MDX  •   MMXV

PRIVACY POLICY

PRIVACY

Personal data (usually referred to just as "data" below) will only be processed by us to the extent necessary and for the purpose of providing a functional and user-friendly website, including its contents, and the services offered there.

Per Art. 4 No. 1 of Regulation (EU) 2016/679, i.e. the General Data Protection Regulation (hereinafter referred to as the "GDPR"), "processing" refers to any operation or set of operations such as collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment, or combination, restriction, erasure, or destruction performed on personal data, whether by automated means or not.

The following privacy policy is intended to inform you in particular about the type, scope, purpose, duration, and legal basis for the processing of such data either under our own control or in conjunction with others. We also inform you below about the third-party components we use to optimize our website and improve the user experience which may result in said third parties also processing data they collect and control.

Our privacy policy is structured as follows:

I. Information about us as controllers of your data
II. The rights of users and data subjects
III. Information about the data processing

I. Information about us as controllers of your data

WEINGUT STEITZ
Christian Steitz

Mörsfelder Str. 3
55599 Stein-Bockenheim

Germany

Fon: +49. (0)6703. 93080

Fax:  +49. (0)6703. 930890

Email: mail (at) weingut-steitz.de

Link to the Impressum: 

https://weingut-steitz.de/impressum

II. The rights of users and data subjects

With regard to the data processing to be described in more detail below, users and data subjects have the right

  • to confirmation of whether data concerning them is being processed, information about the data being processed, further information about the nature of the data processing, and copies of the data (cf. also Art. 15 GDPR);

  • to correct or complete incorrect or incomplete data (cf. also Art. 16 GDPR);

  • to the immediate deletion of data concerning them (cf. also Art. 17 DSGVO), or, alternatively, if further processing is necessary as stipulated in Art. 17 Para. 3 GDPR, to restrict said processing per Art. 18 GDPR;

  • to receive copies of the data concerning them and/or provided by them and to have the same transmitted to other providers/controllers (cf. also Art. 20 GDPR);

  • to file complaints with the supervisory authority if they believe that data concerning them is being processed by the controller in breach of data protection provisions (see also Art. 77 GDPR).

In addition, the controller is obliged to inform all recipients to whom it discloses data of any such corrections, deletions, or restrictions placed on processing the same per Art. 16, 17 Para. 1, 18 GDPR. However, this obligation does not apply if such notification is impossible or involves a disproportionate effort. Nevertheless, users have a right to information about these recipients.

Likewise, under Art. 21 GDPR, users and data subjects have the right to object to the controller's future processing of their data pursuant to Art. 6 Para. 1 lit. f) GDPR. In particular, an objection to data processing for the purpose of direct advertising is permissible.

 
III. Information about the data processing

Your data processed when using our website will be deleted or blocked as soon as the purpose for its storage ceases to apply, provided the deletion of the same is not in breach of any statutory storage obligations or unless otherwise stipulated below.

Server data

For technical reasons, the following data sent by your internet browser to us or to our server provider will be collected, especially to ensure a secure and stable website: These server log files record the type and version of your browser, operating system, the website from which you came (referrer URL), the webpages on our site visited, the date and time of your visit, as well as the IP address from which you visited our site.

The data thus collected will be temporarily stored, but not in association with any other of your data.

The basis for this storage is Art. 6 Para. 1 lit. f) GDPR. Our legitimate interest lies in the improvement, stability, functionality, and security of our website.

The data will be deleted within no more than seven days, unless continued storage is required for evidentiary purposes. In which case, all or part of the data will be excluded from deletion until the investigation of the relevant incident is finally resolved.

Cookies

a) Session cookies

We use cookies on our website. Cookies are small text files or other storage technologies stored on your computer by your browser. These cookies process certain specific information about you, such as your browser, location data, or IP address.  

This processing makes our website more user-friendly, efficient, and secure, allowing us, for example, to display our website in different languages or to offer a shopping cart function.

The legal basis for such processing is Art. 6 Para. 1 lit. b) GDPR, insofar as these cookies are used to collect data to initiate or process contractual relationships.

If the processing does not serve to initiate or process a contract, our legitimate interest lies in improving the functionality of our website. The legal basis is then Art. 6 Para. 1 lit. f) GDPR.

When you close your browser, these session cookies are deleted.

b) Third-party cookies

If necessary, our website may also use cookies from companies with whom we cooperate for the purpose of advertising, analyzing, or improving the features of our website.

Please refer to the following information for details, in particular for the legal basis and purpose of such third-party collection and processing of data collected through cookies.

c) Disabling cookies

You can refuse the use of cookies by changing the settings on your browser. Likewise, you can use the browser to delete cookies that have already been stored. However, the steps and measures required vary, depending on the browser you use. If you have any questions, please use the help function or consult the documentation for your browser or contact its maker for support. Browser settings cannot prevent so-called flash cookies from being set. Instead, you will need to change the setting of your Flash player. The steps and measures required for this also depend on the Flash player you are using. If you have any questions, please use the help function or consult the documentation for your Flash player or contact its maker for support.

If you prevent or restrict the installation of cookies, not all of the functions on our site may be fully usable.

Order processing

The data you submit when ordering goods and/or services from us will have to be processed in order to fulfill your order. Please note that orders cannot be processed without providing this data.

The legal basis for this processing is Art. 6 Para. 1 lit. b) GDPR.

After your order has been completed, your personal data will be deleted, but only after the retention periods required by tax and commercial law.

In order to process your order, we will share your data with the shipping company responsible for delivery to the extent required to deliver your order and/or with the payment service provider to the extent required to process your payment.

The legal basis for the transfer of this data is Art. 6 Para. 1 lit. b) GDPR.

 
ADMINISTRATION, FINANCIAL ACCOUNTING,
OFFICE ORGANIZATION, CONTACT MANAGEMENT

We process data in the context of administrative tasks and organization of our business, financial accounting and compliance with legal obligations, such as archiving. In doing so, we process the same data that we process in the course of rendering our contractual services. The processing principles are Art. 6 para. 1 lit. c. DSGVO, Art. 6 para. 1 lit. f. DSGVO. The processing affects customers, prospects, business partners and website visitors. The purpose and interest in processing lies in administration, financial accounting, office organization, data archiving, that is, tasks that serve to maintain our business, perform our duties and provide our services. The deletion of the data in terms of contractual performance and contractual communication corresponds to the information provided in these processing activities.
We disclose or transmit data to the financial administration, consultants, such as tax accountants or auditors, and other fee agents and payment service providers.
Furthermore, based on our business interests, we store information about suppliers, promoters and other business partners, e.g. for later contact. We generally store this majority of company-related data permanently.

We process our clients' data as part of our contractual services, which include conceptual and strategic consulting, campaign planning, software and design development / consulting or maintenance, campaign / process / handling implementation, server administration, data analysis / consulting services, and training services.
Here we process stock data (eg, customer master data, such as names or addresses), contact data (eg, e-mail, telephone numbers), content data (eg, text inputs, photographs, videos), contract data (eg, subject matter, term), payment data (eg, Bank account, payment history), usage and metadata (eg in the context of the evaluation and success measurement of marketing measures). In principle, we do not process special categories of personal data, unless these are components of a commissioned processing. Those affected include our customers, prospects and their customers, users, website visitors or employees as well as third parties. The purpose of the processing is the provision of contract services, billing and our customer service. The legal basis of the processing results from Art. 6 para. 1 lit. b DSGVO (contractual services), Art. 6 para. 1 lit. f DSGVO (analysis, statistics, optimization, security measures). We process data that are necessary for the establishment and performance of the contractual services and indicate the necessity of their information. Disclosure to external parties will only be made if required by an order. When processing the data provided to us within the framework of an order, we act in accordance with the instructions of the client as well as with the legal requirements of order processing pursuant to Art. Art. 28 DSGVO and process the data for no other purpose than the order.
We delete the data after expiry of legal warranty and comparable obligations. the necessity of keeping the data is checked every three years; in the case of legal archiving obligations, the deletion takes place after its expiry (6 years, pursuant to § 257 (1) HGB, 10 J, in accordance with § 147 (1) AO). In the case of data disclosed to us in the context of an order by the client, we delete the data according to the specifications of the order, in principle after the end of the order.

RIGHT OF REVOCATION | OBJECTION

a) Right of revocation
You have the right to grant consent in accordance with. Art. 7 para. 3 DSGVO with effect for the future.
b) Right to objection
If your personal data are processed based on legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f DSGVO, you have the right to file an objection against the processing of your personal data in accordance with Art. 21 DSGVO, provided that there are reasons for this arising from your particular situation or the objection is directed against direct mail. In the latter case, you have a general right of objection, which is implemented by us without specifying any particular situation.If you would like to exercise your right of revocation or objection, please send an e-mail to

mail (at) weingut-steitz.de.

Customer account/registration

If you create a customer account with us via our website, we will use the data you entered during registration (e.g. your name, your address, or your email address) exclusively for services leading up to your potential placement of an order or entering some other contractual relationship with us, to fulfill such orders or contracts, and to provide customer care (e.g. to provide you with an overview of your previous orders or to be able to offer you a wishlist function). We also store your IP address and the date and time of your registration. This data will not be transferred to third parties.

During the registration process, your consent will be obtained for this processing of your data, with reference made to this privacy policy. The data collected by us will be used exclusively to provide your customer account. 

If you give your consent to this processing, Art. 6 Para. 1 lit. a) GDPR is the legal basis for this processing.

If the opening of the customer account is also intended to lead to the initiation of a contractual relationship with us or to fulfill an existing contract with us, the legal basis for this processing is also Art. 6 Para. 1 lit. b) GDPR.

You may revoke your prior consent to the processing of your personal data at any time under Art. 7 Para. 3 GDPR with future effect. All you have to do is inform us that you are revoking your consent.

The data previously collected will then be deleted as soon as processing is no longer necessary. However, we must observe any retention periods required under tax and commercial law.

 
Newsletter

If you register for our free newsletter, the data requested from you for this purpose, i.e. your email address and, optionally, your name and address, will be sent to us. We also store the IP address of your computer and the date and time of your registration. During the registration process, we will obtain your consent to receive this newsletter and the type of content it will offer, with reference made to this privacy policy. The data collected will be used exclusively to send the newsletter and will not be passed on to third parties.

The legal basis for this is Art. 6 Para. 1 lit. a) GDPR.

You may revoke your prior consent to receive this newsletter under Art. 7 Para. 3 GDPR with future effect. All you have to do is inform us that you are revoking your consent or click on the unsubscribe link contained in each newsletter.

 
MailChimp - Newsletter

We offer you the opportunity to register for our free newsletter via our website.

We use MailChimp, a service of The Rocket Science Group, LLC, 512 Means Street, Suite 404, Atlanta, GA 30318, USA, hereinafter referred to as "The Rocket Science Group".

Through certification according to the EU-US Privacy Shield

https://www.privacyshield.gov/participant?id=a2zt0000000TO6hAAG&status=Active

the Rocket Science Group guarantees that it will follow the EU's data protection regulations when processing data in the United States. In addition, the Rocket Science Group offers further information about its data protection practices at

https://mailchimp.com/legal/privacy/

If you register for our free newsletter, the data requested from you for this purpose, i.e. your email address and, optionally, your name and address, will be processed by The Rocket Science Group. In addition, your IP address and the date and time of your registration will be saved. During the registration process, your consent to receive this newsletter will be obtained together with a concrete description of the type of content it will offer and reference made to this privacy policy.

The newsletter then sent out by The Rocket Science Group will also contain a tracking pixel called a web beacon. This pixel helps us evaluate whether and when you have read our newsletter and whether you have clicked any links contained therein. In addition to further technical data, such as data about your computer hardware and your IP address, the data processed will be stored so that we can optimize our newsletter and respond to the wishes of our readers. The data will therefore increase the quality and attractiveness of our newsletter.

The legal basis for sending the newsletter and the analysis is Art. 6 Para. 1 lit. a) GDPR.

You may revoke your prior consent to receive this newsletter under Art. 7 Para. 3 GDPR with future effect. All you have to do is inform us that you are revoking your consent or click on the unsubscribe link contained in each newsletter.

Newsletter - Success Measurement
The newsletters contain a so-called "web-beacon", i. a pixel-sized file that is retrieved from the server when opening the newsletter from our server, or if we use a e-mail dispatch service provider. This call will initially collect technical information, such as information about the browser and your system, as well as your IP address and time of retrieval.
This information is used to improve the technical performance of services based on their specifications or audience and their reading habits, based on their locations (which can be determined using the IP address) or access times. Statistical surveys also include determining if the newsletters will be opened, when they will be opened and which links will be clicked. For technical reasons, this information can be assigned to the individual newsletter recipients. However, it is neither our goal nor, if used, that of the e-mail dispatch service provider to observe individual users. The evaluations serve us much more to recognize the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.

Contact

If you contact us via email or the contact form, the data you provide will be used for the purpose of processing your request. We must have this data in order to process and answer your inquiry; otherwise we will not be able to answer it in full or at all.

The legal basis for this data processing is Art. 6 Para. 1 lit. b) GDPR.

Your data will be deleted once we have fully answered your inquiry and there is no further legal obligation to store your data, such as if an order or contract resulted therefrom.

SOCIAL MEDIA

a) Online presence in social media

We maintain online presences on Social Media Channels in order to communicate with customers, prospects and users active there and to inform them about our services there.
We point out that data of the users can be processed outside the area of ​​the European Union. This may result in risks for the users because e.g. enforcement of user rights could be made more difficult. With respect to US providers certified under the US Privacy Shield, we point out that they are committed on upholding the EU's privacy standards.
Furthermore, the data of the users are usually processed for market research and advertising purposes. For example, user profiles can be created from the usage behavior and from the resulting interests of the users. The usage profiles can in turn be used, for example, to place advertisements inside and outside the platforms that are allegedly in line with the interests of the users. For these purposes, cookies are usually stored on the computers of the users, in which the user behavior and the interests of the users are stored. Furthermore, in the usage profiles, data can also be stored independently of the devices used by the users (in particular if the users are members of the respective platforms and logged into them).
The processing of the personal data of users is based on our legitimate interests in an effective information of users and communication with users in accordance with. Art. 6 para. 1 lit. f. DSGVO. If the users are asked by the respective providers for a consent to the data processing (that is, they declare their agreement, for example, by ticking a check box or confirming a button), the legal basis of the processing is Art. 6 para. a., Art. 7 GDPR.
For a detailed description of the respective processing and the possibilities of contradiction (opt-out), we refer to the following linked information of the provider.
Also in the case of requests for information and the assertion of user rights, we point out that these can be made most effective on Facebook directly. Only Facebook has access to the data of the users and can directly take appropriate measures and provide information. If you still need help, then you can contact us.
Facebook
Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland
Data protection:
https://www.facebook.com/about/privacy/,
Opt-Out: https://www.facebook.com/settings?tab=ads and https://www.youronlinechoices.com,
Privacy Shield:
https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active.

b) Social media plug-ins

We do not use social media plugins (share and like buttons) on our website to protect our customers data. A click on the 'facebook button' will open a link to the fan page of our company on Facebook (Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA). Please use these link only if you fully agree with the privacy policy of the social network Facebook. For more information, see the Facebook Privacy Policy: https://www.facebook.com/about/privacy/, Opt-Out: https://www.facebook.com/settings?tab=ads and https://www.youronlinechoices.com,

Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active.

 
Google-Maps

Our website uses Google Maps to display our location and to provide directions. This is a service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 (hereinafter: Google).

Through certification according to the EU-US Privacy Shield

https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

Google guarantees that it will follow the EU's data protection regulations when processing data in the United States.

To enable the display of certain fonts on our website, a connection to the Google server in the USA is established whenever our website is accessed.

If you access the Google Maps components integrated into our website, Google will store a cookie on your device via your browser. Your user settings and data are processed to display our location and create a route description. We cannot prevent Google from using servers in the USA.

The legal basis is Art. 6 Para. 1 lit. f) GDPR. Our legitimate interest lies in optimizing the functionality of our website.

By connecting to Google in this way, Google can determine from which website your request has been sent and to which IP address the directions are transmitted.

If you do not agree to this processing, you have the option of preventing the installation of cookies by making the appropriate settings in your browser. Further details can be found in the section about cookies above.

In addition, the use of Google Maps and the information obtained via Google Maps is governed by the Google Terms of Use https://policies.google.com/terms?gl=DE&hl=en and the Terms and Conditions for Google Maps https://www.google.com/intl/de_de/help/terms_maps.html.

Google also offers further information at

https://adssettings.google.com/authenticated

https://policies.google.com/privacy

 

Google AJAX & jQUERY LIBRARIES

Our website uses Ajax and jQuery technologies for enhanced user experience and performance reasons. For this purpose, appropriate program libraries are called from Google servers. In this context, we would like to point out that through this deployment, Google's external servers in the US can be accessed.

Through certification according to the EU-US Privacy Shield

https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

Google guarantees that it will follow the EU's data protection regulations when processing data in the United States.

Unfortunately, we are currently not aware if Google logs the individual server requests and continues to use them. It is expected that your IP address will be stored for a period of several months. The same applies to Java Script elements that could be loaded by Google servers for browser compatibility purposes (e.g., IE9). It can be assumed that the Google Privacy Policy applies which can be found at: https://policies.google.com/privacy.

Google LLC is certified to the EU-US Privacy Shield (Safe Harbor) Data Protection Agreement, which ensures compliance with the level of data protection in the EU (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

Google reCAPTCHA

Our website uses Google reCAPTCHA to check and prevent automated servers ("bots") from accessing and interacting with our website. This is a service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 (hereinafter: Google).

Through certification according to the EU-US Privacy Shield

https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

Google guarantees that it will follow the EU's data protection regulations when processing data in the United States.

This service allows Google to determine from which website your request has been sent and from which IP address the reCAPTCHA input box has been used. In addition to your IP address, Google may collect other information necessary to provide and guarantee this service.   

The legal basis is Art. 6 Para. 1 lit. f) GDPR. Our legitimate interest lies in the security of our website and in the prevention of unwanted, automated access in the form of spam or similar.

Google offers detailed information at

https://policies.google.com/privacy

concerning the general handling of your user data.

 
Google Fonts

Our website uses Google Fonts to display external fonts. This is a service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 (hereinafter: Google).

Through certification according to the EU-US Privacy Shield

https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

Google guarantees that it will follow the EU's data protection regulations when processing data in the United States.

To enable the display of certain fonts on our website, a connection to the Google server in the USA is established whenever our website is accessed.

The legal basis is Art. 6 Para. 1 lit. f) GDPR. Our legitimate interest lies in the optimization and economic operation of our site.

When you access our site, a connection to Google is established from which Google can identify the site from which your request has been sent and to which IP address the fonts are being transmitted for display.

Google offers detailed information at

https://adssettings.google.com/authenticated

https://policies.google.com/privacy

in particular on options for preventing the use of data.​

UPDATING AND MODIFICATION OF THIS PRIVACY POLICY

This privacy policy is currently valid and has the status:

May 2018

As a result of the further development of our website and offers thereof or due to changed legal or official requirements, it may be necessary to change this privacy policy. The current privacy policy can be retrieved and printed out at any time on the website at www.weingut-bibinger.com/data-privacy.

Model Data Protection Statement provided by 
Anwaltskanzlei Weiß & Partner