Privacy Policy

In the following, we would like to explain to you what data we collect about you and what we do with this data. We also inform you about your privacy rights and explain to whom you can turn to, with questions about data privacy.

About us

Data controller responsible for the processing of your data (hereinafter: “controller”):

convivo GmbH, Nisselgasse 1-3/5, 1140 Vienna, Austria
Phone +43 19962117, E-Mail info(at)convivo-brands.com
Managing Partner: Tinneke Gies

We want to protect and uphold your privacy rights, so you can contact us for questions about this privacy policy, the processing of your data, your rights, or other matters.

Contact details of the data protection officer:

Dieter Jost, Lekkerland Handels- und Dienstleistungs GmbH,
Handelsstraße 1, 2630 50226 Ternitz, Austria
E-Mail: datenschutz@lekkerland.at

Scope of application

This privacy policy applies to the website convivo-brands.com. It is aimed at the visitors of our website.

On our pages further links are offered which lead to the websites of other operators for which this privacy policy does not apply.

Do I have to enter my data?

When you visit our website, user data are automatically stored. Some of the collected data is necessary for the use of a website. In addition, we also process your data in order to safeguard our legitimate interests according to a balance of interests. This will enable us to continuously improve the services we offer to you. On the following pages, you will learn about the background of our interests as well as whether and how you can object to the use of your data or disable the use of the data.

In order to use one of our offers or to send a request, you will be asked to provide your personal data. You can decide for yourself whether to take advantage of these offers and to provide your data. Of course, we process your data only for the purpose for which you provided us with your data. We also offer services for which we process your data only if you have given us your consent. The granting of consent is always voluntary. Consent that has been granted may be revoked at any time.

Please note that if you provide information about other persons, you must have obtained their prior consent and informed them of the purposes for which the information is being disclosed, as set forth in this privacy policy.

We also ask you to share this information with the people you include in the use of our services, such as family members or authorised persons.

 

What data do we process?

I. Your visit to our website

When you visit our website, different personal data is stored and used.

  1. Processed data and processing purposes:

 

  • Service provision: In order to visit and use our website, the specified data must be collected.
  • Data security: Every instance of access to our website is saved in a log file. We collect and use these data only for the purpose of data security.
  • Optimisation of the website including profiling: We are constantly improving our websites to give you the best experience. For this purpose, our service providers collect, store and process the specified data about your visit as part of commissioned data processing. Neither we nor the contracted service providers associate your visit data with your name or other personal information that you have given us. The IP number is anonymised prior to use for the generation of statistics.

 

Dates Service provision Data security Optimisation and invoicing of advertising measures including profiling
IP number x x
Name of the retrieved file x X
Transferred amount of data x
Visited website x X
Referrer URL (the previously visited website) x X
User agent your browser sends (only for mobile version or automatic voice control) x x X
Session Cookie x
Date and time of retrieval x
IDs for identifying the advertising partner, the advertisement and the advertising material x
Marketing channel x
Current time x
Time of the click x
ID of the keyword (external search term) x
ID of the visitor without personal reference x
Browser type

Browser version

Browser resolution (inner window size)

Browser language

Screen size

Screen resolution incl. colour depth

x
Cookie on/off x
JavaScript on/off x

 

In addition, the above-mentioned data are used for the following purposes in the context of a consideration of interests (Art. 6 (1) (f) GDPR). The interests are named below:

  1. Should a security incident occur in our company that affects your data, we are obliged to report the case to our data protection supervisory authority (Art. 33 GDPR). Since our legitimate interest is to comply with this statutory reporting obligation as quickly as possible, it may happen that in the context of the investigation of the corresponding security incident data about you are processed. Reports of these security incidents to data protection supervisory authorities do not contain any of your personal data.
  2. As it is in our interest to ensure the security of our systems, we regularly conduct security and efficacy tests that allow us to process your above-mentioned data.
  3. It is in our interest, in the event of litigation, to keep evidence until all relevant statutory limitation periods pursuant to §§ 195ff. BGB have expired. For this purpose, we retain the relevant data about you in accordance with these limitation periods.
  4. In addition, it is in our interest to investigate suspected cases and to hand over relevant information to law enforcement authorities in case of a specific criminal suspicion.

 

  1. Legal basis for the use of your data
    1. We process your data specified under service provision for the fulfilment of the contract relationships with you so you can receive our service, i.e. our website (Art. 6 (1) (b) GDPR).
    2. In addition, we process your data in order to safeguard our legitimate interests (Art. 6 (1) (f) GDPR):
      1. It is in our interest to be able to guarantee data security. For this purpose, the data of each visit are stored and evaluated in a log file.
      2. It is in our legitimate interest to optimise our website. For this purpose, service providers are used as part of commissioned data processing, Cookies are set and visitor data are transmitted to a server of a service provider (here: Google) in the USA.

 

  1. Deletion periods (or storage duration)
    • Closing the browser automatically deletes the session cookie.
    • The data used to optimise our website including profiling will be deleted after 7 days.
    • We use Cookies to distinguish your re-visit from your first visit to our website. You can manually delete the Cookie; otherwise, it will be automatically deleted 36 months after your last visit to our website and then re-set on your next visit with a new ID.

 

  1. Origin of the data

No data collection takes place using third parties.

 

  1. Data recipients in non-EU countries
  • The generated information about your use of this website is usually transmitted to a Google server in the USA and stored there. IP anonymisation has been activated on this website so that your IP address is shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the US and shortened there. For more information about how Google handles your personal data for the Google Analytics service, please refer to Google’s privacy policy. The EU Commission determines which non-EU countries have an appropriate level of data protection. The EU Commission recognises companies in the US who participate in the EU-US Privacy Shield Framework (also EU-US Privacy Shield) as data recipients with an adequate level of data protection. This agreement between the US and the EU ensures that data protection regulations when processing data in the US by EU-US Privacy Shield companies comply with the data protection standards of the European Union. Google LLC states that it has joined the EU-US Privacy Shield. Information on the appropriate or reasonable guarantees and how to obtain a copy of them or where they are available may be requested using the contact details provided above.

 

  1. Cookies and web tracking

Cookies are set. You can delete these cookies at any time via your browser settings or prevent their acceptance.

If you do not want us to log your visits, then please click on the following link:

  • You can prevent the collection of data by Google Analytics by clicking on the following link. An opt-out Cookie will be set to prevent the future collection of your data when you visit this website:
Disable Google Analytics

Clicking on the link to object to data collection will set an opt-out Cookie. Please do not delete this Cookie as it will indicate your objection to data collection. If you use different browsers or PCs to visit our website, please click on the link using each browser.

 

II. Contact and other services

  1. Processed data and processing purposes

In the following, we would like to discuss the purposes for which your data is processed, if you have a concern or use our services.

 

  • Processing of inquiries contact form: We process the data you give us if you have a question or concern. This includes the data that you have entered in the contact form, sent by e-mail or fax.

 

Dates Processing of inquiries incl. contact form
Salutation x
Name x
E-mail address x
Subject x
Message x
Telephone number, mobile number x

 

In addition, the above-mentioned data are used for the following purposes in the context of a consideration of interests (Art. 6 (1) (f) GDPR). The interests are named below:

  1. Should a security incident occur in our company that affects your data, we are obliged to report the case to our data protection supervisory authority (Art. 33 GDPR). Since our legitimate interest is to comply with this statutory reporting obligation as quickly as possible, it may happen that in the context of the investigation of the corresponding security incident data about you are processed. Reports of these security incidents to data protection supervisory authorities do not contain any of your personal data.
  2. As it is in our interest to ensure the security of our systems, we regularly conduct security and efficacy tests that allow us to process your above-mentioned data.
  3. It is in our interest, in the event of litigation, to keep evidence until all relevant statutory limitation periods pursuant to §§ 195ff. BGB have expired. For this purpose, we retain the relevant data about you in accordance with these limitation periods.
  4. In addition, it is in our interest to investigate suspected cases and to hand over relevant information to law enforcement authorities in case of a specific criminal suspicion.

 

 

  1. Legal basis for the use of your data

We process your specified data under Processing of inquiries incl. contact forms.

The data is processed for fulfilment of the contractual relationship with you (Art. 6 (1) (b) GDPR).

In addition, we process your data in order to safeguard our legitimate interests (Art. 6 (1) (f) GDPR):

  1. It is in our interest to be able to guarantee data security. For this purpose, the data of each visit are stored and evaluated in a log file.

 

  1. Deletion periods (or storage duration )
    • For the preservation of evidence, we retain data in accordance with the statutory limitation periods according to §§ 195ff. BGB. The storage duration of your data may exceed the duration stated above. The statutory limitation periods can be up to 30 years. The normal limitation period is 3 years.

 

  1. Origin of the data

No data collection takes place using third parties.

Which organisations receive your data?

The following table shows which organisations (“data recipients”) receive your data in which cases. You can read about the specific data in the corresponding sections of this privacy policy. Transfer of your data may sometimes occur due to legal reporting requirements. In other cases, we use selected vicarious agents and service providers who work for us as commissioned data processors (in accordance with Art. 28 GDPR) and may obtain access to your data in the required scope. Commissioned data processors are subject to numerous contractual obligations and may, in particular, process your personal data only on our instructions and solely for the fulfilment of the orders received from us.

 

Data recipient … receive data for the following purposes Explanation
Service provider for newsletter distribution Newsletter Within the scope of commissioned data processing, we use a service provider for the dispatch of the newsletter; the service provider receives your e-mail address for dispatch purposes.
Service provider for the optimisation of our website Optimisation of the website including profiling We are constantly improving our websites to give you the best experience. Our service providers collect, store and process the specified data about your visit on our behalf for this purpose. Neither we nor the contracted service providers associate your visit data with your name or other personal information that you have given us.
Service provider for the destruction of data carriers Service provision, data security, optimisation and invoicing of the advertising offer including profiling, optimisation of the website incl. profiling, display of photos, processing of inquiries incl. contact form, newsletter, RSS feed, comment function, station finder, contest, Facebook Connect Within the framework of order processing, we use service providers for the destruction and disposal of paper files and data carriers.
IT service Service provision, data security, optimisation and invoicing of the advertising offer including profiling, optimisation of the website incl. profiling, display of photos, processing of inquiries incl. contact form, newsletter, RSS feed, comment function, station finder, contest, Facebook Connect As part of the operation of our IT infrastructure and our website, the respective service providers can gain access to your data. We require our service providers to always limit the processing of your data to what is necessary to carry out the purpose.
Police, lawyers, law enforcement agencies, public prosecutor, state or federal criminal police Potentially: Service provision, data security, optimisation and invoicing of the advertising offer including profiling, optimisation of the website incl. profiling, display of photos, processing of inquiries incl. contact form, newsletter, RSS feed, comment function, station finder, contest, Facebook Connect It is in our interest to investigate suspected cases and to hand over all necessary data to law enforcement authorities in case of a specific criminal suspicion against a customer.
Social Media Social Plugins If you use Social Plugins, the operator of the corresponding medium will receive information about your previous visit to our website.

 

Your rights

You have the right to:

  • Information about your personal data stored about you (Art. 15 GDPR)
  • Data portability (Art. 20 GDPR)
  • Correction and completion of your data (Art. 16 GDPR)
  • Deletion (Article 17 GDPR)
  • Restriction of processing (Art. 18 GDPR)

Objection to the processing of your data in order to safeguard our legitimate interests or the legitimate interests of third parties (Art. 21 GDPR) – You have the right, for reasons arising from your particular situation, to object to such processing at any time; this also applies to profiling based on these provisions within the meaning of Art. 4 (4) GDPR.

To exercise these rights, you can contact us in particular via info@convivo-brands.com. If you do not want your data to be collected when visiting our website, you can click read under “8. Cookies and tracking” about how data collection can be disabled.

 

You also have the right to lodge a complaint with a data protection supervisory authority.