Data protection

Table of Contents

I. General information on data protection
II. Privacy Policy Website
III. Information for Applicants
IV. Information for business partners

I. General information on data protection

I.1. Note on the responsible body:

DOSTOFARM GmbH
Hansacker 24
26655 Westerstede

We attach particular importance to the protection of your personal data. Your personal data will be processed in accordance with the data protection regulations, in particular the European General Data Protection Regulation (EU DS-GVO) and the Federal Data Protection Act (BDSG-new).

The following information provides an overview of the type, scope and purpose of the collection, processing and transmission of personal data and the security measures used to protect this data.

Personal data is individual information about personal or factual circumstances of a specific or identifiable natural person, such as B. Your name, your address, your telephone number, your date of birth as well as your e-mail and IP address.

I.2. Legal bases for the processing of personal data

      • Insofar as we obtain the consent of the data subject for the processing of personal data, Article 6 (1) (a) EU GDPR serves as the legal basis. You can revoke this processing at any time in accordance with Art. 7 Para. 3 EU DS-GVO for the future.
      • Article 6 (1) (b) EU GDPR serves as the legal basis for the processing of personal data required to fulfill a contract or to carry out pre-contractual measures.
      • Insofar as processing of personal data is necessary to fulfill a legal obligation to which our company is subject, Article 6 (1) (c) EU GDPR serves as the legal basis.
      • If the processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and fundamental freedoms of the person concerned do not prevail, Article 6 Paragraph 1 Letter f of the EU GDPR serves as the legal basis for the processing. In this case you have a right of objection according to Art. 21 EU DS-GVO.

I.3. Data Erasure and Storage Duration

Personal data will be deleted as soon as the purpose of storage no longer applies. Storage can also take place if this has been provided for by statutory storage obligations to which our company is subject (e.g. billing or tax storage periods of up to 10 years in accordance with the AO and HGB).

I.4. Your rights

Upon written request, we will inform you in accordance with Art. 15 EU DS-GVO in accordance with our legal obligation under Art. 12 EU DS-GVO whether and which of your personal data are processed or stored by us. Furthermore, you have the right to correction of incorrect data in accordance with Art. 16 EU DS-GVO, data portability in accordance with Art. 20 EU DS-GVO, blocking and deletion of your personal data in accordance with Art. 17 EU DS-GVO - provided that there are no legal storage obligations to the contrary - as well as the right to restriction of processing in accordance with Art. 18 EU DS-GVO. In addition, you have the right to contact the competent supervisory authority in accordance with Art. 77 EU DS-GVO.

YOU ALSO HAVE THE RIGHT TO OBJECT ACCORDING TO ART. 21 EU DS-GVO, IF THE PROCESSING IS BASED ON THE REASONABLE INTERESTS ACCORDING TO ART. 6 ABS. 1 LIT. F EU GDPR SUPPORTS.

If you have given us your consent to the processing of your data, you can of course revoke this at any time in accordance with Art. 7 Para. 3 EU DS-GVO for the future.

If you have any questions regarding the processing of your personal data, you can contact our data protection officer, who is also available to you in the event of requests for information, suggestions or complaints.

Data protection officer of DOSTOFARM GmbH
Hansacker 24
26655 Westerstede

Email: mail@dostofarm.de

I.5. Change to our privacy policy

In order to ensure that our data protection declaration always corresponds to the current legal requirements, we reserve the right to make changes at any time. This also applies in the event that the data protection declaration has to be adjusted due to new or revised services, for example new services.

Version of 2022/XNUMX

II. Privacy Policy Website

II.1. Provision of the website

Use of hosting service providers

Our website is hosted on the servers of a hosting service provider located in the EU on the basis of order processing in accordance with Art. 28 EU DS-GVO. As part of its services, the hosting service provider may have access to our users' personal data, in particular to technical data that arises as part of the technical communication between you and our website (e.g. server log files). He may not use these for his own purposes. The use of a hosting service provider is based on our legitimate interests in the provision of infrastructure and platform services, computing capacity, e-mail dispatch and security services in accordance with Article 6 (1) (f) EU GDPR.

Server log files

When you visit our website or use its services, the device you use to access the site automatically transmits log data (connection data) to our server. The relevant information consists of:

      • type and version of the browser you are using,
      • type and version of the operating system you are using,
      • referrer URL of the page from which you came to our website,
      • date and time of access to our website,
      • name of the sub-pages you have accessed,
      • IP address of your computer system,
      • Amount of data transferred in each case.

The data collected is used exclusively for statistical evaluations for the purpose of operation, security and optimization of the offer. For security reasons, however, we reserve the right to subsequently check the log data if there are concrete indications that there is a justified suspicion of illegal use. The data will not be stored for longer than necessary. This collection is based on our legitimate interests in accordance with Article 6 (1) (f) EU GDPR.

Cookies

We use so-called cookies in some areas of the website in order to recognize the preferences of the visitors and to be able to design the website optimally and attractively. This enables easier navigation and a high degree of user-friendliness of the website. The processing of cookies for the technical provision of the website represents a legitimate interest in accordance with Article 6 (1) (f) EU GDPR / Article 25 (2) TTDSG. The legal basis is also Article 6 (1) (a) EU DS-GVO or § 25 Para. 1 TTDSG, if we need your consent for the use of cookies (including for marketing or analysis purposes).

Cookies are small text files that your browser creates automatically and that are stored on your end device when you visit our website. Cookies do not damage your computer and do not contain viruses. Most of the cookies we use are deleted after the end of the browser session (so-called session cookies). Other cookies remain on your computer and enable us to recognize your computer the next time you visit (so-called permanent or cross-session cookies). Thanks to these files, it is possible, for example, to display information on the site that is specially tailored to your interests.

You can set your browser so that it informs you about the placement of cookies. So the use of cookies becomes transparent for you. If you completely exclude the use of cookies, you may not be able to use individual functions of this website.

Security of your data

We use technical and organizational security measures to adequately protect the data you provide against accidental or intentional manipulation, loss, destruction or access by unauthorized persons. We therefore use for the transmission of confidential content, such. B. inquiries that you send to us as the site operator, an SSL encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line. If SSL encryption is activated, the data you transmit to us cannot be read by third parties. Our security measures are being further developed in accordance with the state of the art.

II.2. contact

If you contact us (e.g. via contact form, e-mail, telephone, social media), your personal information will be processed for the purpose of processing the request and any associated follow-up questions in accordance with Art. 6 Para. 1 lit. b EU DS -GVO (as part of pre-/contractual measures) or in accordance with Art. 6 Para. 1 lit. f EU DS-GVO (general inquiries) are stored and processed by us. We do not pass on this data without your respective consent.

The data you provide will remain with us until you ask us to delete it, object to the storage or the purpose for data storage no longer applies (ie after your request has been processed), provided that there are no legal storage obligations to the contrary.

II.3. Registration

If you register on our website in order to order goods, services and information in our online portal, personal data will be collected. Registration enables access to services and content that are only available to registered users. If necessary, registered users have the option of changing or deleting the data specified during registration at any time. Your data may be passed on to shipping and payment service providers commissioned by us to process the order. Any further disclosure to third parties will not take place. The processing of your personal data is carried out on the basis of contract processing (according to Art. 6 Para. 1 lit. b EU DS-GVO). This data is deleted in accordance with statutory retention requirements.

II.4. Analysis Tools

The analysis measures listed below and used by us are carried out on the basis of Article 6 (1) (a) EU GDPR (consent). With the use of these analysis measures, we want to ensure a needs-based design and the continuous optimization of our website. Using the analysis tools, we record the use of our website in pseudonymised form and evaluate this for the purpose of optimizing our offer.

You can revoke your consent to us at any time with effect for the future.

Google Analytics

This website uses functions of the web analysis service Google Analytics. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4 Ireland. Google Analytics uses so-called “cookies”. These are text files that are stored on your computer and enable an analysis of your use of the website. The user and event data will be deleted automatically after 14, 26, 38, 50 months.

IP anonymization

We have activated the IP anonymization function on this website. As a result, your IP address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area before it is transmitted to the USA. Only in exceptional cases will the full IP address be sent to a Google server in the USA and shortened there. Google uses this information to evaluate your use of the website, to compile reports on website activity and to provide us with other services related to website and internet use. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

Browser Plugin / Prevention of Data Collection

You can prevent the storage of cookies by setting your browser software accordingly; we would like to point out to you however that in this case you will if applicable not be able to use all functions of this website in full. You can also prevent Google from collecting the data generated by the cookie and related to your use of the website (including your IP address) and from processing this data by Google by downloading the browser plug-in available under the following link and install: https://tools.google.com/dlpage/gaoptout?hl=de

For more information about how Google Analytics handles user data, see Google's privacy policy: https://support.google.com/analytics/answer/6004245?hl=de

Outsourced data processing

We have entered into an agreement with Google for the outsourcing of our data processing and fully implement the strict requirements of the German data protection authorities when using Google Analytics.

II.5. Third Party Content and Services

On the basis of our legitimate interest in accordance with Article 6 (1) (f) EU GDPR, content and services from other providers that supplement our offer are integrated into our online offer. With the use of the following services, we want to ensure that our website is designed to meet needs and is continuously optimized. If we ask for your consent for the use of these services, the legal basis is Article 6 (1) (a) EU GDPR.

YouTube

Videos from the YouTube platform are integrated on our website. YouTube is a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4 Ireland. However, like most websites, YouTube also uses cookies to collect information about visitors to its website. YouTube uses these, among other things, to collect video statistics, to prevent fraud and to improve user-friendliness.

Further information on data protection at YouTube can be found in their data protection declaration at: http://www.youtube.com/t/privacy_at_youtube. There you will also find further information on your rights and setting options to protect your privacy.

Links to Third Party Websites

Based on our legitimate interest, it may happen that links to other providers that supplement our offer are included within this online offer. When accessing websites referred to on this website, information such as name, IP address, browser properties, etc. may be requested again. This privacy policy does not regulate the collection, disclosure or handling of personal data by third parties. In this context, please note the special data protection declarations of the individual third-party providers and service providers whose links we include on our website.

II.6. social media

We maintain publicly accessible online presences in social networks to communicate with customers and interested parties who are active there and to present our services.

We would like to point out that user data may be processed outside of the European Union. Furthermore, user data is usually processed for market research and advertising purposes. To the best of our knowledge, the providers also use cookies that store your usage behavior (also across different end devices). This allows targeted advertising to be displayed on our own platform and on third-party sites.

The processing of the personal data of the users takes place on the basis of our legitimate interests in effective information of the users and communication with the users in accordance with Article 6 Paragraph 1 lit. f. EU DS-GVO. If the users are asked by the respective providers of the platforms for their consent to data processing or if the user voluntarily sends information to our online presence, the legal basis for the processing is Article 6 Paragraph 1 lit. In conjunction with Art. 7 EU GDPR. If this information contains contract-relevant content, Article 6 (1) (b) EU GDPR serves as the legal basis.

For a detailed description of the respective processing and the possibilities of contradiction (opt-out), we refer to the following linked information of the provider.

Also in the case of requests for information and the assertion of user rights, we point out that these can be claimed most effectively from the providers. Only the providers have access to the data of the users and can directly take appropriate measures and provide information. If you still need help, then you can contact us.

Facebook and Instagram (meta)

If you interact with our social media pages on Facebook and Instagram (make a comment, like posts or send us a message), your data will be stored with us. These social networks are operated by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (henceforth: Meta).

When operating a company profile on these channels, it is a matter of joint responsibility under Art. 26 EU DS-GVO Meta and our company in terms of data protection. Accordingly, we have concluded an agreement with Meta in which the respective obligations under the EU DS-GVO are regulated: https://www.facebook.com/legal/terms/page_controller_addendum.

Meta provides profile operators with statistics and insights into the types of actions our profile visitors take (“Page Insights”). We have no influence on whether this data is collected by Meta. According to Meta, this data is only provided to us anonymously, so that the user cannot be identified from the information.

Personal data will be deleted as soon as the purpose of storage no longer applies. Storage can also take place if this has been provided for by statutory storage obligations to which our company is subject.

Please note that when you use and access our Facebook and Instagram pages, your personal data will also be processed by the provider Meta. Meta is operated by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland and the US-based parent company. Meta processes your data in addition to the processing mentioned above for analysis and advertising purposes. To the best of our knowledge, Meta also uses cookies that store your usage behavior (also across different end devices). This allows Meta to display targeted advertising on its own platform and on third-party sites. For more information, see Facebook's privacy policy: https://www.facebook.com/about/privacy/, Instagram https://help.instagram.com/519522125107875. Facebook and Instagram also offer the option of objecting to certain data processing; Relevant information and opt-out options can be found at: https://www.facebook.com/settings?tab=ads and https://www.instagram.com/accounts/privacy_and_security/. Please note that according to the meta data protection regulations, user data is also processed in the USA or other third countries. Meta only transfers user data to countries for which the European Commission has issued an adequacy decision in accordance with Art. 45 EU GDPR or on the basis of suitable guarantees in accordance with Art. 46 EU GDPR.

With regard to data processing via our Facebook and Instagram page, you have the option of asserting your rights as a data subject against Meta. Further information can be found in Meta's data protection declaration: https://www.facebook.com/about/privacy/.

II.7. minors

In principle, we address our online offer to persons of legal age. Personal information from persons who have not yet reached the age of 16 may only be made available to us if the express consent of the legal guardian has been obtained (Art. 8 EU DS-GVO). Processing without the consent of the legal guardian is not permitted. We therefore reserve the right to delete all data relating to minors unless we have the consent of a legal guardian.

III. Information for Applicants

III.1. Purpose and legal basis for collection and processing

Your data will be processed by us for the purpose of application processing in accordance with Art. 88 EU DS-GVO i. V. m. § 26 BDSG-reprocessed. If special categories of personal data within the meaning of Article 9 (1) EU GDPR are voluntarily communicated as part of the application process, they will also be processed in accordance with Article 9 (2) (b) EU GDPR.

III.2. recipients of your data

The recipients of your data are the departments involved in the human resources process (including human resources, managers and department heads) of the responsible body. Your data will be treated as strictly confidential and will not be passed on to third parties without your consent. A transfer to third countries or international organizations is not planned.

III.3. storage of your data

Your application data will be deleted 180 days after the position has been filled. If you are also interested in future vacancies, we need your written consent to store your application documents for a longer period of time. You can revoke this consent at any time in accordance with Art. 7 Para. 3 EU DS-GVO for the future. To do this, please send an e-mail with a corresponding note to the contact address given above.

IV. Information for business partners

IV.1. Purpose and legal basis for collection and processing

The primary purpose of data processing is to establish, implement and terminate the contractual relationship. The primary legal basis for this is Art. 6 (1) (b) EU GDPR. Without this type of use of your data, the business relationship between you and us cannot be carried out.

We also process your data on the basis of Article 6(1)(f) EU GDPR to safeguard our legitimate interests or those of third parties (e.g. authorities). This may be necessary, for example, to maintain IT security and IT operations or for corporate management, internal communication and other administrative purposes. You can object to this processing by stating special reasons in accordance with Art. 21 EU DS-GVO.

We also process your data to fulfill legal obligations such as B. regulatory requirements, commercial and tax law retention requirements or documentation requirements. The legal basis for this is Art. 6 Para. 1 lit. c EU GDPR in conjunction with the applicable national laws.

In individual cases, we may also process your data on the basis of your separate consent in accordance with Art. 6 Paragraph 1 lit. a, 7 EU DS-GVO (e.g. as part of registering for our newsletter or publishing photos and videos). You are always free to decide whether you want to give your consent. Once you have given your consent, you can revoke it at any time with effect for the future. To do this, use the link provided in the respective campaign or send relevant inquiries to the contact address given above.

If we process your personal data for a purpose not mentioned above, we will inform you in advance. 

IV.2. recipients of your data

Within our company, only those people receive your personal data who need it to fulfill our contractual and legal obligations. In addition, we sometimes use different service providers to fulfill these obligations, so that it may be necessary to transmit your personal data to other recipients outside the company, insofar as this is necessary to fulfill our contractual and legal obligations. These third parties can e.g. E.g. authorities, financial institutions, suppliers, etc.

In order to technically process your data, we sometimes use external service providers. We may transfer and process your information outside of your country of residence/company headquarters or in any of the countries in which we operate. These can also be located outside the European Economic Area. If we transfer personal data to service providers or companies outside the European Economic Area (EEA), the transfer will only take place if the EU Commission has confirmed that the third country has an appropriate level of data protection or other appropriate data protection guarantees (e.g. binding corporate data protection regulations or EU standard contractual clauses). ) available. You can also request detailed information using the above contact information.

IV.3. storage of your data

We only store your personal data for as long as is necessary for the above purposes. After termination of the contractual relationship, your personal data will be stored for as long as we are legally obliged to do so. This results regularly from legal proof and storage obligations, which are regulated, among other things, in the German Commercial Code and the Tax Code. The storage periods are then up to ten years. In addition, it may happen that personal data is kept for the period in which claims can be asserted against us (statutory limitation period of three or up to thirty years).