Data Policy

E.V.A. GmbH takes protecting your data seriously and we want you to feel safe and comfortable when visiting our internet pages. Protecting your privacy when processing personal data is an important concern for us, which we take into account in our business processes. We process personal data collected during visits to our website in accordance with the requirements of the General Data Protection Regulation (GDPR) and other relevant data protection regulations. Our data protection policy is also based on the code of conduct applicable to the Hochland Group. This site may contain links to sites of other providers to which this data protection policy does not extend. E.V.A. GmbH accepts no responsibility for compliance with data protection regulations or the content of these other websites.

Below you will find the information according to art. 13, 14 GDPR, § 25 TTDSG (Telecommunications and Telemedia Data Protection Act) for your visit to this website. The table of contents helps you to get a better overview of the individual points and to find the answers relevant to you more quickly. 

 

1. Name and address of the entity responsible
2. 
Contact details of the data protection officer
3. 
General information on data processing
4. 
Provision of the website and creation of log files
5. 
Contact form and e-mail contact
6. 
Usercentrics Consent Management Platform
7. 
etracker
8. 
Place of data processing / no transfer to third countries
9. 
Automated decision-making / profiling
10. 
Recipients or categories of recipients
11. 
Your rights as a data subject
12. 
Amendment of the data protection information

1. Name and address of the entity responsible

Responsible in the sense of the GDPR and other data protection regulations is:

E.V.A. GmbH
Irsengunder Str. 13
88179 Oberreute
Phone 08387- 924 845-0
Website: https://www.simply-v.de/

Further information can be found in the imprint.

2. Contact details of the data protection officer

You can reach our data protection officer as follows:

By post: E.V.A. GmbH (address see above),
Data Protection Officer

or by e-mail: datenschutz@hochland.com.

3. General information on data processing

3.1 Scope of the processing of personal data

As a matter of principle, we only process the personal data of our users insofar as this is necessary for providing a functional website and for presenting our content and services or insofar as we are permitted to do so on the basis of other legal grounds.

 

3.2 Legal basis for the processing of personal data

Insofar as we obtain the consent of the data subject for processing operations involving personal data, art. 6 para. 1 sentence 1 lit. a GDPR serves as the legal basis.

When processing personal data that is necessary for fulfilling a contract to which the data subject is a party, art. 6 para. 1 sentence 1 lit. b GDPR serves as the legal basis. This also applies to processing operations that are necessary for performing pre-contractual measures.

Insofar as the processing of personal data is necessary for the fulfilment of a legal obligation to which our company is subject, art. 6 para. 1 sentence 1 lit. c GDPR serves as the legal basis.

In the event that vital interests of the data subject or another natural person make it necessary to process personal data, art. 6 para. 1 sentence 1 lit. d GDPR serves as the legal basis.

If the processing is necessary to protect a legitimate interest of our company or a third party and the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, art. 6 para. 1 sentence 1 lit. f GDPR serves as the legal basis for the processing.

 

3.3 Data deletion and storage period

The personal data of the data subject shall be deleted as soon as the purpose of the storage ceases to apply. In addition, storage may take place if this has been provided for by the European or national legislator in Union regulations, national laws or other regulations to which the person responsible is subject. The data will be deleted when the storage period prescribed by the aforementioned standards expires.

4. Provision of the website and creation of log files

4.1 Description and scope of data processing

As with any website, information is automatically transmitted to us by your browser when you access our site. This data is temporarily recorded in our log files. This data is not stored together with other personal data about you.

The following data is collected:

  • Information about the browser type and version used
  • Your operating system
  • Your internet service provider
  • Your IP address
  • Date and time of access

 

4.2 Legal basis for data processing

The collection and processing of this data is absolutely necessary information within the meaning of § 25 para. 2 no. 2 TTDSG (Telecommunications and Telemedia Data Protection Act). The legal basis for the data protection processing for this is art. 6 para. 1 sentence 1 lit. f GDPR.

 

4.3 Purpose of data processing

Temporarily storing the IP address by the system is necessary to enable the website to be delivered to the user's computer. For this purpose, the IP address of the user must remain stored for the duration of the session.

The storage in log files takes place in order to ensure the functionality of the website and to ward off attacks. In addition, we use the data to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.

These purposes are also our legitimate interest in data processing according to art. 6 para. 1 sentence 1 lit. f GDPR.

 

4.4 Duration of storage

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of the collection of data for providing the website, this is the case when the respective session has ended. In the case of storage of data in log files, this is the case after 14 days at the latest.

 

4.5 Possibility to object

Collecting data in order to provide the website and store the data in log files is absolutely necessary for operating the website. If you wish to object to this data processing, you can not use the website and we ask you to leave our website.

5. Contact form and e-mail contact

5.1 Description and scope of data processing

A contact form is available on our website, which can be used to contact us electronically. If a user makes use of this option, the data entered in the input mask will be transmitted to us and stored. These data are:

  • Your IP address
  • Salutation
  • Your name
  • Your e-mail address
  • Other data entered by you within the contact request

Alternatively, it is possible to contact us via the e-mail address provided. In this case, the personal data transmitted with the e-mail will be stored as well as the e-mail address itself.


In this context, your data will be used exclusively for processing the conversation. As a rule, the data is not passed on to third parties. The data will only be forwarded to another Hochland company if your details indicate that your contact request should concern another Hochland company.

 

5.2 Legal basis for data processing

The legal basis for the data protection processing for this is art. 6 para. 1 sentence 1 lit. f GDPR. If the purpose of the contact is to conclude a contract, the legal basis for the processing is art. 6 para. 1 sentence 1 lit. b GDPR.

 

5.3 Purpose of data processing

The processing of personal data from the input mask of the contact form or the e-mail serves us solely to process the contact. These purposes are also our legitimate interest in data processing according to art. 6 para. 1 sentence 1 lit. f GDPR.

 

5.4 Duration of storage

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. This is usually the case after the enquiry has been answered, insofar as there are no statutory time limits for retaining it.

 

5.5 Possibility to object

The user has the option to object to the storage of his personal data at any time with effect for the future. This can be done by post (see address above) or by e-mail via info@simply-v.de. In such a case, your data will be deleted and the conversation cannot be continued. Insofar as statutory periods for storage exist, these shall remain unaffected by this.

6. Usercentrics Consent Management Platform

6.1 Description and scope of data processing

We use the Usercentrics Consent Management Tool of Usercentrics GmbH (Sendlinger Straße 7, 80331 Munich) on our site. This is a service to manage the voluntary consents you can give as part of the services we use, for which we legally require your consent to use.  When you access our website for the first time and every time there is a change to the data processing that requires your consent, you will be shown our consent banner. In the consent banner, you have the option of voluntarily agreeing that we may set cookies - over and above the absolutely necessary technologies - and subsequently process your data for the further development and improvement of our website.

 In this context, the following data of yours will be processed:

  • Opt-in and opt-out data
  • Consent ID
  • Time of consent
  • Consent type
  • Referrer URL
  • User settings
  • Template version
  • Banner language

 

6.2 Legal basis for data processing

The legal basis for the processing of your personal data is the fulfilment of our legal obligation according to art. 6 para. 1 sentence 1 lit. c GDPR regarding the obtaining of consent and its verifiability.

 

6.3 Purpose of data processing

The purpose of using Usercentrics is to manage your consents and to demonstrate compliance with legal requirements on our part.

 

6.4 Duration of storage

The consent data is stored for three years and then immediately deleted.

7. etracker

7.1 Description and scope of data processing

We use the cookie-analysis variant of etracker (etracker GmbH, Erste Brunnenstraße 1, 20459 Hamburg) on our website for statistical coverage analysis of the surfing behaviour of our users. If you give your consent to this, a cookie will be set on your computer. Cookies are small text files that are stored by the internet browser on the user's terminal device. In this context, the following data of yours will be processed:

  • The shortened IP address
  • Information regarding the end device, operating system and browser used
  • Geo-information up to city level only
  • The URL called up with the corresponding page title and optional information on the page content
  • The website from which the accessed individual page was reached (referrer site)
  • The subsequent pages called up from the accessed website within a single website
  • How long a user stays on the website
  • Other interactions (clicks) on the website, such as search terms entered or videos viewed
  • Frequency of visits

etracker does not use the data in any other way, e.g. by combining it with other data or passing it on to third parties.

 

7.2 Legal basis for data processing

The legal basis for the processing of your personal data is your voluntary consent according to art. 6 para. 1 sentence 1 lit. a GDPR, § 25 para. 1 sentence 1 TTDSG.

 

7.3 Purpose of data processing

Using etracker enables us to get to know the surfing behaviour of our users better in order to constantly improve our website and its user-friendliness.

 

7.4 Duration of storage

The cookies set are deleted after a storage period of 13 months. The statistics resulting from the analyses are merely aggregated reports that cannot be attributed to any person. The IP addresses are immediately anonymised by etracker.

 

7.5 Revocation option

You can revoke your consent at any time with effect for the future. Your revocation will not have any adverse consequences for you. To do this, please go to the Cookie Consent Tool and move the slider at the paragraph "etracker" to the left. Your data will then not be included in our analysis.

8. Place of data processing / no transfer to third countries

The data is processed exclusively in a member state of the European Union. The data is not passed on to recipients in third countries.

9. Automated decision-making / profiling

Automated decision-making including profiling according to art. 22 GDPR does not take place within the scope of your visit to this website.

10. Recipients or categories of recipients

The data is hosted on the servers of our service provider Hochland SE (Kemptener Str.17, 88178 Heimenkirch, Germany). We have concluded a data processing agreement with Hochland SE (art. 28 para. 3, 4 GDPR).

We use the service provider Usercentrics GmbH (Sendlinger Str. 7, 80331 Munich) for our consent management tool. We have concluded a data processing agreement with this company (art. 28 para. 3, 4 GDPR).

The service providers Hochland SE and as its subcontractor, Atrivio GmbH (Albert-Einstein-Straße 6, 87437 Kempten), are used to provide the contact form. Synergie Consulting CRM + Prozesse GmbH (Am Hohenstein 3-5, 65779 Kelkheim) is used for IT support and troubleshooting in this context. We have also concluded a data processing agreement with those companies (art. 28 para. 3, 4 GDPR). When contacting us via our contact form or via e-mail, it is also possible that your data will be forwarded to other Hochland companies if it should become apparent from your contact that your enquiry is intended for another.

In addition, your personal data may be passed on to law enforcement authorities if it is necessary to clarify an illegal use of our services or for legal prosecution. However, this only happens if there are concrete indications of unlawful or abusive behaviour. Disclosure may also take place for law enforcement purposes. We are also required by law to provide information to certain public bodies upon request. These are law enforcement authorities, authorities that prosecute administrative offences subject to fines and the tax authorities.

11. Your rights as a data subject

11.1 Right to information

You have the right to receive from us, upon request, information about the personal data we process about you within the scope of art. 15 GDPR. To do this, you can submit an application by post or e-mail to the addresses given above.

 

11.2 Right to rectify inaccurate data

You have the right to demand that we correct the personal data concerning you without delay if it is incorrect (art. 16 GDPR). For this purpose, please contact the addresses given above.

 

11.3 Right to deletion

You have the right to the immediate deletion of the personal data concerning you if the legal grounds pursuant to art. 17 GDPR exist. These are, for example, if the personal data are no longer necessary for the purposes for which they were originally processed or you have withdrawn your consent and if there is no other legal basis for the processing. To exercise your above right, please contact us at the above contact addresses.

 

11.4 Right to restrict processing

You have the right to restrict processing if the conditions are met and in accordance with art. 18 of the GDPR. Accordingly, the restriction of processing may be required in particular if the processing is unlawful and you refuse the erasure of the personal data and instead request the restriction of the use of the personal data. To exercise your above right, please contact us at the above contact addresses.

 

11.5 Right to data portability

You have the right to data portability according to art. 20 GDPR. In this regard, you have the right to receive the data relating to you that you have provided to us in a common, structured and machine-readable format and to transfer this data to another controller, such as another service provider. The prerequisite for this is that the processing is based on consent or on a contract and is carried out with the aid of automated procedures. To exercise your above right, please contact us at the above contact addresses.

 

11.6 Right to object

You have the right to object at any time on grounds arising from your particular situation to the processing of personal data relating to you which is carried out, inter alia, on the basis of art. 6 para. 1 sentence 1 lit. e or f GDPR, in accordance with art. 21 GDPR. The objection can also be lodged against profiling. We will then stop processing your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the purpose of asserting, exercising or defending legal claims. To exercise your above right, please contact us at the above contact addresses.

 

11.7 Right to complain to a supervisory authority

If you believe that the processing of personal data relating to you by us is unlawful, you have the right to complain to the supervisory authority responsible for us, which you can contact as follows:

Bayerisches Landesamt für Datenschutzaufsicht (Bavarian State Office for Data Protection Supervision) (BayLDA), Promenade 18, 91522 Ansbach, Phone: +49 (0) 981 180093-0, e-mail: poststelle@lda.bayern.de

12. Amendment of the data protection information

We will revise this privacy information when we make changes to this website or when we otherwise need to do so. The current version can always be found on this website.

 

Status 06/2022

Visit us also on #simplyv