Data Security Statement

Extend

In general, we only collect data if it is necessay for providing a functioning website, appropriate contents and our services. Individual-related data is only collected with your consent. Exceptions may only be made in cases where it is technically not possible to get an approval upfront, or when permitted by law.

Retention periods

Unless indicated otherwise at the time of the collection of your personal data (e.g. within a form completed by you), we erase your personal data if the retention of that personal data is no longer necessary for the purposes for which they were collected or otherwise processed, or to comply with legal obligations (such as retention obligations under tax or commercial laws).

Legal basis

The legal basis for processing data about you is that such processing is necessary for the purposes of:

• Exercising our rights and performing our obligations in connection with any contract we make with you (Article 6 (1) (b) General Data Protection Regulation)
• Compliance with our own legal obligations (Article 6 (1) (c) General Data Protection Regulation)
• Legitimate interests pursued by us (Article 6 (1) (f) General Data Protection Regulation). The main legitimate interest is the the efficient performance or management of your use of our Service.

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.

We will let you know via email and/or a prominent notice on our Service, prior to the change becoming effective and update the “effective date” at the top of this Privacy Policy.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Our Service does not address anyone under the age of 18 (“Children”).

We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your Children has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.

Our offer includes links to external third party websites. We have no influence on the contents of those websites, therefore we cannot guarantee for those contents. Providers or administrators of linked websites are always responsible for their own contents.

The linked websites had been checked for possible violations of law at the time of the establishment of the link. Illegal contents were not detected at the time of the linking. A permanent monitoring of the contents of linked websites cannot be imposed without reasonable indications that there has been a violation of law. Illegal links will be removed immediately at the time we get knowledge of them.

Revocation of your consent to the processing of your data

Many data processing operations are only possible with your express consent. You may revoke your consent at any time with future effect. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.

Information, blocking, deletion

As permitted by law, you have the right to be provided at any time with information free of charge about any of your personal data that is stored as well as its origin, the recipient and the purpose for which it has been processed. You also have the right to have this data corrected, blocked or deleted. You can contact us at any time using the address given in our legal notice if you have further questions on the topic of personal data.

Data transfer

You also have the right to obtain data which we processed based on your consent or in fulfillment of a contract automatically delivered to yourself or to a third party in a standard, machine-readable format. If you require the direct transfer of data to another responsible party, this will only be done to the extent technically feasible.

File complaints with regulatory authorities

If there has been a breach of data protection legislation, the person affected may file a complaint with the competent regulatory authorities. The competent regulatory authority for matters related to data protection legislation is the data protection officer of the German state in which our company resides. A list of data protection officers and their contact details can be found at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html

The security of your data is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is completely secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.

This site uses SSL / TLS encryption for security reasons and for the protection of the transmission of confidential content, such as the inquiries you send to us. You can recognize an encrypted connection in your browser’s address line when it changes from “http://” to “https://” and/or a lock icon is displayed in your browser’s address bar.

Usage Data (Server log files)

We may collect information on how the Service is accessed and used (“Usage Data”). This Usage Data may include information such as your computer’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data. This data will not be combined with data from other sources.

The basis for data processing is Art. 6 (1) (b)
General Data Protection Regulation, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.

Tracking & Cookies Data

We use cookies and similar tracking technologies to track the activity on our Service and hold certain information.

Cookies are files with small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyze our Service.

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.

Examples of Cookies we use:

• Session Cookies. We use Session Cookies to operate our Service.
• Preference Cookies. We use Preference Cookies to remember your preferences and various settings.
• Security Cookies. We use Security Cookies for security purposes.

Cookies which are necessary to allow electronic communications or to provide certain functions you wish to use (such as a shopping cart) are stored pursuant to Art. 6 paragraph 1, letter f of General Data Protection Regulation. The website operator has a legitimate interest in the storage of cookies to ensure an optimized service provided free of technical errors. If other cookies (such as those used to analyze your surfing behavior) are also stored, they will be treated separately in this privacy policy.

Personal Data

While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you (“Personal Data”). Personally identifiable information may include, but is not limited to:

• Email address
• First name and last name
• Phone number
• Cookies and Usage Data

Contact form

When submitting a request through a contact form, we will collect the data entered on the form, including the contact details you provide, to answer your question and any follow-up questions. We do not share this information without your permission.

We will, therefore, process any data you enter onto the contact form only with your consent per Art. 6 (1)(a) General Data Protection Regulation. You may revoke your consent at any time. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.

Comments

For the comment function on this website, your comment as well as details provided at the time of commenting (i.e. your email address anddisplay name will be stored. Our comment function also stores IP addresses of users who post comments. We need access to this data in the case of violation of law, i.e. insults or propaganda.

Comments are submitted with your consent per Art. 6 (1)(a) General Data Protection Regulation. You may revoke your consent at any time. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.

General

Your information, including Personal Data, may be transferred to – and maintained on – computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.

If you are located outside Germany and choose to provide information to us, please note that we transfer the data, including Personal Data, to Germany and process it there.

Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.

Transmission of data on contract conclusion

We transmit personal data to third parties only if it necessary to fulfill the contract, e.g transmitting data to the shipping agent or to the commissioned credit institution in charge of the payment. There is no further transmission of data to third parties unless you have given your explicit permission.

Weingut Gebert may disclose your Personal Data in the good faith belief that such action is necessary to:

• To comply with a legal obligation
• To protect and defend the rights or property of Weingut Gebert
• To prevent or investigate possible wrongdoing in connection with the Service
• To protect the personal safety of users of the Service or the public
• To protect against legal liability

Some of our sites use the map service “Bing Maps” of the third party provider Microsoft, One Microsoft Way, Redmond, WA 98052-6399 USA. To use Google Maps, it is necessary to transmit your IP address to Microsoft. This information is generally transmitted to a server in the USA and stored there. The provider of this site has no influence on this data transfer. Further information about handling user data, can be found in the Bing Maps terms at : https://www.microsoft.com/maps/assets/docs/terms.aspx

The use of Bing Maps is in the interest of making our website appealing and to facilitate the location of places specified by us on the website. This constitutes a justified interest pursuant to Art. 6 (1) (f) General Data Protection Regulation .

Some of our sites use a service from to show ratings about our products. The supplier for these ratings is Vivino, 1 Sutter Street, Suite 500, San Francisco, CA 94104, USA („Vivino“).

To use this service, it is necessary to transmit your IP address to Vivino. This information is generally transmitted to a server in the USA and stored there. The provider of this site has no influence on this data transfer. Further information about handling user data, can be found in privacy policy of Vivino at https:////www.vivino.com/privacy/

The use of Vivino product ratings is in the interest of making our website appealing and to facilitate the comparability of our products. This constitutes a justified interest pursuant to Art. 6 (1) (f) General Data Protection Regulation .

Subscribing to our e-mail newsletter

If you subscribe to our e-mail newsletter, we will send you regular information about our offers. Mandatory information for sending the newsletter is only your e-mail address. The provision of further data is voluntary and will be used to address you personally. For sending the newsletter we use the so-called double opt-in procedure. This means that we will only send you an e-mail newsletter after you have expressly confirmed that you consent to receiving newsletters. We will then send you a confirmation email asking you to confirm that you wish to receive future newsletters by clicking on an appropriate link.

By activating the confirmation link, you give us your consent for the use of your personal data in accordance with Art. 6 para. 1 lit. a DSGVO. When you register for the newsletter, we store your IP address entered by your Internet service provider (ISP) as well as the date and time of registration in order to be able to trace any possible misuse of your e-mail address at a later date. The data collected by us when you register for the newsletter will be used exclusively for the purpose of addressing you in an advertising manner by way of the newsletter. You can unsubscribe from the newsletter at any time via the link provided for this purpose in the newsletter or by sending a corresponding message to the person responsible mentioned at the beginning. After unsubscribing, your e-mail address will be immediately deleted from our newsletter distribution list, unless you have expressly consented to further use of your data or we reserve the right to use data beyond this, which is permitted by law and about which we inform you in this statement.

Sending the e-mail newsletter to existing customers

If you have provided us with your e-mail address when purchasing goods or services, we reserve the right to regularly send you offers for similar goods or services, such as those already purchased, from our range by e-mail. In accordance with Section 7 (3) of the German Unfair Competition Act (UWG), we do not need to obtain your separate consent for this. In this respect, the data processing is carried out solely on the basis of our legitimate interest in personalized direct advertising in accordance with Art. 6 Para. 1 lit. f DSGVO. If you have initially objected to the use of your e-mail address for this purpose, no e-mails will be sent by us. You are entitled to object to the use of your e-mail address for the aforementioned advertising purpose at any time with effect for the future by notifying the responsible person named at the beginning. For this, you will only incur transmission costs according to the prime rates. After receipt of your objection, the use of your e-mail address for advertising purposes will cease immediately.

Newsletter dispatch via CleverReach

Our e-mail newsletters are sent via the technical service provider CleverReach GmbH & Co. KG, Mühlenstr. 43, 26180 Rastede (“CleverReach”), to whom we pass on the data you provided when registering for the newsletter. This transfer takes place in accordance with Art. 6 Para. 1 lit. f DSGVO and serves our legitimate interest in using an effective advertising, secure and user-friendly newsletter system. The data you enter for the purpose of receiving newsletters (e.g. email address) is stored on CleverReach’s servers in Germany or Ireland.
CleverReach uses this information to send and statistically evaluate the newsletters on our behalf. For the evaluation, the newsletters sent by e-mail contain so-called web beacons or tracking pixels, which are single-pixel image files stored on our website. This makes it possible to determine whether a newsletter message has been opened and which links, if any, have been clicked on. With the help of so-called conversion tracking, it can also be analyzed whether a predefined action (e.g. purchase of a product on our website) has taken place after clicking on such links. In addition, technical information is collected (e.g. time of retrieval, IP address, browser type and operating system). The data is collected exclusively pseudonymously and is not linked to your other personal data, a direct personal reference is excluded. This data is used exclusively for the statistical analysis of newsletter campaigns. The results of these analyses can be used to better adapt future newsletters to the interests of the recipients.
If you wish to object to the data analysis for statistical evaluation purposes, you must unsubscribe from the newsletter.
We have concluded an order processing agreement with CleverReach, with which we oblige CleverReach to protect our customers’ data and not to pass it on to third parties.
You can read more information about CleverReach’s data analysis here:
https://www.cleverreach.com/de/funktionen/reporting-und-tracking/
You can view CleverReach’s privacy policy here:
https://www.cleverreach.com/de/datenschutz/.