Data protection declaration according to the GDPR
- Name and address of the person responsible
The person responsible within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is:
Agency Fresh International (AGF for short)
Consulting GmbH & Co. KG
Phone: +49 (0) 30 32 89 68 83
- Name and address of the data protection officer
David Frisch, firstname.lastname@example.org
III. General information on data processing
This data protection declaration regulates the collection, processing and use (hereinafter also referred to as “processing”) of your personal data if and to the extent that they arise when using our website and/or our app, or if you contact us in the course of initiating or implementing a contract or request information from us. When handling this data, we act in strict compliance with the relevant statutory data protection regulations and the following principles.
We observe the principles of data processing in accordance with Article 5 of the GDPR. Your data will only be stored for specified purposes, limited to what is necessary, up to date, only for a specific purpose of collection and processed with appropriate security.
- Scope of processing of personal data
In principle, we collect and use personal data of our users only insofar as this is necessary for the execution of our contracts. After fulfilling the contractual obligations, we only process this data after you have given your consent. An exception applies in such cases in which prior consent cannot be obtained for actual reasons or the processing of the data is permitted by statutory provisions.
- Legal basis for processing personal data
Insofar as we obtain the consent of the person concerned for the processing of personal data, Art. 6 para. 1 lit. a GDPR as the legal basis. When processing personal data that is required to fulfill a contract to which the data subject is a party, Art. 6 para. 1 lit. b GDPR as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures. Insofar as processing of personal data is necessary to fulfill a legal obligation to which our company is subject, Art. 6 para. 1 lit. c GDPR as the legal basis. If the processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and fundamental freedoms of the person concerned do not outweigh the first interest, Art. 6 para. 1 lit. f GDPR as the legal basis for processing.
- Data Erasure and Storage Duration
The personal data of the person concerned will be deleted or blocked as soon as the purpose of storage no longer applies. Storage can also take place if this has been provided for by the European or national legislator in EU regulations, laws or other regulations to which the person responsible is subject. The data will also be blocked or deleted if a storage period prescribed by the standards mentioned expires, unless there is a need for further storage of the data for the conclusion or fulfillment of a contract.
- Data processing in connection with the provision of quality assurance, transport and logistics services
The provision of quality assurance, transport and logistics services by the agency Frisch International Consulting GmbH & Co. KG sometimes requires the processing of personal data. It may be necessary for us to process personal data before the conclusion of a contract (e.g. as part of the preparation of an offer) and during the execution of the contract.
Personal and business contact data (e.g. surname, first name, company, physical address, e-mail address, telephone number and/or fax number), the processing of which is essential for the provision of our services, may include the data categories listed below. In individual cases, however, the processing of other categories of data may be necessary, such as:
– Shipping and carriage information (e.g.:
o Shipping-related contact details of carriers and recipients, their physical address, email address and telephone number
o Signature of the acknowledgment of receipt
o Account details, as well
o other information that makes it easier for us to provide our services) and information that is communicated to us regarding the goods to be checked or transported, but only to the extent that this is personal data.
– Information that enables us to verify an individual’s identity.
– The name, email address and telephone number of a third party if we are asked to provide this person with information regarding a transport or other service.
– Payment information and financial data (e.g. account details)
– Tax information if you use services that require the processing of tax data.
– Other personal data that you or third parties provide to us in the course of providing our services
If you transmit personal data to Agentur Frisch International Consulting GmbH & Co. KG, please ensure that this data is relevant, accurate and necessary for the initiation or implementation of the business relationship. In particular, if you transmit data that is related to a third person, you are legally obliged to observe the general data protection principles.
If we collect freight, deliver goods or provide other services, we may process address information. Such information for locating an address may also include GPS data, geocodes, degrees of latitude/longitude and graphic representations/images in individual cases.
Certain information about the quality checks and transport information is transmitted to authorities in transit or destination countries, for example for reasons of customs or tax law, or to carry out a security check. This transmission depends on the legal regulations in the transit or destination country.
As a rule, such data records contain the following individual information, although there may be deviations in individual cases due to legal reasons: Name and address of the sender, name and address of the recipient, description of the goods transported, if applicable, number of goods, weight and value of the load.
In individual cases, we transmit personal data to a country other than the one in which the data was collected. Data is primarily transferred for the purpose of providing our services, for example to other companies in the Agentur Frisch International Consulting GmbH & Co. KG Group, agents who work on behalf of Agentur Frisch International Consulting GmbH & Co. KG or other companies affiliated with us . Please note that the agency Frisch International Consulting GmbH & Co. KG works with a number of partners in order to be able to offer you the best possible service (e.g. subcontractors such as transport and logistics companies, ports, warehouses, etc.). This, too, may require the transmission of personal information to the extent permitted by law.
Please also note that the agency Frisch International Consulting GmbH & Co. KG is not able to offer you our services for technical and legal reasons if you partially or completely object to this data processing and transmission.
The states to which we transfer information may have data protection laws that differ from the standards of the jurisdiction under which you submitted the information to us. If we transmit data to other countries, we protect your data in accordance with this data protection declaration and in compliance with the applicable legal requirements.
In the case of the transfer of personal data between legal systems whose level of protection differs, we will orientate ourselves to the stricter legal requirements. We apply specific contracts for the protection of personal data (e.g. the EU Commission’s model contracts for data transfers to third countries) and we regularly work together with our partners and contractors to jointly ensure compliance with all applicable legal requirements.
Further information regarding the data that is processed in the course of installing or using our website or the agency Frisch International Consulting GmbH & Co. KG App can be found in the relevant section of this data protection declaration.
- Provision of the website and creation of log files
- Description and scope of data processing
Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing computer. The following data is collected here:
(1) Information about the browser type and version used
(2) The user’s operating system
(3) The user’s internet service provider
(4) The IP address of the user
(5) Date and time of access
(6) Websites accessed by the user’s system via our website
The data is also stored in the log files of our system. This data is not stored together with other personal data of the user.
- Legal basis for data processing
The legal basis for the temporary storage of the data and the log files is Art. 6 para. 1 lit. f GDPR.
- purpose of data processing
The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user’s computer. For this purpose, the IP address of the user must remain stored for the duration of the session. Storage in log files takes place to ensure the functionality of the website. In addition, we use the data to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context. Our legitimate interest in data processing according to Art. 6 para. 1 lit. f GDPR.
- Duration of storage
The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended. If the data is stored in log files, this is the case after seven days at the latest. Storage beyond this is possible. In this case, the IP addresses of the users are deleted or alienated so that it is no longer possible to assign the calling client.
- Possibility of objection and elimination
The collection of the data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility of objection on the part of the user.
- Description and scope of data processing
The following data can be transmitted in this way:
(1) Entered search terms
(2) Frequency of page views
(3) Use of Website Features
The user data collected in this way is pseudonymized by technical precautions. It is therefore no longer possible to assign the data to the calling user. The data is not stored together with other personal data of the user.
- Legal basis for data processing
The legal basis for the processing of personal data using technically necessary cookies is Art. 6 para. 1 lit. f GDPR. The legal basis
for the processing of personal data using cookies for analysis purposes, if the user has given his consent, Art. 6 para. 1 lit. a GDPR.
- purpose of data processing
Analysis cookies are used to improve the quality of our website and its content. Through the analysis cookies we learn how the website is used and can thus continuously optimize our offer.
Our legitimate interest in the processing of personal data according to Art. 6 para. 1 lit. f GDPR.
- Duration of storage, possibility of objection and removal
Cookie consent with Borlabs Cookie
Our website uses Borlabs Cookie’s cookie consent technology to obtain your consent to the storage of certain cookies in your browser and to document this in compliance with data protection regulations. The provider of this technology is Borlabs – Benjamin A. Bornschein, Georg-Wilhelm-Str. 17, 21107 Hamburg (hereinafter Borlabs).
When you enter our website, a Borlabs cookie is stored in your browser, which stores the consent you have given or the withdrawal of this consent. This data is not passed on to the provider of Borlabs Cookie.
The collected data is stored until you ask us to delete it or delete the Borlabs cookie yourself or the purpose for storing the data no longer applies. Mandatory statutory retention periods remain unaffected. Details on data processing by Borlabs Cookie can be found at https://de.borlabs.io/kb/which-data-stores-borlabs-cookie/
Here you can customize or deactivate all non-technically required cookies.
- Google Analytics
This website uses Google Analytics, a web analytics service provided by Google Inc. (“Google”). Google Analytics uses so-called “cookies”, text files that are stored on your computer and enable an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. If IP anonymization is activated on this website, your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area.
Only in exceptional cases will the full IP address be sent to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
You can prevent the storage of cookies by setting your browser software accordingly; we would like to point out to you however that in this case you will if applicable not be able to use all functions of this website in full. You can also prevent Google from collecting the data generated by the cookie and related to your use of the website (including your IP address) and from processing this data by Google by downloading the browser plug-in available under the following link and install: http://tools.google.com/dlpage/gaoptout?hl=de
We only send newsletters in exceptional cases. If you subscribe to our company’s newsletter, the data will be transmitted in the respective input mask for processing. Registration for our newsletter takes place in a so-called double opt-in procedure. This means that after registration you will receive an e-mail in which you will be asked to confirm your registration. This confirmation is necessary so that nobody can register with someone else’s e-mail address. When registering for the newsletter, the IP address of the user and the date and time of registration are saved. This serves to prevent misuse of the services or the e-mail address of the person concerned. The data will not be passed on to third parties. There is an exception if there is a legal obligation to pass it on. The data will only be used to send the newsletter. The subscription to the newsletter can be canceled by the data subject at any time. Likewise, the consent to the storage of personal data can be revoked at any time. For this purpose, there is a corresponding link in every newsletter. The legal basis for the processing of the data after the user has registered for the newsletter is Art. 6 para. 1 lit. a) GDPR. The legal basis for sending the newsletter as a result of the sale of goods or services is Section 7 Para. 3 UWG.
VII. Registration with Track & Tracce or Internet shipment registration, among other things
If the registration serves to fulfill a contract to which the user is a party or to carry out pre-contractual measures, the additional legal basis for the processing of the data is Art. 6 para. 1 lit. b GDPR.
- purpose of data processing
Registration of the user is required for the provision of certain content and services on our website.
Registration of the user is required to fulfill a contract (track & trace) with the user or to carry out pre-contractual measures.
- Duration of storage
The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. This is the case for the data collected during the registration process if the registration on our website is canceled or changed. This is the case during the registration process to fulfill a contract or to carry out pre-contractual measures if the data is no longer required for the execution of the contract. Even after the conclusion of the contract, it may be necessary to store personal data of the contractual partner in order to comply with contractual or legal obligations.
- Possibility of objection and elimination
As a user, you have the option to cancel the registration at any time. You can have the data stored about you changed at any time.
If the data is required to fulfill a contract or to carry out pre-contractual measures, the data can only be deleted prematurely if there are no contractual or legal obligations to the contrary.
VIII. Rights of the data subject
If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the person responsible:
- right of providing information
You can request confirmation from the person responsible as to whether personal data relating to you is being processed by us. If such processing is present, you can request information from the person responsible for the following information:
(1) the purposes for which the personal data are processed;
(2) the categories of personal data being processed;
(3) the recipients or categories of recipients to whom your personal data has been or will be disclosed;
(4) the planned duration of the storage of the personal data concerning you or, if specific information on this is not possible, criteria for determining the storage duration;
(5) the existence of a right to rectification or erasure of personal data concerning you, a right to restriction of processing by the person responsible or a right to object to this processing;
(6) the existence of a right of appeal to a supervisory authority;
(7) all available information about the origin of the data, if the personal data are not collected from the data subject;
(8) the existence of automated decision-making including profiling in accordance with Art. 22 para. 1 and 4 GDPR and – at least in these cases – meaningful information about the logic involved as well as the scope and intended effects of such processing for the data subject.
You have the right to request information as to whether your personal data is being transmitted to a third country or to an international organization. In this context, you can request information about the appropriate guarantees in accordance with Art. 46 GDPR to be informed in connection with the transfer.
- Right to Rectification
You have a right to correction and/or completion to the person responsible if the processed personal data concerning you is incorrect or incomplete. The person responsible must make the correction immediately.
- Right to restriction of processing
Under the following conditions, you can request the restriction of the processing of your personal data:
(1) if you dispute the accuracy of the personal data concerning you, for a period enabling the person responsible to verify the accuracy of the personal data;
(2) the processing is unlawful and you refuse to have the personal data erased and instead request that the use of the personal data be restricted;
(3) the person responsible no longer needs the personal data for the purposes of processing, but you need them to assert, exercise or defend legal claims, or
(4) if you object to the processing pursuant to Art. 21 para. 1 GDPR
filed and it is not yet certain whether the legitimate reasons of the person responsible outweigh your reasons.
If the processing of the personal data concerning you has been restricted, this data – apart from its storage – may only be used with your consent or to assert, exercise or defend legal claims or to protect the rights of another natural or legal person or for reasons of important public interest of the Union or a Member State are processed. If the restriction of processing has been restricted according to the above conditions, you will be informed by the person responsible before the restriction is lifted.
- Right to Erasure
- Obligation to delete
You can request the person responsible to delete the personal data concerning you immediately, and the person responsible is obliged to delete this data immediately if one of the following reasons applies:
(1) The personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed.
(2) You revoke your consent, on which the processing pursuant to Art. Art. 6 para. 1 lit. a or Art. 9 para. 2 lit. a GDPR and there is no other legal basis for processing.
(3) You lay acc. Art. 21 para. 1 DSGVO objection to the processing and there are no overriding legitimate reasons for the processing, or you submit acc. Art. 21 para. 2 DSGVO objection to the processing.
(4) The personal data concerning you was processed unlawfully.
(5) The deletion of personal data concerning you is necessary to fulfill a legal obligation under Union law or the law of the Member States to which the person responsible is subject.
(6) The personal data concerning you was collected in relation to information society services offered pursuant to Art. 8 para. 1 GDPR. b. information to third parties
Has the person responsible made the personal data concerning you public and is he/she acc. Art. 17 para. 1 GDPR, he shall take appropriate measures, also of a technical nature, taking into account the available technology and the implementation costs, to inform those responsible for data processing who process the personal data that you, as the person concerned, want them to be deleted all links to such personal data or copies or replications of such personal data
The right to erasure does not exist if processing is necessary
(1) to exercise the right to freedom of expression and information;
(2) to fulfill a legal obligation that requires processing under Union or Member State law to which the controller is subject, or to perform a task that is in the public interest or in the exercise of official authority vested in the controller became;
(3) for reasons of public interest in the field of public health pursuant to Art. 9 para. 2 lit. h and i as well as Art. 9 para. 3 GDPR;
(4) for archiving purposes in the public interest, scientific or historical research purposes or for statistical purposes acc. Article 89
Section. 1 GDPR, insofar as the right mentioned under section a) is likely to make it impossible or seriously impair the achievement of the objectives of this processing, or
(5) to assert, exercise or defend legal claims.
- right to information
If you have asserted the right to correction, deletion or restriction of processing against the person responsible, he is obliged to inform all recipients to whom the personal data concerning you have been disclosed of this correction or deletion of the data or restriction of processing, unless this proves to be impossible or involves a disproportionate effort. You have the right vis-à-vis the person responsible to be informed about these recipients.
- Right to data portability
You have the right to receive the personal data concerning you that you have provided to the person responsible in a structured, common and machine-readable format. In addition, you have the right to transmit this data to another person responsible without hindrance by the person responsible for providing the personal data, provided that
(1) the processing is based on consent acc. Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR or on a contract acc. Art. 6 para. 1 lit. b GDPR is based and
(2) the processing is carried out using automated procedures.
In exercising this right, you also have the right to have the personal data concerning you transmitted directly from one person responsible to another person responsible, insofar as this is technically feasible. The freedoms and rights of other people must not be impaired by this. The right to data portability does not apply to processing of personal data that is required to perform a task that is in the public interest or in the exercise of official authority that has been assigned to the controller.
- Right to object
You have the right, for reasons arising from your particular situation, to object at any time to the processing of your personal data, which is based on Art. 6 para. 1 lit. e or f GDPR to file an objection; this also applies to profiling based on these provisions. The person responsible no longer processes the personal data relating to you unless he can demonstrate compelling legitimate grounds for the processing which outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims. Will the personal data concerning you be processed for direct advertising
to operate, you have the right to object at any time to the processing of your personal data for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct advertising.
If you object to the processing for direct marketing purposes, the personal data relating to you will no longer be processed for these purposes. In connection with the use of information society services, you have the option – notwithstanding Directive 2002/58/EC – to exercise your right to object by means of automated procedures that use technical specifications.
- Right to revoke the declaration of consent under data protection law
You have the right to revoke your declaration of consent under data protection law at any time. The revocation of the consent does not affect the legality of the processing carried out on the basis of the consent up to the point of revocation.
- Automated individual decision-making including profiling
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision
(1) is necessary for the conclusion or performance of a contract between you and the person responsible,
(2) is permitted by law of the Union or the Member States to which the person responsible is subject and this law contains appropriate measures to protect your rights and freedoms and your legitimate interests or
(3) with your express consent.
However, these decisions must not be based on special categories of personal data according to Art. 9 para. 1 GDPR, unless Art. 9 para. 2 lit. a or g DSGVO applies and appropriate measures have been taken to protect your rights and freedoms and your legitimate interests.
With regard to the cases referred to in (1) and (3), the person responsible shall take appropriate measures to safeguard your rights and freedoms and your legitimate interests, including at least the right to obtain human intervention on the part of the person responsible, to express his or her point of view and to challenge the decision.
- Right to lodge a complaint with a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the member state of your place of residence, your place of work or the place of the alleged infringement, if you believe that the processing of your personal data is contrary to violates the GDPR. The supervisory authority to which the complaint was lodged will inform the complainant about the status and the results of the complaint, including the possibility of a judicial remedy under Art. 78 GDPR.
11. Social Media
We maintain online presences within social networks and platforms in order to be able to communicate with the customers, interested parties and users active there and to be able to inform them about our services there. When calling up the respective networks and platforms, the terms and conditions and data processing guidelines of their respective operators apply. Unless otherwise stated in our data protection declaration, we process user data if they communicate with us within social networks and platforms, e.g. write posts on our online presence or send us messages.
12. Third Party Access to Your Personal Data
The collection, processing and use of personal data is carried out by us and – unless we have expressly excluded this – also by other companies of a. Agency Frisch International Consulting GmbH & Co. KG Group (group companies) or external service providers commissioned by us and contractually and legally obliged to data protection. In the latter two cases, we will ensure that group companies and external service providers comply with the relevant statutory data protection regulations and the obligations resulting from this data protection declaration. In doing so, we are guided by the legal requirements of the EU General Data Protection Regulation, unless stricter legal requirements are applicable, which must be observed with priority.
In addition, no third party has access to your personal data. We will not sell this data or use it in any other way. We will only transmit data to the responsible authorities if there are official or legal requirements or statutory transmission obligations. This also applies in the event of a court order for the transmission. In the event of an official, legal or judicial obligation to transmit, we will check in individual cases whether the transmission is in line with the principles of the EU General Data Protection Regulation and/or the applicable national law and, if necessary, initiate legal action.
We have taken technical and organizational measures to protect your personal data against loss, alteration, theft or access by unauthorized third parties. Our IT systems are designed in such a way that the agency Frisch International Consulting GmbH & Co. KG complies with the requirements of Art 32 ff. of the EU General Data Protection Regulation.
XIII. children and minors
We do not knowingly process personal data relating to minors under the age of 16, unless we are legally obliged to do so. If we become aware that data has been transmitted to us outside of such a legal obligation without the consent of the parents or other legal guardians, we will delete this data immediately.
XIV. Deletion and Blocking
We delete your personal data when the business purpose associated with the data no longer applies or the relevant statutory data protection regulations require this. In the case of consent, we will delete your data after revocation or omission of the purpose of consent (section 2.).
At your request, we will block personal data in whole or in part, as long as this does not violate an overriding legal interest of the agency Frisch International Consulting GmbH & Co. KG in the processing. Please let us know to what extent and for how long the blocking should take place. As far as technically possible, you can exclude the processing and use of your data for certain areas in this way.
- Payment Information
In our e-business systems (subject to registration) you may have to provide payment data or use payment service providers such as credit card or online payment providers (e.g. PayPal Inc.).
Insofar as AGF uses a third-party payment process, we do not store any credit card data, but rather transfer the handling of the payment process entirely to the third-party service provider. Personal data about you will be processed by the third-party provider in order to be able to provide the corresponding services.
Please inquire with the respective service provider about the relevant data protection regulations and compliance with the applicable laws. If you have any questions about our use of payment service providers, please contact us at email@example.com
The AGF website may contain hyperlinks, ie electronic cross-references, to third-party websites. Since the agency Frisch International Consulting GmbH & Co. KG is not responsible for the content and the data protection legal conformity of the websites of third parties, we ask you to observe the respective data protection declaration on the websites of third parties.