also install a browser plug-in which prevents the tracking; please see also http://tools.google.com/dlpage/gaoptout?hl=de (if such plug-in is available for your browser). Please note, when clicking this link, you are leaving our website.

(iii) Furthermore, you can also revoke your consent by a respective information to us (please see also Sec. 11 f below).

d)    Information on the service provider

Google Analytics is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland. For further information on Google’s and Google Analytics‘ terms of use and data privacy, please go to (when clicking the below listed links, you are leaving our website):

Data processing on behalf

We have concluded a contract with Google for data processing on behalf and fully implemented the strict requirements of the German data protection authorities for the use of Google Analytics.

6. Matomo (previous Piwik)

This website uses the open source web analysis service Matomo. Matomo uses so-called “cookies”. These are text files that are stored on your computer and enable an analysis of your use of the website. For this purpose, the information generated by the cookie about the use of this website is stored on our server.

This website uses Matomo with the extension “AnonymizeIP”. This shortens the processing of IP addresses and prevents direct personal contact. The IP address transmitted by your browser using Matomo will not be merged with other data collected on our website.

Matomo cookies remain on your device until you delete them.

Matomo cookies are stored in accordance with Art. 6 para. 1 sent. 1 lit. f GDPR. The website operator has a legitimate interest in anonymized analysis of user behavior in order to optimize his website and his advertising.

The information generated by the cookie about the use of this website will not be passed on to third parties. You may refuse the use of cookies by selecting the appropriate settings on your browser. Pease note that if you do this you may not be able to use the full functionality of this website.

If you do not agree to the storage and use of your data, you can deactivate the storage and use here. In this case, an opt-out cookie is stored in your browser, which prevents Matomo from saving usage data. If you delete your cookies, the Matomo Opt-Out cookie will also be deleted. The opt-out must be reactivated the next time you visit our site.

7. Facebook Fanpage

For further information on Ludwig Schokolade, our products, and special offers, please visit also our Facebook fanpage www.facebook.com/schogetten hereafter „fanpage“). You can also publish your own posts via these fanpages (please see our terms of use).

We are using the Facebook service “Insights“ for evaluation of our Facebook fanpages. When you visit our fanpage, we are, together with Facebook, processing your data provided via the Facebook service „Insights“. Such data includes information on your action and interaction on and in connection with our fanpages, thus the collected data can be personal data.

Meta Platforms Ireland Ltd. collects such data in compliance with your data privacy rights pursuant to Article 3 of the EU-GDPR. For further information on the processing of your personal data in connection with the Facebook service Insights, please visit www.facebook.com/legal/terms/ information_about_page_insights_data). For further information on your rights in terms of data privacy pursuant to the EU-GDPR, please see also Facebook’s data privacy policy under www.facebook.com/about/privacy). To execute your rights, you are also free to contact us.

Please note that we do not have information on Facebook’s data processing. Thus, when visiting our fanpage or when sharing and linking our fanpages with other users and fanpages, Facebook might track your actions and collect your personal data for its own purposes.

8. Contact and Customer Complaints: form and email function

You can contact us directly using the contact form provided on our website. If you do, you must provide your name, e-mail address, title and address. We collect this information, your message, your IP address and the time you submit the form. You can also contact us via our Facebook fanpage (please see Section 7). In this case, your name, email address and address are required only in the event of a complaint.

We also offer you the opportunity to contact us directly via e-mail. If you click on the ” e-mail ” button on our website, your e-mail program will open and you can send us a message to our pre-registered e-mail address. We have no influence on the data processing by the e-mail program of your respective provider; we only create a link to the e-mail program.

You are neither legally nor contractually obliged to provide your personal data. Without your personal data though (e.g. e-mail and postal address) we are not able to handle your queries or complaints. We are processing the information provided to us via our contact form, e-mail or Facebook fanpage only to reply to your queries. We delete it as soon as the communication is completed, unless legal storage obligations require a storage. We have a legitimate interest in processing such data pursuant to EU-GDPR, Article 6, Sect. 1, Page 1 lit. b). We process your IP-address and the time of your query to identify and repel possible automatic hacker attacks.

9. Data Security

In order to protect your personal data as best as possible, we use SSL encryption (https standard) for technical and organizational security measures, which are also adapted in accordance with the current state of the art in each case.

10. Data Subject´s Rights

If personal data relating to you as a natural person is used, you are entitled to various data subject´s rights. In accordance with § 34 BDSG (“Federal Data Protection Act”), Art. 15 GDPR, you have the right to be informed about your personal data stored and its origin, the recipients or categories of recipients to whom data are passed on, and the purpose of storage. You are entitled to have your personal data rectified, erased or to restrict the processing in accordance with § 35 BDSG, Art. 16 – 18 GDPR. Furthermore, you can request the transfer of data to another responsible party in accordance with Art. 20 GDPR.

In addition, you can object to the further processing of your data if we process your data on the basis of a legitimate interest (Art. 6 para. 1 sent. 1 lit. f GDPR). As far as we do not process your data for advertising purposes, this requires a reason, which results from your special situation. In the event of an objection, we will no longer process your personal data as soon as we receive it, during the subsequent check and, in the event of a justified objection, delete it after completion of the check (§ 36 BDSG, Art. 21 GDPR).

You can revoke your consent to data processing (Art. 6 para 1 sent. 1 lit. a GDPR) at any time; we will then not process your personal data further unless we have legal permission to do so.

An objection or revocation does not affect the legality of data processing in the past. We fulfil the rights to which you are entitled immediately and free of charge. Please contact us or our data protection officer; you will find our contact details at the beginning of this data protection declaration.

Finally, under Art. 77 GDPR, you have the right to submit a complaint with the responsible data protection supervisory authority.