Bio-Gen Milchserum Marketing GmbH
D 56410 Montabaur
Phone +49 (0) 2602 10 666 1-0
Fax +49 (0) 2602 10 666 1-19
Please direct any privacy-related enquiries to
Bio-Gen Milchserum Marketing GmbH
An den Datenschutzbeauftragten
D 56410 Montabaur
Preferably also by e-mail to email@example.com
Purpose of Procesing
The purposes of the processing are the provision of the website, optimization of our content, identification of error sources, securing the website and performance optimization.
In the case of the use of our contact form, a further purpose of the processing is also the handling of the communication
Categories of Data Subjects
- Website visitors
- Customers and other contractual partners
- Interested parties
Types of Data Processed
- Inventory data (e.g. names, addresses)
- Content data (e.g. text input, photographs, videos)
- Contact details (e.g. e-mail, telephone numbers)
- Meta/communication data (e.g. device information, IP addresses)
- Usage data (e.g. websites visited, interest in content, access times)
Relevant Legal Bases
Consent according to Art. 6 para. 1 lit. a) GDPR
Contract fulfilment or pre-contractual measures according to Art. 6 para. 1 lit. b) GDPR
Processing is necessary for the performance of a contract to which the data subject is party or for the implementation of pre-contractual measures taken at the data subject’s request.
Legal obligation according to Art. 6 para. 1 lit. c) GDPR
Legitimate interests according to Art. 6 para. 1 lit. f) GDPR
Processing is necessary for the purposes of the legitimate interests of the controller or of a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require the protection of personal data.
In addition to the General Data Protection Regulation, national legal regulations also apply in connection with data protection. Here, the Federal Data Protection Act (BDSG) specifies the rights of data subjects, the processing of special categories of personal data according to Art. 9 GDPR, profiling, data processing in the context of an employment relationship (Section 26 BDSG), in particular with regard to the establishment, implementation or termination of employment relationships, and the consent of employees. Ultimately, data protection laws at the federal state level may also apply.
We take appropriate technical and organisational measures to ensure a level of protection appropriate to the risk in accordance with the legal requirements, taking into account the state of the art, the implementation costs and the type, scope, circumstances and purposes of the processing as well as the different probabilities of occurrence and the extent of the threat to the rights and freedoms of individuals.
The measures include, in particular, ensuring the confidentiality, integrity and availability of data by controlling physical and electronic access to the data, as well as access to, entry into, disclosure of, assurance of availability of and segregation of the data. We also have procedures in place to ensure the exercise of data subjects’ rights, the deletion of data and responses to data compromise. Furthermore, we already take the protection of personal data into account in the development or selection of hardware, software and procedures in accordance with the principle of data protection, through technology design and through data protection-friendly default settings.
In order to protect your data transmitted via our online offer, we use SSL encryption. You can recognise such encrypted connections by the prefix https:// in the address bar of your browser.
Information About Cookies
Legal basis for data processing using cookies: The legal basis for the processing of personal data using technically necessary cookies is Art. 6 para. 1 lit. f) GDPR. The legal basis for the processing of personal data using cookies for analysis purposes is Art. 6 para. 1 lit. a) GDPR if the user has consented to this, otherwise Art. 6 para. 1 lit. f) GDPR in conjunction with. EC 47.
External Integrations as well as Tracking and Retargeting
On our website, we use external integrations due to technical necessities as well as for the needs-based design, which we inform about in the following.
We use the Google Maps service to integrate interactive map material. Parameters such as the website accessed, behavior on the website (e.g. clicking on links and buttons, scrolling), your IP address, the referrer url (the page from which you came to our website) and technical information about your terminal device are collected.
The legal basis is your consent according to Art. 6 (1) lit. a GDPR. We obtain this consent by clicking on “Load Google Maps”. Further information can be found under the following link:
We use the Google ReCaptcha service to protect ourselves from spam and security-critical attacks on our website.
The legal basis is our legitimate interest according to Art. 6 para. 1 lit. f GDPR, which is to increase website security. Further information can be found at the following link: https://policies.google.com/privacy
On some of our pages we use the video portal Vimeo of Vimeo LLC. The purpose of the service is the integration of videos that are stored on the servers of Vimeo and the per-formance and geo-location optimized delivery of the content. We use the data protection-friendly integration method of Vimeo. It may happen that your IP address is passed on and also data about your usage behavior.
Therefore, we use consent in accordance with Art. 6 (1) a) GDPR as the legal basis for the external integration. Further information on data protection can be found at the following link: https://vimeo.com/privacy
In the context of contacting us via a contact form, by e-mail, telephone or social media, the information provided is processed in order to answer the enquiry and, if necessary, to carry out the requested measures. The response to your enquiry is based on Art. 6 para. 1 lit. b) GDPR for the fulfilment of contractual obligations or response to pre-contractual enquiries. In addition, in certain cases a legitimate interest according to Art. 6 para. 1 lit. f) GDPR is the legal basis.
Data Subject Rights
You have the right
- to confirm whether personal data relating to you are being or have been processed by us and may request information about this from us in accordance with Art. 15 GDPR;
- demand the correction of incorrect or incomplete personal data stored by us without delay in accordance with Art. 16 GDPR;
- pursuant to Art. 17 GDPR to request the erasure of your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the assertion, exercise or defence of legal claims;
- to request the restriction of the processing of your personal data in accordance with Art. 18 DSGVO, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure and we no longer require the data, but you need it for the assertion, exercise or defence of legal claims or you have objected to the processing in accordance with Art. 21 GDPR;
- pursuant to Art. 20 DSGVO to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request the transfer to another controller;
- revoke your consent at any time in accordance with Art. 7 (3) GDPR. This has the consequence that we may no longer continue the data processing based on this consent for the future, and
- pursuant to Article 77 of the GDPR, you have the right to lodge a complaint with a supervisory authority, without prejudice to any other administrative or judicial remedy. As a rule, you can contact the supervisory authority of your usual place of residence or place of work or the place of the alleged infringement for this purpose if the data subject is of the opinion that the processing of personal data concerning him or her violates the EU General Data Protection Regulation (GDPR).
Your data will generally be deleted when the client relationship has ended, the data is not subject to any statutory retention periods, all claims have been fulfilled and you have not exercised your right to deletion in accordance with Art. 17 GDPR.