search
DE EN

Responsible data controller

The controller responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) and other data protection regulations is

SWEETS GLOBAL NETWORK e. V.

Managing director: Joachim Eckert, OIiver Peik
Grillparzerstraße 38
81675 München
Germany


Phone: +49 89 457690880
E-Mail: info@sg-network.org

Data Protection Officer

You can reach our data protection officer at:

jmh datenschutzberatung

Jörg Hermann
Freibadstr. 30
81543 München
Germany


Phone: +49 89 200033580
E-mail: info@jmh-datenschutz.de

Legal basis for the processing of personal data

In accordance with Art. 13 GDPR, we hereby inform you of the legal basis for our data processing. If you have consented to data processing, we process your personal data on the basis of Article 6(1)(a) GDPR or Article 9(2)(a) GDPR, if special categories of data are processed in accordance with Article 9(1) GDPR.
In the event of express consent to the transfer of personal data to third countries, data processing is also carried out on the basis of Art. 49(1)(a) GDPR. If you have consented to the storage of cookies or access to information on your end device (e.g. via device fingerprinting), data processing is also carried out on the basis of Section 25(1) TDDDG. Consent can be revoked at any time.

If your data is necessary for the performance of a contract or for the implementation of pre-contractual measures, we process your data on the basis of Art. 6 para. 1 lit. b GDPR. Furthermore, we process your data if it is necessary to fulfil a legal obligation on the basis of Art. 6 para. 1 lit. c GDPR. Data processing may also be carried out on the basis of our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR.

Data deletion and storage period

We adhere to the principles of data minimisation in accordance with Art. 5 (1) (c) GDPR and storage limitation in accordance with Art. 5 (1) (e) GDPR. We only store your personal data for as long as is necessary to achieve the purposes stated here or as required by the retention periods stipulated by law. Once the respective purpose no longer applies or these retention periods have expired, the corresponding data will be deleted as quickly as possible.

Rights of the data subject

As a data subject, you have the following rights under the EU General Data Protection Regulation (GDPR):

Right to access (Art. 15 GDPR)

You have the right to request information about what personal data is stored about you, for what purpose it is processed, from whom it was received or to whom it is disclosed, and how long it will be stored.

Right to rectification (Art. 16 GDPR)

You can request the immediate rectification of inaccurate personal data or the completion of incomplete personal data.

Right to erasure (‘right to be forgotten’) (Art. 17 GDPR)

Under certain circumstances, you may request the erasure of your personal data, e.g. if it is no longer necessary for the purposes for which it was collected or if you have withdrawn your consent.

Right to restriction of processing (Art. 18 GDPR)

You have the right to request the restriction of the processing of your personal data, for example if you dispute the accuracy of the data or if the processing is unlawful but you request restriction instead of erasure.

Right to data portability (Art. 20 GDPR)

You can request that the personal data concerning you that you have provided to us be transmitted to you in a structured, commonly used and machine-readable format – or that we transfer this data directly to another controller.

Right to object (Art. 21 GDPR)

You have the right to object to the processing of your personal data at any time, provided that the processing is based on the legitimate interests of our company or on a task that is in the public interest. In the event of a justified objection, we will cease processing unless there are compelling legitimate grounds for the processing.

Withdrawal of consent (Art. 7 GDPR)

If you have given us your consent, you can withdraw it at any time for the future without giving reasons.

Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a data protection supervisory authority, in particular in the Member State of your habitual residence, your place of work or the place of the alleged infringement.

Hosting and Server Logfiles

The servers of our website https://www.sweets-processing.com/en are operated by the provider Hetzner Online GmbH, Germany. We have concluded an order processing contract with the provider in accordance with Art. 28 GDPR. The legal basis for the use of external hosting is the fulfillment of a contract with our potential and existing customers in accordance with Art. 6 para. 1 lit. b GDPR and our legitimate interest in the secure and high-performance provision of our website in accordance with Art. 6 para. 1 lit. f GDPR.

Each time our website is accessed, our system’s web server collects information from the end device used. We collect the following data:

  • Information about the browser type
  • Operating system of the user’s device
  • Date and time of access
  • The previous website from which the user accessed our websites (referrer)

We only collect IP addresses anonymously, so we do not store any personal data in our log files within the meaning of the GDPR.

Contact

You can contact us by email, telephone, contact form, or letter, which may involve the processing of personal data. We process your data for the purpose of handling and processing your request. We will not disclose your data to third parties without your consent.

The legal basis for processing is our legitimate interest in the effective processing of your request in accordance with Art. 6 (1) lit. f GDPR.

When you contact us by email, we store your email address and the information contained in the email. If you use the contact form, your IP address will also be pseudonymized in addition to the information provided in the contact form. If you contact us by letter, your sender address and the content of the letter will be stored. If you contact us by telephone, we will collect personal data depending on the individual case. 

We store your data until you request us to delete it or until the purpose of processing (the processing of your request) has been fulfilled.

Amazon Web Services

We use the ‘Amazon Web Services’ (AWS) service on our website to host and manage our online infrastructure. The provider is Amazon EU S.à r.l. (“Amazon”), 38 avenue John F. Kennedy, L-1855 Luxembourg.

The legal basis for the use of AWS is our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR to securely host our website and ensure its reliable operation, performance, and protection against technical issues or misuse.

The data processed by Amazon Web Services includes your IP address, device and browser information, usage data, and log information; cookies may also be set for authentication and service functionality.

The purpose of data processing is to provide cloud computing infrastructure and services, including storage, hosting, and data management.

It cannot be ruled out that personal data may be transferred to unsafe third countries (United States) where the level of data protection is lower than in the EU. Amazon is certified under the EU-US Data Privacy Framework, which regulates the secure processing of EU citizens data in the US. We have entered into a data processing agreement (DPA) with Amazon that ensures that personal data will only be processed in accordance with our instructions and in compliance with the GDPR.

Further information on the privacy policy of AWS can be found at: https://aws.amazon.com/privacy/

Eye-Able

We use the ‘Eye-Able’ service on our website to improve accessibility for users. The provider is Web Inclusion GmbH (“Web Inclusion”), Gartenstraße 12c, 97276 Margetshöchheim, Deutschland.

The legal basis for the use of Eye-Able is the fulfillment of a legal obligation pursuant to Art. 6 para. 1 lit. c GDPR.

The data processed by Eye-Able includes your IP address, device and browser information, usage data such as interactions with accessibility features, and cookies may be set to store user preferences.

The purpose of data processing is to improve website accessibility by analyzing user interactions and providing accessibility features.

Further information on the privacy policy of Eye-Able can be found at: https://eye-able.com/privacy-policy-eye-able

Social media profiles

We maintain online profiles on the following social networks (hereinafter referred to as “social media”) in order to communicate with customers, interested parties, and the public and to draw attention to our services:

  • LinkedIn (LinkedIn Ireland Unlimited Company)

For information on the scope and purpose of data processing, please refer to the applicable privacy policies of the respective networks:

  • LinkedIn: (https://de.linkedin.com/legal/privacy-policy?)

Processing is carried out on the basis of Art. 6 (1) lit. f GDPR, as we have a legitimate interest in contemporary public relations work. If consent is required, processing is carried out on the basis of Art. 6 (1) lit. a GDPR.

If you provide additional data (e.g., personal messages) to the services, your consent is generally required. Please note that we have no influence on data processing by social media providers. If you have any questions or wish to exercise your rights as a data subject (e.g., information, deletion), please contact the respective platform operator directly.

You can subscribe to or unsubscribe from our social media profiles at any time. If you do not want social media service providers to collect data about your visit to our profiles, please use the deactivation options (e.g., log out, advertising tracker blocking) in your user account or install appropriate browser add-ons.