We are pleased that you are visiting our website. The protection and security of your personal information when using our website is very important to us. We would therefore like to inform you at this point which of your personal data we collect when you visit our website and for what purposes it is used.
This data protection declaration applies to the website of Coffein Compagnie GmbH & Co. KG, which can be reached under the domain www.coffein-compagnie.de as well as the various subdomains.
2. RESPONSIBLE PARTY (RESPONSIBLE PERSON)
for the processing of personal data within the meaning of the EU General Data Protection Regulation (DSGVO)
Caffeine Compagnie GmbH & Co. KG
Segelsbrück 7, D-28309 Bremen, Germany
Contact details: see imprint
3. DATA PROTECTION OFFICER
Ralf Lohmann – external and certified data protection officer – HUBIT data protection
4. GENERAL INFORMATION ON DATA PROTECTION
Data processing during website visits
When a website is called up, a large amount of data – including personal data – is automatically transmitted via the Internet. This is technically necessary for the website to function at all and to provide you with the best possible results.
Whenever you call up a website that loads an image from a server, streams a video or uses one of the many other transmission options, this is done by loading external plugins or scripts from your computer. This sends data to the server from which you retrieve the desired content. When you call up a website, your browser (e.g. Firefox, Internet Explorer, Edge, Opera, Safari) automatically sends certain information from your system. These data are for example:
The website from which a file (image, script, video or another website) is called up or in which the file is embedded (referer).
The operating system
The screen resolution
The keyboard layout (language)
The IP address from which the website or file was accessed
The name of the website or file accessed The timestamp (date and time) of the request
The name of the browser and its version
The amount of data transferred
The access status (file transferred, error code)
This data is logged by each server. The logging is done, for example, to
maintaining and checking IT security and IT operations (e.g. to detect hacker attacks)
statistical evaluation (of the use of the website)
improvement of the website
adapted output of the website or files so that they are (can be) displayed optimally on your terminal device.
No pseudonymisation or anonymisation is used for security protocols, as otherwise it would not be possible to draw conclusions about potential attackers. For other purposes, the evaluation of the data is usually anonymised and no profiling is carried out. Further information can be found in the further course of this data protection declaration.
The “data subject” (also referred to as “data subject”), is the person whose personal data is collected and processed. In the following, the “data subject” is also referred to as the “website visitor” or “user”.
INFORMATION ON DATA SUBJECT RIGHTS
Every data subject can assert his or her rights (data subject rights) against the data controller. This can be done by email, by post or by using a form provided. Telephone enquiries are also possible, but these are only accepted and not answered on the telephone. The data controller selects the medium (post, email, other media) and sends the data subject the response to their request via this medium. Replies to enquiries about data subjects’ rights are free of charge. A fee may be charged in the event of excessive accumulation of requests concerning data subjects’ rights. The reply shall be given within the statutory period of one month. The deadline may be extended in exceptional cases (e.g. due to a high number of requests or high complexity of the request). Reasons must be given for the extension of the deadline. The rights of the data subjects are listed below. Each enumeration is linked to detailed explanations on the pages of our data protection officer.
- Right of information
- Right of rectification
- Right of cancellation
- Restriction of processing
- Right to data portability
- Revocation of consent
- Right of objection
- Right of appeal
The data subject must authenticate him/herself to the data controller to ensure that he/she is authorised to exercise the data subject rights.
On the page of our data protection officer, you will find a form that you can use to exercise your data protection rights with us.
You have the option to delete cookies via the settings in your browser. On the page of our data protection officer you will find more information about cookies and how you can delete them.
Beschreibung der Cookies:
In the following, we inform you about the individual processing operations, the scope and purpose of the data processing, the legal basis, the obligation to provide your data and the respective storage period. An automated decision in individual cases, including profiling, does not take place.
Provision of the website
Forms are used on our website, which we describe below.
Type and scope of processing
We use JSDelivr CDN to properly provide the content of our website. JSDelivr CDN is a service provided by Prospect One which acts as a content delivery network (CDN) on our website.
A CDN helps to provide content from our online offering, in particular files such as graphics or scripts, more quickly using regionally or internationally distributed servers. When you access this content, you establish a connection to servers of Prospect One, Krolewska 65a, Krakow, Malopolskie 30-081, Poland, whereby your IP address and possibly browser data such as your user agent are transmitted. This data is processed solely for the above purposes and to maintain the security and functionality of JSDelivr CDN.
7. OTHER DATA PROCESSING
Via the archive function of external search engines, data can often still be retrieved even if the information has already been removed or changed from the above-mentioned internet offers. In such a case, you can assert your data subject rights [e.g. right to erasure (“right to be forgotten”) – Article 17 EU General Data Protection Regulation (EU GDPR)] with the search engine provider.