10.11.2010

Privacy

  

Provider and responsible party

The responsible party within the meaning of Art. 4 (7) DSGVO is European Spice Association - ESA, Reuterstraße 151, 53113 Bonn, represented by Dr. Martin Einig, Secretary General.

With all questions on the subject of data protection, in particular also with regard to the exercise of your data subject rights, please contact the postal address listed above, or at:

Phone: +49 228 210180
E-mail: esa@verbaendebuero.de

Scope

This privacy policy provides users with information about the type, scope and purpose of the collection and use of their data by the responsible provider.

The legal framework for data protection is provided by the German Federal Data Protection Act (BDSG) and the German Telemedia Act (TMG) as well as the European Data Protection Regulation (EU-DSGVO).

Collection of general information

With each access to this offer, information is automatically collected by us or the web space provider. The data collected in this way about accesses to provided resources are stored as log files ("server log files") and include the following information:
  • IP address
  • Address accessed
  • Date and time at the time of access
  • Amount of data sent in bytes
  • Response code of the server to the request ("HTTP response code")
  • Used browser identification ("User Agent")
  • Source/reference from which you reached the page ("Referrer")
The data collected is used to deliver the requested content correctly. They inevitably occur when using the Internet with web browsers and are processed on the basis of our legitimate interest (Art. 6 para. 1 lit. f DSGVO) in making our services available, secure and optimized. After 28 days, the last two blocks of digits of the IP address are replaced by "0" (e.g. 192.168.0.0), which corresponds to an anonymization of the data records stored in the log files. It is then no longer possible to establish a personal reference. The server log files are permanently deleted 6 months after the end of the calendar month in which the data was collected.

Handling of personal data

Definition: Personal data is defined as all information by which a person can be clearly identified. It is therefore data that can be traced back to a person.

This personal data includes the first name and surname, telephone number and e-mail address. Also considered personal data is information on hobbies, memberships and preferences, as well as Internet pages that have been accessed.

This data is only collected, used and, if necessary, passed on by the provider if this is expressly permitted by law or if the user consents to the collection, processing, use and passing on of the data or if the collection, processing, use and passing on of the data to service providers commissioned by us is necessary in connection with the processing of inquiries or registrations for events and the like. There is an order data processing agreement for the transfer of data to service providers commissioned by us.

Registration on our website

If you register on our website in order to make use of personalized services, personal data will be collected. This includes the name, address, telephone number and e-mail address as contact and communication data.

Registration enables access to services and content that are only available to registered users. If necessary, registered users have the option of changing or deleting the data provided during registration at any time. Upon request, we will of course inform you which personal data has been collected and stored. In addition, we will correct or delete the data upon request, provided that the request does not conflict with any legal obligations to retain data. For queries as well as your request for correction or deletion of data, please use the contact details provided in this privacy policy.

The processing of data collected in the course of registration is based on Art. 6 para. 1 lit. b DSGVO (implementation of pre-contractual measures).

Cookies

This website uses so-called cookies. These are text files in which information is stored on your computer from the server. The following cookies are used:
  • "PHPSESSID" - this is a "session cookie" of the web server, which is used to assign user requests to server-side session data. This cookie is technically necessary, does not contain any personal data and expires after the session ends, for example by closing the browser.
  • "CONSENT_ANALYTICS" - this is a persistent cookie in which your decision (consent or refusal) regarding the collection of your visit by means of the "Google Analytics" web analysis tool is stored. This cookie serves your convenience, as your decision, once made, does not have to be made again when calling up each sub-page. The cookie does not contain any personal data and expires after one year.
  • When logging in to the protected member area with the "Remember login" option set, your username and encrypted password are stored in two persistent cookies ("username", "password"). These cookies are for your convenience and expire after 14 days or when you log out of the member area with the option "log out permanently" set.
  • If you have consented to the statistical recording of your visit, further cookies may be set by Google Analytics, which we discuss in more detail in the relevant section.

Usage statistics: Web analysis using Google Analytics

We use the web analysis tool "Google Analytics" on our website, provided by the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043.

It must be expected that the collected data will be transferred to servers in the USA for further processing; please read the related risk information in the following sections.

The software is set so that IP addresses are not stored in full (option "_anonymizeIp()"). This is to ensure that your IP address is shortened beforehand by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area, in order to prevent direct personal reference. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. After anonymization, the remaining data cannot be related to a specific person.

Cookies
Google Analytics uses so-called cookies to evaluate your use of the website and to provide us with further services related to the use of the website. The provider's privacy policy can be found at policies.google.com/privacy; further information on the cookies set and how the data collected is processed can be found at policies.google.com/technologies/cookies and marketingplatform.google.com/intl/en/about/analytics.

Processing purpose, legal basis, revocation possibility
We use this tool to analyze and regularly improve the use of our website. The statistics obtained enable us to improve our offer and make it more interesting for you as a user.

The legal basis for the processing is your consent given for this purpose (Art. 6 para. 1 lit. a DSGVO as well as § 25 para. 1 TTDSG). This consent can be revoked at any time with effect for the future; to do so, please click on the "Cookie settings" link in the page footer.

Risk information
The transfer of data to the USA takes place without the protection of a so-called adequacy decision in accordance with the GDPR and therefore possibly entails considerable risks. Before you give your consent, we ask you to take note of the following risks and consider them in your decision:
  • There is no uniform data protection law in the USA - certainly not one that is comparable to the data protection law applicable in the EU. This means that both U.S. companies and government agencies have more opportunities to process your personal data, especially for promotional targeting, profiling and conducting (criminal) investigations. Our and your ability to take action against this is significantly limited.
  • The U.S. legislator has also reserved extensive access rights to your personal data that are not compatible with our understanding of the law. In particular, unlike in the EU, there is no proportionality test prior to access.
  • In summary, EU citizens cannot expect effective legal protection in the USA.
For more information on terms of use and data protection, please visit www.google.com/analytics/terms/de.html or www.google.de/intl/de/policies.

We have concluded an order data processing agreement with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.

This website uses the "demographic characteristics" function of Google Analytics. This allows reports to be generated that contain statements about the age, gender and interests of site visitors. This data comes from interest-based advertising from Google as well as visitor data from third-party providers. This data cannot be assigned to a specific person. You can deactivate this function at any time via the ad settings in your Google account or generally prohibit the collection of your data by Google Analytics as shown in the item "Objection to data collection".

Data economy

In accordance with the principles of data avoidance and data economy, we only store personal data for as long as is necessary or required by law (statutory storage period). If the purpose of the collected information ceases to apply or the storage period ends, we block or delete the data.

Your rights to information, correction, blocking, deletion and objection

You have the right, upon request and free of charge, to request information about the personal data stored by us and/or to request correction, blocking or deletion. Exceptions: It is the mandatory data storage for business processing or the data is subject to the legal obligation to retain.
For these purposes, please contact our data protection officer.
In order to be able to consider a data block at any time, it is necessary to keep the data in a blocking file for control purposes. If there is no legal archiving obligation, you can also request the deletion of the data. Otherwise, we will block the data if you so wish.

Changes to our data protection declaration

In order to ensure that our data protection declaration always complies with the current legal requirements, we reserve the right to make changes at any time. This also applies in the event that the data protection declaration has to be adapted due to new or revised services, for example new services. The new data protection statement will then apply the next time you visit our website.

Previous versions