PRIVACY POLICY

Data protection declaration
Unless stated otherwise below, the provision of your personal data is neither legally nor contractually obligatory, nor required for conclusion of a contract. You are not obliged to provide your data. Not providing it will have no consequences. This only applies as long as the processing procedures below do not state otherwise.
"Personal data" is any information relating to an identified or identifiable natural person.


Information about the responsible party (referred to as the "controller" in the GDPR)
The data processing controller on this website is:
Heinerle - Berggold Schokoladen GmbH
Raniser Str. 11
07381 Pössneck
Deutschland
Phone: 03647 530
E-mail: info@heinerle-berggold.de
The controller is the natural person or legal entity that single-handedly or jointly with others makes decisions as to the purposes of and resources for the processing of personal data (e.g. names, e-mail addresses, etc.).


SSL and/or TLS encryption
For security reasons and to protect the transmission of confidential content, such as purchase orders or inquiries you submit to us as the website operator, this website uses either an SSL or a TLS encryption programme. You can recognise an encrypted connection by checking whether the address line of the browser switches from "http://" to "https://" and also by the appearance of the lock icon in the browser line.
If the SSL or TLS encryption is activated, data you transmit to us cannot be read by third parties.


Server log files
You can use our websites without submitting personal data. Every time you access our website, user data is transmitted by your internet browser and stored in protocol files (server log files). This stored data includes e.g. name of the site called up, date and time of the request, amount of data transferred and the provider making the request. This data serves exclusively to ensure smooth operation of our website and to improve our offering. It is not possible to assign this data to a particular person.


Collection and processing when using the contact form
When you use the contact form we will only collect your personal data (name, email address, message text) in the scope provided by you. The data processing is for the purpose of making contact. By submitting your message you agree to the processing of your transmitted data. Processing will be carried out on the basis of art. 6 (1) lit. a GDPR with your consent.You can withdraw your consent at any time by contacting us without affecting the legality of the processing carried out with your consent up to the withdrawal. We will only use your email address to process your request. Finally your data will be deleted, unless you have agreed to further processing and use.


Customer account
When you open a customer account, we will collect your personal data in the scope given there. The data processing is for the purpose of improving your shopping experience and simplifying order processing. The processing will be carried out on the basis of art. 6 (1) lit. a GDPR with your consent. You can withdraw your consent at any time by contacting us without affecting the legality of the processing carried out with your consent up to the withdrawal. Your customer account will then be deleted.


Collection, processing, and use of personal data in orders
When you submit an order, we only collect and use your personal data where this is necessary for the fulfilment and handling of your requests. The provision of data is necessary for conclusion of a contract. Failure to provide it will prevent the conclusion of any contract. The processing will occur on the basis of art. 6 (1) lit. b GDPR and is required for the fulfilment of a contract with you. We will not forward your data to third parties without your explicit consent. This only excludes our service partners which we require in order to handle the contractual relationship or service providers we use to process an order. Along with the recipients named in the clauses of this data protection declaration, these may be recipients in the following categories: Shipping providers, payment service providers, merchandise management service providers, service providers for order processing, web hosts, IT service providers and dropshipping dealers. We will comply strictly with legal requirements in every case. The scope of data transmission is restricted to a minimum.


Encrypted payment transactions on this website
If you are under an obligation to share your payment information (e.g. account number if you give us the authority to debit your bank account) with us after you have entered into a fee-based contract with us, this information is required to process payments.
Payment transactions using common modes of paying (Visa/MasterCard, debit to your bank account) are processed exclusively via encrypted SSL or TLS connections. You can recognise an encrypted connection by checking whether the address line of the browser switches from "http://" to "https://" and also by the appearance of the lock icon in the browser line.
If the communication with us is encrypted, third parties will not be able to read the payment information you share with us.


Using PayPal
Among other options, we offer payment via PayPal on our website. The provider of this payment processing service is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter referred to as "PayPal").
If you choose payment via PayPal, we will share the payment information you enter with PayPal.
The legal basis for the sharing of your data with PayPal is Art. 6 Sect. 1 lit. a GDPR (consent) as well as Art. 6 Sect. 1 lit. b GDPR (processing for the fulfilment of a contract). You have the option to at any time revoke your consent to the processing of your data. Such a revocation shall not have any impact on the effectiveness of data processing transactions that occurred in the past.


Instant transfer Sofort
Among other options, we offer the payment service called "instant transfer Sofort" on our website. The provider of this payment option is the Sofort GmbH, Theresienhöhe 12, 80339 München, Germany (hereinafter referred to as "Sofort GmbH").
With the assistance of the "instant transfer Sofort" tool, we receive a payment confirmation from the Sofort GmbH in real time, which allows us to instantly start to fulfil our obligations to you.
When you choose the "instant transfer Sofort" payment option, you must send a PIN and a valid TAN to the Sofort GmbH, which allows the company to log into your online banking account. Upon logging in, the Sofort GmbH will verify your account balance and will execute the bank transfer to us with the assistance of the TAN you provided. Subsequently, the company sends us an immediate transaction confirmation. After Sofort GmbH has logged in, the system will also automatically verify your revenues and check the credit limit of your pre-approved overdraft credit line and the existence of other accounts along with their balances.
Along with the PIN and TAN numbers, the system also transfers the payment information you entered along with personal data to the Sofort GmbH. Your personal data comprise your first and last name, address, phone number(s), e-mail address, IP address as well as any other data required for the processing of the payment transaction. This data must be transferred in order to be able to determine your identity with absolute certainty and to prevent attempts to commit fraud.

The legal basis for the sharing of your information with the Sofort GmbH is Art. 6 Sect. 1 lit. a GDPR (consent) as well as Art. 6 Sect. 1 lit. b GDPR (processing for fulfilment of a contract). You have the option to at any time revoke your consent to the processing of your data. Such a revocation shall not have any impact on the effectiveness of data processing transactions that occurred in the past.
For details on payments made with the instant transfer option, please follow these links: https://www.sofort.de/datenschutz.html and https://www.klarna.com/sofort/.


Newsletter data
If you would like to subscribe to the newsletter offered on this website, we will need from you an e-mail address as well as information that allow us to verify that you are the owner of the e-mail address provided and consent to the receipt of the newsletter. No further data shall be collected or shall be collected only on a voluntary basis. We shall use such data only for the sending of the requested information and shall not share such data with any third parties.
The processing of the information entered into the newsletter subscription form shall occur exclusively on the basis of your consent (Art. 6 Sect. 1 lit. a GDPR). You may revoke the consent you have given to the archiving of data, the e-mail address and the use of this information for the sending of the newsletter at any time, for instance by clicking on the "Unsubscribe" link in the newsletter. This shall be without prejudice to the lawfulness of any data processing transactions that have taken place to date.

The data you archive with us for the purpose of the newsletter subscription shall be archived by us until you unsubscribe from the newsletter. Once you cancel your subscription to the newsletter, the data shall be deleted. This shall not affect data we have been archiving for other purposes.


CleverReach
This website uses CleverReach for the sending of newsletters. The provider is the CleverReach GmbH & Co. KG, Mühlenstr. 43, 26180 Rastede, Germany. CleverReach is a service that can be used to organize and analyse the sending of newsletters. The data you have entered for the purpose of subscribing to our newsletter (e.g. e-mail address) are stored on servers of CleverReach in Germany or in Ireland.
Newsletters we send out via CleverReach allow us to analyse the user patterns of our newsletter recipients. Among other things, in conjunction with this, it is possible how many recipients actually opened the newsletter e-mail and how often which link inside the newsletter has been clicked. With the assistance of a tool called Conversion Tracking, we can also determine whether an action that has been predefined in the newsletter actually occurred after the link was clicked (e.g. purchase of a product on our website). For more information on the data analysis services by CleverReach newsletters, please go to: https://www.cleverreach.com/en/features/reporting-tracking/.

The data is processed based on your consent (Art. 6 Sect. 1 lit. a GDPR). You may revoke any consent you have given at any time by unsubscribing from the newsletter. This shall be without prejudice to the lawfulness of any data processing transactions that have taken place prior to your revocation.
If you do not want to permit an analysis by CleverReach, you must unsubscribe from the newsletter. We provide a link for you to do this in every newsletter message. Moreover, you can also unsubscribe from the newsletter right on the website.

The data you archive with us for the purpose of the newsletter subscription shall be archived by us until you unsubscribe from the newsletter. Once you cancel your subscription to the newsletter, the data shall be deleted from our servers as well as those of CleverReach. This shall not affect data we have been archiving for other purposes.

For more details, please consult the Data Protection Provisions of CleverReach at: https://www.cleverreach.com/en/privacy-policy/.
Execution of a contract data processing agreement
We have entered into a contract data processing agreement with CleverReach and implement the strict provisions of the German data protection agencies to the fullest when using CleverReach.


Cookies
Our website uses cookies. Cookies are small text files which are saved in a user's internet browser or by the user's internet browser on their computer system. When a user calls up a website, a cookie may be saved on the user's operating system. This cookie contains a characteristic character string which allows the browser to be clearly identified when the website is called up again. We use cookies to make our offering more user-friendly, effective and secure. Cookies also allow our systems to recognise your browser after a page change and to offer you services. Some functions of our website cannot be offered without the use of cookies. These services require the browser to be recognised again after a page change.

Our website also uses cookies to allow us to analyse the surfing behaviour of visitors to our website.

We also use cookies to address visitors to other websites with targeted marketing relating to their interests.

Processing is carried out on the basis of § 15 (3) TMG (Telemedia Act) as well as art. 6 (1) lit. f GDPR due to our justified interest in the purposes above.
The data collected in this way is pseudonymised using technological measures. It is therefore not possible to connect the data to your person. The data will not be stored together with other personal data pertaining to you. You have the right to veto this processing of your personal data according to art. 6 (1) lit. f GDPR by contacting us, for reasons relating to your personal situation. Cookies will be stored on your computer. You therefore have full control over the use of cookies. By choosing corresponding technical settings in your internet browser, you can prevent the storage of cookies and transmission of the data they contain. Cookies which have already been saved may be deleted at any time. We would, however, like to point out that this may prevent you from making full use of all the functions of this website.

Using the links below, you can find out how to manage cookies (or deactivate them, among other things) in major browsers:
Chrome Browser: https://support.google.com/accounts/answer/61416?hl=en
Internet Explorer: https://support.microsoft.com/en-us/help/17442/windows-internet-explorer-delete-manage-cookies
Mozilla Firefox: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
Safari: https://support.apple.com/guide/safari/manage-cookies-and-website-data-sfri11471/mac


Use of Google Analytics
Our website uses the web analysis service Google Analytics by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google"). The processing of data serves to analyse this website and its visitors. Google will use this information on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activity and to provide other services to the website operator relating to website and internet use. The IP address communicated by your browser as part of Google Analytics is not associated with any other data held by Google. Google Analytics uses cookies, which make it possible to analyse your use of the website. The information generated by the cookie regarding your use of this website is usually transferred to a Google server in the USA and stored there. IP anonymisation is activated on this website. Google uses this to shorten your IP address beforehand within Member States of the European Union or in other signatories to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. Your data may be transmitted to the USA. Transmission of data to the USA is covered by an adequacy decision by the European Commission. Processing is carried out on the basis of art. 6 (1) lit. f GDPR due to our justified interest in needs-based and targeted design of the website. You have the right to veto this processing of your personal data according to art. 6 (1) lit. f GDPR by contacting us, for reasons relating to your personal situation. You can prevent the storage of cookies by choosing corresponding technical settings in your internet browser; we would, however, like to point out that this may prevent you from making full use of all the functions of this website. You can also prevent collection of the data (including your IP address) generated by the cookies and related to your use of the website by Google as well as the processing of this data by Google by downloading and installing the browser plug-in available at the following link [https://tools.google.com/dlpage/gaoptout?hl=en]. You can set an opt-out cookie to prevent collection by Google Analytics across devices. Opt-out cookies prevent the future collection of your data when you visit this website. You need to opt-out on all systems and devices in use for this to work comprehensively. If you click here, the opt-out cookie is set: Disable Google Analytics.

You can find more detailed information on the terms and conditions of use and data protection at https://www.google.com/analytics/terms/ and at https://policies.google.com/?hl=en.


Use of Google Adwords conversion tracking
Our website uses the online marketing programme "Google AdWords", including conversion tracking. Google conversion tracking is a service operated by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google"). If you click on adverts placed by Google, a cookie is placed on your computer for conversion tracking. These cookies have limited validity, do not contain any personal data and thus cannot be used for personal identification. If you visit certain pages on our website and the cookie has not yet expired, we and Google can recognise that you have clicked on the advert and were forwarded to this page. Every Google AdWords customer receives a separate cookie. Therefore, it is not possible to track cookies relating to the websites of AdWords customers. The information collected using the conversion cookie serves the purpose of producing conversion statistics. This allows us to find out the total number of users who have clicked on our adverts and were forwarded to a page equipped with a conversion tracking tag. However, they do not receive any information with which could be used to personally identify users. Processing is carried out on the basis of art. 6 (1) lit. f GDPR due to our justified interest in targeted marketing and analysis of the effectiveness and efficiency of this marketing.

You have the right to veto this processing of your personal data according to art. 6 (1) lit. f GDPR by contacting us, for reasons relating to your personal situation. You can prevent the storage of cookies by choosing corresponding technical settings in your internet browser. We would, however, like to point out that this may prevent you from making full use of all the functions of this website. You will then not be included in the conversion tracking statistics.You can also deactivate personalised advertising in Google's advertising settings. You can find an introduction to this at https://support.google.com/ads/answer/2662922 You can also deactivate the use of cookies by third parties by calling up the Network Advertising Initiative deactivation page at https://www.networkadvertising.org/choices/ and following the opt-out instructions.
You will find more information as well as Google's data protection declaration at: https://www.google.de/policies/privacy/

Use of social plug-ins via "Shariff"
Our website uses social network plug-ins. We use data protection-compliant "Shariff" buttons to ensure that you retain control over your data.No connection is made to the social network servers and no data submitted without your explicit consent. "Shariff" was developed by specialists at the computer magazine c't. It enables more personal privacy in the network and replaces the usual social network "share" buttons. You can find more information on the Shariff project here https://www.heise.de/ct/artikel/Shariff-Social-Media-Buttons-mit-Datenschutz-2467514.html.
When you click the buttons a pop-up window appears, allowing you to log on with the relevant provider using your data. It is only after you actively login that a direct connection to the social network is set up. By logging in, you give your permission for the transfer of your data to the respective social media provider. At this time, information such as your IP address and which websites you have visited is transmitted. Should you be connected simultaneously with one or more of your social network accounts, the information collected is also assigned to your corresponding profiles. Therefore, you can only prevent this assignment by logging yourself out before visiting our website and before activating the button for your social media accounts. The social networks listed below are integrated with the "Shariff" function. You can find more detailed information on the scope and purpose of collection and use of the data, your associated rights and options for protecting your privacy in the provider's privacy policy via the link.

Google+ by Google Inc. (1600 Amphitheatre Parkway, Mountain View, California, 94043 USA)
https://www.google.com/+/policy/+1button.html

Facebook by Facebook Inc. (1601 S. California Ave, Palo Alto, CA 94304, USA)
https://www.facebook.com/policy.php

Twitter by Twitter Inc. (795 Folsom St., Suite 600, San Francisco, CA 94107, USA)
https://twitter.com/privacy

Facebook plug-ins (Like & Share button)
We have integrated plug-ins of the social network Facebook, provided by Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA, on our website. You will be able to recognise Facebook plug-ins by the Facebook logo or the "Like" button on our website. An overview of the Facebook plug-ins is available under the following link: https://developers.facebook.com/docs/plugins/.

Whenever you visit our website and its pages, the plug-in will establish a direct connection between your browser and the Facebook server. As a result, Facebook will receive the information that you have visited our website with your plug-in. However, if you click the Facebook "Like" button while you are logged into your Facebook account, you can link the content of our website and its pages with your Facebook profile. As a result, Facebook will be able to allocate the visit to our website and its pages to your Facebook user account. We have to point out, that we as the provider of the website do not have any knowledge of the transferred data and its use by Facebook.
For more detailed information, please consult the Data Privacy Declaration of Facebook at: https://www.facebook.com/privacy/explanation.
If you do not want Facebook to be able to allocate your visit to our website and its pages to your Facebook user account, please log out of your Facebook account while you are on our website.
The use of the Facebook plug-in is based on Art. 6 Sect. 1 lit. f GDPR. The operator of the website has a legitimate interest in being as visible as possible on social media.

Use of GoogleMaps
Our website uses Google Inc.'s feature for the embedding of Google Maps (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google").This feature visually represents geographical information and interactive maps. Google also collects, processes and uses data on visitors to the website when they call up pages with embedded Google maps.
Further information on the data collected and used by Google, your rights and privacy can be found in Google's privacy policy at https://www.google.com/privacypolicy.html. You also have the option of changing your settings in the data protection centre, allowing you to administer and protect the data processed by Google.

Your data may also be transmitted to the USA. Transmission of data to the USA is covered by an adequacy decision by the European Commission. You have the right to veto this processing of your personal data according to art. 6 (1) lit. f GDPR by contacting us, for reasons relating to your personal situation.For this purpose you must turn off the JavaScript application in your browser. However, we wish to point out that doing this may prevent you from using all of the website's functions, for example the interactive map display, in full.


Duration of storage
After contractual processing has been completed, the data is initially stored for the duration of the warranty period, then in accordance with the retention periods prescribed by law, especially tax and commercial law, and then deleted after the period has elapsed, unless you have agreed to further processing and use.


Rights of the affected person
If the legal requirements are fulfilled, you have the following rights according to art. 15 to 20 GDPR: Right to information, correction, deletion, restriction of processing, data portability. You also have a right of objection against processing based on art. 6 (1) GDPR, and to processing for the purposes of direct marketing, according to art. 21 (1) GDPR.

Contact us at any time. Our contact details can be found in our imprint.


Data protection officer
Designation of a data protection officer as mandated by law
We have appointed a data protection officer for our company.
HCONSULT GmbH
Bahnhofsplatz 15
07545 Gera
Deutschland
Phone: 0365 8336 9905
E-mail: datenschutz@hconsult.info

Right to complain to the regulatory authority
You have the right to complain to the regulatory authority according to art. 77 GDPR if you believe that your data is not being processed legally.

last update: 03.09.2018

Bitte prüfen Sie Ihren E-Mail Eingang

Wir haben Ihnen soeben eine E-Mail gesendet. Verwenden Sie den Link in der E-Mail um Ihre persönlichen Newsletter Optionen zu anzupassen.

Bitte prüfen Sie Ihren E-Mail Eingang

Wir haben Ihnen soeben eine E-Mail gesendet. Verwenden Sie den Link in der E-Mail um die Newsletter-Anmeldung abzuschließen.

Sie sind nicht zum Newsletter angemeldet.

Wir konnten Sie mit der angegebenen E-Mail-Adresse nicht in unserem Verteiler finden.

Zurück

Hinweis

Sie sind bereits mit der Angegebenen E-Mail-Adresse zum Newsletter angemeldet.

Zurück

Newsletteranmeldung Abgeschlossen.

Sie sind jetzt zu unserem Newsletter Angemeldet.

Fehler

Der Verwendete Link ist nicht mehr gültig.

Einstellungen

Datenschutz-Optionen

Unsere Website nutzt Funktionen des Webanalysedienstes Google Analytics, die uns helfen, unsere Website zu verbessern und ein optimales Kundenerlebnis zu ermöglichen. Lesen Sie unsere Datenschutzerklärung um mehr über Google Analytics und die Verwendung von Cookies zu erfahren.

 

Änderungen Speichern

Newsletter Anmeldung

Melde dich jetzt zu unserem Newsletter an und verpasse keine Infos
über Produktneuheiten, Aktionen & Gewinnspiele und vieles mehr.

 



Nach dem Absenden dieses Formulars erhältst du eine Check-Mail, in der du deine Einwilligung
gesondert bestätigen musst. Diese Einwilligung kannst du jederzeit widerrufen, z.B. per E-Mail an
shop@heinerle-berggold.de.
Die mit Stern (*) markierten Felder sind Pflichtfelder. Alle weiteren Angaben sind freiwillig.

Zum Newsletter anmelden

Newsletter Abmeldung

Nach dem Klick auf "Abmeldelink senden" erhalten Sie eine E-Mail zur Bestätigung Ihrer E-Mail-Adresse.

 

Abmeldelink senden

Fehler

Die Angegebene E-Mail-Adresse wurde in unserem Verteiler nicht gefunden.

 

Zurück

Bitte prüfen Sie Ihren E-Mail Eingang

Wir haben Ihnen soeben eine E-Mail gesendet. Verwenden Sie den Link in der E-Mail um die Newsletter-Abmeldung abzuschließen.

Newsletter Abmeldung

Sie haben sich erfolgreich vom Newsletter abgemeldet.