Diese Webseite verwendet Cookies, um das Nutzererlebnis zu verbessern.
Wenn Sie diese Webseite nutzen, akzeptieren Sie die Verwendung von Cookies.
This data protection declaration informs you about the means, extent and aims of our usage of specific individual data (short: data) within the scope of our online services and its connected websites, functions and contents as well as external online presences like for example our social media profile (in the following referred to collectively as ’online services’). As concerns the terminology used, such as ’personal data’ or their ’processing’, we refer to the original German definitions of article 4 of the DSGVO (general data protection regulation).
Name/Company: Uerige Obergärige Hausbrauerei GmbH
Street, no.: Berger Straße 1
Postal code, city, country: 40213 Düsseldorf, Germany
Trade register no.: Amtsgericht Düsseldorf HRB 17717
CEO: Dipl.-Ing. Michael Schnitzler
Phone: +49 211 86699-0
We generally do not process any special categories of data unless the user directly enters them for pro-cessing, such as on the contact form.
Categories of people involved in processing:
In the following, we will use the general term “user“ and “applicant“ for the respective people.
In accordance with article 13 DSGVO, we hereby inform you about the legal basis of our data pro-cessing. In cases where the legal basis is not specifically mentioned in the data protection declara-tion, the following applies: retrieving approval is legally based on art. 6 section 1 lit. a and art. 7 DSGVO; the processing needed to fulfill our obligations and services and to carry out all contractually required measures as well as to answer your requests is legally based on art. 6 section 1 lit. b DSGVO. Compliance with our legal obligations is legally based on art. 6 section 1 lit. c DSGVO; pro-cessing data needed to protect our justified claims is legally based on art. 6 section 1 lit. f DSGVO. In cases where the vital interests of a specific person or another natural person request the processing of individual personal data, the legal basis refers to art. 6 section 1 lit. d DSGVO.
We ask you to inform yourself regularly concerning the content of our data protection declaration. We adapt this data protection declaration as soon as changes are shown to be necessary due to the data processed by us. We will inform you as soon as these changes require an active involvement from you (f. ex. a consent) or in cases where individual contact is required.
3.1. In accordance with art. 32 DSGVO, we take appropriate technical and organizational measures to ensure a level of safety appropriate to the risk. We do this in accordance with the state of art of tech-nology, the costs of implementation, the nature, scope, circumstances, and purposes of the pro-cessing as well as regarding the various degrees of likelihood and the severity of the risk to the rights and freedoms of natural persons. These measures include, especially, ensuring the non-violation of confidence, the integrity and accessibility of data by controlling physical access to these data as well as their access, entering and sharing data, ensuring their accessibility and segregating them. We have furthermore taken measures to ensure the exercise of data subject rights, to guarantee the dele-tion of data and suitable steps regarding data compromise. We furthermore already take into account the protection of individual subject data during the development and selection of hardware, software as well as procedures, in accordance with the principle of data protection via technological design and via data protection friendly default settings (Art. 25 DSGVO).
3.2. Safety measures especially imply the encoded transmission of data between your browser and our server.
4.1. In those cases where we do disclose data to other persons and companies (data processing compa-nies or third parties) in the context of our own processing, where we transmit data to them or allow them any other kind of access to the data, this only happens on the basis of a legal permit (f. ex. if transmitting the data to a third party – like a payment service provider – is necessary in accordance with art. 6 par. 1 lit. b DSGVO in order to fulfill the contract), following your permission, if we are bound to do so by law, or on the basis of our justified claims (f. ex. when employing representatives, web hosts, etc.).
4.2. In those cases where we employ third parties to process data on the basis of a so-called “data pro-cessing contract”, we do so on the basis of art. 28 DSGVO.
If we process data from a third country (i.e. from outside of the European Union (EU) or the European Economic Area (EEA)), or if this happens in the context of using the services of third parties or in the process of disclosing or transmitting data to third parties, we only do so in order to fulfill our (pre-) contractual obligations, following your permission, if we are bound to do so by law, or on the basis of our justified claims. Once the legal or contractual permits have been obtained, we only process or let others process the data in a third country if the special prerequisites stated in art. 44 ff. DSGVO ap-ply. I.e., processing for example only takes place on the basis of special guarantees, such as the da-ta protection level being officially acknowledged as corresponding to EU laws (such as the “Privacy Shield“ in the USA) or if officially acknowledged special contractual obligations are being maintained (so-called “standard contract terms”).
6.1. You have the right to request a confirmation about whether specific data are being processed and a right to be informed about these data as well as further information and copy of the data, in accord-ance with art. 15 DSGVO.
6.2. In accordance with art. 16 DSGVO, you have the right to request that all data concerning you be ei-ther completed or corrected, should they be faulty.
6.3. In accordance with art. 17 DSGVO, you have the right to request that the respective data be deleted immediately or alternatively, in accordance with art. 18 DSGVO, you have the right to request a limita-tion of the usage of these data.
6.4. You have the right to request that the data you have provided us with be handed to you, in accord-ance with art. 20 DSGVO, or to request that we transmit these to other people in authority.
6.5. In accordance with art. 77 DSGVO, you have the right to issue a complaint with the respective con-trolling authority.
9.1. In accordance with art. 17 and 18 DSGVO, we delete or restrict the data we have processed. Unless explicitly stated otherwise in the context of this data protection declaration, the data we have saved will be deleted immediately as soon as they are no longer necessary for their intended purpose and if their deletion does not counter any legal storage obligation. In cases where the data are not entirely deleted because they are used for other, legally permitted means, their processing is restricted – this means the data are made inaccessible and are not processed for other ends. This applies f. ex. to da-ta that have to be kept for reasons concerning commercial law and taxation laws and regulations.
9.2. In accordance with the law, data is preserved for six years concerning § 257 section 1 HGB (trading books, inventories, opening balances, annual balance of accounts, trade communications, vouchers, etc.) and for ten years in accordance with § 147 section 1 AO (ledgers, notes, reports, receipts, communications with purveyors and customers, any material relevant for taxation, etc.).
10.1. In order to fulfill our contractual obligations and service activities, we process file data, contact details and data relating to contracts in accordance with art. 6 section 1 lit b. DSGVO. The details marked as mandatory in our booking and order forms are necessary for the contract to be completed.
10.2. In the context of booking requests, the above-named data are transmitted to a booking management system (CRM-System). This system is locally hosted on our server. The above-named data are thus only saved locally.
10.3. When it comes to selling our products via the website www.stickum.de, we do not use a separate CRM system. The data listed in section 10.1. are also saved on our locally hosted server.
10.4. In the context of using our contractually agreed services, we save the IP address and the date of the specific user action. Saving these data is done on the basis of our legitimate interests as well as those of the user concerning protection from misuse and other unauthorized usage. These data are categorically not passed on to third parties, unless this is required for us to pursue our claims, or un-less we find ourselves under the legal obligation to do so in accordance with art. 6 section 1 lit. c DSGVO.
10.5. The data mentioned in 10.1. are deleted once the warranty obligation period and other comparable obligations have expired; whether or not the data need to be saved any longer is regularly checked every three years. Where legal obligations force us to store data, these are deleted as soon as legally possible (after six years relating to commercial law and after ten years relating to tax laws).
11.1. We process file, contact and personal applicant’s data as well as further details concerning the candi-dates that are needed in the context of their application in accordance with art. 88 section 1 DSGVO i.V.m. § 26 Abs. 1 BDSG new.
11.2. In the case of an application, we store the above-mentioned data on our locally hosted server. We do not use a separate CRM system.
11.3. The data mentioned in 11.1. are deleted at the very latest six months after the application has been rejected. If an applicant is offered a position, we delete the data mentioned in 11.1. as soon as the employment relationship ends, unless legal retention periods require us to save them for longer.
12.1. When you contact us (via the contact form or via email), the file and contact data as well as further indications given that we need to process your requests are saved in accordance with art. 6 section 1 lit. b DSGVO. The details marked as mandatory in our contact forms are necessary for the request to be processed.
12.2. The above-mentioned data as well as further user details are saved on our locally hosted server. We do not use a separate CRM system.
12.3. In the context of your using our contact forms, we save the IP address and the date of the specific user action. Saving these data is done on the basis of our legitimate claims as well as those of the user concerning protection against misuse and other unauthorized usage. These data are categorically not passed on to third parties, unless this is required for us to pursue our claims, or unless we find ourselves under the legal obligation to do so in accordance with art. 6 section 1 lit. c DSGVO.
12.4. We delete your requests and contact details as soon as we no longer need them; whether or not the data need to be stored any longer is regularly checked every two years. Where legal obligations force us to archive data, these are deleted as soon as legally possible (after six years relating to commer-cial law and after ten years relating to tax laws).
13.1. On the basis of our justified claims, as stated in art. 6 section 1 lit. f. DSGVO, we collect data about every access to the server which hosts this service (so-called server log files). The access data con-sist of the name of the website you accessed, the file data, date and time of day when you ac-cessed, the amount of transferred data, notification about the successful access, browser type and version, the user’s operating system, referrer URL (the page you accessed previously), IP address, and the provider requesting access.
13.2. For security reasons (f. ex. to investigate acts of misuse or fraud), log file information is saved for a maximum of seven days and then deleted. When it is necessary that the data be kept as legal proof, they are exempt from deletion until the respective case has been closed definitely.
14.1. We are actively present online in social media platforms in order to communicate with the customers, interested parties, and users who are active there, and to inform them about our services. When you access the respective networks and platforms, the terms and conditions as well as the data pro-cessing regulations of the respective operators of the site apply.
14.2. Unless stated otherwise in the context of our data protection declaration, we process the data of users if they communicate with us via these social media and social media platforms, for example if they write comments on sites where we are present or if they send us messages.
15.1. Within our online services and on the basis of our legitimate interests (i.e., the claim to analyze, opti-mize and economically run our online services in accordance with art. 6 section 1 lit. f. DSGVO), we use content- and service-related offers by third-party suppliers in order to integrate their contents and services, f. ex. videos or font types (in the following termed “contents”). This always implies the re-quirement of the third parties offering these contents to be allowed to distinguish the users’ IP ad-dress because they would not be able to send any contents to their browsers without the IP address. In other words, the IP address is required so they can realize these contents. We take great care to only use such contents where the respective third parties only use the IP address to deliver the re-quired contents. Furthermore, third party suppliers are allowed to use so-called pixel tags (invisible graphics, also known as "Web Beacons") for statistical or marketing-related reasons. Pixel tags are used to process information such as the frequency of visitor traffic on the pages of a specific web-site. This information, which is pseudonymous, can furthermore be stored on the users’ devices via cookies and can also contain technological information about the browser and operating system, ref-erencing websites, times of access as well as further indications concerning the usage of our online services and can also be combined with similar information garnered from other sources.
15.2. The list below offers you an overview of the third-party suppliers and their services and contents as well as the direct links to their respective data protection declarations, which contain further infor-mation concerning the processing of data and your rights (so-called opt-outs), even though some of them might already be mentioned here:
16.1. The online shop BIER & BIER Genuss GmbH (“operator“), Neuschmied 42, 83246 Unterwössen, Germany, also markets our products in their own name and for their own account. We have integrated a link to their online shop on our website www.Uerige.de. In the context of establishing this connec-tion, it is necessary that the operator acknowledge the users’ IP address because he could not send any online service offers to their browsers without the IP address, which hence is required for the re-alization of the online services.
16.2. The operator is responsible for the processing of the data in the context of the services offered online. The aims and extent of the data collection and the further processing and usage of the data by the operator as well as related rights and setting options to protect the users’ private sphere can be found in the data protection declaration issued by the operator at http://www.biershop-braugasthoefe.de/datenschutz/.