Data privacy

1) Data Protection at a Glance

General information:
The following information provides a clear and simple overview of what happens to your personal data when you visit our website. Personal data is any information that can identify you. Please find more detailed information on data protection in the following paragraphs.

Data Collection on Our Website:
Who is responsible for data collection on this website
The provider of the website accounts for the processing of data on this website. Please find the contact details of the responsible controller in paragraph 2 of this Privacy Statement.

How we collect your data:
Your data is collected when you communicate it to us. You may enter information about you in a contact form, for example.
Other information is automatically collected by our IT systems when you visit our website. This includes mainly technical data (e. g. the Internet browser you use, your operating system, or the time when you view a page). This data is automatically collected as soon as you access our website.

How we use your data:
Part of the data we collect is used to ensure that our website runs smoothly. Other data can be used to analyse your behaviour as a user.

Your rights related to your personal data:
You have the right to obtain information free of charge on the origin, recipient and purpose of your personal data that we store at any time. In addition, you have the right to demand rectification, blocking or deletion of this data. You also have the right to lodge a complaint with a supervisory authority.
Analytical Tools and Third-Party-Tools

When you visit our website, your surfing behaviour may be statistically evaluated. For this purpose we use cookies and so-called analytical programmes. Usually, the analysis of your behaviour is anonymous; i. e. there is no trace back to you. You can object to being analysed or prevent such analysing by avoiding the use of certain tools. Here we refer to the paragraph “Third-Party-Modules and Analytical Tools” of our Privacy Statement for further information.
You can object to this type of analysing. Your options how to raise an objection are given in this Privacy Statement.

2) General Information and Mandatory Information

Data Protection:
The providers of these websites take the protection of your personal data very seriously. We treat your personal data confidentially and comply with the legal provisions on data protection as well as with this Privacy Statement.
When you are using this website, various data related to your person are collected. Personal data is any information that can identify you. In this Privacy Statement we explain what kind of data we collect and to what end we use it. It also explains how and for what purpose we use it.

We want to point out that data transmission over the Internet (e. g. communication via e-mail) can bear a safety risk. It is not possible to fully protect your data from third-party access.

Information on the Responsible Body:
The controller for data processing on this website is:

FELIX KOCH OFFENBACH Couleur und Karamel GmbH
represented by the managing directors Leo Koch and Mario Friedmann
Lindenstr. 70
63071 Offenbach/Main
Phone: +49 69 985 420-0
E-Mail:

The controller is a natural or legal entity that decides individually or jointly with others on the purposes and means of processing personal data (e.g. names, e-mail addresses, or similar).

Your confidence means a lot to us. Therefore, we strive to provide you with information on the processing of your personal data at any time. If you have any questions left unanswered by this Privacy Statement or if you wish to receive more detailed information on a certain issue, please refer to our data protection officer.

Contact Details of our Data Protection Officer
FELIX KOCH OFFENBACH Couleur und Karamel GmbH
Data Protection Officer
Lindenstr. 70
63071 Offenbach/Main
E-mail:

Withdrawal of Your Consent to Data Processing:
Many data processing jobs may only be performed provided you have given your express consent. You may withdraw your consent at any time. All you need to do is to send an informal e-mail to our data protection officer. The withdrawal will not affect the legitimacy of data processing up to the time of your withdrawal.

SSL- or TLS-Encryption:
This website is using SSL- or TLS encryption to safeguard and protect the transmission of confidential contents such as orders or enquiries that you address to us as the provider of this website. You will recognise that an encrypted connection is used when the address bar of your browser changes from “http://” to “https://” and displays a lock symbol.
When SSL- or TLS-encryption is activated, the information you are transmitting to us cannot be read by third parties.

Information, Blocking, Deletion:
You have the right to ask for information on your personal data stored, their origin and recipients and the purposes of data processing, and, if applicable, the right to rectification, blocking or deletion of this data in accordance with the applicable legal provisions at any time free of charge. You are free to contact our data protection officer using the above postal or e-mail address at any time.

Right to Portability:
You have the right to have data that we are automatically processing with your consent or in the fulfilment of a contract, transferred to you or a third party in a common, machine-readable form. If you wish to have the data transferred directly to another controller, we will only do so if this is technically feasible.

Objection to Advertising E-Mails:
We object to the usage of contact details disclosed in accordance with legal obligations for the purpose of sending unsolicited advertising or information materials. The providers of this website expressly reserve the right to take legal action in the event of sending unsolicited advertising information such as spam e-mails.

3) Data Collection on Our Website

Cookie-Einwilligung mit Winning Solutions Cookie:
Our website uses Winning Solutions’ cookie consent technology to obtain your permission to store certain cookies in your browser and to document this in compliance with data protection regulations. The provider of this technology is Winning Solutions, Nagel & Mäder GbR, Bienenstück 34, 56072 Koblenz.

When you visit our website, a cookie (cookiedisallow) is stored in your browser, which records the consents you have given or the withdrawal of those consents. This data is not shared with the provider of Winning Solutions Cookie.

The collected data is stored until you ask us to delete it, you delete the WS cookie yourself, or the purpose for storing the data no longer applies. Mandatory statutory retention periods remain unaffected. Details of data processing by Winning Solutions Cookie: the “cookiedisallow” cookie stores the following information: cookie lifetime, cookie version, domain and path of the WordPress website, consents, UID. If you want to change your cookie settings, button_cookiedisallow text=“YOU CAN DO THAT HERE”]. The use of Winning Solutions’ cookie consent technology is to obtain the legally required consents for the use of cookies. The legal basis is Art. 6(1) sentence 1 lit. c GDPR.

Server Log Files:
The provider of these web pages automatically collects and stores information in server log files that your browser automatically transmits to us:
• details on the type of browser and the version used
• user operating system
• user Internet service provider
• user IP address
• date and time of access
• websites from which the user’s system gets to our Internet site
• websites called by the user’s system via our website

This data is not merged with other data sources.
Here data processing is based on Article 6 paragraph 1 lit. b GDPR allowing the data processing for the purposes of contract performance or in order to take measures prior to entering into a contract.

Contact Form:
If you use our contact form for enquiries we will store the details you entered in the enquiry form including the contact data entered for the processing of your enquiry and for the case of any subsequent queries. We will not pass this information on without your consent.

Therefore, the data you entered in the contact form will only be processed when you have given your consent (Article 6 paragraph 1 lit. a GDPR). You may withdraw your consent at any time. All you need to do is to send an informal e-mail to us. The withdrawal will not affect the legitimacy of data processing up to the time of your withdrawal.

The details that you entered in the contact form remain with us until you request their deletion, withdraw your consent to their retention, or the purpose for keeping the data ceases to exist (e.g. when the processing of your enquiry is completed). Mandatory legal provisions – in particular retention times – remain unaffected.

4) Plugins and Tools

Google Fonts (local embedding):
This website uses so-called Google Fonts provided by Google to ensure the uniform use of fonts on this site. These Google fonts are locally installed so that a connection to Google’s servers will not be established in conjunction with this application.

For more information on Google Fonts, please follow this link: https://developers.google.com/fonts/faq and consult Google’s Data Privacy Declaration under: https://policies.google.com/privacy?hl=en.

Cloudflare Turnstile:
We use “Cloudflare Turnstile” on this website. The provider is Cloudflare Inc., 101 Townsend St., San Francisco, CA 94107, USA (hereinafter “Turnstile”).

Turnstile is used to check whether the data input on this website (e.g., in a contact form) is done by a human or by an automated program. For this purpose, Turnstile analyzes the behavior of the website visitor based on a number of characteristics.

This analysis starts automatically as soon as the website visitor enters a website that uses Turnstile. For the analysis, Turnstile evaluates various information (e.g., IP address, time spent on the website or mouse movements made by the user). The data collected during the analysis is forwarded to Cloudflare.

The storage and analysis of the data is based on Art. 6 (1)(f) GDPR. The website operator has a legitimate interest in protecting his web offerings from abusive automated spying and from Spam. If such consent has been obtained, the data will be processed exclusively on the basis of Art. 6 (1)(a) GDPR and § 25 (1) TDDDG, if the consent comprises the storage of cookies or access to information on the user’s device (e.g., device fingerprinting) as defined in the TDDDG (German Telecommunications Act). Such consent may be revoked at any time.

The processing of data is based on Standard Contract Clauses, which you can find here: https://www.cloudflare.com/cloudflare-customer-scc/.

For more information on Cloudflare Turnstile, please visit the privacy policy at: https://www.cloudflare.com/cloudflare-customer-dpa/.

The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link: https://www.dataprivacyframework.gov/participant/5666.

Wordfence:
We have included Wordfence on this website. The provider is Defiant Inc, Defiant, Inc, 800 5th Ave Ste 4100, Seattle, WA 98104, USA (hereinafter “Wordfence”).

Wordfence is designed to protect our website from unwanted access or malicious cyberattacks. To accomplish this, our website establishes a permanent connection with Wordfence’s servers, which check and block their databases against access to our website.

The use of Wordfence is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the most effective protection of his website against cyberattacks. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TDDDG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TDDDG. This consent can be revoked at any time.

Data transmission to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.wordfence.com/help/general-data-protection-regulation/.

Data processing

We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract mandated by data privacy laws that guarantees that they process personal data of our website visitors only based on our instructions and in compliance with the GDPR.