You can refuse the use of Google Analytics by clicking on the following link. An opt-out cookie will be set on the computer, which prevents the future collection of your data when visiting this website:
Disable Google Analytics
Further information concerning the terms and conditions of use and data privacy can be found at http://www.google.com/analytics/terms/gb.html or at https://www.google.de/intl/en_uk/policies/. Please note that on this website, Google Analytics code is supplemented by “anonymizeIp” to ensure an anonymized collection of IP addresses (so called IP-masking).
Mit der Aktivierung von Google Analytics nutzt diese Website den Google Analytics Webanalysedienst der Google Inc. („Google“). Google Analytics verwendet sog. „Cookies“, Textdateien, die auf Ihrem Computer gespeichert werden und die eine Analyse der Benutzung der Website durch Sie ermöglichen. Die durch das Cookie erzeugten Informationen über Ihre Benutzung dieser Website werden in der Regel an einen Server von Google in den USA übertragen und dort gespeichert. Im Falle der Aktivierung der IP-Anonymisierung auf dieser Website, wird Ihre IP-Adresse von Google jedoch innerhalb von Mitgliedstaaten der Europäischen Union oder in anderen Vertragsstaaten des Abkommens über den Europäischen Wirtschaftsraum zuvor gekürzt. Nur in Ausnahmefällen wird die volle IP-Adresse an einen Server von Google in den USA übertragen und dort gekürzt. Im Auftrag des Betreibers dieser Website wird Google diese Informationen benutzen, um Ihre Nutzung der Website auszuwerten, um Reports über die Websiteaktivitäten zusammenzustellen und um weitere mit der Websitenutzung und der Internetnutzung verbundene Dienstleistungen gegenüber dem Websitebetreiber zu erbringen. Die im Rahmen von Google Analytics von Ihrem Browser übermittelte IP-Adresse wird nicht mit anderen Daten von Google zusammengeführt. Sie können die Speicherung der Cookies durch eine entsprechende Einstellung Ihrer Browser-Software verhindern; wir weisen Sie jedoch darauf hin, dass Sie in diesem Fall gegebenenfalls nicht sämtliche Funktionen dieser Website vollumfänglich werden nutzen können. Sie können darüber hinaus die Erfassung der durch das Cookie erzeugten und auf Ihre Nutzung der Website bezogenen Daten (inkl. Ihrer IP-Adresse) an Google sowie die Verarbeitung dieser Daten durch Google verhindern, indem Sie das unter dem folgenden Link (http://tools.google.com/dlpage/gaoptout?hl=de) verfügbare Browser-Plugin herunterladen und installieren.
Sie können die Erfassung durch Google Analytics aktivieren, indem Sie auf folgenden Link klicken. Es wird ein Opt-In-Cookie gesetzt, das die zukünftige Erfassung Ihrer Daten beim Besuch dieser Website steuert:
Google Analytics aktivieren
Nähere Informationen zu Nutzungsbedingungen und Datenschutz finden Sie unter http://www.google.com/analytics/terms/de.html bzw. unter https://www.google.de/intl/de/policies/. Wir weisen Sie darauf hin, dass auf dieser Website Google Analytics um den Code „anonymizeIp“ erweitert wurde, um eine anonymisierte Erfassung von IP-Adressen (sog. IP-Masking) zu gewährleisten.
HACHEZ CHOCOVERSUM GmbH would like to explain to you below which data are collected, processed and used when and for what purpose. We would like to explain to you how our offered services work and how the protection of your personal data is guaranteed. We only collect, process and use personal data if you have consented therein or a law allows this.
II. Responsible Persons
1.Name and address of the controller
The responsible person within the meaning of the EU General Data Protection Regulation (GDPR) is
HACHEZ CHOCOVERSUM GmbH
Messberg 1, 20095 Hamburg
Tel.: (040) 41 91 23 00
Fax: (040) 41 91 23 0 - 20
2. Name and address of the data protection officer
The data protection officer of the controller is:
Lawyer Bertold Frick
Baumwollbörse, Wachtstraße 17/24, 28195 Bremen
Tel.: (0421) 339 53 50
Fax: (0421) 339 53 55
For general questions or suggestions regarding data protection, you can contact us at any time by e-mail at firstname.lastname@example.org or with our external data protection officer mentioned under point 2.
1.Scope of processing personal data
In principle, we collect and use our users’ personal data only to the extent necessary to provide a functional website and our content and services. This includes
- E-mail address
- Payment data
- Booked events / tickets purchased or vouchers
- Any documents or information provided by you, the personal data
We collect, process and use this data in order to contact you and process your request for events, ticket purchases or general enquiries.
In addition, we collect, process and use the following data to compile visitor statistics on the use of our website and to improve our website. The following data is collected:
- Date and visit of the URL on which the visitor is located
- URL that the visitor visited immediately before
- Browser used
- Operating system used
- IP address of the visitor
If this is not the case, personal data will only be used with the user’s consent. An exception applies in cases where prior consent cannot be obtained for effective reasons and the processing of the data is permitted by law.
2. Legal basis of processing
Insofar as we obtain the consent of the data subject for processing of personal data, Article 6 (1)(a) EU General Data Protection Regulation (GDPR) serves as the legal basis.
For the processing of personal data required to fulfil a contract to which the data subject is a party, Article 6 (1)(b) GDPR serves as the legal basis. This also applies to processing operations required to carry out pre-contractual actions.
Insofar as the processing of personal data is required to fulfil a legal obligation to which our company is subject, Article 6 (1)(c) GDPR serves as the legal basis.
In the event that the vital interests of the data subject or any other natural person require the processing of personal data, Article 6 (1)(d) GDPR serves as the legal basis.
If the processing is necessary to safeguard the legitimate interests of our company or a third party and if the interests, fundamental rights and fundamental freedoms of the data subject do not prevail over the first interest, Article 6 (1)(f) GDPR serves as the legal basis for processing. The legitimate interest of our company lies in the execution of our business activities.
3. Routine deletion and blocking of personal data
We only process and store personal data of the data subject for as long as necessary to achieve the storage purpose. In addition, such storage may take place if provided for by the European or national legislator in EU regulations, laws or other regulations to which the person responsible for the processing is subject. As soon as the storage purpose ceases to apply or a storage period prescribed by the aforementioned regulations expires, the personal data is routinely blocked or deleted.
3. Data security
We take all reasonable technical and organisational measures to ensure the protection of your data. Despite regular checks, full protection against all dangers is not possible.
The website uses industry standard SSL (Secure Sockets Layer) for encryption in some places. This ensures the confidentiality of your personal information over the Internet.
IV. Usage data
1. Log files
Each time the website is accessed, we or the site provider collect data and information through an automated system. These are stored in the log files of the server.
The following data can be collected here:
- Information about the browser type and version used
- The user’s operating system
- The user’s Internet service provider
- The user’s IP address
- Date and time of access
- Websites from which the user's system is accessed on our website (referrer)
- Web pages accessed by the user's system through our website
The processing of the data serves to deliver the contents of our website, to ensure the functionality of our information technology systems and to optimize our website. The data of the log files are always stored separately from other personal data of the users.
In order to make the visit of our website-offer attractive and to allow the use of certain functions, we use so-called "cookies" on some pages. Cookies are small text files that are stored on your hard disk for the duration of your browser session in the cache of your Internet browser (so-called "session cookies") or for a defined duration (so-called "persistent cookies").
For example, cookies enable us to track and determine your preferences and to identify you individually during a visit to our website. After the end of the browser session, most of the cookies we use are deleted from your hard drive ("session cookies").
The so-called "persistent cookies" (e.g. to identify you as a registered buyer and to enable log-in) remain on your computer and allow us, for example, to recognise you on your next visit.
3. Third party cookies
How can I prevent the storage of cookies? You can set your browser to accept the storage of cookies only if you agree. You can delete any existing cookies. By deactivating cookies, however, the usability of our websites may be limited. Information on how to deactivate cookies can be found at the following LINK (www.wikihow.com). Similarly, the use of third-party cookies can be disabled separately in the settings.
4. Google Analytics
This website uses Google Analytics, a web analytics service of
Google Inc. ("Google")
1600 Amphitheatre Parkway
Mountain View, CA 94043
Google Analytics uses so-called "cookies", text files, that are stored on your computer and allow the website to analyse how users use the website.
What happens to the data?
The information generated by the cookie about your use of this website (including your IP address) is transmitted to and stored by Google on servers in the United States. Google will use this information to evaluate your use of the website, compile reports on website activity for website operators and provide other services related to website activity and internet usage. Google may also transfer this information to third parties if required by law or if third parties process this data on behalf of Google. Google will never associate your IP address with any other Google data.
How can you object to data collection and processing?
You can prevent the installation of cookies by setting your browser settings accordingly; however, please be aware that if you do this you may not be able to use the full functionality of this website. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.
You can object to the collection and storage of your data at any time with effect for the future. To do this you can prevent Google from collecting the data (including your IP address) generated by the cookie and related to your use of the website as well as from processing this data by Google by downloading and installing the browser plug-in available under the following link.
You can also prevent the collection by Google Analytics by clicking on the following link. An opt-out cookie will be set which prevents the future collection of your data when visiting this website (https://tools.google.com/dlpage/gaoptout?hl=de).
In view of the discussion about the use of analysis tools with complete IP addresses, we would like to point out that IP addresses are only processed further on this website in shortened form. The use of Google Analytics with the extension "_anonymizeIp()" excludes a personal reference of the collected data.
Google Analytics is also used to evaluate data from AdWords and the Double-Click Cookie for statistical purposes. If you do not want this to happen, you can disable it through the Ads Preferences Manager (http://www.google.com/settings/ads/onweb/?hl=en).
Since Google is located in the US, data is transferred to a third country outside the EU or the EEA. However, the security of your data is ensured because Google is subject to the EU-US Privacy Shield Agreement. According to the decision of the European Commission of 12.07.2016, Google, therefore, has an adequate level of data protection.
5. Social plugins
Operator: Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA
Operator: Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Operator: Instagram LLC, 1601 Willow Rd, Menlo Park CA 94025, United States
V. Your personal information
1. What are "personal data"?
Personal data are information about yourself that allow conclusions to be drawn about your identity or which relate directly or indirectly to you, e.g. your name, address or phone number. Information that does not allow conclusions to be made about a specific or identifiable person is not included.
2. E-mail, telephone
If you contact us by e-mail or telephone, we will only use the personal data you provide to process your specific request. The given data will be treated confidentially.
3. Your registration
If you use the opportunity to register on our website, the data in the respective input mask will be transmitted to us. The data are stored solely for the purpose of internal use. Upon registration, the IP address of the user as well as the date and time of the registration will be stored in addition to the data mentioned below. This is to prevent misuse of the services. A transfer of the data to third parties does not take place. An exception exists if there is a legal obligation to disclose. Registered persons have the possibility to delete or modify the stored data at any time. The data subject receives information about the personal data stored about him or her at any time. Registration is based on our legitimate interests. With the opportunity to register, we can offer our visitors the convenience of regularly logging in and storing the data permanently.
a. What data do we collect and what for?
As part of the registration, we need an email address and password from you. The data you provide will be stored with us and serve solely to provide the services you requested and thereby fulfil our contracts with you, in particular the sale through our online store.
b. Bank and credit card data
For certain fee-based offers, we also need bank or credit card information to process the contract.
If you choose the payment method "credit card", we also need your credit card details, but these credit card details are not collected by us but are collected directly and exclusively via the payment service provider that we have appointed and specialise in the online area Within the Giropay payment method, you can choose your bank and you will be immediately redirected to your bank's online banking website, where you will be able to log in as usual with your access data and we will not collect or process any data in this context.
c. Can I also shop without registering in the online shop?
A purchase in our online shop is also possible without registration. The data collected by us for processing the purchase will be recorded and stored in the shop system in order to fulfil our contract with you.
4. Disclosure of personal data
In addition, we will not disclose personal data without your express consent, unless we are legally permitted to do so, e.g. if we are required by law to disclose data (to law enforcement agencies and courts, to public bodies that receive data due to statutory regulations, such as social insurance agencies, tax authorities, etc.) or if we involve third parties to enforce our claims for professional secrecy.
5. Your rights as an affected person
If HACHEZ CHOCOVERSUM GmbH processes personal data about you, you are a victim within the meaning of the General Data Protection Regulation and you have the following rights against HACHEZ CHOCOVERSUM GmbH as the person responsible:
a. Right to information
You may ask the person in charge to confirm if personal data concerning you is processed by us.
If such processing is available, you can request information from the person responsible about the following information:
- the purposes for which the personal data are processed;
- the categories of personal data that are processed;
- the recipients or categories of recipients to whom the personal data relating to you have been disclosed or are still being disclosed;
- the planned duration of the storage of your personal data or, if specific information is not available, criteria for determining the storage duration;
- the existence of a right to rectification or erasure of personal data concerning you, a right to restriction of processing by the controller or a right to object to such processing;
- the existence of a right of appeal to a supervisory authority;
- all available information on the source of the data if the personal data are not collected from the data subject;
- the existence of automated decision-making including profiling under Article 22 (1) and (4) GDPR and - at least in these cases - meaningful information about the logic involved and the scope and intended impact of such processing on the data subject.
You have the right to request information about whether your personal data is transferred to a third country or an international organisation. In this context, you can request the appropriate guarantees in accordance with. Art. 46 GDPR in connection with the transmission of information.
b. Right to rectification
You have a right of rectification and/or completion vis-à-vis the controller if the personal data processed is incorrect or incomplete. HACHEZ CHOCOVERSUM GmbH has to carry out the correction without delay.
c. Right to limit processing
You may request the restriction of the processing of your personal data under the following conditions:
- if you contest the accuracy of your personal information for a period of time that enables the controller to verify the accuracy of your personal information;
- the processing is unlawful and you refuse to delete the personal data and instead request that the use of the personal data be restricted;
- HACHEZ CHOCOVERSUM GmbH no longer requires the personal data for the purposes of the processing, but you need them to assert, exercise or defend legal claims, or
- if you have filed an objection against the processing pursuant to Art. 21 (1) GDPR and it is not yet certain whether the legitimate reasons of the person responsible outweigh your reasons.
If the processing of personal data concerning you has been restricted, this data may only be used with your consent or for the purpose of asserting, exercising or defending legal claims or protecting the rights of another natural or legal person or for reasons of important public interest of the Union or a Member State.
If the processing limitation has been restricted according to the abovementioned conditions, you will be informed by the person in charge before the restriction is lifted.
d. Right to erasure
You can demand from HACHEZ CHOCOVERSUM GmbH that the personal data concerning you be deleted immediately, and we are obliged to delete this data immediately, if one of the following reasons applies:
- Your personal data are no longer necessary for the purposes for which they were collected or otherwise processed.
- You revoke your consent to the processing pursuant to Art. 6 (1)(a) or Art. 9 (2)(a) GDPR and there is no other legal basis for processing.
- You file an objection against the processing pursuant to Art. 21 (1) GDPR and there are no prior justifiable reasons for the processing, or you file an objection against the processing pursuant to Art. 21 (2) GDPR.
- Your personal data has been processed unlawfully.
- The deletion of personal data concerning you is required to fulfil a legal obligation under Union law or the law of the Member States to which the controller is subject.
- The personal data concerning you were collected in relation to information society services offered pursuant to Art. 8 (1) GDPR.
If HACHEZ CHOCOVERSUM GmbH has made the personal data concerning you public and is, in accordance with Article 17 (1) of the GDPR, required to erase them, it shall take appropriate measures, including technical measures, taking into account the available technology and the implementation costs, to inform data controllers who process the personal data that you, as the data subject, have requested the deletion of any links to such personal data or copies or replications of such personal data.
The right to erasure does not exist if the processing is necessary
- to exercise the right to freedom of expression and information;
- to fulfil a legal obligation required by the law of the Union or of the Member States to which the controller is subject, or to carry out a task of public interest or in the exercise of official authority conferred on the controller;
- for reasons of public interest in the field of public health pursuant to Art. 9 (2)(h) and (i) and Art. 9 (3) GDPR;
- for archival purposes of public interest, scientific or historical research purposes or for statistical purposes pursuant to. Article 89 (1) of the GDPR, insofar as the right referred to in paragraph 1 is likely to render impossible or seriously affect the achievement of the objectives of that processing, or
- to assert, exercise or defend legal claims.
e. Right to information
If you have the right of rectification, erasure or restriction of processing against the controller, he/she is obliged to notify all recipients to whom your personal data have been disclosed of this correction or deletion of the data or restriction of processing, unless this proves to be impossible or involves a disproportionate effort.
You have the right vis-à-vis us to be informed about these recipients.
f. Data transferability
You have the right to receive the personal data that you have provided to HACHEZ CHOCOVERSUM GmbH in a structured, conventional and machine-readable format. In addition, you have the right to transfer this data to another person without obstruction by the person responsible for providing the personal data, provided that
- the processing is based on consent pursuant to Art. 6 (1)(a) GDPR or Art. 9 (2)(a) GDPR or on a contract pursuant to Art. 6 (1)(b) GDPR and
- the processing is done using automated procedures
In exercising this right, you also have the right to request that your personal data be transmitted directly from data controller to another, insofar as this is technically feasible. Freedoms and rights of other persons may not be affected by this.
The right to data transferability does not apply to the processing of personal data necessary for the performance of a task in the public interest or in the exercise of official authority delegated to the controller.
g. Right to object
You have the right to object at any time, for reasons that arise from your particular situation, to the processing of your personal data pursuant to Art. 6 (1)(e) GDPR; this also applies to profiling based on these provisions. HACHEZ CHOCOVERSUM GmbH will no longer process your personal data, unless it can prove compelling legitimate reasons for the processing which outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims. If the personal data relating to you are processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct marketing. If you object to the processing for direct marketing purposes, your personal data will no longer be processed for these purposes.
Regardless of Directive 2002/58/EC, you have the option, in the context of the use of information society services, of exercising your right to object through automated procedures that use technical specifications.
h. Right to revoke the data protection consent declaration
You have the right to revoke your data protection declaration at any time. The revocation of consent does not affect the legality of the processing carried out on the basis of the consent until revocation.
i. Automated decision on a case-by-case basis, including profiling
You have the right not to be subject to a decision based solely on automated processing, including profiling, which has a legal effect on you or, in a similar manner, significantly affects it. This does not apply if the decision
- is required for the conclusion or fulfilment of a contract between you and HACHEZ CHOCOVERSUM GmbH,
- is permissible on the basis of Union or Member State legislation to which the controller is subject, and that legislation contains appropriate measures to safeguard your rights and freedoms and your legitimate interests, or
- with your express consent.
However, these decisions must not be based on special categories of personal data pursuant to Art. 9 (1) GDPR, unless Art. 9 (2)(a) or (g) applies and reasonable measures have been taken to protect your rights and freedoms and your legitimate interests.
Regarding the cases mentioned in a. and c., HACHEZ CHOCOVERSUM GmbH shall take appropriate measures to safeguard the rights and freedoms as well as your legitimate interests, including at least the right to obtain the intervention of a person by the person responsible, to express one's own position and to contest the decision.
j. Right to complain to a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to complain to a supervisory authority, in particular in the Member State of your residence, place of work or place of alleged infringement, if you believe that the processing of your personal data violates the GDPR.
The supervisory authority to which the complaint has been submitted shall inform the complainant of the status and results of the complaint, including the possibility of a judicial remedy under Article 78 of the GDPR.