Privacy policy

Protecting your pivacy is important to us!

There is no doubt that we always handle all your personal data, whether from our website or our electronic communication, responsibly and with the utmost care. We take all necessary and appropriate measures to protect the data you have provided us with and comply with current national and European data protection regulations.

With this data protection disclaimer we would like to inform you of how we treat and process your personal data. Please note the responsible for your personal data in connection with a website is stated in the company information and legal details on the respective website.

Contact data protection official:

Via E-Mail: Datenschutz@hengstenberg.de 

Via Post:
Datenschutzbeauftragter,
Hengstenberg GmbH & Co. KG
Mettinger Straße 109
73728 Esslingen
Germany

What kind of data do we collect when you visit this website and how?

We only record personal data which you choose to place at our disposal or which we require to provide you with our services. When you visit our website our servers by default record information pertaining to your browser and operational system, the website your connection was established from and the websites you choose to visit, the date of your visit as well as for security purposes, e.g. to recognize attacks on our website, your Internet-Protocol-address (IP-address) - assigned to you by your internet provider - for a duration of seven days. Other personal data is recorded in cases where you choose to provide them; such as providing your e-mail address, name, address, phone number as well as further data, where applicable, whenever you wish to receive information on our products, take part in competitions or surveys, purchase products or simply keep up to date on products you are interested in.

Whenever you open a website and enter content into the free text field and e.g. leave a comment, our system records the Internet-Protocol-address (IP-address). We require this information for security purposes, to prevent misuse and for other preventive measures against danger.

Security

We use technical and organisational security measures to protect your data, as administered by us, against manipulation, loss, destruction and unauthorized access. Our security measures are continuously improved upon in line with technical progress.

Only authorised employees have access to your personal data, which in some cases may include the authorised employees of our service providers that require access or have been tasked with processing the data. In this case a contract regarding order data processing (‘Auftragsdatenverarbeitungsvertrag’) has been signed.

What do we use your personal data for?

We use your personal data only as far as necessary for purposes such as the technical administration of our website, customer management, questions regarding consumer services, product enquires and surveys as well as for marketing. Your personal data are only being uses for the purpose you have provided them for. On condition that you have granted permission to process your personal data, we will utilize this data as stated in the respective permission, e.g. newsletters, shipping products. You can revoke your permission at any point for the future.

To provide you with the most custom-tailored experience of our marketing means, we strive to make e.g. newsletters and visits to our website as user-friendly and custom-fit as possible. Your automatically generated and transferred information aids us in providing individual and custom-fitted content for you. This information consist of ‘technical data’ (e.g. IP-address, operating system and browser), time and date of your visit and ‘data regarding (purchasing) behaviour’ (service history, order history, viewed recipes and products).

In case you have subscribed to our newsletter, we are automatically provided with ‘technical information’ enabling us to assess how often the newsletter is being opened and which content is viewed how often (i.e. open rate and click rate). Analysing this information allows us further to optimize our digital content, e.g. our newsletters, and communicate with you as individually as possible. We want to ensure you only receive the content you are truly interested in.

Transmission of data to third parties and to other countries

We do not make your data available to other companies that would like to use these for direct marketing and promotional measures unless you have given us your express permission. Furthermore we place your personal data at the disposal of the following organisations within strict limitations:

  • Our service providers so they can assist us with e.g. the administration of our website and our newsletter. We have contractually committed these companies to uphold the same security standards we employ when dealing with your personal data so as to ensure data confidentiality and to only process data given our explicit instruction.
  • Other business units within our holding in case you have granted permission or these entities act in our mandate and have been committed to the same contract as our external service providers.
  • Transmission of personal data to the governmental authorities and offices will only occur in compliance with compelling prevailing legal regulations.

Your personal data might be transferred into other countries should a service provider’s office be located abroad. In this case a contract regarding order data processing (‘Auftragsdatenverarbeitungsvertrag’) is signed ensuring the same degree of data protection and data security provided in Germany. This is done by i.e. obliging the service provider to act exclusively upon our instruction and constantly employ all technical procedures to secure your personal data to the same extend as we do.

Should personal data be processed in a country outside of the EU or the EEA, we will ensure the appropriate level of data security by means of a standard contract designed and prescribed by the EU or an EU commission’s resolution pertaining to the country’s adequacy.

Legal basis 

Your personal data will be processed on the basis of consent forms, e.g. for newsletters, you have actively agreed to.

Rights of the persons concerned 

Your rights regarding your personal data are listed following:

The right of disclosure, correction, deletion, limitation of processing, objection to processing as well as data portability.

You also have the right to revoke a once given permission for future processing of your personal data at every point.

To exercise this right, please contact the above stated data protection officer.

Additionally we would like to draw your attention to the possibility of revoking your consent in every edition of our newsletter and unsubscribing to this service.

Please understand that we cannot disclose your personal data over the phone due to the lack of positive identification.

Moreover you are entitled to file a complaint with a data protection surveillance authority.

Cookies

By using our website you are agreeing to the usage and storage of cookies on your device. You can also view our website without cookies. Most browsers accept cookies automatically. You prevent the storing of cookies on your device by selecting the ‘accept no cookies’ setting in your browser. You can delete cookies already stored on your device at every point. You will find detailed instructions on how to do this in your browser help or manufacturer’s manual. Should you use various devices at different locations, you will have to ensure every browser is switched to your preferred settings.

Cookies are small text files stored on your device. We use cookies to e.g. collect information such as browser type and operational system, viewed site, path to site etc. and to understand the way the website is used. Cookies assist us in adapting our website to our customer’s needs and in offering certain services and functions, i.e. custom-tailored information.

Personal data can be stored in cookies provided you have granted permission or it is technologically indispensable, e.g. for a secure login.

Functional cookies 

These cookies enable us to improve ease-of-use and performance in our websites and to provide a variety of functions:

Functional cookies
Cookie Purpose
sessid This cookie stores the identification of a user while visiting a page. 
lastSessInit Timestamp of the last session opening. 
CookiePolicySccept This cookie stores the decision on the acceptance of the use of cookies by confirming the cookie banner. 

 

Third party cookies 

These cookies are set by third parties. When employing third party services these third parties might store and/or retrieve data beyond our control.

Third party cookies
Cookie Purpose
Google:
ga
gid
Expiration time 2 years (ga) & 24 hours (gid)

Used to distinguish users 
Google:
gat_

Expiration time 1 minute 

Used to throttle request rate. If Google Analytics is deployed via Google Tag Manager, this cookie will be named _dc_gtm_<property-id>.

Google:
NID
This cookie enables Google to collect usage information for videos published on YouTube. 
_gat_gtag_ This cookie enables session-related data to be sent to GoogleAnalytics and GoogleAdwords.

 Web analysis by Google Analytics 

This website uses Google Analytics, a web analysis service of Google Inc. (‘Google’). Google Analytics uses so called ‘cookies’, text files stored on your computer, to facilitate an analysis of how you use the website. The information generated by the cookie on your website usage are normally transferred to a Google server in the USA and stored. In case IP anonymization has been activated on this website, your IP-address is shortened by Google in countries of the European Union and other contracting states of the European Economic Area.

You full IP-address is only transmitted in exceptional cases to a Google server in the USA and shortened there. On behalf of the website operator Google uses this information to analyse your use of the website, to compile reports on website activity and to provide further services pertaining to website and internet usage to the operator of the website. Google will not compile your browser’s IP-address, as transmitted by Google analytics, with other data. You can prevent the storage of cookies using the corresponding setting in your browser software, however, we would like to draw your attention to the fact that this might result in a limitation of functionality. Furthermore you can prevent the gathering, transfer and use of website data (including your IP-address) as generated by the cookie as well as the processing through Google by downloading and installing the browser plug-in in this link https://tools.google.com/dlpage/gaoptout?hl=en.

In view of the discussion involving the use of analytical tools with full IP-addresses we would like to point out that this website uses Google Analytics with the add-on ‘_anonymizeIp()’ thus ensuring the IP-addresses are only processed in their shortened form to prevent any tracing to individual persons.

Further information regarding Google’s processing of your data can be found under https://www.google.com/analytics/terms/us.html

Google Tag Manager (used with Google Analytics) 

Google Tag Manager is a solution that allows providers to administer website tags via an interface. The Tag Manager tool itself (implements the tags) is a cookie-free domain and does not collect any personal data. The tool is responsible for activating other tags that for their part may in some circumstances collect data. Google Tag Manager does not access this data. If tracking tags have been disabled at domain or cookie level, this disablement remains in place for all tracking tags that are implemented with Google Tag Manager: .https://www.google.de/analytics/tag-manager/use-policy/

Google Search Console

We make use of the web analysis service "Google Search Console" for the purpose of continuously improving the Google ranking of our website. The Google Search Console allows us to carry out search analyses which provide information on how often the website appears in the results of Google searches. This means that we can monitor and administer our websites in the search index. No personal user or tracking data is processed or transmitted to Google within the context of our use of the Google Search Console.

Web analysis by Hotjar

We also make us of Hotjar on our website.  Hotjar is a web analysis service provided by Hotjar Ltd., Level 2, St Julians Business Centre, 3 Elia Zammit Street, St Julians, STJ 1000, Malta, Europe, hereinafter referred to simply as "Hotjar".

Hotjar provides us with an analysis of user behaviour on our website. The legal basis for this is Art. 6 para. 1 sentence f) of the GDPR. We have a justified interest in the analysis, optimisation and efficient operation of our website.

Hotjar allows us to keep a record of and evaluate your user behaviour on our website, for example mouse movements and mouse clicks. However, the details of your visit to our website are stored in an anonymised form. In addition to this, Hotjar also analyses information on your operating system, your internet browser, incoming and outgoing links, the geographical origin and the type and trigger of the device you are using, and prepares this information for statistical purposes. Hotjar can also gain direct feedback from you. You can find further information on Hotjar's data protection policy on: //www.hotjar.com/privacy.

You also have the option of stopping the analysis of your user behaviour by means of a so-called opt-out. If you confirm the following link: https://www.hotjar.com/opt-out, a cookie will be stored on your device via your internet browser and this cookie will prevent any further analysis. Please, however, be aware that you will need to reactivate the aforementioned link if you delete the cookies stored on your device.

Facebook

We have implemented links to the external social network Facebook on our website. You can recognize the links on our website e.g. the Facebook logo. We do not utilize so called ‘social plug-ins’ by Facebook for this. You will be directly transferred to the internet sites in Facebook by clicking on them. This internet presence is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA.

YouTube

We have implemented links to the external social network Facebook on our website. You can recognize the links on our website e.g. the Facebook logo. We do not utilize so called ‘social plug-ins’ by Facebook for this. You will be directly transferred to the internet sites in Facebook by clicking on them. This internet presence is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA.

Instagram

We have implemented links to the external service Instagram on our website.  You can recognize the links on our website e.g. the Instagram logo. We do not utilize so called ‘social plug-ins’ by Instagram for this. You will be directly transferred to the internet sites on Instagram by clicking on them. This internet presence is operated by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA.

Google Maps

We have implemented links to the external service GoogleMaps on our website. We do not utilize so called ‘social plug-ins’ by GoogleMaps for this. You will be directly transferred to the internet sites on GoogleMaps by clicking on them. This internet presence is operated by Google LLC, Mountain View, CA 94043, USA.

How long do we keep your data?

We store your personal data, transmitted via our websites in our databases. The Storage time is no longer than is required to execute the task the data was transferred for or to comply with legal regulations (e.g. statutory record retention). This might mean e.g., that data is stored until we have answered a question you have posed or a competition has come to an end. Should you have given us permission to store your personal data for marketing purposes, the data is stored for the duration of marketing measures or until you revoke your consent. You can revoke your permission to receive further advertising material at any point.

Links to other websites 

Our websites include links to other websites. We have no influence on other operator’s content and design. Our data protection disclaimer does not apply there.

Stand: April 2020