Privacy Policy

Information on data protection at Gerolsteiner

The Gerolsteiner Brunnen GmbH & Co. KG (hereinafter referred to as Gerolsteiner) welcomes you to our website.  Data security during your visit to our website is of utmost importance to us and we are committed to handling your data confidentially, and fully protecting your privacy.

We would like to inform you about the categories of personal data we collect in regard to your visit of our website and the purposes this data is used for.

As amendments to the law or changes to our company internal processes can necessitate updates to our privacy policy, we recommend you regularly return to this section and read our privacy policy.

1. What is personal data?

Personal data is information that can be used to find out about personal or factual circumstances about you. Anonymous or statistical data that does not allow us (at least not without a disproportional amount of time and effort) to make a direct link to you personally is not personal data.

2. What data do we collect and process?

The majority of our online services can be used without disclosing your identity or any personal information. However, should you decide to register for one of our personalized services (e.g. create a user account or order something in our online shops), leave us a message via our contact page, or want us to publish personal information on our website (e.g. your portrait taken at one of our events, your comments on blogs), we will ask you for your name, your e-mail address, residential address and/or other personal information. You are free to decide whether or not to give us this information. However, if you decide against it, we will not be able to provide you with the respective services. You will find specific information regarding the exact procedures as well as specific consent forms within the respective processes, and you are free to decide whether or not to consent to the use of this information.

In order to grant you access to your requested information on our website, it is necessary to temporary store certain data on our servers. This may include personal identification data (e.g. server log files, date, time, IP address and pages visited). This data is deleted immediately after the end of the session unless it is used for anonymous analysis.

3. What does Gerolsteiner use your data for?

IP logs are stored for security purposes (to prevent misuse), to optimise the website and for statistical purposes (number of users and page hits).

Personal data is only requested and processed when fulfilling a contract or for accounting purposes (e.g. when purchasing online). In such instances you will be alerted before the transaction is completed.

Furthermore, your data will not be processed and used for other purposes, only if legal precedent exists or unless you have explicitly agreed to it.  Your data will not be processed without these conditions being met. You can revoke your consent from Gerolsteiner at any time with effect in the future. For this, please use the contact information below.  In this case the service provided by Gerolsteiner may no longer be offered.

If you have registered for the Gerolsteiner newsletter, Gerolsteiner will use the data you submit (i.e. email address, selection of the required information) for sending the newsletter. We will first send you an email, to the email address submitted by you, asking you to confirm your email address via an embedded confirmation link. Once the confirmation link has been submitted, you will receive our newsletter. After registering for the newsletter, your e-mail address is will be used for sending information about Gerolsteiner's products and services, competitions or events, or news about our company, until you unsubscribe from our newsletter.  Your data is not shared with third parties. If at any time, you no longer want to receive our newsletter, you can unsubscribe from the newsletter. To do this, just click on the unsubscribe link at the bottom of each of our newsletters. Subsequently, you will not receive any further newsletters from us.

4. Is your data transferred to third parties?

Your personal data is only stored in our database and on our servers and at our data service provider’s servers and not shared with others, unless you are explicitly informed of - and consent to – the transfer of your personal data. If you have explicitly consented, (e.g. by ordering a subscription to Gerolsteiner WeinPlaces), your personal data maybe shared with promotional or advertising partners.

In certain cases due to legal requirements, we are obliged to transfer your personal data to third parties; for instance, we have to comply with requests from law enforcement agencies in the case of a suspected crime.

Our website contains hyperlinks to the websites of other companies. You can be forwarded directly from our website to the other company´s website. This is primarily noticed by the change in the URL. Furthermore, we embed third party content in some place within our websites, (e.g. videos from YouTube, RSS feeds or Google Maps (see below). So that this content can be accessed, it might be necessary for these third parties, for technical reasons, to know your IP address in order to make the content available.  We take no responsibility for the privacy of your data in this case, since we have no influence on whether these companies adhere to our privacy policy. This privacy policy is only valid for our website. Links to other websites from this site are not included.

Additional information about Gerolsteiner's Facebook presence (e.g. fan page, Facebook app)

When you visit our Gerolsteiner Facebook Page, e.g. posting on our Facebook wall, liking us, writing us a message via Facebook or participating in our campaigns or competitions, we collect the personal data voluntarily given by you. We process this data only for the purpose for which you give us this data (e.g. answering a request or for processing the campaign or competition you entered). You can find further information about the respective campaigns and competitions in the conditions of participation provided with each program.

Facebook Inc., 601 S. California Ave, Palo Alto, CA 94304, USA, also collects and processes personal data voluntarily given by you within the framework of your use of Gerolsteiner’s Facebook Page. We have no influence on the scope of data collected and processed by Facebook. Please refer to the respective Facebook data privacy policy for details about the purpose and scope of the data collected, processes used by Facebook and your respective rights and options: https://www.facebook.com/about/privacy and https://www.facebook.com/about/privacy/your-info-on-other

5. Use of Social Plugins

Our website uses so-called "social plugins" for the social networks Facebook, Google+ and Twitter, which are operated by the respective companies: Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA, Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, and Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA.  These social plugins are identifiable by the logo of the respective social network.

You can recommend our sites easily to your friends in the social media platforms used by you by using three buttons for sharing content from Facebook, Google+ and Twitter. However, to respect your privacy, we have decided not to embed these buttons directly in the site, but to activate them by clicking on the individual social network. If we were to embed active buttons, your personal data would be automatically transferred to the operator of the respective third- party platform. Thus the operator would theoretically have the possibility to create surf profiles, at least of registered users of the respective platform. Therefore, our deactivated buttons do not establish direct contact with Facebook, Google or Twitter.

The buttons are active only after this function has deliberately been activated and you agree to allow data transfer. This activation is valid for the duration of your visit to our website. You can, however, deactivate the buttons at any time by clicking on "cancel".

If the buttons are activated, you can transfer your recommendation with one click on the respective social network button. If you are not logged in to Facebook, then you are prompted to login to Facebook in a new window and then have the option to submit your recommendation. If you already logged in to Facebook and Google+, you can submit your recommendation without opening another window. On Twitter, a pop up window first appears in which you can edit your Tweets.

Once you have clicked on these buttons, your browser makes and establishes a direct link to the servers of Facebook, Google and Twitter via these social plugins. Facebook, Google and Twitter transfer the content of the respective plugin directly to your browser, and each entity incorporates these into the websites visited. We have no influence of the scope of data collected in this way by Facebook, Google and Twitter. The social network operators receive the information that you have accessed from each site your visit. If at the same time you are logged into one of the social networks, the operator can assign corresponding access to your account in each respective social network. If you interact with the plugins, e.g. click the "Like" button or leave a comment, the relevant information will be a transferred to the respective social network. Even if you are not a member of one of the named social networks, it is possible that your IP address will be identified and, if necessary, saved via the social plugin. Please refer to the respective privacy policy for details about the purpose and scope of the data collected, processes used by Facebook, Google and Twitter and your respective rights and options.

http://www.facebook.com/policy.php

http://www.google.de/intl/de/policies/privacy/

www.twitter.com/privacy

If you do not want social networks to collect data about you via our websites and link you to your respective member data, do not click on the social media buttons (as described above). In addition, you can block social plugins with the help of add-ons for your browser, for instance the Facebook plug in with the "Facebook Blocker", which can be downloaded here:

webgraph.com/resources/facebookblocker/

6. Cookies

We use cookies on our website, in order make our website more attractive to visitors and to enable to use of certain functions. Cookies are small text files that are generated by a web server and saved on your computer during the online visit by means of the browser used. Most cookies used by us are so-called "session cookies". These are automatically deleted at the end of your browsing session.

We also use permanent cookies, which are primarily used to provide you, the visitor, with permanently recurring settings. Cookies also allow us to analyse the visitor's user behaviour, but only within the framework of the cookies' period of validity. All data is saved exclusively in an anonymised form (normally) without any direct personal reference. Profiling based on your data does not take place. This enables us to update our website to address your individual preferences.

You can opt out of future data collection and storage at any time. You can prevent the storage of cookies on your computer by making the appropriate changes to your browser settings so that cookies are not accepted or so that you are notified before accepting cookies. However, this can limit functionality of our internet offerings and our services.

There is always a link present with which you can declare your opposition to cookies from other providers or third parties. The providers set an opt-out cookie that prevents any further data being recorded on your computer. If you would like to retain your right to opposition, you should not delete the opt-out cookie. You must complete deactivation again if this cookie is later deleted. Furthermore, you can manage data collection and storage by many other services. More details are cited here: http://www.networkadvertising.org/choices/#completed  or http://www.youronlinechoices.com/de/praferenzmanagement

a) Use of etracker

Data for marketing and optimisation purposes is collected and saved on this website using technology from etracker GmbH (www.etracker.com). Cookies are used to create anonymised user profile from this data. The data collected with etracker technologies are not used to personally identify website visitors and will not be merged with any other personal data of the bearer of the pseudonym without the express permission of the individual concerned.

Future data collection and storage can be objected to at any time using the following link: https://www.etracker.de/privacy?et=oVbCPK

In this context, etracker sets an opt-out cookie that prevents any further data being recorded on your computer. You must complete deactivation again if this cookie is later deleted.

Furthermore, you can also manage cookie setting via your browser settings (see above).

b) Use of Google Analytics

This website uses Google Analytics, a web analytics service provided by Google Inc. ("Google").  Google Analytics uses "cookies", which are text files placed on your computer to help the website analyse how visitors use the site. The information generated by the cookie about your use of our website will normally be transmitted to and stored by Google on servers in the USA.  We would like to point out that IP anonymisation has been activated on this website, meaning that Google will truncate your IP address beforehand within Member States of the European Union or other parties to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the United States and truncated there.  Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google will not associate your IP address transferred within the framework of Google Analytics with any other data held by Google.

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of our website (see above). Furthermore, you can prevent Google's collection and use of data generated by the cookie and related to your use of our website (including your IP address) by downloading and installing the browser plug-in or alternatively clicking on the following link to opt out of cookies: http://tools.google.com/dlpage/gaoptout?hl=de

As an alternative to the browser plugin and on mobile devices, you can prevent data acquisition by Google Analytics by clicking on the link below. An opt-out cookie that prevents any future acquisition of your data when visiting our website is set. If you would like to retain your right to opposition, you should not delete the opt-out cookie. You must complete deactivation again if this cookie is later deleted.

Find more information about this at: http://tools.google.com/dlpage/gaoptout?hl=de or at http://www.google.com/intl/de/analytics/privacyoverview.html.

c) Use-based online advertising

Use-based online advertising, also known as targeting, enables advertising companies to identify the user on advertising delivery and to assign target groups. With the help of this information, it enables them to show the user relevant adverts from websites that you have visited, tailored to your preferences. User-based advertising takes place in three steps: collecting data about the so-called "tracking pixel" or cookies, saving and processing the logfile information and finally, using this information for re-targeting or look-alike re-targeting. These steps are explained more precisely below.

Use of tracking pixels on the site: Tracking pixels are small graphics on websites that enable a logfile record and a logfile analysis which are used for statistical evaluations. The tracking pixel writes information into the cookie file in the user's browser when visiting a website.

Saving logfile information in the cookie file: To detect your user behaviour, a cookie from our advertising partner is saved on your computer when visiting our site. This cookie does not allow you to be personally identified, and is used to insert, optimise and evaluate online advertising from our promotional partners. In these cookies, the type of the information collected includes, a unique visitor ID, a Unix time stamp with start and end of the current session, surfing habits, visited sub-pages of the internet offer and clicked on advertising banners. The saved visitor ID allows user behaviour to be recorded. All data is saved using a pseudonym so that it is not easily possible to personally identify you.

Use of cookie information for re-targeting and look-alike re-targeting: The cookie with the corresponding information allows the user's browser to be re-recognised and a corresponding re-targeting on external websites. Advertisements of our offers can then be inserted and shown to you on the websites of partners in our advertising networks. This is followed by information about the visit to our website, which of our adverts was shown, e.g. how often an advert was viewed, promoted and passed on to us. Furthermore, statistical twins of the original cookie profiles are identified and addressed, based on the cumulated cookie information.  This is look-alike re-targeting.

On our website, data is collected and stored using technology from the GroupM Competence Center GmbH, Derendorfer Allee 10, 40476 Düsseldorf (Xaxis). An anonymised user profile is created from this data. Cookies may be used to collect and save this data but it remains strictly anonymous. Data will not be used to personally identify the visitor to this website and will not be merged with data about the bearer of the pseudonym. Your data is collected and processed in accordance with the statutory provisions. Data collection and storage for the purpose of the web analysis can be refused at any time with future effect for Xaxis.

You can refuse the use of targeting by Xaxis. To do this, please use the following link: www.xaxis.com/common/OPT-OUT_call.html or http://www.targad.info/clients/de/preferences.html.

In this instance, an opt out cookie is set on your computer by Xaxis which prevents any further data being recorded. It may not be deleted as long as data storage is refused. You must complete deactivation again if this cookie is later deleted.

Furthermore, you can also manage your cookie settings via your browser settings (see above).

Find more information about Xaxis’s data privacy and the technology used here: http://www.xaxis.com/static/view/privacy-policy

We use Google AdWords Remarketing or "similar target groups" technology by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google"). This function is used to insert targeted product information and interest-based advertising to our website's users and other users with similar interests on the basis of their online user behaviour, when the user visits other websites in the Google Display Network or performs a Google search. If you subsequently visit another website in the Google Display Network, you will be shown pop-ups which incorporate previously accessed product and information areas with high probability. If our adverts are inserted on these websites, information about the visit to the website will be transmitted to us, e.g. how often our advert was views, how many clicks and visits were generated by a certain advert and which content was viewed after a click on an advert on our website. To carry out an analysis of website use, which forms the basis for creating interested-based adverts, Google Cookies is used during your visit to a website in the Google Display Network or a specific Google service. These cookies contain information about your last visit or your browser settings e.g. the configured language. These cookies serve to record the visit to the website by means of a unique identification of a web browser on a certain computer and not to identify a person. All data is saved using a pseudonym so that it is not easily possible to personally identify you.

The information generated by the cookie about your use of the website (including your IP address) will normally be transmitted to and stored by Google on servers in the USA. The IP address' last three digits are then truncated by Google; thus clear assignment of the IP address is no longer possible. Google observes the privacy policy of the "US Safe Harbor" agreement and is registered on the "Safe Harbor" agreement with the US Department of Commerce. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity providing other services relating to website activity and internet usage. Google will also transfer this information to third parties if the law requires this or if the third party processes the data on behalf of Google. Third party providers, including Google, place advertisements on websites on the internet. Third party providers, including Google, use saved cookies to place advertisements on the basis of previous visits of a user to this website. Under no circumstances will Google associate your IP address with other Google data.

See below for cancellation possibilities and other information.

We also use Google Conversion Tracking, an analysis service by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google"). In this process, a cookie is placed on your computer by Google Adwords ("conversion cookie") if you have reached out website via a Google advert. These cookies lose their validity after 30 days and do not serve for personal identification.  If you visit a specific website of ours and the cookie has not yet expired, we and Google recognise that someone has clicked on the advert and was forwarded to our site. Every AdWords customer receives a different cookie. Cookies can therefore not be tracked via the websites of AdWords customers. The information obtained with the help of conversion cookies serve to create conversion statistics for AdWords customers who have decided on conversion tracking. AdWords customers are informed of the total number of users that have clicked on their advert and were redirected to page with a conversion tracking tag. They receive no information that could be used to personally identify a user. If you do not want to take part in tracking procedures you can also refuse the necessary cookie settings - via browser settings, which generally disable the automatic setting of cookies. You can also deactivate cookies for conversion tracking by setting your browser to block cookies from the domain "googleadservices.com".

Revocation: If you do not want to receive interest-based adverts, you can deactivate the use of cookies by Google for this purpose via the site https://www.google.com/ads/preferences/html/blocked-cookies.html or by clicking on the following link and downloading and installing the plug in provided there. https://www.google.com/settings/ads/plugin?hl=de

Users can also deactivate the use of cookies by third party providers by visiting the Consumer opt-out website by the Network Advertising Initiative http://www.networkadvertising.org/choices/ (only available in English) and following the information there to opt out.

We would like to point out that Google has their own data privacy guidelines that are independent of ours. Please brief yourself before using our website via Datenschutzbestimmungen von Google at: http://www.google.de/intl/de/policies/privacy/

You can see other information about Google Remarketing or "similar target groups" at: https://support.google.com/adwords/answer/2676774?hl=de or http://www.google.com/policies/technologies/ads/

7. Use of Google Maps API

This website uses Google Maps on some pages to display interactive maps and to create directions. Google Maps is a map service from Google Inc., 1600 Amphitheatre Parkway, Mountain View, California 94043, USA.  By using Google Maps, information about the use of this website can be transferred to Google in the USA, including your IP address and the (starting) address you entered in the route planner.

If you visit a web page of our website that includes Google Maps, your browser directly connects to Google servers.  The map will be transmitted from Google directly to your browser and then integrated into the website.  We have no influence of the scope of data collected by Google in this way.

If you do not want Google to collect, process or use data about you from our website, you can deactivate JavaScript in your browser settings, however you will not be able to use the map function.

To learn more about how Google’s data collection, its further processing and the use of data, as well as your rights and your possibilities to configure your computer settings to secure your privacy, please visit Google privacy policies:

http://www.google.com/intl/de/policies/privacy/

8. Use of Adobe Typekit

We use Typekit webfonts, a service of Adobe Systems Incorporated, 345 Park Ave, San Jose, CA 95110, USA. If you have activated JavaScript, your browser will download font files from the servers of Adobe Typekit and the provider has the opportunity to collect data about you. This could be, for instance, your IP address, date, time and the sites visited by you. Data is potentially transmitted to servers outside the EU. We have no influence of the scope of data collected in this way by Adobe Typekit. Find out more about Adobe's data privacy policy here:

http://www.adobe.com/de/privacy.edu.html

9. Use of GeoLite 2 database of geolocation

The GeoLite 2 database is used on this website, which is provided by MaxMind Inc., 14 Spring Street, 3rd Floor, Waltham, MA 02451, USA. Used IP addresses, approximate location/geolocation data based on the country of origin, which originates from the IP address, is allocated to the GeoLite 2 database. Your country of origin is located using your IP address via GeoLite 2 database hosted by Gerolsteiner dev.maxmind.com/geoip/geoip2/geolite2). This software is used to 1) improve Gerolsteiner location search results, 2) provide you with the most appropriate information and 3) pre-set certain website configurations customised for you, all of which will make your visit to our site even more pertinent (e.g. language settings). No personal data is stored or shared with a third party provider.

Further information can be found at: https://www.maxmind.com/de/faq. You can retrieve information about data privacy here: http://dev.maxmind.com/geoip/legacy/geolite/.

10. Our data protection safety measures

If we collect your personal data, we save that data on a specially protected server. Access to this data is only given to a few authorised persons who are responsible for the technical, commercial or editorial maintenance of our servers.

To avoid the loss or abuse of the data stored on our servers, we take extensive technical and operational safety measures to ensure maximum security, all of which is regularly checked and upgraded in accordance with advances in technology.

We are always seeking to process your personal data by taking all technical and organisational possibilities in a way so that it is not accessible to third parties. We recommend using telephone or post to send confidential information. If you contact us e.g., using e-mail, social media or a messaging service, full data security cannot be guaranteed.

We would also like to point out that due to the structure of the internet, it is possible that the data privacy rules and the above mentioned safety measures are not observed by persons, companies or institutions outside our sphere of influence. Our online offer includes links to other websites. We have no influence over whether their operators take appropriate security measures. It is the responsibility of the use to protect data provided by him against misuse by encryption or in another way.

11. Cancellation of consent

You have explicitly given the following consents as needed during the ordering process or other actions you conducted on our website. You can revoke your consent at any time with effect for the future.

I would like to be informed about Gerolsteiner news. My e-mail address will not be shared with other companies. I can cancel my subscription to newsletters, advertising or promotional e-mails at any time. To do this, please submit a request via post to Gerolsteiner Brunnen GmbH & Co. KG, Dr Gregor Scheja, Vulkanring, 54567 Gerolstein, Germany, or via fax: + 49 (0) 1805-10 88 22 (international phone charges may apply).

Yes, I agree that Gerolsteiner may use the personal data provided that I have provided for contacting me with advertising and/or promotional materials by post/mail, email and/or telephone. The data is subject to the privacy policy and will not be shared with third parties. I can cancel this consent to Gerolsteiner at any time without providing any reason.

12. Information about your personal data stored at Gerolsteiner/amendments/deletion/blocking

Gerolsteiner will store your data only as long as permitted by German law.

Upon request, we will confirm with you what your personal data of yours, if any, is currently stored on our servers.

If your personal data we have stored on our servers is out-of-date or inaccurate, we will correct it promptly upon your request.

If requested, we will promptly delete your personal data, unless prohibited by law, and then we will block the respective data. Please note, in the case of deletion of your personal data we will no longer be able to offer our services, in whole or in part, on our websites.

In this case, please contact:

Gerolsteiner Brunnen GmbH & Co. KG
Dr Gregor Scheja, Data Protection Officer
Vulkanring
54567 Gerolstein
Fax: + 49 (0) 1805-10 88 22 (international charges may apply)

13. Contact

If you have any other questions or suggestions regarding data privacy, please do not hesitate to contact us:

Gerolsteiner Brunnen GmbH & Co. KG
Dr Gregor Scheja, Data Protection Officer
www.scheja-partner.de

Last updated: January 2015