DATA PROTECTION POLICY

SECTION 1 INFORMATION ON THE CONTROLLER AND THE DATA PROTECTION OFFICER

(1) The information contained herein describes our policy regarding personal data that are collected when you use the webpage www.bgactivitytoolbox.com. Personal data”means any data that can be related to you personally, such as your name, address, email addresses, or your behaviour as a web page user.

(2) The entity legally responsible for data protection is DANNEMANN EL NOBLE CIGARRO GmbH, Rahdener Strasse 147, 32312 Lübbecke.

(3) The contact information for the data protection officer at DANNEMANN EL NOBLE CIGARRO GmbH is as follows: datenschutz@dannemann.com.

SECTION 2 INFORMATION ABOUT THE PURPOSES FOR WHICH DATA ARE PROCESSED AND THE RECIPIENTS OF PERSONAL DATA

a) When our website is used for purely informational purposes (i.e. if you do not log in, register, or otherwise provide information to use the website) we do not collect any personal data with the exception of the data that your browser transfers to enable you to visit the website. These data comprise:
IP address
Date and time of the query
Content of the request (specific page)
Access status/HTTP status code
Volume of data transferred in each instance
Website from which the request is received
Your browser
Your operating system and its user interface
Language and version of your browser software.

The server log files with the data specified above are automatically deleted after 30 days. We reserve the right to store the server log files for longer in the event of circumstances that give rise to suspicion of unauthorised access (such as an attempt at hacking or a DOS attack).

In addition, cookies are stored on your computer when you use this website. Cookies are small text files that are stored on your hard drive in such a way that they are allocated to the browser you use, and through which the body that sets a cookie (so in this case, us) receives certain information. Cookies are not able to execute any programs or transfer viruses to your computer. They are used to make the website more user friendly and more effective overall. We use cookies to enable us to identify you the next time you visit the site, provided that you have an account with us. Otherwise, you would need to log in again for each visit.

This website uses cookies to the following extent: Transient cookies (temporary use). Transient cookies are deleted automatically when you close the browser. In particular, this includes session cookies. These save what is referred to as a session ID, via which various requests from your browser can be allocated to the shared session. This enables your computer to be recognised again when you return to the website. Session cookies are deleted when you log out or close the browser.

This stored information is stored separately from any other information you may have given us. In particular, the data from cookies are not linked with your other data.

The data are processed based on point (f) of Article 6(1) of the General Data Protection Regulation (GDPR). Our interest in the statistical evaluation of visits to our platform overrides the interests of users whose IP address is time-limited and processed without being allocated to a certain person.

b) Collection of personal data when using the website (login)
The use of the website www.bgactivitytoolbox.com is restricted to defined users from Burger Group companies with the appropriate access authorization. As part of using the access (login) the following personal data is processed: first name, last name, e-mail address, telephone number, position in the company, company name and country.
These data are used for the use of the website, the possible exchange between the users of the website and for the related technical administration. A disclosure to third parties does not occur. Providing personal data that goes beyond the aforementioned personal data is voluntary.
In addition to the rights set out in Section 4, you have the right to revoke your consent to the use of the information you have voluntarily provided at any time with effect for the future. In this case, the corresponding personal data will be deleted.

c) Disclosure to third parties
For order processing purposes we disclose your personal data to the following recipients:
Epunks GmbH, proprietors Boris Römer, Mark Heuermann, Meller Strasse 2, 33613 Bielefeld
Service: IT support

SECTION 3 DURATION OF STORAGE

We retain your personal data in all instances only for as long as necessary for the purposes for which it has been collected pursuant to this Data Protection Policy. However, it may be that we are legally required to store certain data over a longer period of time. In this case, we ensure that your personal data are treated confidentially beyond the entire timeframe pursuant to this Data Protection Policy.

SECTION 4 YOUR RIGHTS

(1) You have the right to request from us – at any time and free of charge – access to the personal data we have stored concerning you, as well as its origin, the recipients or categories of recipients to whom these personal data are transferred, and the purpose of storage.

(2) In addition, you have the right at any time to request that we rectify, erase or restrict the processing of your personal data. You also have the right to data portability.

(3) You also have the right to object to our processing of your personal data at any time.

(4) If you have provided us with your consent to use personal data, you may withdraw this consent at any time without stating grounds.

(5) If you would like to assert the rights stated above, please send an email to datenschutz@dannemann.com or write to the address stated under Section 1 Para. 2.

(6) You have the right also to file with your competent regulatory authority at any time a grievance against particular instances of data processing: Landesbeauftragte für Datenschutz und Informationsfreiheit [State Commissioner for Data Protection and Freedom of Information] North Rhine-Westphalia, Postfach 20 04 44, 40102 Düsseldorf, Tel: 0211/38420-0, Fax: 0211/38424-10, email: poststelle@ldi.nrw.de.

SECTION 5 DATA SECURITY

We maintain current technical measures to guarantee data security, and in particular to protect your personal data against risks in the event of data transfers as well as against it becoming known to third parties. These are appropriately adapted to the current state of technological development in each case.

SECTION 6 USE OF ADOBE TYPEKIT

We use Adobe Typekit for the visual design of our website. Typekit is a service of Adobe Systems Software Ireland Ltd. (“Adobe”) that gives us access to a font library. To incorporate the fonts we use, your browser must establish a connection with an Adobe server in the U.S.A. and download the font needed for our website. Adobe thereby receives the information that our website was accessed from your IP address. Further information about Adobe Typekit may be found in the data protection notice pertaining to Adobe Typekit, which you can access here: www.adobe.com/privacy/typekit.html.

SECTION 7 PUSH NOTIFICATIONS

You can sign up to receive our push notifications. To send our push notifications, we use the "CleverPush" shipping service, which is provided by CleverPush UG (limited liability), Tondernstr. 1, 22049 Hamburg (“CleverPush”). To register, you must confirm your browser's request to receive notifications. This process is documented and saved by CleverPush. This includes storing the time of registration and your browser ID or your device ID. The collection of this data is necessary so that we can understand the processes in the event of misuse and therefore serves our legal protection. In order to be able to show you the push notifications, CleverPush collects and processes your browser ID and, in the case of mobile access, your device ID on our behalf. By subscribing to our push notifications, you agree to receive them. The legal basis for the processing of your data after registering for our push notifications is Article 6(1)(a) GDPR if you have given your consent. CleverPush also statistically evaluates our push notifications. CleverPush can thus recognize whether and when our push notifications were displayed and clicked on by you. You can revoke your consent to the storage and use of your personal data to receive our push notifications and the statistical survey described above at any time with effect for the future. For the purpose of revoking your consent, you can change the setting provided for receiving push notifications in your browser. If you use our push notifications on a desktop PC with the "Windows" operating system, you can also unsubscribe from our push notifications by right-clicking on the respective push notification in the settings that appear there. Your data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. Your data will therefore be stored for as long as the subscription to our push notifications is active. The cancellation process is explained in detail under the following link: https://cleverpush.com/faq.

SECTION 8 AMENDMENT

We will also adapt our Data Protection Policy on an ongoing basis in the context of the further technical development of our service offering as well as the legal framework. Amendments to the Data Protection Policy will be published to this end. For this reason we recommend that you read the current version of this Data Protection Policy on a regular basis at www.bgactivitytoolbox.com. Subject to applicable legal specifications, all amendments to the Data Protection Policy come into effect as soon as the updated Data Protection Policy is published. If we have already collected data concerning you and/or we are subject to a legal obligation to inform, we will also inform you of material amendments to our Data Protection Policy and ask for your approval should this be legally required.