Privacy Policy

Protecting your personal data is of particular concern to Ein- und Verkaufsgenossenschaft eG. Our efforts to comply with the requirements of the European General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG) are primarily aimed at respecting your privacy and personal rights.

The use of electronic data processing systems (EDP) is indispensable today. We naturally strive to observe the applicable legal requirements to the highest degree.

In general, the use of the website of Ein- und Verkaufsgenossenschaft eG is possible without providing any personal data. However, if a data subject wishes to use special services provided by our company via our website, processing of personal data may become necessary. If the processing of personal data is required and there is no legal basis for such processing, we will generally obtain the consent of the data subject.

We will not sell or rent your personal information to third parties for their marketing or any other purposes. If you do not agree with the provisions of this Privacy Policy, please do not send us any personal data.

1. General Information / Definitions

This Privacy Policy is based on the terminology used by the GDPR and should be easy to read and understand for everyone. Therefore, we explain several key terms below:

a) Personal data
Personal data means any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, by reference to an identifier such as a name, identification number, location data, an online identifier, or one or more factors specific to that person’s physical, physiological, genetic, mental, economic, cultural, or social identity.

b) Data subject
A data subject is any identified or identifiable natural person whose personal data are processed by the controller.

c) Processing
Processing means any operation or set of operations performed on personal data, whether or not by automated means—such as collection, recording, organization, structuring, storage, adaptation, retrieval, consultation, use, disclosure, alignment, restriction, erasure, or destruction.

d) Restriction of processing
Restriction of processing means the marking of stored personal data with the aim of limiting their future processing.

e) Profiling
Profiling means any form of automated processing of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning work performance, economic situation, health, preferences, interests, reliability, behavior, location, or movements.

f) Pseudonymization
Pseudonymization means the processing of personal data in such a way that they can no longer be attributed to a specific data subject without the use of additional information.

g) Controller
The controller is the natural or legal person, authority, or other body that determines the purposes and means of processing personal data.

h) Processor
A processor is a natural or legal person, authority, or other body that processes personal data on behalf of the controller.

i) Recipient
A recipient is a natural or legal person, authority, or other body to which personal data are disclosed, whether or not it is a third party.

j) Third party
A third party is any natural or legal person other than the data subject, the controller, the processor, or persons authorized to process data under their direct authority.

k) Consent
Consent means any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which they signify agreement to the processing of personal data relating to them.

2. Information on the Collection of Personal Data

(1) Below, we inform you about the collection of personal data when using our website. Personal data include all data that can be related to you personally (e.g. name, address, email address, user behavior).

(2) The controller pursuant to Art. 4 (7) GDPR is:

Ein- und Verkaufsgenossenschaft eG
Pöttmeser Straße 15
D-86529 Schrobenhausen
Telephone: +49 8252 / 8979-0

(3) When you contact us by email or via a contact form, the data you provide (your email address, and, if applicable, your name and telephone number) are stored automatically so that we can respond to your inquiry. These personal data, provided voluntarily by you, are used solely for processing your request or establishing contact and will be deleted once storage is no longer necessary, unless statutory retention obligations apply.

(4) If we use commissioned service providers for individual functions of our offering or wish to use your data for advertising purposes, we will inform you in detail below about the respective processes and the applicable retention periods.

(5) We have implemented numerous technical and organizational measures to ensure the most complete protection possible of the personal data processed via this website. Nevertheless, internet-based data transmissions can always have security vulnerabilities, so absolute protection cannot be guaranteed. For this reason, any data subject is free to transmit personal data to us via alternative means, such as by telephone.

(6) As a responsible company, we do not use automated decision-making or profiling.

3. Your Rights

You have the following rights concerning your personal data:

  • Right of access (Art. 15 GDPR)

  • Right to rectification (Art. 16 GDPR)

  • Right to erasure / “right to be forgotten” (Art. 17 GDPR)

  • Right to restriction of processing (Art. 18 GDPR)

  • Right to data portability (Art. 20 GDPR)

  • Right to object to processing (Art. 21 GDPR)

  • Right to withdraw consent (Art. 7 (3) GDPR)

  • Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)

If you wish to exercise any of these rights, please contact us at any time using the details provided above.

The supervisory authority responsible for our company is:

Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
Promenade 27
91522 Ansbach, Germany
Tel.: +49 981 53 1300
Email: poststelle@lda.bayern.de

4. Collection of Personal Data When Visiting Our Website / Cookies

(1) When you visit our website for informational purposes only, we collect only the personal data that your browser transmits to our server, such as:

  • IP address

  • Date and time of the request

  • Time zone difference from GMT

  • Content of the request (specific page)

  • Access status / HTTP status code

  • Volume of data transmitted

  • Referring website

  • Browser type and version

  • Operating system and interface

  • Language and version of the browser software

The legal basis is Art. 6 (1) f GDPR (legitimate interest in ensuring website stability and security).

(2) Cookies: We use cookies to make our website more user-friendly and efficient.
You can configure your browser to reject all cookies or only certain types, but please note that some features of our website may not function properly without them.

We use:

  • Session cookies (temporary; deleted when you close your browser)

  • Persistent cookies (stored for a defined period and deleted automatically thereafter)

5. Data Transfer

Your personal data will not be transferred to third parties unless required by law, necessary to fulfill a contract, or expressly consented to by you.
Where we use service providers, we ensure compliance with Art. 28 GDPR (data processing agreements). Data is primarily processed within the EU/EEA; in cases where processing occurs outside the EU/EEA, we ensure an adequate level of data protection through EU standard contractual clauses or adequacy decisions.

6. Data Protection for Job Applications

We collect and process applicants’ personal data for the purpose of managing recruitment procedures. Processing may occur electronically, e.g., via email or online forms. If an employment contract is concluded, the data will be stored for the purpose of implementing the employment relationship. If no employment contract is concluded, the data will be deleted unless legitimate interests (such as proof obligations under the German General Equal Treatment Act) require longer retention.

7. Objection or Withdrawal of Consent

You may withdraw your consent at any time, effective for the future.
If we process your data based on legitimate interests, you may object to such processing at any time, providing reasons relating to your particular situation.
You may also object at any time to the processing of your data for advertising or analytics purposes. Please contact us using the details provided above.

8. Legal or Contractual Requirements

Providing personal data may be required by law or necessary for the conclusion of a contract. Failure to provide personal data may make it impossible to enter into or perform a contract.

9. Plugins and Tools

1. Google Web Fonts
This site uses Google Web Fonts to ensure uniform display of fonts. When you visit a page, your browser loads the necessary fonts from Google servers. This informs Google that your IP address has accessed our website. The use of Google Web Fonts is based on our legitimate interest (Art. 6 (1) f GDPR) in a consistent, appealing website design.
Further information: Google Fonts FAQ and Google Privacy Policy.

2. Use of ajax.googleapis.com and jQuery
We use Ajax and jQuery technologies for optimized loading speeds. When loading these libraries from Google’s CDN, data such as your IP address may be transmitted to Google servers in the USA.
Legal basis: Art. 6 (1) f GDPR.

3. Google reCAPTCHA
We use Google reCAPTCHA to determine whether data entries on our forms are made by a human or an automated program. This involves analyzing various data (IP address, browser type, time spent on the site, mouse movements, etc.).
The processing is based on our legitimate interest (Art. 6 (1) f GDPR) in preventing abuse and ensuring site security.