Data protection

General Information

As the operator of this website and as a company, we come into contact with your personal data. This refers to all data that provides information about you and by which you can be identified. In this privacy policy, we would like to explain how, for what purpose, and on what legal basis we process your data.

​

The party responsible for data processing on this website and in our company is:

Bleibergs Feinkost, Gastro GmbH
American Bagel
Nürnberger Str. 45A
10789 Berlin
Phone: +49 (0)30 2191 3624
Email: kontakt@americanbagel.de

​

​General Notices

SSL and TLS Encryption

When you enter your data on websites, place online orders, or send emails via the internet, you must always expect that unauthorized third parties may access your data. Full protection against such access is not possible. However, we make every effort to protect your data as best as possible and to close any security gaps to the extent that this is feasible for us.

 

An important security mechanism is the SSL or TLS encryption of our website, which ensures that data you transmit to us cannot be read by third parties. You can recognize the encryption by the padlock icon before the web address in your browser and by the fact that our URL begins with https:// instead of http://.

How long do we store your data?

​

In some sections of this privacy policy, we inform you of the specific duration for which we or the companies processing your data on our behalf store your data. If no such indication is provided, we store your data until the purpose of the data processing ceases to apply, you object to the data processing, or you revoke your consent. In the event of an objection or revocation, we may continue to process your data if at least one of the following conditions is met:

​

We have compelling legitimate grounds for continuing the data processing that override your interests, rights, and freedoms (only in the case of objection; if the objection concerns direct marketing, we cannot assert any legitimate grounds).
​

The data processing is necessary to establish, exercise, or defend legal claims (does not apply if your objection concerns direct marketing).

​

We are legally obliged to retain your data. In this case, we delete your data once the respective obligation ceases to apply.

Your Rights

Right to Object to Data Processing

IF YOU READ IN THIS PRIVACY POLICY THAT WE HAVE LEGITIMATE INTERESTS IN PROCESSING YOUR DATA AND THEREFORE RELY ON ART. 6 PARA. 1 SENTENCE 1 LIT. F) GDPR, YOU HAVE THE RIGHT UNDER ART. 21 GDPR TO OBJECT TO SUCH PROCESSING. THIS ALSO APPLIES TO ANY PROFILING BASED ON THIS LEGAL BASIS.

The prerequisite is that you state reasons for the objection arising from your particular situation. No justification is required if your objection is to the use of your data for direct marketing purposes. As a consequence of your objection, we may no longer process your data. This does not apply only if one of the following conditions is met:

​

• We can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms.

• The processing serves the establishment, exercise, or defense of legal claims.
   

These exceptions do not apply if your objection concerns direct marketing or profiling related to direct marketing.

​

​Additional Rights

Right to Withdraw Consent to Data Processing

Many data processing operations are based on your consent. You give this, for example, by ticking a checkbox in an online form before submitting it, or by allowing specific cookies when visiting our website. You may withdraw your consent at any time without giving reasons (Art. 7 Para. 3 GDPR). From the moment of withdrawal, we are no longer permitted to process your data. The only exception is where we are legally obligated to retain the data for a specific period (such obligations particularly exist under tax and commercial law).

Right to Lodge a Complaint with the Supervisory Authority

​

If you believe that we have violated the General Data Protection Regulation (GDPR), you have the right to lodge a complaint under Art. 77 GDPR with a supervisory authority. You may contact the authority in the Member State of your residence, workplace, or the location of the alleged violation. This right exists in addition to any administrative or judicial remedies.

Right to Data Portability

Daten, die wir auf Grundlage Ihrer Einwilligung oder in Erfüllung eines Vertrages automatisiert verarbeiten, müssen wir Ihnen oder einem Dritten in einem gängigen maschinenlesbaren Format aushändigen, wenn Sie das verlangen. An einen anderen Verantwortlichen können wir die Daten nur übertragen, soweit dies technisch möglich ist.

Recht auf Datenauskunft, -löschung und -berichtigung

​

You have the right to receive data that we process automatically based on your consent or in the performance of a contract in a commonly used, machine-readable format. You may also request that we transfer this data to another controller, provided this is technically feasible.

Right of Access, Erasure, and Rectification

​

Under certain circumstances, you may request the restriction of the processing of your data under Art. 18 GDPR. In such cases, your data – aside from being stored – may only be processed as follows:
​

• With your consent
   

• For the establishment, exercise, or defense of legal claims
   

• For reasons of important public interest of the European Union or a Member State
   

• To protect the rights of another natural or legal person
   

You have the right to restrict processing in the following situations:
 

• You dispute the accuracy of your personal data stored with us and we need time to verify this. The right exists for the duration of the verification.
   

• The processing of your data was unlawful in the past or is currently unlawful. You may then choose restriction over deletion.
   

• We no longer need your personal data, but you need them for the establishment, exercise, or defense of legal claims.
   

• You have objected to processing under Art. 21 Para. 1 GDPR and a balance between your and our interests is still pending.

Hosting and Content Delivery Networks (CDN)

​

External HostingOur website is hosted on a server operated by the following internet service provider (host):

​

Wix.com Luxembourg S.a.r.l.

5, rue Guillaume Kroll
L‑1882 Luxembourg, Luxembourg

How do we process your data?

​

The host stores all data related to our website. This includes all personal data that is collected automatically or provided by you. These may include: your IP address, accessed pages, names, contact details and inquiries, as well as meta and communication data.

Wix.com processes data only according to our instructions and only to the extent necessary to fulfill their contractual obligations to us.

On what legal basis do we process your data?
 

Since our website serves to reach potential customers and maintain contact with existing ones, the data processing by our host serves the initiation and performance of contracts and is therefore based on Art. 6 para. 1 lit. b) GDPR.

​

Additionally, it is our legitimate interest as a company to provide a professional website that meets necessary requirements for security, speed, and efficiency. In this respect, we also process your data based on Art. 6 para. 1 lit. f) GDPR.

​

​Data Collection on This Website

Use of Cookies

Our website places cookies on your device. These are small text files used for various purposes. Some cookies are technically necessary for the website to function at all (essential cookies). Others are needed to enable certain actions or features on the site (functional cookies). For example, without cookies, it would not be possible to use the shopping cart in an online store. Other cookies are used to analyze user behavior or optimize advertising efforts.

You can control how your browser handles cookies via its settings:

Session cookies are stored on your device only for the duration of a session. They disappear automatically as soon as you close your browser. Persistent cookies, on the other hand, remain on your device unless you delete them. This can, for example, lead to your user behavior being continuously analyzed. You can influence how cookies are handled via your browser settings:

​

• Would you like to be notified when cookies are set?

• Do you want to block cookies completely or only in certain cases?

• Should cookies be automatically deleted when the browser is closed?
   

Please note: if you deactivate or block cookies, certain functions of the website may be limited. If we use cookies from third-party providers or for analytical purposes, we will inform you in this privacy policy and request your consent when you first visit our website.

​

​On what legal basis do we process your data?
We have a legitimate interest in ensuring that our online offerings function without technical problems and that all desired features are available to users. The storage of essential and functional cookies is therefore based on Art. 6 para. 1 lit. f) GDPR.

​

All other cookies are placed based on your consent under Art. 6 para. 1 lit. a) GDPR. You may revoke this consent at any time with future effect. If you consent to the use of even technically necessary cookies when prompted, their storage is also based solely on your consent.

Server Log Files
Server log files record all requests and accesses to our website and log error messages. These logs also contain personal data, especially your IP address. However, your IP address is anonymized by our provider shortly after collection, so we cannot link the data to your person. The data is automatically transmitted by your browser to our provider.

How do we process your data?

Our provider stores these server log files to monitor website activity and identify technical issues. These files contain the following information:

• Browser type and version

• Operating system used

• Referrer URL

• Hostname of the accessing device

• Time of server request

• IP address (possibly anonymized)

 

We do not merge this data with other data and use it only for statistical evaluation and to improve our website.

​

​On what legal basis do we process your data?

We have a legitimate interest in ensuring that our website operates without errors and in obtaining an anonymized overview of access behavior. Therefore, data processing is lawful under Art. 6 para. 1 lit. f) GDPR.