This website uses cookies.

By clicking on accept cookies you are giving your consent for us to set cookies.

Data Protection Information

As of 25 May 2018, new data protection provisions are now in force through the EU General Data Protection Regulation (GDPR). In the following we should like to inform you about the processing of your personal data by German Sweets e.V.and the rights afforded to you under data protection legislation:

1. Information on the processor:
German Sweets e.V.
Processor’s contact details:
Schumannstraße 4-6, 
53113 Bonn, Germany
Vereinsregister (Register of Associations) of the
Amtsgericht (Local Court) of Bonn VR 4268
Processor’s electronic contact address:
该Email地址已收到反垃圾邮件插件保护。要显示它您需要在浏览器中启用JavaScript。

2. Details of the data protection officer:
Data protection c/o
Contact details of the data protection officer:
German Sweets e.V.
Schumannstr. 4-6, 53113 Bonn 
Germany
Electronic contact address of the data protection officer:
该Email地址已收到反垃圾邮件插件保护。要显示它您需要在浏览器中启用JavaScript。

3. Information on processing purposes and their legal basis:
German Sweets e.V. processes your personal data in compliance with the EU General Data Protection Regulation (GDPR), the German Federal Data

Protection Act (BDSG), and in compliance with all additional relevant statutory regulations.
Personal data is processed for the purpose of executing agreements and contracts concluded on the initiative of the data subjects (e.g. induction into association membership, staging of events and seminars). The legal basis for this is Art. 6 (1) b) of the GDPR.
Personal data is also processed for purposes of meeting statutory obligations (e.g. information passed to financial authorities) or fulfilling statutory record-preserving requirements (e.g. Section 147 of the German Tax Code [Abgabenordnung]) to which our association is subject by law.

The legal basis for this is Art. 6 (1) c) of the GDPR.
Personal data is additionally processed to safeguard the legitimate interests of our association. This is the case, for example, when we store third-party contact data in pursuing the purposes of our association or when advertising our association’s services or in sending out newsletters. The legal basis for this is Art. 6 (1) f) of the GDPR.
Personal data is ultimately processed on the basis of declarations of consent issued to us by data subjects. The legal basis for this is Art. 6 (1) a) of the GDPR.

4. Information on categories of personal data recipients:
The recipients of personal data received from our association are primarily all service providers or contractors (e.g. EDP and IT service providers, banks, and commissioned third parties at events) that process personal data on our behalf. These act on the basis of contracts concluded with our association and serve as processors within the meaning of Art. 28 of the GDPR. Other recipients of personal data are third parties which perform functions for our association within the scope of our activities, to the extent this is required to comply with statutory obligations or rules and regulations stemming from our articles of association.
Your contact data is stored in a jointly controlled database - within the meaning of Art. 26 of the EU General Data Protection Regulation (GDPR) - this database being shared by the following organisations - the Association of the German Confectionery Industry (BDSI), the German Association for the Promotion of Exports of Chocolate, Confectionery, Biscuits, Snacks, and Ice-cream (German Sweets), the German Cocoa and Chocolate Foundation (Stiftung der Deutschen Kakao- und Schokoladenwirtschaft), the German Confectionery Promotion Company (Süßwarenförderungs-GmbH), the Advisory Board of the International Sweets and Biscuits Fair (AISM), the German Industrial Disputes Support Fund Association (Arbeitskampf-Unterstützungsfonds e.V.), and the German Committee of Industrial Users of Sugar (IZZ).

5. Information on data transmission to a third country:
Personal data are not transmitted to a third country. Third countries are states that are not members of the European Union.

6. Information on the storage period for personal data:
We store personal data in keeping with a general data erasure concept in operation within our association. Accordingly personal data is allocated to a data erasure category. This data erasure category allocates storage deadlines and standard erasure deadlines to such personal data. On expiry of these standard erasure deadlines, the correspondingly flagged personal data is erased.
The personal data stored in connection with association membership is erased on termination of association membership if it is no longer possible to assert legal rights arising under association membership, e.g. when these have lapsed (statute of limitations of up to 30 years).

Personal data stored in connection with our PR activities (e.g. issuing of press releases, newsletters) are erased in response to your objection to continued use, on your objection to any existing declaration of consent, on termination of the service, and if legal claims against us no longer exist, e.g. if these have lapsed (statute of limitations of up to 30 years, but usually after a period of three years).

Generally your personal data is erased or in anonymised as soon is it is no longer required for the above-named purposes and we are not obligated to continue storing this data by statutory record-keeping and record-preserving requirements (record-preserving requirements of up to 10 years).

7. Information on the rights of data subjects:
As the data subject, you are afforded the following rights under the General Data Protection Regulation:

- Right of access to personal data (Art. 15)
- Right to rectification of personal data (Art. 16)
- Right to erasure of personal data (Art. 17)
- Right to restriction of processing of personal data (Art. 18)
- Write to objection against the processing of personal data (Art. 21)
- Right to data portability (Art. 20)

8. Information on the right of revocation:
In as far as processing is based on Art. 6 (1) a) of the of the GDPR (consent) or Art. 9 (2) regarding particular types of personal data, in other words on consent given by the data subject, we want you to know that you have the right to revoke your consent at any time, without this affecting the legality of data processing conducted with your consent until such a revocation is declared.
You may also assert these rights vis-à-vis our association:
该Email地址已收到反垃圾邮件插件保护。要显示它您需要在浏览器中启用JavaScript。

9. Information on the right to lodge a complaint:
The corresponding supervisory authority in our case is:
Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen 
(State Office for Data Protection and Freedom of Information of North Rhine-Westphalia)
Kavalleriestr. 2-4, 40213 Düsseldorf
Phone: 0211 38424-0
Fax: 0211 38424-10
E-mail: 该Email地址已收到反垃圾邮件插件保护。要显示它您需要在浏览器中启用JavaScript。
Data subjects have a right to lodge a complaint under Art. 77 (1) of the GDPR in the event of an infringement of statutory regulations regarding the processing of personal data.

10. Provision of personal data:
Our association offers various services based on a contract agreed between you, the data subject, and our association (e.g. a contract regulating attendance of the data subject at events or seminars). In this case you are obliged to provide us with certain personal data. This is the data our association requires to fulfil such contracts (e.g. delivery address/payment information). If this data is not provided, contracts with our association cannot be concluded.

11. Automated decision-making and profiling:
Our association undertakes no activities related to automated decision-making (e.g. credit solvency checks) or to so-called profiling (e.g. information on preferences or behaviour of the data subjects) within the meaning of Art. 22 of the GDPR.

Information valid as of: June 2018 -
we shall inform you of any new information regarding relevant changes if and when required