Data protection

1. Name and contact details of the controller and the company contact person for data protection

This privacy information applies to data processing by:

 

Responsible:

Choco Indio GmbH, Mülheimer Straße 17, 01159, Dresden, Germany

 

Email: info@chocoindio.de

Phone: +49 351 89993630

 

The company contact person for data protection at Choco Indio GmbH, Conrad Läseke, can be reached at the above address or at datenschutz@chocoindio.de.

 

2. Collection and storage of personal data and the nature and purpose of their use

When you visit our website www.chocoindio.de, the browser used on your device automatically sends information to our website server. This information is temporarily stored in a so-called log file. The following information is collected without your intervention and stored until automatically deleted:

• IP address of the requesting computer,

• Date and time of access,

• Name and URL of the retrieved file,

• Website from which access is made (referrer URL),

• browser used and, if applicable, the operating system of your computer as well as the name of your access provider.

We process the above data for the following purposes:

• Ensuring a smooth connection to the website,

• Ensuring comfortable use of our website,

• Evaluation of system security and stability as well as

• for further administrative purposes.

The legal basis for data processing is Art. 6 (1) (f) GDPR. Our legitimate interest arises from the purposes for data collection listed above. Under no circumstances will we use the collected data to draw conclusions about you personally.

Furthermore, we use cookies on our website.

 

3. Sharing of data

Your personal data will not be transferred to third parties for purposes other than those listed below.

We will only share your personal information with third parties if:

• You have given your express consent in accordance with Art. 6 (1) (a) GDPR,

• the transfer is necessary according to Art. 6 (1) (f) GDPR to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding legitimate interest in not transferring your data,

• in the event that there is a legal obligation to transfer data in accordance with Art. 6 (1) (c) GDPR, and

• this is legally permissible and is necessary for the processing of contractual relationships with you according to Art. 6 (1) (b) GDPR.

 

4. Cookies

We use cookies on our website. These are small files that your browser automatically creates and that are stored on your device (laptop, tablet, smartphone, etc.) when you visit our site. Cookies do not cause any damage to your device and do not contain viruses, Trojans, or other malware.

The cookie stores information related to the specific device used. However, this does not mean that we directly know your identity.

The use of cookies serves, on the one hand, to make using our services more pleasant for you. For example, we use so-called session cookies to recognize that you have already visited individual pages of our website. These are automatically deleted after you leave our site.

The data processed by cookies are necessary for the purposes mentioned to protect our legitimate interests and those of third parties in accordance with Art. 6 (1) (f) GDPR.

Most browsers automatically accept cookies. However, you can configure your browser to refuse cookies or to always prompt you before a new cookie is created. However, completely disabling cookies may prevent you from using all the features of our website.

 

5. Deletion or blocking of data

We adhere to the principles of data avoidance and data economy. We therefore only store your personal data for as long as necessary to achieve the purposes stated here or as required by the various retention periods stipulated by law. Once the respective purpose no longer applies or these periods expire, the corresponding data is routinely blocked or deleted in accordance with legal regulations.

 

6. Rights of data subjects

You have the right:

• to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data if it was not collected from us, and the existence of automated decision-making, including profiling, and, if applicable, meaningful information about its details;

• to request the immediate correction of incorrect or incomplete personal data stored by us in accordance with Art. 16 GDPR;

• to request the deletion of your personal data stored by us in accordance with Art. 17 GDPR, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;

• to request the restriction of the processing of your personal data in accordance with Art. 18 GDPR if you contest the accuracy of the data, the processing is unlawful but you refuse to delete it and we no longer need the data, but you need it to assert, exercise or defend legal claims or you have objected to the processing in accordance with Art. 21 GDPR;

• in accordance with Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request that it be transmitted to another controller;

• to revoke your previously granted consent at any time in accordance with Art. 7 (3) GDPR. This means that we may no longer continue the data processing based on this consent in the future and

• to lodge a complaint with a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority at your usual place of residence or work, or at our company headquarters. A list of supervisory authorities (for the non-public sector) with addresses can be found at: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

 

7. Right of objection

If your personal data is processed on the basis of legitimate interests pursuant to Art. 6 (1) (f) GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR, provided that there are reasons for doing so that arise from your particular situation or the objection is directed against direct advertising.

In the latter case, you have a general right of objection, which we will implement without specifying a particular situation.

If you wish to exercise your right of withdrawal or objection, simply send an email to datenschutz@chocoindio.de.

 

8. Data security

During your visit to our website, we use the widely used SSL (Secure Socket Layer) method in conjunction with the highest level of encryption supported by your browser. This is usually 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead.

You can tell whether a single page of our website is being transmitted in encrypted form by the closed display of the key or lock symbol in the lower status bar of your browser.

We use security measures to protect your data against accidental or intentional manipulation, partial or total loss, destruction, or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

 

9. Currentness and changes to this privacy policy

This privacy policy is currently valid and is dated May 26, 2025.

Due to the further development of our website and the offers made thereon or due to changes in legal or official requirements, it may become necessary to amend this data protection declaration.

You can access and print out the current privacy policy at any time on the website.