Data Privacy Policy

ZOTT SE & Co. KG („ZOTT“)

Georg-Zott-Straße 1

86690 Mertingen

If you have any questions about the processing of your personal data by us, please contact us in writing or by e-mail: datenschutz(at)zott.de

Personal data is processed as soon as you access the website. This happens automatically without you having to take any further action, such as filling in and sending a contact form.

These automated processing operations concern:

PROCESSING OF THE IP ADDRESS

1. Description and scope of data processing

When this page is accessed, requests are sent to the server, which it must respond to. For this purpose, your IP address must be collected and processed by the server so that the corresponding server requests can be answered.

2. Legal basis for data processing

The legal basis for the processing of this data is Art. 6 para. 1 lit. f) GDPR.

3. Purpose of the data processing

The purpose of processing your IP address is to establish and ensure the functionality of the website and to technically enable the website to be accessed.

4. Legitimate interest pursuant to Art. 6 para. 1 lit. f) GDPR

ZOTT has a legitimate interest considering the security of the website. The legitimate interest in the temporary storage of the IP address lies in the fact that the functionality and provision of the technical retrieval option of the website is not possible without this storage.

5. Duration of storage

The data will be deleted as soon as further storage is no longer necessary due to the fulfilment of the purpose. This is regularly the case after a period of 7 days.

6. Recipient of personal data

The IP address is processed by the following hosting provider on the basis of an order processing agreement in accordance with Art. 28 para. 2 - para. 4 GDPR:

• Medienpalast Allgäu GmbH & Co. KG, Memminger Straße 50, 87439 Kempten

7. Transfer to a third country

It is not intended to transfer the personal data to a third country or to an international organisation.

8. Necessity of the provision

The provision of the data is necessary because otherwise the website cannot be accessed.

9. Automated decision-making / profiling

No automated decision-making or profiling takes place.

PROCESSING OF SERVER LOG FILES

1. Description and scope of data processing

The IP addresses collected when this website is accessed are also stored in server log files in order to detect and rectify technical faults and/or attempts to manipulate or break into the server structure.

In addition, the hosting provider of this website automatically collects, stores and processes information in so-called server log files, which are automatically transmitted by your browser.

This information is

• Browser type and browser version

• Operating system used

• Referrer URL

• Host name of the accessing computer

• Time of the server request

However, this information is not merged with other data sources.

2. Legal basis for data processing

The legal basis for the processing of this data is Art. 6 para. 1 lit. f) GDPR.

3. Purpose of the data processing

The purpose of processing your IP address and the above information is to detect malfunctions and intrusion attempts. This serves the security structure of the website and the system integrity of the servers.

4. Legitimate interest pursuant to Art. 6 para. 1 lit. f) GDPR

ZOTT has a legitimate interest in the security of the website.

The legitimate interest in the processing of the IP address and the above information is the provision of a functional and uncompromised technical website environment.

5. Duration of storage

The data will be deleted within 7 days.

6. Recipient of personal data

The IP address and the above-mentioned information are processed by the following hosting provider on the basis of an order processing agreement in accordance with Art. 28 para. 2 - 4 GDPR:

• Medienpalast Allgäu GmbH & Co. KG, Memminger Straße 50, 87439 Kempten

7. Transfer to a third country

It is not intended to transfer the personal data to a third country or to an international organisation.

8. Necessity of the provision

The provision of the data is necessary because otherwise the website cannot be accessed.

9. Automated decision-making / profiling

No automated decision-making or profiling takes place.

USE OF COOKIES

1. Description and scope of data processing

Cookies are text files that are stored in the memory and/or on a data carrier of your device used to visit the website and that are processed by your Internet browser in accordance with the settings stored there.

2. Legal basis for data processing

The legal basis for the processing is Art. 6 para. 1 lit. f) GDPR.

3. Purpose of the data processing

The session cookie contains session information about the current website visit.

4. Legitimate interest according to Art. 6 para. 1 lit. f) GDPR

The session cookie used only contains technical data. The use of these cookies is necessary in order to provide the user with the functionality of our website that meets their expectations.

5. Duration of storage as well as objection and removal options

"Session cookies" are automatically deleted from your computer's browser cache/memory at the end of your website visit and/or when you close your browser, provided you have activated this functionality in your browser.

Please check the settings of your internet browser (e.g. Firefox, Internet Explorer, Edge, Chrome, Opera, Safari). Your internet browser also gives you the option of regulating the handling of cookies or deactivating them completely. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all the functions of the website to their full extent.

6. Transfer to a third country

It is not intended to transfer the personal data to a third country or to an international organisation.

7. Necessity of the provision

The provision of the data is necessary because otherwise the website cannot be accessed.

8. Automated decision-making / profiling

No automated decision-making or profiling takes place.

CLOUDFLARE

1. Description and scope of data processing

The website also uses the ‘Cloudflare’ service, a so-called content delivery network from the manufacturer Cloudflare Inc, 101 Townsend St. San Francisco, CA 94107, USA (‘Cloudflare’). With this service, larger media files in particular (e.g. graphics, page content or scripts) can be delivered through a network of regionally distributed servers connected via the Internet. This optimises the website and improves the loading speed in particular. It also increases the security of competitions (by eliminating bots).

2. Legal basis for data processing

The legal basis for this is Art. 6 para. 1 lit. f) GDPR. The legitimate interest is a secure and efficient provision and improvement of the stability and functionality of the website.

3. Purpose of the data processing

The use of Cloudflare serves the efficient design and security of the website.

4. Legitimate interest pursuant to Art. 6 para. 1 lit. f) GDPR

The use of Cloudflare ensures the secure and efficient provision of the website.

5. Duration of storage as well as objection and removal options

The IP address is processed via Cloudflare, but is only stored for 24 hours and then deleted.

6. Recipients of personal data

An order processing contract has been concluded with Cloudflare in accordance with Art. 28 GDPR (Data Processing Addendum, www.cloudflare.com/media/pdf/cloudflare-customer-dpa.pdf). Cloudflare undertakes to protect the personal data of website visitors and not to pass it on to third parties. In addition, the standard contractual clauses have also been concluded with Cloudflare.

7. Transfer to a third country

For the transfer of data from the EU to the USA, Cloudflare relies on so-called standard contractual clauses of the European Commission, which are intended to ensure compliance with the European level of data protection in the USA. Further information can be found in Cloudflare's privacy policy at: www.cloudflare.com/privacypolicy/.

8. Necessity of the provision

The provision of the data is necessary because otherwise the website cannot be accessed.

9. Automated decision-making / profiling

There is no automated decision-making or profiling.

Matomo

1. Description and scope of data processing

The website also uses the "MATOMO" service, software from the provider InnoCraft Ltd, 150 Willis St, 6011 Wellington, New Zealand. This service places a cookie on your computer with which your browser can be recognised.

The following data is processed:

• IP address of the user, shortened by the last two bytes (anonymised)

• Browser type and browser version

• Time spent on the website

• Referrer URL

• Time of the server enquiry

2. Legal basis for data processing

The legal basis for this is Art. 6 para. 1 lit. f) GDPR, ZOTT's legitimate interest in a secure and efficient analysis of user behaviour on the website.

3. Purpose of the data processing

The processing of personal data serves the purpose of analysing the surfing behaviour of users and obtaining information about the use of the individual components of the website. This enables us to constantly optimise the website and its user-friendliness.

4. Legitimate interest pursuant to Art. 6 para. 1 lit. f) GDPR

The use of Matomo guarantees secure and efficient user analyses. By anonymising the IP address, we take account of the user's interest in the protection of personal data. The data is not used to personally identify the user of the website and is not merged with other data.

5. Duration of storage as well as objection and removal options

The data will be deleted as soon as further storage is no longer necessary due to the fulfilment of the purpose.

6. Recipients of personal data

The data will not be passed on to third parties.

7. Automated decision-making / profiling

There is no automated decision-making or profiling.

Friendly Captcha

1. Description and scope of data processing

The website also uses the "Friendly Captcha" service, a software from the provider Friendly Captcha GmbH, Am Anger 3-5, 82237 Wörthsee, Germany. This is a data protection-friendly alternative to website protection against bots and spam. A unique crypto puzzle (puzzle request) is generated and as soon as the user starts to fill in a form, it is completed fully automatically. However, this process takes place in the background. As soon as the puzzle has been solved, a confirmation is sent to the server via Friendly Captcha that this is a natural person.

The following data is processed:

• Browser type and browser version

• The puzzle itself, which contains information about the account and the website key to which the puzzle relates

• Time of the server request

2. Legal basis for data processing

The legal basis for this is Art. 6 para. 1 lit. f) GDPR.

3. Purpose of the data processing

The purpose of processing personal data is to provide a secure website and also to protect it from bot attacks.

4. Legitimate interest pursuant to Art. 6 para. 1 lit. f) GDPR

ZOTT's legitimate interest lies in the secure and efficient provision of the website by protecting it from spam and attacks such as mass requests.

5. Duration of storage as well as objection and removal options

The data will not be stored.

6. Recipients of personal data

The data will not be passed on to third parties.

7. Automated decision-making / profiling

There is no automated decision-making or profiling.

If you take part in a competition, ZOTT will only collect the personal data required for the specific competition, in compliance with the principle of data minimisation. As this varies depending on the competition, the specific data can be found in the respective conditions of participation, which are available on the website in due course.

1. Description and scope of data processing

We use the Microsoft Teams service to provide a modern working environment and to enable audio and video conferences with participants.

Microsoft Teams is a platform that allows messages to be sent between users and meetings to be held via audio and video between users and invited participants. The service enables our employees to collaborate in real time both internally and with external dialogue partners from any location and at any time via PCs, mobile devices or video systems.

Documents can also be managed, transmitted and edited between users. The service is integrated into the Microsoft 365 Office suite with Microsoft Office. Other services from Microsoft and other companies and service providers can also be integrated and used.

Microsoft Teams is a web and cloud-based service.

In order to use the Microsoft Teams service, it is necessary to process personal data. Without this processing, neither the use of the service nor the transmission of sound and image recordings is possible.

When registering in the system, the following data of each user can be processed:

• Title if applicable, surname, first name, email address, telephone number

When using the service, the following personal user data may also be processed:

• IP address, browser information, geographical region, avatar (voluntary), photograph (voluntary), user information in the Active Directory (if synchronised), meeting and telephone recordings, uploaded files; chat messages

2. Legal basis for data processing

The legal basis for meeting and video or telephone recordings is Art. 6 para. 1 lit. f) GDPR, as the data processing is carried out to fulfil our legitimate interest. If the data processing is necessary for the conclusion and/or fulfilment of a contractual relationship, the legal basis for the processing is Art. 6 para. 1 lit. b) GDPR.

3. Purpose of the data processing

The processing of personal data serves the purpose of establishing contact and enabling an exchange with business partners, customers, applicants or interested parties by means of a modern web-based telephone and video conferencing system.

Depending on the intention and content of your enquiry, the purpose may also be the initiation and/or implementation of a contractual relationship, as well as the maintenance of the customer relationship.

4. Legitimate interest according to Art. 6 para. 1 lit. f) GDPR

The legitimate interest in data processing lies in the need to provide cross-location collaboration by means of a video conferencing system in order to meet the requirements of the mobile working world.

5. Duration of storage

The data will be deleted within 6 months after they are no longer required to fulfil the purpose for which they were collected or are not subject to any further statutory retention obligations (e.g. 10 years according to the German Fiscal Code (AO), 6 years according to the German Commercial Code (HGB)).

6. Recipients of personal data

Personal data will not be passed on to third parties.

7. Transfer to a third country

It is not intended to transfer the personal data to a third country or to an international organisation.

8. Necessity of the provision

It is also possible to contact us by telephone or post. This may entail restrictions, particularly with regard to response times.

9. Automated decision-making / profiling

There is no automated decision-making or profiling.

1. Description and scope of data processing

We regularly provide information about current vacancies in job adverts or on our website. You have the opportunity to apply for these positions. You can send us this application data either by post or by e-mail.

Data that you send us as part of the application process may include

• Name, address and contact details

• CV including all other details

• Personal cover letter

• Qualifications

• Interests

If you send us your data by e-mail, we also process your e-mail address, date and time as well as the content of the message. Depending on the content of your e-mail, the following personal data may also be processed:

- First name, surname, telephone number

The data will be used exclusively as part of the application process to decide on filling the position.

Applications are processed via our application management software. Applications received by post or e-mail are also transferred to the software and returned or deleted in the original document. Please also note the further data protection information on our careers page.

2. Legal basis for data processing

The legal basis for the processing of data as part of the application process is Art. 6 para. 1 lit. b) GDPR, § 26 para. 1 BDSG.

If you provide us with special categories of personal data as part of the application process, e.g. an existing severe disability or health data that are necessary for the assessment of your employability for a specific position, the processing of this data provided on your initiative is carried out in accordance with Art. 9 para. 2 lit. b), lit. h) GDPR, § 26 para. 3 BDSG.

3. Purpose of the data processing

The processing of personal data as part of the application process serves the sole purpose of personnel planning and the establishment of employment relationships.

4. Duration of storage

If an application is rejected, the data will be deleted within 6 months of the rejection. Data from successful applications are subject to the retention obligations arising from labour and social law regulations, the German Tax Code (AO) and the German Commercial Code (HGB). Unless you have given your consent, we will regularly delete your data six months after completion of the application process.

If your application is successful, your data may be used further as part of the recruitment process.

If you give us your consent to include you in our applicant pool, we will store your data for a period of 12 months.

5. Recipients of personal data

The applications are processed by the following service provider on the basis of an data processing agreement in accordance with Art. 28 para. 2 - para. 4 GDPR:

- d.vinci HR-Systems GmbH, Nagelsweg 37-39, 20097 Hamburg

6. Transfer to a third country

It is not intended to transfer the personal data to a third country or to an international organisation.

7. Necessity of the provision

It is necessary to provide the data, otherwise your application cannot be processed.

8. Automated decision-making / profiling

There is no automated decision-making or profiling.

1. Description and scope of data processing

We operate a company page on www.linkedIn.de. The technical platform of LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland, hereinafter referred to as "LinkedIn", is used for this purpose. The LinkedIn service "Page Analytics" is used in connection with the operation of the LinkedIn profile. This provides us with information about the use of our content. When you visit, follow or interact with our LinkedIn page, LinkedIn processes your personal data to provide us with anonymised statistics and insights. This information helps us to understand and improve the interactions on our site. LinkedIn processes data from your profile and information about your interaction with our site. However, we do not receive access to individual personal data, but only to aggregated insights.

Please note that the use of LinkedIn and its functions, such as sharing content, is your own responsibility. This applies in particular to interactive functions.

LinkedIn is primarily responsible for the processing of personal data when you use our LinkedIn page. Further information on data processing by LinkedIn can be found at https://www.linkedin.com/legal/privacy-policy.

2. Legal basis for data processing

The legal basis for the processing of data is Art. 6 para. 1 lit. f) GDPR.

3. Purpose of the data processing

The purpose of the processing is the public company presence and interaction with interested parties and potential applicants.

LinkedIn Insights support the targeted marketing of company activities. For example, this data makes it possible to recognise trends in the profiles of users who visit the site. This helps to provide more relevant content and develop features that are potentially of greater interest to users. The visitor statistics provided are always anonymised and there is no access to the underlying personal data.

In addition, the company profile is used to communicate with customers, interested parties and users and to provide information about our company and our products. In this context, we may receive additional information through user comments, private messages or through users who follow us or share our content. This information is processed solely for the purpose of communication and interaction.

If users respond to job advertisements via social media or send unsolicited applications, their personal data will be processed as part of the application process.

4. Legitimate interest according to Art. 6 para. 1 lit. f) GDPR

ZOTT has a legitimate interest in a comprehensive and informative corporate presence on LinkedIn. In addition, there is an interest in communicating and interacting with interested parties and potential applicants.

5. Duration of storage

Your personal data will be deleted if the personal data is no longer required to fulfil the purpose for which it was processed. This only applies if there is no statutory retention period.

6. Recipients of personal data and joint controllership

LinkedIn is responsible for enabling you to exercise your data protection rights in accordance with the GDPR. Requests can be made via www.linkedin.com/help/linkedin/ask/PPQ. You can contact LinkedIn Ireland's Data Protection Officer at www.linkedin.com/help/linkedin/ask/TSO-DPO. We are also available for enquiries about processing in the context of Page Insights and will forward them to LinkedIn if necessary.

We have concluded an agreement with LinkedIn regarding joint processing in accordance with Art. 26 GDPR. With this agreement, the operators recognise the joint responsibility under data protection law with regard to the Insights data described above and assume essential data protection obligations to inform data subjects, to ensure data security and to report data protection violations.

7. Transfer to a third country

Please note that LinkedIn may also process personal data in the USA or other third countries, whereby, according to LinkedIn, such transfers are only made to countries for which an adequacy decision has been made by the European Commission or on the basis of appropriate safeguards. Data is only transferred to systems outside the EU if the requirements of Art. 44 et seq. GDPR are complied with. You can find out more at: www.linkedin.com/help/linkedin/answer/62533.

The Irish Data Protection Commission is the lead supervisory authority for the supervision of Page Insights processing and there is always the right to lodge complaints there or with any other supervisory authority.

8. Automated decision-making / profiling

There is no automated decision-making or profiling.

1. Description and scope of data processing

ZOTT has established a whistleblower system. Reports can be submitted via our whistleblower system. Reports can be made anonymously. Our whistleblower system is managed by BDO Legal Rechtsanwaltsgesellschaft mbH. We therefore do not have access to incoming reports. We only become aware of the data contained in the reports when they are forwarded to us for follow-up action.

2. Legal basis for data processing

If the whistleblower provides their personal data voluntarily, the legal basis for processing in the context of follow-up measures is consent pursuant to Art. 6 para. 1 lit. a) GDPR.

Due to legal requirements, we are also obliged to obtain knowledge of possible misconduct by employees or contractual partners. The legal basis for data processing is therefore also § 10 HinSchG i.V.m. Art. 6 para. 1 lit. c) GDPR.

3. Purpose of the data processing

We process this data exclusively in the context of follow-up measures for further investigations of a valid report.

4. Duration of storage

Your personal data will be deleted if you have revoked your consent to processing or if the personal data is no longer required to fulfil the purpose for which it was processed. This only applies if there is no statutory retention period.

If and as soon as a notification proves to be unfounded, the personal data will therefore be deleted immediately. In the case of well-founded reports, the data will be deleted no later than two months after the investigation of the reported incident has been completed, unless further storage is necessary to clarify further legal steps (e.g. disciplinary measures, initiation of criminal proceedings).

5. Recipients of personal data

Personal data will not be passed on to third parties.

6. Transfer to a third country

It is not intended to transfer the personal data to a third country or to an international organisation.

7. Necessity of the provision

The provision of the data is necessary, otherwise it will not be possible to communicate with the consumer.

8. Automated decision-making / profiling

There is no automated decision-making or profiling.

1. Description and scope of data processing

MILK PRODUCER LOGIN

Milk producers can log in directly on the website. ZOTT uses the following data when you log in to the EIS services:

Data for current login (session): Producer number, language, login token (ID), login session (ID), time of login, last access, browser used, browser version, platform used (operating system), IP address.

Persistent data after login: creator number, time of login, login type (CMS (WordPress) or Sopra EIS services), context (login via website or app), blocking information in the event of too many failed login attempts.

The following cookies are also used:

• borlabs-cookie -> Saves the settings stored by the user with regard to the cookie banner

• WordPress cookies -> Technical cookies relating to the current session

  • wordpress_logged_in_*id*

  • wordpress_sec_*id*

   

• Sopra EIS services -> Technical cookies relating to the current session

  • CookieSessionClientNr

  • CookieSessionTimeout

  • CookieSessionToken

  • CookieUserLocation (Saves the last location used during login)

You have the option of preventing cookies from being stored on your end device by changing the settings in your browser accordingly.

RETAILER LOGIN

There is also a login option on the website for retailer to download promotional images of ZOTT products. You will then be redirected to the ZOTT retailer area. The following additional data will be processed if you use this service: Your first and last name, your e-mail address and your place of residence if you wish to register for the database.

Your personal data will be deleted if you have withdrawn your consent to the processing or if the storage of the personal data is no longer necessary for the fulfilment of the purpose pursued with the processing. Cookies are deleted depending on their function and the purpose for which they are used. 

Your name, surname, e-mail address and country of residence when you request registration will be deleted immediately if registration is refused. Data that we receive when you delete your account will be deleted immediately.

Data collected in connection with a contact will be deleted after three months.

2. Legal basis for data processing

The legal basis for the processing of this data is Art. 6 para. 1 lit. f) GDPR.

3. Purpose of the data processing

The purpose of the processing is to provide access to the login area.

4. Legitimate interest according to Art. 6 para. 1 lit. f) GDPR

ZOTT has a legitimate interest in ensuring that only those retailers who have been identified as such by ZOTT can log in and download advertising images. In addition, there is a legitimate interest in the secure provision of the image database.

5. Duration of storage

Your personal data will be deleted if the personal data is no longer required to fulfil the purpose for which it was processed. This only applies if there is no statutory retention period.

6. Recipients of personal data

Personal data will not be passed on to third parties.

7. Transfer to a third country

It is not intended to transfer the personal data to a third country or to an international organisation.

8. Necessity of the provision

The provision of the data is necessary, otherwise it will not be possible to log in.

9. Automated decision-making / profiling

There is no automated decision-making or profiling.

1. Description and scope of data processing

ZOTT uses the following categories of data when you contact us using the contact form provided on the website: First and last name, e-mail address and your request; if you provide us with your address, this will also be included.

We process the following personal data from you when you contact us via the complaint form: First and last name, address, email address and your request.

2. Legal basis for data processing

The legal basis for the processing of this data is Art. 6 para. 1 lit. a) and f) GDPR.

3. Purpose of the data processing

The purpose of the processing is to establish contact between ZOTT and the consumer or organizing and conducting the competition, considering complaints and delivering prizes to the winners. 

4. Legitimate interest according to Art. 6 para. 1 lit. f) GDPR

ZOTT has a legitimate interest in being able to contact the consumer.

5. Duration of storage

Data collected in connection with a contact will be deleted after six months or in the event of receiving a prize in a competition, after the expiry of the limitation period of claims.

6. Recipients of personal data

Personal data will not be passed on to third parties.

7. Transfer to a third country

It is not intended to transfer the personal data to a third country or to an international organisation.

8. Necessity of the provision

The provision of the data is necessary, otherwise it will not be possible to communicate with the consumer.

9. Automated decision-making / profiling

There is no automated decision-making or profiling.

1. Description and scope of data processing

If you send us an e-mail to info(at)zott.de and provide your contact details and the name of the medium you work for, we will add you to our press mailing list.

ZOTT uses the following categories of data when you contact us in this way: First name and surname, e-mail address.

2. Legal basis for data processing

The legal basis for the processing of this data is Art. 6 para. 1 lit. f) GDPR.

3. Purpose of the data processing

The purpose of the processing is the inclusion in our mailing list.

4. Legitimate interest according to Art. 6 para. 1 lit. f) GDPR

ZOTT has a legitimate interest in being able to contact journalists.

5. Duration of storage

Data collected in connection with a contact will be deleted after three months.

6. Recipients of personal data

Personal data will not be passed on to third parties.

7. Transfer to a third country

It is not intended to transfer the personal data to a third country or to an international organisation.

8. Necessity of the provision

The provision of the data is necessary, as otherwise the data subject cannot be included in the mailing list.

9. Automated decision-making / profiling

There is no automated decision-making or profiling.

If your personal data is processed, you are the data subject within the meaning of the General Data Protection Regulation. You therefore have the following rights.

To exercise your data subject rights against us, please contact the following email address: [email protected]

The data subject shall have the right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data and the information specified in Art. 15 GDPR.

The data subject has the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her and, where applicable, the completion of incomplete personal data (Art. 16 GDPR).

The data subject has the right to obtain from the controller the erasure of personal data concerning him or her without undue delay where one of the grounds listed in Art. 17 GDPR applies, e.g. if the data are no longer necessary in relation to the purposes for which they were collected.

The data subject has the right to request the controller to restrict the processing.

RIGHT TO OBJECT - ART. 21 GDPR

You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Article 6(1) GDPR, including profiling based on those provisions.

We will no longer process the personal data concerning you unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.

Where personal data are processed for direct marketing purposes, you have the right to object at any time to processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing.

If you object to processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes.

You have the option of exercising your right to object in connection with the use of information society services - notwithstanding Directive 2002/58/EC - by means of automated procedures that use technical specifications.

RIGHT TO REVOKE THE DECLARATION OF CONSENT UNDER DATA PROTECTION LAW

You have the right to withdraw your declaration of consent under data protection law at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

Without prejudice to any other administrative or judicial remedy, every data subject has the right to complain to a supervisory authority if the data subject considers that the processing of personal data relating to him or her infringes the GDPR (Art. 77 GDPR). The data subject may exercise this right before a supervisory authority in the Member State of his or her habitual residence, place of work or place of the alleged infringement.

This data protection notice is updated at regular intervals.