Privacy Policy

I. Name and address of the responsible person, data protection officer 

The person responsible within the meaning of the basic data protection regulation and other national data protection laws of the member states as well as other data protection regulations is the: 

Bergfreunde GmbH
Bahnhofstr. 26
72138 Kirchentellinsfurt
Germany 

Phone: +49 9134 7082262
Email: [email protected]  

Our data protection officer is: 

Mr Christian Volkmer
c/o Projekt 29 GmbH & Co. KG
Ostengasse 14
93047 Regensburg 

Email: [email protected]  

II. General information on data processing on our website 

1. Extent of processing of personal data 

We generally only collect and use our users' personal data to the extent necessary to provide a functional website and our content and services. The collection and use of our users' personal data occurs with the user's express consent. An exception applies in cases where prior consent cannot be obtained for practical reasons and the processing of the data is permitted by law.  

2. Legal basis for the processing of personal data 

If we obtain the consent of the data subject for the processing of personal data, Article 6 (1) (a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis for the processing of personal data. 

For the processing of personal data necessary to fulfill a contract to which the data subject is a party, Article 6 (1) (b) GDPR serves as the legal basis. This also applies to processing operations necessary to implement pre-contractual measures. 

To the extent that processing of personal data is necessary to fulfill a legal obligation to which our company is subject, Art. 6 (1) (c) GDPR serves as the legal basis. 

In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 (1) (d) GDPR serves as the legal basis. 

If processing is necessary to protect a legitimate interest of our company or a third party and the interests, fundamental rights and freedoms of the data subject do not outweigh the former interest, Art. 6 (1) (f) GDPR serves as the legal basis for processing.  

Storage of information in the end user's terminal equipment or access to information already stored in the end equipment is only permitted if covered by one of the following justifications: 

If the end user has consented, based on clear and comprehensive information, to the storage of information on the end user's terminal equipment or to access information already stored on the terminal equipment, Section 25 (1) TDDDDG serves as the legal basis. Consent must be given in accordance with Article 6 (1) (a) GDPR; 

If the sole purpose is to transmit a message via a public telecommunications network or if storage or access is absolutely necessary so that the provider of a telemedia service can provide a telemedia service expressly requested by the user, Section 25 Paragraph 2 Nos. 1 and 2 TDDDG serves as the legal basis. 

3. Data erasure and storage duration 

For each of the processing operations we perform, we state below how long the data will be stored by us and when it will be deleted or blocked. Unless an explicit storage period is stated below, the personal data of the data subject will be deleted or blocked as soon as the purpose for which it was stored no longer applies. Storage beyond this period may only occur if this has been provided for by European or national legislators in EU regulations, laws, or other provisions to which the controller is subject. In this case, the data will be blocked or deleted when the storage period prescribed by the aforementioned standards expires. 

4. Cooperation with processors 

As with any larger company, we also use external domestic and foreign service providers to handle our business transactions (e.g., in the areas of IT, logistics, telecommunications, sales, and marketing). These providers operate solely on our instructions and are contractually obligated to comply with data protection regulations within the meaning of Art. 28 GDPR. 

If personal data from you is passed on by us to our subsidiaries or is passed on to us by our subsidiaries (e.g. for advertising purposes), this occurs on the basis of existing order processing relationships. 

III. Provision of the website and creation of log files 

1. Description and scope of data processing 

Each time our website is accessed, our system automatically collects data and information from the computer system of the calling computer.  

The following data is collected here: 

  1. Information about the browser type and version used 
  2. The operating system of the user 
  3. The Internet service provider of the user 
  4. The IP address of the user  
  5. Date and time of access 
  6. Websites from which the system of the user comes to our website  
  7. Websites that are accessed by the user's system through our website 

The data is also stored in the log files of our system. A storage of this data together with other personal data of the user does not take place. 

2. Legal basis for data processing  

The legal basis for the temporary storage of data and log files is Art. 6 (1) (f) GDPR. 

3. Purpose of data processing 

The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user's computer. For this purpose, the user's IP address must be stored for the duration of the session. Storage in log files is done to ensure the functionality of the website. Furthermore, the data helps us optimize the website and ensure the security of our information technology systems. The data is not evaluated for marketing purposes in this context.  

These purposes also constitute our legitimate interest in data processing pursuant to Art. 6 (1) (f) GDPR. 

4. Duration of storage 

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. If the data is collected to provide the website, this is the case when the respective session ends. If the data is stored in log files, this is the case after eight weeks at the latest. Longer storage is possible. In this case, the users' IP addresses are deleted or distorted so that the accessing client can no longer be assigned. 

5. Opposition and removal possibility 

The collection of data for the provision of the website and the storage of the data in log files is essential for the operation of the website. There is consequently no contradiction on the part of the user.  

IV. Use of cookies, plug-ins and other services on our website 

a) Description and scope of data processing 

Our website uses cookies. Cookies are text files that are stored in the internet browser or by the internet browser on the user's computer system. When a user calls up a website, a cookie can be stored on the user's operating system. This cookie contains a characteristic string of characters that enables the browser to be clearly identified when the website is called up again.  

Cookies cannot run programs or transmit viruses to your computer and therefore do not cause any damage. They serve to make the Internet more user-friendly and effective, and thus more pleasant for you. 

Cookies can contain data that makes it possible to recognize the device used. In some cases, cookies only contain information about certain settings that are not personally identifiable. However, cookies cannot directly identify a user.  

The cookies used on our website are divided into transient (session) cookies, which are deleted as soon as you close your browser, and persistent (permanent) cookies, which are stored beyond the individual session. 

With regard to their function, cookies are divided into:   

  • Technically necessary cookies: These are essential to move around the website, use basic functions and ensure website security; they do not collect information about you for marketing purposes or store which websites you have visited. 
  • Performance/Tracking Cookies: These collect information about how you use our website, which pages you visit, and, for example, whether errors occur during website usage. They do not collect any information that could identify you—all information collected is anonymous and is used only to improve our website and understand what interests our users. Under these circumstances, information such as search terms entered, frequency of page views, or use of website features may be transmitted. 
  • Marketing cookies: These are used to offer website users needs-based advertising on the website or offers from third parties and to measure the effectiveness of these offers;  
  • Sharing cookies: These are used to improve the interactivity of our website with other services (e.g. social networks);  

The user data collected in the manner described above is pseudonymized using technical precautions. The data is also not stored together with other personal user data. Therefore, it is generally no longer possible for us to assign the data to the accessing user.  

When you visit our website, you will be informed about the use of cookies on our website by a cookie consent banner and, where required by law, your consent to the processing of your personal data used in this context will be obtained.  

b) Legal basis for data processing  

The legal basis for the processing of personal data using technically necessary cookies is Art. 6 (1) (f) GDPR. If the processing of the data requires the storage of information in your terminal equipment or access to information already stored in the terminal equipment, Section 25 (1) and (2) TDDDG also serves as the legal basis. 

Any other use of cookies that is not strictly necessary for technical reasons constitutes data processing, which is only permitted with the express and active consent of the user. The legal basis for the processing of personal data using cookies for analysis and advertising purposes is therefore Art. 6 (1) (a) GDPR. 

c) Purpose of the data processing 

The purpose of using technically necessary cookies is to simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies. These require that the browser be recognized even after changing pages. These purposes also constitute our legitimate interest in processing personal data pursuant to Art. 6 (1) (f) GDPR.  

The user data collected through technically necessary cookies will not be used to create user profiles.  

The use of analysis cookies, however, is intended to improve the quality of our website and its content. These analysis cookies allow us to learn how the website is used and thus continuously optimize our offerings and services.  

The use of marketing and sharing cookies enables us to display advertising content that is of interest to you via our website or third-party websites.  

d) Duration of storage, objection and disposal options 

Transient cookies are automatically deleted when you close your browser. This includes, in particular, technically necessary session cookies. These store a so-called session ID, which can be used to assign various requests from your browser to the shared session. This allows your computer to be recognized when you return to our website. Session cookies are deleted when you log out or close your browser. 

Persistent cookies, which generally include analysis and marketing cookies, are automatically deleted after a specified period of time, which can vary depending on the cookie. You can delete cookies at any time using the security settings of your browser. This means that as a user you have full control over the use of cookies. By changing the settings in your internet browser you can deactivate or restrict the transmission of cookies. Cookies that have already been stored can be deleted at any time. This can also be done automatically. However, please note that if the use of cookies is deactivated for our website you may no longer be able to use all of the website's functions to their full extent.  

e) Reference to Cookie Policy 

For more information about what kind of cookies, plug-ins and other web services are used on our website and how you can manage your cookie settings and deactivate certain types of tracking, please see our Cookie Policy.  

V. Transfer of personal data to third parties 

The following categories of recipients, who are usually processors, may have access to your personal data: 

  • Service providers for the operation of our website and the processing of data stored or transmitted by the systems (e.g. for data center services, payment processing, IT security). The legal basis for the transfer is then Art. 6 Para. 1 Clause 1 Letter b or Letter f GDPR, unless they are contract processors; 
  • State bodies/authorities, insofar as this is necessary to fulfill a legal obligation. The legal basis for the transfer is then Art. 6 Para. 1 Clause 1 Letter c of GDPR; 
  • Persons employed to carry out our business operations (e.g. auditors, banks, insurance companies, legal advisors, supervisory authorities, those involved in company acquisitions or the establishment of joint ventures). The legal basis for the transfer is then Art. 6 Para. 1 Clause 1 Letter b or Letter f of GDPR. 

In addition, we will only pass on your personal data to third parties if you have given your express consent to do so in accordance with Article 6 Paragraph 1 Sentence 1 Letter a of the GDPR. 

VI. E-mail contact 

1. Description and scope of data processing 

Contact is possible via the provided email address. In this case, in addition to the email address, the user's personal data transmitted with the email will be stored. In this context, no data will be passed on to third parties. The data will be used exclusively for processing the conversation. 

2. Legal basis for data processing  

The legal basis for the processing of data transmitted when sending an e-mail is Art. 6 (1) (f) GDPR.   

3. Purpose of data processing 

We process your personal data solely to process your contact. If you contact us by email, this also constitutes our legitimate interest in processing the data.  

4. Duration of storage 

The data will be deleted as soon as it is no longer necessary for the purpose of its collection. For the personal data sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the relevant facts have been finally clarified.  

5. Opposition and removal possibility 

The user can object to the storage of their personal data at any time. In such a case, however, the conversation cannot be continued. All personal data stored during the contact process will be deleted. 

VII. Rights of the data subject 

You can assert your rights as a data subject regarding your processed personal data at any time using the contact details provided at the beginning of A.(2). As a data subject, you have the right: 

  • to request information about your data processed by us in accordance with Art. 15 GDPR. In particular, you can request information about the purposes of processing, the category of data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data if it was not collected from us, as well as the existence of automated decision-making including profiling and, if applicable, meaningful information on its details; 
  • to immediately request the correction of inaccurate data or the completion of your data stored by us in accordance with Art. 16 GDPR; 
  • to request the deletion of your data stored by us in accordance with Art. 17 GDPR, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims; 
  • to request the restriction of the processing of your data in accordance with Art. 18 GDPR if you contest the accuracy of the data or if the processing is unlawful; 
  • pursuant to Art. 20 GDPR, to receive the data you have provided to us in a structured, common and machine-readable format or to request that it be transmitted to another controller (“data portability”); 
  • to object to processing pursuant to Art. 21 GDPR, provided that the processing is carried out on the basis of Art. 6 Paragraph 1 Clause 1 Letter e or Letter f GDPR. This is particularly the case if the processing is not necessary to fulfill a contract with you. Unless it is an objection to direct advertising, when exercising such an objection we ask you to explain the reasons why we should not process your data as we do. If your objection is justified, we will examine the situation and will either stop or adapt the data processing or show you our compelling legitimate reasons on the basis of which we continue the processing; 
  • Pursuant to Art. 7 (3) GDPR, you have the right to revoke your consent at any time – that is, your voluntary, informed, and unambiguous will, made clear by a statement or other unambiguous affirmative action, that you agree to the processing of your personal data for one or more specific purposes – if you have given such consent. This means that we may no longer continue the data processing based on this consent in the future and 
  • pursuant to Art. 77 GDPR, to complain to a data protection supervisory authority about the processing of your personal data in our company.