Name and contact details of the data controller
CJ Mainfrost Foods GmbH
Tel.: +49 (0) 6187-9292-0
is the person responsible within the meaning of the EU General Data Protection Regulation (GDPR) and other national data protection laws.
Name and address of the data protection officer
The data protection officer of the person responsible is:
60329 Frankfurt am Main
Te.: +49 (0) 69 – 9494 32 410
General information on data processing
Scope of processing of personal data
In principle, we only collect and use personal data of the users of our homepage to the extent that this is necessary to provide a functional website, our content and services.
In principle, the collection and use of personal data from our users only takes place with their consent. An exception to this principle applies in cases in which processing of the data is permitted by legal regulations or obtaining prior consent is not possible for actual reasons.
Legal basis for processing personal data
Article 6 paragraph 1 sentence 1 lit. a GDPR upon obtaining the consent of the data subject.
Art. 6 (1) sentence 1 lit. b GDPR for processing that serves to fulfill a contract to which the data subject is a party. Processing operations that are required to carry out pre-contractual measures are also included here.
Article 6 paragraph 1 sentence 1 lit. c GDPR for processing that is necessary to fulfill a legal obligation.
Art. 6 (1) sentence 1 lit. d GDPR if vital interests of the data subject or another natural person require the processing of personal data.
Art. 6 (1) sentence 1 lit. f GDPR if the processing is necessary to protect a legitimate interest of our company or a third party and the interests, fundamental rights and fundamental freedoms of the person concerned do not outweigh the first-mentioned interest. In order to be able to base the processing of personal data on a legitimate interest, an examination is carried out in coordination with the data protection officer for each relevant process, whereby the following three conditions must be met:
1) The person responsible for processing the personal data or a third party has a legitimate interest in the data processing.
2) The processing is necessary to protect the legitimate interest.
3) Interests or fundamental rights and freedoms of the data subject that require the protection of personal data do not prevail.
Data Erasure and Storage Duration
The users’ personal data will be deleted or blocked as soon as the purpose of storage no longer applies. Storage that goes beyond this can take place if this has been provided for by the European or national legislator in EU regulations, laws or other regulations to which the person responsible is subject. The data will also be blocked or deleted if a storage period prescribed by the standards mentioned expires, unless there is a need for further storage of the data for the conclusion or fulfillment of a contract.
Use of our website, general information
Description and scope of data processing
Each time our website is accessed, our system automatically collects data and information from the user’s computer system. The following information can be collected:
Information about the browser type and version used, the user’s operating system, the user’s Internet service provider, the user’s IP address, date and time of access, websites from which the user’s system accesses our website, websites , which are called up by the user’s system via our websites
The data described is stored in the log files of our system. This data is not stored together with other personal data of the user.
Purpose and legal basis for data processing
The temporary storage of the IP address by our system is necessary to enable delivery of the website to the user’s computer. For this purpose, the IP address of the user must remain stored for the duration of the session.
Storage in log files takes place to ensure the functionality of the website. In addition, we use the data to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.
The legal basis for the temporary storage of the data and the log files is Article 6 Paragraph 1 Sentence 1 lit. f GDPR.
The collection of your personal data for the provision of our website and the storage of the data in log files is absolutely necessary for the operation of the website. There is therefore no possibility of objection by the user.
Duration of storage
Your data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. If your data is recorded in order to ensure the provision of the website, the data will be deleted when the respective session has ended.
If your data is stored in log files, it will be deleted after seven days at the latest. Storage beyond this is possible, in which case the IP addresses of the users will be deleted or alienated. An assignment of the calling client is no longer possible.
The legal basis for the storage of cookies, device identifiers and similar tracking technologies or for the storage of information in the end user’s terminal equipment and access to this information is the European ePrivacy Directive in conjunction with the in conjunction with the Telecommunications and Telemedia Data Protection Act (TTDPA).
Please note that the legal bases for the processing of the personal data collected in this context result from the GDPR (Art. 6 Para. 1 S.1 GDPR). The relevant legal basis for the processing of personal data in each specific case can be found below under the respective cookie or the respective processing itself.
The primary legal basis for the storage of information in the terminal device of the end user – and therefore in particular for the storage of cookies – is your consent, § 25 Para. 1 S.1 TTDPA. Consent is given when you visit our website – although of course it does not have to be given – and can be revoked at any time in the cookie settings.
Pursuant to § 25 Para. 2 No. 2 TTDPA, consent is not required if the storage of information in the end user’s terminal equipment or access to information already stored in the end user’s terminal equipment is absolutely necessary so that the provider of a telemedia service can receive a expressly requested telemedia service. You can see in the cookie settings which cookies are to be classified as absolutely necessary (often also referred to as “technically necessary cookies”), therefore fall under the exception regulation of § 25 Para. 2 TTDPA and therefore do not require consent.
When using cookies, the following data is stored and transmitted:
Online identifiers (including cookie identifiers), internet protocol addresses and device identifiers, customer-assigned identifiers
The legal basis for the processing of personal data using cookies is Art. 6 para. 1 s. 1 lit. f GDPR. The purpose of using technically necessary cookies is to simplify the use of our website.
The legal basis for the processing of personal data using cookies for analysis and advertising purposes is Article 6 (1) sentence 1 lit. a GDPR if the user has given their consent.
Cookie consent with Borlabs
This website uses the provider Borlabs (Borlabs – Benjamin A. Bornschein, Rübenkamp 32, 22305 Hamburg), which sets a technically necessary cookie (borlabs cookie) to enable you to make individual cookie settings and to document them in compliance with data protection regulations. If our website is called up, the following data is transmitted to Borlabs: your consent or the revocation of your consent to the setting of cookies, a cookie set by Borlabs cookie in your browser, the cookie duration and version, domain and path of the website and the UID. The UID is a randomly generated ID and not personal information. Borlabs does not process any personal data.
The borlabs cookie stores the consent you gave when you entered the website. If you would like to revoke this consent, simply delete the cookie in your browser. If you re-enter/reload the website, you will be asked again for your cookie consent.
Your rights / rights of the data subject
Right of providing information/Right of access by the data subject
You have the right to receive information from us as the person responsible as to whether and which personal data relating to you is processed by us, as well as further information in accordance with the legal requirements of Art. 15 GDPR.
You can assert your right to information at:
Right to Rectification
If the personal data processed by us and relating to you is incorrect or incomplete, you have the right to have it corrected and/or completed. The correction will be made immediately.
Right to Restriction
You have the right to restrict the processing of your personal data in accordance with the statutory provisions (Art. 18 GDPR).
Right to Erasure
If the reasons set out in Art. 17 GDPR apply, you can demand that the personal data concerning you be deleted immediately.
We would like to point out that the right to erasure does not exist if the processing is necessary for one of the exceptional circumstances mentioned in Art. 17 Para. 3 GDPR.
Right to information
If you have asserted the right to rectification, erasure or restriction of processing, we are obliged to notify all recipients to whom your personal data has been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves to be the case as impossible or involves a disproportionate effort. You also have the right to be informed about these recipients.
Right to data portability
According to the GDPR, you also have the right to receive the personal data provided to us in a structured, common and machine-readable format or to request its transmission to another person responsible.
Right to revoke the declaration of consent under data protection law
You have the right to revoke your declaration of consent under data protection law at any time. We would like to point out that the revocation of the consent does not affect the legality of the processing carried out on the basis of the consent up to the revocation.
Right to object
Furthermore, you have the right, for reasons arising from your particular situation, to object at any time to the processing of your personal data, which is based on Article 6 (1) sentence 1 lit. e or f GDPR.
Automated individual decision-making including profiling
According to the EU General Data Protection Regulation, you also have the right not to be subject to a decision based solely on automated processing – including profiling – which has legal effect on you or significantly affects you in a similar way.
Right to lodge a complaint with a supervisory authority
Finally, if you are of the opinion that the processing of your personal data violates the GDPR, you have the right to lodge a complaint with a supervisory authority, in particular in the member state of your habitual residence, your place of work or the place of the alleged violation.
EU-US Trans-Atlantic Data Privacy Framework
Within the framework of the so-called “Data Privacy Framework” (DPF), the EU Com-mission has also recognized the level of data protection for certain companies from the U.S. as safe within the framework of the adequacy decision of 10.07.2023. The list of certified companies as well as further information on the DPF can be found on the website of the U.S. Department of Commerce at https://www.dataprivacyframework.gov/s/participant-search.
Data transfer outside the EU
The GDPR guarantees an equally high level of data protection within the European Union. When selecting our service providers, we therefore rely on European partners whenever possible if your personal data is to be processed. Only in exceptional cases will we have data processed outside the European Union as part of the use of third-party services. We only allow your data to be processed in a third country if the special requirements of Art. 44 et seq. GDPR are met. This means that the processing of your data may only take place on the basis of special guarantees, such as the determination of a level of data protection officially recognized by the EU Commission or compliance with officially recognized special contractual obligations, the so-called “standard data protection clauses”. “.
Data processing under the Swiss DPA
In principle, the use of our website is subject to the legal regulations of the GDPR. Insofar as you also visit our website from Switzerland and insofar as the related data processing also affects you as a Swiss citizen, these data protection provisions also apply to you under the Swiss Federal Data Protection Act (“Swiss DPA” as amended on 01 September 2023), analogously to the GDPR.
In principle, the Swiss DPA does not provide for the naming of a legal basis. In this respect, we only process your data from Switzerland if the processing is lawful, is carried out in good faith and is proportionate in accordance with Art. 6 para. 1 and 2 of the Swiss DPA. Furthermore, your data will only be collected by us for a specific purpose that is recognizable to the data subject and will only be processed in such a way that it is compatible with these purposes in accordance with Art. 6 para. 3 of the Swiss Data Protection Act.
In this context, please also note that although certain terms are formulated differently under the GDPR, they have the same legal meaning as under the Swiss DPA. For example, the GDPR terms “processing” of “personal data” as well as “legitimate interest” and “special categories of data” used in this Privacy Notice correspond to the terms “processing” of “personal data”, “overriding interest” and “personal data requiring special protection” used in the Swiss DPA.
The data subject rights set out here pursuant to Art. 12 et seq. GDPR can be asserted by data subjects from Switzerland in analogy to the regulations pursuant to Art. 25 et seq. of the Swiss DPA.
Minors under the age of 16
Minors under the age of 16 are expressly not the addressees of our website and our offers on this website. We would like to point out that legal guardians must supervise the online activities of their children. Minors under the age of 16 should not transmit any personal data to us without the consent of their parents or legal guardians. We explicitly do not request personal data from minors under the age of 16, do not knowingly collect it and do not pass it on to third parties.
You can subscribe to a free newsletter on our homepage, with which we will inform you about our current interesting offers. The advertised goods and services are named in the declaration of consent. The data that you enter in the input mask when registering will be transmitted to us.
We collect the following data on the basis of the consent obtained from you during the registration process:
E-mail address, first and last name (optional), country (optional)
Furthermore, the following data is stored at the moment of transmission:
IP address of the calling computer, date and time of registration.
Your data will not be passed on in connection with data processing for sending newsletters. The data will only be used to send the newsletter.
Double opt-in and logging
Registration for our newsletter takes place in a so-called double opt-in procedure. After registering, you will receive an email asking you to confirm your registration. This confirmation is necessary so that nobody can register with someone else’s e-mail address.
The registrations for the newsletter are logged in order to be able to prove the registration process in accordance with the legal requirements. This includes storing the time of registration and confirmation as well as the IP address.
The legal basis for processing the data is Article 6 Paragraph 1 Clause 1 Letter a GDPR if the user has given his consent. The collection of the user’s e-mail address serves to deliver the newsletter.
Deletion, revocation and objection
Your data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. Your e-mail address will therefore be stored for as long as the subscription to the newsletter is active. You can unsubscribe from the newsletter at any time by revoking your consent. For this purpose, there is a corresponding link in every newsletter.
We would also like to point out that you can object to the future processing of your personal data at any time in accordance with the legal requirements of Article 21 GDPR. The objection can be made in particular against processing for direct advertising purposes.
Shipping service provider
The newsletter is sent using “MailChimp”, a newsletter distribution platform from the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA.
The e-mail addresses of our newsletter recipients, as well as their other data described in this notice, are stored on the MailChimp servers in the USA. MailChimp uses this information to send and evaluate the newsletter on our behalf. Furthermore, according to its own information, MailChimp can use this data to optimize or improve its own services, e.g. for the technical optimization of the dispatch and the presentation of the newsletter or for economic purposes, in order to determine from which countries the recipients come. However, MailChimp does not use the data of our newsletter recipients to write to them or pass them on to third parties.
With the help of MailChimp we can analyze our newsletter campaigns. When you open an email sent with MailChimp, a file contained in the email (so-called web beacon) connects to the MailChimp servers in the USA. In this way it can be determined whether a newsletter message has been opened and which links have been clicked on. Technical information is also recorded (e.g. time of retrieval, IP address, browser type and operating system). This information cannot be assigned to the respective newsletter recipient. They are used exclusively for the statistical analysis of newsletter campaigns. The results of these analyzes can be used to better adapt future newsletters to the interests of the recipients.
If you do not want an analysis by MailChimp, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message. You can also unsubscribe from the newsletter directly on the website.
The data processing takes place on the basis of your consent (Art. 6 Para. 1 S. 1 lit. a GDPR). You can revoke this consent at any time by unsubscribing from the newsletter. The legality of the data processing operations that have already taken place remains unaffected by the revocation.
We would like to point out that we evaluate your user behavior when sending the newsletter. For this evaluation, the e-mails sent contain so-called web beacons or tracking pixels, which represent one-pixel image files that are stored on our website. For the evaluations, we link the data mentioned under point 1 and the web beacons with your e-mail address and an individual ID.
Links contained in the newsletter also contain this ID.
The data is only collected in pseudonymised form, so the IDs are not linked to your other personal data, and direct personal reference is excluded.
With the data obtained in this way, we create a user profile in order to tailor the newsletter to your individual interests. In doing so, we record when you read our newsletter, which links you click on in them and deduce your personal interests from this. We link this data to actions taken by you on our website.
If you do not wish to be analyzed by our newsletter, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message. You can also unsubscribe from the newsletter directly on the website. The information is stored for as long as you have subscribed to the newsletter.
If you would like to contact us, there is a contact form available on our homepage, which you can use to contact us electronically. The data entered in the input mask will be transmitted to us and saved. These dates are:
First name, last name, email address, country (optional), your message, subject of your request
At the time the message is sent, the following data is also stored:
The IP address of the user, date and time of contact
It is also possible to contact us via the email address provided. In this case, the user’s personal data transmitted with the e-mail will be stored.
Your data will not be passed on to third parties in this context, the data will only be used to process the communication.
The legal basis for processing the contact request and its processing is generally Article 6 Paragraph 1 S.1 lit. b GDPR.
If further personal data is processed during the sending process, this only serves to prevent misuse of the contact form and to ensure the security of our information technology systems.
Your data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. For the personal data from the input mask of the contact form and those sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is over when it can be inferred from the circumstances that the facts in question have been finally clarified.
The additional personal data collected during the sending process will be deleted after a period of 8 weeks at the latest.
Google Tag Manager
If we have obtained your consent, the legal basis for the use of the Google Tag Manager is Art. 6 Para. 1 S. 1 lit a GDPR. Otherwise, the legal basis for the use of technically necessary cookies results from our legitimate interest in accordance with Article 6 (1) sentence 1 lit. f GDPR.
Content Delivery Network (CDN)
This site uses content delivery networks to deliver popular online libraries and web fonts. Access then takes place directly to the servers of the operator, so that data such as the calling IP address, referrer, browser information, etc. are collected there.
The legal basis for this is our legitimate interest pursuant to Article 6 Paragraph 1 Sentence 1 lit.
You can prevent CDNs from collecting and processing your data by disabling the execution of script code in your browser or by installing a script blocker in your browser (you can find one at www.noscript.net, for example).
Below is a list of the CDNs used:
Google Web Fonts
Based on our legitimate interests in accordance with Article 6 Paragraph 1 Clause 1 Letter f GDPR, we integrate the fonts (“Google Web Fonts”) from the provider Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. The aim is to optimize and run our website economically. We host the fonts from our own servers so that no data is transmitted to Google.
The provider’s data protection declaration can be found at: https://www.google.com/policies/privacy
In order to be able to offer you secure data transmission on our website using SSL encryption and to protect our website against defective, mass (DDoS) or other access that would disrupt or prevent the operation of the website, we use the service from Cloudflare, Inc. 101 Townsend St San Francisco, CA 94107.
We have concluded a corresponding order processing agreement with Cloudflare based on the GDPR.
As part of the protection of this website, Cloudflare uses a script and possibly a cookie in your browser. This cookie is used to validate access and to identify malicious access attempts. Cloudflare collects statistical data about visits to this website. Access data includes:
Name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user’s operating system, referrer URL (the previously visited page), IP address and the requesting provider.
The legal basis for using Cloudflare is our legitimate interest pursuant to Article 6 Paragraph 1 Sentence 1 Letter f GDPR, which consists of the purposes described above.
Your data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected.
You can prevent the collection, forwarding and processing of this data by deactivating the execution of script code in your browser, installing a script blocker in your browser (this can be found, for example, at www.noscript.net) or the “Do Activate Not Track” setting in your browser.
This website uses Google Analytics, a web analytics service provided by Google Inc. (“Google”). Google Analytics uses so-called “cookies”, text files that are stored on your computer and enable an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. If IP anonymization is activated on this website, your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator.
The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
You can prevent the storage of cookies by setting your browser software accordingly; we would like to point out to you however that in this case you will if applicable not be able to use all functions of this website in full. You can also prevent the data generated by the cookie and related to your use of the website (including your IP address) being sent to Google and the processing of this data by Google by using the browser plug-in available under the following link. Download and install in: http://tools.google.com/dlpage/gaoptout?hl=de.
This website uses Google Analytics with the extension “_anonymizeIp()”. As a result, IP addresses are further processed in abbreviated form, which means that they cannot be linked to individuals. If the data collected about you has a personal reference, this will be excluded immediately and the personal data will be deleted immediately.
We use Google Analytics to analyze and regularly improve the use of our website. We use the statistics to improve our offer and make it more interesting for you as a user. The legal basis for using Google Analytics is your con-sent, as defined in Art. 6 para. 1 s. 1 lit. a GDPR.
Third-party information: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001.
User conditions: http://www.google.com/analytics/terms/de.html,
Data privacy overview: http://www.google.com/intl/de/analytics/learn/privacy.html,
data protection policy: http://www.google.de/intl/de/policies/privacy.
Social media platforms
Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland
TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Irland
Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Irland
Social media presence
We maintain fan pages within various social networks and platforms with the aim of communicating with customers, interested parties and users who are active there and informing them about our services.
We would like to point out that your personal data may be processed outside the European Union, so that you may be exposed to risks (e.g. when enforcing your rights under European / German law).
User data is usually processed for market research and advertising purposes. For example, user profiles can be created from user behavior and the resulting interests of users. These usage profiles can in turn be used, for example, to place advertisements inside and outside the platforms that presumably correspond to the interests of the user. For these purposes, cookies are usually stored on the users’ computers, in which the usage behavior and the interests of the users are stored. Furthermore, data can also be stored in the usage profiles independently of the devices used by the users (especially if the users are members of the respective platforms and are logged in to them).
The processing of the personal data of the users takes place on the basis of our legitimate interests in an effective information of the users and communication with the users according to article 6 paragraph 1 sentence 1 lit. f GDPR. If the users are asked by the respective providers for their consent to data processing (i.e. by declaring their consent, e.g. by ticking a checkbox or confirming a button), the legal basis for the processing is Article 6 Paragraph 1 Sentence 1 lit. GDPR.
Further information on the processing of your personal data and on your options to object can be found under the links below for the respective provider. The assertion of information and other rights of those affected can also be made against the providers, who then only have direct access to the data of the users and have the corresponding information at their disposal. Of course, we are available to answer any questions and support you if you need help.
We use Google Maps offer on our website. This allows us to show you interactive maps right on the website and allow you to conveniently use the map feature.
By visiting the website, Google receives the information that you have accessed the corresponding subpage for our website. In addition, the information referred to in Section IVof this statement will be transmitted to Google. This is done regardless of whether Google provides a user account that you are logged in to, or if there is no user account. When you’re logged in to Google, your data will be assigned directly to your account. If you do not wish to be associated with your profile on Google, you must log out before activating the button. Google stores your data as usage profiles and uses them for advertising, market research and/or needs-based website design. This type of an evaluation is carried out (even for users who are not logged in) for the purpose of providing appropriate advertising and to inform other users of the
social network about your activities on our website. You have a right of objection to the formation of these user profiles, and you must contact Google to exercise this right.
When using Google Maps on our website, the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, directly integrates the fonts (“Google Web Fonts”). The provider of Google Maps is responsible for this.
Facebook Custom Audiences / Facebook Pixel
Furthermore, the website uses the remarketing function “Custom Audiences” from Facebook Inc. (“Facebook”). As a result, users of the website can be shown interest-based advertisements (“Facebook Ads”) when they visit the social network Facebook or other websites that also use the process. In doing so, we are interested in showing you advertising that is of interest to you in order to make our website more interesting for you.
Due to the marketing tools used, your browser automatically establishes a direct connection to the Facebook server. We have no influence on the scope and further use of the data collected by Facebook through the use of this tool and are therefore informing you according to our current knowledge: By integrating Facebook Custom Audiences, Facebook receives the information that you have accessed the corresponding website of our accessed our website or clicked on one of our advertisements. If you are registered with a Facebook service, Facebook can assign the visit to your account. Even if you are not registered with Facebook or have not logged in, there is a possibility that the provider will find out and store your IP address and other identifiers.
The legal basis for the processing of your data is Article 6 Paragraph 1 Clause 1 Letter a GDPR.
Further information on data processing by Facebook can be found at https://www.facebook.com/about/privacy.