Data protection declaration

Information regarding data protection

All procedures with regard to data processing (e. g. collection, processing and transfer) are subject to the legal requirements. The following explanation gives you an overview of what type of data is collected, the way in which this data is used and transferred, which security mechanisms we use to protect your data and the way in which you can obtain information about the information you give us.

§ 1 Collection and saving of personal data

Personal data is considered to be individual specifications about personal or professional relationships with a particular natural person or a natural person that can be determined, for example, your name, address, telephone number, date of birth, you bank details or your IP address. The following data is logged when using the websites. The storage of this information serves internal system-related and statistical purposes only.

  • The name of the pages you call up, the operating system and the querying domain, date and time of access,
  • the search machine used,
  • names of downloaded files and your IP address.

All information regarding utilisation will be deleted as soon as possible, in particular, the IP address. However, for credit card payments, in particular, it may be necessary to save the data for handling the payment for a longer period of time. Further, personal information, for example, yout full name, your email address, address, credit card data, user name and passwords are only logged if these are required within the framework of a query, order or registration. Only the data required for the relevant purpose will be queried. We will store you data until such time as your query or order plus any payments are completed or as long as your registration remains intact. You have the right to call up your registration data at any time, to correct it or to delete it. We will delete your registration whenever a deletion is prescribed in law, but at the latest two years after your last login.

§ 2 Utilisation, transfer and deletion of personal data

The personal data made available by you to us will only be used for the intended purpose, for example, to answer your queries, to handle your order, to enter a competition, to check your authorisation to use a given credit card as well as for the technical administration of the websites.

Your personal data will never be sold. The transfer or other transmission of your personal data to third parties is only carried out for the purposes of contractual handling or invoicing or to deduct payment or if you have expressly permitted it. No other utilisation of the information is permitted. In addition, during the course of orders, we are permitted to pass personal data to collection agencies and reserve the right to exchange data with credit agencies. Furthermore, we cannot guarantee that we will not use anonymous utilisation data for the purposes of market research. If we do so it will be impossible to identify individual users.

We also indicate that we, at the orders of the appropriate authorities, and in individual instances, are authorised to give out information concerning data insofar as this is intended for the purposes of a criminal investigation, to help the police authorities to prevent risks, to fulfil the legal requirements of the constitutional protection authorities of the states and the country, the intelligence services or the military intelligence services or the implementation of right to intellectual property.

§ 3 Security notes

We have taken a number of security steps to ensure personal information is protected adequately and at an appropriate level. Our databases are protected by physical and technical measures as well as procedural measures designed to limit access to information to specially authorised persons in conjunction with this data protection declaration. Our information system is located behind a software firewall to prevent access from other networks connected to the Internet. Only those members of staff that require information in order to fulfil a specific task will be given access to personal information. Our members of staff are trained with regard to security and data protection practices. If data is collected via our Internet pages for the purpose of payment processes, the transfer is encrypted using the industry standard Secure-Socket-Layer (SSL) technology. Sensitive information, such as credit card numbers and account information will be encrypted to ensure additional protection.

Your password that enables access to our Internet pages should never be passed on to a third-person, you should also change this password regularly. When you leave our pages, use the log out function and then close your browser to ensure that unauthorised users are unable to access your user account.

When communicating with us by email, we are not able to ensure complete data security.

§ 4 Use of cookies

We use cookies in order to collect statistical data regarding the utilisation of our website or to make the use of the site easier for you (e. g. remembering the language variation you have selected). "Cookies" are text files that are stored locally on your computer in the memory of your browser by a website. The cookies we use do not collect any personal information about you or your usage. Cookies that have been deposited on your system may be deleted by yourself at any time, by calling up the appropriate menu item in your Internet browser or deleting the cookies from your hard drive. Details about this process can be found in the help menu of your browser. Of course, you can also use our website without cookies. You can reject (deactivate) the use of cookies at any time using the settings of your Internet browser. The Internet browser settings for Microsoft Internet Explorer can be found under "Tools/Internet Options" and for Mozilla Firefox under "Tools/Settings". Details about these settings can be found in the help menu of your browser. The rejection or acceptance of cookies may affect the functionality of our or other websites. The cookies listed below store the information described in each case and transmit it to us:

§ 5 Right to information

You have the right to information at all times with regard to the data saved about yourself, the origins and recipients of such as well as the purpose of the data processing. If you have any questions regarding data protection, contact us at any time using info@haribo.com.

§ 6 Piwik PRO

We use Piwik PRO Analytics Suite as our website analytics tool. This collects data about you as a website visitor based on cookies. The information collected may include the following data in particular:

  • IP address
  • operating system
  • browser ID
  • Browsing activity
  • Network location
  • Time of visit to the website
  • Pages viewed (a page URL and a page title)
  • Time spent on each page
  • HTTP referrer
  • Device type
  • Browser type
  • User ID
  • Visitor ID
  • Device ID
  • Session ID

We calculate metrics such as bounce rate, page views, sessions and similar usage parameters to understand how our website is used. We may also create visitor profiles based on browsing history to analyse visitor behaviour, display personalised content and run online campaigns.

You can find more information about the cookies being used, any consent you might have granted and ways to manage cookies in the section § 4 Use of cookies.

We process your personal data for website analysis based on your consent.

The personal data collected via the Piwik PRO Analytics Suite will be stored for 25 months.

External IT service provider for website analysis, specifically Piwik PRO GmbH, Kurfürstendamm 21, 10719 Berlin, Germany

§ 7 Friendly Captcha

We use the Friendly Captcha anti-bot solution to secure input fields against automated attacks. The following information will be processed:

  • Hash value (one-way encryption) of the incoming IP-address (the IP-address is discarded, only the hash value is stored)
  • HTTP-request header-data, especially user-agent, origin, and referrer
  • Date/time of the request
  • Version of the widget used
  • Number of requests from the (hashed) IP-address per time period
  • Answer of the arithmetic problem solved by the visitor's computer

The data collected by Friendly Captcha will be deleted after 30 days.

External service providers for an anti-bot solution on the website www.haribo.com, specifically Friendly Captcha GmbH, Am Anger 3-5, 82237 Woerthsee, Germany