As the operator of this website, we at International Coffee Partners take the protection of your privacy and your personal data very seriously. For this reason, we treat your personal data as strictly confidential and adhere strictly to the data protection rules and regulations, in particular the European General Data Protection Regulation (“GDPR”).
Controller as defined by the GDPR and service supplier as defined by the German Telemedia Act (TMG) is:
International Coffee Partners GmbH
Coffee Plaza – Am Sandtorpark 4
Tel: +49 (0)40 808112 431
Fax: +49 (0)40 808112 433
1.2 Data protection officer
You can contact our data protection officer at
International Coffee Partners GmbH
Data Protection Officer
Coffee Plaza – Am Sandtorpark 4
Tel: +49 (0)40 808112 431
Fax: +49 (0)40 808112 433
1.3 Recipients of personal data
We will disclose this data to third parties only with your express permission given for this purpose or when the disclosure is necessary for the provision of the service or when we are required to do so by law or by an order of court or an administrative authority.
In some cases, we use external service providers who provide services for us within data processing agreements or other service contracts (especially IT services). We carefully select these external service providers, they are bound on our instructions and we regularly control them.
1.4 Period for which the personal data will be stored
The personal data will be deleted when they are no longer necessary for the purposes for which they were stored.
We will not erase your data if a retention is necessary due to statutory storage obligations or in individual cases a longer storage is necessary due to the assertion or the possible assertion of claims against us in connection with a contract or pre-contractual measures. In case of legal retention requirements, the processing of the data will be restricted first and then will be deleted once the retention period has expired.
1.5 Your rights
- Article 15 of the GDPR: Right of access by the data subject You are entitled to request information about the personal data concerning you is being processes by Hanns R. Neumann Stiftung
- Article 16 of the GDPR: Right to rectification In the event that the data concerning you is incorrect or incomplete, you may obtain the rectification of inaccurate personal data.
- Article 17 of the GDPR: Right to erasure („right to be forgotten“) You may obtain the erasure of your personal data under the conditions of Article 17 of the GDPR. Your claim for erasure depends, among other things, on whether the data concerning you is still necessary to the purposes for which they were collected or otherwise processed.
- Article 18 of the GDPR: Right to restriction of processing You may obtain the restriction of processing your personal data under the conditions of Article 18 of the GDPR.
- Article 20 of the GDPR: Right to data portability You may request receiving your personal data, which you have provided to us, in a structured, commonly used and machine-readable format under the conditions of Article 20 of the GDPR.
- Article 21 of the GDPR: Right to object If we process your personal data based on point (f) or point (e) of Article 6 (1) of the GDPR you have the right to object, on grounds relating to your particular situation.
- Article 7 (3) of the GDPR: Right to withdraw your consent You have the right to withdraw your consent to the processing of your personal data at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
International Coffee Partners will be happy to respond to any queries regarding these rights of yours. Please contact us via e-mail or via message to the contact data given in the legal notice.
You also have the right to lodge a complaint with a supervisory authority if you consider that the processing of your personal data infringes the GDPR. The address of the competent authority is: Der Hamburgische Beauftragte für Datenschutz und Informationsfreiheit, Kurt-Schumacher-Allee 4, 20097 Hamburg, Germany.
1.6 Transmission of personal data to third countries
We only transfer your personal data to third countries outside the EU or the EEA (i) if the third country has an adequate level of protection, (ii) if appropriate or suitable safeguards are provided, (iii) if you gave your permission or (iv) if the transmission is permissible for other reasons, e.g. at your request to prepare and/or fulfil a contract with you.
If we transfer your personal data based on appropriate or suitable safeguards, you can obtain a copy via info(at)coffee-partners.org
1.7 Obligation to provide personal data
You are neither statutory nor contractually obliged to provide us with personal data. If you wish to conclude a service with us, it is necessary that you transfer your personal data to us. If you do not provide us with personal data in individual cases, you will not be able to conclude a contract with us or to obtain our services (e.g. newsletter, press release).
2. Data processing on our website
On our website, we collect three types of data: communication data, which your device provides to communicate with us, tracking data, which is generated when you use our website and personal contact information, which you provide to communicate with us or to use one of our services.
2.1 Data for technical or organisationally necessary purposes
We collect communication data on this website for technical or organisationally necessary purposes, especially to ensure an optimum viewing and security and stability of our website. Therefore, we collect the following data:
• IP address,
• date and time of the request,
• time zone difference to Greenwich Mean Time (GMT),
• content of the request (the actually requested part of the website),
• access status/HTTP status code,
• the quantity of data transmitted,
• the website you were referred from (referrer URL),
• web browser used,
• the operating system and its interface,
• Language and version of the browser software.
Legal basis for the collecting of this personal data is point (f) of Article 6 (1) of the GDPR.
We use so-called “cookies” to optimise this website. Cookies are small text files that are stored on your computer and that facilitate an analysis of the way you use the website. From the user’s perspective, cookies make websites more convenient to use. From the operator’s perspective, they enable the collection and analysis of statistical data about the use of the website to improve the website’s content. Cookies do not harm your computer, contain no viruses, and are deleted when they are no longer required. Legal basis for the collecting and processing of this personal data is point (f) of Article 6 (1) of the GDPR.
You could configure your browser’s settings in compliance with your wishes, e.g. refusing third party cookies or cookies in general. We would like to make you aware of the fact that in this case you might not be able to use all functions of this website.
This website uses two different kinds of cookies:
2.2.1 Transient cookies
Transient cookies, especially session cookies, are being deleted automatically once you close your browser. They save a so called session ID, which enables to match different requests of your browser to joint session. Thus, your computer could be recognized, once you return to our website. Session cookies are being deleted once you log out and close your browser.
2.2.2 Persistent cookies
Persistent cookies are being deleted automatically after a pre-defined period, which may vary for different cookies. You are able to delete these cookies in your browser’s security settings at any time.
2.3 Contact form
Alternatively, you could contact us via e-mail. In this case, we collect the personal data transmitted by the e-mail. Legal basis for the collecting and processing of this personal data is point (f) of Article 6 (1) of the GDPR. Thereby, processing the query is a legitimate interest as well. The same applies to queries we receive by post or telephone. The data concerned will be deleted when they are no longer necessary for the purposes for which they were stored. This is the case if the conversation is finished. The data stored at the time of sending the message will be deleted after seven days at the latest.
If you exercised the withdrawal or objection as mentioned in Section 1.5 the conversation could not be continued.
In this case, all personal data stored through the process of contacting this website will be deleted as mentioned in Section 1.4.
2.4 Newsletter/press release
With your consent you can subscribe to our newsletter or/and press release, which will keep you informed about our current projects.
Registration for our newsletter/press release is completed as part of a double opt-in process. This means you will receive an email after registering in which you will be asked to confirm your registration. This confirmation is required so that nobody can register with email addresses that do not belong to them. If you do not confirm your registration, your information will be blocked and automatically deleted after one month.
The newsletter registrations are recorded in order to be able to verify the registration process in accordance with legal requirements and, if necessary, to investigate any possible misuse of your personal data. This includes storing the time of registration and confirmation and the IP address. The changes to your data that is held by MailChimp are also recorded.
You only need to provide your email address to register for the newsletter/press release. If you also provide us voluntarily with your first and last name, this enables us to personalise our email. However, it is not strictly necessary to provide the first and last name to register for the newsletter or press release.
We will store your email address (first and last name) solely for the purpose of sending you the newsletter/press release. Legal basis for the collecting and processing of this personal data is point (a) of Article 6 (1) of the GDPR.
You have the right to withdraw your consent to the processing of your personal data at any time as mentioned in Section 1.5. You can withdraw your consent by clicking the “Unsubscribe” button set up in our newsletter/press release e-mails as well as in writing or by email to our above mentioned contact details.
The newsletter/press release is dispatched by “MailChimp”, a newsletter distribution platform of the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA.
The email addresses of our newsletter/press release recipients and their further details described in this information are stored on the MailChimp servers in the USA. MailChimp uses this information to send and evaluate the newsletters on our behalf. MailChimp can by its own admission also use this data to enhance or improve its own services, e.g. to technically enhance the dispatch procedure and display of the newsletter or for commercial purposes to be able to determine which countries the recipients are from. However, MailChimp will not use the data of our newsletter recipients to contact them itself or forward it to third parties.
2.5 Google Analytics
We have concluded a contract with Google for contract data processing and we have activated the “IP anonymisation” feature on this website. This means that Google will truncate your IP address within member states of the European Union or other Contracting States to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to Google servers in the United States and truncated there. Google uses this information on our behalf to analyse your use of this website, compile reports on the activity on Hanns R. Neumann Stiftung website, and to provide other services relating to website activity and internet use.
Google may also pass this information on to third parties in so far as this is required by law or if third parties process the data on Google’s behalf. Google will in no case ever associate your IP address with any other data held by Google. You can prevent cookies from being installed on your computer by setting your browser not to accept cookies. Please note that if you do this, however, some features of this website may no longer function properly.
We use Google Analytics to analyze and constantly improve the use of our website. Because of the statistics gained we are able to improve our offer and make it more interesting for you as a user. Regarding the exceptional cases, where personal data is transmitted to the United States, Google has subjected to the EU-US-Privacy-Shield, https://www.privacyshield.gov/EU-US-Framework. Legal basis for using Google Analytics is point (f) of Article 6 (1) of the GDPR.
You can prevent cookies from being stored by changing the relevant browser settings. Furthermore, you can prevent the collection of data generated by the cookie about your use of the website (including your IP address) and its processing by Google by downloading and installing the browser plug-in available at https://tools.google.com/dlpage/gaoptout?hl=en.
You can also prevent the collection of your data by Google Analytics by clicking on the following link. This sets an opt-out cookie which will prevent future collection of your data when visiting this website. Please note that if you delete your cookies, you will then have to re-activate the opt-out cookie. Google Analytics opt-out browser add-on https://tools.google.com/dlpage/gaoptout?hl=de.
You can prevent cookies from being stored by changing the relevant browser settings. Furthermore, you can also prevent the collection of your data by HeatMap by following the link https://heatmap.me/privacy and clicking the HeatMap opt-out cookie that applies to all sites using HeatMap.
2.7 Google Maps API
This website uses Google Maps API from Google to display an interactive local area map. By visiting our website, Google will receive the information that you accessed the respective sub-website of our website. The data mentioned in Section 2 of this privacy statement will also be transmitted. This will occur without regard to whether you are logged into a Google account or not. If you are logged in your data will be allocated with your account. You can prevent this allocation by logging out before usage. Google stores your data as usage profiles and uses it for advertising and market research purposes. This data processing occurs especially to create needs-based advertising and to inform other users of the social network about you visiting our website.
You have the right to object to these usage profiles. To do so, please contact Google.
2.8 Social plugins and feeds
This website uses social plugins and feeds, which help integrate the website with a number of social media platforms. This lets users send data to social media, by clicking on the respective logos or icons of the social media sites to “tweet”, “share” or “like” the content. At present, the website uses Facebook and Twitter plugins as well as Facebook, Twitter and Instagram feeds. Merely visiting our website will not result in any of your data being transferred to the social media platforms. Data will be transferred and stored on to social media sites by clicking on the corresponding social plugins or on buttons in the social media feeds. You could identify the plugin’s provider through the label at the button, its initial letter or its logo.
We have no control over the data collected and data processing processes, nor are we aware of the full extent of data collection, the purposes of processing and the storage periods. We also have no information on the erasure of the data collected by the plug-in or feed provider.
The transmission of the data will occur without regard whether you are logged into an account of the provider or not. If you are logged in your data will be allocated with your account. You can prevent this allocation by logging out before usage. The provider of the respective service stores your data as usage profiles and uses it for advertising and market research purposes. This data processing occurs especially to create needs-based advertising and to inform other users of the social network about you visiting our website. You have the right to object to these usage profiles. To do so, please contact the respective provider.
Legal basis for using social plugins is point (f) of Article 6 (1) of the GDPR.
Through the social plugins on our website you can use the services of the following providers and you get further information about their privacy policies on their websites:
2.8.1 Facebook Ireland Ltd.
Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland, http://www.facebook.com/policy.php; for more information to the data processing:
Facebook is certified under the US-EU data privacy agreement “Privacy Shield“. To learn more about the Privacy Shield Frameworks, and to view the certification of Facebook, visit the U.S. Department of Commerce’s Privacy Shield website, here [Please insert link: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active].
2.8.2 Twitter Inc.
Twitter, Inc., 1355 Market St, Suite 900, San Francisco, California 94103, USA; https://twitter.com/privacy. Twitter is certified under the US-EU data privacy agreement “Privacy Shield“. To learn more about the Privacy Shield Frameworks, and to view the certification of Twitter, visit the U.S. Department of Commerce’s Privacy Shield website, here [https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO].
2.8.3 LinkedIn Insight Tags
We use the “LinkedIn Insight Tag” of LinkedIn Corporation, 1000 W Maude Ave, Sunnyvale, CA 94085, USA (“LinkedIn”) on our website. It helps us with in-depth campaign reporting and insights about our website visitors. It can also be used to track conversions, retarget website visitors, and unlock additional insights about members interacting with our ads on LinkedIn.
The LinkedIn Insight Tag enables the collection of data regarding members’ visits to our website, including the URL, referrer, IP address, device and browser characteristics (User Agent), and timestamp. This data is encrypted, the IP addresses are truncated, and members’ direct identifiers are removed within seven days in order to make the data pseudonymous. This remaining, pseudonymized data is then deleted within 90 days.
LinkedIn does not share personal data with us, it only provides aggregated reports about the website audience and ad performance. LinkedIn also provides retargeting for website visitors, enabling us to show personalized ads off our website by using this data, but without identifying the member. LinkedIn members can control the use of their personal data for advertising purposes through their account settings.
If you are a LinkedIn member and do not want LinkedIn to collect information about you through our website and link it to your membership information held by LinkedIn, you must log out of LinkedIn before visiting our website. You can also disable the cookie here, regardless of your LinkedIn membership: Opt-Out.
2.8.4 Facebook Pixel
We use the “Facebook Pixel” of the social network “Facebook” of Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (Facebook) for the following purposes:
- Facebook (website) Custom Audiences
We use the Facebook pixel for remarketing purposes to be able to contact you again within 180 days. This allows us to display interest-based advertisements (“Facebook Ads”) to users of the website when they visit the social network Facebook or other websites also using this tool. In this way, we pursue the interest in displaying advertisements that are of interest to you in order to make our website or offers more interesting for you.
- Facebook conversion
We also use the Facebook Pixel to ensure that our Facebook Ads match the potential interest of users and are not annoying. With the help of the Facebook Pixel, we can track the effectiveness of Facebook ads for statistical and market research purposes by seeing whether users were redirected to our website after clicking on a Facebook ad (so-called “conversion”).
The processing of this data by Facebook takes place within the framework of Facebook’s data policy. Special information and details about the Facebook pixel and its functionality can also be found in the Facebook help area.
We are jointly responsible with Facebook for the collection and transfer of data in this process. This applies to the following purposes:
- The creation of individualized or suitable ads, as well as for their optimization
- Delivery of commercial and transaction-related messages (e.g. via Messenger)
- The following processes are therefore not covered by joint controllership:
- The process that takes place after the collection and transmission is within the sole responsibility of Facebook
- The preparation of reports and analyses in aggregated and anonymized form is carried out as a Processor and is therefore within our responsibility.
The contact details of the Controller and the data protection officer of Facebook can be found here: https://www.facebook.com/about/privacy.
We have agreed with Facebook that Facebook can be used as a contact point for the exercise of data subject rights. Without prejudice to this, the jurisdiction of the Rights of Data Subjects is not limited.
Further information on how Facebook processes personal data, including its legal basis and further information on the rights of data subjects can be found here: https://www.facebook.com/about/privacy. We transfer the data within the scope of joint controllership based on the legitimate interest pursuant to Art. 6 (1) f GDPR.
Information on the data security conditions can be found here. https://www.facebook.com/legal/terms/data_security_terms and on processing on the basis of standard contractual clauses can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum.
The “Facebook Custom Audiences” function can be deactivated in the Cookie Settings and for logged in users at https://www.facebook.com/settings/?tab=ads#.
Cookie lifetime: up to 180 days after last interaction (this applies only to cookies which have been set by this website)