Data Protection Policy

 

General

SGF International e.V. takes the protection of your personal data very seriously. Your privacy is a matter of special concern to us. The following paragraphs inform you about the processing of personal data pursuant to the requirements of the General Data Protection Regulation (GDPR). Particular consideration is given to the information obligations according to Art. 12 to 14 GDPR and to providing information about the rights of data subjects under the GDPR pursuant to Art. 15 to 22 and Art. 34 GDPR. We process your personal data in accordance with the applicable statutory data protection requirements for the purposes stated below.

 

Controller

The controller responsible for the processing of your personal data is 

SGF International e.V.
Am Hahnenbusch 14 b
55268 Nieder-Olm
Germany

Phone: +49 (0) 61 36 - 92 28 0
Fax: +49 (0) 61 36 - 92 28 10
E-mail: info@sgf.org

 

You can contact our Data Protection Officer by e-mail at datenschutz@sgf.org or by post to

SGF International e.V.
Data Protection Officer
Am Hahnenbusch 14 b
55268 Nieder-Olm
Germany

 

Purpose of Data Collection

Data are collected for the purpose of optimising the website, analysing errors, tailoring the website to your individual needs, providing contact possibilities and selling goods and services.

 

General Aspects of Data Processing

As a rule we only collect and use personal data of our users where this is necessary in order to provide a functioning website together with our contents and services. The personal data of our users are collected and used regularly only after obtaining the user’s consent. One exception to this rule applies to those cases where it is not possible to obtain prior consent for practical reasons and where processing of the data is permitted by statutory provisions.

Legal basis for processing your data:

  • if consent has been obtained from the data subject to the processing of his or her personal data, the legal basis is Art. 6 (1) a of the EU General Data Protection Regulation (GDPR).
  • if processing personal data is necessary for the performance of a contract to which the data subject is party, the legal basis is Art. 6 (1) b GDPR. This also applies to processing operations that are necessary prior to entering into a contract.
  • if processing personal data is necessary to fulfil a legal obligation incumbent upon our company, the legal basis is Art. 6 (1) c GDPR.
  • if processing personal data is necessary in order to protect the vital interests of the data subject or of another natural person, the legal basis is Art. 6 (1) d GDPR.
  • if processing personal data is necessary to protect a legitimate interest of our company or of a third party and the interests, fundamental rights and freedoms of the data subject do not override the first-mentioned interests, the legal basis is Art. 6 (1) f GDPR.

Legitimate interests can include in particular:

  • answering enquiries;
  • carrying out direct marketing measures;
  • providing services and/or information intended for you;
  • processing and transmitting personal data for internal or administrative purposes;
  • operation and management of our website;
  • technical support for the users;
  • prevention and detection of fraud and criminal offences;
  • protection from payment defaults when obtaining creditworthiness information for enquiries about deliveries and services; and/or
  • warranting network and data security, insofar as these interests are in accordance with the respective valid law and with the rights and freedom of the user.

Categories of recipients:

  • service providers for optimising the websites, online marketing service providers and tools, service companies for information and communications technology, companies for software and device maintenance, some of which are described in greater detail below;
  • social networks and communities as described in greater detail below;
  • internal recipients according to the “need to know” principle.

 

Connection Data / Server Logfiles

With every visit to our website, our systems automatically register data and information from the computer making the visit.

The following types of data are collected: browser type, used version, user’s operating system, internet service provider, user’s IP address, time and date of calling up the website, websites from which the user’s system accessed our website or to which the user gains access from our website.

The legal basis for temporary storage of the data and logfiles is Art. 6 (1) f GDPR with the legitimate interests stated above.

Temporary storage of the IP address by the system is necessary to make it possible to deliver the website to the user’s computer. To this end, the user’s IP address has to remain stored for the duration of the session.

Storage in logfiles safeguards the functionality of the website. Furthermore, the data enable us to optimise the website and to safeguard the security of our information technology systems. There is no marketing-related evaluation of the data in this context. These purposes also comprise our legitimate interest in the data processing. The data are erased as soon as they are no longer needed to fulfil the purpose of their collection. With regard to registering data for provision of the website, this is the case when the respective session has finished. We also reserve the right to check the data files if there is concrete evidence to justifiably suspect illegal use or a specific attack on the website. In this case, our legitimate interest consists in processing for the purposes of detection and criminal prosecution of such attacks and illegal use.

 

Use of Cookies

We use cookies on our website. Cookies are text files that are stored in the internet browser or by the internet browser on the user’s computer system. When a user visits a website, a cookie can be saved on the user’s operating system. This cookie contains a characteristic string for unequivocal identification of the browser at the next visit to the website. We use cookies to make our website more user-friendly. Some elements of our website make it necessary to be able to identify the visiting browser even after changing the page. Data are saved and transmitted in the cookies, including language settings, items in a shopping basket, log-in information, etc.

On some of our websites, we also use cookies to permit analysis of user surfing behaviour. This includes transmitting entered search terms, frequency of website visits, use of website functions, etc. The user data collected in this way are made pseudonymous by technical measures. It is therefore no longer possible to associate the data with the visiting user. The data are not stored together with other personal data of the users.

The legal basis for processing personal data with the use of cookies is Art. 6 (1) f GDPR. The legal basis for processing personal data with the use of cookies for analysis purposes after obtaining corresponding consent from the user is Art. 6 (1) a GDPR.

The purpose of using technically necessary cookies is to make it easier for the users to use websites. Some functions of our websites cannot be offered without the use of cookies. In this case it is necessary for the browser to be recognised even after changing page. We need cookies to provide shopping baskets, adopt language settings, remember search terms, etc. The purpose of using the analysis cookies is to improve the quality of our website and its contents. The analysis cookies let us know how the website is used so that we can constantly optimise our service. These purposes also comprise our legitimate interest in the data processing. On calling up our website, the user is informed about the use of cookies for purposes of analysis and his or her consent is obtained for processing the personal data used in this context. Reference to this data protection policy is also made at that point. Cookies are saved on the user’s computer and sent from the computer to our website. As user, you therefore have full control of the use of cookies. You can disable or restrict the transmission of cookies by changing the settings in your internet browser. Saved cookies can be erased at any time. This can also take place automatically. If cookies are disabled for our website, you may possibly no longer be able to make full use of all the website functions. You can manage cookies from some US companies via the US American website www.aboutads.info/choices/ or the EU website www.youronlinechoices.com/uk/your-ad-choices/.

 

Contents of External Providers

We use active JavaScript contents and fonts on our website that may also come from external providers such as Google. When you call up our website, these providers are possibly informed about your visit to our website, e.g. by transmitting your IP address. You can prevent such transmission by installing a JavaScript blocker such as the 'NoScript’ browser plug-in, or you can disable JavaScript in your browser. However, this may restrict the available functions.

Some of our websites also feature third-party contents, such as videos from YouTube, maps from Google Maps, images, texts and multi-media files, RSS feeds or other services from other websites. This always presumes that your IP address has been transmitted to the providers of these features. We cannot make any statement about the use of your data by these providers, nor do we have any influence on further processing. This applies in particular to whether the data will be used for other purposes, such as profiling. Please refer to the corresponding data protection information provided by the respective third-party providers.

Among others, you can prevent further tracking pixel monitoring by these providers if you turn off the acceptance for third-party provider cookies in your browser settings.

 

Contact Form and E-mail Contact

Our website has a contact form that can be used to contact us electronically. When a user makes use of this possibility, the data entered in the input mask are sent to and saved by us. In addition, the IP address, date and time are saved at the point in time of sending the message. Your consent is obtained for processing the data collected during this transmission, making reference to this data protection policy.

As an alternative, you can contact us using the provided e-mail address. In this case, we save the user’s personal data sent with the e-mail. The data are not forwarded to third parties in this context. The data are only used to process the conversation.

The legal basis for processing the data after the user has subscribed to the newsletter when consent has been given by the user is Art. 6 (1) a GDPR. The legal basis for processing data transmitted in the context of sending an e-mail is Art. 6 (1) f GDPR with the legitimate interests stated above. If the intention behind the e-mail contact is to conclude a contract, the legal basis for processing is Art. 6 (1) b GDPR. 

The processing of personal data from the input mask serves only to handle the contact process. In the event of contacting by e-mail, this also justifies the legitimate interest in processing the data. The personal data otherwise processed during transmission serve to prevent misuse of the contact form and to safeguard the security of our information technology systems.

The data are erased as soon as they are no longer needed to fulfil the purpose of their collection. With regard to the personal data from the contact form input mask and the personal data sent by e-mail, this is the case at the end of the respective conversation with the user. The conversation has come to an end when the circumstances show that the matter concerned has been conclusively resolved. The additional personal data collected during the transmission are erased at the latest after seven days.

The user can withdraw his or her consent to processing his or her personal data at any time. If the user contacts us per e-mail, he or she can object to the storage of his or her personal data at any time. In this case, the conversation cannot be continued.

 

Newsletter 

Our members can subscribe to a free newsletter. Our newsletters contain information about our services, campaigns, events, internal topics and topics in the fruit juice industry. On subscribing to the newsletter, data from the input mask are transmitted to us. The data are not forwarded to third parties in the context of processing the data for mailing newsletters. The data are only used for mailing the newsletter. The legal basis for processing the data after the user has subscribed to the newsletter when consent has been given by the user is Art. 6 (1) a GDPR and for mailing the newsletter for address data obtained by other means or following the sale of goods pursuant to §7 III German Fair Trade Act (UWG) or Art. 6 (1) f GDPR (mailing based on our legitimate business interest).

The user’s e-mail address is obtained in order to deliver the newsletter. The collection of other personal data in the framework of the subscription process serves to prevent misuse of the services or of the used e-mail address. The affected user can unsubscribe from the newsletter at any time. Every newsletter contains a corresponding link. This is also deemed as accepting a withdrawal of consent for mailing the newsletter.

Statistical evaluation of reading behaviour only takes place to the extent that it is possible to ascertain whether the recipient has opened the newsletter and clicked on the links. However, this is a function that we only use to check user activity in order to make corresponding improvements. To this end, the newsletter contains a so-called “web beacon” which is a one-pixel file called up by our server when the newsletter is opened. The web beacon is not personalised so that no personal data can be collected.

 

General Statements on Web Beacons / Tracking Pixels 

Web beacons are invisible one-pixel graphics. They are used by partner companies particularly for tracking a user across various web pages for profiling with regard to advertising that is targeted to the user. A pixel integrated in the website is loaded from the partner’s server on calling up the website. The partner thus receives your IP address together with information about your browser and its versions together with the browser plug-ins being used (browser fingerprint), as well as your operating system and network provider.

 

Special Data Protection Policy for Google Analytics

This website works with Google Analytics, a web analytics service provided by Google, Inc. ("Google"). Google Analytics uses so-called “cookies”, which are text files that are saved on your computer to help analyse how you use the website. The information generated by the cookie about your use of the website is usually transmitted to and stored by Google on servers in the United States.

If however the anonymous IP setting is enabled on this web-site, Google will truncate your IP address within Member States of the European Union or in other contracting parties to the Agreement on the European Economic Area. The full IP address is only transmitted in exceptional cases to a Google server in the USA and truncated there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on the website activities and providing other services for the website operator relating to website activity and internet usage.

Your IP address transmitted by your browser in the context of Google Analytics will not be associated with any other data held by Google. The legal basis for processing personal data of users is Art. 6 (1) f GDPR. We use Google Analytics to analyse the use of our website and to make regular improvements. The corresponding statistics let us improve our service and make the website more interesting for you as user. This website also uses Google Analytics for cross-device analysis of visitor flows based on a user ID. You can disable the cross-device analysis of your use in your customer account under “My data”, “Personal data”.

You may prevent the storage of cookies by selecting the appropriate settings on your browser: however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent registration of the data generated by the cookie regarding your use of the website (including your IP address) and the processing of such data by Google by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl.

This website uses Google Analytics with the "_anonymizeIp()” setting. As a result, the IP addresses are only used in a truncated version in order to eliminate direct reference to persons. Any personal reference to data collected about you is thus eliminated straight away and the personal data are erased immediately. For any exceptional cases where personal data have been transmitted to the USA, Google subscribes to the EU-US Privacy Shield, www.privacyshield.gov/EU-US-Framework.

Information about the third-party provider: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001. 

For further information about the conditions of use, data protection and data protection policy, please go to http://www.google.com/analytics/ or https://www.google.de/intl/de/policies/

 

Collecting Data During Registration and Registered Use

Our website offers the possibility of registration. The data collected in this way are used for the purposes of using the respective web pages and services, unless described otherwise with corresponding explicit consent during registration. The collected data result from the input mask in the context of registration. All other data which you can provide later on to complete your profile are optional and voluntary. After registration, we are allowed to inform you about relevant circumstances related to the service for which you have registered, using the stated e-mail address.

 

Data Transmission on the Internet

Data transmission on the internet is always associated with certain risks. No special encryption of data is implemented; in particular, messages using the contact form on our website and messages in the service chat are transmitted unencrypted.

Please bear this in mind when transmitting data. If you would like to communicate with us by means of encrypted e-mail, this is possible using SMIME encryption. Please inform us of your encryption request as we regularly send unencrypted communications due to the currently low market penetration of e-mail encryption methods.

 

Data Forwarding

If you inform us of personal data, these will only be forward to third parties where necessary to handle the contractual relationship or if forwarding is legitimated on another legal basis.

However, some of our services are provided with the assistance of service providers. We have selected these service providers carefully and taken corresponding measures to protect your personal data.

 

Storage Periods

The personal data of the data subjects are erased or blocked as soon as the storage purpose no longer applies. Storage can also take place when provided for by European or national legislation in European Union regulations, laws or other provisions to which the controller is subject. The data are also blocked or erased when a storage period prescribed by the stated standards expires, unless further storage of the data is necessary for concluding or fulfilling a contract.

 

Your Rights

You have the right

  • to demand confirmation from us as to whether or not personal data concerning you are being processed; if that is the case, you have the right to access to the personal data and the information detailed in Art. 15 GDPR.
  • to demand delivery of the personal data concerning you in the restrictions in Art. 20 GDPR in a commonly used electronic, machine-readable format. This also includes delivery (where possible) to another controller named directly by you.
  • to demand rectification of your data insofar as these are incorrect, inappropriate and/or incomplete. Rectification also includes completion by explanations or announcements.
  • to demand that we immediately erase personal data concerning you in the event that one of the reasons detailed in Art. 17 GDPR applies. Unfortunately, we are not allowed to erase data subject to a statutory storage period. If you want us never to collect your data or contact you again, we will store the corresponding contact data on a corresponding blacklist.
  • to withdraw every consent that you have given with effect for the future without resulting in any disadvantages for you.
  • to demand that we restrict processing where one of the prerequisites stated in Art. 18 GDPR applies.
  • to object at any time to the processing of personal data concerning you, on grounds relating to your particular situation. 
  • We shall then no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or which serve the establishment, exercise or defence of legal claims (Art. 21 GDPR).
  • to lodge a complaint with our Data Protection Officer at datenschutz@sgf.org or by post (see legal notice) without prejudice to any other administrative or judicial redress and when you are of the opinion that processing the personal data concerning you violates the GDPR. Complaints can also be addressed to a supervisory authority in the Member State of your place of abode, your workplace or the site of the alleged violation. The supervisory authority responsible for us is as follows: the State Officer for Data Protection and Freedom of Information Rhineland-Palatinate, https://www.datenschutz.rlp.de/de/startseite/.

 

If you have any questions or remarks about data protection (for example about accessing and updating your personal data), please contact us under the heading “Data Protection” at the e-mail address datenschutz@sgf.org or by post (see legal notice). 

© 2012 SGF International e.V., Am Hahnenbusch 14 b, 55268 Nieder-Olm, Deutschland