Thank you for your interest in interest in our services. The protection of your personal data is of great importance to us. Therefore, we ask you to please read the following instructions thoroughly. In these we inform you about what data we (and other responsible partners) store on our website as well as through the use of our services and how this data is used.
Responsible for the data processing as a data controller is:
Delivery Hero HF Kitchens GmbH
Oranienburger Str. 70, 10117 Berlín, Germany
registered at the Amtsgericht (AG) Charlottenburg under HRB 185836 B
Executive Directors: Robin Steps, Sebastian Klein
E-Mail: [email protected]
VAT Austria: ATU72142905
VAT Germany: DE31145898
We have appointed a data protection officer
Personal data is information that can be used to determine a person, i.e. information that can be traced back to a person.
The legal basis for data protection can be found in particular in Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data, on the free movement of persons and repealing Directive 95/46 / EC ("General Data Protection Regulation", GDPR), as well as its EU member state implementations.
In order to offer and provide you with our services, we must also collect, process, store and sometimes even share various personal data. The data is processed by us as the operator of the website or for the provision of our services for the purpose of providing services and the software and hardware delivery also by third parties. For more information you can contact [email protected] at any time.
You provide your data via the website or when using our services, also via external third parties, if this is necessary for the purposes mentioned. Failure to provide the data may have legal disadvantages for you, such as: the loss of legal positions, such as no error-free website or no response to your request.
Your Legal Rights
In accordance with the law, you as the person concerned have the right
to obtain information about your stored data with us, at any time and free of charge
to rectification, erasure or restriction of processing
To obtain your data in a structured, common and machine-readable format or (if applicable) to request the transfer to another person responsible (right to data portability)
to object to the processing of your personal data, for example for the purpose of direct marketing and/ or on the basis of legitimate interests pursuant to Art. 6 para. 1 lit. f. GDPR are processed and as far as there are reasons that arise from your particular situation
Upon objection with effect for the future, should you have previously consented to provide us with your personal data
You may contact [email protected] at any time to exercise these rights to access, rectification, deletion or limitation of processing, the right to object or the right to data transmission or your opposition.
You or the person concerned by the data processing has a right of appeal to the supervisory authority (for example, Berlin Commissioner for Data Protection and Freedom of Information, e-mail: [email protected]). A list of data protection authorities can be found here: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html or http://ec.europa.eu/newsroom/article29/item-detail. cfm? item_id = 612,080th
Generally speaking, we only save your personal data for as long as necessary to carry out the contract or the respective purpose and limit the storage period to an absolutely necessary minimum. The data are stored according to legal retention periods (eg for Germany: Commercial Code "Handelsgesetzbuch" (HGB) or Tax Code "Abgabenordnung" (AO)). As far as possible, we will inform you about specific storage and deletion periods.
The following retention periods apply:
Logfiles und IP-Addresses of website visitors: 7 days
For Germany: commercial letters, this includes a large part of the correspondence conducted in connection with the initiation and execution of contracts, including e-mails and communication with the customer service, 6 years (§ 257 Abs. 1 Nr. 2, 3, Abs. 4 HGB Balance sheets and accounting documents 10 years (§ 257 para. 1, especially No. 4, para. 4 HGB, § 238 para. 1 HGB)
For Austria: tax retention period 7 years (beyond that as long as they are of importance for the tax authorities in a pending case) (§ 132 para. 1 BAO); Company-legal retention obligation 7 years (§§ 190, 212 UGB)
Criteria for the duration of storage include i.a. the concern of the legitimate interests of the persons, our economic interests (amongst others expenses and costs) for a deletion of the data, pre-settings of the third-party providers used by us.
We have implemented appropriate technical and organisational measures for data security. For the best possible protection of the data our service in the form of the website takes place via a secured SSL connection between your server and the browser, i.e. the data is transmitted encrypted. We use server providers who process the data within the EU for the website or our services.
To protect your data, we take appropriate technical and organisational measures. But please remember that your data is yours, i. e. the less information you reveal, the more control you have.
If you send us inquiries or contact us via the contact form on our website or via e-mail, your details will be stored in the request, including the data you provided there, in order to process the request and in case of follow-up questions.
These data are processed only on the basis of your consent (legal basis art. 6 (1) lit. a GDPR) and due to a prospective or existing business relationship with us (legal basis art. 6 (1) lit. b GDPR or TMG).
We (or the web space provider) collect data about every visit to our website (so-called server log files). These include:
We use this data for statistical analysis for the purpose of optimising our website and for the sake of data security in order to ensure the stability and operational safety of the website. If personal data (such as the IP address) are stored, this is done on the basis of Article 6 (1) lit. c. GDPR or Art. 6 (1) lit. f. GDPR due to our legitimate interest in quality assurance.
With our newsletter we inform you about us and our services.
To sign up for the newsletter, all you need is your e-mail address. If you register for the newsletter, your e-mail address will be transmitted to us (or our mail provider) and stored there. After logging in, the user will receive an e-mail to confirm the registration ("double opt-in"). By subscribing to the newsletter the following data will be processed:
|Contact data||E-Mail-Adress, possibly name|
|Device Data||Device name, possibly country code, language, name of the operating system and version|
|Connection Data||IP-Address, mail provider|
This storage serves solely as proof in the event that a third party misuses an e-mail address and logs on without the knowledge of the person entitled to receive the newsletter.
The data processing for sending the newsletter takes place on the basis of your consent (legal basis Art. 6 (1) lit. a GDPR).
If you purchase goods or services from us, we will be able to send you information emails for similar goods or services in the future. Data processing takes place on the basis of the business relationship with you (Art. 6 Abs. 1 lit. b., f. GDPR or German Act against Unfair Competition (UWG)). Our legitimate interests of marketing and quality assurance come into play.
REVOCATION/OBJECTION: The user may revoke his consent to the processing of the data for the purpose of sending the newsletter at any time or object to the data processing. The revocation / objection can take place over a link, which is contained in each newsletter, or by separate message to us. You will incur no other than the transmission costs according to the basic rates.
When you register on the website and set up a customer account and order services through the website, the following data is collected and stored:
|Contact data||Name, billing address, E-Mail address, phone number|
|Order and usage data||Delivery address, time of order, possibly preferences and information on the orders|
You can manage this data at any time in your customer account.
The data entered during the registration process and all later entered usage and order data are processed via the website or by us for the purposes described in our terms and conditions or for the following purposes:
|Purpose||Legal basis||Details for the purpose of processin|
|as far as this is necessary for the fulfillment of a contract with us or for the execution of pre-contractual measures||Art. 6 (1) lit. b. GDPR||Use of the website; Execution and processing of orders; Answer of our customer service on your request|
|With your express consent||Art. 6 (1) lit. a. GDPR||You voluntarily provide your data to us or our customer service without this being necessary for another purpose; You can contact us via e-mail, SMS (or other means of communication), use the contact form on our website or sign up for the newsletter|
|Device To fulfill our legal obligations||Art. 6 (1) lit. c. GDPR||Compliance with tax retention periods; Transfer of data to competent authorities|
|Because of our legitimate interests, such as marketing, legal protection and quality assurance||Art. 6 (1) lit. f. GDPR||Analysis of the number of orders to improve the ordering process; Addressing for direct marketing purposes (such as existing contractual relationships for similar goods and services) or quality assurance; Disclosure of data to law enforcement agencies|
You can change or manage your data at any time by sending a message to us ([email protected]).
When processing the orders, we use third-party providers who process your data.
Furthermore, we process your data in the scope mentioned above or for the purposes mentioned in the case that orders are forwarded to us from another platform.
We do not process payment data, but these are processed by external payment service providers. On our platforms, we currently use the payment service providers BSPayone and Paypal.
For further information you can also contact [email protected].
Our website partly uses so-called cookies. Cookies do not damage your device and do not contain viruses. Cookies are used to make our offer more user-friendly, effective and secure. Cookies are small text files that are stored on your device and stored by your browser.
Most of the cookies we use are so-called "session cookies". They are automatically deleted after your visit. Session cookies are required to associate successive page views with the users who access our website at the same time. Other cookies remain stored on your device until you delete them. These cookies allow us to recognise your browser on your next visit.
CONSENT: Before activating any cookies not strictly necessary for the operation of the website we will obtain your consent which you can grant by configuring the setting in our cookie consent manager that will pop up once you access the website.
You can also set your browser so that you are informed about the setting of cookies and only allow them in individual cases, or only allow the acceptance of cookies for certain cases or generally exclude and activate the automatic deletion of cookies when closing the browser. You can find many corporate online ad cookies on the US http://www.aboutads.info/choices/ or EU page http://www.youronlinechoices.com/uk/your-ad-choices/ manage. Please note that disabling cookies may limit the functionality of this website.
If personal data is processed when using cookies, this is based on the legal basis Art. 6 (1) lit. f. GDPR due to legitimate interests of the quality assurance of the website.
We use Google Analytics, a web analytics service provided by Google (including Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, and Google LLC, Mountain View, CA, USA). Google Analytics uses so-called "cookies", text files that are stored on the device used and that allow an analysis of the use of the website. The information generated by the cookie about the use of the website such as
Browser type / version; used operating system; Referrer URL (the previously visited page); Host name of the accessing computer (IP address); Time of server request when using the website
are usually transmitted to and stored by Google on a server in the United States, however, due to the activation of IP anonymisation on the website, the IP address of Google within member states of the European Union or in other states of the Convention on the European Economic Area is being previously cut. The full IP address is therefore not transmitted to a Google server in the US and shortened there. IP anonymisation is active on the website. On our behalf, Google will use this information to evaluate the use of the website, to compile reports on website activities and to provide us with other services related to the use of the website and the internet.
As far as the IP anonymisation is omitted or personal data is processed, the data processing on the legal basis Art. 6 (1) lit. f. GDPR or TMG, whereby our legitimate interests (or the legitimate interests of third parties commissioned by us) of quality assurance or statistical analysis of user behavior are tracked.
OBJECTION AND CONSENT: In addition to configuring our consent manager, you can prevent the collection by Google of the data generated by the cookie and related to your use of the website (including the IP address) as well as the processing of this data by Google by downloading the browser plug-in available under the following link and install: http://tools.google.com/dlpage/gaoptout?hl=en.
Google LLC adheres to the EU Commission standard contractual clauses, as well as any necessary supplementary measures required to ensure an adequate protection of personal data outside the EU.
We use "pixel" to measure visitor actions as a Facebook offer (Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA, Facebook Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland.) By calling this pixel from your browser, Facebook can subsequently determine whether a Facebook ad was successful, i.e. led to a successful online purchase. For this purpose, we receive exclusively statistical data from Facebook without direct reference to a specific person. Like this we can track the effectiveness of Facebook ads for statistical and market research purposes. If personal data are processed, this is based on the legal basis of Art. 6 (1) lit. f. GDPR due to legitimate interests in such data processing for marketing and market research purposes.
More information and Facebook privacy information can be found here: https://www.facebook.com/about/privacy/.
CONSENT & OBJECTION: In addition to configuring our consent manager, you can also prevent the storage of cookies by setting your browser software accordingly; However, you are cautioned that in this case you may not be able to fully use all features of the website. You can also prevent the collection of data (including the IP address) on Facebook and the processing of this data by following the instructions at the following link: [see instructions e.g. under https://holgerfreier.de/google-analytics-facebook-pixel-opt-out/]. We point out that the use of the website may be restricted. At www.facebook.com/settings?tab=ads you can also make settings for the processing of your data by Facebook, if you have a user account on Facebook.
Facebook Inc. adheres to the EU Commission standard contractual clauses, as well as any necessary supplementary measures required to ensure an adequate protection of personal data outside the EU.
In principle, we only pass on your data to third parties if we have agreed to it (or if there is another legal basis) and if we are legally obliged to do so.
For the purposes of data processing listed here, we use third-party providers who process your data both inside and outside the EU. For further information you can also contact [email protected].
The following providers may use data processing in other EU countries:
Furthermore, the following third-party vendors we use spread data within the EU:
Facebook: facebook.com or Facebook Mobile Application as service of Facebook Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland, see also data protection policy: https://de-de.facebook.com/policy.php, Objection: https://www.facebook.com/ads/preferences bzw. https://www.facebook.com/settings;
Instagram: instagram.com or Instagram Mobile Application as a service of Facebook Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland, see also data protection policy: https://help.instagram.com/519522125107875; Objection: https://help.instagram.com/contact/1845713985721890.
When you visit one of our social media pages, data will be processed by us as well as by the above providers.
The respective provider of social media takes over the data protection obligations to you as a user, such as the information for data processing and is the contact person for your rights. This follows from the fact that the respective provider has immediate access to the relevant information about the social media page and the processing of your data. You are also welcome to contact us if this should become necessary and we will then forward the request to the provider if necessary.
When using Facebook and Instagram, data can also be processed outside the EU. Facebook Inc. adheres to the EU Commission standard contractual clauses, as well as any necessary supplementary measures required to ensure an adequate protection of personal data outside the EU.
With our social media pages, we can communicate with you and provide interesting information. In doing so, we may receive further data from you with your comments, shared pictures, messages and reactions, which we then process for answering or communicating with you. If you use the social media on multiple devices, a cross-device analysis of the data can take place.
Data processing is carried out with your consent or for the purpose of answering your request (Article 6 (1) lit., b. GDPR) or based on legitimate interests in improving the offer, advertising and marketing activities and external representation ( Art. 6 (1) lit. f. GDPR).
Page insights and cookies on Facebook: Facebook and we use the page Insights feature to process statistics from users of our Facebook page (see also the agreement at: https://www.facebook.com/legal/terms/page_controller_addendum). This concerns the processing of so called 'page insights', which are being described in further detail at https://www.facebook.com/business/a/page/page-insights.
Via the usage data of the Facebook page, evaluations and statistics are created in the form of the page insights, which support us in improving our marketing activities and our external appearance. We may continue to learn about users and their behaviors that interact with or use our Facebook page to view relevant content and to develop features that may be of interest to them. These site statistics show us, for example, which people of certain target groups interact most with our Facebook page, or which content was visited, shared or criticised on Facebook when and how often. When classifying the people in target groups, demographic data or data about the place where a person is located are also included in order to specifically place advertisements with these persons. If you use Facebook on multiple devices, a cross-device analysis of the data can take place. The data collected in this way are statistically processed and usually anonymous, meaning we can not relate to the individual persons.
You may find further information on these page insights and data processing in the data protection policy of Facebook at https://de-de.facebook.com/policy.php or https://www.facebook.com/business/a/page/page-insights.
If you use Instagram and have an account there, Instagram can associate your activities there with your profiles. Instagram and we use the Instagram Insights feature to process statistical data from users of our Instagram pages (see also Facebook, that is connected with the provider of Instagram via legal agreement: https://www.facebook.com/legal/terms/page_controller_addendum).
It concerns the processing of data in the form of so-called 'Instagram Insights'', that are being described in further details at: https://help.instagram.com/788388387972460?helpref=faq_content.
The usage data of the Instagram pages generate evaluations and statistics in the form of Instagram Insights, which help us to improve our marketing activities and our external impact. With Instagram Insights, we can learn more about our users and the performance of our content with you as a target audience. To do this, Instagram provides us statistics about specific posts and stories to find out how users interacted with them. When classifying people into target groups, demographic data or data about a person's location are included in order to channel targeted advertising to those people. If you use Instagram on multiple devices, a cross-device analysis of the data can be done. The data collected in this way are statistically evaluated and usually anonymous, meaning we can not relate to your person.
Facebook: As a user of Facebook, you can always influence how your user behavior is captured when you visit the Facebook page. Therefore you can manage settings for advertisement preferences at https://www.facebook.com/ads/preferencesor manage your account settings at https://www.facebook.com/settings. Further Facebook offers the option to get in contact or exercise your rights at https://www.facebook.com/help/contact/2061665240770586 or respectively at https://www.facebook.com/help/contact/308592359910928.
Instagram: As an Instagram user, you can always influence how your user behavior is captured when you visit the Instagram page. Therefore you can manage your settings for advertisement preferences on your Instagram account at https://www.instagram.com/accounts/privacy_and_security/. Further Instagram offers the possibility to get in contact or exercise your rights at https://help.instagram.com/contact/1845713985721890 or respectively at https://help.instagram.com/519522125107875.
International Data Transfers
We process your data mainly within the European Union (EU) and the European Economic Area (EEA). However, some of our service providers mentioned above are based outside the EEA in so-called "third countries". The GDPR has high requirements for the transfer of personal data to third countries. All our data recipients have to measure up to these requirements. Before we transfer your data to a service provider in third countries, every service provider is first assessed with regard to its data protection level. They will only be shortlisted for service providers if they can demonstrate an adequate level of data protection. Regardless of whether our service providers are located within the EEA or in third countries, each service provider must sign a data processing agreement with us. Service providers outside the EU/EEA must meet additional requirements. According to Art. 44 ff. GDPR personal data may be transferred to service providers that meet at least one of the following requirements:
The European Commission has decided that the third country ensures an adequate level of protection (e.g. Israel and Canada)
Standard contractual clauses have been incorporated into our contract with the data recipient
Further Appropriate safeguards in accordance with Art. 46 GDPR have been provided.
For more information you can always contact us, for example by emailing [email protected].
Data Protection Policy Delivery Hero HF Kitchens GmbH
Last updated: May 5th, 2021