DATA PROTECTION INFORMATION for Brauerei C. & A. VELTINS GmbH & Co. KG
This data protection information shall apply for the telemedia services offered by us so that for visits to the following websites and their sub-sites in particular as well as for the use of our VELTINS-App (hereinafter known as App) in accordance with the regulations in force governing them, in particular German Broadcast Media Act [TMG], GDPR and German Telecommunications and Telemedia Data Protection Act [TTDSG]:
Unless stipulated otherwise by other legal relationships, the responsible party is:
Brauerei C. & A. Veltins GmbH & Co. KG An der Streue
Tel: +49 2934 959 0
Fax: +49 2934 959 493
General information about data protection
As the responsible party, Brauerei C. & A. VELTINS GmbH & Co. KG, takes your personal data seriously within the meaning of Art. 4 No 7 of the ordinance (EU) 2016/679 of the European Parliament and the Council dated 27 April 2016 on the protection of natural persons when personal data is processed, on the free movement of data and on the cancellation of the Directive 95/46/EG (basic data protection regulations hereinafter referred to as GDPR) and maintains strict observance with the data protection regulations.
In addition to the above, the requirements of the German Telemedia Act (TMG) and the law on the regulation of data protection and the protection of the personal sphere in the German Telecommunication and for Telemedia [TTDSG] as well as other applicable regulations shall be satisfied.
Personal data and data about the terminal you use as well as other data from terminals will only be processed as required for technical reasons on the websites as well as by the telemedia services of the responsible party and in line with our overall business activity. Under no circumstances will this data be made available to third parties without your consent or without a statutory or contractual reason for doing so.
Please find below a summary of how we guarantee that your personal data is protected and which type of data is collected and for which reasons it is collected.
To summarize briefly, the following shall apply:
We avail ourselves – also via our service provider, whom we place under a contractual obligation to maintain data protection – with suitable technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or total loss, destruction, or against the unauthorised access by third parties. Our security measures shall be improved on an on-going basis in line with technical progress.
Consequently we shall reserve the right to modify these security and data protection measures insofar as this becomes necessary as a result of technical modifications.
Our data protection information not connected with a visit to websites and tele media services for which we are (co) responsible and at the same time apply in addition to this information can be found at:
1. Data processing on our websites and within the app
Brauerei C. & A. VELTINS automatically processes information which the browser and other applications on your device send to us on websites directly accessible and services via the service provider contracted by us. This is:
- Browser model / version /plugins / language
- Operating system used,
- General system information (inter alia device, device ID, monitor resolution etc.)
- Referrer-URL (e.g. the previously-visited page)
- Hostname of the accessing device (e.g. IP address)
- Time of server enquiry
- Geodata and location data
- First and last name
- E-mail address
- ID of your device (e.g. IMEI = International Mobile Equipment Identity, IMSI = International Mobile Subscriber Identity, cellular radio number or MSISDN, MAC-address, name of your device, E-mail address)
- Recognition / Identity data (e.g. photographs)
- Usage data (including input methods)
- Version data of apps used to reach us
The named data will be processed by us for the following purposes:
- To ensure a smooth dial up for our services,
- To ensure that it is easy to use our services,
- To ensure basic functions,
- To evaluate system security and stability as well as
- For other administrative purposes.
The legal basis for processing your personal data and the data on your device used to access our services is Art. 6 Para 1 P 1 a), b), c), e) and f) GDPR plus § 25 TTDSG. Consequently, we use the corresponding data because you have granted us your consent, we are fulfilling a contract or quasi-contractual legal transaction entered into with you, we are obliged to process data for various reasons – also to be able to offer our services in the first place for technical considerations – or we have a justified interest in processing your personal data and your interests, basic freedoms, and basic rights do not prevail. Our justified interest in collecting data follows from the purposes listed above. Insofar as you have not granted us your specific consent entitling us to do so, we shall not use the collected data for the purpose of working out your personal identity; this is also virtually impossible for us and not intended by us. This data cannot, namely, generally be allocated to specific individuals as a matter of principle. We do not collate this data with other data sources. The data will, moreover, be deleted after statistical analysis; this shall not apply insofar as the data is only used for the purposes of supporting and maintaining the services called off by the user in accordance with the terms and conditions of use and local data protection instructions continue to be applied.
When you visit our website and use our services we generally use the widespread SSL system (Secure Socket Layer) in conjunction with the highest level of encryption supported by your browser. As a rule this is 256-Bit encryption. If your browser does not support 256-Bit encryption, we shall resort to 128-Bit v3 technology instead. Whether an individual webpage of our website is encrypted when downloaded can be seen on the closed key or padlock icon in your browser window (depending upon your software).
2. Data processing when registering for our newsletter and additional information
Insofar as you have granted your express consent in accordance with Art 6 Para 1 P. 1 a) GDPR, we shall use your e-mail address and all the other data divulged in the course of granting your consent, to enable us to send you our newsletter and other information on a regular basis. And if you supply us with your address we can also send information about us and our campaigns to you by post. All you have to do is let us have your e-mail address for us to be able to let you have our newsletter. Additional information is passed over by you on a voluntary basis. You may cancel your log-in at any time e.g. via a link at the end of each newsletter. Alternatively, you may also send us your wish to cancel at any time by e-mail to email@example.com or firstname.lastname@example.org .
When the newsletter is sent out to you will automatically be informed separately and in detail of your existing rights.
Provided that you have granted your consent to us analysing all the data collected from you or as a result of you using our telemedia services, we shall also have the option of letting you have a usage-based and interest-based, this means personalised, newsletter. You will receive separate notification of how your data is used for personalisation in this data protection information.
3. Data processing when using our contact form
For queries or concerns of any type we offer you the option in the websites and within the app or other services to contact us by using supplied forms (contact masks). Should you wish to do so you will, as a minimum requirement, have to supply a valid e-mail address plus your first name and surname, so that we know who the enquiry has come from so that we can reply. Additional data may be submitted by you on a voluntary basis which we shall then use in accordance with your contact enquiry.
For the purposes of making contact with us data shall be processed in accordance with Art. 6 Para 1 P 1 a) GDPR on the basis of you having granted your consent voluntarily as well as your interest in receiving a reply, which legitimises us to process the data, Art. 6 Para 1 GDPR.
The personal data processed by us for using the contact form will automatically be deleted in full after your enquiry has been dealt with and after a reasonable safekeeping period of time has expired.
4. Data processing on the basis of other functions and activities
On our websites within the app as well as on third party portals we offer different activities and functions at different times, necessitating or which may necessitate the processing of personal data.
Data will be processed on the basis of the respective user granting their consent in accordance with Art 6 Para 1 a) GDPR or in fulfilment of a legal relationship in accordance with Art. 6 Para 1 b) GDPR. Justified interests of the responsible party may also legitimise data processing in accordance with Art. 6 Para f) GDPR.
Insofar as the user participates in specific functions or activities the associated data processing will be necessary in relation to the data collected for it.
The specific functions and activities may in particular be:
- Surveys (with or without a gift, remuneration or prize),
- Special user activities,
- Campaigns, Incentivisation,
Normally the types of data to be processed for these functions and activities are the following in particular:
- First name, surname including salutation
- E-mail address,
- Address information (Place of residence),
- Phone number(s)
- Location data if necessary,
- Date of birth,
- Images provided by you (inter alia photographs and videos),
- IP address,
- Operating system data,
- Telecommunications service providers,
- Hardware identification data,
- Time of log-in
- Bank account details if necessary,
- ID data (Passwords, other identification you have submitted to register for our services)
- Campaign-related data (Participation in specific campaigns, bottle cap codes entered / scanned in, score, prizes, image and identification data etc.)
as well, if necessary, as other data types to which reference will be made separately in each case. In addition to this, we shall request your consent – if this is required in a specific case – prior to collecting data and processing it.
This data processed separately shall only be used for the intended purpose as required for the function or activity and deleted in accordance with the legal regulations.
5. Forwarding your data
As a matter of principle your data will only be passed on if you have granted your consent thereto and if it is necessary to pass it on for establishing, executing or terminating an obligation created by a legal transaction or a quasi-legal transaction, or is necessary to maintain the justified interests of the responsible party and there is no reason to assume that your interests meriting protection in precluding your data being processed or used prevail, or if there are statutory obligations to pass over your data.
Insofar as we do pass over data to businesses or to other third parties contracted by us or working together with us, we have entered into the agreements corresponding with the law in force in particular in accordance with Art. 26 and 28 GDPR. Thereby the other data processing parties likewise undertake on a binding basis to ensure a reasonable level of data protection. For details regarding this please contact us, we shall be pleased to comply with your justified rights to information (cf. No 12).
As a matter of principle your data will not be passed over to non EU / Non-European Economic Area states (so-called third party states), in particular to recipients which are unable to ensure a suitable level of data protection.
Insofar as this principle is not observed, such an exception will be necessary for various reasons or legitimised by your consent to that effect. The information listed below provides a summary of such exceptions:
In addition to the data already named, when using our services technical aids will be used for various functions, in particular cookies, pixels, web beacons and similar technology, hereinafter known as cookies. These are small (Text) files, which your browser automatically produces and which are stored on your device (laptop, tablet, smartphone or similar), when you visit our webpage and/or use our services. Cookies will not generally damage your device and as far as we know or intend, do not contain any viruses, trojans or other malware. They primarily serve to make it easier and faster to use our web pages.
Information is deposited in our cookies in connection with the specific device used. This does not however mean that as a result of this we are able to work out your identity. Nevertheless we shall be pleased to inform you about how they are used.
This means that we used so-called session cookies to identify that you have already visited individual web pages on our website. After you leave our website and after you have logged out or are no longer using our services they are automatically deleted. They save so-called session ID by which various enquiries by your browser are allocated to the common session and your device is recognised again if you return to use our services.
Cookies which are absolutely essential for technical reasons for services to operate:
The technical set-up of our services makes it necessary for us to use various technology, in particular cookies. Without this technology it is not possible for our services or support functions to be fully utilised properly. These are basically temporary/transient cookies which are deleted after use of the website and within 30 days at the latest. These cookies cannot be deselected by you if you wish to use our services.
The data processed by using cookies are required for the named purposes of defending our justified interests as well as those of third parties in accordance with Art. 6 Para 1 P 1 f) GDPR.
Optional cookies when granting your consent:
We only use various cookies after you have granted your consent, which you can select when visiting our services for the first time via the manager (so-called Cookie-Banner). These cookies serve to allow us to better analyse service usage and improve our services, and make it easier for you to use our services via various browsers and devices, and to recognise you when you return to our website or to show advertising, possibly also to orientate advertising to reflect your interests, to measure the effectiveness of advertisements or to display advertising geared to your interests.
The legal basis for this processing is Art. 6 Para 1 P 1 a) GDPR. You may revoke the consent you have granted for this at any time, without the admissibility of the processing being affected up until revocation, refer to No 13 and the instruction on your right of revocation at the end of this information.
Other businesses are also involved in setting cookies.
Most browsers and devices accept cookies automatically. You may however configure your browser and/or device in such a way so that no cookies are saved on your device or notification always appears before a new cookie is created. Complete deactivation of cookies may however result in you not being able to use all our services.
We also use marketing tools, including cookies on our website to enable us to understand and follow up your preferences and to present advertisements and offers customised to your interests. Marketing cookies will only be used if you have granted your consent to them being activated in accordance with Art. 6 Para 1 a GDPR by clicking on the relevant box when you visit the website. Insofar as data is transferred to the USA in connection with a set cookie, this shall likewise be done on the basis of your consent having been granted in accordance with Art. 49 Para 1 a GDPR. Please note that in the USA the level of data protection is not comparable with that in the EU / EEA and consequently it cannot be ruled out entirely that you data may also be disclosed without reasonable legal redress notification options being available to you. You may cancel your consent at any time with effect for the future here: email@example.com
7. Web fonts
Our websites and services use so-called web fonts. These are digital fonts provided by third party providers.
We use fonts.com, fonts.net and fast.fonts.net plus myfonts.net, each a font service provided by Linotype GmbH, Werner-Reimers-Straße 2-4, 61352 Bad Homburg (fonts.com) and its umbrella organisation Monotype Imaging Holdings Inc., 600 Unicorn Park Drive, Woburn, Massachusetts 01801 USA. Every time our websites are visited or every time our services are used, files from a fonts.com server or the servers belonging to it are downloaded in a specific font. When this is done your IP address or device ID may be sent to a server of fonts.com and saved as a part of the normal weblog. It shall be incumbent upon fonts.com to process this information. You may find the corresponding terms, conditions and settings in the data protection information of fonts.com:
Our websites and the app use the services of Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043 USA (Google).
8.1. Google LogIn
We offer you, inter alia the opportunity to register for our service with a LogIn via Google. Then you will not have to register again and will not be able to do so either. To register you will be passed on by the Google page so that you can register from this page with your account details, for which you will of course have to enter your account details. As a result of this your Google profile and our service will be linked. As a result of the link we will automatically receive the following information from Google LLC:
- First name, surname
- Profile picture, consequently identification data
- E-mail address
We use this data for the LogIn procedure and we do not send any information about this to Google. This data is absolutely essential for the LogIn and for entering into a contract and using the services requiring a LogIn.
Additional information about Google-LogIn and the data protection measures can be found in the data protection information and terms and conditions of use of Google LLC at: https://www.google.de/intl/de/policies/
8.2. Google Analytics
Moreover, we use Google Analytics , a (Web-) analysis service of Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043 USA (Google). Google Analytics uses, inter alia, so-called cookies, that is, small text files which are saved on your device and which make it possible to analyse the usage of our services by you, and Java-Script. The information generated by the cookie about your usage of the respective website, be it via browser or app will, as a rule, be sent to a Google server in the USA and saved there.
Since, as a matter of principle, anonymisation of visitor IP addresses is activated by means of the plugin „_anonymizeIp()", your IP address will, according to Google, be abbreviated beforehand upon receipt by Google while it is still within the jurisdiction of the member states of the European Union or in other signatory states of the agreement on the European Economic Area and this means that it will not be possible to work out your identity. Only in exceptional cases will the full IP address be sent over to a Google server in the USA and abbreviated there.
Google will use this information on behalf of the operator of our website and services to evaluate your usage of the website and services with the aim of compiling reports on website and service activities and in order to render additional services associated with the website and services and internet usage for the services operator. According to Google, the IP address and device ID handed over by your browser or device a part of Google analytics will, not be merged together with other Google data.
You can prevent cookies from being saved by setting your browser and device software accordingly; we would however point out to you that in this case it is possible that you will not be able to use all the functions of this service in full. In addition to this you may prevent the data generated by the cookie relating to your use of the services (incl. Your IP address) from being logged and processed by Google by downloading and installing the PlugIn available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
If you have granted us your consent to analyse your user behaviour, we shall be reliant upon processing your non-anonymised data, in order to fulfil this purpose. In this case the "anonymizeIP" PlugIn cannot be activated.
8.3. Google AdServices, Conversion
On our website we use the Remarketing / Retargeting and Conversion-Tracking functions of Google Adservices (also called: Google Ads), a service of the firm Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA (hereinafter known as Google) including Google Tag Manager, Google Display Ads und Google Search Ads. Google is in this connection the order processor within the meaning of Art. 28 GDPR. We have entered into a corresponding order processing contract with Google.
The retargeting function serves to present website visitors within the Google advertising network with advertisements related to their interests. It is in turn possible for us to identify via the Conversion Tracking function how effective the advertisements placed by us and clicked on by website visitors are and whether these result in activities on the website, such as, for example, purchases or log-ins.
When Google AdServices is used the following data will be logged and forwarded to Google in the USA: data on the device and browser (hostname, browser model, referrer, language), IP address as well as the respective user interaction on our website as well as on other websites on which our advertisements are placed (e.g. which pages a user visits, which products the user selects and buys, which advertisements the user clicks on. In addition to this, a random pseudonym ID is allotted to the user by means of a cookie, to which the above information is assigned. We are aware that there are legal misgivings about the transfer of data to the USA, since the so-called privacy shield does not exist there (any more). Accordingly we are offering you the opportunity to make use of your right to lodge an objection (see below).
Google Search Ads 360: this tool is share of the Google Marketing Platform and serves for the central administration of marketing campaigns on different search engines.
Information about data protection at Google Ads can be found at: ads.google.com/intl/de_de/home/faq/gdpr/
8.4. Google-Tag Manager
In connection with Google Analytics and Google AdServices we also use the Google Tag Manager. This solution makes it possible to tie in Google Analytics and Google Ads technically on the website. The Google tag manager functions as a container in the form of a collection of tags, triggers variables and pertinent configurations which are tied into a website or mobile app. A tag is a code fragment, which stipulates which data under which preconditions may be logged by the tools used. All other tags are replaced by a tag manager container, which has been inserted into the code of our website or app – including tags from Google Ads, Google Analytics plus Drittanbieter-Tags.
The Google data protection information about this tool may be found here: marketingplatform.google.com/about/analytics/tag-manager/use-policy/.
8.5. Google Search Ads
On our website we use the Search Ads 360 service from Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, which supports advertisers in the production, management and optimisation of campaigns running across search engines. In doing so Search Ads 360 uses floodlight-tags to log conversions. This means that not only display advertising but also search advertising can be followed up and evaluated, as a result of which the duplication of cross channel conversions can be prevented, and at the same time a more accurate picture of the advertising articles placed can be created. The collection and evaluation in doing so is carried out only on the basis of a pseudonym, so that it is not possible to work out your identity as a matter of principle.
In addition to this, we save Google Click ID (GCLID), in order to be able to evaluate how successful our advertising campaigns have been. Share of the sales value is attributed to a GCLID. The attributed sales value is returned to Google by means of the GCLID in order to assess the placement of the advertisements and to optimise them.
The cookies saved by Search Ads 360 will be deleted within 90 days at the latest. You can find further information about Google's data protection and the terms and conditions of use at: https://policies.google.com/privacy?hl=de
8.6. Google Maps
The webpages of Brauerei C. & A. VELTINS GmbH & Co. KG use the Google Maps API, in order to present geographical information in a visual format. When using Google Maps, data about the use of the map functions by visitors to the webpages is also collected, processed and used by Google (Google LLC, 1600 Amphitheatre Parkway, Mountain View, California, 94043), More detailed information about how data is processed by Google can be found in the Google data protection information which can be downloaded from www.google.com/privacypolicy.html.
We use the technical platforms and services of YouTube LLC, San Bruno, California, USA, a subsidiary of Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043 USA (Google), for the information services offered by us on websites, in particular the YouTube -Plugin, which operates in Europe under Google Ireland Limited (Google), a company incorporated and operated under Irish law (Log-in number 368047) with its registered office at Gordon House, Barrow Street, Dublin 4, Ireland.
In order, for example, to draw attention to our services and in order to contact you as a visitor and user of our website, we avail ourselves of the services of Google and the Google group (YouTube) to safeguard our justified interests in accordance with Art. 6 Para 1 f) GDPR, and to fulfil specific legal transactions with you in accordance with Art. 6 Para 1 b) GDPR.
The Plugins of the YouTube information service are marked with a YouTube-Logo or the supplement "YouTube PlugIn" or similar. If you log into a website of the responsible party – that means us – containing this type of PlugIn, a direct link with the Google servers is established by clicking on the icon. The content of the Plugins will be transferred from there direct to your browser and linked to the website by it. By integrating the Plugins Google obtains inter alia the information that you have logged into the corresponding webpage on our website. If you for, example, have logged in to YouTube or Google, Google is able to allocate the visit to your personal account. If you interact with the Plugins, for example by clicking on a reaction button, or by posting a comment, the corresponding information will be transferred directly from your browser to Google and saved by it. The purpose and scope of collecting data and subsequent data processing and use by Google as well as your rights with regard to this and your setting options for protecting your privacy can be found in the above named Google data protection information. If you do not want Google to collect data about our website, Plugins use and data about you, you will have to log out prior to visiting our website and deactivate the "remain registered" function, delete the cookies on your device and close down your browser and start up again. Please note the following: if you access interactive functions on the webpage, the Google log-in screen prompt may possibly appear again, After a (new) log-in you will be identified by Google as a specific user again.
Insofar as you grant us the corresponding consent, we shall link our YouTube channel with Google-AdServices-Tool named above in order to be able to offer you personalised offers tailored to meet your interests.
8.8. Google general
In general the following will apply:
Google will not state definitively and clearly, and we do not know, the manner in which Google uses the data generated by visits to Google websites for its own purposes, the extent to which activities on the Google webpages can be allocated to individual users, how long Google will save this data and whether data generated by a visit to the Google webpages and to those of its subsidiaries will be passed on to third parties. When accessing a website belonging to Google the IP address allocated to your device will be sent to, and saved by, Google. In addition to this, Google will save information about the devices of its users (e.g. as a part of the "Report notification" function); this means that it may be possible for Google to match up IP addresses with individual users. If you as a user are currently registered with Google services, there will be a cookie on your device with your Google user name. As a result of this Google will be in a position to track down that you have visited this page and how you have used it. This shall also apply for all other Google webpages or webpages of companies belonging to it.
It is, moreover, possible for Google via YouTube buttons integrated in websites, to log your visits on these websites and to allocated them to your Google profile. On the basis of this data contents or advertising may be offered to you on a bespoke basis.
Otherwise we refer to the following information and the statements made by Google and its companies which you can read:
We would draw your attention to the fact that you are using these webpages and their functions at your own responsibility. This shall apply in particular for the use of the interactive functions (e.g. comment, share, assessment).
If you are a member of Google and its companies, (YouTube, Dialogflow), then data about your visits to our website will automatically be passed on to Google; this is beyond our control. For additional information about this we would ask you to refer to the Google data protection information at https://policies.google.com/privacy?hl=de&gl=de.
We are unable to give precise and full details about whether, and the extent to which, information can be matched up with you by Google. Given this, we refer once again to the Google data protection information and statements.
9. Individual external function providers, in particular, social media
We access the technical platforms and services of Meta Platforms Ireland Ltd., 4 Grand Canal Square Grand Canal Harbour, Dublin 2, Ireland and possibly Meta Platforms__Inc., 1601 Willow Road, Menlo Park, CA 94304, USA, known in these information as Meta, for the information services offered by us, e.g. in our Facebook fanpages and in the app (e.g. for logging in via your Facebook account, so-called Facebook-Connect).
In order to draw attention to our services, and to contact you as a visitor to and user of our services, we use the services of Meta and the Meta group (Facebook, Instagram, WhatsApp) to safeguard our justified interests in accordance with Art. 6 Para 1 f) GDPR, and to fulfil specific legal transactions with you in accordance with Art. 6 Para 1 b) GDPR).
In general the following shall apply:
Meta will not state definitively and clearly, and we do not know the manner in which Meta uses the data generated by visits to Meta services for its own purposes, the extent to which activities on the Meta webpages can be allocated to individual users, how long Meta will save this data and whether data generated by a visit to the Meta services and to those of its subsidiaries will be passed on to third parties. When accessing a Meta or Facebook service the IP address allocated to your device will be sent to Meta. In addition to this, according to the information provided by Meta and Facebook, this IP address (also device ID) is supposedly anonymised (for "German" IP addresses) and deleted after 90 days. In addition to this, Meta saves information about its users' devices (e.g. as share of the "Report notification" function); this means that it may be possible for Google to match up IP addresses with individual users. If you as a user are currently registered with a Meta service, there will be a cookie on your device with your user name which can be identified on it. As a result of this Meta is able to track down that you are using this service and how you have used it. This shall also apply for all other Meta services.
It is, moreover, possible for Meta via Facebook buttons integrated in our services, to log your visits on these websites and to allocated them to your Facebook profile. This data may be used to offer content and advertising tailored to you.
Otherwise we refer to the following information and the statements made by Meta and its companies. Insofar as we give information about Facebook, WhatsApp or Instagram, this also includes Meta Platforms, Inc. (Meta):
We would draw your attention to the fact that you are using Facebook and its functions at your own responsibility. This shall apply in particular for using interactive functions (e.g. commenting, sharing, reacting).
If you are a member of the social Meta network Facebook and the companies belonging to it (inter alia Instagram, WhatsApp), then data about your visit and the use of our services will automatically be forwarded to Facebook and Meta. This is beyond our control. For additional information about this we would ask you to refer to the Facebook data protection information athttps://de-de.facebook.com/about/privacy.
You can find all the data directives provided by Facebook here: https://de-de.facebook.com/full_data_use_policy
Our services can use social Plugins ("plugins") in the facebook.com social network, which is operated by Meta Platforms__Inc., 1601 Willow Road, Menlo Park, CA 94304, USA, ("Facebook"). The plugins are marked with a Facebook logo or the supplement "Facebook Social plugin". If you log into a website of the responsible party – that means us – or use our services containing this type of plugin, by clicking on the icon a direct link is established with the Facebook servers. The content of the Plugins will be sent by Facebook directly to your browser and device and integrated by this. As a result of the plugins being integrated Facebook will receive the information that you have logged into the corresponding page on our website or have used our services. If you have logged in, Facebook may match up the use of our services with your Facebook account. If you interact with the plugins, e.g. use the "Like" button or submit a comment, the corresponding information will be sent direct from your device to Facebook or Meta, and saved there. The objective and scope of collecting data and subsequent processing and use of the data by Facebook as well as your rights with regard to this and settings to protect your privacy can be found in the above named Facebook data protection information. If you do not wish Facebook to collect data about you via our website when the plugins are used, you will have to log out from Facebook prior to visiting our website and deactivate the "remain logged in" function which deletes the cookies on your device and terminates your browser and restarts. Please note the following: if you resort to interactive function on the page (Like, comment, share, news etc.) a Facebook review prompt will appear. Following a (new) login you will be recognised again by Facebook as a specific user.
Nevertheless, in spite of logging out or other counter measures, we cannot rule out that Facebook, this means the Meta group and any other (third party) businesses there may be may be able to match up your personal data with you and possibly forward it to other bodies. We would ask that you take this into account each time when visiting our website.
We are offering you the option to log in for our services with Facebook-Connect as well. An additional registration will then no longer be necessary and possibly no longer possible. To log in you will be forwarded to the Facebook page from which you can log in with your account data. As a result of this your Facebook profile and our service will be linked up and we will automatically receive the following information from Facebook or Meta Platforms:
- Surname, first name
- Profile photograph, consequently user name data
- E-mail address
We use this data for the log-in procedure and do not send any data about this to Facebook. This data is absolutely essential for logging in and entering into a contract and using the services requiring a log-in.
Additional information about Facebook-Connect and the data protection measures can be found in the data protection information (https://de-de.facebook.com/about/privacy) and in the Facebook Inc. terms and conditions of use (https://www.facebook.com/legal/terms ).
9.1.2 Facebook Insights
When visiting our Facebook page and when using our services, Facebook or Meta records inter alia your IP address as well as additional information which exists, or may exist, on your device in the form of cookies. This information will be used to provide us as operators of the Facebook pages with statistical information about the use of Facebook services.
Facebook provides further information about this at the following link: https://de-de.facebook.com/help/pages/insights
We can also download statistical data in various categories via these so-called insights from Facebook. These statistics will be generated and provided by Facebook, regardless of whether you are a Facebook member or are logged in or logged out.
As an operator we have no control over the webpage. We cannot remove this function or prevent the data from being collected and processed. For a selected period of time as well as for the categories Fan, Subscriber, Persons contacted and Interacting persons we are provided by Facebook with the following data relating to our Facebook webpages:
- Total number of page log-ins,
- Page activities,
- Article interactions,
- Video views,
- Article coverage,
- Shared contents,
- Proportion of men to women,
- Location in terms of town and country,
- Logins and clicks in the shop,
- Clicks on route planner,
- Clicks on phone numbers,
- Types of devices used.
Likewise by these means data is provided about the Facebook groups linked with our Facebook pages. This takes place as part of joint responsibility in the view of Facebook (Joint Controllership within the meaning of Art. 26 GDPR) between us and Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, although we have no control over data processing at Facebook, in particular on the means and purposes underlying data processing.
The corresponding agreement in accordance with 26 GDPR may be viewed concerning the progress made on putting together this data protection information.
In some applications in which Facebook collaborates with business or other third parties, Facebook may however act as a data processor. This includes in particular "Custom Audiences", measurements and analyses. Corresponding agreements have been entered into with Meta and Facebook, WhatsApp and Instagram.
As a result of on-going development at Facebook, the availability and formatting of data changes so that we refer to the version of the Facebook data protection information currently in force already named above for further details about this. We use this data available in an aggregated (i.e. anonymised) format to make our articles and activities in our Facebook pages more attractive to visitors. Consequently we use, for example, distribution by age and sex to enable us to target groups selectively. The preferred visiting times of the users help us to plan the display of our articles at the best time. Information about the type of devices used and by visitors to our Facebook pages help us to adjust articles to reflect this in terms of visual design. In accordance with the Facebook terms and conditions of use to which every user has granted consent at part of setting up a Facebook profile, we are able to identify the subscribers and fans of the page and look at their profiles as well as other shared information.
9.1.3. Facebook Pixel (Custom Audiences)
Within the information services offered by us we use the so-called "Facebook-Pixel" and in doing so we avail ourselves for this of the services of Meta Platforms Ireland Ltd., 4 Grand Canal Square Grand Canal Harbour, Dublin 2, Ireland and possibly Meta Platforms__Inc., 1601 Willow Road, Menlo Park, CA 94304, USA.
By using this service we pursue marketing objectives, in particular approaching users of our service who have already used our service again (so-called retargeting). We use the Facebook-Custom-Audiences-Pixel to show the Facebook –Ads placed by us chiefly to only those Facebook users who have shown an interest in our online offer or show the specific characteristics (e.g. interest in specific topics or products determined on the basis of visited websites), which we show via Facebook (so-called "Custom Audiences"). With the assistance of the Facebook-Pixel we would also like to ensure that our Facebook-Ads are compatible with the potential interests of the Users and do not annoy them. With the assistance of the Facebook-Pixel we can make it easier to understand how effective the Facebook advertising tools are for statistical and marketing research purposes, by seeing whether users have been forwarded to our website after having clicked on Facebook advertisement (so-called "Conversion").
In order to make it possible to use the service, your Facebook-ID, that is a combination of figures, which are clearly attributable to you and any Facebook profile you may possibly have, is sent by us to Facebook including the data about usage of our services. Any real names, your Facebook Profile name or other personal details will not be divulged by us to Facebook.
With the declaration entered by you before using our services as part of the "Age-Gate" Pop-Up you have granted your consent to the use of this service, if necessary, by us.
This consent may be revoked by you at any time by using the Opt-Out-Option granted to you via the following link:
Further details about the Pixel used can be found in the help section of Facebook here:
Furthermore, the Facebook basic data usage directive provides information in more detail here:
Moreover, the information already named on the integration of Facebook within this section shall apply accordingly.
We avail ourselves of the technical platforms and services of Meta Platforms Ireland Ltd., 4 Grand Canal Square Grand Canal Harbour, Dublin 2, Ireland and, if applicable, of Meta Platforms__Inc., 1601 Willow Road, Menlo Park, CA 94304, USA for the information services offered by us on our Instagram websites.
Since Instagram belongs to the Meta group and to Meta Platforms Ireland ltd. and Meta Platforms, Inc. are (also) responsible parties within the meaning of the German Data Protection Act , the information named under the above point about Facebook shall apply.
The Instagram data protection information can be found here: https://help.instagram.com/519522125107875
In addition to the above, Plugins of the Instagram social network are used. Instagram is operated by Meta Platforms__Inc., 1601 Willow Road, Menlo Park, CA 94304, USA, and insofar as you visit Facebook pages when you are in the EU/EEA Instagram is operated by Meta Platforms Ltd., 4 Grand Canal Square, Dublin 2, Ireland. If you visit websites having this sort of Instagram-PlugIn, your data stating which websites you have visited will be sent to the server used by Meta Platforms Inc.
Given this, the Facebook information under 9.1 shall apply analogously here too.
9.3. CleverPush (push-messages)
Within the app we use the service (Push-message service) from _ CleverPush GmbH , Spaldingstr. 210,_ 20097 Hamburg (CleverPush) in order to send push-messages, provided that you have granted your consent to receiving them. CleverPush receives the following information when registering with and using the service: a so-called push-ID, with which the message can be addressed to the device, as well as the IP address of the device, with which this calls up the server of CleverPush. The IP address will be shortened by the last three digits in order to carry out an approximate geolocalisation (Location data) of the device otherwise not saved. Moreover, the following will be processed: information about the model of the device used, the language as well as the version of the operating system and the time zone to which the device is set. This data is used to be able to transmit the desired push-messages, to specify the language of the push-message and the time at which the message is sent as well as to work out what type of messages the device can show for technical reasons.
The data protection information and other information about CleverPush can be found at:
We incorporate this company for the push functions because it makes it easier for our service and makes the push messages economic. The legal basis for data processing for these purposes is Art. 6 Para 1 a), b) and f) GDPR.
When opening our app for the first time you will be asked whether you would like to receive push messages from us. The purpose of this is, for example, to send you messages automatically, tell you about new developments or notify you of other specific features.
The general terms and conditions of business (T&Cs) of CleverPush GmbH shall govern the use of the push messaging service separately and independently of our T&Cs or this data protection information.
A necessary order processing contract with CleverPush has been entered into. CleverPush guarantees a reasonable level of data protection with regard to processing your personal data.
CleverPush likewise fulfils the information duties applicable for you separately in accordance with Art. 12 et seq. GDPR.
You may at any time allow or prevent the receipt of push messages by adjusting the settings in your device.
10. Payment / Financial services
On some of our websites and within our services in particular in the VELTINS-Shop (https://secure.veltins.de/shop/) we use online payment services, if you select these methods of payment.
As part of the respective transactions for the fulfilment of the contract in accordance with Art. 6 Para 1 b) GDPR your personal data required for this will be sent to the independent responsible party concerned.
To date we have used the online payment service of PayPal (Europe) S.à r.l. et Cie, S.C.A. 22-24 Boulevard Royal, L-2449 Luxembourg, which is a bank within the European Union subject to the supervision of supervisory authority responsible for you, the Luxembourg banking supervisory body CSSF (Commission de Surveillance du Secteur Financier).
More detailed information about data processing information by PayPal can be found at
11. Data Protection Officer
Should you have any queries or specific information in connection with asserting your rights (no 13), or in the event of cancellation of any consent you may have granted concerning the use of your data, please contact our data protection officer:
It goes without saying that you may also contact our data protection officer at the following address by writing, telephone, fax and e-mail:
Brauerei C. & A. Veltins GmbH & Co. KG An der Streue
Tel: +49 2934 959 0
Fax: +49 2934 959 493
12. Your rights
You have the following rights:
- In accordance with Art. 15 GDPR, to request information about your personal data processed by us. In particular you may request information about the purpose for which the data is being processed, the classification of the personal data, the classification of the recipients to whom your data has been or will be disclosed, the intended length of time for which it is to be saved, the existence of your right to have corrections made, your data deleted, processing restricted or objection to processing, the existence of your right to lodge a complaint, the origin of your data, insofar as it was not collected by us, as well as on the existence of an automated decision-making process including profiling and, if applicable, meaningful information about its details;
- In accordance with Art. 16 GDPR, to request that your personal data saved by us is, if incorrect, corrected, or completed;
- In accordance with Art. 17 GDPR, to request that your personal data saved by us is deleted, insofar as processing is not required to exercise the right to freedom of speech and information to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
- In accordance with Art. 18 GDPR, to request the restriction of processing your personal data, insofar as the correctness of the data is contested by you, processing is unlawful, you reject its deletion and we no longer need the data, but you need it however to assert, exercise or defend legal rights or you have lodged an objection to processing in accordance with Art. 21 GDPR;
- In accordance with Art. 20 GDPR, to request that you receive your personal data with which you have provided us in a structured, common format which can be read by a computer or you request that the data is sent to another responsible party;
- In accordance with Art. 7 Abs. 3 GDPR, to revoke at any time your consent you have granted to us beforehand. The result of this will be that we may in future no longer continue data processing based upon this consent and
- In accordance with Art. 77 GDPR, to lodge a complaint with a supervisory authority. As a rule you may contact the supervisory authority in your normal place of residence or place of work or where our business is based to do so. The supervisory body responsible for the responsible party is:
Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen Kavalleriestr. 2-4
More detailed information about their authority, work and data processing carried out by the supervisory authorities may be found in their information about this at https://www.ldi.nrw.de/ .
13. Up-to-dateness and amendment of this data protection information
This data protection information is currently valid and is dated March 2022.
It may become necessary as a result of developing our website and offers or as a result of a change in the statutory or official regulations to amend this data protection information. The current data protection information may be downloaded and printed at any time from the website
Insofar as you so wish, we can also provide you with this data protection information as a digital pdf document. Please contact our data protection officer should you so wish.
Information about your right to lodge an objection in accordance with Art 21 GDPR
Right to lodge an objection relating to a specific case
You have the right to lodge an objection at any time against how personal data affecting you is processed for reasons attributable to your personal circumstances. Your objection will be based upon Art. 6 Para 1 e) or f) GDPR. This shall also apply for profiling based upon these terms and conditions.
We use your personal data for direct advertising. Therefore you will be entitled to lodge an objection to personal data relating to you being processed for the purposes of such advertising at any time; this shall also apply for profiling, provided that it is connected to such direct advertising.
If you object to processing for the purposes of direct advertising, the personal data will no longer be used for these purposes.
If you lodge an objection, we shall stop processing your personal data, unless we are able to demonstrate compelling reasons justifying processing prevailing over your interests, rights and freedoms, or if processing serves to assert, exercise or defend legal claims.
Recipient of an objection
There is no set format for submitting an objection and you may lodge an objection by simply stating your name, address, and date of birth. Your objection should be addressed to:
Brauerei C. & A. VELTINS GmbH & Co. KG An der Streue
Fax: +49 -2934-959-493
(if necessary marked for the attention of our data protection officer).
In the event that you revoke your consent(s) we would likewise request that you contact us at the contact details above.