Data privacy statement
1.1 Information regarding the data controller:
Eggy Food GmbH & Co.KG
Hörster Wall 1
We attach great importance to the protection of your personal data. Your personal data is processed in accordance with data protection regulations, in particular the European General Data Protection Regulation (EU GDPR) and the German Federal Data Protection Act (BDSG-new).
The following information provides an overview of the nature, scope and purpose of the collection, processing and transfer of personal data, as well as the security measures used to protect such data.
Personal data is individual information about the personal or material circumstances of an identified or identifiable natural person, such as your name, address, telephone number, date of birth, email and IP address.
1.2 Legal basis for the processing of personal data
- Insofar as we obtain the consent of the data subject for the processing of personal data, Art. 6 (1) (a) EU GDPR serves as the legal basis. You may revoke your consent to this processing at any time in accordance with Art. 7 (3) EU GDPR.
- 6 (1) (b) EU GDPR serves as the legal basis for the processing of personal data that is necessary for the performance of a contract or for the implementation of pre-contractual measures.
- Insofar as the processing of personal data is necessary to comply with a legal obligation to which our company is subject, Art. 6 (1) (c) EU GDPR serves as the legal basis.
- If processing is necessary to safeguard a legitimate interest of our company or a third party and the interests, fundamental rights and freedoms of the data subject do not override this, Art. 6 (1) (f) EU GDPR serves as the legal basis for processing. In this case, you have a right to object in accordance with Art. 21 EU GDPR.
1.3 Data erasure and storage period
Personal data is erased as soon as the purpose for which it was stored no longer applies. Data may also be stored if this is provided for by statutory retention obligations to which our company is subject (e.g. accounting or tax retention periods of up to 10 years according to AO and HGB).
1.4 Your rights
Upon written request, we will inform you, pursuant to Art. 15 EU GDPR, in accordance with our legal obligation under Art. 12 EU GDPR, whether and which personal data concerning you is processed or stored by us. Furthermore, you have the right to rectification of inaccurate data under Art. 16 EU GDPR, data portability under Art. 20 EU GDPR, blocking and erasure of your personal data under Art. 17EU GDPR – provided that no statutory retention obligations contradict this – and the right to restriction of processing under Art. 18 EU GDPR. In addition, you have the right to contact the competent supervisory authority under Art. 77 EU GDPR.
IN ADDITION, YOU HAVE THE RIGHT TO OBJECTUNDER ART. 21 EU GDPR, IF PROCESSING IS BASED ON THE LEGITIMATE INTERESTS UNDER ART. 6 (1) (F) EU GDPR.
If you have given us your consent to process your data, you can of course revoke your consent to us at any time in accordance with Art. 7 (3) EU GDPR.
If you have any questions regarding the processing of your personal data, you can contact our Data Protection Officer, who will also be happy to assist you in the event of requests for information, suggestions or complaints.
Data Protection Officer of
Eggy Food GmbH & Co. KG
Hörster Wall 1
Last updated: 2022
2.1 Provision of the website
Use of hosting service providers
Our website is hosted on servers located in the EU operated by a hosting service provider on the basis of order processing in accordance with Art. 28 EU GDPR. As part of its services, the hosting service provider may have access to personal data of our users, in particular to technical data that is generated in the course of technical communication between you and our website (e.g. server log files). It may not use this for its own purposes. The use of a hosting service provider is based on our legitimate interests in the provision of infrastructure and platform services, computing capacity, security services and the sending of emails pursuant to Art. 6 (1) (f) GDPR.
Server log files
When you visit our website or use its services, the device with which you access the website automatically transmits log data (connection data) to our server. The corresponding information consists of:
- type and version of the browser you are using,
- type and version of the operating system you are using,
- referrer URL of the web page from which you accessed our website,
- the date and time of your visit to our website,
- name of the subpages you accessed,
- IP address of your computer system,
- amount of data transferred in each case.
The collected data is used exclusively for statistical evaluations for the purpose of the operation, security and optimisation of the website. For security reasons, however, we reserve the right to check the log data retrospectively if there is a legitimate suspicion of unlawful use based on specific indications. The data is stored for no longer than necessary for this purpose. This data is collected on the basis of our legitimate interests in accordance with Art. 6 (1) (f) EU GDPR.
Cookies are small text files that your browser automatically creates and which are stored on your device when you visit our website. Cookies do not damage your computer and do not contain viruses. Most of the cookies we use are deleted at the end of the browser session (so-called session cookies). Other cookies remain on your computer and enable us to recognise your computer on your next visit (so-called persistent cookies). These files make it possible, for example, to display information specifically tailored to your interests on the site.
Security of your data
We use technical and organisational security measures to adequately protect the data you provide against accidental or intentional manipulation, loss, destruction or access by unauthorised persons. We therefore use SSL encryption for the transmission of confidential content, such as inquiries that you send to us as the site operator. You can recognise an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the padlock symbol in your browser line. If SSL encryption is activated, the data you transmit to us cannot be read by third parties. Our security measures are further developed in line with the state of the art.
2.2 Making contact
If you contact us (e.g. via contact form, email, telephone, social media), your personal data will be stored and processed by us for the purpose of processing the enquiry and any associated follow-up questions pursuant to Art. 6 (1) (b) EU GDPR (as part of pre-contractual measures) or pursuant to Art. 6 (1) (f) EU GDPR (general enquiries). We will not pass on this data without your consent.
The data you provide will remain with us until you ask us to delete it, object to its storage, or the purpose for storing the data no longer applies (i.e. once your enquiry has been processed), unless this is contrary to any statutory retention obligations.
2.3 Analysis tools
The analysis measures listed below and used by us are carried out on the basis of Art. 6 (1) (a) EU GDPR (consent). By using these analysis measures, we want to ensure a needs-based design and the continuous optimisation of our website. Using the analysis tools, we record the use of our website in pseudonymised form and evaluate it for the purpose of optimising what the website offers.
You may revoke your consent at any time with effect for the future.
This website uses features of the web analysis service Google Analytics. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4 Ireland. Google Analytics uses so-called “cookies.” These are text files that are stored on your computer and enable your use of the website to be analysed. User and event data is automatically deleted after 14 months.
We have activated the IP anonymisation feature on this website. As a result, your IP address is truncated by Google within member states of the European Union or other signatory states to the Agreement on the European Economic Area before it is transmitted to the USA. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and truncated there. Google uses this information to evaluate your use of the website, to compile reports on website activity and to provide us with other services related to website and internet usage. The IP address transmitted by your browser as part of Google Analytics is not merged with other data held by Google.
Browser plug-in / prevention of data collection
This website uses the Facebook visitor action pixel to measure conversions. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. However, according to Facebook, the data collected is also transferred to the USA and other third countries.
This allows the behaviour of page visitors to be tracked after they have been redirected to the provider's website by clicking on a Facebook ad. This allows the effectiveness of the Facebook ads to be evaluated for statistical and market research purposes and future advertising measures to be optimised.
The data collected is anonymous for us as the operator of this website, we cannot draw any conclusions about the identity of the users. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes in accordance with the Facebook data usage policy. This enables Facebook to serve advertisements on Facebook pages as well as outside of Facebook. This use of the data cannot be influenced by us as site operator.
The use of Facebook Pixel is based on Art. 6 para. 1 lit. f EU DS-GVO. The website operator has a legitimate interest in effective advertising measures including social media. Appropriate consent is requested for the processing of your data (e.g. consent to store cookies). This processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a EU DS-GVO; the consent can be revoked at any time.
You can find further information on protecting your privacy in Facebook's data protection information: https://de-de.facebook.com/about/privacy/.
You can also deactivate the remarketing function "Custom Audiences" in the settings for advertisements section at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. To do this, you must be logged in to Facebook.
If you do not have a Facebook account, you can disable Facebook's usage-based advertising on the European Interactive Digital Advertising Alliance website: http://www.youronlinechoices.com/de/praferenzmanagement/.
Order data processing
We have entered into an order data processing agreement with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.
2.4 Third-party content and services
On the basis of our legitimate interest pursuant to Art. 6 (1) (f) EU GDPR, content, services and performances from other providers that supplement what we offer are integrated into our online offering. With the use of the following services, we want to ensure that our website is designed according to needs and continuously optimised. If we request your consent for the use of these services, the legal basis is Art. 6 (1) (a) EU GDPR.
We use the Google Maps service on our website to display maps. Google Maps is operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4 Ireland. The Google server is provided with information about the use of our website. Google Maps is used in the interest of an appealing presentation of our online services and to make it easy to find the locations indicated by us on the website.
Comprehensive details can be found in the privacy centre of google.de: Transparency and options http://www.google.de/intl/de/privacy/ as well as data protection provisions http://www.google.de/intl/de/privacy/privacy-policy.html.
Links to third party websites
2.5 Social media
We maintain publicly accessible online presences on social networks to communicate with customers and interested parties active there and to present our services.
The processing of users’ personal data takes place on the basis of our legitimate interests in effectively informing users and communicating with users in accordance with Article 6 (1) (f) EU GDPR. If the users are asked to consent to data processing by the respective providers of the platforms or if the user voluntarily sends information to our online sites, the legal basis for processing is Art. 6 (1) (a) EU GDPR in conjunction with Art. 7 EU GDPR. If this information contains contractually relevant content, Art. 6 (1) (b) EU GDPR acts as the legal basis.
For a detailed description of the respective processing operations and the ways to object (opt-out), please refer to the information provided by the providers linked below.
In the case of requests for information and the assertion of user rights, we would like to point out that these can be asserted most effectively with the providers. Only the providers have access to user data and can take appropriate measures and provide information directly. If you still need help, please do not hesitate to contact us.
Facebook and Instagram (Meta)
When you interact with our social media pages on Facebook and Instagram (comment, like posts or send us a message), your data is stored with us. These social networks are operated by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (hence: Meta).
When operating a company profile on these channels, it is a joint responsibility under data protection law pursuant to Art. 26 EU DS-GVO Meta and our company. Accordingly, we have entered into an agreement with Meta which sets out the respective obligations under the EU GDPR: https://www.facebook.com/legal/terms/page_controller_addendum.
Meta provides the profile operators with statistics and insights into the types of actions of our profile visitors ("page insights"). We have no influence on the fact that this data is collected by Meta. According to Meta, this data is only provided to us anonymously, so that the user cannot be identified from the information.
Personal data is deleted as soon as the purpose for storing it no longer applies. They may also be stored if this is required by statutory retention obligations to which our company is subject.
As a rule, our online offering is aimed at adults. Personal information of persons under the age of 16 may only be provided to us with the express consent of the legal guardian (Art. 8 EU GDPR). Processing without the consent of the legal guardian is not permitted. We therefore reserve the right to delete all data relating to minors unless we have obtained the consent of a legal guardian.
3.1 Purpose and legal basis for collection and processing
We process your data for the purpose of processing your application in accordance with Art. 88 EU GDPR in conjunction with Section 26 of the new German Federal Data Protection Act (BDSG). If special categories of personal data within the meaning of Art. 9 (1) EU GDPR are voluntarily disclosed as part of the application process, these are also processed in accordance with Art. 9 (2) (b) EU GDPR.
3.2 Recipients of your data
The recipients of your data are the departments involved in the personnel management process (including HR, managers and department heads) of the data controller. Your data will be treated in the strictest confidence and will not be passed on to third parties without your respective consent. Transmission to third countries or international organisations is not envisaged.
3.3 Storage of your data
Your application data will be deleted 180 days after the position has been filled. If you are also interested in future vacancies, we require your written consent to store your application documents for a longer period of time. You may revoke this consent for the future at any time in accordance with Art. 7 (3) EU GDPR. To do so, please send an email with a corresponding note to the contact address given above.
4.1 Purpose and legal basis for collection and processing
The primary purpose of data processing is to establish, implement and terminate the contractual relationship. The overriding legal basis for this is Art. 6 (1) (b) EU GDPR. Without using your data in this way, it is not possible to carry out the business relationship between you and us.
We also process your data on the basis of Art. 6 (1) (f) EU GDPR to protect our legitimate interests or those of third parties (e.g. authorities). This may be necessary, for example, to maintain IT security and IT operations or for corporate management, internal communication and other administrative purposes. You may object to this processing by giving special reasons in accordance with Art. 21 EU GDPR.
In addition, we process your data to comply with legal obligations such as regulatory requirements, retention obligations under commercial and tax law or documentation obligations. The legal basis for this is Art. 6 (1) (c) EU GDPR in conjunction with the applicable national laws.
In individual cases, we may also process your data on the basis of your separate consent in accordance with Art. 6 (1) (a) and 7 EU GDPR (e.g. in the context of registering for our newsletter or publishing photos and videos). You are always free to decide whether you wish to give your consent. You may revoke your consent at any time with effect for the future. To do so, use the link provided in the respective campaign or send your enquiries to the contact address given above.
If we process your personal data for a purpose not mentioned above, we will notify you in advance.
4.2 Recipients of your data
Within our company, only those individuals who need your personal data to fulfil our contractual and legal obligations receive this data. In addition, we sometimes use different service providers to fulfil these obligations, so it may be necessary to transfer your personal data to other recipients outside of the company, insofar as this is necessary to fulfil our contractual and legal obligations. These third parties may be authorities, financial institutions, suppliers, etc.
In order to process your data by technical means, we sometimes use external service providers. We may transfer and process your data outside the country where your residence/registered office is located or in one of the countries in which we operate. These may also be located outside the European Economic Area. If we transfer personal data to service providers or companies outside the European Economic Area (EEA), the transfer will only take place if the third country has been confirmed by the EU Commission as having an adequate level of data protection or other appropriate data protection guarantees (e.g. binding internal company data protection regulations or EU standard contractual clauses) are in place. You can also request detailed information using the contact information above.
4.3 Storage of your data
We only store your personal data for as long as it is necessary for the purposes stated above. After termination of the contractual relationship, your personal data will be stored for as long as we are legally obliged to do so. This regularly results from legal obligations to provide evidence and retain data, which are regulated in the German Commercial Code (HGB) and the German Fiscal Code. According to these codes, the storage periods are up to ten years. In addition, personal data may be stored for the period during which claims can be asserted against us (statutory limitation period of three or up to thirty years).