1. Your personal data within the meaning of Art. 4 no. 1 GDPR (eg title, name, address, e-mail address, IP address, payment information) only in accordance with the provisions of the German data protection law and taking into account the European Data Protection Regulation (GDPR). The following regulations inform you about the nature, scope and purpose of the collection, processing and use of personal data.
2. The processing within the meaning of Art. 4 No. 2 GDPR of personal data is legal according to Art. 6 GDPR, if one of the following conditions exists:
(a) the data subject has given his consent to the processing of personal data concerning him for one or more specific purposes;
(b) the processing is necessary for the performance of a contract to which the data subject is a party or for the performance of any pre-contractual action taken at the request of the data subject;
(c) the processing is necessary to fulfill a legal obligation to which the controller is subject;
(d) the processing is necessary to protect the vital interests of the data subject or any other natural person;
(e) the processing is necessary for the performance of a task which is in the public interest or in the exercise of official authority delegated to the controller;
(f) the processing is necessary to safeguard the legitimate interests of the controller or a third party, unless the interests or fundamental rights and freedoms of the data subject requiring the protection of personal data prevail, in particular where the person concerned is a child is acting.
3. The processing of special personal data (eg health data ) within the meaning of Article 9 (1) of the GDPR is, in particular, lawful under Article 9 (2) of the GDPR if one of the following conditions applies :
– there is an express consent of the person;
– the processing is necessary for the assertion, exercise or defense of legal claims or for acts of the courts in the context of their judicial activity.
4. An automatic decision-making or profiling of personal data in the sense of Ar t. 22 GDPR does not take place.
5. The operator ensures the security of the data in accordance with Art. 32 GDPR by taking appropriate technical measures , taking into account the proportionality principle .
6. In the unlikely event that data protection is breached, the competent supervisory authority will be notified in accordance with Art. 33 GDPR and the data subject in accordance with Art. 34 GDPR.
Duration of data storage
The period of retention of the transferred data depends on the legal retention requirements.
Transfer of data to third parties
A passing on information provided within the framework of the contract data to third parties (Art. 4 no. 10 GDPR), takes place only if you expressly (Art. 4 no. 11 GDPR) have declared your consent or transfer to fulfill the contract is required. The consent can be withdrawn informally at any time. Data collected by visiting the website are only collected by third parties, which are expressly mentioned below.
Responsible according to the GDPR
The person responsible within the meaning of the General Data Protection Regulation (GDPR), as well as other data protection laws in the European Union and other provisions of a data protection nature is:
Telephone: +49 (0) 62179931044
In addition, to improve usability, we also use temporary cookies that are stored on your device for a specified period of time. If you visit our site again to take advantage of our services, we will automatically recognize that you have already been with us and what inputs and settings you have made so that you do not need to re-enter them.
These cookies allow us to automatically recognize when you visit our site again that you have already been with us. These cookies are automatically deleted after a defined time. The processed through cookies data for said purposes to protect our legitimate interests as well as third parties under Art. 6 para. 1 sentence 1 lit. f GDPR required. Most browsers accept cookies automatically. However, you can configure your browser to deny cookies.
Cookies are stored on your computer and always a hint appears before a new cookie is created. However, disabling cookies completely may mean that you can not use all features of our website.
Storage of access data in log files
You can visit our websites without giving any personal information.
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
• Browser type / browser version
• used operating system
• Referrer URL
• Host name of the accessing computer
• Time of the server request
These data can not be assigned to specific persons. A merge of this data with other data sources will not be done. We reserve the right to check this data retrospectively, if we become aware of specific indications for illegal use.
The purpose of the processing results from our legitimate interest within the meaning of Art. 6 para. 1 sentence 1 lit. f) GDPR.
An order processing contract has been signed with our hoster.
On these websites external fonts, Google fonts are used. Google Fonts is a service of Google Inc. (“Google”). The integration of these web fonts is done by a server call, usually a Google server in the USA. This will be transmitted to the server, which of our websites you have visited. Also, the IP address of the browser of the terminal of the visitor of this website is stored by Google.
The use of Google Fonts is for a better visual representation of our website and therefore this is a legitimate interest within the meaning of Art. 6 para. 1 sentence 1lit. f) GDPR.
Social media links
Security of your data / SSL encryption
In accordance with the statutory provisions of § 13 (7) TMG, this site uses SSL encryption, which can be recognized by a lock symbol in the address bar of your browser. Submitted data can not be read by third parties if SSL encryption is activated.
In general, this is a 256-bit encryption. If your browser does not support 256-bit encryption, we’ll use 128-bit v3 technology instead. Whether a single page of our website is encrypted is shown by the closed representation of the key or lock icon in the lower status bar of your browser.
We also take appropriate technical and organizational security measures (TOM) to protect your data against accidental or intentional manipulation, partial or total loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.
Rights of the user
You can request information about the personal data stored about you at any time and free of charge. Your rights also include the acknowledgment, correction, limitation, blocking and deletion of such data and the provision of a copy of the data in a form suitable for transmission, as well as the revocation of consent granted and the objection. Legal storage obligations remain unaffected.
Their rights arise in particular from the following standards of the GDPR :
• Article 7 (3) – Right to revoke a data protection consent
• Article 12 – Transparent information, communication and modalities for the exercise of the rights of the data subject
• Article 13 – Duty to provide information when collecting personal data from the data subject
• Article 14 – Duty to provide information if the personal data have not been collected from the data subject
• Article 15 – Right to information of the data subject, right to confirm and provide a copy of the personal data
• Article 16 – Right to rectification
• Article 17 – Right to cancellation (“Right to be forgotten”)
• Article 18 – Right to restriction of processing
• Article 19 – Obligation to provide information in connection with the rectification or erasure of personal data or the restriction of processing
• Article 20 – Right to data portability
• Article 21 – Right of opposition
• Article 22 – Right not to be subject to a decision based solely on automated processing, including profiling
• Article 77 – Right to complain to a supervisory authority
For exercising your rights (with the exception of Art. 77 GDPR), please contact the office named under the item “Responsible according to the GDPR” (eg by e-mail) .
Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit
Königstrasse 10 a
P.O. box 10 29 32
Tasting Room550 Greene AveBrooklyn, NY 11216
11 AM – 5:30 PM daily
11 AM – 5:00 PM daily