Newsletter
Contact

 

Data Protection Declaration

Südzucker AG attaches great importance to protecting your privacy and your personal data as well as the requisite data security and therefore collects, processes and uses your personal data exclusively in accordance with the principles described below and the provisions of the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG) applicable to Südzucker AG.

Table of contents

I. Name and address of the controller
The controller within the meaning of the EU General Data Protection Regulation (“GDPR”) and other national data protection laws of the EU Member States as well as other applicable data protection provisions for the operation of the website www.suedzucker.com (hereinafter referred to as the “Website”) is:

Südzucker AG
Maximilianstraße 10
68165 Mannheim, Germany

Tel.: +49 (0) 621 421-0
Fax: +49 (0) 621 421-234
E-Mail: info@suedzuckergroup.com
Website: https://www.suedzucker.com

represented by the

chairman of the Supervisory Board: Dr. Stefan Streng
Executive Board: Dr. Niels Pörksen (chairman), Ingrid-Helen Arnold, Dr. Thomas Kirchberg, Thomas Kölbl, Markus Mühleisen

(hereinafter referred to as “Südzucker” or “We”).

If you would like to object to the collection, processing or use of your data by us according to this Data Protection Declaration as a whole or for individual measures, you can send your objection to the aforementioned contact details or to our data protection officer by email, fax or letter. Under the specified contact details you can also obtain information about your personal data at any time free of charge.

II. Name and address of the data protection officer
The data protection officer of the controller can be contacted at:

Südzucker AG
Data Protection Officer
Maximilianstraße 10
68165 Mannheim

Email: datenschutz@suedzucker.de.

III. Your personal data
Personal data is any information relating to an identified or identifiable natural person (hereinafter referred to as the “Data Subject”). Südzucker processes your personal data exclusively to provide the Website to you. Only personal data such as your name and your email address will be recorded if you have provided this information voluntarily or have agreed to it being recorded. For technically-required data, we refer to the explanations under “V. Provision of the Website and creation of log files/protocol files” as well as “VI. Use of cookies”.

IV. General information on data processing
1. Scope of the processing of personal data
We process the personal data (hereinafter also referred to as “Data”) of Data Subjects, i.e. of visitors to the Website, via our Website to the extent necessary to provide a functioning Website as well as our contents and services. The processing of personal Data generally only takes place with the consent of the user. Exceptions include cases where the processing of Data is permitted by law, is required to fulfil a contract or is technically necessary.

2. Legal basis for the processing of personal data
If we have obtained the consent of the Data Subject for processing operations involving personal data, Art. 6 (1) (a) GDPR serves as the legal basis.

As for the processing of personal data which is necessary for the performance of a contract to which the Data Subject is party, Art. 6 (1) (b) GDPR serves as the legal basis. This also applies to processing operations which are necessary to carry out pre-contractual measures.

When the processing of personal data is necessary in order to achieve compliance with a legal obligation to which our company is subject, Art. 6 (1) (c) GDPR serves as the legal basis.

If the processing of personal data is necessary in order to protect the vital interests of the Data Subject or of another natural person, Art. 6 (1) (d) GDPR serves as the legal basis.

If processing is necessary to safeguard the legitimate interests of our company or of a third party, and such interests are not outweighed by the interests or fundamental rights and freedoms of the Data Subject, Art. 6 (1) (f) GDPR serves as the legal basis for processing.

3. Erasure of Data and storage duration
The personal data of the Data Subject shall be erased or blocked as soon as the purpose of storage ceases to be applicable. Storage may also take place if this is provided for by European or national legislators in EU directives, laws or other regulations to which the controller is subject. Blocking of further Data processing or erasure of Data shall also take place if a legally prescribed storage period has expired, unless there is a need for further Data storage for fulfilment of the contract.

V. Provision of the Website and creation of log files / protocol files
When the Website is used merely for information purposes, we only collect the personal data which your browser transmits to our server or provider and which are technically necessary for us to show you our Website and to ensure its stability and security.

We have engaged Mittwald CM Service GmbH & Co. KG, Königsberger Straße 4-6, 32339 Espelkamp, Germany (hereinafter referred to as “Mittwald”) for the hosting and technical provision of our Website. We have concluded with Mittwald the agreement on commissioned processing of personal data required under data protection law in accordance with Art. 28 GDPR. According to this agreement, Mittwald undertakes to guarantee the necessary protection of your Data and to process them exclusively on our behalf and as instructed by us in accordance with the applicable data protection provisions. Further information on Mittwald is available on their website at: https://www.mittwald.de/.

The following Data are in log files or protocol files provided by Mittwald within the framework of hosting:
(1) browser type and version used, if you have consented to transmission within your browser settings;
(2) operating system and user’s Internet service provider;
(3) date and time of server query;
(4) number of visits;
(5) length of stay on the Website;
(6) previously visited website, only if this linked to our Website and the visitor clicked on this link;
(7) user’s IP address, anonymised by Mittwald in the system before it is stored;
(8) volume of sent/transferred Data;
(9) geographical origin of access.
The Data are stored by Mittwald on servers hosted in Germany. Mittwald uses this information for the purpose specified in our order. There is no independent use of Data by Mittwald or unauthorised disclosure to third parties. Storage of this Data together with the user’s other personal data does not take place.

2. Legal basis for Data processing
The legal basis for the temporary storage of Data and log files is Art. 6 (1) sentence 1 (f) GDPR.

3. Purpose of the Data processing
Temporary storage of the IP address by the system is necessary to deliver the Website or the contents to the user’s computer. To do this, the user’s IP address must be stored for the duration of the session.

Storage of all the above information ((1) – (9)) in log files or protocol files is done to ensure the functionality of the Website. In addition, the Data is used to optimise the Website and to ensure the necessary security of our IT systems. An evaluation of the Data for marketing purposes does not take place in this context. We also have a legitimate interest in processing Data for these purposes in accordance with Art. 6 (1) (f) GDPR.

4. Duration of storage
User’s IP addresses are made anonymous as soon as they are no longer required to achieve the purpose of their collection. This is the case at the end of the user’s respective session. It is then no longer possible to assign the accessing client.

The storage duration of the log files for the above-mentioned purposes is at the most 60 days.

5. Objection and removal option
The recording of Data to provide the Website and the storage of Data in log files is essential to operate a Website. The user has no possibility to object.

VI. Use of cookies
1. Description and scope of Data processing
Our Website uses cookies. Cookies are text files that are stored in the Internet browser or by the Internet browser on the user’s computer system. Cookies cannot execute programmes or transfer viruses to your computer. If a user accesses a website, a cookie may be stored on the users’ operating system. This cookie contains a characteristic string that allows the browser to be clearly identified when accessing the website again. Some of the cookies we use are erased again after the browser session has ended, i.e. after closing your browser (known as “session cookies”). Other cookies remain on your computer and enable us to recognise your computer on your next visit, should you have consented to this.

When accessing our Website, we inform users by means of a cookie banner (see section “IX.3 Privacy settings with Cookiebot”) about the use of cookies (technically necessary cookies, preference cookies, statistics cookies and marketing cookies) and have technically set up the consent required under data protection law to place the cookies for which consent is necessary. Apart from the technically necessary cookies, consent always has to be given in advance to the placement of cookies on your computer. The same applies to other technical measures, such as the use of pixels on our Website. Users are also referred to this Data Protection Declaration via the info banner.

Below we provide you with an overview of the purpose of the cookies used and the respective opt-out options. In addition, please note that you can adjust your cookie settings at any time and revoke your consent at any time for the future. You will also find a detailed list of all cookies, including the purpose, provider and validity period, in our cookie banner.
(a) Technically necessary cookies:
We use cookies to make our Website more user-friendly. Some elements of our Website require that the accessing browser can also be identified after the user moves to another page. Technically necessary (essential) cookies are used to ensure that your visit to our Website goes smoothly. This includes, for example, the security of our Internet presence as well as the prevention of unwanted, automated access in the form of spam, viruses and malware or the storage of your individual cookie settings for our Website. These cookies are necessary so that you can safely visit our Website and cannot be switched off.

The following technically necessary cookies are stored on your computer and transmitted to us every time you access a webpage:
(1) CookieConsent: stores user’s consent status for cookies on the current domains (validity: 1 year).
(2) szUserSelect: technical and essential cookies containing the session code (validity: session).
These cookies do not contain any personal data and are therefore not used for personal identification.

For further information on the necessary technical cookies for safeguarding our Website, we refer to section “IX.2 Use of Google ReCAPTCHA”.
(b) Preference cookies:
We use cookies to personalise our Website by storing your language settings and the decisions you make when using our Website on your computer for your future visits. These preference cookies do not contain any personal data and are therefore not used for personal identification.

We are currently not using any preference cookies on our Website.
(c) Statistics cookies:
We also use cookies on our Website that enable us to analyse our users’ surfing behaviour.

In this way, the following Data can be transmitted:
(1) entered search terms;
(2) frequency of webpage access;
(3) use of Website function;
(4) visit duration;
User Data collected in this way are anonymised by means of technical precautions. Therefore, assignment of the Data to the accessing user is no longer possible. The Data are not stored with users’ other personal data.

Statistics cookies are used for the purpose of improving the quality of our Website and its contents. By using statistics cookies, we can find out how our Website is used and constantly optimise our services. For further information on technical measures and third-party providers, we refer to “VIII. Website analysis services”.
(d) Marketing cookies:
In addition, cookies and scripts are placed through the use of our marketing automation system, Net-Results. The cookies are used to make our newsletter and Website interesting for our users and to increase interaction with visitors and registered email subscribers with the aid of the marketing automation system. For a description of cookies, how they work, their purpose and objection options, please refer to the explanations under “IX.4 Use of marketing automation system Net-Results”).

In addition, third-party providers may place third-party cookies on your computer as a result of the use of various plugins on our Website. We use our YouTube plugins, for incorporating a YouTube video, exclusively on the basis of your existing consent via our cookie banner, i.e. Google or YouTube, as third-party providers, can only use cookies or obtain information on your visit to our Website if you have given your consent via our cookie banner. For a description of cookies, how they work, their purpose and objection options, please refer to the explanations under “IX.5 Use of YouTube”).

2. Legal basis for Data processing
The legal basis for the processing of personal data using technically necessary cookies (see (a)) is Art. 6 (1) (f) GDPR.

The legal basis for the processing of personal data using cookies for statistical or marketing purposes or for storing preferences (see (b) – (d)) is your consent granted via the cookie banner in accordance with Art. 6 (1) (a) GDPR.

3. Purpose of the Data processing
The purpose of technically necessary cookies is to enable you to use our Website. Some functions on our Website cannot be provided without using cookies. For these, it is necessary that the browser can be re-identified following a change of page. User Data gathered by technically necessary cookies are not used to prepare user profiles.

For information on the purpose and objection options for cookies used for statistical and marketing purposes and for storing your preferences (see (b) – (d)), please refer to the explanations under “VIII. Website analysis services” and “IX. Plugins and tools”.

4. Duration of storage, objection and removal option
Cookies are stored on the user’s computer, which transmits them to our site. For this reason, you, as the user, also have full control over the utilisation of cookies. You can deactivate or restrict the transmission of cookies by changing your Internet browser settings. Cookies that have already been saved can be erased at any time. This can also be done automatically. If cookies for our Website are deactivated, you may find that not all of the Website’s functions can continue to be utilised in full.

You can change your settings for cookie use made via our info banner at any time here: Cookie settings. By changing the check marks for the desired clusters, you prevent technical measures from being carried out and cookies from being set.

VII. Communication

VII.1 General contact enquiries and use of the contact form
1. Description and scope of Data processing
On our Website, it is possible to contact us via a provided email address or a contact form. In all cases, the user’s transmitted personal data are stored. The scope of the processed personal data and the personal data processed in each individual case may vary depending on the form or contact. This includes, in particular, the following Data:
(1) your first name and surname;
(2) your company and details of your position;
(3) your address details (country);
(4) your communication details (email address, telephone number);
(5) resulting correspondence (product information, purpose of the enquiry and message).
Your Data and the resultant correspondence are only processed by us. There is no forwarding of Data to third parties. The Data are only used for the conversation started by the user, in order to contact you by phone, post, fax or email about your enquiry. Mandatory information (*) and voluntary information are indicated in the contact forms.

2. Legal basis for Data processing
The legal basis for processing Data transmitted in the course of sending an email or via the contact form is Art. 6 (1) (a) GDPR. If the user’s aim when making contact is to conclude a contract, the legal basis for processing is Art. 6 (1) (b) GDPR.

3. Purpose of the Data processing

We process the personal data that you have sent us voluntarily by email or by completing the contact form purely to make contact or to answer your questions about our products.

4. Duration of storage
No contact requests are stored on our web server. All contact requests are forwarded to the responsible contact person within Südzucker AG.

The Data are erased as soon as they are no longer required to achieve the purpose of their collection. For personal data sent by email or via our contact form, this is then the case when the respective conversation with the user has ended. The conversation has ended when the circumstances indicate that the matter concerned has been finally resolved.

5. Revocation and removal option
Users can revoke their consent to the processing of personal data at any time. If users contact us by email or via the contact form, they can object to the storage of their personal data at any time. In such a case, the conversation cannot be continued. Revocation can be made at any time using the contact details under I. and II. and the following email address info@suedzuckergroup.com. See also X. All personal data stored in the course of making contact will be erased in this case.

VII.2 Newsletter
It is possible to apply for our email newsletter on our Website. When you apply to receive our newsletter, we use the necessary Data disclosed by you to send you our email newsletter in accordance with the consent you have granted. We send you a newsletter at regular intervals according to your selection in order to provide you with news, offers and information about Südzucker AG or our products.

When you apply for an electronic newsletter, we process the following Data in particular:
(1) your first* and last names*;
(2) your email address*;
(3) company name*;
(4) sector*;
(5) country of origin*;
(6) whether you have consented or objected to receiving such communications, including the date and time*.
If you have registered for a newsletter, we only collect and process the Data you have provided to send the newsletter. Mandatory information (*) and voluntary information are indicated when the Data is collected.
To safeguard your entries and to check and prevent interactions on our Website through automated access, e.g. through so-called ‘bots’, we use Google reCAPTCHA when processing applications for our newsletter. For further information on Google reCAPTCHA, we refer to our explanations under “IX.2 Use of Google ReCAPTCHA”.

For the technical implementation of dispatch and the provision and supervision of our marketing automation system (see Section “IX.4 Use of marketing automation system Net-Results”) we have engaged the agency Interface Marketing BV, Waterstraat 67, 2970 Schilde, Belgium (hereinafter referred to as “Interface Marketing”), which processes the provided Data on our behalf in accordance with the necessary Data security measures as a processor within the meaning of Art. 28 GDPR. The contractual basis has been agreed. The Data are used by Interface Marketing solely for the dispatch of our newsletter via our marketing automation system and for evaluating the performance of our newsletter.
Further information on Interface Marketing is available on the Website at: www.interface-marketing.com.

Registration for the email newsletter is done via a double opt-in procedure set up by the system. This means that you receive an email with a confirmation link after providing your Data. This confirmation email is used for the holder of the specified email address to authorise receipt of the newsletter. The email address is only included in the mailing list once confirmation has been given. The following are stored: registration Data, login, confirmation, logout time, IP address and changes to the stored Data. The collection of this Data is necessary to be able to trace any misuse of the email address of the Data Subjects and to safeguard the controller.

To further improve our newsletter services, Data on the use of our newsletter and your reaction to it are collected in order to create non-personal statistics. To this end, the distributed newsletters contain web beacons or tracking pixels (hereinafter referred to as “Tracking Measures”). The tracking measures are used to collect information on access status, amount of transferred Data, number of openings and clicks, mailshots received, browser, operating system and its interface. This information is assigned to your email address and linked to a unique ID. Conversion tracking can also be used to analyse whether a previously defined action (e.g. linking to an event) has taken place after clicking on the link in the newsletter. The collected Data are merged in our marketing automation system with the information collected on our Website (see “IX.4 Use of marketing automation system Net-Results”).

2. Legal basis for Data processing
The legal basis for processing Data transmitted in the course of giving consent for the sending of our newsletter and for the temporary storage of Data for the evaluation of performance is Art. 6 (1) (a) GDPR. We have an interest in direct advertising and evaluating your reaction to the content of the newsletter in order to be able to compete successfully in the marketplace.

3. Purpose of the Data processing
Personal data is processed by us and our service provider Interface Marketing solely for the purpose of processing and sending our newsletter and evaluating the success of a particular newsletter. Anonymised statistics on your use of and reaction to our newsletter help us to tailor our services to the interests of our subscribers more effectively. This also constitutes the necessary legitimate interest in the processing of Data.

4. Duration of storage
Your Data are stored on hosted servers of Interface Marketing at Net-Results. Interface Marketing uses this information solely to send the newsletter and evaluate newsletter use on our behalf. There is no independent use of the Data by Interface Marketing, e.g. for making contact or forwarding to third parties.

The Data are erased as soon as they are no longer required to achieve the purpose of their collection. For personal data that you have provided us with for the purpose of applying for and sending the newsletter, this is then the case if your consent to processing has been revoked. After cancellation of the newsletter, all stored Data are erased.

5. Objection and removal option
You can revoke your consent to the processing of personal data for subscription to the newsletter at any time.

You may cancel your subscription to the newsletter at any time via our Website by providing your details (email address and first and last name). You can also do this by sending a message by email (info@suedzuckergroup.com) to us or via an unsubscribe link provided in the newsletter.

VII.3 Provision of information materials for download

1. Description and scope of data processing
Upon request, we will provide you with information material, such as whitepapers on Südzucker products, via a download link. You can enter the information required for sending us the material using a form integrated into our website.

Specifically, the following data is collected via the form:

(1) Your first and last name;
(2) Your company and information about your position;
(3) Your country of origin (country);
(4) Your e-mail address.

After you have provided us with your data, we will send you an e-mail with a download link.

We would like to point out that we use the data provided in connection with your download of our information material for direct advertising about similar products from us. We send this infor-mation regardless of whether you have subscribed to our newsletter or not. Your data will not be passed on to third parties, not even within the Südzucker Group.

If you do not wish to receive this information about similar products, you can informally object to this at any time using the contact details provided above, without incurring any transmission costs. Alternatively, you can also use the unsubscribe link contained in following mails.

For the technical implementation of the mailing and the provision of the download link, we use our Marketing Automation System (see section “IX.4 Use of the Net-Results Marketing Automa-tion System”), in which the collected data is also stored. The data is used exclusively for the provision of the download link and for sending our direct advertising.

2. Purpose and legal basis for data processing
The processing of your data is necessary for sending the respective download material via a download link to your e-mail address (Art. 6 para. 1 p. 1 lit. b) DSGVO).
The processing of your data for the purpose of sending you information by e-mail about similar goods, products or services of Südzucker AG is carried out in compliance with Section 7 (3) of the German Unfair Competition Act (UWG).

3. Duration of storage
The system does not store requests for our download material on our web server. All requests are processed exclusively in our marketing automation system.

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. For personal data collected for the purpose of direct marketing, this is the case if the respective addressee has objected to the processing. We will retain your data for a maximum of 1 year after an objection has been made.

4. Right of objection and elimination
The user has the right to object at any time to the processing of your personal data concerning you for the purpose of direct marketing. If the user contacts us by e-mail or via an unsubscribe link provided for this purpose in the e-mail, he or she can object to the storage of his or her per-sonal data at any time. The objection can be made at any time via the contact data under I. and II. as well as at the following e-mail address info@suedzuckergroup.com. See also X. All per-sonal data stored in the course of downloading the information material will be deleted in this case.

The objection does not lead to the termination of the service relationship of the download mate-rial.

VIII. Website analysis services

VIII.1 Google Analytics
1. Description and scope of Data processing
We have incorporated functions of the web analysis service Google Analytics of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Irland (hereinafter referred to as “Google”) on our Website using Google Tag Manager. Google Analytics uses so-called “cookies” or “third-party cookies”. These are text files stored on your computer or the end device you use (tablet, smart phone, etc.) which enable your use of our Website to be analysed (see VI. Use of cookies).

The following cookies are placed by Google Analytics:
(1) _ga (Validity: 24 months),
(2) _gat (Validity: 1 minute),
(3) _gid (Validity: 1 day).
The functions provided in the Website analysis services make it possible for Google to assign Data, sessions and interactions over several devices to a pseudonym user ID and thus to analyse the activities of an anonymised user across different devices.

The information generated by the cookie about your use of this Website (including your IP address) are also transferred to and stored on Google servers. It is not excluded that the data processing takes place outside the scope of application of EU law. Google will use this information to evaluate your use of the Website, to compile reports on Website activity for Website operators and to provide other services related to Website and Internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Due to the activation of IP anonymisation on our Website, your IP address will be shortened by Google within member states of the European Union or in other signatory states of the Agreement on the European Economic Area before transmission in order to exclude the possibility of a direct personal link. Outside the European Union and the European Economic Area, Google has not implemented IP anonymisation in its system.

You can object to the collection, storage and use of information by Google at any time with effect for the future by installing the deactivation add-on provided by Google.

We have concluded the agreement on commissioned processing with Google as required under data protection law (Data Processing Addendum within the meaning of Art. 28 GDPR with EU standard contractual clauses), in which Google undertakes to protect the Data of our users and process them exclusively on our behalf in accordance with the applicable data protection provisions.

More information on the handling of user Data by Google Analytics can be found, for example, in Google’s privacy notice: https://support.google.com/analytics/answer/6004245?hl=de.

2. Purpose and legal basis for Data processing
The legal basis for the processing of personal data using cookies for statistical purposes is the consent you have provided in this respect via the cookie settings or our cookie banner in accordance with Art. 6 (1) (a) GDPR.

The information obtained through the use of Google Analytics is, in particular, used to better understand the use of our Website and to improve its contents, functionality and retrievability. As the operator of the Website, we have an interest in analysing your user behaviour, in order to improve both our offering and its performance. We have a legitimate interest in the aforementioned processing purposes (Art. 6 (1) (f) GDPR) should anonymised information be forwarded to Google with your consent.

3. Duration of storage
Sessions end after 30 minutes without activity and campaigns after six months. The time limit for campaigns may be a maximum of two years.

4. Revocation, objection and removal option
You can object to the collection, storage and use of information by Google at any time with effect for the future using the following methods:
a) You can object by installing the deactivation add-on provided by Google. You can find further information on this at https://tools.google.com/dlpage/gaoptout?hl=de.
b) Alternatively, you can prevent the storage of cookies placed by Google by setting your browser software accordingly.
c) You can revoke your consent to the recording of your Data by Google Analytics at any time by deactivating the check mark under the cluster “Statistics” in our cookie settings.
However, we would like to point out that if you deactivate or opt-out, you may not be able to use all the functions of the Website to their full extent.

IX. Plugins & Tools

We use extensions, plugins and offers from third-party providers on our Website for its uniform presentation, to ensure the necessary security of our information technology systems and to provide our cookie banner. In doing so, personal data are frequently forwarded or automatically transmitted to third-party providers. The following lists and explains the nature, scope and purpose of this processing of personal data:

IX.1 Use of WordPress extension Wordfence
1. Description and scope of Data processing
On our Website we use a WordPress extension (hereinafter referred to as “WP Plugin”). The WP Plugin “Wordfence Security”, a product from Defiant Inc. 800 5th Avenue, Suite 4100, Seattle, WA 98104, USA (hereinafter referred to as “Wordfence”), is used to secure our Website, i.e. to protect against viruses, malware, spam and to defend against cyber attacks (e.g. brute force or DDoS attacks). Wordfence establishes whether the visitor to our Website is a human being or a bot/robot. In individual cases, technically necessary cookies will be placed on your end device and IP address, browser and device information, date and time of the Website visit and information on the operating system will be collected by Wordfence and stored on the servers hosted by Wordfence. Harmless IP addresses, including other collected Data, are marked and released with each visit – questionable IP addresses are blocked by Wordfence. Wordfence uses the CDN Cloudflare, a product from Cloudflare, Inc. 101 Townsend St., San Francisco, CA 94107, USA, to execute scripts.

Further information on Data processing by Wordfence Security can be found in the data protection information at https://www.wordfence.com/terms-of-use-and-privacy-policy/.

2. Legal basis and purpose of the Data processing
The legal basis for the use of Wordfence is Art. 6 (1) (f) GDPR. We have a legitimate interest in the security of our Internet presence and in preventing unwanted, automated access in the form of spam, viruses and malware and also directly in the security of visitors to our Website.

3. Objection and removal option
The processing of Data to secure our Website and to provide the functions is essential for operating the Website. The user has no possibility to object.

IX.2 Fraud prevention – use of Friendly
1. Description and scope of Data processing
On our website – in particular here also within our newsletter form integrated on the website – we use a service of Friendly Captcha GmbH, Am Anger 3-5, 82237 Wörthsee, Germany (hereinafter “Friendly Captcha”) to check and avoid interactions on our website by automated accesses.

Friendly Captcha is used to check whether the data entered on the website was entered by a human or by an automated program (hereinafter also “bot”). To do this, a widget embedded on our website loads a puzzle request via a Friendly Captcha server and displays it to you. Based on your interaction with the puzzle, the provider can identify whether it is a malicious user.

Friendly Captcha stores the following log data as part of the process:
(1) The request headers User-Agent, Origin and Referrer,
(2) The puzzle itself, which contains information about our Südzucker account and the website key of our website to which the puzzle refers,
(3) The version of the widget,
(4) A timestamp.

Friendly Captcha also stores an anonymised counter per IP address for analysis. Friendly Captcha stores the anonymised counter separately from the rest of the information collected, so that no cross-site comparison can take place. For the display of the puzzle within the widget, the processing of your IP address is necessary. For this purpose, however, the provider uses a set-up anonymisation of the IP address by means of one-way hashing.

We have concluded the data protection agreement on commissioned processing (as defined in Article 28 GDPR) with Friendly Captcha, in which Friendly Captcha undertakes to protect our users’ data and to process it exclusively on our behalf.
Further information on data processing by Friendly Captcha can be found at https://friendlycaptcha.com/de/legal/privacy-end-users/. Friendly Captcha provides all information on data processing transparently for end users under the link.

2. Purpose and legal basis for Data processing
The legal basis for the use of Friendly Captcha is § 25 para. 2 TTDSG and Art. 6 (1) (f) GDPR. Our legitimate interest lies in the security of our website as well as our newsletter form and in the defence against unwanted, automated access in the form of spam or similar by bots and thus also serves the security of a visitor to our website.

3. possibility of objection and removal
The collection of the information is necessary for the provision of the functions of Friendly Captcha and for the purposes described. Consequently, there is no possibility for the user to object.

IX.3 Privacy settings with Cookiebot
1. Description and scope of Data processing
We use the cookiebot.com services of the provider Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark (hereinafter referred to as “Cookiebot”) on our Website for the provision of our cookie banner. The system manages the use of third-party providers, technical measures and cookies by means of granted or refused consent.
Cookiebot processes the following Data for the provision:
(1) your IP address, anonymised by Cookiebot during collection (the last three digits are set to “0”);
(2) other information on the browser and version used;
(3) date and time of your visit to our Website and the settings you have made via our cookie banner;
(4) the URL of the accessed website;
(5) an anonymous, random and encrypted key (ID);
(6) your given consent or individual privacy settings;
and uses the local storage on your end device and the placement of cookies (see section “V. Use of cookies”) to store this information locally in your browser. For this purpose, your individual settings as well as your ID are stored in a cookie so that the settings made are taken into account the next time you visit our Website.

The retention period is the period of time during which the Data processed by the cookie banner is stored for the purpose of consent management. Consent Data (consent granted and withdrawal of consent) are kept for one year. No new consent is required within this period, unless new systems are introduced or a new legal or regulatory framework makes it necessary to obtain new consent.

You can find further information on Data processing by Cookiebot in the data protection declaration of Cookiebot at https://www.cookiebot.com/de/privacy-policy/.

2. Legal basis and purpose of the Data processing
The purpose of the Data processing by Cookiebot is to provide and manage the consents granted by our Website visitors in such a way that the management of consent is data protection-compliant. Cookiebot is used for verifying granted and non-granted consent and managing the individual privacy settings of our users. Processing is carried out for the purpose of obtaining the Website visitor’s consent, providing revocation and objection options, providing evidence that the consent has been obtained (time of consent, end device used) and identifying the user in order to manage their individual privacy settings.

The use of a cookie banner and the management and storage of your consent to the processing of your personal data is based on our legal obligation to provide a data protection-compliant Website (Art. 6 (1) (c) GDPR). The legal basis for the use of the Cookiebot service provider is also Art. 6 (1) (f) GDPR. We have a legitimate interest in legally compliant documentation and verifiability of consent as well as the control of our analysis campaigns based on your consent through the use of specialised contract processors and the associated technical implementation.

3. Objection and removal option
The processing of Data to provide a cookie banner is essential for operating the Website. The user has no possibility to object as long as Südzucker is legally obligated to obtain the user’s consent to certain Data processing operations.

IX.4 Use of marketing automation system Net-Results
1. Description and scope of Data processing
On our Website we have incorporated functions of our marketing automation system “Net-Results”, a service offered by Forward I.T. Solutions LLC. dba Net-Results, 1738 Wynkoop Street, Suite 201, Denver, CO 80202, USA (hereinafter referred to as “Net-Results”).

For the technical provision and supervision of our marketing automation system, we have engaged the agency Interface Marketing BV, Waterstraat 67, 2970 Schilde, Belgium (hereinafter referred to as “Interface Marketing”), which processes the provided Data in accordance with the necessary Data security measures as a contract processor within the meaning of Art. 28 GDPR. The contractual basis has been agreed.

Net-Results uses “cookies” or “third-party cookies”. These are text files stored on your computer or the end device you use (tablet, smart phone, etc.) which enable your use of our Website to be analysed (see VI. Use of cookies).

The following cookies are placed by our marketing automation system:
(1) _acuuid (Validity: 1 day),
(2) _mauuid Validity: 2 years).
The features provided in our marketing automation system enable us or our contractor, Interface Marketing, to identify which email channels our Website visitors and newsletter subscribers use to access our Website. In this way, we can improve our newsletter and the range of information on our Website and tailor them to the needs of our newsletter subscribers and Website visitors.

The information generated by the cookie about your use of this Website (including your IP address) are also transferred to and stored on the Net-Results server in the USA. Net-Results will use this information to evaluate reports on Website activities.

You can find more information on the Net-Results marketing automation system at https://www.net-results.com/.

2. Purpose and legal basis for Data processing
The legal basis for the processing of personal data using cookies for marketing purposes by applying our marketing automation system is the consent you have provided via the cookie settings or our cookie banner in accordance with Art. 6 (1) (a) GDPR.

Furthermore, we have a legitimate interest in the aforementioned processing purposes (Art. 6 (1) (f) GDPR). It is important for the controller to make our Website and newsletter attractive and increase interaction with visitors and registered email subscribers with the aid of our marketing automation system.

3. Duration of storage
Your Data are stored on Net-Results servers in the USA. Interface Marketing uses this information solely to send the newsletter and evaluate newsletter use on our behalf and to improve our newsletter and the range of information on our Website and tailor them to the needs of our newsletter subscribers and Website visitors. There is no independent use of the Data by Interface Marketing or Net-Results or forwarding to third parties.

The Data are erased as soon as they are no longer required to achieve the purpose of their collection. For personal data that you have provided us with for the purpose of applying for and sending the newsletter, this is then the case if your consent to processing has been revoked. After cancellation of the newsletter subscription, all stored Data are erased in our marketing automation system.

The information collected via cookies is erased on the servers of Net-Results at the latest after two years.

4. Revocation, objection and removal option
You can revoke your consent to the processing of personal data for our marketing automation system at any time.
a) You can prevent the storage of cookies used by Net-Results by setting your browser software accordingly.
b) You can revoke your consent to the recording of your Data by Net-Results at any time by deactivating the check mark under the cluster “Marketing” in our cookie settings.
c) Revocation can be made at any time using the contact details under I. and II. and the following email address info@suedzuckergroup.com. See also X. All personal data stored in our marketing automation system will be erased in this case.
However, please note that if you deactivate or opt-out, you may not be able to use all the functions of the Website (e.g. to apply for our newsletter) to their full extent.

IX.5 Use of YouTube
1. Description and scope of Data processing
To integrate videos, we use a plugin from the provider YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA (hereinafter referred to as “YouTube”) on our Website. The content of the plugin is transmitted directly from YouTube to your browser through a connection to the YouTube servers and incorporated into the Website. This will transmit your visit to the Website to YouTube together with your IP address.

If you are logged into YouTube with your user account, YouTube can assign the information obtained to your account by using the plugin. In this case, the information is transferred to your personal user account at YouTube and stored there by YouTube. Cookies (see Section “V. Use of cookies”) are placed by the following providers:
(1) Doubleclick.net
(2) Google.com
(3) Youtube.com
You can find a detailed list of the cookies placed by Google or YouTube, including the purpose and validity period, in our info banner under “Marketing”.

We implement the integration of the plugin exclusively on the basis of the consent you have given via our cookie banner, i.e. YouTube can only place cookies or obtain information on your visit to our Website if you have given your consent to the use of YouTube plugins via our cookie banner. If you have rejected the “Marketing” cluster in our cookie banner, we refer you to our cookie settings instead of the integrated video. No Data are transferred to YouTube if you just simply visit our Website.

We have no control over the Data and Data processing operations collected by YouTube, nor is the full extent of the Data collection, purposes of processing, storage periods and storage location known. We also have no information on the erasure of the collected Data by YouTube. You can find further information on the purpose and scope of the Data processing and your rights in this respect and setting options for protecting your privacy in YouTube’s conditions of use and data protection provisions:

https://www.youtube.com/t/terms
https://policies.google.com/privacy?hl=de&gl=de

2. Purpose and legal basis for Data processing
The legal basis for the processing of personal data is your consent in this respect via our cookie banner in accordance with Art. 6 (1) (a) GDPR.

Furthermore, we have a legitimate interest in the aforementioned processing purposes (Art. 6 (1) (f) GDPR). It is important for the controller to make the Website attractive and increase interaction with visitors and registered users with the help of the plugin.

3. Revocation, objection and removal option
You can object to the collection, storage and use of information by YouTube or revoke your consent at any time with effect for the future using the following methods:
a) under European and German law, you have a right to object to the creation of user profiles or assignment to user profiles; you must contact the plugin provider or YouTube directly to exercise this right;
b) in addition, please note that you can prevent this assignment by logging out of your YouTube profile before visiting the Website and erasing the cookies used by YouTube; Alternatively, you can prevent the storage of cookies used by YouTube by setting your browser software accordingly.
c) you can revoke your consent to the recording of your Data by YouTube at any time by deactivating the check mark under the cluster “Marketing” in our cookie settings.
However, we would like to point out that if you deactivate or opt-out, you may not be able to use all the functions of the Website to their full extent.

X. Rights of the Data Subject
When your personal data is processed you are a Data Subject within the meaning of the GDPR and have the following rights with respect to the controller:
1. Right to information
You may request the controller to confirm whether your personal data is processed by them.
If such processing occurs, you can request the following information from the controller:
(1) the purpose for which the personal data are processed;
(2) the categories of personal data being processed;
(3) the recipients or categories of recipients to whom the personal data have been or will be disclosed;
(4) the planned duration of the storage of your personal data or, if specific information is not available, criteria for determining the duration of storage;
(5) the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning you or to object to such processing;
(6) the existence of the right to lodge a complaint with a supervisory authority;

You have the right to request information about whether your personal data will be transferred to a third country or international organisation. In this context, you can request information about the appropriate safeguards relating to the transfer pursuant to Art. 46 GDPR.

To exercise your right to free information, please contact us directly using the contact details in our Imprint or contact our data protection officer (see Section I and II).

2. Right to rectification
You have a right to rectification and/or completion with respect to the controller if your processed personal data is incorrect or incomplete. The controller must rectify the Data without undue delay.

3. Right to restriction of processing
You may request the restriction of processing of your personal data under the following conditions:
(1) if you contest the accuracy of your personal data for a period enabling the controller to verify the accuracy of your personal data;
(2) the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead;
(3) the controller no longer needs the personal data for the purposes of the processing, but you require them for the assertion, exercise or defence of legal claims;
(4) if you have objected to the processing pursuant to Article 21 (1) GDPR and it is not yet certain whether the legitimate interests of the controller outweigh your interests.
If processing of your personal data has been restricted, this Data may – with the exception of Data storage – only be used with your consent or for the purpose of assertion, exercise or defence of legal claims or protecting the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.
If the processing has been restricted according to the aforementioned conditions, you shall be informed by the controller before the restriction of processing is lifted.

4. Right to erasure
a) Obligation to erase
You may request that the controller erase your personal data without undue delay, and the controller is obligated to do so immediately if one of the following applies:
(1) your personal data are no longer required for the purposes for which they were collected or otherwise processed;.
(2) you revoke your consent on which the processing is based pursuant to Art. 6 (1) (a) and there is no other legal basis for processing the Data.
(3) according to Art. 21 (1) GDPR, you object to the processing of the Data and there are no overriding legitimate grounds for processing, or you object to the processing pursuant to Art. 21 (2) GDPR.
(4) your personal data have been unlawfully processed;
(5) your personal data have to be erased for compliance with a legal obligation in Union or Member State law, to which the controller is subject;
(6) your personal data was collected in relation to information society services offered pursuant to Article 8 (1) GDPR.
b) Information to third parties
Where the controller has made your personal data public and is obligated to erase the personal data pursuant to Art. 17 (1) GDPR, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers who are processing the personal data that you, as the Data Subject, have requested the erasure by such controllers of any links to, or copy or replication of, such personal data.
c) Exceptions
The right to erasure does not exist if the processing is necessary;
(1) for exercising the right of freedom of expression and information;
(2) for compliance with a legal obligation which requires processing by Union or Member State law, to which the controller is subject, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
(3) for the assertion, exercise or defence of legal claims.

5. Right to information
If you have asserted the right of rectification, erasure or restriction of processing over the controller, the controller is obligated to notify all recipients to whom your personal data have been disclosed of the rectification or erasure of the Data or restriction of processing, unless this proves to be impossible or involves a disproportionate effort.
You reserve the right to be informed about the recipients of your Data by the controller.

6. Right to Data portability
You have the right to receive your personal data provided to the controller in a structured, commonly used and machine-readable format and have the right to transmit such Data to another controller without hindrance from the controller, provided;
(1) the processing is based on consent in accordance with Art. 6 (1) (a) GDPR; and
(2) the processing is carried out by automated means.

In exercising this right, you shall also have the right to have your personal data transmitted directly from one controller to another, where technically feasible. Freedoms and rights of other persons may not be affected hereby.
The right to Data portability does not apply to the processing of personal data necessary for the performance of a task in the public interest or in the exercise of official authority vested in the controller.

7. Right to object
You have the right to object, at any time, to the processing of your personal data for reasons that arise from your particular situation pursuant to Art. 6 (1) (e) or (f) GDPR, including profiling based on those provisions.

In addition, you have the right to object at any time to the processing of your personal data for direct marketing purposes; this also includes profiling to the extent that it is related to such direct marketing.

The controller shall no longer process your personal data unless it can demonstrate compelling legitimate grounds for the processing that outweigh your interests, rights and freedoms, or the processing is for the purpose of assertion, exercise or defence of legal claims.

8. Right to withdraw the data protection consent declaration
You have the right to withdraw your data protection consent declaration at any time. The withdrawal of consent does not affect the legality of the processing carried out on the basis of the consent until withdrawal.

9. Right to lodge a complaint with a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, workplace or place of the alleged infringement, if you consider that the processing of your personal data infringes the GDPR.

The supervisory authority with which the complaint has been lodged shall inform the complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy pursuant to Article 78 GDPR.

The data protection authority responsible for us is Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit [Baden-Wuerttemberg State Commissioner for Data Protection and Freedom of Information], residential address: Lautenschlagerstraße 20, 70173 Stuttgart, Germany, postal address: PO Box 10 29 32, 70025 Stuttgart, Germany, further information is available online at www.baden-wuerttemberg.datenschutz.de.

XI. Automated decision-making and profiling
As a responsible company, we do not use your Data for profiling or automated decision-making.

XII. Links to other websites
This Data Protection Declaration applies exclusively to the Internet presence of Südzucker AG. The webpages in this Internet presence may contain links to third-party websites or social media platforms. Our Data Protection Declaration does not cover these websites or providers. When you leave our Website it is recommended that you carefully read the data protection provisions of each website that collects personal data.

XIII. Security
We take the necessary security measures to protect your personal data from unlawful or unintended access or erasure, modification or loss or unauthorised disclosure. We encrypt your Data during transmission via our Website and use SSL (Secure Socket Layer) and TLS (Transport Layer Security) connections. We protect our Website and our other systems and personal data by means of appropriate technical and organisational measures against, in particular, loss, destruction, unauthorised access, modification or disclosure to third parties.

XIV. Availability and changes
You can view this Data Protection Declaration at https://www.suedzucker.com/privacy-policy. In addition, you can store or print out this Data Protection Declaration by using the corresponding functions of your Internet browser.

We reserve the right to amend this Data Protection Declaration from time to time or to adapt it to legal requirements and therefore request that you check the current status of our Data Protection Declaration each time you visit our Website.

Version: December 2020

How can we help you?

    OUR RANGE of sugars and specialty product solutions

    Do you want to find out which product can serve your needs? Filter our product range in our Solution Finder and find out or if you look for specific statements, certifications and other documents, please use our download center

    Show all products
    Download Center
    Seasonal Calendar
    Organic Beet Sugar Image
    Organic Beet Sugar
    Fondants, Icings, Glazings Image
    Fondants, Icings, Glazings
    Sucrose-Based Excipients Image
    Sucrose-Based Excipients
    Services

    We want to support you all along the value chain, from analytical evaluations to bespoke product solutions, application & technology support to individual, last-mile supply chain concepts– find out how you can make use of our experts and create value for your business

    Südzucker R&D Image
    Südzucker R&D
    Application Technology & Product Development Image
    Application Technology & Product Development
    Tailormade Product Solutions Image
    Tailormade Product Solutions
    Dedicated Customer Service Image
    Dedicated Customer Service
    Logistical Excellence Image
    Logistical Excellence
    Application
    Biscuits & Baked Goods Image
    Biscuits & Baked Goods
    Chocolate Image
    Chocolate
    Sugar Confectionery Image
    Sugar Confectionery
    Beverages Image
    Beverages
    Pharma Image
    Pharma
    Dairy, Dairy Alternatives, Desserts & Ice Cream Image
    Dairy, Dairy Alternatives, Desserts & Ice Cream
    Fruit Preparation & Sauces Image
    Fruit Preparation & Sauces
    Ingredients & Additives Image
    Ingredients & Additives
    Animal Feed Image
    Animal Feed
    Non-Food / Fermentation Image
    Non-Food / Fermentation
    About Us
    Introduction Image
    Introduction
    Südzucker at a glance Image
    Südzucker at a glance
    Our Expertise Image
    Our Expertise
    Our History Image
    Our History
    Südzucker Locations Image
    Südzucker Locations
    Consumer Brands Image
    Consumer Brands
    Sustainability
    Sustainability at a Glance Image
    Sustainability at a Glance
    The Sugar Beet Image
    The Sugar Beet
    Functions of Sugar Image
    Functions of Sugar
    Buy online
    If you are interested in buying our products online, please select your country.
    You will be forwarded to our online shop.
    If your country isn't listed, please contact us.