365FarmNet

Data Protection Declaration

Introduction

We, 365FarmNet GmbH, as the operator of this online offer, are responsible for the processing of the personal data of users of the online offer. You will find our contact details in the Disclaimer for the online offer. The details of the person to contact if you have any questions regarding the processing of your data are given directly in this Data Protection Declaration.

At 365FarmNet the protection of your personal user data is extremely important to us. In all our activities, we are constantly mindful of the issues of data protection, and we have more measures in place to safeguard the protection of your data than the statutory minimum requirements prescribed by law, in particular the European General Data Protection Regulation (GDPR) and the national data protection provisions, so you can rest assured that your data are in good hands.

We never give the data that are entrusted to us (business data as well as personal data) to third parties – including our partners. Insofar as the passing on of data is unavoidable within the framework of the direct processing of business processes, and under the consideration of proportionality aspects, this is always carried out on a need-to-know basis and in compliance with the most stringent due diligence and the statutory provisions. Under no circumstances are data passed on for advertising or market research purposes.

Your user data are stored exclusively on ISO certified servers in Germany.
In the case of the collecting and transfer of confidential data, we exclusively use safety technologies and security procedures that protect your personal data from unauthorised access, use or transfer.
With this Data Protection Declaration, we should like to inform you of the scope and purpose of the processing of personal data in connection with the use of the online offering.

Personal data
Personal data are information about an identified or identifiable natural person. This includes all the information with regard to your identity, such as your name, email address and postal address, for example. In contrast, information that cannot be linked with your identity (such as statistical information, i.e. the number of users of the online offering) are not deemed to be personal information.

In principle, you cannot use our online offering without disclosing your identity and without divulging your personal data. We then simply record general information about your visit to our online offering. However, personal data are collected from you for many of the services offered. We then fundamentally process these data exclusively for the purposes of the use of this online offering, in particular in order to be able to provide the information required. When collecting personal data, only those data that are absolutely necessary are marked as mandatory. In addition, it is possible that other information might be required, but this is provided on a voluntary basis. We always make it clear whether the fields are mandatory or voluntary. We then explain the specific details in the corresponding section in our Data Protection Declaration.
An automatic decision on the basis of your personal data is not made in connection with the use of our online offering.

Processing of personal information
We store your information on specially protected, ISO certified servers within the European Union. These are protected against the loss, destruction, access, alteration or dissemination of your data by unauthorised third parties by means of special technical and organisational measures. Only a very few authorised people have access to your data. These are people who are responsible for the technical, commercial or editorial aspects of the server. Despite regular controls, complete protection against all risks is not possible.

Your personal data are encrypted before they are transmitted over the internet. We use SSL (Secure Socket Layer) encryption for the data transmission.

Forwarding of personal data to third parties
In principle, we use your personal information only for the provision of the services that you have requested. Within the framework of the provision of our services, the access to your data by any external service providers whom we engage is limited exclusively to the purposes of service provision. By implementing technical and organisational measures, we ensure compliance with the data protection provisions and we also oblige our external service providers to agree to the same.

In addition, we do not pass on your data to third parties without your express consent, and in particular not for advertising purposes. The passing on of your personal data is carried out only if you have agreed to this or insofar as we are obliged to pass them on due to statutory provisions and/or we are justified or obliged to do so by instructions from the authorities or by law. This may involve information for the purposes of criminal prosecution, for hazard prevention or to enforce intellectual property rights.

Legal bases for the data processing
Insofar as we receive your consent to the processing of your personal data, Art. 6 Para. 1a) GDPR serves as the basis for the data processing.
Insofar as we process your personal data because this is required in order to fulfil a contract or it is required within the framework of a quasi-contractual relationship with you, Art. 6 Para. 1b) GDPR serves as the basis for the data processing. Insofar as we process your personal data to fulfil a legal obligation, Art. 6 Para. 1c) GDPR serves as the basis for the data processing.

Art. 6 Para. 1f) GDPR serves as the basis for the data processing, if the processing of your personal data is required in order to uphold a justified interest of our company or of a third party and your interests, basic rights and basic freedoms do not require the protection of your personal data.

Within the framework of this Data Protection Declaration, we always refer to the legal basis that we base our processing of your personal data on.

Data deletion and duration of storage
In principle, we always delete and/or block your personal data once the purpose for storage is no longer valid. However, we may continue to store these data if this is required by legal provisions to which we are subject, i.e. with regard to the statutory duties of storage and documentation. In such a case, we delete and/or block your personal data after the expiry of the corresponding provision.

Use of our online offering

Information about your computer
Every time you access our online offering, we collect the following information about your computer, irrespective of your registration: the IP address of your computer, the request from your browser and the time of your request. In addition, the status and the data quantities are recorded within the framework of this request. We also collect product and version information about the browser used and the operating system of the computer. Furthermore, we also record the website from which our online offering was accessed. The online address of your computer is stored only for the time that you use our online offering; once you have logged out, it is deleted or anonymised by means of abbreviation. The other data are stored for a limited period of time.

We use these data for the operation of our online offering, in order to identify and rectify any errors in particular, and to determine the utilisation of the online offering and to make changes and improvements. Our justified interest in the data processing for these purposes pursuant to Art. 6 Para. 1f) GDPR is the legal basis for this processing.

Use of cookies
As with many websites, we use cookies for our online offering. Cookies are small text files that are stored on your computer and store the specific settings and data used by your browser in its exchange with our online offering. As a rule, the cookie contains the name of the domain from which the cookie file was sent as well as information on the age of the cookie and an alphanumeric identification code.

Cookies enable us to identify your computer and to make any possible defaults immediately available. Cookies help us to improve our online offering and to be able to offer you an even better service that is even more suited to your individual requirements. Our justified interest in the data processing for these purposes can be seen in Art. 6 Para. 1f) GDPR.

The cookies that we use are so-called session cookies; they are automatically deleted as soon as the browser session is ended. Some individual cookies with a longer storage life can also be used in order to ensure that your defaults and preferences can be actioned when you next visit our online offering.
Most browsers are set up in such a way that they automatically accept cookies. However, you can deactivate the storage of cookies or set your browser up in such a way that it informs you as soon as cookies are sent. It is also possible to manually delete cookies that have already been stored via the settings in your browser. Please note, however, that in certain circumstances, you will only be able to access our online offering to a restricted degree, or you may not be able to use it at all, if you refuse the storage of cookies or delete cookies that are necessary.

Google Analytics
We use Google Analytics for statistical evaluations. Google Analytics is a web analysis service from Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94034, USA (“Google”). Google Analytics uses so-called “cookies”, text files that are stored on your computer and that facilitate an analysis of your use of our website. The information collected by the cookies regarding your use of our website is generally transferred to a Google server in the USA, where it is stored. In the case of the activation of IP anonymisation on this website, your IP address is first abbreviated by Google within the member states of the European Union or in other countries that are contracting parties to the Agreement on the European Economic Area. Only in exceptional cases is your full IP address transmitted to the USA and abbreviated there. On behalf of the operator of this website, Google uses this information in order to evaluate the use of the website, to create reports on the website activities and to provide other associated services to do with the use of the website and internet use vis-à-vis the website operator.

The IP address transmitted by your browser within the framework of Google Analytics is not amalgamated with other data stored by Google. You can prevent the storage of cookies via a corresponding setting in your browser software; however, we should like to make you aware that in this case, it is possible that you will not be able to use all the functionalities of the website in full. In addition, you can prevent the recording by Google of the information relating to your use of the website (incl. your IP address) collected by the cookie as well as the processing of said information by Google by downloading our browser plugin from the following link http://tools.google.com/dlpage/gaoptout?hl=de and installing it.

You will find further information on this at http://tools.google.com/dlpage/gaoptout?hl=de or http://www.google.com/intl/de/analytics/privacyoverview.html (general information on Google Analytics and data protection). We should like to mention that Google Analytics has been extended by the code "anonymizeIp();" on our websites in order to anonymise the IP addresses, whereby the final octet of the address is deleted.
We believe that, based on the security measures taken (anonymisation and opportunity to object), the data protection for the optimisation of our online offering can be deemed a justified interest in data processing within the meaning of Art. 6 Para. 1f) GDPR.

Re-targeting and re-marketing
Re-targeting and/or re-marketing means technologies whereby users who have previously visited a specific website can receive targeted advertising even once they have logged out of this website. For this, it is necessary to be able to identify users beyond the confines of our own website, which is where the use of the cookies of the corresponding service provider comes in, and the previous user behaviour also plays a part in this. For example, if a user views specific products, it is possible for these or similar products to be shown to him or her later on as advertisements on other websites. This is known as personalised advertising that is tailored to the specific needs of the individual user. However, it is not necessary that the user should be further identified for the implementation of this personalised advertising. We therefore do not merge the data used for re-targeting and/or re-marketing with other data.

We use such technologies to trigger advertisements on the internet. We use third-party suppliers for the triggering of advertisements. Amongst others, we use the offerings of Google to enable the automatic fading in of products that the internet user is interested in. This function is implemented via cookies. You will find further information on this technology in the Google Data Protection Declaration at https://policies.google.com/privacy?hl=de. The installation of cookies for Google Remarketing and Google AdWords Conversion Tracking can be prevented by re-setting the relevant browser software by accessing the website http://www.google.com/policies/privacy/ads/ where you can change the corresponding setting.

The triggering of advertisements, however, conforms with our justified interest pursuant to Art. 6 Para. 1f) GDPR.

Matomo
For our online portal, we use the open source software Matomo (formerly Piwik) for the statistical evaluation of our users. This is a web analysis service. The data collected by Matomo is stored in a database for use analysis purposes, with the aim of optimising our website. Our justified interest in the data processing for these purposes can be seen in Art. 6 Para. 1f) GDPR. The data collected are abbreviated IP addresses, the time, the website visited, the referrer website, the browser used, the length of stay on our website and the frequency of visits.

The analyses created by Matomo are completely anonymised and cannot be used for the identification of individual persons. There is no linking of data stored by Matomo with other data sources or transfer of data to third parties.

Registration

You can register for the use of our online offering, namely for the use of our 365FarmNet platform. During the course of registration, you must provide certain data, for example name, address and email address. In addition, we record the date and time and your IP address. Within the framework of the registration process, we obtain your consent for the use of your data. This means that you do not have to enter these data every time you use our website and/or place an order.

The legal basis for the processing of your data at registration and with your consent is Art. 6 Para. 1a) GDPR. If you register with us in order to complete or initiate a contract, the legal basis for the processing of your data is additionally Art. 6 Para. 1b) GDPR.

The mandatory fields that you are requested to complete during the course of registration are required in order to initiate or complete a contract with us for certain services.
A customer account is set up upon registration with us. The data in the customer account are stored for as long as the customer relationship remains active. If there has been no activity on the account for a period of three years, the status of the customer relationship is set to inactive. You can request the deletion of your customer account at any time.

Order processing

We use your personal information for orders only within our own company and associated companies or within companies that are commissioned to deal with the processing of the orders.

Storage and data transfer in the case of orders
In our order processing, we work together with different companies that are responsible for payment processing and logistics. In this, we ensure that our partners also comply with the data protection provisions. The legal basis for the transfer of data is Art. 6 Para. 1b) GDPR. The processing of your personal data is required so that we can fulfil the contract with you.

The data are stored with us for as long as they are needed for the fulfilment of the contract. In addition, we store these data for the fulfilment of subsequent duties and on for the legally prescribed periods stipulated in commercial and fiscal law. As a rule, these storage periods run for 10 years from the end of the relevant calendar year.

Payment processing
Depending on the type of payment, payment processing for orders may also be carried out using the services of a third-party provider.

In the case of payment using a credit card, payment processing is carried out by our service provider EVO Payments International GmbH, Elsa-Brändström-Straße 10-12, 50668 Cologne. The credit card data (name and credit card details) are entered directly with the service provider, who then initiates payment by means of collection via the credit card bill; we simply inform the service provider of the settlement amount. The legal basis for the payment processing is Art. 6 Para 1b) GDPR. The processing of your personal data is required so that we can fulfil the contract with you, whereby you are free to choose the payment method you wish to use.

The data are stored with us for as long as they are needed for the fulfilment of the contract. In addition, we store these data for the fulfilment of subsequent duties and on for the legally prescribed periods stipulated in commercial and fiscal law. As a rule, these storage periods run for 10 years from the end of the relevant calendar year.

Communication with us

You can contact us in various different ways, for example via the email addresses that you will find on our website

Social Media
In our online offering, you will find links to the social networks Facebook and Instagram, the career network Xing, to YouTube and to the short message service Twitter. You can identify the links by the logos for the relevant service providers.
By clicking on the links, the corresponding social media pages are opened, but please note that this Data Protection Declaration does not apply to any of these. Please consult the relevant data protection declarations for the individual providers for further details; you will find these at:

Facebook: http://www.facebook.com/policy.php
Instagram: https://help.instagram.com/155833707900388
Xing: https://www.xing.com/privacy
Twitter: https://twitter.com/privacy?lang=de
YouTube: https://policies.google.com/privacy?hl=de&gl=de

Before you access the corresponding links, no transfer of personal information is made to the relevant provider. By accessing the linked webpage, you simultaneously create the basis for data processing by the relevant provider.

Use of YouTube
Videos are included in our online offering, and we use a plugin from the Google service YouTube for them to be played. The operator of this service is YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. If you access a website in our online offering and this contains a video, a connection to the YouTube servers is created. This means that the YouTube servers are informed about which websites in our online offering you have visited.

If you are logged in to your YouTube account, you enable YouTube to assign your surfing behaviour directly to your personal profile. You can prevent this by logging out of your YouTube account. You will fine further details on dealing with user data in Google’s data protection declaration at https://www.google.de/intl/de/policies/privacy/, which also applies for YouTube.

We use YouTube so that we can show you videos in order to inform you better about our company and our services; our justified interest in this is governed by Art. 6 Para. 1f) GDPR.

Your rights and contact

It is extremely important to us that the processing of your personal data should be as transparent as possible and that we also inform you about your rights at the same time. If you would like further information or you wish to enforce your legal rights, please contact us at any time so that we can deal with your concerns.

Rights of those affected
With regard to the processing of your personal data, you have a number of comprehensive rights. First of all, you have a comprehensive right to information and you are entitled to request the correction and/or deletion and/or blocking of your personal data. You can also request a restriction in the processing of your data and you also have a right to object. With regard to the personal data that you have given us, you also have a right to data transferability.
If you would like to enforce any of your rights and/or you wish to receive further information on this topic, please contact our Customer Services. Alternatively, you can contact our Data Protection Officer.

Revocation of consent and objection
The consent that you have provided can be revoked at any time, with effect for the future. By revoking your consent, the legality of the processing that was carried out up to the time of revocation is not affected. Please contact our Customer Services or our Data Protection Officer in this respect as well.
Insofar as the processing of your personal data is not based on your consent, but on a different legal basis, you can object to this data processing. Your objection will result in a review of and possibly an end to the data processing. You will be informed of the result of the review and will receive further information from us as to why the data processing is admissible if the result of the review should be that the data processing can continue.

Data protection officer and contact
We have commissioned an external data protection officer to support us in all matters concerning data protection. You can contact this data protection officer directly. In the case of questions regarding our handling of personal data or for further information on data protection topics, our data protection officer and his team will be happy to help you:

Attorney at Law Dr Sebastian Meyer

c/o BRANDI Rechtsanwälte
Adenauerplatz 1, 33602 Bielefeld
Telephone: 0521 / 96535-812

E-Mail: privacy noreply@spam.no 365farmnet.com

If you would like to contact our data protection officer by email, please write to sebastian.meyer noreply@spam.no brandi.net.

Complaints
If you believe that our processing of your personal data has not been carried out in compliance with this Data Protection Declaration or the applicable data protection rules, you can submit a complaint to our data protection officer. The data protection officer will then investigate the matter and inform you of the result of his investigation. In addition, you have the option of taking your complaint to the supervisory authority.

Further information and changes

Links to other websites
Our online offering can contain links to other websites. As a rule, these links are identified as such. We have no influence over whether and to what degree the valid data protection provisions are complied with on these websites. We therefore recommend that you should find out about the relevant data protection declaration for the other websites.

Changes to the Data Protection Declaration
The status of this Data Protection Declaration is given below in the information on the date. We reserve the right to change this Data Protection Declaration at any time with effect for the future. Changes may be made in particular in the case of technical updates to the online offering or changes to the data protection provisions. The currently valid version of the Data Protection Declaration can always be accessed via the online offering. We recommend that you regularly inform yourself of any changes to this Data Protection Declaration.

Status of this Data Protection Declaration: May 2018

Contact

For questions in connection with our Data Privacy Policy please contact our Data Protection Officer at the following email address: privacy noreply@spam.no 365farmnet.com

Alternatively, please feel free to contact us by post at the following address:

365FarmNet GmbH
Hausvogteiplatz 10
10117 Berlin