Privacy policy

Data controller

The data controller pursuant to Article 4(7) of the General Data Protection Regulation (GDPR) is Gilde Brauerei GmbH. See our Legal Notice for further details.

Processors:

General provision and maintenance services for our website and email systems are carried out with the support of IT contractors who act on our behalf and therefore may also view (receive) your data to the extent required.

Privacy Officer:

Thomas Althammer
c/o Althammer & Kill GmbH & Co. KG
Thielenplatz 3
30159 Hanover
Phone +49 511 330603 0
Fax +49 511 330603 48
Email kontakt-dsb@althammer-kill.de
https://www.althammer-kill.de

Collection and use of your data

The scope and nature of collection and use of your personal data vary based on whether you visit our online offering only to view information or whether you utilise any services that may be offered by us. If we make use of other IT contractors for certain functions in our offering or would like to use your data for marketing purposes, we will inform you about the respective operations (all data processing operations) in detail below. We will also provide the specified criteria for retention periods and the relevant legal grounds for processing data.

Use for information

When using our website to view information, we only collect the personal data that your browser automatically transfers to us, such as:

  • IP address
  • Date and time of request
  • Time difference to Greenwich Mean Time (GMT)
  • Content of the request (specific page)
  • Volume of data transmitted each time and access status (file transmitted, file not found etc.)
  • Page from which the request is coming
  • Browser type/version/language
  • Operating system and its interface
  • Browser language and version

Retention period:
This data is retained (in logs) for a period of seven days.

Legal ground(s) for processing data:
The above data is technologically required to display you our website and ensure its stability and security, in line with Article 6(1)(f) GDPR.

Contact form

When you contact us using our contact form or by email, we store the data you share with us (your name, email address and potentially your phone number and message) so that we can answer your question(s). There are specially marked fields for data required for this, while all other information is provided voluntarily.

Retention period:
We erase the data acquired in this context once we are no longer required to store it or we restrict its processing if the law obliges us to retain it (for a maximum of ten years as commercial and tax law requires that business email correspondence is archived for this period).

Legal ground(s) for processing data:
Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract, in line with Article 6(1)(b) GDPR.

Job applications

We process the data that you send to us in connection with your application so that we can assess your suitability for the position (or potentially other vacant positions) and conduct the application process.

Our personnel division will view your application following receipt. Suitable applications will then be forwarded to the site/division managers for the vacancy or suitable position, who then decide how to proceed. Throughout the company, the only people with access to your data are generally those who require it to conduct our application procedure properly.

Contractors:
We have not contracted any service providers for support in conducting the application procedure. Accordingly, only our IT contractors may view your data and then only as needed and, of course, only to the extent necessary.

Retention period:
Data will be erased after six months if applicants are rejected.
Should you be hired at the end of the application process, your data will be transferred to our staff information system.

Legal ground for processing data:
It is permitted to process your data as part of the application procedure to decide whether to hire you, the applicant, for a job, in line with Section 26 of the German Federal Data Protection Act (‘Bundesdatenschutzgesetz’, BDSG, as amended).

Should the data be necessary for any legal action following completion of the application procedure, the data may be processed for the purposes of our legitimate interests in line with Article 6(1)(f) GDPR. In this case, our interest is in exercising or defending ourselves against claims.

Use of cookies

We use cookies for our website. Cookies are small text files that are sent from our Web server to your browser as part of your visit of our website, which are then stored by your browser on your computer for later access. We use them to make our online offering more user-friendly and effective overall. This website uses cookies to the extent set out here: 1. Transient cookies (temporary use)

  • Login cookie in downloads area

2. Persistent cookies (time-restricted use)

  • Google Analytics (explanation in Web Analytics section)

3. Third-party cookies (from external providers)

  • None currently

Cookies can normally be divided into two categories:

transient cookies are automatically deleted when you close your browser. They include session cookies in particular. They save a session ID that can be used to match various requests from your browser to the same session. This enables us to identify your computer when you return to the website. Session cookies are deleted when you log out or close your browser.

Persistent cookies are automatically deleted after a prescribed length of time that varies depending on the cookie. You can delete the cookies at any time in your browser’s security settings.

You can configure your browser settings as you desire, for example, to have your browser accept third-party cookies or reject all cookies. However, do be aware that you may not be able to use all website functions in this case.

More information about cookies can be found on the ‘Consumers Safe Online’ portal run by the Technical University of Berlin (in German):
https://www.verbraucher-sicher-online.de/thema/cookies

Web analytics

For us, it is important that we design our website as optimally as possible to make it appealing to our visitors. This is why we need to know how different aspects of it are received by our visitors. To this end, we use the following technologies in our own interests.

Google Analytics

On our website, we use Google Analytics, a Web analytics service from Google. Google Analytics uses cookies that are saved on your computer to enable us to analyse usage of this website. The information generated by the cookie about your use of our website is usually transferred to a Google server in the United States and stored there. We have activated IP anonymisation on our website. This means that Google truncates your IP address within the member states of the European Union or European Economic Area before it is transferred. Only in exceptional cases is your entire IP address transferred to Google.

Objection to usage analytics:
You can prevent cookies from being stored by activating the corresponding settings in your browser software. Furthermore, you can prevent the data that is generated by the cookie (including your IP address) from being saved and processed by Google by downloading and installing the browser plug-in available through the following link: https://tools.google.com/dlpage/gaoptout?hl=en. Using alternative plug-ins or deactivating all cookies in your browser’s settings will also prevent your usage patterns being analysed.

Alternatively, you may object to Google’s use of your data using the following link. It will set an opt-out cookie which prevents your data being collected when visiting our website in future:
Deactivate Google Analytics

Please note: if you delete your cookies, this will also result in the opt-out cookie being deleted and you may have to reactivate it.

Contractors:
Google uses this information on our behalf to analyse your use of the website, to compile reports on website activity and to perform other services associated with website activity and Internet usage for us. The IP address transferred from your browser through Google Analytics is not merged with other Google data.
Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland.
You can find more information about data protection at Google Ireland Ltd. and Google Inc. (US) at:
https://support.google.com/analytics/answer/6004245?hl=en
https://www.google.com/intl/en/policies/privacy/

Retention period:
The anonymously recorded instances of usage are erased after no longer than XX days/months.

Legal ground(s) for processing data:
We use Google Analytics in our own interest to analyse the use of our website and to be able to regularly improve it. Using the acquired statistics, we can improve our offering and make it more appealing to you as a user, in line with Article 6(1)(f) GDPR.

For exceptional cases where personal data is transferred (your IP address) to the United States, be advised that Google is subject to the EU-US Privacy Shield framework, https://www.privacyshield.gov/EU-US-Framework.

Integrated services

For the design of our website and provision of additional functionality, we integrate the following external services in our own interests.
All these services can be deactivated using special plug-ins for your browser that disrupt the required connection to the relevant servers. However, please be aware that using such tools may involve compromising on the everyday convenience you are familiar with, as many things may then no longer function as you would normally expect.

Fonts.com

We have implemented the Fonts.com (fonts.com) service on our website. This is responsible for displaying our fonts. For licensing reasons (the Fonts.com terms of use), the use of Fonts.com to display our fonts on our website involves accessing a Fonts.com server in the United States and transferring your IP address to Fonts.com.

Service provided by:
The provider is Monotype Imaging Holdings Inc., 600 Unicorn Park Drive, Woburn, Massachusetts 01801, United States.
You can find more information about data protection at Monotype Imaging Holdings Inc. at: https://www.monotype.com/legal/privacy-policy/

Retention period:
See log retention period under Use for Information further up in this Privacy Policy.

Legal ground(s) for processing data:
The service is integrated to optimise our website in our own interest, in line with Article 6(1)(f) GDPR.
Your IP address is transferred to Fonts.com (Monotype Imaging Holdings Inc.) in the United States based on our interest in complying with the agreed terms of use (licensing conditions) in accordance with Article 6(1)(f) GDPR.

Google CDN (ajax.googleapis.com)

We use the jQuery JavaScript library on our website. This library primarily enables a modern design for our website. To increase the speed at which our website is loaded, we use the Google Content Delivery Network (CDN) to load this library. A connection to the Google server is established and your IP address transferred to Google even if your browser already has a copy of the jQuery library in its cache. If you are already logged into Google with an existing user account at the same time you visit our website, Google may be able to match your visit of our website with your Internet usage. In addition, Google may send further cookies to your browser. We do not have any influence over this behaviour and do not receive any information from Google about the content transmitted.

Service provided by:
The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States. The EU representative is Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland.
You can find more information about data protection at Google Inc. at: http://www.google.com/policies/privacy/

Retention period:
See log retention period under Use for Information further up in this Privacy Policy.

Legal ground(s) for processing data:
The service is integrated in our own interest to optimise our website, in line with Article 6(1)(f) GDPR.
For exceptional cases where personal data is transferred (your IP address) to the United States, be advised that Google is subject to the EU-US Privacy Shield framework, www.privacyshield.gov/EU-US-Framework.

Google Maps

We integrate content from Google Maps on our website so that we can show you a simplified map of our company’s location. This automatically establishes a connection between your browser and the Google Maps server, which also transfers your IP address. If you are already logged into Google with an existing user account at the same time you visit our website, Google may be able to match your visit of our website with your Internet usage. In addition, Google may send further cookies to your browser. We do not have any influence over this behaviour and do not receive any information from Google about the content transmitted.

Analysis of your usage by Google:
Google stores your data in usage profiles and uses it for the purposes of marketing, market research and/or designing its website specific to user needs. In particular, data is analysed to provide advertising targeted to user needs (even for users not logged in) and to inform other users of the social network about your activity on our website.

You have a right to object to the creation of such usage profiles, though you must contact Google to exercise this right.

Service provided by:
The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States. The EU representative is Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland.
You can find more information about data protection at Google Inc. at: https://www.google.com/intl/en/policies/privacy/

Retention period:
See log retention period under Use for Information further up in this Privacy Policy.

Legal ground(s) for processing data:
The service is integrated in our own interest to optimise our website, in line with Article 6(1)(f) GDPR.
For exceptional cases where personal data is transferred to the United States, be advised that Google is subject to the EU-US Privacy Shield framework, https://www.privacyshield.gov/EU-US-Framework.

Other integrated services

Should other integrated services be used, the structure of the explanation (above) must be observed.

Processing of your personal data in countries outside the EU and EEA

Your personal data is not processed in countries outside of the European Union and European Economic Area except with integrated services.

Your rights

You may exercise the following rights against us with regard to personal data concerning you:

  • Right to access
  • Right to rectification or erasure
  • Right to restriction of processing
  • Right to data portability

 

Right to complain to a supervisory authority

You additionally have the right to lodge a complaint with a supervisory authority for data protection about our processing of your personal data. The supervisory authority with direct jurisdiction over us is: https://www.lfd.niedersachsen.de/startseite/.

Right to object and withdraw consent

If you have given consent for us to process your data, you may withdraw that consent at any time. Withdrawing your consent cancels the permission we have to process your personal data with effect from the time you withdraw your consent.

Where we use overriding interests as the legal grounds for processing your personal data (in line with Article 6(1)(f) GDPR), you may object to the processing of your data. This is particularly the case when it is not necessary to process your personal data to carry out a contract with you, which is discussed in the explanation of the individual data processing operations and functions on our website, provided further up in this Privacy Policy. When exercising your right to object, we ask that you provide the reasons why you would not like us to process your personal data as we have been doing. If your objection is valid, we will assess the situation and either stop or change the processing of the data or explain to you the compelling, legitimate grounds on which we continue to process the data.

Right to object to direct marketing

Of course you may at any time object to the processing of your personal data for marketing and data analysis purposes, e.g. even if you receive marketing materials from us by post in the form of a newsletter, customer magazine or information material as part of a business relationship.

Should we use functions of our website to use your data for direct marketing and data analysis associated with that, we inform you about these data processing operations further up in this Privacy Policy and provide an option for you to exercise your right to object, including by technological means.

Contact options regarding your rights

You may contact us at any time to exercise your rights. The best method for this is using the following email address:  info@gilde-brauerei.com
You are also invited to use one of the contact options provided in our Legal Notice or to contact our Privacy Officer directly (details above).

Data security

We also implement technological and organisational security measures to protect received or collected personal data, especially against accidental or intentional manipulation, loss, destruction or access by unauthorised persons. Our security measures are enhanced on an ongoing basis to reflect technological developments.

The transfer of your personal data is encrypted using SSL (https) technology to prevent access by unauthorised third parties.

Email communication

Our email systems support encrypted communication using SSL technology (TLS 1.2 including PFS). Your emails can therefore normally be sent encrypted. However, please be aware that encryption is also dependent on the configuration of your email program, which means that we cannot guarantee full data security for email transmission.

We recommend sending information that requires a high level of confidentiality by post.