data protection

The person responsible for data processing is:

Philip Rebelsky
Rothenbaumchaussee 46
20148 Hamburg
Germany

restaurant@brodersen-hamburg.de

Phone: 040-1234567890

We are pleased that you are interested in our website. The protection of your privacy is very important to us. Below we provide you with detailed information about how we handle your data.

1. Access data and hosting

Access data
You can visit our websites without providing any personal information. Every time you access a website, the web server automatically saves a so-called server log file, which contains, for example, the name of the requested file, your IP address, the date and time of access, the amount of data transferred and the requesting provider (access data) and documents the access. This access data is evaluated solely for the purpose of ensuring trouble-free operation of the site and improving our offering. This serves to protect our legitimate interests in a correct presentation of our offering in accordance with Art. 6 Paragraph 1 Clause 1 Letter f of GDPR, which prevail within the framework of a balancing of interests. All access data is processed for as long as it is necessary for the purposes set out above.

Hosting
The services for hosting and displaying the website are partly provided by our service providers as part of processing on our behalf. Unless otherwise stated in this privacy policy, all access data and all data collected in forms provided for this purpose on this website are processed on their servers. If you have any questions about our service providers and the basis of our cooperation with them, please use the contact options described in this privacy policy.

Our service providers are located and/or use servers in the following countries for which the European Commission has determined an adequate level of data protection: Israel, South Korea, USA.

The adequacy decision for the USA serves as the basis for the transfer to third countries, provided that the respective service provider is certified. Certification is available.

Our service providers are located and/or use servers in these countries: Taiwan, Brazil, Mexico, India, Ukraine, Guatemala, Philippines.
There is no adequacy decision from the European Commission for these countries. Our cooperation with you is based on these guarantees: European Union standard data protection clauses.

2. Data processing for contact and customer communication

contact

We collect personal data when you voluntarily provide it to us when contacting us (e.g. via contact form or email). Mandatory fields are marked as such because in these cases we absolutely need the data to process your contact and you cannot send the contact without it. The data collected can be seen from the respective input forms. We use the data you provide to process your inquiries in accordance with Art. 6 Paragraph 1 Clause 1 Letter b of GDPR.

After your customer request has been fully processed, your data will be restricted for further processing and deleted after expiry of the tax and commercial retention periods in accordance with Art. 6 Paragraph 1 Clause 1 Letter c of GDPR, unless you have expressly consented to further use of your data in accordance with Art. 6 Paragraph 1 Clause 1 Letter a of GDPR or we reserve the right to use the data in any other way that is permitted by law and about which we will inform you in this declaration.

3. Advertising by email

3.1 Email newsletter with registration and newsletter tracking
If you subscribe to our newsletter, we use the data required for this or separately provided by you to regularly send you our email newsletter based on your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. You can unsubscribe from the newsletter at any time, either by sending a message to the contact option described below or via a link provided for this purpose in the newsletter. After unsubscribing, we will delete your email address from the list of recipients, unless you have expressly consented to further use of your data in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR or we reserve the right to use data beyond this, which is permitted by law and about which we inform you in this declaration.
We would like to point out that we evaluate your user behavior when sending the newsletter. For this purpose, we also analyze your interaction with our newsletter by measuring, storing and evaluating opening rates and click rates for the purpose of designing future newsletter campaigns ("newsletter tracking").

For this analysis, the emails sent contain single-pixel technologies (e.g. so-called web beacons, tracking pixels) that are stored on our website. In particular, we link the following "newsletter data" for the analyses

the page from which the page was requested (so-called referrer URL)

the date and time of the request

the description of the type of web browser used

the IP address of the requesting computer

the e-mail address,

the date and time of registration and confirmation

and the single-pixel technologies with your e-mail address or your IP address and, if applicable, an individual ID. Links contained in the newsletter may also contain this ID.

If you do not wish to receive newsletter tracking, you can unsubscribe from the newsletter at any time as described above.

The information will be stored for as long as you are subscribed to the newsletter.

3.2 Newsletter dispatch

Our service providers are located and/or use servers in the following countries for which the European Commission has determined an adequate level of data protection by decision Israel, South Korea, USA.

The adequacy decision for the USA applies as the basis for third country transfers, provided that the respective service provider is certified. Certification is available.

Our service providers are located and/or use servers in these countries Taiwan, Brazil, Mexico, India, Ukraine, Guatemala, Philippines.
There is no adequacy decision by the European Commission for these countries. Our cooperation with you is based on these guarantees: standard data protection clauses of the European Union.

4. Social-Media

4.1 Social buttons from Facebook (by Meta), Instagram (by Meta)
Social buttons from social networks are used on our website. These are only integrated into the page as HTML links so that no connection is established with the servers of the respective provider when our website is accessed. If you click on one of the buttons, the website of the respective social network will open in a new window of your browser, where you can click on the Like or Share button, for example.

4.2 Our online presence on Facebook (by Meta), Instagram (by Meta)
If you have given your consent to the respective social media operator in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR, your data will be automatically collected and stored for market research and advertising purposes when you visit our online presences on the above-mentioned social media, from which user profiles are created using pseudonyms. These can be used, for example, to place advertisements within and outside the platforms that presumably correspond to your interests. Cookies are generally used for this purpose. For detailed information on the processing and use of data by the respective social media operator as well as a contact option and your rights and settings options for protecting your privacy, please refer to the providers' data protection notices linked below. If you still need help in this regard, you can contact us.

Facebook (by Meta) is a service provided by Meta Platforms Ireland Ltd, Block J, Serpentine Avenue, Dublin 4, Ireland ("Meta Platforms Ireland"). The information automatically collected by Meta Platforms Ireland about your use of our online presence on Facebook (by Meta) is usually transferred to a server of Meta Platforms, Inc, 1601 Willow Road, Menlo Park, California 94025, USA and stored there. Data processing in the context of a visit to a Facebook (by Meta) fan page is based on an agreement between jointly responsible parties in accordance with Art. 26 GDPR. Further information (information on Insights data) can be found here.

The adequacy decision for the USA applies as the basis for third country transfers, insofar as the respective service provider is certified. Certification is available.

Our service providers are located and/or use servers in these countries Australia, Hong Kong, India, Indonesia, Malaysia, Singapore, Thailand, Taiwan, Brazil, Mexico.
There is no adequacy decision by the European Commission for these countries. Our cooperation with you is based on these guarantees: Standard data protection clauses of the European Commission.

Instagram (by Meta) is an offer of Meta Platforms Ireland Ltd, Block J, Serpentine Avenue, Dublin 4, Ireland ("Meta Platforms Ireland") The information automatically collected by Meta Platforms Ireland about your use of our online presence on Instagram is usually transmitted to a server of Meta Platforms, Inc, 1601 Willow Road, Menlo Park, CA 94025, USA, Menlo Park, California 94025, USA and stored there. Data processing in the context of a visit to an Instagram (by Meta) fan page is based on an agreement between jointly responsible parties in accordance with Art. 26 GDPR. Further information (information on Insights data) can be found here.

The adequacy decision for the USA applies as the basis for third country transfers, insofar as the respective service provider is certified. Certification is available.

Our service providers are located and/or use servers in these countries Australia, Hong Kong, India, Indonesia, Malaysia, Singapore, Thailand, Taiwan, Brazil, Mexico.
There is no adequacy decision by the European Commission for these countries. Our cooperation with you is based on these guarantees: standard data protection clauses of the European Commission.

Translated with DeepL.com (free version)

5. Contact options and your rights

5.1 Your rights
As a data subject, you have the following rights

in accordance with Art. 15 GDPR, the right to request information about your personal data processed by us to the extent specified therein

in accordance with Art. 16 GDPR, the right to request the immediate rectification of incorrect or incomplete personal data stored by us

in accordance with Art. 17 GDPR, the right to request the erasure of your personal data stored by us, unless further processing is necessary

to exercise the right to freedom of expression and information

for compliance with a legal obligation;

for reasons of public interest or

is necessary for the establishment, exercise or defense of legal claims;

in accordance with Art. 18 GDPR, the right to demand the restriction of the processing of your personal data, insofar as

the accuracy of the data is disputed by you

the processing is unlawful, but you oppose the erasure of the data

we no longer need the data, but you need it for the establishment, exercise or defense of legal claims; or

you have objected to the processing pursuant to Art. 21 GDPR

in accordance with Art. 20 GDPR, the right to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request transmission to another controller

in accordance with Art. 77 GDPR, the right to lodge a complaint with a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our company headquarters.

Right to object

If we process personal data as explained above in order to protect our legitimate interests, which outweigh your interests, you can object to this processing with effect for the future. If the processing is carried out for direct marketing purposes, you can exercise this right at any time as described above. If the processing is carried out for other purposes, you only have the right to object if there are grounds relating to your particular situation.

After exercising your right to object, we will no longer process your personal data for these purposes unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or if the processing serves the establishment, exercise or defense of legal claims.

This does not apply if the processing is for direct marketing purposes. In this case, we will no longer process your personal data for this purpose.

5.2 Contact options
If you have any questions regarding the collection, processing or use of your personal data, information, correction, restriction or deletion of data as well as revocation of consent given or objection to a specific use of data, please contact us directly using the contact details in our legal notice.