The person responsible within the meaning of the Basic Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations:
Hilcona AG, based in Schaan / Principality of Liechtenstein
Phone: +41 58 895 95 95
Email: data-protection@hilcona.com
The data protection officer of the person responsible is:
Birgit Schmidinger
Hilcona AG, based in Schaan / Principality of Liechtenstein
Phone: +41 58 895 95 95
Email: data-protection@hilcona.com
We only process our users’ personal data when this is necessary to the provision of a properly functioning website and of our content and services. In addition, we only do so when there is a legal basis according to the provisions of the EU General Data Protection Regulation (“GDPR”) and the Swiss Federal Act on Data Protection (“FADP”). With regard to the FADP, the following shall refer to the current version that is valid until 30 August 2023 and (under the designation “FADP – new”) the version that shall be valid from 1 September 2023.
Every time that our website is visited, our system automatically collects data and information from the computer system from which the website is being visited. The following data are collected:
Information on the browser type (and version), operating system, internet service provider, server logs, IP address, date and time of access, last access, websites from which the user accesses our website, websites that are opened/accessed from our website, clickstreams.
The data are also saved in our system’s log files.
The temporary storage of the IP address by the system is necessary in order to provide the website to the user’s computer. To do this, it is necessary to store the user’s IP address for the duration of the session.
This is saved in log files to ensure the proper functioning of the website. These data also help us to operate the website and to ensure the security of our IT systems. This does not involve evaluating the data for marketing purposes.
For the purposes of this website, our data processing is performed on the following legal bases:
The legal basis for the temporary storage of data and log files is Article 6 para. 1 lit. f of the GDPR, as well as Article 13 of the FADP / Article 31 of the FADP-new, because the storage is necessary in order to safeguard the legitimate interests of our company or of a third party, and the interests, fundamental rights and fundamental freedoms of the data subjects do not override the aforementioned interests.
The data are deleted as soon as they are no longer required for the purpose for which they were collected. In the event that the data were collected for the provision of the website, this shall be the case when the session is concluded.
With regard to the storage of data in log files, this is the case after no more than seven days. It is possible that data may be stored past this point. In this case, the users’ IP addresses are deleted or anonymised such that they can no longer be attributed to the accessing client.
The collection of data for providing the website and the storage of data in log files is absolutely essential for operating the website. As a result, the user does not have a right to object to this storage. Should the user wish to prevent the collection and continued storage of their data, they must leave the website and avoid visiting this website in future.
Our website uses cookies. Cookies are text files that are saved in the internet browser / which the internet browser saves on the user’s computer system. If a user visits a website, a cookie can be saved in the user’s operating system. This cookie contains a characteristic string of characters that make it possible to definitively identify the browser the next time that the website is accessed.
The purpose of cookies to it simplify the use of the website for the user. We would not be able to offer some of our website’s functions without the use of cookies. These functions require that it be possible to recognise the browser after other websites have been visited.
We require cookies for the following applications:
Adoption of language settings, user-friendly configuration of the website, improving the navigation, optimising use, statistical analysis of the use by Google Analytics.
The following data are saved and transmitted in the cookies:
Language settings and information in the contact form
The user data collected by cookies that are required for technical purposes are not used for the creation of user profiles.
In addition to the technically necessary cookies, we also use cookies that are not technically necessary in order to make it possible to analyse the user’s surfing behaviour. The following data are processed in this manner:
Search terms entered, frequency of page impressions, utilisation of website functions
Analytical cookies are used for the purposes of improving the quality of our website and its content. We use analytical cookies to find out how the website is used, allowing us to continuously optimise what we offer.
When our website is visited, the user is informed that cookies are utilised for analytical purposes and their consent to the processing of their personal data in this regard is obtained. Reference is also made to this Privacy Policy in this regard.
Cookies are saved on the user’s computer and transmitted from there to our website. As a result, you – as the user – also have full control over the use of cookies. By changing the settings in your internet browser, you can deactivate or restrict the transmission of cookies. Cookies that have already been saved can be deleted by the user at any time through their web browser. This can also be done automatically.
If cookies are deactivated for our website, it is possible that the user will no longer be able to use the full scope of our website’s functions.
You can subscribe to a free newsletter on our website. It is also possible to receive newsletters by placing an order and contacting us on our website.
When registering for the newsletter, the following data from the input mask is transmitted to us:
User name, function, employer, art of gastronomy, email address, country, postal code, language, date and time of registration, consent to the privacy policy
The legal basis for the processing of the data after registration for the newsletter by the user is Art. 6 para. 1 lit. a GDPR (consent of the data subject) if the user has given his consent.
In connection with the data processing for the dispatch of newsletters, no data is passed on to third parties, with the exception of the Bell Food Group, i.e. the group of companies to which we belong. The data is forwarded for storage in central data centres of the Bell Food Group and for the preparation of analyses and strategies for the business activities of the Bell Food Group. This may be transferred to another EU or EEA country or to Switzerland.
The collection of the user’s e-mail address serves to send the newsletter. The collection of other personal data as part of the registration process serves to prevent misuse of the services or the e-mail address used and to document compliance with the GDPR.
The personal data of the user in connection with the newsletter will be deleted as soon as it is no longer necessary to achieve the purpose of its collection, i.e. the user cancels the newsletter.
The subscription to the newsletter can be cancelled by the user concerned at any time. For this purpose there is a corresponding link in every newsletter as well as an input mask on the Internet page under
http://newsletter-hilcona-en.mail-eur.net/
http://newsletter-hilcona.mail-eur.net/
http://newsletter-hilcona-fr.mail-eur.net/
This also makes it possible to revoke the consent to the storage of personal data collected during the registration process.
Our website offers the opportunity to access our recipe database. Some of these recipes are accessible to anyone without any further registration being required; the general data detailed above are collected when these recipes are accessed. In addition to the freely accessible recipes, tradespeople from the food service, catering, hospitality, hotel and other food industry sectors have the possibility to access a significantly larger database of recipes – registration is required for accessing this database. It is possible that the transmission of the following personal data of the tradesperson (in addition to the technical data) will be requested during the registration process:
The user’s name, position in their company, employer, type of restaurant/catering/food service business, type of operation (freelance/employee/shareholder, etc.), email address, postal address, country, postcode, phone number, language, date and time of registration, consent to the privacy policy, consent to being contacted, consent to the receipt of information about products, offers, campaigns and other marketing measures
In the event that the user has given their consent, the legal basis for processing the data after registering for the recipe database is provided by Article 6 para. 1 lit. a of the GDPR and Article 13 of the FADP / Article 31 of the FADP-new (consent of the data subject).
Registered users may be contacted by us in order to explore the opportunities for a business partnership.
No data are transmitted to third parties in relation to the data processing for the recipe database, except for within the framework of the Bell Food Group, i.e. the corporate group to which we belong. These data are forwarded for the purposes of storage in the Bell Food Group’s central data centres and for the performance of analyses and creation of strategies for the business activities of the Bell Food Group. It is possible that data may be transferred to other countries in the EU, the EEA or Switzerland in this regard.
The user’s personal data related to the recipe database are deleted as soon as they are no longer required for the purpose for which they were collected, i.e. when the user cancels their registration to the recipe database; in the event that there is no activity, we will use the registration information to contact the user at intervals that we have defined in order to inform them of their existing registration and to let them know that, should they remain inactive, their registration will be deleted and that their personal data – having fulfilled their purpose – will then be deleted automatically.
There is a contact form on our website that can be used to get into contact electronically. If a user takes advantage of this opportunity, the data they enter into this entry screen will be transmitted to us and saved. These data are:
The user’s name, email address, postal address, form of address, date and time of registration, consent to the privacy policy, and the user’s enquiry.
As an alternative, it is also possible to contact the company using the email address provided or to do so by telephone. In this case, the personal data that the user supplied with their email or by phone will be saved, and in particular the user’s email address and/or phone number.
No data are transmitted to third parties in this regard, except for within the framework of the Bell Food Group. These data are forwarded for the purposes of storage in the Bell Food Group’s central data centres and for the performance of analyses and creation of strategies for the business activities of the Bell Food Group. It is possible that data may be transferred to other countries in the EU, the EEA or Switzerland in this regard.
In the event that the user has given their consent, the legal basis for processing the data is provided by Article 6 para. 1 lit. a of the GDPR and Article 13 of the FADP / Article 31 of the FADP-new.
The legal basis for processing the data that are supplied when sending an email is provided by Article 6 para. 1 lit. f of the GDPR and Article 13 of the FADP / Article 31 of the FADP-new. Should the email contact have taken place for the purposes of concluding a contract, an additional legal basis for processing the data is provided by Article 6 para. 1 lit. b of the GDPR and Article 13 para. 2 lit. a of the FADP / Article 31 para. 2 lit. a of the FADP-new.
The processing of personal data from the entry screen is used by us solely for the purpose of facilitating communication with the user. In the event that contact is made via email, the required legitimate interest in processing these data is also given.
The personal data that are otherwise processed during the process of sending the email help to prevent any misuse of the contact form while ensuring the security of our IT systems.
The data are deleted as soon as they are no longer required for the purpose for which they were collected. With regard to personal data from the entry screen of the contact form and those data that are transmitted via email, this shall be the case if the respective conversation with the user has concluded. The conversation is considered to have ended if circumstances make it evident that clarification of the relevant issue has been completed.
Any other personal data that are collected during the process of sending the email will be deleted after a period of no more than seven days.
The user has the right to revoke their consent to the processing of their personal data at any time. If the user contacts us by email, they can object to the storage of their personal data at any time by sending an email to Foodservice@hilcona.com or data-protection@hilcona.com. Should this occur, it will not be possible to continue the conversation. If, on the account of communication that has already occurred, action should have been taken that triggers binding legal consequences for us or for the data subject, we are authorised to deny a request to delete the data insofar as our data processing can be justified according one of the legal bases specified in Article 6 of the GDPR.
All personal data that are saved in the context of contact being made will be deleted in this case.
In the event that your personal data are processed, you are the data subject in accordance with the GDPR and you have the following rights with respect to us as the responsible party:
Right to obtain information
You have the right to demand a confirmation from us as to whether or not we have processed your personal data. In the event that such data processing has taken place, you can request information on the following from us.
– the purposes for which your personal data have been processed;
– the categories of personal data that have been processed;
– the recipients / categories of recipients to whom your personal data have been revealed or to whom they will be revealed;
– the planned duration of storage for your personal data or, in the event that it is not possible to offer specific information here, the criteria according to which the duration of storage is determined;
– the existence of a right to the rectification or deletion of your personal data, a right to place restrictions on the processing of this data by us, or a right to object to this processing;
– the existence of a right to lodge a complaint with a competent supervisory authority;
– all available information on the origin of the data, if the personal data were not collected from the data subject themselves;
– the existence of an automated decision-making process including profiling pursuant to Article 22 para. 1 and 4 of the GDPR and – at least in these cases – meaningful information on the logic involved, as well as on the scope and desired effects of such processing for the data subject.
You have the right to demand information as to whether your personal data have been transmitted to a third country or to an international organisation. In this regard, you can demand that you be informed of suitable guarantees in accordance with Article 46 of the GDPR in conjunction with the data transfer.
Right to rectification
You have the right to the rectification and/or the supplementation of data, insofar as the personal data relevant to you that are processed are incorrect or incomplete. We must carry out the rectification without delay as soon as you have informed us of how these data should be collected and recorded properly.
Right to demand the restriction of data processing
In the following circumstances you have the right to demand that the processing of your personal data be restricted:
– if you contest the correctness of your personal data for a period that allows us to review the correctness of the personal data at issue;
– if the processing is unlawful and you decline to have the personal data deleted, but instead demand that the use of these personal data be restricted;
– if we no longer require the personal data for the purposes of the processing, but you still require these data for the establishment, exercise or defence of legal claims, or
– if you have lodged an objection to the processing and it has not yet been determined whether our legitimate reasons override your reasons.
In the event that the processing of your personal data has been restricted, these data – with the exception of their storage – may only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or of a Member State.
Should processing of the data have been restricted due to one of the aforementioned circumstances, you will be notified by us before any restriction is lifted.
Right to erasure (‘right to be forgotten’)
You have the right to demand that your personal data be deleted without delay, in which case we are obligated to delete these data without delay insofar as one of the following reasons should apply:
– your personal data are no longer required for the purposes for which they were collected or for which they were otherwise processed.
– you revoke the consent on which the processing of your data has been based, and there is no other legal basis on which the data could be processed.
– you object to the processing and there are no overriding legitimate reasons for the processing, or you object to the processing.
– Your personal data have been unlawfully processed.
– The deletion of your personal data is necessary in order to satisfy a legal obligation under European Union law or Member State law to which we are subject.
– Your personal data were collected in relation to services offered by the Information Society.
In the event that we have made your personal data public and are obligated under an applicable law to delete these data, we shall – taking into account the available technology and implementation costs – undertake appropriate measures, including of a technical nature, to inform the parties responsible for the data processing that you as the data subject have demanded the deletion of all links to these personal data and the deletion of these data and any copies or replicas of these personal data.
There is no right to erasure insofar as processing of the data is required
– in order to exercise the right to freedom of expression and information;
– to satisfy a legal obligation under which we are obligated to process the data according to European Union or Member State law to which we are subject, or for the performance of activities that are in the public interest or taking place for the exercise of official authority that has been vested in us;
– for reasons of public interest in the realm of public health;
– for archiving purposes that are in the public interest, for the purposes of scientific or historical research, or for statistical purposes, insofar as the right specified under Section a) is likely to render the achievement of the purposes of this processing impossible or to seriously impair it, or
– to establish, exercise or defend legal claims.
If you have asserted your right to the rectification, erasure or restriction of the processing of the data against us, we are obligated to inform all of the parties to whom your personal data have been revealed about this rectification or erasure of data or of the restrictions on the processing thereof, unless this should prove to be impossible or would require disproportional effort. You have the right to demand that we inform you of who these recipients are.
Right to data portability
You have the right to obtain the data pertaining to you that you have provided to us in a structured, standard and machine-readable format. Furthermore, you have the right to transfer these data to another responsible party without being hindered by us to whom the personal data were provided insofar as
– the processing is based on a consent or on a contract and
– the processing is taking place with the assistance of automated processes.
In exercising this right, you also have the right to see to it that your personal data are transferred by us directly to another responsible party insofar as this is technically feasible. The freedoms and rights of other persons must not be infringed hereby.
The right to data portability does not apply to the processing of personal data that are required for the performance of activities that are in the public interest or which are taking place for the exercise of official authority that has been vested in us.
Right to lodge an objection
You have the right, on grounds relating to your particular situation, to at any time object to the processing of your personal data; this also applies to profiling based on these provisions.
We will then cease processing your personal data unless we are able to demonstrate compelling legitimate grounds that override your interests, rights and freedoms, or if the processing serves the purposes of the establishment, exercise or defence of legal claims.
In the event that your personal data are processed for the purposes of direct marketing, you have the right to object at any time to the processing of your personal data for the purposes of such marketing activities; this shall also apply to profiling insofar as this is related to such direct marketing.
In the event that you object to processing for the purposes of direct marketing, your personal data will no longer be processed for these purposes.
You have the opportunity in conjunction with the use of services offered by the Information Society to exercise your right to object via automated procedures in which technical specifications are utilised.
Right to revoke a declaration of consent under data protection law
You have the right to revoke your declaration of consent under data protection law at any time. A revocation of your declaration of consent under data protection law does not impact the lawfulness of any data processing performed on the basis of this consent before the revocation.
Automated decision-making in individual cases including profiling
You have the right not to be subject to a decision based solely on automated means – including profiling – if the decision produces legal effects concerning you or significantly affects you in a similar way. The shall not apply if the decision
– is necessary for the conclusion or fulfilment of a contract between you and us,
– is permissible according to the legal provisions of European Union or Member State law to which we are subject, and these legal provisions contain appropriate measures for the protection of your rights and freedoms and of your legitimate interests or
– is made with your express consent.
Even so, these decisions may not be based on special categories of data nor on personal data that is particularly deserving of protection, insofar as statutory provisions have not been satisfied and appropriate measures for the protection of rights and freedoms and of your legitimate interests have not been taken.
With regard to the specified cases, we shall implement suitable measures to safeguard your rights and freedoms and your legitimate interests, including at least the right to obtain human intervention on our part, to express the point of view and to contest the decision.
Right to lodge a complaint with a competent supervisory authority
Notwithstanding other administrative or judicial remedies, you have the right to lodge a complaint with a competent supervisory authority, particularly within the Member State in which you are currently located, in which you work, or which is the location of the suspected violation, if you believe that the processing of your personal data is in violation of the provisions of the GDPR and/or the FADP/FADP-new.
The supervisory authority to which the complaint is submitted shall inform the complainant of the status and results of their complaint, including the possibility for judicial remedies.
Facebook plug-in
This website uses Facebook social plug-ins that are operated by Facebook Inc. (1 Hacker Way, Menlo Park, California 94025, USA). These are identifiable from the integration of the Facebook logo and/or of terms such as “Like” and “Share” in the Facebook colours (blue and white). You will find information on all the Facebook plug-ins at the following link: https://developers.facebook.com/docs/plugins/
The plug-in establishes a direct link between your browser and the Facebook servers. The website operator does not have any influence whatsoever on the nature or scope of the data that the plug-in transfers to Facebook Inc. You will find more information here:
https://www.facebook.com/help/186325668085084
The plug-in informs Facebook Inc. about who has visited this website. It is possible here that your IP address will be saved. If you are logged into your Facebook account when you visit this website, the aforementioned information will be linked with this.
If you utilise the functions of the plug-in – such as by sharing or “liking” a post – the corresponding information will also be communicated to Facebook Inc. If you would like to prevent Facebook. Inc. from linking this data to your Facebook account, please log out of your Facebook account before visiting this website.
Instagram plug-in
Our website uses plug-ins from Instagram that are operated by Instagram LLC., 1601 Willow Road, Menlo Park, CA 94025, USA (“Instagram”). These plug-ins are identified by an Instagram logo, such as in the form of an “Instagram camera”. You will find an overview of the Instagram plug-ins and their appearance here: http://blog.instagram.com/post/36222022872/introducing-instagram-badges
If you visit a page on our website containing one of these plug-ins, your browser establishes a direct connection to the Instagram servers. Instagram transmits the content of the plug-in directly to your browser and it is integrated into the web page. As a result of this integration, Instagram is informed that your browser has opened the corresponding page of our website, even if you do not have an Instagram profile or are not currently logged into Instagram. This information (including your IP address) is transferred from your browser directly to an Instagram server in the USA and saved there.
If you are logged into Instagram, Instagram can directly connect your visit to our website with your Instagram account. If you interact with the plug-ins – for example if you click on the “Instagram” button – this information will also be sent directly to an Instagram server and saved there. The information will also be published on your Instagram account and shown to your contacts there.
The purpose and scope of the data collection and the subsequent processing and utilisation of the data by Instagram, as well as your rights and the options available to you through settings to protect your privacy, can be found in Instagram’s privacy policy information:
https://help.instagram.com/155833707900388/
If you do not want Instagram to link the data collected through our website directly to your Instagram account, you must log out of your Instagram account before visiting our website. You can also prevent the loading of Instagram plug-ins by means of add-ons for your browser, for example by using the “NoScript” script blocker (http://noscript.net/).
LinkedIn plug-in
Our website uses plug-ins from the LinkedIn network. The provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA.
When a website containing LinkedIn functions is opened, a connection is established to LinkedIn, and LinkedIn is informed that the user at the corresponding IP address has visited the website in question. If the LinkedIn button is clicked on, it is possible for LinkedIn to connect this activity to the user’s LinkedIn account if the user is logged in to LinkedIn.
You will find more information on this in LinkedIn’s privacy policy at: https://www.linkedin.com/legal/privacy-policy .