Menu

INFORMATION ON DATA PROTECTION

Website www.koenigpilsener.com

We are pleased that you are visiting our website. Data protection and data security for our customers and users are among our top priorities. We comply with data protection regulations, in particular those of the EU General Data Protection Regulation (“GDPR”), of the German Federal Data Protection Act (“BDSG”) and of the German Telemedia Act (TMG).

In this information on data protection we will explain which information (including personal data) is processed by us during your visit and your use of our above mentioned website ("website").

I. Who is responsible for data processing?

The entity responsible in terms of data protection for the processing of personal data and service providers in the sense of the German Telemedia Act (TMG) is Bitburger Braugruppe GmbH, Römermauer 3, 54634 Bitburg; Tel. 06561 14-0, Fax 06561 14-2289, info@bitburger-braugruppe.de. Where reference is made to "we" or "us” in this information on data protection, this relates to the aforementioned company in each case.

Our data protection officer can be contacted via the above communication channels as well as at datenschutz@bitburger-braugruppe.de.

II. What principles do we observe?

In compliance with data protection regulations, we process your personal data only where allowed to do so by a legal regulation or where you have declared your consent. This also applies to the processing of personal data for advertising and marketing purposes.

On this website we can also collect information which, in itself, does not enable us to make any direct conclusions as to your person. In some cases, particularly when combined with other data, this information can nevertheless be considered "personal data" in data protection terms. We may also, on this website, collect information on the basis of which we can neither identify you directly nor indirectly; this is the case for example with summarized information about all users of this website.

III. What data do we process?

You can access our website without directly entering personal data (such as your name, postal address or your e-mail address). In this case also we must collect and store certain information so as to be able to grant you access to our website. Moreover, we use certain analytical processes on this website.

  1. Log files: When you visit this website, our web server will automatically store the domain name or IP address of the accessing computer (usually that of your internet access provider), including the date, time and duration of your visit, the subpages/URLs you visit as well as information about the applications and end devices you use to view our pages.

  2. Cookies: Our website uses cookies. A cookie is a small text file left behind on the user's computer system (computer, tablet computer or smartphone) by a web portal when visited by the user. Personal data can be stored in cookies. You can change your browser settings to prevent tracking by cookies (Do not track, Tracking protection list) or to deny the storage of third-party cookies. If all cookies are deleted, opt-out cookies already placed will also be deleted, meaning that you will have to declare again any opt-outs already declared.

    We want you to be in a position to make an informed decision for or against the use of cookies that are not absolutely essential for the technical functions of the website. Please note that, if you reject cookies used for advertising, you will be shown advertising that is less relevant and less targeted to your interests. However, you will still be able to use all features of the website.

    We differentiate between cookies that are absolutely essential for the technical functionality of the website and optional cookies.

    To enable you to select the data protection settings that best suit your requirements for your visits to our website, insofar as possible, we give you the option below of adjusting your preferences with respect to the categories of operational necessity and convenience for you.

    Category "operational necessity"
    These cookies are absolutely essential for the operation of the website and contain settings that ensure the basic functions and security features of the website. These also include information on the pure number of users of our website (to this end, we use, among others, a cookie from etracker; see also Section 3). These cookies do not store personal information.

    Category "Convenience"
    These cookies enable YouTube videos, record anonymized data for statistics via etracker, Google Analytics and Facebook Custom Audience, and help display personalized content matching your surfing habits.

    Here you can change your personal settings.

  3. Website analytics using etracker: We use a solution from etracker GmbH (Erste Brunnestrasse 1, 20459 Hamburg, www.etracker.com) on our website to collect and store data for marketing and optimization purposes. Based on this data, user profiles can be created under a pseudonym using cookies. Without your separate consent we will not use data processed via etracker to identify you personally. We will also not merge this data with other personal data collected about you in order to identify you. You can object to the processing of the aforementioned data at any time with effect for the future. Please obtain the opt-out-cookie “cntcookie” from this link. Please do not delete this cookie if you wish to keep your objection in place. You will find further information in etracker's information on data protection.

  4. The website also uses the Facebook Inc. (“Facebook”) remarketing function “Custom Audiences”. This means that interest-based advertisements can be displayed to users of the website while they are visiting the social network Facebook or other websites which also use the procedure (“Facebook ads”). In doing so, we are pursuing the interest of showing you advertising which may be of interest to you in order to make our website more interesting for you.

    Your browser automatically establishes a direct connection to the Facebook server based on the marketing tool used. We do not have any influence on the extent or further use of data which is collected by Facebook via this tool and are therefore providing you with information on the basis of what is known to us. Connecting to Facebook Custom Audiences leads to Facebook being informed that you have clicked on the corresponding page of our internet presence or on one of our advertisements. If you are registered with a Facebook service, Facebook can assign the visit to your account. Even if you are not registered with Facebook or have not logged in, it is possible that the provider will learn and store your IP address and identifying features.

    You can deactivate the function “Facebook Custom Audiences” as a logged-in user at https://www.facebook.com/settings/?tab=ads.

    The lawful bases for processing your data are set out in Article 6 (1) (1) (f) of the GDPR. You can find more information about how Facebook processes data at https://www.facebook.com/about/privacy.

  5. Google Analytics: We integrated the component Google Analytics on this website. Google Analytics is a web analytics service. Web analysis is the gathering, collection and analysis of data about the behavior of visitors to websites. Among other things, a web analysis service collects data on which website a data subject has come to a website from (so-called referrers), which subpages oft he website were accessed or how often and for which period of time a subpage was viewed. A web analysis is mainly used to optimize a website and for the cost-benefit analysis of Internet advertising. The operator of the Google Analytics component is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA („Google“). Google Analytics uses cookies. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. Google might transfer the personal information collected via this technical procedure to third parties. As IP anonymization is activated on our website, your IP address will be shortened by Google within Member States of the European Union or other states in agreement with the European Economic Area. Only in exceptional cases, the full IP address is sent to and shortened by a Google server in the USA. On behalf of the operator of the website, Google will use this information to evaluate your use of the website, compile reports on website activity and to provide further services related to website and internet use to us. The IP address transferred through your browser to Google Analytics will not be combined with other data held by Google. You can prevent the storage of cookies by a corresponding setting of your browser software, however, please note that if you do this, you may not be able to use all the features of this website tot he fullest extent possible. In addition, you may prevent the collection of the data generated by the cookie and related to your use of the website (including your IP address) by Google as well as the processing of this data by Google by downloading and installing the browser plug-in available unter the following link: https://tools.google.com/dlpage/gaoptout?hl=en. This browser add-on informs Google Analytics via Java Script that no data and information about website visits may be transmitted to Google Analytics. In addition, a cookie already set by Google Analytics can be deleted at any time via the internet browser or other software programs. Further information and Google’s applicable privacy regulations can be found at https://policies.google.com/privacy?hl=en.

  6. Google reCAPTCHA

    Description and purpose
    To protect your orders via Internet forms, we use the reCAPTCHA service (Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA), which is equipped with an advanced risk analysis engine and adaptive challenges to protect against malware and abusive activities. The query is used to distinguish whether the input is made by a human or abusively by automated, machine processing. reCAPTCHA collects IP addresses and anonymises them, whereby shortened IP addresses are usually transmitted. The IP address transmitted by your browser as part of reCaptcha is not merged with other Google data. You can find more information about reCAPTCHA here.

    Legal basis
    The legal basis for the processing of your personal data is Art. 6 para. 1 lit. a) GDPR.

    Receiver
    The recipient of your personal data is Google LLC. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA)

    Transmission to third countries
    The personal data will be transferred to the United States. The transfer is subject to appropriate safeguards pursuant to Art. 46 GDPR. Where necessary, we have concluded suitable guarantees within the meaning of Art. 46 para. 2 GDPR with the data importer. In addition, we are aware of our responsibility and, where necessary, take further measures to protect the rights and freedoms of natural persons to ensure the protection of personal data.

    Duration of data storage
    The data is automatically deleted after 14 months. Data that has reached the end of its retention period is automatically deleted once a month.

    Revocation
    You have the right to withdraw your consent at any time, see Art. 7 para. 3 sentence 1 GDPR. This can be done informally and without giving reasons and is effective for the future. Withdrawal of consent does not affect the lawfulness of the processing carried out prior to the withdrawal. Further information on this can be found above in our privacy policy under "Rights of data subjects".

    Contractual and legal obligation
    There is no contractual or legal obligation to provide the data.

    Further data protection information
    Further information on the processing of your personal data can be found here:  https://policies.google.com/privacy?hl=de&gl=del

  7. We run a company Facebook page (“Business Page”) in addition to our website and our website may contain links to our business page. If you click on our business page, Facebook will process personal data. This may also be the case when you are not logged in to Facebook during the visit. We receive detailed content-related statistics from Facebook regarding use of our Facebook business page, but this consists only of summarized data. We can use these statistics to identify how often or by how many distinct visitors our business page and individual posts on this site are clicked on or rated, for example. We cannot discern from these statistics, however, which specific individuals are visiting our site or have clicked on or rated individual posts. As is usually the case with Facebook, you can see on our business page which Facebook user has rated a post. You can find more information about how Facebook processes data in the data policy provided by Facebook http://de-de.facebook.com/policy.php

  8. This website uses “typography.com”, a font service of Hoefler&Co. („typography.com“), 611 Broadway, Room 725, New York, NY 10012-2608, USA („typography.com“). Every time this website is clicked on, files are loaded from a “typography.com” server to display the texts in a certain font. Your IP address may be transmitted to a “typography.com” server in the process and stored within the framework of the customary weblog. The further processing of this information falls to “typography.com”. Please refer to the “typography.com” data privacy policy for the corresponding conditions and possible settings (https://www.typography.com/policies/privacy).

  9. Customer Communications: In order to ensure communication with our customers and end consumers, we process all information that you provide to us when you contact us and which we ask for (e.g. your name, address and other contact details); we also store the reason why you contacted us.

  10. Google Service reCaptcha: We use the Google service reCaptcha to determine whether a person or a computer is making a specific entry in our contact or registration form. Google uses the following data to check whether you are a person or a computer: IP address of the device being used, our website that you are visiting and on which the Captcha is integrated, the date and duration of your visit, the identification data of the browser and operating system type being used, the Google account if you are logged in to Google, mouse movements on the reCaptcha areas as well as tasks where you have to identify images.

IV. For what purposes and on what legal bases do we process your data?

  1. The processing of any personal data contained in the log files is carried out to enable you to use our website; this is done on the basis of Section 15, Para. 1 of the German Telemedia Act (TMG).

  2. The processing of the data collected using cookies (including the web analytics service etracker) and of the pseudonymous user profiles is carried out for purposes of advertising, market research and the needs-based design of our website on the basis of Section 15, Para. 3 TMG.

  3. We can also process the data collected in connection with your use of our website in order to fulfill legal obligations to which we are subject; this is carried out on the basis of Article 6(1)(c) of the GDPR.

  4. Where necessary, we also process your data, in addition to the aforementioned purposes, for the purpose of safeguarding our legitimate interests or the interests of third parties; this is carried out on the basis of Article 6(1)(f) of the GDPR. Our legitimate interests include, in particular,

    • The assertion of legal claims and defense in legal disputes;

    • The prevention and investigation of criminal offenses;

    • The control and further development of our business activities, including risk control.

  5. The legal basis for the data processing by the Google service reCaptcha is Art. 6 (1f) of the General Data Protection Regulation. There is a legitimate interest on our part in this data processing in order to ensure the security of our website and protect us against automated entries (attacks).

V. Am I obligated to provide data?

In order to guarantee consumer-friendly communication, at least your name and e-mail address are necessary. These required fields are labeled on the forms; if you do not complete the required fields, we cannot allow you to use the respective function.

Where we collect personal data from you in addition to this, we will inform you at the time of collecting whether the provision of this information is prescribed by law or contract or is required for the conclusion of a contract. When doing so we will usually identify information the provision of which is voluntary and is not based on one of the above-mentioned obligations or not required for the conclusion of a contract.

VI. Who gets my data?

Your personal data is generally processed within our company. Depending on the type of personal data, only certain departments / organizational units will have access to your personal data. These include in particular the departments concerned with the provision of our digital services (e.g. webpages) and our IT department. By means of a role and authorization concept, the access within our company is limited to the functions and scope required for the purpose of processing.

We may also share your personal data with third parties outside of our company to the legally permitted extent. These external recipients can include in particular

  • Affiliated companies within the Bitburger Brewery Group, with whom we share personal data for internal management purposes;

  • The service providers engaged by us who provide services for us on a separate contractual basis, which may include the processing of personal data, as well as the subcontractors of our service providers engaged with our consent;

  • Non-public and public bodies, as far as we are obligated to share your personal data based on legal obligations.

VII. Is an automated decision-making used?

We generally do not use an automated decision-making process (including profiling) in the sense of Art. 22 of the GDPR in connection with the running of our website. Where we use such procedures in individual cases, we will inform you about this separately to the extent provided for by law.

VIII. Will data be transmitted to countries outside the EU/EEA?

The processing of your personal data is generally carried out within the EU or the European Economic Area.

Only in connection with the engaging of service providers for the provision of web analytics services can a transmission of information to recipients in so-called "third countries” be carried out. "Third countries" are countries outside the European Union or the European Economic Area Agreement, where a level of data protection cannot be readily assumed that is comparable to that in the European Union.

Where the transmitted information also includes personal data, we will make sure prior to such transmission that the adequate data protection level required is ensured in the respective third country or at the recipient in the third country. This may result in particular from a so-called "adequacy decision” of the European Commission enabling an adequate level of data protection for a specific third country to be determined overall. Alternatively, we can also base the data transmission on the so-called "EU Standard Contractual Clauses” agreed upon with a recipient. We will provide you with more information about the appropriate and adequate guarantees for compliance with a reasonable level of data protection on request; see the contact information at the beginning of this information on data protection. .

IX. How long will my data be stored for?

We generally store your personal data for as long as we have a legitimate interest in doing so and said interest is not outweighed by your interests in discontinuing storage.

Even without a legitimate interest we can still store the data where required to do so by law (to meet our obligation to preserve records for example). We will delete your personal data without any action on your part as soon as knowing it is no longer necessary for fulfilling the purpose of processing or storing it is otherwise legally inadmissible.

As a general rule:

  • The log data will be deleted within seven days as far as continued storage is not required for purposes provided for by law such as the detection of misuse and the detection and elimination of technical malfunctions;

  • The data processed in connection with an order will be deleted upon the statutory record preservation periods ending at the latest

Personal data that we need to store in order to comply with our obligations to preserve records will be stored until the relevant obligation ends. Where we store personal data solely for the purpose of fulfilling our obligations to preserve records, it is generally locked so that it can only be accessed where required in view of the purpose of our obligation to preserve records.

X. What rights do I have?

You have the right as an affected person:

  • To receive information about the personal data stored about you, Art. 15 of the GDPR;

  • To correction of inaccurate or incomplete data, Art. 16 of the GDPR;

  • To deletion of personal data, Art. 17 of the GDPR;

  • To restriction of processing, Art. 18 of the GDPR;

  • To data portability, Art. 20 of the GDPR, and

  • To object to the processing of the personal data concerning you, Art. 21 of the GDPR.

To exercise these rights, you can contact us at any time, e.g. via one of the communication channels specified at the beginning of this information on data protection.

If you have any questions regarding the processing of your data, you can also contact our data protection officer.

You are also entitled to file a complaint with a competent supervisory authority for data protection, Art. 77 of the GDPR.