PRIVACY POLICY

Thank you for your interest in our data protection practices at NewCoffee GmbH & Co. oHG (hereinafter also referred to as “NewCoffee” or “the Controller”). This Privacy Policy is designed to provide you with information on how we process your data in conjunction with your interaction with our online presences, in accordance with Art. 13 of the General Data Protection Regulation (GDPR).

  1. General principles

The protection of your personal data is extremely important to us. As such, we want to be transparent in informing you as to how we process your data. In this Privacy Policy, we provide you with information on the nature and scope of our processing of your personal data in conjunction with your interaction with NewCoffee’s online presences and contractual relationships with our business partners.

The term “personal data” refers to information that is or can be linked – either directly or indirectly – to you personally and your identity.

In particular, the legal basis for our processing of this data is provided by the General Data Protection Regulation (GDPR). We process your data exclusively in accordance with the legal regulations regarding the legally permissible purposes for data processing, which are described below. NewCoffee only passes your personal data on to third parties with your consent or where another legal basis for doing so exists. For more details, please read the paragraphs below.

We enlist the aid of service providers to help us with our technical infrastructure, the design of our websites and offerings and the provision of our services. In order to provide us with this support, said service providers may be granted access to your personal data. These service providers are contractually obliged to process data exclusively on the instruction of NewCoffee and to take all the necessary measures to ensure the protection and security of said data. Data is only processed in states outside the European Union or the European Economic Area in cases where the European Commission has determined that the state in question provides an appropriate level of data protection, or the Processor has agreed to “standard data protection clauses” under which they are obliged to maintain an appropriate level of data protection.
We take all the technical and organisational measures necessary to protect your personal data from loss, unauthorised access and misuse. Your information is transferred in encrypted form. This protects communications between you and our web server and helps to prevent the misuse of your data by third parties. We use TLS (Transport Layer Security) encryption.

  1. Controller and Data Protection Officer

1.1    Controller

The Controller of this website as per Art. 4(7) of the GDPR is:

NewCoffee GmbH & Co. oHG
Hockenheimer Straße 169
68775 Ketsch
E-Mail: datenschutz@newcoffee.de
Contact form

NewCoffee GmbH & Co. oHG is represented by the Managing Partner NewCoffee Verwaltungsgesellschaft mbH, which is headquartered in Ketsch, Germany, and governed by Mannheim District Court (German Commercial Register number: HRB 727480). In turn, NewCoffee Verwaltungsgesellschaft mbH is represented by its Managing Directors, Jens Daniel and Michael Körnig.

Insofar as individual acts of processing fall under a different controller’s scope of responsibility, we shall provide information to this effect in this Privacy Policy or in the form of a request for consent.

1.2    Data Protection Officer

The appointed Data Protection Officer for NewCoffee GmbH & Co. oHG is Kay-Thorsten Schuy.
You can contact the Data Protection Officer at the postal address provided above (please mark “FAO: Data Protection Officer”) or via the following e-mail address: datenschutz@newcoffee.de

III.   Individual processing procedures

  1. 1. Data processed for the purpose of providing the website and generating log files

Every time you log onto or attempt to log onto our website or use our services, data is saved in a log file and retained for 30 days. This data may include personal data, such as:

  • Your IP address
  • The date and time of your visit
  • The host name of the computer used to access the website
  • The website from which you connected to our website
  • Any websites you connect to from our website
  • The pages you visit on our website
  • Notification of whether your attempt to visit our website was successful
  • The data volume transferred
  • Information on your browser type and version
  • Information on your operating system

The data saved in our log files also includes data you enter on our website, such as your e-mail address. This data may be used for performance analysis purposes.

The temporary storage of this data is necessary in order to enable us to provide you with our website during your visit to it. Furthermore, data is also stored in log files in order to ensure the functionality of the website and the security of our IT systems.

This data processing serves our desire and duty to ensure the protection of your personal data, to guarantee data and operational security, and to provide protection from attacks (Art. 6, Para. 1(c) in conj. with Art. 32, GDPR), as well as our legitimate interest in guaranteeing the stability of our system, identifying technical faults, and ensuring the functionality of our websites and systems (Art. 6, Para. 1(f), GDPR).

  1. Contact

As our customer, you can send us your messages and questions at any time using our contact form or our e-mail address. By contacting us in this manner, you consent to the processing of the data you enter in said contact form or e-mail (Art. 6, Para. 1(a), GDPR). Should the data you enter in this context fall under a special category of data as per Art. 9, Para. 1 of the GDPR, you also consent to the processing of said special-category data (Art. 9, Para. 2(a), GDPR). If your reason for contacting us is connected to a contract between you and us, we will process your data in the context of the performance of said contract in accordance with Art. 6, Para. 1(b) of the GDPR. Your data will be used exclusively for the specific purpose of conducting and subsequently assuring the quality of this procedure, as well as for documentation purposes. The contents of your message(s) are associated with your e-mail address and saved. If you take part in a customer service survey, we will conduct an analysis based on said survey; we will save this analysis in our systems for three months for the purpose of optimising our services.

In order to enable us to respond to your enquiry promptly and with the appropriate level of expertise, we make use of the skills of our suppliers, contractual partners, and specialist departments within the ALDI SOUTH Group. Where necessary in order to process your enquiry, we will pass your enquiry on to said third parties and be notified with regard to the processing of your enquiry for the aforementioned purposes. Where the third parties in question are suppliers or contractual partners of ours, we cannot rule out the possibility that your data may be transferred to a third country outside the European Union. The level of data protection provided in said third country may differ from that enforced within the European Union. In the case of product enquiries and complaints, the consent you provide for the transfer of your enquiry shall also apply to any transfer to third countries (Art. 49, Para. 1(a), GDPR).

  1. Website technologies

If and insofar as you provide us with consent to do so, we will use tracking services and cookies to process personal and non-personal data in order to create pseudonymised user profiles. If and insofar as you do not provide us with said consent, our processing will be limited to an anonymous reach measurement and statistical analysis; no consent-dependent processing will take place. This is a measurement of success used to determine how customers respond to our web presence. The results of this measurement cannot be traced back to any individual person.

  1. a) General notes

On our website, we offer cookies, similar technologies (including some provided by third parties), and third-party content. The use of these technologies can lead to data transfer to providers in the USA. Since the USA is not deemed by the European Court of Justice to provide a suitable level of data protection, there are certain risks associated with this data transfer (data being accessed by US authorities; lack of legal remedies).

Some of these technologies are necessary in order for us to make our website and the functions contained therein available to you.

With your consent, we can offer you additional functions and content, carry out statistical analyses of the usage of our websites, and show you personalised (advertising) content. The legal basis for this data processing is provided by Art. 6, Para.1(a), (b) and (f) of the GDPR and Section 25, Para.1 of the German Telecommunications and Telemedia Data Protection Act (Telekommunikation-Telemedien-Datenschutz-Gesetz, TTDSG).

If and insofar as your consent is required for the use of these technologies, we will ask you the first time you visit the site to decide which, if any, use you consent to. Your consent applies solely to the NewCoffee website. It is valid for one year from either the moment you grant your consent or the date on which you last visited the website.

You can alter your original decision in the “Granting or revoking consent” section. Please note that this consent applies solely to the newcoffee.de website. For other websites, please use the settings options provided therein.

You can also revoke your consent using the opt-out links listed below. For more information on this, please consult your operating system’s Help or Search function.

  1. b) Granting or revoking consent for newcoffee.de: “cookie settings” in the footer section you can always revoke or change your cookie settings
  2. c) Technologies

OneTrust Advanced Analytics

We use the analysis service “Advanced Analytics” of OneTrust Technology Limited, 82 St John St, Farringdon, London EC1M 4JN, United Kingdom (UK) (hereinafter “Advanced Analytics”) on our website or app.

If you give us your consent for this, we use a OneTrust cookie to analyze technical problems of browser types and versions used and for banner optimization. The following data is processed in this:

  • Device type
  • Browser
  • Country code

If you do not want the processing described above by “Advanced Analytics”, you can deactivate the future storage of the described data in the OneTrust cookie within the cookie settings using the toggle control.

Adobe Experience Cloud

Some of our websites use services provided by Adobe Systems Software Ireland Limited, 4–6 Riverwalk, Citywest Business Campus, Dublin 24, Republic of Ireland (hereinafter referred to as “Adobe”).

These services use cookies. Where the information generated by a cookie on website usage is transferred to an Adobe server, the settings ensure that your IP address is truncated before it is saved. On behalf of the owner of this website, Adobe uses this information to analyse the usage of the website by the users, compile reports on the website’s activity, personalise the user experience, and provide the owner of the website with additional services relating to website and internet usage. The IP address transferred by your browser in conjunction with Adobe services is not associated with any other data in Adobe’s possession.

You can prevent the cookies from being saved on your device by altering your browser settings accordingly. You can also disable the collection of the data the cookie generates relating to your use of the website (e.g. your IP address) by Adobe and the processing of said data by clicking on this link: http://www.adobe.com.

  1. d) Cookies

Cookies are text files that are saved on your computer by your browser, contain information on your usage of our website, and enable our website to recognise you the next time you visit it. You can use your browser’s settings to either disable all cookies or delete the existing cookies that have already been placed on your device.
For more information on how to do this, please consult your browser’s Help function.
Every browser manages cookies in a different way. Your browser’s Help menu will explain exactly how your cookies are managed and how to alter your cookie settings. You can open the cookie settings for the most commonly used browsers by clicking on the links below:

The table below lists the cookies used by our website, together with their respective purposes and how long they remain functional for.

Services Cookie name Purpose Storage duration
Adobe Analytics s_vi Unique visitor ID 2 years
Adobe Analytics s_sq Adobe Analytics: Information on visitor’s journey Session
Adobe Analytics s_nr This cookie contains a Unix time stamp that indicates the current time and the visitor’s current status 365 days
Adobe Analytics s_cc This cookie detects whether cookies are enabled Session
Adobe Analytics s_ivc Saves information on the processing of the visitor’s journey (facilitates the evaluation of the total number of times all the pages have been visited) 30 minutes
Adobe Analytics gpv_pn Saves information on visitor’s journey (in this case: identification of the current page) 1 hour
Adobe Analytics s_vnc365 Saves information on the processing of the visitor’s journey (facilitates the evaluation of the total number of times all the pages have been visited) 365 days
Adobe Analytics s_fid Identifies unique visitors if the standard “s_vi” cookie is not available due to cookie restrictions imposed by third parties 2 years
Adobe Analytics adobeujs-optin Adobe: Consent management 390 days
OneTrust Advanced Analytics OptanonAlertBoxClosed Stores the information whether an interaction with the OneTrust Banner/Preference Center has taken place. 1 year
OneTrust Advanced Analytics OptanonConsent Includes the user decisions. 1 year
Adobe Experience Cloud ID Service AMCVS_95446750574EBBDF7F000101%40AdobeOrg Adobe: Shows the boot-up of a session Session
Adobe Experience Cloud ID Service AMCV_95446750574EBBDF7F000101%40AdobeOrg Adobe: Assigns a visitor ID for Experience Cloud Solutions 2 years
Adobe Experience Cloud ID Service s_nr365 Adobe: This cookie contains a Unix time stamp that indicates the current time and the visitor’s current status 365 days
Adobe Audience Manager demdex Adobe: Saves an ID for identification purposes on various ALDI SOUTH websites 181 days
Adobe Audience Manager dextp Adobe Audience Manager: Saves the time of the most recent data synchronisation 175 days
  1. Social Media

Thank you for visiting our company’s social media pages. The protection of your personal data is extremely important to NewCoffee. Our aim is not only to provide you with an interesting and comprehensive online experience, but also to protect your personality rights.

From a data processing perspective, the processing activities that fall within NewCoffee’s scope of responsibility as a Controller are distinct from those controlled exclusively by the owner of the social media platform in question. Furthermore, visits to our company’s social media pages can also result in processing activities that fall under the joint responsibility of ourselves and the owner of the platform in question.
Data processing activities carried out by NewCoffee:

NewCoffee uses third-party platforms in order to provide you with information on our company and make our products and services available to you. As part of this activity, NewCoffee processes all the messages, likes and content you transmit, share or otherwise add on our social media pages.

If and insofar as personal data is processed during communications between NewCoffee and the end consumer/applicant, this will be used for the purpose of processing customer feedback on our products and services, improving our products and services, and preparing applicant information. These data processing activities are based on Article 6, Para. 1(a) (consent), (b) (performance of a contract and steps prior to entering into a contract), (c) (compliance with legal obligations) and (f) (legitimate interest on the part of our company or a third party that does not override the interests or fundamental rights and freedoms of the data subject) of the GDPR.

Furthermore, we want to find out more about our customers’ opinions and their interactions with our products in order to enable us to better cater to our customers’ needs and provide optimum customer support. In this context, we may process any personal data you have published relating to NewCoffee on social media platforms (Facebook, Instagram, YouTube, Pinterest). The legal basis for these processing activities is provided by our legitimate interest in improving your needs as a customer (Art. 6, Para. 1, Cl. 1(f), GDPR). You have the right to object to the processing of your data at any time for reasons relating to your particular situation.

The data we collect is only passed on to service providers who have been enlisted to perform specific work for NewCoffee. Where service providers are headquartered in a third country, the appropriate level of data security is ensured by the conclusion of standard contractual clauses. You can receive detailed information on this by sending a request to the e-mail address specified in the “subject rights” section.

Unless stated otherwise in this Privacy Policy, your data is only saved in personalised form for as long as is necessary for the purpose for which it is processed, e.g. until such time as any guarantee periods, warranty periods, statutes of limitations or legal retention periods have expired.
For information on your rights as a data subject, please refer to the “subject rights” section.
Analysis-based data processing:

We process the data provided by the owners of the third-party platforms in question for the purpose of mapping out prepared statistical data in accordance with Art. 6, Para. 1(f) of the GDPR. For this purpose, we receive aggregated data that is not associated with any personal data and that enables us to draw conclusions regarding the success of our measures (e.g. total number of measures implemented by the platform owner, preferred visit and posting times) so that we can optimise our own posts. NewCoffee has no control over the compilation or provision of this data. The data processing activities conducted in conjunction with this procedure fall under the sole responsibility of the respective platform owner in its role as controller. For information on the nature and scope of the information pertaining to you that is provided to the owners of these third-party platforms, the data processing purposes associated with said information, the legality of said purposes, and how to exercise your rights, please refer to the privacy policies and further information published by the platform owners themselves:

LinkedIn: https://www.linkedin.com/legal/privacy-policy?_l=de_DE

  1. Information for our business partners and their employees

Information on the Controller
The data processing Controller is the company or companies of the ALDI SOUTH Group with whom your company is in a contractual relationship – in the present case: NewCoffee GmbH & Co. oHG (see Section II, Para. 1, above).

Categories of data

  • Master data and contact data
  • Data generated during the use of software applications and/or that is required for the use of said applications (e.g. user accounts)

Purpose and legal bases of the processing
The processing is conducted for the following purposes:

  • Facilitation of communication for the purpose of performing the contract between the business partner and the ALDI SOUTH Group. This also constitutes a legitimate interest on our part
  • Provision and maintenance of applications that are used jointly by ALDI SOUTH and the business partner
  • Reporting of defective products/provision of services
  • • Measures for the further processing and optimisation of contractual relationships

In addition to the purposes listed above, processing also takes place in order to ensure compliance with legal obligations, such as those enshrined in commercial or tax law regulations.

If you contact our Counsel of Trust, your data will only be processed within the ALDI SOUTH Germany Group if and insofar as you consent to it being passed on. All personal data is erased in accordance with our needs-based in-house erasure concept.
The legal basis for this processing is provided by Art. 6, Para. 1(a), (b), (c), and (f) of the GDPR.

Source of the data
The data is made available to us by you personally, the company for which you work, or other business partners, or is procured from publicly available sources.

Categories of recipient
The following categories of recipient receive the data:

  • Employees of other companies within the ALDI SOUTH Group
  • Service providers and their subcontractors, some of whom are based in third countries

Where subcontractors are headquartered in a third country, the appropriate level of data security is ensured by the conclusion of measures in accordance with Arts. 44 et seq. of the GDPR. More detailed information is available upon request from: datenschutz@newcoffee.de

Storage duration
Your personal data is erased under the following conditions:

  • Once the personal data is no longer required for the purposes for which it was originally collected or otherwise processed
  • Once the personal data is no longer required for the fulfilment of a legal obligation (e.g. once retention periods under tax and commercial law have expired)
  • Once the personal data is no longer required for the fulfilment of a contractual obligation
  1. Data subject rights

You can exercise your right of access and your rights to rectification, erasure, restriction of processing, and the data portability of your saved data at any time once the conditions listed in Arts. 15 et seq. of the GDPR have been met.
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on Article 6, Para. 1(f) of the GDPR.
To exercise your rights, please contact us at datenschutz@newcoffee.de.
If in doubt regarding your identity, we have the right to request further information from you in order to verify your identity. This measure is designed to ensure that we do not pass your personal data on to unauthorised persons or alter or erase it at their request.
NewCoffee’s Data Protection Officer is Kay-Torsten Schuy, e-mail: datenschutz@newcoffee.de. We hereby expressly inform you that the contents of any e-mail you send to the above e-mail address will also be seen by persons other than our Data Protection Officer. As such, if you wish to exchange confidential information, please use the following e-mail address to contact our Data Protection Officer directly:
If you believe that the processing of your personal data is in violation of legal provisions, you have the right to contact a competent supervisory authority. If you wish to take such action, you can contact the state or local data protection authority for your place of residence or for the area where the Controller is headquartered. The local data protection authority in charge of our online presence is the State Office for Data Security and Freedom of Information (Landesbeauftragte für Datenschutz und Informationsfreiheit) in Düsseldorf, Germany.