1. What is this data protection declaration about?

Data protection is a matter of trust, and your trust is important to us. In this data protection declaration, we therefore inform you how and for what purpose we collect, process and use your personal data.

In this data protection declaration you will find out, among other things:

  • which personal data we collect and process;
  • for what purposes we use your personal data;
  • who has access to your personal data; 
  • what benefit our data processing has for you;
  • how long we process your personal data;
  • what rights you have with regard to your personal data; and 
  • how to contact us.

We have aligned this data protection declaration to applicable local data protection laws and regulation, including, but not limited to, the European General Data Protection Regulation. The GDPR has established itself worldwide as the benchmark for strong data protection. Whether and to what extent the GDPR is applicable depends on the individual case.

2. Who is responsible for data processing?

In terms of data protection law, the company that determines whether this processing should take place, for what purposes and how it is designed is responsible for a specific data processing. In principle, SoFine Foods B.V. (“we” or “us”) is responsible for data processing in accordance with this data protection declaration. As a rule, this is the company that referred you to this data protection declaration.

The Federation of Migros Cooperatives, Limmatstrasse 152, 8005 Zurich (CHE-105.829.940) is often responsible for data processing. The Federation of Migros Cooperatives coordinates the activities of Migros and defines its strategy. The Federation of Migros Cooperatives is responsible, for example, for processing in connection with the Cumulus bonus program and the Migros Account.

The Migros Cooperative Association is affiliated with the regional Migros cooperatives, which independently operate the Migros supermarkets and hypermarkets, specialist markets, club schools, leisure facilities, restaurants and other formats of cooperative retailing under the Migros brand. If you are in direct contact with a regional Migros Cooperative, e.g. when you contact the relevant customer service or register for a Migros Club School course offered by a regional Migros Cooperative, this cooperative is usually responsible for the relevant data processing. In this case, in addition to this data protection declaration, any own data protection provisions of the regional cooperative concerned must be observed.

Regional Migros cooperatives:

  • Migros Aare Cooperative
  • Société Coopérative Migros Genève
  • Société coopérative Migros Neuchâtel-Friborg
  • Società Cooperativa fra produttori e consumatori Migros – Ticino
  • Société coopérative Migros Valais
  • Migros Basel Cooperative
  • Migros Cooperative Lucerne
  • Migros Cooperative Eastern Switzerland
  • Société Coopérative Migros Vaud
  • Migros Cooperative Zurich

In addition to the Federation of Migros Cooperatives and the regional Migros Cooperatives, the Migros Group also includes their respective subsidiaries, including in-house companies, various retail and travel companies and several foundations. If you are in direct contact with a subsidiary, this subsidiary is usually responsible for the relevant data processing. This is the case, for example, when you shop in a subsidiary’s online shop or use another service provided by a subsidiary. In this case, in addition to this data protection declaration, please also note any data protection provisions of the subsidiary in question, which you can usually find on their website.

Subsidiaries of the Federation of Migros Cooperatives and the regional Migros Cooperatives:

Various trading companies, including:

  • Migros Online SA
  • Denner AG
  • Digitec Galaxus AG
  • Ex Libris AG
  • Migrol AG
  • migrolino AG

Various industrial companies, including:

  • Aproz Sources Minérales SA
  • Bischofszell Nahrungsmittel AG
  • Delica AG
  • Elsa Estavayer Lait SA
  • Jowa AG
  • Mibelle AG
  • Micarna SA
  • Mifa AG Frenkendorf
  • Mifroma SA
  • Migros Digital Solutions AG
  • Hotelplan Holding AG
  • Medbase AG
  • Migros Bank AG

Various foundations, including:

  • Gottlieb Duttweiler Institute (GDI)
  • G. and A. Duttweiler Foundation
  • Park in the countryside

Please note that the above list is not exhaustive. Further information on the companies belonging to the Migros Group can be found in the current annual report of the Federation of Migros Cooperatives .

Several Migros Group companies can be jointly responsible for certain data processing if they have a say in the design or purpose of the data processing concerned.

3. For whom and what is this data protection declaration intended?

This data protection declaration applies to all persons whose data we process („you“ in each case), regardless of the way in which you contact us, e.g. in a branch, by telephone, in an online shop, on a website, in a App, via a social network, at an event, etc. It can be used both for processing personal data that has already been collected and of personal data that will be collected in the future.

Our data processing can particularly affect the following categories of people, insofar as we process personal data:

  • Participants in the Cumulus bonus program and holders of a Migros account;
  • Customers in our stores and online shops;
  • People who use our services or who come into contact with offers from us;
  • Users of our online offers and apps;
  • Visitors to our website;
  • Visitors to our premises;
  • People who write to us or otherwise contact us;
  • Recipients of information and marketing communications;
  • Participants in competitions and sweepstakes;
  • Participants in customer and public events;
  • Participants in market research and opinion polls and customer surveys;
  • Contact persons from our suppliers, customers and other business partners as well as from organizations and authorities;
  • Members of the Migros Cooperatives; as
  • Job applicants.

This data protection declaration applies to the processing of personal data in all of our business areas, including the Migros supermarkets and hypermarkets, the Cumulus bonus program and the associated online offers such as Famigros or Migusto, the Migros Account, the Do it + Garden specialty stores, melectronics, Micasa and SportXX, the Migros fitness formats, the iMpuls health platform, the Migipedia community platform, the Migros Club School and the Migros Culture Percentage.

This data protection declaration also applies to the activities of the subsidiaries of the Federation of Migros Cooperatives and the subsidiaries of the regional Migros Cooperatives, including the various retail and industrial companies belonging to the Migros Group. However, the companies concerned can add further information to this data protection declaration. Therefore, please also consult any additional data protection information of the company concerned, which you can usually find on its website.

Please also consult the contractual conditions for individual services (e.g. general terms and conditions, terms of use or conditions of participation). These can contain additional information about our data processing. For information on the collection and processing of personal data when using our websites, mobile apps and social media presences, in particular in connection with cookies and similar technologies, please also consult our cookie information .

4. Which personal data do we process?

„Personal data“ is information that can be associated with a specific person. We process different categories of such personal data. You will find the most important categories below for your orientation. In individual cases, however, we can also process other personal data.

In section 5 you can find out more about the origin of this data and in section 6 about the purposes for which we process this data.

4.1 Master data

Master data are the basic data about you, such as salutation, name, contact details or date of birth. We collect master data in particular when you register for one of our offers (e.g. the Cumulus bonus program) or create a customer account (e.g. a Migros account). However, we also collect master data, for example, when you take part in a competition or sweepstakes, register for a newsletter or become a member of a Migros Cooperative. We also collect master data for access controls to our events or office premises. We also collect master data from contact persons and representatives of contractual partners, organizations and authorities.

The master data includes, for example

  • Salutation, first name, surname, gender, date of birth;
  • Address, email address, telephone number and other contact details;
  • Customer numbers (e.g. the Cumulus number for participants in the Cumulus bonus program);
  • Payment information (e.g. stored means of payment, bank details, billing address);
  • Username and profile picture;
  • Information on the use of online offers (e.g. Famigros, Migusto) and subscriptions (e.g. Migros magazine);
  • Information on linked websites, social media profiles etc .;
  • Information on preferences and interests, language preferences, household size, etc.
  • Information about your relationship with us (customer, member of the cooperative, visitor, supplier, etc.);
  • Information about connected third parties (e.g. contact persons, recipients of services or representatives);
  • Settings regarding the receipt of advertising, subscribed newsletters, etc.
  • Information about your status with us (inactivity or blocking of a user account, house bans, etc.);
  • Information on participation in competitions and sweepstakes;
  • Information on participation in advertising events, sponsoring events or cultural and sporting events;
  • Official documents in which you appear (e.g. identity documents, extracts from the commercial register, permits, etc.);
  • Information on titles and functions in the company from contact persons and representatives of our business partners;
  • Date and time of registrations.

Under certain circumstances, you can log in to individual online offers with the login of a third party (e.g. Apple, Google or Facebook). In this case, we get access to certain data stored by the provider concerned, e.g. your user name, your profile picture, your date of birth, your gender and other information, the scope of which you can usually determine. You can find information on this in the data protection declaration of the provider concerned.

4.2 contract data

Contract data are personal data that arise in connection with the conclusion of the contract or the execution of the contract, e.g. information on the conclusion of the contract, acquired claims and demands or information on customer satisfaction. We mainly conclude contracts with customers, business partners and job applicants, but also with other contractual partners such as applicants for subsidies. If you use offers from us based on a contract, e.g. purchase goods or use services, we also frequently collect behavioral and transaction data (see section 4.4 ).

The contract data includes, for example, information

  • about the initiation and conclusion of contracts, e.g. date of the conclusion of the contract, information from the application process and information about the relevant contract (e.g. type and duration);
  • about the processing and administration of contracts (e.g. contact details, delivery addresses, made or failed deliveries and information about the means of payment);
  • in connection with customer service and technical assistance;
  • about our interactions with you (possibly a history with corresponding entries);
  • about claims and earned claims and benefits (e.g. Cumulus point balance and earned rewards);
  • about defects and complaints as well as adjustments to a contract;
  • on customer satisfaction, which we can collect with surveys;
  • on financial matters such as determining creditworthiness (ie information that allows conclusions to be drawn about the probability that claims will be paid), reminders, collection and enforcement of claims;
  • in connection with a job application, e.g. curriculum vitae, references, qualifications, certificates, meeting notes, etc. (which may also contain personal data of third parties);
  • in connection with a funding application, e.g. information about your project and other participants;
  • to interactions with you as a contact person or representative of a business partner;
  • in connection with security reviews and other reviews with a view to entering into a business relationship.

4.3 Communication data

If you are in contact with us or we are in contact with you, e.g. when you contact a customer service or when you write or call us, we process the exchanged communication content and information about the type, time and place of communication. In certain situations we can also ask you for proof of identity for identification.

Communication data are e.g.

  • Name and contact details such as postal address, email address and telephone number;
  • Content of e-mails, written correspondence, chat messages, social media posts, comments on a website, telephone calls, video conferences etc .;
  • Responses to customer and satisfaction surveys;
  • Information on the type, time and possibly place of communication;
  • Proof of identity such as copies of official IDs;
  • Edge data of communication.

Telephone and video conference calls with us can be recorded; We will inform you about this at the beginning of the conversation. If you do not want us to record up such conversations, you have the option at any time to break off the conversation and contact us in another way (e.g. by e-mail).

4.4 Behavioral and Transaction Data

When you shop with us, use our offers and infrastructure or make use of our services, we often collect data about this use and your behavior in general. This is the case, for example, when you shop with us using your Cumulus number or in an online shop or when you use our websites and apps. If you take part in the Cumulus Bonus Program, this personal data can not only concern you, but also other Cumulus participants, eg your family members.

The behavioral and transaction data include, for example, the following information, insofar as it is available to us personally:

  • about your behavior with your purchases (e.g. where, how often, what and at what prices you shop as well as the type of payment method and the selected delivery method);
  • about your behavior in online shops (ordered and abandoned shopping cart, wish lists, viewed articles, search terms and results, submitted ratings and comments, etc.);
  • about attending events or using leisure activities (e.g. date, location and type of event or use);
  • about participation in competitions, sweepstakes and similar events;
  • about your behavior on websites;
  • about the installation and use of mobile apps;
  • about your use of electronic communications (e.g. whether and when you opened an email or clicked a link);
  • about your use of our Wi-Fi networks (e.g. date, time and duration of the connection, location of the Wi-Fi network and data volume).

You can also use many of our offers anonymously. For example, you can shop in our branches without giving your Cumulus number. It is also often possible to use the offer online without an account. If you have an account, behavior and transaction data can also be assigned to your profile if you are not logged in at the time of visiting the website or using the app.

4.5 Preference data

We want to tailor our offers and services to our customers in the best possible way. We therefore also process data relating to your interests and preferences. To do this, we can link behavior and transaction data with other data and evaluate this data in a personal and non-personal manner. This enables us to draw conclusions about properties, preferences and likely behavior, e.g. your preferences and affinities for certain products and services.

In particular, we can form segments (permanently or on a case-by-case basis), i.e. groups of people who have similarities with regard to certain properties. Preference data can be used personally (e.g. to show you advertisements that interest you or to send you relevant discount coupons), but also non-personal (e.g. for market research or product development).

Further information on profiling in this context can be found in section 11 .

4.6 Technical data

When you use our websites, our apps, our Wi-Fi networks or other electronic offers, we collect certain technical data such as your IP address or a device ID. The technical data also includes the logs in which we record the use of our systems (log data). In some cases, we can also assign a unique identification number (an ID) to your device (tablet, PC, smartphone, etc.), e.g. using cookies or similar technologies, so that we can recognize it. You can find more information about this in our cookie information .

On the basis of technical data, behavioral data in particular can also be collected, i.e. information about your use of websites and mobile apps (see section 4.4 ). As a rule, however, we cannot infer who you are from technical data, unless you, for example, create a customer account or register. In this case we can combine technical data with master data – and thus with your person.

The technical data include, among others

  • the IP address of your device and other device IDs (e.g. MAC address);
  • Identification numbers assigned to your device by cookies and similar technologies (e.g. pixel tags);
  • Information about your device and its configuration, e.g. operating system or language settings;
  • Information on the browser with which you access the offer and its configuration;
  • Information about your movements and actions on our websites and in our apps;
  • Information about your internet provider;
  • Your approximate location and time of use;
  • system-side records of accesses and other processes (log data).

This technical data does not in itself allow us to draw any conclusions about your identity. In the context of user accounts, registrations, the processing of contracts or evaluations for preference data, however, they can be linked to other data categories – and thus, if necessary, to your person.

Please also note our cookie information for processing technical data .

4.7 Image and sound recordings

We regularly take photos, videos and sound recordings in or on which you can appear, for example when you are attending an event, have contact with our customer service or seek advice via video conference. For security and evidence purposes, we also make video recordings in our shops and on our other premises. We may receive information about your behavior in the relevant areas. The use of video surveillance systems is localized and marked.

Image and sound recordings include, for example:

  • Video surveillance system recordings;
  • Photos, videos and sound recordings from customer events and public events (e.g. advertising events, sponsoring events or cultural and sporting events);
  • Photos, videos and sound recordings from courses, presentations, training courses etc .;
  • Recordings of telephone and video conference calls (e.g. in customer service or customer advice).

5. Where do the personal data come from?

5.1 Data provided

You often provide us with personal data yourself, e.g. when you transmit data to us or communicate with us. In particular, you usually provide us with master, contract and communication data yourself. You also often give us preference data yourself.

For example, you provide us with personal data yourself in the following cases:

  • You create a Migros account or register for the Cumulus bonus program;
  • You create a user account in an online shop or another online offer;
  • You take part in a sweepstakes or a competition;
  • You take out a fitness subscription in one of our fitness parks;
  • You register for a course at the Migros Club School;
  • You contact the M-Infoline or another customer service;
  • You register for Migusto and record your eating habits and cooking preferences.

The provision of personal data is usually voluntary, ie you are usually not obliged to provide us with personal data. However, we must collect and process the personal data that is necessary or required by law for the processing of a contractual relationship and the fulfillment of related obligations, e.g. mandatory master and contract data. Otherwise we cannot conclude or continue the relevant contract.

If you provide us with data about other people (e.g. family members), we assume that you are authorized to do so and that this data is correct. Please also ensure that these other persons have been informed of this data protection declaration.

5.2 Data Collected

We can also collect personal data about you ourselves or automatically, e.g. when you shop with us, use our offers or use our services. This is often behavioral and transactional data as well as technical data.

For example, we independently collect personal data about you in the following cases:

  • You shop in one of our branches or from one of our collection partners and enter your Cumulus card or the associated code;
  • You order a product in one of our online shops;
  • You use a self-scanning or self-checkout offer and, when shopping in one of our branches, scan products yourself with a hand scanner, at the station or with your smartphone;
  • You visit one of our websites (e.g. migros.ch) or use one of our apps (e.g. the Migros app);
  • You click on a link in one of our newsletters or otherwise interact with one of our electronic advertising communications.

We can also derive personal data from already existing personal data, e.g. by evaluating behavioral and transaction data. Such derived personal data is often preference data.

For example, we can analyze the behavioral and transaction data generated when shopping in our stores and online shops and, based on this, make assumptions about your personal interests, preferences, affinities and habits. This enables us, for example, to tailor our offers and information to your individual needs and interests. For example, as part of the Cumulus bonus program, we can send you an individual selection of discount coupons that are relevant to you. You will find further information on behavior and transaction data in section 4.4 and on profiling in this context in section 11 .

5.3 Data Received

We can also receive personal data from other Migros Group companies. You will find further information on this under Section 8 . However, we may also receive information about you from other third parties, e.g. from companies we work with, from people who communicate with us, or from public sources.

For example, we may receive information about you from the following third parties:

  • from cooperation partners, e.g. partners of the Cumulus bonus program such as collecting or redeeming partners;
  • from your employer and work colleagues in connection with a job application and their professional functions;
  • from third parties when correspondence and meetings concern you;
  • from people around you (family members, legal representatives, etc.), e.g. your address for deliveries, references or powers of attorney;
  • from credit agencies, e.g. when we obtain credit information;
  • from postal services and from address dealers, e.g. for address updates;
  • from banks, insurance companies, distributors and other contractual partners for purchases and payments;
  • from providers of online services, for example providers of Internet analysis services;
  • of information services to comply with legal requirements such as anti-money laundering and export restrictions;
  • by authorities, parties and other third parties in connection with official and judicial proceedings;
  • from media watch companies in connection with articles and reports in which you appear;
  • from public registers such as the debt enforcement or commercial register, from public bodies such as the Federal Statistical Office, from the media or from the Internet.

6. For what purposes do we process personal data?

6.1 Communication

We would like to stay in contact with you and respond to your individual concerns. We therefore process personal data for communication with you, e.g. answering inquiries and customer care. For this purpose, we use communication and master data in particular and, insofar as the communication relates to a contract, also contract data. We can also personalize the content and timing of messages based on behavior, transaction and preference data and other data.

The purpose of the communication includes in particular:

  • answering inquiries;
  • contacting you with any questions;
  • customer service and customer care;
  • communication related to product recalls (e.g. we can contact you directly if we know that you have purchased a product that is subject to a recall);
  • the authentication, e.g. when using our online offers;
  • quality assurance and training;
  • all other processing purposes, insofar as we communicate with you for this (e.g. contract processing, information and direct advertising).

6.2 Contract processing

We want to offer you the best possible service. We therefore process personal data in connection with the initiation, administration and processing of contractual relationships, e.g. to deliver an order, provide a service, implement a loyalty or bonus program or organize a competition. The contract processing also includes any agreed personalization of services. In particular, we use master data, contract data, communication data, behavior and transaction data and preference data.

The purpose of contract processing generally includes everything that is necessary or expedient in order to conclude, carry out and, if necessary, enforce a contract. 

This includes, for example, processing:

  • to decide whether and how (e.g. with which payment options) we will enter into a contract with you (including the credit check);
  • to provide contractually agreed services, e.g. deliver goods, provide services and provide functions (including personalized service components);
  • to provide customer service and to measure customer satisfaction;
  • to implement and manage loyalty and bonus programs (e.g. the Cumulus bonus program), e.g. to settle and credit acquired claims and benefits (e.g. Cumulus points);
  • to determine, notify and, if necessary, publish the winners of competitions and sweepstakes;
  • to bill for our services and generally for bookkeeping;
  • to plan and prepare the provision of our services, e.g. scheduling our employees;
  • to check funding applications and, if necessary, to process them and to evaluate how we can support the implementation of the project;
  • to check the suitability of job applicants and, if necessary, to prepare and conclude the employment contract;
  • to check whether we want to and can work with a company, as well as to monitor and assess its performance;
  • to prepare and process corporate transactions, e.g. company acquisitions, sales and mergers;
  • to enforce legal claims from contracts (debt collection, court proceedings, etc.);
  • to manage and operate our IT and other resources;
  • to store data within the framework of retention requirements;
  • to terminate and terminate contracts.

6.3 Information and Marketing

We would like to make you attractive offers. We therefore process personal data to maintain relationships and for marketing purposes, e.g. to send you written and electronic communications and offers and to carry out marketing campaigns. These can be our own offers or offers from other companies in the Migros Group or from advertising partners. Messages and offers can also be personalized in order to only send you information that is likely to be of interest to you. For this purpose, we use in particular master, contract, communication, behavior and transaction data as well as preference data, but also image and sound recordings.

This can be, for example, the following notifications and offers:

  • Newsletters, promotional emails, in-app messages and other electronic messages;
  • Advertising brochures, magazines and other printed matter;
  • Advertising messages and spots on screens and other advertising space;
  • Delivery of vouchers;
  • Invitations to events, sweepstakes and competitions.

Unless we separately ask for your consent to contact you for marketing purposes, you can refuse such contacts at any time (see section 15 ). In the case of newsletters and other electronic communications, you can usually unsubscribe from the relevant service using an unsubscribe link integrated in the message.

The personalization of our communications enables us to tailor information to your individual needs and interests and, if possible, to only make you offers that are relevant to you. For example, as part of the Cumulus bonus program, we can provide you with an individual selection of discount coupons that are relevant to you or show you online content tailored to your needs. Further information on profiling in this context can be found in section 11 .

6.4 Market Research and Product Development

We would like to continuously improve our offers and make them more attractive for you. We therefore process personal data for market research and product development. To this end, we process in particular master, behavior, transaction and preference data, but also communication data and information from customer surveys, surveys and studies and other information, e.g. from the media, the Internet and other public sources. As far as possible, we use pseudonymised or anonymised information for these purposes.

Market research and product development include in particular:

  • conducting customer surveys, surveys and studies;
  • the further development of our offers (e.g. design of the range, choice of location, pricing and action planning, etc.);
  • the assessment and improvement of the acceptance of our offers and our communication in connection with offers;
  • the optimization and improvement of the user-friendliness of websites and apps;
  • the development and testing of new offers;
  • reviewing and improving our internal processes;
  • the education and training of our employees;
  • statistical evaluations, e.g. to evaluate information on interactions between our customers and us on a non-personal basis;
  • the assessment of the supply situation in a certain market and the behavior of our competitors;
  • the market observation, e.g. to understand current developments and trends and to react to them.

6.5 Security and Prevention

We want to guarantee your and our safety and prevent misuse. We therefore also process personal data for security purposes, to guarantee IT security, to prevent theft, fraud and abuse and for evidence purposes. This can affect all of the personal data categories mentioned in section 4 , in particular behavior and transaction data as well as image and sound recordings. We can collect, evaluate and save this data for the purposes mentioned.

The purpose of safety and prevention includes, for example:

  • the production and evaluation (manual and automatic) of video recordings for the detection and prosecution of criminal acts;
  • carrying out spot checks to check the correct registration and payment of goods;
  • the issuing of house bans and the administration of house banned lists;
  • analyzing behavioral and transactional data to identify suspicious behavior and fraudulent activity;
  • the evaluation of system records of the use of our systems (log data);
  • preventing, repelling and investigating cyber attacks and malware attacks;
  • Analyzes and tests of our networks and IT infrastructures as well as system and error checks;
  • Control of access to electronic systems (e.g. logins for user accounts);
  • physical access controls (e.g. access to office space)
  • Documentation purposes and creation of backup copies.

For the purpose of security and prevention, we can in particular also automatically evaluate video recordings. In a specific case of suspicion, we can, for example, define a combination of features (such as clothing or body size) and automatically search for this combination of features in existing video recordings of a certain period of time. This enables us to evaluate video recordings more efficiently and thus supports us in the investigation of criminal acts. In this context, however, we neither analyze biometric data (e.g. face recognition) nor do we automatically evaluate behavioral patterns or similar analyzes.

6.6 Compliance with Legal Requirements

We want to create the conditions for compliance with legal requirements. We therefore also process personal data in order to comply with legal obligations and to prevent and detect violations. This includes, for example, the receipt and processing of complaints and other reports, compliance with orders from a court or an authority as well as measures to detect and clarify abuses. This can affect all of the personal data categories mentioned in section 4 .

Compliance with legal requirements includes in particular:

  • the protection of minors and minors, e.g. the enforcement of age limits for the purchase of alcohol;
  • the implementation of health and protection concepts;
  • Clarifications about business partners;
  • the receipt and processing of complaints and other reports;
  • conducting internal investigations;
  • ensuring compliance and risk management;
  • the disclosure of information and documents to authorities if we have an objective reason to do so or if we are legally obliged to do so;
  • participation in external investigations, e.g. by a law enforcement or supervisory authority;
  • ensuring the legally required data security;
  • looking after our members of the cooperative and other investors in order to fulfill our obligations in this regard;
  • the fulfillment of information, information or reporting obligations, e.g. in connection with supervisory and tax law obligations, e.g. archiving obligations and for the prevention, detection and clarification of criminal offenses and other violations;
  • the legally regulated fight against money laundering and the financing of terrorism.  

In all cases it can be Swiss law, but also other local laws and regulations to which we are subject, as well as self-regulation, industry and other standards, our own corporate governance or official instructions.

6.7 Legal observance

We want to be able to enforce our claims and defend ourselves against claims of others. We therefore also process personal data in order to protect the law, e.g. to enforce claims in court, before or out of court and before authorities in Switzerland and other countries or to defend ourselves against claims. Depending on the constellation, we process different personal data, e.g. contact details and information about processes that have given rise to or could give rise to a dispute.

The purpose of safeguarding the law includes in particular:

  • the clarification and enforcement of our claims, which may also include claims from companies affiliated with us and our contractual and business partners;
  • the defense against claims against us, our employees, companies affiliated with us and against our contractual and business partners;
  • the clarification of process prospects and other legal, economic and other questions;
  • participation in proceedings before courts and authorities at home and abroad. For example, we can secure evidence, clarify process prospects or submit documents to an authority. Authorities may also ask us to disclose documents and data carriers that contain personal data.

6.8 In-group administration and support

We want to make our internal processes efficient. We therefore process personal data for our group-internal administration. For this purpose, we process in particular master data, contract data and technical data, but also behavior and transaction data and communication data.

The group-internal administration includes in particular:

  • the management and administration of the membership register of the Migros cooperative members;
  • management of IT and real estate;
  • the accounting;
  • the archiving of data and the management of our archives;
  • the training and education, e.g. when we evaluate recordings of telephone, video or other communications;
  • the central storage and management of data used by several Migros Group companies;
  • the review or execution of corporate law transactions such as company acquisitions, sales and mergers;
  • forwarding inquiries to the responsible bodies, e.g. if you send an inquiry to a Migros company that concerns another company;
  • the sale of receivables, in which we provide the purchaser, for example, with information about the reason and amount of the receivable and, if applicable, the creditworthiness and behavior of the debtor;
  • generally checking and improving internal processes.

Like every group of companies, the Migros Group also has an overall interest in the successful business activities of the group companies, and our group companies for their part have an interest in their own activities and their own processing purposes. We can therefore also disclose personal data to other Migros Group companies in order to support their own processing purposes in accordance with this data protection declaration in the overall interest of the Migros Group. You will find further information on this under Section 8 .

7. What are the legal bases on which we process personal data?

Depending on the purpose of the data processing, our processing of personal data is based on different legal bases. We can process personal data in particular if the processing:

  • is necessary for the performance of a contract with the data subject or for pre-contractual measures (e.g. examining a contract application);
  • is necessary for the safeguarding of legitimate interests;
  • is based on consent;
  • is necessary to comply with domestic or foreign legal provisions.

We have a legitimate interest, in particular, in processing for the purposes described in Section 6 above and in the disclosure of data in accordance with Section 8 and the associated goals. The legitimate interests include our own interests and those of third parties.

These legitimate interests include, for example, interest

  • To deliver products and services to third parties (e.g. to gift recipients);
  • good customer service, maintaining contacts and communicating with customers outside of a contract;
  • in advertising and marketing activities;
  • get to know our customers and other people better;
  • Improve products and services and develop new ones;
  • in the group-internal administration and group-internal traffic, which is necessary in a group with a division of labor;
  • in the mutual support of the group companies in their activities and goals;
  • in the fight against fraud, e.g. in online shops, and the prevention and investigation of offenses;
  • the protection of customers, employees and other people and data, secrets and assets of the Migros Group;
  • in ensuring IT security, especially in connection with the use of websites, apps and other IT infrastructure;
  • the guarantee and organization of business operations, including the operation and further development of websites and other systems;
  • in corporate governance and development;
  • on the sale or purchase of companies, parts of companies and other assets;
  • in the enforcement or defense of legal claims;
  • compliance with Swiss and other local laws and regulations as well as internal rules.

8. Who do we pass on personal data to?

8.1 Within the Migros community

We can pass on personal data that we receive from you or from third-party sources to other companies in the Migros Group. A transfer can be used for the group-internal administration or the support of the group companies concerned and their own processing purposes ( section 6 ), for example if we are the personalization of marketing activities, the development and improvement of products and services, the implementation of credit checks or efforts to prevent theft. Support fraud and abuse prevention. The personal data received can, if necessary, be compared and linked with existing personal data by the group company concerned. 

This can be, for example, the following data disclosures:

  • All of the personal data categories mentioned in section 4 for the management and processing of contractual relationships, in particular in connection with products and services that include the performance of several group companies;
  • Master data, contract data, communication data, behavior and transaction data as well as preference data, as well as findings from customer surveys, surveys, studies as well as image and sound recordings for market research and product development, insofar as a personal reference of such data is necessary;
  • Master data, contract data, communication data, behavior and transaction data, preference data as well as image and sound recordings for the delivery and personalization of offers, communication and marketing activities;
  • Master data, contract data, communication data, behavior and transaction data as well as preference data for fraud and abuse prevention as well as for credit checks (e.g. in connection with a purchase on account);
  • Master data, behavior and transaction data as well as image and sound recordings for theft prevention and for evidential purposes;
  • Security-related information for security purposes and compliance with legal requirements;
  • Information on support with legal compliance.

For example, if you contact us with a question about a product, we may pass this information on to the manufacturing company of Migros‘ own industry for the purpose of product and quality improvement. For example, data is also passed on to other group companies so that you can use the Migros account as a central user account for several digital Migros services without having to register again. Even if you participate in the Cumulus bonus program and use the Migros Online Shop, we pass on behavior, transaction and preference data in connection with your branch purchases to Migros Online SA, for example so that you can see those products and offers in the Migros Online Shop that you shop often or that are likely to be particularly relevant to you.

You can find more information about the companies belonging to the Migros Group in section 2 .

8.2 Outside the Migros community

We can pass on your personal data to companies outside the Migros Group if we use their services. As a rule, these service providers process personal data on our behalf as so-called „order processors“. Our order processors are obliged to process personal data exclusively in accordance with our instructions and to take suitable data security measures. Certain service providers are jointly or independently responsible with us (e.g. debt collection agencies). By selecting the service provider and through suitable contractual agreements, we ensure that data protection is ensured during the entire processing of your personal data.

This includes services in the following areas, for example:

  • Forwarding and logistics, e.g. for the dispatch of ordered goods;
  • Advertising and marketing services, e.g. for sending messages and information;
  • Business administration, e.g. bookkeeping or asset management;
  • Payment services;
  • Credit information, e.g. if you want to make a purchase on account;
  • Debt collection services;
  • IT services, e.g. services in the areas of data storage (hosting), cloud services, sending e-mail newsletters, data analysis and processing, etc .;
  • Consulting services, e.g. services from tax consultants, lawyers, management consultants or consultants in the field of personnel recruitment and placement.

In individual cases it is also possible that we pass on personal data to other third parties for their own purposes, e.g. if you have given us your consent or if we are legally obliged or authorized to pass it on. In these cases, the recipient of the data is the person responsible in terms of data protection law.

These include, for example, the following cases:

  • the transfer of claims to other companies such as debt collection agencies;
  • the review or execution of corporate law transactions such as company acquisitions, sales and mergers;
  • the disclosure of personal data to courts and authorities in Switzerland and other countries, e.g. to law enforcement authorities in the event of suspected criminal acts;
  • the processing of personal data in order to comply with a court order or official order or to assert or defend against legal claims or if we consider it necessary for other legal reasons. We can also disclose personal data to other parties involved in the procedure.

Please also note our cookie information  on independent data collection by third-party providers whose tools we have integrated into our websites and apps.

Unless a special professional secret (e.g. bank, pharmacist or doctor’s secret) is applicable in individual cases, we are not subject to any professional confidentiality. Please let us know in individual cases if you are of the opinion that certain personal data are subject to confidentiality so that we can examine your request.

9. How do we disclose personal data abroad?

We process and store personal data mostly in Switzerland and in the European Economic Area (EEA). In certain cases, however, we can also disclose personal data to service providers and other recipients (see section 8 ) who are located outside this area or who process personal data outside this area, in principle in any country in the world. The countries concerned may not have laws that protect your personal data to the same extent as in Switzerland or the EEA. If we transfer your personal data to such a country, we will ensure the protection of your personal data in an appropriate manner.

One means of ensuring adequate data protection is, for example, the conclusion of data transfer agreements with the recipients of your personal data in third countries, which ensure the necessary data protection. This includes contracts that have been approved, issued or recognized by the European Commission and the Federal Data Protection and Information Commissioner, so-called standard contractual clauses. You can find an example of the data transfer contracts we usually use  here. Please note that such contractual precautions partially compensate for a weaker or missing legal protection, but cannot completely exclude all risks (e.g. from government access abroad). In exceptional cases, the transfer to countries without adequate protection may also be permitted in other cases, e.g. based on consent, in connection with legal proceedings abroad or if the transfer is necessary for the execution of a contract.

10. How do we process sensitive personal data?

Certain types of personal data are considered to be “particularly worthy of protection” under data protection law, eg information on health and biometric features. Depending on the constellation, the in section 4The categories of personal data mentioned above also include such particularly sensitive personal data. As a rule, however, we only process sensitive personal data if it is necessary for the provision of a service, if you have given us this data yourself or if you have consented to the processing. We can also process particularly sensitive personal data if this is necessary to safeguard the law or to comply with domestic or foreign legal provisions, if the relevant data has obviously been made public by the person concerned or if the applicable law otherwise permits its processing.

We can process sensitive personal data, for example, in the following cases:

  • You register for Migusto and provide information on allergies and intolerances;
  • You use the iMpuls Coach on our iMpuls health platform to achieve your individual health goal;
  • You report health complaints to us after consuming or using or applying a product;
  • You are purchasing a medical device covered by health insurance and requesting a reimbursement receipt;
  • You want to order an alcoholic drink in an online shop and you are carrying out a digital age verification;
  • You train in a fitness park and seek advice or use intelligent fitness equipment;
  • You book a package tour and provide information on intolerances, allergies or dietary regulations observed for religious reasons;
  • You will carry out a foot analysis and get advice on the right running shoes;
  • You apply for a vacancy and provide information about your health, union membership or previous convictions and criminal measures.

Personal data of children also deserve special protection. We therefore generally do not process the personal data of children, and if it is nevertheless necessary, we ensure that this data is given special protection. In addition, we usually ask the parents or legal representatives for their consent if we knowingly process personal data of children based on consent. If consent has been given for a child by his or her parents or legal representative, the adult is free to revoke this consent later.

For example, we can process children’s personal data in the following situations:

  • You organize a supervised children’s birthday party for your child in a Migros restaurant and give us the names of the participating children;
  • You use childcare in a shopping center and we collect the name of your child and your contact details in this context;
  • You take part in the Famigros family club and record the name and date of birth of your children in order to benefit from Famigros benefits and birthday surprises.

11. How do we use profiling?

“Profiling” means the automated processing of personal data in order to analyze personal aspects or to make prognoses, e.g. the analysis of personal interests, preferences, affinities and habits or the prognosis of probable behavior. In particular, preference data can be derived using profiling (further information can be found in section 4.5 ).

Profiling is a common process, e.g. in automated processing

  • of master, contract, behavior and transaction data when making purchases in our stores and online shops;
  • of behavior and transaction data as well as technical data in connection with our websites and apps;
  • of information in connection with attending events, using leisure facilities and participating in competitions, sweepstakes and similar events;
  • of communication data, e.g. your reaction to advertising and other communications;
  • from other behavioral and transactional data.
  • Profiling helps us, for example,
  • to continuously improve our offers and better tailor them to individual needs;
  • To present our content and offers to you as required;
  • If possible, only send you advertising and offers that are likely to be relevant to you;
  • To better assist you with customer service;
  • to decide on the basis of a credit check which payment options are available.

We carry out profiling, for example in connection with the Cumulus bonus program by evaluating your shopping behavior and, based on this, assigning you to specific customer segments. These are groups of people who have similarities in terms of certain characteristics. Such customer segments can be formed permanently or on a case-by-case basis and can relate, for example, to the phase of life or the motive to buy. This profiling enables us, for example, to send you relevant discount coupons. If, for example, you frequently buy sustainable products from us, you will increasingly receive discount coupons and offers for Migros Bio and other sustainable products. We can also draw your attention to offers from your main branch if we know your preferred branch. Or we can prevent you from receiving discount coupons for meat products if we can assume that

Profiling also takes place in connection with the Migros account , for example by evaluating your usage and shopping behavior in our online shops as well as on our websites and apps, for example in order to offer you an individual user experience and offers tailored to your interests and preferences submit to.

In order to improve the quality of our analyzes and forecasts, we can also link personal data from different sources as a basis for profiling, e.g. data collected offline and online as well as data collected via various of our services or data that we collect from other Migros Group companies obtain.

If you do not want us to analyze personal aspects or make prognoses, you can forego the participation in the Cumulus bonus program or make your purchases without using the Cumulus card and refrain from creating a Migros account and registering for other services. In certain cases, you can also  object to profiling as described in  section 15 .

12. Do we make automated individual decisions?

“Automated individual decisions” are decisions that are fully automated, ie without human influence, and that have legal consequences for the person concerned or that significantly affect them in other ways. As a rule, we do not do this, but we will inform you separately if we use automated individual decisions in individual cases. You then have the option of having someone review the decision if you disagree with them.

13. How do we protect personal data?

We take appropriate security measures of a technical and organizational nature to maintain the security of your personal data, to protect it against unauthorized or unlawful processing and to counteract the risk of loss, unintentional change, unwanted disclosure or unauthorized access. Like all companies, however, we cannot rule out data security breaches with absolute certainty; certain residual risks are unavoidable.

The security measures of a technical nature include, for example, the encryption and pseudonymization of data, logging, access restrictions and the storage of security copies. Security measures of an organizational nature include, for example, instructions to our employees, confidentiality agreements and controls. We also oblige our order processors to take appropriate technical and organizational security measures.

14. How long do we process personal data?

We process and save your personal data,

  • as long as it is necessary for the purpose of processing or for purposes compatible with it, in the case of contracts usually at least for the duration of the contractual relationship;
  • as long as we have a legitimate interest in the storage. This can be the case in particular if we need personal data to enforce or defend against claims, for archiving purposes and to guarantee IT security;
  • as long as they are subject to a statutory retention requirement. For example, a ten-year retention period applies to certain data. For other data, shorter retention periods apply, e.g. for recordings from video surveillance or for recordings of certain processes on the Internet (log data).

In certain cases, we also ask for your consent if we want to store personal data for a longer period (e.g. for job applications that we want to keep pending). After the specified deadlines have expired, we will delete or anonymize your personal data.

For example, we are guided by the following retention periods, although we can deviate from them in individual cases:

  • Cumulus bonus program: transaction data (purchase data) are kept for a maximum of ten years. The master and contact data as well as the Cumulus number are deleted or anonymized after two years of inactivity. A deletion or anonymization of this data takes place in the event of a cancellation of the Cumulus membership or a deletion request.
  • Migros Account: The personal data is saved for the duration of the account. If a deletion of the account is requested, the data will be deleted within 30 days. If the account is deactivated (e.g. in the event of inactivity or blocking due to misuse), the data will be deleted for a maximum of 24 months.  
  • Contracts: We usually keep master and contract data for ten years from the last contract activity or from the end of the contract. However, this period can be longer if this is necessary for reasons of evidence, due to legal or contractual requirements or for technical reasons. Transaction data related to contracts are usually retained for ten years.
  • Technical data: We usually keep log data for six months. The storage duration of cookies is usually between a few days and two years, provided they are not deleted immediately after the end of the session.
  • Communication data: E-mails, messages via the contact form and written correspondence will in general be kept for two years, unless it is necessary to keep it longer, for example due to a specific statutory retention period.
  • Image and sound recordings: The retention period varies depending on the purpose. This ranges from a few days for recordings by security cameras to several years for reports on events with pictures.
  • Cooperative members: The storage of cooperative member data is carried out in accordance with company law requirements, usually at least for the duration of membership.
  • Job applications : If you have applied for one of our jobs, but you have unfortunately been rejected or the vacancy has already been filled, we will delete your application data after four weeks. With your consent, we will keep your application pending with a view to possible future employment for a maximum of one year.

15. What rights do you have in connection with the processing of your personal data?

You have the right to object to data processing, especially if we are processing your personal data on the basis of a legitimate interest and the other applicable requirements are met. You can also object to data processing in connection with direct marketing (e.g. advertising e-mails) at any time. This also applies to profiling insofar as this is related to such direct marketing.

Insofar as the applicable requirements are met and no statutory exceptions are applicable, you also have the following rights:

  • the right to request information about your personal data stored by us;
  • the right to have incorrect or incomplete personal data corrected;
  • the right to request the deletion or anonymization of your personal data;
  • the right to request that the processing of your personal data be restricted;
  • the right to receive certain personal data in a structured, commonly used and machine-readable format;
  • the right to revoke a consent with effect for the future, provided that processing is based on consent. 

Please note that these rights may be restricted or excluded in individual cases, e.g. if there are doubts about the identity or if this is necessary to protect other people, to safeguard interests worthy of protection or to comply with legal obligations.

You can exercise the most important of the above-mentioned rights via our  web form . You can deactivate the receipt of certain offers and information at any time in your Migros account . You can also unsubscribe from newsletters and other advertising e-mails by clicking on the corresponding link at the end of the e-mail. You can also  contact us in accordance with Section 16 if you want to exercise one of your rights or if you have any questions about the processing of your personal data.

You are also free to lodge a complaint with a competent supervisory authority if you have concerns as to whether the processing of your personal data is legally compliant.

  • The responsible supervisory authority in Switzerland is the  Federal Data Protection and Information Commissioner (FDPIC) .
  • The responsible supervisory authority in the Principality of Liechtenstein is the  Data Protection Office of the Principality of Liechtenstein .
  • The responsible supervisory authority in the Netherlands is the Dutch Data Protection Authority.

 

16. How can you contact us?

If you have any questions about this data protection declaration or the processing of your personal data, you can contact the responsible company using the contact details listed on its website.

You can also contact us as follows:

SoFine Foods B.V.

Sperwerweg 11

6374AG Landgraaf

info@sofine.eu
045 569 7940

You can also contact our data protection officer or our representative in the European Union or in the European Economic Area:

  • Data protection officer: Federation of Migros Cooperatives, data protection officer, c / o Legal & Compliance, Limmatstrasse 152, 8005 Zurich,  privacy@mgb.ch
  • EU / EEA representative: VGS Datenschutzpartner UG, Am Kaiserkai 69, 20457 Hamburg, Germany

17. Changes to this data protection declaration

This data protection declaration can be adjusted over time, especially if we change our data processing or if new legal provisions apply. We actively inform people whose contact details are registered with us about such changes in the event of significant changes, if this is possible without disproportionate effort. In general, the data protection declaration in the version valid at the start of the relevant processing applies to data processing.

Version 3.0.NL / November 2021 ( previous version 3.0 / August 2021 )

Cookie information

Why is?

This cookie information describes how and for what purpose we collect, process and use personal and other data when using our websites and mobile apps – especially in connection with cookies and similar technologies. In the following, for the sake of simplicity, we speak of websites in general, but also mean mobile apps.

Further information on how we handle personal data can be found in our data protection declaration .


Who is responsible for data processing?

A company in the Migros Group (“we” or “us”) is generally responsible under data protection law for processing personal data based on this cookie information. Usually this is the company that made you aware of this cookie information. If you have any questions about this cookie information or the processing of your personal data, you can contact the company responsible in each case. You can also contact us as follows:

SoFine Foods B.V.

Sperwerweg 11

6374AG Landgraaf

info@sofine.eu

045 569 7940


 

 

What is log data?

For technical reasons, each time our website is used, certain data is automatically generated that is temporarily stored in log files, the so-called log data. It concerns, for example, the following technical data:

  • IP address of the requesting device,
  • Information about your internet service provider,
  • Information about the operating system of your device (tablet, PC, smartphone, etc.),
  • Information on the referring URL,
  • Information on the browser used,
  • Date and time of access, and
  • content accessed when visiting the website.

This data is processed for the purpose of enabling the use of our website (establishing a connection) and ensuring its functionality, ensuring system security and stability, and enabling the optimization of our website, as well as for statistical purposes.

The IP address is also evaluated together with the other log data and possibly other data available to us in the event of attacks on the IT infrastructure or other possibly unauthorized or improper use of the websites for clarification and defense and, if necessary, in the context of criminal proceedings for identification and used for civil and criminal proceedings against the persons concerned.


What are cookies and similar technologies?

Cookies are files that your browser automatically saves on your device when you visit our website. Cookies contain a unique identification number (an ID) with which we can distinguish individual visitors from others, but usually without identifying them. Depending on the purpose of use, cookies contain further information, e.g. about the pages accessed and the duration of the visit to a page. On the one hand, we use session cookies, which are deleted when the browser is closed, and, on the other hand, permanent cookies, which are stored for a certain period of time after closing the browser (usually between a few days and two years) and serve to attract visitors * recognizable inside on a later visit.

We can also use similar technologies such as pixel tags, fingerprints and other technologies to store data in the browser. Pixel tags designate small, usually invisible images or a program code that are loaded from a server and thereby transmit certain information to the operator of the server, e.g. whether and when a website was visited. Fingerprints are information that is collected when you visit our website via the configuration of your end device or your browser and that make your end device distinguishable from other devices. Most browsers also support other technologies for storing data in the browser, similar to cookies, which we can also use (eg „Web Storage“).


How can cookies and similar technologies be deactivated?

In some cases, when you visit our website, you have the option of activating or deactivating certain categories of cookies using a button displayed in the browser. You can also configure your browser in the settings so that it blocks certain cookies or similar technologies or deletes existing cookies and other data stored in the browser. You can also expand your browser with software (so-called “plug-ins”) that block tracking by certain third parties. You can find more information on this in the help pages of your browser (usually under the keyword “data protection”). Please note that our websites may no longer function fully if you block cookies and similar technologies.


What types of cookies and similar technologies do we use?

We use the following types of cookies and similar technologies:

  • Necessary cookies: Necessary cookies are required so that a website and its functions can be used. These cookies ensure, for example, that you can switch between pages without losing the information entered in a form or the products placed in a shopping cart.
  • Performance cookies: Performance cookies collect information about how a website is used and enable us to carry out analyzes, e.g. which pages are most popular and how visitors move around a website. These cookies serve to simplify and accelerate the visit to the website and to generally improve user-friendliness.
  • Functional cookies: Functional cookies enable us to provide extended functionalities and to display personalized content. These cookies allow us, for example, to save information that has already been given (e.g. language selection) or to show you products based on the articles you have viewed that you may also like.
  • Marketing cookies: Marketing cookies help us and our advertising partners to address you on our websites and on third-party websites with advertising for products or services that may be of interest to you, or to show you our advertisements after you have visited our website when you continue to use the Internet.


How do we use cookies and similar technologies from other companies?

The cookies and / or similar technologies we use may come from ourselves or from third-party companies, e.g. if we use functions that third parties provide. Such third-party providers can also be located outside Switzerland and the European Economic Area (EEA), provided that your personal data is adequately protected.

For example, we use analysis services to evaluate how you use our websites in order to optimize and personalize them. Cookies and similar technologies from third-party providers also enable them to address you with individualized advertising on our websites or on other websites as well as in social networks that also work with this third party and to measure how effective advertisements are (e.g. whether you have an advertisement reached our website and what actions you then carry out on our website).

Third-party providers can record the use of the website in question. These records can be linked by the respective provider with similar information from other websites. The behavior of certain users can be recorded across multiple websites and across multiple devices. The respective provider can often use this data for its own purposes, e.g. for personalized advertising on its own website and on other websites that it supplies with advertising. If users are registered with the provider, the provider can assign the usage data to the person concerned. The processing of such personal data is carried out by the provider under his responsibility and in accordance with his own data protection regulations.

Two of the most important third-party providers are Google and Facebook. You will find further information on these below. Other third-party providers usually process personal and other data in a similar way.

Google Analytics and Google Firebase

We use Google Analytics , an analysis service from Google LLC (1600 Amphitheater Parkway, Mountain View, CA, USA) and Google Ireland Ltd. on many of our websites . (Google Building Gordon House, Barrow St, Dublin 4, Ireland; both together “Google”, with Google Ireland Ltd. being responsible for processing personal data). Google uses cookies and similar technologies to collect certain information about the behavior of individual users on or in the website concerned and the device used for this (tablet, PC, smartphone, etc.) (e.g. how often you have opened our website, how many purchases have been made or what interests you have as well as data about your device used such as the operating system). You can find more information about this underthis link .

We have configured the service in such a way that the IP addresses of visitors to Google’s websites within Europe are shortened before they are forwarded to the USA, so that they cannot be traced back. Google provides us with reports and in this sense can be seen as our order processor. However, Google also processes certain data for its own purposes. Under certain circumstances, Google can draw conclusions about the identity of the visitors to the websites based on the data collected and therefore create personal profiles and link the data obtained with any existing Google accounts of these people. You can find information on data protection from Google Analytics here , and if you have a Google account yourself, you can find more information here .

Facebook Custom Audiences

Our websites can also use the so-called “Facebook pixel” and similar technologies from Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland (“Facebook”). We use these technologies to ensure that the Facebook ads placed by us are only available to users of Facebook and the partners who cooperate with Facebook (the so-called “ Audience Network”) That have shown an interest in us or whose characteristics correspond to those that we transmit to Facebook for this purpose (eg interest in certain topics or products that can be seen from the websites visited;“ Custom Audiences ”). We can also use these technologies to understand the effectiveness of Facebook ads for statistical purposes and for market research by seeing whether users were redirected to our website after clicking on a Facebook ad (so-called „conversion measurement“). Further information can be found here .

We are jointly responsible with Facebook for the exchange of data that Facebook collects or receives via the pixel or comparable functions, for the display of advertising information that corresponds to the interests of the users, the improvement of the ad delivery and the personalization of functions and content ( but not further processing). We have therefore concluded a corresponding additional agreement with Facebook . Users can therefore address requests for information and other data subject inquiries in connection with joint responsibility directly to Facebook.


How do we use social media appearances?

We can operate our own appearances on social networks and similar third-party platforms (e.g. Facebook fan pages). If you communicate with us via such sites or comment on or further disseminate our content, we will collect the relevant information and process it in accordance with our data protection declaration . We have the right, but not the obligation, to check content before or after its publication and to delete content without notice, as far as this is technically possible, or to report it to the provider of the platform concerned. In the event of a violation of the rules of decency and behavior, we can also report the relevant user account to the platform provider for blocking or deletion.

When you visit our social media sites, data (e.g. on your user behavior) can also be transmitted directly to the provider concerned or collected by them and processed together with other data already known to them (e.g. for marketing and market research purposes and to personalize the platform content ). Insofar as we are jointly responsible with the provider for certain processing, we will make a corresponding agreement with him, about the essential content of which you can obtain information from the provider. Further information on data processing by the providers of social networks can be found in the data protection provisions of the relevant social networks.


Changes to this cookie information

This cookie information can be adjusted over time, especially if we change our data processing or if new legal provisions apply. In general, the current version of the cookie information at the start of the relevant processing applies to data processing.

 

Version 1.0NL / November 2021