Data Protection Statement
in accordance with the EU General Data Protection Regulation (GDPR)
(Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC in the Official Journal of the European Union, OJEU L 119/1; effective date: 25 May 2018).
to the website www.puschkin.com
At Berentzen-Gruppe AG in Haselünne we are very serious about protecting your personal data. We treat your personal data confidentially in conformity with statutory data protection regulations and the following Statement.
Based on the principles of data avoidance and data economy, we process personal data only as long as this is necessary within the meaning of the Statement below or prescribed by legislators (statutory storage period). If the purpose or right to process the collected personal data no longer exists or if the permitted storage period expires, we will lock or erase the data; that is, unless their further processing — with a time limit — is required, particularly for the following purposes:
fulfilment of retention periods under commercial and tax laws, in particular pursuant to the German Commercial Code (HGB) and the German Tax Code (AO). The periods prescribed therein for retention or documentation run from two to at most ten years.
Preservation of evidence in the context of statutes of limitations. According to Secs. 195 et seq. of the German Civil Code (BGB), these limitation periods can run as long as 30 years, although the regular limitation period is three years.
To allow for a data lock at any time, it is necessary to keep the data in a lock file for control purposes. If there is no statutory duty to archive, you can also demand the erasure of such data. If a statutory duty to archive exists, we will lock these data if you wish. If providing personal data is mandated by law or contract, or is necessary for conclusion of a contract, we refer to the adverse consequences for not providing them.
In particular, the following terms used in this agreement are defined according to Art. 4 GDPR as follows:
Personal data: any information relating to an identified or identifiable natural person (hereinafter referred to as a "data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Data subject: any identified or identifiable natural person whose personal data are processed by the controller responsible for the processing.
Processing: any operation or set of operations which is performed on personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
For further definitions, please refer to Art. 4 GDPR ( https://dejure.org/gesetze/DSGVO ).
1. Name and contact data of the controller responsible for the processing and of the internal Data Protection Officer
This Data Protection Statement is valid for data processing by the responsible operator of this website: Berentzen-Gruppe Aktiengesellschaft, Ritterstraße 7, 49740 Haselünne, Germany (hereinafter: Berentzen), e-mail: email@example.com, phone: +49 (0)5961-502-0, fax: +49 (0)5961/502-268.
Berentzen's internal Data Protection Officer can be reached as follows:
Phone: +49(0) 5961/502-0
Fax: +49(0) 5961/502-268
E-mail address: firstname.lastname@example.org
2. Collection and storage of personal data, nature and purpose of use
a. Call-up of the website (server log files)
When this website www.puschkin.com is called up, information is automatically sent by the browser used on your terminal device to the server of this website. This information is stored temporarily in a log file. The following information is recorded without your doing anything and is stored until it is automatically deleted:
IP address of the querying computer (hostname)
access date and time
name and URL of the file called up
website from which the access originates (referrer URL)
browser used and operating system of your computer, if applicable
name of your access provider.
It is not possible to deduce your identity from this automatically generated information. The aforementioned data are processed for the following purposes:
Ensuring a smooth establishment of connection with the website
Ensuring a comfortable use of our website
Analysis of system security and stability
Other administrative purposes.
The legal basis for this data processing is provided by Art. 6 para. 1 sentence 1 lit. f of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, hereinafter referred to as: GDPR). Our legitimate interest follows from the data collection purposes listed above. In no case will we use the collected data for the purpose of drawing conclusions as to your identity.
b. Age verification
If an age verification takes place, no specific personal data are processed by us for this purpose beyond the data mentioned above under subsection 2.a. Age verification takes place fundamentally in order to check whether you are permitted to have access to the content of our website based on your age (e.g. only 18+).
A cookie is placed, which stores the existence of the age verification; this is so that the age verification does not have to be performed every time our website is called up (for comfort and convenience).
c. Initiation of contact
You can contact us by post or via email@example.com (see Contact and Regulatory Information). In that case, we will process accordingly the data that you send us in your contact initiation; besides purely technical data (see 2.a. above), these can also include real names (first/last name), user-names, addresses (street address, city, postal code), phone numbers or e-mail addresses.
We process your data received in the contact initiation to provide a proper reply.
The data collected by us and received from you in your contact initiation will be automatically erased after your inquiry has been taken care of, unless a justified interest exists for – time-limited – further retention (e.g. applicant data).
The data processing for the purpose of initiating contact with us is done on the basis of your freely given consent according to Art. 6 para. 1 sentence 1 lit. a GDPR.
3. Sharing of data
Any transfer of your data to third parties will take place only for the purposes listed below.
We share your personal data with third parties only
if you have given your explicit consent to this under Art. 6 para. 1 sentence 1 lit. a GDPR
if the sharing is required under Art. 6 para. 1 sentence 1 lit. f GDPR for the assertion, exercise or defense of legal rights and there is no reason to assume that you have an overriding interest worthy of protection in your data not being shared
if a legal obligation to share the data exists under Art. 6 para. 1 sentence 1 lit. c GDPR
if this is legally permitted and is required under Art. 6 para. 1 sentence 1 lit. b GDPR for the performance of a contractual relationship with you.
on the basis of a processing agreement entered into by us with a processor according to Art. 4 GDPR
If we should form the intention to use the personal data for a purpose other than those mentioned above, prior to this further processing we will make available to you information about this other purpose and all other relevant information according to Art. 13 para. 2 GDPR.
We use the following cookies:
Google Analytics cookies (see below under subsection 5.a.)
_dc_gtm_UA-117124506-2 (approx. 30 seconds; is needed by the TagManager and identifies the associated Analytics account)
agecheck (2 months; stores the existence of the age verification, so that it does not happen again every time you call up our website)
ga-disable-UA-117124506-2 (approx. 80 years; stores the Google Analytics opt-out)
_pk_id.29c86 (1 year; is needed by PIWIK to track the user, see below under subsection 5.b.)
_pk_ses2.9c86 (approx. 30 minutes; PIWIK, see below under subsection 5.b.)
In a cookie, information is deposited that arises in connection with the specific terminal device used. But that does not mean that we obtain direct knowledge of your identity from this.
You can prevent the use and placement of cookies by blocking the placement of cookies in the browser (you will find information about this in the Help function of the browser). Opt-out cookies prevent the future recording of data when visiting this website. However, we would like to point out that in this case perhaps not all functions of this website can be used in full.
The deployment of cookies helps in particular to make the use of our website offering convenient for you. We use the following cookies specifically:
a. Session cookies, to detect that you have already visited individual pages of our website. They are only stored in the random access memory of the user's computer. In a session cookie, a randomly generated, unique identification number is deposited, a so-called session ID. In addition, a cookie contains the information about its source and a storage time-limit. These cookies cannot store any other data. Session cookies are deleted when the session of use of the website is ended.
b. Temporary cookies, which are stored on your terminal device for a certain defined period of time. When you visit our site again to use our services, it is automatically recognised that you were on our site before, and what inputs and settings you made, so that you do not have to enter them again.
c. Cookies for statistical recording and for the purpose of optimising our website offering (see section 5). These cookies also make it possible, when your visit our website again, to recognise automatically that you had already visited our website. These cookies are automatically erased after a period of time defined for each.
The data processed by cookies are required for the aforementioned purposes to protect our legitimate interests and that of third parties under Art. 6 para. 1 sentence 1 lit. f GDPR.
Most browsers accept cookies automatically. But you can set up your browser so that no cookies are stored on your computer or so a notice appears every time before a new cookie is placed. However, complete deactivation of cookies can lead to your not being able to use all the functions of our website. Session cookies (see above 4.a.) normally cannot be suppressed.
5. Tracking tools
The tracking measures listed below and deployed by us are carried out on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR. By means of the deployed tracking measures, we want to ensure a demand-oriented design and ongoing optimisation of our website. Secondly, we use tracking measures to record the use of our website statistically and analyse this use for the purpose of optimising our website offering. These interests are to be viewed as legitimate within the meaning of the aforementioned regulation.
The respective data processing purposes and data categories can be inferred from the corresponding tracking tools.
a. Google Analytics
This website uses Google Analytics, a web analysis service of Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). The use encompasses the Universal Analytics operating standard. This makes it possible to associate data, sessions and interactions with a pseudonymised user ID across multiple devices and thus to analyse the activities of a user across devices (incl. cross-device tracking).
In this context, pseudonymised use profiles are prepared and cookies (see 4. above) are used. The information generated by the cookie about your use of this website, such as
operating system used
referrer URL (the previously visited site)
hostname of the accessing computer (IP address, abbreviated)
time of server request
is usually transmitted to a Google server in the United States and stored there.
If IP anonymisation is activated on this website, however, the IP address will be abbreviated beforehand by Google in the territory of Member States of the European Union or in other signatory countries of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the United States and abbreviated there. The IP address that the used browser transmits in the context of Google Analytics will not be combined with other data of Google. By order of the operator of this website, Google will use this information to analyse the use of the website, to compile reports on the website activities and to provide other services connected with the use of the website and the Internet to the operator of the website. These purposes in the present case also include the legitimate interest in the data processing. The legal basis for the deployment of Google Analytics is Art. 6 para. 1 lit. f GDPR. Sessions and campaigns are ended after a certain length of time expires. As a standard practice, sessions are ended after 30 minutes with no activity and campaigns are ended after six months. The time-limit for campaigns can be no longer than two years.
Besides the possibility of preventing the storage of cookies by setting the browser software accordingly (in that case an opt-out cookie is placed that prevents the future recording of your data when you visit this website; the opt-out cookie is valid only within this browser and only for our website and is deposited on your device; if you erase the cookies in this browser, you have to replace the opt-out cookie), you can prevent the recording to Google of the data generated by cookies and related to the use of the website (incl. IP address), and the processing of these data by Google, by downloading and installing the https://tools.google.com/dlpage/gaoptout?hl=de browser-add-on (deactivation add-on). To prevent recording by Universal Analytics across different devices, you must complete the opt-out on all the systems used. The opt-out cookie is placed by this route: Google Analytics deaktivieren. To prevent recording by Universal Analytics across different devices, you must complete the opt-out on all the systems used. We would like to point out that, if you opt-out, you may not be able to use all the functions of this website in full.
This information will perhaps also be transferred to third parties insofar as this is prescribed by law or to the extent that third parties are hired to process these data (see 3. above). In no case will your IP address be combined with other Google data. The IP addresses are anonymised, so that an association is not possible (IP masking, anonymizeIP).
You will find further information on data protection in connection with Google Analytics under Google Analytics Help (https://support.google.com/analytics/answer/6004245?hl=de).
The information about your use of this website, generated by the cookie, is not shared with third parties. You can prevent the storage of cookies by setting your browser accordingly; in this case, however, the functions of this website may not all be fully usable any longer.
If you do not agree with the storage and use of your data, you can deactivate the storage and use here […]. In this case, an opt-out cookie will be deposited in your browser that will prevent PIWIK from storing usage data. If you erase your cookies, the PIWIK opt-out cookie will be erased as a consequence. The opt-out will have to be activated again when you visit our site again.
6. Social media plug-ins
We deploy on our website social plug-ins of social networks and comparable functions of social media channels to increase awareness of our company, based on Art. 6 para. 1 sentence 1 lit. f GDPR. The promotional purpose behind it counts as a legitimate interest within the meaning of the GDPR. Responsibility for data protection-compliant operation is to be guaranteed by the respective provider.
Plug-ins are identified by the logo (or another symbol) of the respective network. When you call up a page of our website that contains one of these plug-ins, your browser usually already establishes a direct connection with the servers of the network. The content of the plug-in is then transmitted from the network directly to your browser, and integrated by the browser into the website. In any case, a connection is established with the network, and personal data are forwarded to it if you activate the plug-in button.
If you are logged in at the time of use of the plug-in, your visit to this website will be directly associated with your user account. If you have an account with the social network, the data can be linked to it and thus become public. If you do not want this to happen, you can log out on the network's page before visiting this website.
Before the plug-in can be used, you will usually be notified of the consequences once again – depending on the plug-in deployed – and you must confirm that you consent to the forwarding of the personal data. The exact purpose and scope of the data collection by the respective network and the further use of the data, as well as potential alternative settings with regard to the user account, can also be taken from the data protection statement of the respective network.
On our website, Facebook social media plug-ins are deployed to make its use as personal as possible. The "LIKE" and "SHARE" buttons are used for this. This is an offering from Facebook. The services are offered by Facebook Inc., 1601 S. California Ave., Palo Alto, CA 94304, USA.
When you call up our website, your browser establishes a direct connection with the servers of Facebook. The content of the plug-in is sent from Facebook directly to your browser, and integrated by the browser into the website.
Through the integration of plug-ins, Facebook is informed that your browser called up our website, even if you do not have a Facebook account or are not logged into Facebook. This information (including your IP address) will be transmitted from your browser directly to a Facebook server in the United States and stored there.
If you are logged into Facebook, Facebook can directly assign the visit to our website to your Facebook account. For example, if you click the "LIKE" or "SHARE" button, the corresponding information will likewise be sent directly to and stored on a Facebook server in the United States. The information will also be published on Facebook and will be visible by your Facebook friends.
Facebook can use this information for purposes of advertising, market research and demand-oriented design of the respective Facebook page. To do this, Facebook prepares usage, interest and relationship profiles, among other things, to evaluate your use of our website with a view to the ads displayed for you on Facebook, to inform other Facebook users about your activities on our website and to provide other services associated with the use of Facebook.
We would like to point out that we do not obtain any knowledge about the content of the transmitted data or its use by Facebook.
If you would not like Facebook to assign the data gathered via our website to be assigned to your Facebook account, you must log out of your Facebook account before visiting our website.
Plug-ins of the short message service of Twitter Inc. (Twitter) are used on our website.
When you call up our website, a direct connection is established between your browser and the Twitter server. Twitter obtains the information that you have visited our site with your IP address. If you click on the "Tweet" button while you are logged into your Twitter account, you can link to the content of our website on your Twitter profile. In this way, Twitter can assign your visit to our website to your user account. We would like to point out that we do not obtain any knowledge about the content of the transmitted data or its use by Twitter.
If you do not want Twitter to be able to assign the visit to our website, please log out of your Twitter user account.
You will find additional information in Twitter's data protection statement (https://twitter.com/privacy).
7. Rights of data subjects
You have the right, free of charge,
under Art. 15 GDPR, to demand information about your personal data that we process. In particular, you can demand information about the purposes of processing, the category of personal data, the categories of recipients to whom your personal data were or are disclosed, the planned duration of storage, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to complain, the source of your data if not collected by us, and about the existence of automated decision-making including profiling and meaningful information about its details, if any;
under Art. 16 GDPR, to demand the rectification of inaccurate data or the completion of your personal data stored with us without undue delay;
under Art. 17 GDPR, to demand the erasure of your personal data stored with us, unless the processing is necessary to exercise the right to a free expression of opinion and to information, to fulfil a legal obligation, for reasons of the public interest, or to assert, exercise or defend against legal claims; the same applies in the event of a restriction of processing;
under Art. 18 GDPR, to demand restriction of the processing of your personal data, if the correctness of the data is disputed by you, processing is unlawful but you refuse to have them erased, and we no longer need the data, but you need them to assert, exercise or defend against legal claims, or you have lodged a protest against processing under Art. 21 GDPR;
under Art. 20 GDPR, to demand to receive your personal data, which you have provided to us, in a structured, commonly used and machine-readable format, or to have those data transmitted to another controller;
under Art. 7 para. 3 GDPR, to withdraw your previously given consent from us at any time. This will have the consequence that we will no longer be permitted in future to continue the data processing that was based on this consent;
not to be subjected to a decision based solely on automated processing — including profiling — that has legal effect in relation to you or significantly harms you in a similar manner, insofar as the decision (1) is not required for the conclusion or performance of a contract between the data subject and the controller, or (2) is not permissible based on legal regulations of the European Union or of the Member States to which the controller is subject and these legal regulations contain appropriate measures to protect the rights and freedoms and the legitimate interests of the data subject or (3) is not made with the express consent of the data subject. If the decision (1) is required for the conclusion or performance of a contract between the data subject and the controller or (2) if it occurs with the express consent of the data subject, the Berentzen-Gruppe Aktiengesellschaft will take reasonable measures to protect the rights and freedoms and legitimate interests of the data subject, which shall include at a minimum the right to force a person to act on behalf of the controller, the right to explain one's own standpoint, and the right to challenge the decision. If the data subject would like to assert rights with respect to automated decisions, he/she can at any time contact an employee of the controller responsible for the processing and
object to a supervisory authority in accordance with Art. 77 GDPR. For this purpose, you can usually turn to the supervisory authority of your customary place of residence or employment or of the registered office of our firm.
To assert the rights of a data subject, please send an e-mail to firstname.lastname@example.org.
8. Right of Objection/Withdrawal
Insofar as your personal data are processed on the basis of legitimate interests under Art. 6 para. 1 sentence 1 lit. f GDPR, you have the right under Art. 21 GDPR to lodge an objection to the processing of your personal data or to withdraw any consent to the processing, to the extent that there are reasons for it resulting from your particular situation or that the objection/withdrawal is directed against direct advertising. In the latter case, you have a general right of objection/withdrawal that will be put into effect by us without your indicating any particular situation.
If you would like to make use of your right of objection/withdrawal, an e-mail sent to email@example.com will suffice.
9. Data protection
Within the website visit, we use the prevalent SSL method (Secure Sockets Layer) in combination with the highest encryption level that your browser supports. Generally, this is 256-bit encryption. You can tell whether a specific page on our website is transmitted in encrypted form by the locked image of the key or lock symbol in the lower status bar of your browser.
In addition, we use suitable technical and organisational security measures to protect your data against random or deliberate manipulation, partial or total loss, destruction or unauthorised access by third parties. Our security measures are continually enhanced in step with technological developments.
10. Up-to-dateness and amendment of this Data Protection Statement
This Data Protection Statement is currently valid and is updated as of 25 May 2018 (effective date of the GDPR).
On account of the further development of our website and offerings made via the website, or due to changes to legal or regulatory requirements, it may become necessary to amend this Data Protection Statement.