General Information

Protecting your personal data is important for us. This data privacy statement provides information for you as a user of our website regarding the scope, nature and purpose of the collection and use of your personal data as you use our website. The basis of this is the applicable legal provisions for data protection.

Responsible Authority and Data Protection Officer

The responsible authority for processing your personal data is Privatbrauerei Eichbaum GmbH & Co. KG, Käfertaler Strasse 170 in 68167 Mannheim, Germany. You can reach us by phone at +(49) 621 – 33 70 - 0 or via e-mail at info@eichbaum.de.
You can also contact our Data Protection Officer at any time for all questions related to data protection and privacy. Our Data Protection Officer can be reached at the address above by adding "Data Protection Officer" to the address or via e-mail to: datenschutz@eichbaum.de.

What Is Personal Data?

Personal data includes all information and details in any form that can be used to establish a link to a natural person. This includes for example the name, address and phone number, e-mail address, IP addresses or details regarding a person's professional career.

External Hosting

This website is hosted by an external service provider (hoster). Personal data that is collected on this website is stored on the hoster's servers. This includes mainly IP addresses, contact requests, metadata and communication data, contract data, contact data, names, website access data and other data that is generated by a website.
The purpose of using the hoster is to fulfil contracts with our potential and existing customers (art. 6 para. 1 let. b of the General Data Protection Regulation (GDPR)) and in the interest of providing online offers quickly, securely and efficiently by a professional provider (art. 6 para. 1 let. f GDPR). If corresponding consent was requested and obtained, the processing is carried out exclusively on the basis of art. 6 para. 1 let. a of GDPR and § 25 para. 1 of the German Telecommunications Telemedia Data Protection Regulations, provided the consent includes saving cookies or accessing information on the user's terminal device (e.g. device fingerprinting) within the meaning of the TTDPR. Consent may be revoked at any time.
Our hoster will only process your data to the extent required to fulfil its service obligations and will follow our instructions regarding this data.

Data Collected while Visiting Our Website

Data collection of server log files on these web pages is carried out on the basis of art. 6 para. 1 let. f of GDPR to safeguard our legitimate interests (e.g. secure operation of the web pages). When you use our website, the following data items (server log files) are logged during your visit: IP address, name of the calling website, date and time, browser type and version, operating system, host name of the accessing computer and the previously visited internet page (referrer). These data items are used without reference to any person and only to create web statistics. They are not merged with other data sources.

Request via Contact Form

If you send requests to us via contact form, your information from the request form including the contact data you specify there will be saved by us for the purpose of processing the request and for the case of follow-up requests. We will not forward this data without your consent.
This data will be processed on the basis of art. 6 para. 1 let. b GDPR if your request is associated with the fulfilment of a contract or if required to implement pre-contractual measures. In all other cases, processing of the data is based on our legitimate interests in effective processing of requests directed to us (art. 6 para. 1 let. f GDPR) or on your consent (art. 6 para. 1 let. a GDPR), provided we have requested and obtained such consent. Consent may be revoked at any time.
The data sent by you via contact request will be retained by us until you request for it to be deleted, revoke your consent for data storage, or the purpose for the data being stored is no longer applicable (for example after processing of your request is completed). Mandatory legal provisions – in particular retention periods – remain unaffected.

Request via E-Mail, Phone or Fax

If you contact us via e-mail, phone or fax, your request including all personal data derived from it will be saved by us and processed for the purpose of responding to your request. We will not forward this data without your consent.
This data will be processed on the basis of art. 6 para. 1 let. b GDPR if your request is associated with the fulfilment of a contract or if required to implement pre-contractual measures. In all other cases, processing of the data is based on our legitimate interests in effective processing of requests directed to us (art. 6 para. 1 let. f GDPR) or on your consent (art. 6 para. 1 let. a GDPR), provided we have requested and obtained such consent. Consent may be revoked at any time.
The data sent by you via contact request will be retained by us until you request for it to be deleted, revoke your consent for data storage, or the purpose for the data being stored is no longer applicable (for example after processing of your request is completed). Mandatory legal provisions – in particular retention periods – remain unaffected.

Use of Cookies

Our internet pages do not use "Cookies". Cookies are small text files. They do not do any damage to your terminal device. They are stored on your terminal device either temporarily for the duration of a session (session cookies) or permanently (permanent cookies). Session cookies are deleted automatically after the end of your visit. Permanent cookies remain saved on your terminal device until you delete them yourself or they are deleted automatically by your web browser.
Cookies may originate from us (first-party cookies) or from third party companies (called third-party cookies). Third-party cookies make it possible to incorporate certain services from third-party service providers within websites (cookies for processing payment services, etc.).
Cookies have different functions. Numerous cookies are necessary for technical reasons, because certain website functions (such as contrast settings or display of videos) would not work without them . Other cookies can be used to evaluate user behaviour or for advertising purposes.
Cookies that are required to carry out the electronic communication process (necessary cookies) or to provide certain functions you may want (functional cookies such as contrast settings), or to optimise the website (cookies for measuring the web public, etc.) are saved on the basis of art. 6 para. 1 let. f GDPR, provided no other legal basis is specified.
As a website operator, we have a legitimate interest in saving cookies for reasons related to providing our services in an optimised manner free of errors. If consent for saving cookies has been requested and obtained, the relevant cookies are then saved exclusively on the basis of this consent (art. 6 para. 1 let. a GDPR and § 25 para. 1 TTDPR). Consent may be revoked at any time.
You can set your browser so that you are informed when cookies are set and only allow cookies on a case-by-case basis, to exclude accepting cookies for specific cases or in general, and to automatically delete cookies when the browser is closed. If cookies are deactivated, the functionality of a website may be restricted.
If cookies of third-party companies or for analysis purposes are used, we will inform you about this specifically as part of this data privacy statement and ask for your consent if applicable.

Audio and Video Conferences with Microsoft Teams

For communication with customers and business partners, we use various tools including online conference tools.
The provider is Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland. For details regarding data processing, refer to the data privacy statement of Microsoft Teams: https://privacy.microsoft.com/de-de/privacystatement.

Microsoft has a certification in accordance with the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that guarantees compliance with European Union data privacy standards for data processing in the USA. Every company certified according to DPF agrees to comply with this data privacy standard.

Further information is available from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant- detail?contact=true&id=a2zt0000000KzNaAAK&status=Active.
We have signed a contract covering order processing for usage of the service named above. This is a contract as stipulated by data protection law that ensures that the service will only process the personal data of our website visitors according to our instructions and in compliance with the GDPR.

If you communicate with us by video or audio conference via internet, your personal data will be collected and processed by us and by Microsoft, the provider. We use Microsoft Teams to communicate with prospective and existing contractual partners or to offer certain services to our customers (art. 6 para. 1 let. b GDPR). Using this tool furthermore serves to simplify and speed up communication with us and our company in general (legitimate interest within the meaning of art. 6 para. 1 let. f GDPR). If consent has been requested and obtained, the use of the relevant tool is on the basis of this consent. Consent may be revoked at any time with effect for the future.

Microsoft Teams collects all data that you provide/use in order to make use of the tool (e-mail address and/or your phone number). In addition, Microsoft Teams processes the duration of the conference, the beginning and end (time) of participation in the conference, the number of participants and other "context information items" in connection with the communication process (metadata).
The tool provider also processes all technical data required for handling online communication. This includes in particular IP addresses, MAC addresses, device IDs, the device type, operating system type and version, client version, camera type, microphone or loudspeaker and the type of connection.
If content is exchanged, uploaded or provided by some other means within Microsoft Teams, it is also saved on the Microsoft servers. This content includes in particular cloud records, chat/instant messages, voice mails, uploaded photos and videos, files, whiteboards and other forms of information that are shared while the service is being used.
Please note that we do not have full influence on the data processing processes of the Microsoft Teams tool that is used. Our options depend largely on the company policies of Microsoft. For further information on data processing by Microsoft Teams, refer to the data privacy statement of Microsoft Teams.
The data collected directly by us through Microsoft Teams is deleted by our systems as soon as you request for it to be deleted, revoke your consent for data storage, or the purpose for the data being stored is no longer applicable. Saved cookies remain on your terminal device until you delete them. Mandatory legal provisions remain unaffected.
We have no influence over the storage duration of your data that is saved by Microsoft for its own purposes. For specific details, please contact Microsoft Teams directly.

Information, Correction and Deletion of Data

You have the right to obtain information about all of your data saved by us at any time. This right includes the right to have incorrect data corrected or deleted. You also have the right in certain circumstances to demand the restriction of processing of your personal data.
Please direct all requests for information, corrections or deletions, indicating your full name and postal or e-mail address, to our Data Protection Officer: Privatbrauerei Eichbaum GmbH & Co. KG, Datenschutzbeauftragte, Käfertaler Strasse 170 in 68167 Mannheim, Germany or datenschutz@eichbaum.de.

Right of Appeal

In accordance with art. 77, para. 1 GDPR, you have the opportunity to refer matters to a regulatory authority. The right of appeal in accordance with art. 77 GDPR is available to you in the EU member state where you reside, of your workplace and/or of the location where the alleged violation occurred. This means you can choose the regulatory authority you contact from the above list of locations. The regulatory authority to which you submitted your appeal will then instruct you regarding the status and results of your submission, including the possibility of a judicial remedy in accordance with art. 78 GDPR.
The data protection regulatory authority responsible for us is the state representative for data protection and freedom of information of Baden-Württemberg, Postfach 10 29 32, 70025 Stuttgart, Germany.

Storage Duration

If no special storage duration was named in this Data Privacy Statement, your personal data will be retained by us until the purpose for the data processing is no longer applicable. If you assert your right to request deletion of data or revoke your consent, your data will be deleted, provided we have no other legally permissible reasons to save your personal data (such as retention periods under tax or commercial law); in this latter case the data will be deleted after these reasons are no longer applicable.

Revocation of Your Consent to Data Processing

Many data processing processes are only possible with your explicit consent. You can revoke consent that has already been given at any time. The legality of the data processing that was carried out up until the revocation remains unaffected.

RIGHT TO APPEAL IN ACCORDANCE WITH ART. 21 GDPR
If the data processing is carried out on the basis of art. 6 para. 1 let. f GDPR, you have the right for reasons related to your particular situation to submit an objection against processing of your personal data at any time. This also applies to profiling based on these provisions. If you file an appeal, we will discontinue processing your personal data unless we can demonstrate compelling and legitimate reasons for processing it that outweigh your interests, rights and freedoms or processing the data serves to assert, exercise or defend legal claims (objection pursuant to art. 21 para. 1 GDPR).

If your personal data is processed to operate direct advertising, you have the right to submit an appeal against the processing of personal data related to you for the purpose of such advertising. The same applies to profiling, provided it is associated with such direct advertising. If you object, your personal data will then no longer be used for the purpose of direct advertising (objection pursuant to art. 21 para. 2 GDPR).

SSL or TLS Encryption

For security reasons and to protect the transmission of confidential content such as orders or requests that you send to us as a website operator, our website uses SSL or TLS encryption. You can recognise an encrypted connection from the fact that the address line of the browser changes from "http://" to "https://" and by the lock icon in your browser line.
If SSL or TLS encryption is activated, the data that you transmit to us cannot be intercepted by third parties.
We draw your attention to the fact that data transmission on the internet (for example communication via e-mail) may have security gaps. Seamless protection of data against access by third parties is not possible.