DATA PROTECTION DECLARATION
This privacy statement is addressed to all parties using this website in accordance with the regulation (EU) 2016/679 of the European Parliament and of the Council of 27.04.2016 (General Data Protection Regulation - GDPR).
The declaration only applies to the mentioned page and not to any other pages that may be accessible to the user by clicking on a hyperlink.
The operator of this site guarantees that, in accordance with the law, personal data will be processed in compliance with the basic rights and freedoms and with the dignity of the person concerned, in particular for the purposes of confidentiality, personal identity and the right to the protection of personal data.
1. Name and address of the responsible person and of the data protection officer
Responsible person in the sense of GDPR:
Weingut Pitsch am Bach
St. Justina 10
39100 Bozen | Südtirol
+39 0471 973 004
Data Protection Officer:
2. Location of data processing
ALL-INKL.COM – Neue Medien Münnich
D- 02742 Friedersdorf
Serverstandort Deutschland Als einer der wenigen Anbieter verfügt ALL-INKL.COM über mehrere eigene Rechenzentren. Diese befinden sich am Standort Dresden. Alle Daten unserer Kunden werden somit ausschließlich auf Servern in Deutschland gespeichert und unterliegen damit auch den deutschen Datenschutzgesetzen, die zu den strengsten weltweit gehören.
3. Extent and legal basis of the processing of personal data
We generally only process personal data of our users as far as this is necessary for the provision of a functional website as well as of our contents and services. Processing of personal data is carried out only with the consent of the user. An exception applies in those cases in which it is not possible to obtain prior consent for actual reasons and the processing of the data is permitted or provided for by legal regulations.
The legal basis for the processing of personal data is Art. 6 GDPR and, if necessary, specific contractual agreements with the user and associated obligations.
4. Data deletion and storage period
Unless specifically stated, we store personal data only for as long as necessary to fulfil the purposes pursued.
In some cases, the law prescribes the retention of personal data. In these cases, we only store the data for these legal purposes, but do not process it elsewhere and delete it after the legal retention period has expired.
5. General purposes of the processing
We use personal data for the purpose of providing this website and for the purposes set out below.
6. What data we use and why
Access data / server log files
When you use this website, information about your usage behaviour and your interaction with the site, as well as data about your computer or mobile device, is automatically collected (so-called server log files). This data includes:
- Name and URL of the website accessed
- Date and time of access
- Browser type and version
- Operating system
- Referer URL (i.e. the previously visited page)
- IP address of the client/user
All log files listed above are automatically deleted from our server after 365 days. The IP address of the user is only stored partially anonymised during this period. The collection of data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website. We use this log data without assigning it to you personally or otherwise profiling it for statistical evaluations for the purpose of the operation, security and optimisation of our website, but also for the anonymous recording of the number of visitors to our website (traffic) and the extent and type of use of our website and services, as well as for accounting purposes in order to measure the number of clicks received from cooperation partners. This information allows us to provide personalised and location-based content and to analyse traffic, find and fix errors and improve our services.
This is also our legitimate interest in data processing according to Art 6 (1) f) GDPR.
In addition, accesses with the full IP address are administratively logged by the website operator, among other things, for the purpose of detecting and defending against cyber-attacks. This data is deleted after a maximum of seven days.
Further information on the use, management and deletion of cookies can be found under the following link: [Click here]
According to its own information, Google has submitted to the Privacy Shield Agreement concluded between the European Union and the USA and has been certified for this purpose. Google thereby agrees to comply with the standards and regulations of European data protection law. You can find more information in the following linked entry: [Click here]
We have activated IP anonymisation on this website (anonymizeIp). This means that your IP address is shortened beforehand by Google within member states of the European Union or in other contractual states of the Agreement on the European Economic Area. Only in exceptional cases the full IP address is transmitted to a Google server in the USA and shortened there.
Further information on the use, administration and deletion of cookies can be found under the following link: [Click here]
You can also prevent the transmission of data generated by cookies and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link: [Click here]
As an alternative to the browser plug-in or within browsers on mobile devices, you can click on the following link to set an opt-out cookie that will prevent the collection by Google Analytics within this website in the future (this opt-out cookie only works in this browser and only for this domain. If you delete the cookies in your browser, you must click this link again): [Click here]
Google Web Fonts
This site uses so-called web fonts provided by Google for the uniform display of fonts. When you open a page, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly.
For this purpose, the browser you are using must connect to Google's servers. This informs Google that our website has been accessed via your IP address. Google Web Fonts are used in the interest of a consistent and appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 (1) f) GDPR.
If your browser does not support web fonts, a standard font from your computer will be used.
Data for the fulfilment of our contractual obligations (module: webshop/order form)
If orders are placed via this site, we process the personal data that we need to fulfil our contractual obligations, such as name, address, tax number, e-mail address, ordered products, billing and payment data. The collection of this data is necessary for the conclusion of the contract.
The deletion of the data takes place after the expiry of warranty periods and legal retention periods. Data linked to a user account shall in any case be retained for the duration of the management of this account.
The legal basis for the processing of this data is Art. 6 (1) b) GDPR, because this data is required for us to be able to fulfil our contractual obligations towards a customer.
Use of social plugins
Social plugins are integrated on this website using the so-called 2-click solution. By default, these buttons do not transmit any data to third parties. By manually activating them, the user agrees that data is transmitted to the respective operator of the social network and that third-party cookies are installed. But only for this one page and for the selected service. Preferences in this regard can be saved and changed at any time via the gear wheel icon.
If you activate the social plugins, please read the following explanations on how they work and what data is transferred.
Widget Google Maps
We integrate maps (Google Maps) from the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, in one or more places on this website. These are integrated via a script, whereby your IP address and your location data are sent to Google (but not without your consent, usually in the context of the settings made on your end device). The data may be processed in the USA.
Google is certified under the Privacy Shield agreement (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active) and thereby offers a guarantee of compliance with European data protection law.
7. Your rights as a person affected by data processing
If your personal data is processed, you are a person concerned within the meaning of the GDPR and you have the following rights towards the responsible person:
- the right to confirmation and information
- the right to rectification
- the right to erasure ("right to be forgotten")
- the right to restriction of processing
- the right to be informed
- the right to data transferability
- the right to object
- the right to revoke the declaration of consent under data protection law
- the right not to be subject to automated decision-making, including profiling
- the right to lodge a complaint with the supervisory authority.
Detailed information on the individual rights can be found under the following link: [Click here]
8. Data security
We are very concerned about the security of your data within the framework of the applicable data protection laws and technical possibilities.
Your personal data is always transmitted in encrypted form. This applies in particular to your orders and also to the customer login. You can recognise an encrypted connection by the fact that the address line of the browser changes from http:// to https:// and by the lock symbol in your browser line. We use the SSL (Secure Socket Layer) coding system, but we would like to point out that data transmission on the Internet (e.g. when communicating by e-mail) can have security gaps. Complete protection of data against access by third parties is not possible.
To protect your data, we maintain technical and organisational security measures in accordance with Art. 32 GDPR, which we continuously adapt to the state of the art.
We also do not guarantee that our service will be available at certain times; disruptions, interruptions or failures cannot be excluded. The servers we use are carefully backed up on a regular basis.
9. Disclosure of data to third parties
Generally, we only use your personal data within our company. However, we cannot exclude that when data is transferred to third parties, it may be transferred to another EU or non-EU country or to an international organisation, provided that this is in accordance with the purpose of the data processing.
If and to the extent that we involve third parties in the performance of contracts (such as logistics service providers), they will only receive personal data to the extent that the transfer is necessary for the relevant service.
In the event that we outsource certain parts of data processing (commissioned processing), we contractually oblige commissioned processors to use personal data only in accordance with the requirements of data protection laws and to ensure the protection of the rights of the data subject.
10. Further information
If you have any questions or concerns about data protection, please contact our controller/data protection email@example.com
Competent supervisory authority (Italy): Garante per la Protezione dei Dati Personali, Piazza di Monte Citorio 121, 00186 ROME, Tel: (+39) 06.696771, Fax: (+39) 06.69677.3785, E-mail: firstname.lastname@example.org, Website: http://www.garanteprivacy.it/.