General Information on the Use of Personal Data according to Art. 13 GDPR.
(As of June 2023)
The following privacy notice applies to the online presence and services of Uplegger Food Company GmbH, Hans-Böckler-Str. 17, 30851 Langenhagen (hereinafter referred to as „Uplegger“ or „we“).
Through this privacy notice, we fulfill our obligation to inform according to Art. 13 of the EU General Data Protection Regulation (GDPR).
The protection of your personal data is of utmost importance to Uplegger, as confidentiality is one of our core principles. Uplegger complies with the strict regulations of European data protection law concerning the processing of personal data.
You are not legally or contractually obliged to provide us with your data.
Personal data refers to any information relating to an identified or identifiable natural person (hereinafter referred to as the "data subject"). An identifiable natural person is one who can be directly or indirectly identified, especially by reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more specific factors that express the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
Processing is any operation or series of operations carried out with or without the aid of automated processes in connection with personal data. This includes the collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction of personal data.
Restriction of Processing
Restriction of processing is the marking of stored personal data with the aim of limiting its future processing.
Profiling is any form of automated processing of personal data that involves using such data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning their performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.
Pseudonymization is the processing of personal data in a way that the data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data cannot be attributed to an identified or identifiable natural person.
A file system is any structured collection of personal data that is accessible based on specific criteria, regardless of whether this collection is maintained centrally, decentrally, or organized based on functional or geographical aspects.
The controller is the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union law or the law of the Member States, the controller or the specific criteria for its nomination may be provided for by Union law or the law of the Member States.
Processor is a natural or legal person, public authority, agency, or other body that processes personal data on behalf of the controller.
Recipient is a natural or legal person, public authority, agency, or other entity to whom personal data is disclosed, whether or not they are a third party. However, authorities that may receive personal data in the context of a specific investigation mandate under Union law or the law of a Member State are not considered recipients. The processing of such data by the mentioned authorities shall be in compliance with applicable data protection regulations and in accordance with the purposes of the processing.
A third party is a natural or legal person, public authority, agency, or any other entity, other than the data subject, the controller, the processor, and the persons who are authorized to process personal data under the direct responsibility of the controller or the processor.
Consent is any freely given, specific, informed, and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
You can find further information in Article 4 of the GDPR, here: https://gdpr-info.eu/art-4-gdpr/
Uplegger is responsible for the processing of personal data carried out on our website in accordance with the GDPR. You can reach us at:
Uplegger Food Company GmbH
Tel.: +49 (0)511 97 898 0
Fax: +49 (0)511 97 898 18
Uplegger has engaged an experienced partner to ensure compliance with data protection-related matters and processes. You can contact our Data Protection Officer at:
AuReTo UG (haftungsbeschränkt)
Die Hasenbreite 4
31848 Bad Münder
Telefon: +49 5043 98 70 431
Uplegger's website provides information in compliance with legal requirements, enabling quick electronic contact with our company and facilitating direct communication with us, including a general email address for electronic communication (email). If an individual contacts the data controller via email or a contact form, the personal data transmitted by the individual will be automatically stored. Such voluntarily provided personal data by an individual to the data controller will be stored for the purpose of processing or contacting the individual. These personal data will not be disclosed to third parties.
When you contact us or we come into contact with you, such as with business partners, companies, authorities, or their respective employees, the information from the contact, including the contact details you provide, will be stored for the purpose of processing the inquiry and for any follow-up questions. The processing of the data provided in the inquiry is based on Art. 6(1)(a), (b), (c), and (f) of the GDPR for the purpose of processing your request and for as long as necessary in the specific case. Afterward, your data will be deleted. If you provide us with data as a prospective customer, we will generally only process it for the purpose for which we received it.
The legal basis for processing this personal data is primarily Art. 6(1)(a) of the GDPR. You have the right to revoke your consent at any time with effect for the future by informing us. In such a case, your data will also be deleted.
To optimize our website, we use so-called cookies. A cookie is a small text file that is stored by our web server on your browser of your end device (e.g., computer, smartphone). Cookies are primarily used to make offers more user-friendly and secure, improve website performance, and display personalized advertisements.
We only use first-party cookies. We use the following categories of cookies:
Necessary Cookies (for everything to work): These cookies are essential for the basic functionality of the website and cannot be disabled in your systems.
Certain cookies are automatically deleted after the end of the browser session (Session Cookies), while others are stored in the browser for a predefined period and then deleted automatically (Persistent Cookies).
The data subject can prevent the setting of cookies by our website at any time by adjusting the settings of the internet browser used and thus permanently object to the setting of cookies. Furthermore, cookies that have already been set can be deleted at any time via an internet browser or other software programs. This is possible in all popular internet browsers. If the data subject disables the setting of cookies in the internet browser used, some functions of our website may not be fully usable.
The Uplegger website uses Matomo, an open-source software for statistical analysis of user access. Matomo uses so-called "cookies," which are text files stored on the users' computer and allow an analysis of the website's usage by users. The information generated by the cookie about the use of this website is stored on the provider's server in Germany. The IP address is anonymized immediately after processing and before storage. Users can prevent the installation of cookies by adjusting their browser software settings. However, the provider points out that in this case, users may not be able to use all functions of this website to their full extent. You can decide here whether a unique web analysis cookie may be stored in your browser to enable the operator of the website to collect and analyze various statistical data.
The Uplegger website is hosted by an external service provider.
We use the following hosting provider:
The personal data collected on this website is stored on the servers of the hosting provider with each access to the website by a data subject or an automated system. This general data and information are stored in the server's log files. The following information can be collected:
(1) Types and versions of browsers used,
(2) Operating systems used by the accessing system,
(3) Referrer websites from which the accessing system reaches our website,
(4) Subpages accessed by an accessing system on our website,
(5) Date and time of access to the website,
(6) an Internet Protocol address (IP address),
(7) the internet service provider of the accessing system, and
(8) other similar data and information used for the purpose of safeguarding our information technology systems against attacks.
When using this general data and information, Uplegger does not draw conclusions about the data subject. Instead, this information is required to:
(1) Correctly deliver the content of our website,
(2) Optimize the content of our website and the advertising for it,
(3) Ensure the permanent functionality of our information technology systems and the technology of our website, and
(4) Provide law enforcement authorities with the necessary information for prosecution in the event of a cyber attack.
These anonymously collected data and information are evaluated statistically on one hand, and on the other hand, with the aim of increasing data protection and data security in our company to ultimately ensure an optimal level of protection for the personal data we process.
The anonymous data from the server log files is stored separately from all personal data provided by a data subject.
The use of the hosting service is for the purpose of fulfilling our contract with potential and existing customers (Art. 6(1)(b) GDPR) and in the interest of securely, quickly, and efficiently providing our online offerings through a professional provider (Art. 6(1)(f) GDPR).
We have concluded a data processing agreement (DPA) with the above-mentioned provider. This is a legally required contract that ensures the provider processes the personal data of our website visitors only according to our instructions and in compliance with the GDPR.
For security reasons and to protect the transmission of confidential content, such as the inquiries you send to us as the website operator, this site uses SSL encryption. You can recognize an encrypted connection by the change in the browser's address line from "http://" to "https://" and by the padlock symbol in your browser's address bar.
On our website, we use website elements from international providers and link to various partner companies.
For a consistent display of fonts, our website uses Google Fonts provided by Google. The fonts have been locally installed, and no connection to Google servers is made.
The operator of Google is Google Ireland Limited, Gordon House Barrow Street, Dublin 4, Ireland.
Please find further information on https://www.google.de/contact/impressum.html
Operator of YouTube is Google Ireland Limited, Gordon House Barrow Street, Dublin 4, Ireland (“YouTube”).
Please find further information on https://developers.google.com/youtube/iframe_api_reference
Operator of BonMush is Bonmush Belgien, Dehemlaan 13 – 8900 Ieper
Please find further information on: https://bonmush.be/about-mush/
Operator of Darbo is Adolf Darbo Aktiengesellschaft, Austria, Dornau 18, 6135 Stans
Please find further information on: https://www.darbo.at/de/das-haus-darbo
Operator of Deli Dip is deli gourmet GmbH, Austria, Nussdorferplatz 5/9, 1190 Wien
Please find further information on: https://www.delidip.com/ueber-uns/
Operator of Friendly Viking’s is Juustoportti Food Ltd., Finnland, Meijeritie 3, FI-61600 Jalasjärvi
Please find further information on: https://www.friendlyvikings.com/about-us/
Operator of Haferkater is Haferkater GmbH, Eberswalder Straße 26, 10437 Berlin
Please find further information on: https://haferkater.com/story/
Operator of Lazy Heroes is Lazy Heroes GmbH, Schreinerstrasse 58, 10247 Berlin
Please find further information on: https://www.lazy-heroes.com/
Operator of The Coconut Collaborative is The Coconut Collaborative Ltd, UK, 16a Great Peter Street, London
Please find further information on: https://coconutcollab.de/pages/our-story
Operator of Violife is Upfield Deutschland GmbH, Postfach 10 25 27, 20017 Hamburg
Please find further information on: https://violifefoods.com/de/warum-wir/
Operator of Vivera is Vivera BV, Niederlande, Handelsweg 9. 7451 PJ Holten
Please find further information on: https://vivera.com/about-us/
Operator of Coombe Castle is Coombe Castle International, UK, The Creamery, Western Way, Melksham, SN12 8FH
Please find further information on: https://www.coombecastle.com/about-us/
Operator of Emma is Nordic Milk OÜ, Estland, Lelle tn 22, Tallinn 11318
Please find further information on: https://nordicmilk.eu/history/
Operator of Koninklije ERU is Royal ERU, Niederlande, Middellandse Zee 7, 3446 CG Woerden
Please find further information on: https://eru.eu/de/uber-uns/
Operator of Gü Desserts is Gü Indulgent Foods Limited, UK, Dunmow Road, CM23 5PA Bishops Stortford
Please find further information on: https://gudesserts.com/pages/our-story
Operator of Kri Kri is Kri Kri S.A. Griechenland, 3rd Km Serres – Drama, 62125 Serres, GRC
Please find further information on: https://www.mykrikri.de/unternehmen/
Operator of LieblingsKren is Feldbacher Fruit Partners GmbH, Austria, Europastraße 26, 8330 Feldbach
Please find further information on: https://www.lieblingskren.de/lieblings-kren/das-unternehmen.html
Operator of Little Moons is The V&H Limited, UK, 6a Willen Field Road, Park Royal, London
Please find further information on: https://littlemoons.com/de/pages/about-us
Operator of London 1856 is London 1856, UK
Please find further information on: https://www.london1856.com/de-de/heritage/
Operator of Medusa is CESARE REGNOLI & FIGLIO S.R.L., Italien, VIA SAN VITALE 42/2 - 40125 BOLOGNA
Please find further information on: https://www.medusa-regnoli.it/en/our-philosophy/
When you visit a page on our website that contains such website elements, your browser establishes a direct connection to the servers of the respective providers. By integrating these website elements, the providers are informed that your browser has accessed the corresponding page on our website, even if you do not have a profile with the respective provider or are not currently logged in. This information, including your IP address, is transmitted directly from your browser to a server of the respective provider and stored there.
Uplegger has no control over the scope of data collected by the providers through the website elements. For information regarding the purpose and scope of data collection, as well as further processing and use of the data by the providers, and your rights and privacy settings, please refer to the providers' privacy policies:
Deli Dip: https://www.delidip.com/datenschutz/
Friendly Viking’s: https://www.friendlyvikings.com/de/datenschutzerklaerung/
Lazy Heroes: https://www.lazy-heroes.com/policies/privacy-policy
Coombe Castle: https://www.coombecastle.com/privacy-policy/
Koninklije ERU: https://eru.eu/de/datenschutzerklaerung/
Kri Kri: https://www.mykrikri.de/impressum/
Little Moons: https://littlemoons.com/de/pages/privacy-policy
London 1856: https://www.london1856.com/de-de/privacy/
You would need to log out of the services provided by the respective providers if you want to prevent them from directly associating the data collected through our website with your profile on their respective platforms. Additionally, it is possible to completely prevent the loading of website elements using browser add-ons.
You have the opportunity to apply for a job or apprenticeship at Uplegger.
We process applicant data only within the scope of the application process and solely for this purpose in accordance with legal requirements. The processing of applicant data is carried out to fulfill our pre-contractual obligations in the context of the application process, as specified in Article 6(1)(b) or Article 6(1)(f) of the GDPR, and, if applicable, under additional provisions in Germany, § 26 of the BDSG.
If, within the context of the application process, applicants voluntarily disclose special categories of personal data in accordance with Article 9(1) of the GDPR (e.g., health data, such as disability status or ethnic origin), their processing will additionally comply with Article 9(2)(b) of the GDPR. If, within the context of the application process, applicants are asked for special categories of personal data in accordance with Article 9(1) of the GDPR (e.g., health data required for the exercise of the profession), their processing will additionally comply with Article 9(2)(a) of the GDPR.
Applicants can submit their applications to us via email or by postal mail. However, please note that emails are generally not encrypted, and applicants themselves are responsible for ensuring encryption. Therefore, we cannot assume any responsibility for the transmission of the application between the sender and our server.
The data provided by the applicants can be further processed for the purpose of the employment relationship in case of a successful application. Otherwise, if the application for a job offer is not successful, the applicant's data will be deleted in accordance with legal requirements. If the applicant withdraws their application, it will also be deleted in accordance with legal requirements. The deletion will take place, subject to a legitimate revocation by the applicant, after a period of no earlier than six months, so that we can answer any follow-up questions regarding the application and fulfill our obligations under the Equal Treatment Act.
The data controller processes and stores personal data of the data subject only for the period necessary to achieve the purpose of storage or as required by the European legislator or other applicable laws or regulations to which the data controller is subject.
Once the purpose of storage no longer applies, or if a storage period prescribed by the European legislator or another competent legislator expires, the personal data will be routinely blocked or deleted in accordance with legal requirements.
The General Data Protection Regulation (GDPR) guarantees you certain rights that you can assert against us, provided the legal requirements are met.
Art. 15 GDPR – Right of access by the data subject: You have the right to obtain confirmation from us as to whether or not personal data concerning you is being processed, and, where that is the case, access to the specific personal data and the details of the data processing.
Art. 16 GDPR – Right to rectification: You have the right to obtain from us without undue delay the rectification of inaccurate personal data concerning you. Taking into account the purposes of the processing, you also have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
Art. 17 GDPR – Right to erasure (‘right to be forgotten’): You have the right to request from us the erasure of personal data concerning you without undue delay.
Art. 18 GDPR – Right to restriction of processing: You have the right to request from us the restriction of processing.
Art. 20 GDPR – Right to data portability: You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format, and have the right to transmit those data to another controller without hindrance from us, where technically feasible, provided the processing is based on consent or on a contract.
Art. 21 GDPR – Right to object: You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you, which is based on legitimate interests pursued by us or for the performance of a task carried out in the public interest or in the exercise of official authority. In case of objection, we will no longer process your personal data, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or the processing is necessary for the establishment, exercise, or defense of legal claims. If we process your personal data for direct marketing purposes, you have the right to object at any time to such processing.
Art. 77 GDPR in conjunction with § 19 BDSG – Right to lodge a complaint with a supervisory authority: You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement, if you consider that the processing of your personal data infringes applicable law.
Here you can find the competent supervisory authority for Uplegger Food Company GmbH:
If you have any further questions regarding our data protection principles, please do not hesitate to contact us at firstname.lastname@example.org.