1. DATA PROTECTION AT A GLANCE

General information
We process personal data when you visit our website. We would like to inform you about this and your rights here. The following information provides a simple overview of what happens to your personal data when you visit our website. Personal data is all data with which you can be personally identified. You can find detailed information on the subject of data protection in our data protection declaration listed below this text.

DATA COLLECTION ON OUR WEBSITE

Who is responsible for data collection on this website?
The Data processing on this website is carried out by the website operator. You can find their contact details in the imprint of this website.

How do we collect your data?
Your data is collected by you sharing it with us. This can be e.g. This could, for example, be data that you enter in a contact form. Other data is automatically collected by our IT systems when you visit the website. This is primarily technical data (e.g. internet browser, operating system or time of page access). This data is collected automatically as soon as you enter our website.

What do we use your data for?
Part of the data is collected to ensure that the website is provided correctly. Other data can be used to analyze your user behavior.

What rights do you have regarding your data?
You have the right at any time to receive free information about the origin, recipient and purpose of your stored personal data to obtain. You also have the right to request that this data be corrected, blocked or deleted. You can contact us at any time at the address given in the legal notice for this or if you have any further questions about data protection. You also have the right to lodge a complaint with the responsible supervisory authority.

Analysis tools and third-party tools
When you visit our website, your surfing behavior can be statistically evaluated. This happens primarily with cookies and with so-called analysis programs. The analysis of your surfing behavior is usually anonymous; surfing behavior cannot be traced back to you. You can disagree with this analysis. We will inform you about the objection options in this data protection declaration.

OTHER DATA PROCESSING

Zeit für Brot Tel Aviv website
Click on the link to the Zeit website for bread Tel Aviv, you leave our website.

Online applications
If you want to apply to us online, you will be redirected to another website. There you will find detailed data protection information for online applications in the footer.

Google
If you would like to plan a route to one of our bakeries or leave a review, you will leave our website.

Google Web Fonts
Our website uses so-called web fonts provided by Google (Google Ireland Limited, Gordon House, Barrow.) to uniformly display certain fonts Street, Dublin 4, Ireland). When you access a page, the browser loads the required fonts directly from Google in order to be able to display them correctly on the device. The browser establishes a connection to Google’s servers. This gives Google knowledge that our websites are accessed via the IP address.

The use of Google web fonts only takes place after consent.

The data can also be sent to Google be transferred to the USA. Google has joined the EU-U.S. Subject to Transatlantic Data Privacy Framework.

More information about Google Web Font athttps://developers.google.com/fonts/faq and in Google's privacy policy:https://www.google.com/policies/ privacy.

Facebook
We maintain an online presence on Facebook and, within this framework, process data from active users there in order to communicate with them to communicate and to provide information about us. We would like to point out that user data may be processed outside the European Union. This can result in risks for users because, for example: B. the enforcement of your rights could be more difficult.

We are jointly responsible with the operator of Facebook (Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland) for the collection (but not for the further processing) of data from visitors to our Facebook page (so-called “fan page”). This data includes information about the types of content users view or interact with or the actions they take (see “Things you and others do and provide” in the Facebook Data Policy:https://www.facebook.com/policy) as well as information about the devices used by users (e.g. IP addresses, operating system, browser type, language settings, cookie data; see under “Device Information” in the Facebook Data Policy). As explained in the Facebook Data Policy, Facebook also collects and uses information to provide analytics services to site operators. We have concluded a special agreement with Facebook for this purpose. You can see the essence of this agreement here:https://www.facebook.com/legal/controller_addendum.

The user data will be stored in the Typically processed for market research and advertising purposes. User profiles can be created based on usage behavior and the resulting interests. These can be used to e.g. B. to place advertisements inside and outside of Facebook that presumably correspond to the interests of the users. For this purpose, cookies are usually stored on the users' computers, which are used to store the user's usage behavior and interests. In addition, data can also be stored in the usage profiles regardless of the devices used by the users (particularly if the users are members of Facebook and logged in there). For a detailed description of the respective processing and the objection options (opt-out), we refer to the data protection declarations and information from Facebook. Requests for information and the assertion of user rights can also be made most effectively there.

The processing of users' personal data is based on our legitimate interests in effectively informing users and communicating with users in accordance with Art. 6 Paragraph 1 Letter f GDPR. If the users are asked by the respective providers for their consent to data processing (i.e. they declare their consent, for example by checking a box or confirming a button), the legal basis for the processing is Section 25 TTDSG. For a detailed description of the respective processing and the objection options (opt-out), we refer to Facebook's general data protection declaration at:https://www.facebook.com/policy .

Instagram
We maintain an online presence on Instagram and, within this framework, process data from active users there in order to communicate with them and to offer information about us. We would like to point out that user data may be processed outside the European Union. This can result in risks for users because, for example: B. the enforcement of your rights could be more difficult.

We are jointly responsible with the operator (Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland) for the collection (but not for further processing ) of data from visitors to our site. This data includes information about the types of content users view or interact with or the actions they take (see “Things you and others do and provide” in the Instagram Privacy Policy,https://help.instagram.com/519522125107875), as well as information about the devices used by users (e.g. IP addresses, operating system, browser type, language settings, cookie settings). Data; see “Device information” in the privacy policy).

User data is generally processed for market research and advertising purposes. User profiles can be created based on usage behavior and the resulting interests. These can be used to e.g. B. to place advertisements inside and outside of Instagram that presumably correspond to the interests of the users. For this purpose, cookies are usually stored on the users' computers, which are used to store the user's usage behavior and interests. In addition, data can also be stored in the usage profiles regardless of the devices used by the users (especially if the users are members of Instagram and logged in there). For a detailed description of the respective processing and the objection options (opt-out), we refer to the data protection declarations and information from Instagram. Requests for information and the assertion of user rights can also be made most effectively there.

The processing of users' personal data is based on our legitimate interests in effectively informing users and communicating with users in accordance with Art. 6 Paragraph 1 Letter f GDPR. If the users are asked by the respective providers for their consent to data processing (i.e. they declare their consent, for example by checking a box or confirming a button), the legal basis for the processing is Article 6 Paragraph 1 Letter a GDPR. For a detailed description of the respective processing and the objection options (opt-out), we refer to Instagram's general data protection declaration athttps://help.instagram.com/519522125107875.

LinkedIn
We also maintain an online presence on LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland) to communicate with active users there and to provide information about us. We would like to point out that user data may be processed outside the European Union. This can result in risks for users because, for example: B. the enforcement of their rights could be more difficult.

Users' data is usually also processed for market research and advertising purposes. For example, B. usage profiles can be created from the usage behavior and the resulting interests of the users. The usage profiles can in turn be used, for example. B. to place advertisements inside and outside the platforms that presumably correspond to the interests of the users. For these purposes, cookies are usually stored on the users' computers, which are used to store the user's usage behavior and interests. Furthermore, data can also be stored in the usage profiles regardless of the devices used by the users (especially if the users are members of the respective platforms and are logged in to them).

The processing of the users' personal data takes place on Basis of our legitimate interests in effectively informing users and communicating with users in accordance with Article 6 Paragraph 1 Letter f GDPR. If the users are asked by the respective providers for their consent to data processing (i.e. they declare their consent, e.g. by ticking a checkbox or confirming a button), the legal basis for the processing is Section 25 Paragraph 1 TTDSG. For a detailed description of the respective processing and the objection options (opt-out), we refer to the information from LinkedIn: Data protection declaration:https://de.linkedin.com/legal/privacy-policy, possibility to object (opt-out):https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

In the case of information requests and the When asserting user rights, we would like to point out that these can most effectively be asserted with the provider LinkedIn. Only the provider has access to the user's data and can take appropriate measures and provide information directly.

2. GENERAL INFORMATION AND MANDATORY INFORMATION

Data protection
The operators of this website take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration.

When you use this website, various personal data is collected. Personal data is data with which you can be personally identified. This data protection declaration explains what data we collect and what we use it for. It also explains how and for what purpose this happens.

We would like to point out that data transmission over the Internet (e.g. when communicating via email) can have security gaps. Complete protection of data from access by third parties is not possible.

Note on the responsible body
The responsible body for data processing on this website is:

AF ZFB GmbH
rückerstraße 4
10119 Berlin

District Court Berlin-Charlottenburg; HRB 201848 B
Authorized managing directors: Stephan K. Heinrich, Arne Hennig
UST-ID: DE320837782

Contact our data protection officers can be found at datenschutz@novaras.info. The responsible body is the natural or legal person who, alone or jointly with others, decides on the purposes and means of processing personal data (e.g. names, email addresses, etc.).

Widerruf Deiner Einwilligung zur Datenverarbeitung
Many data processing operations are only possible with your express consent. You can revoke any consent you have already given at any time. All you need to do is send us an informal email. The lawfulness of the data processing carried out up to the revocation remains unaffected by the revocation.

Right to lodge a complaint with the responsible supervisory authority
In the event of data protection violations, the person concerned has the right to lodge a complaint with the responsible supervisory authority. The responsible supervisory authority for data protection issues is the state data protection officer of the federal state in which our company is based. A list of data protection officers and their contact details can be found at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriftte_Links/anschrift_links-node.html .

Right to data portability
You have the right to receive data that we process automatically based on your consent or in fulfillment of a contract processed and handed over to you or a third party in a common, machine-readable format. If you request the data to be transferred directly to another person responsible, this will only be done to the extent that it is technically feasible.

SSL or TLS encryption
For security reasons, this website uses and To protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator, SSL or TLS encryption. You can recognize an encrypted connection by the browser address line changing from “http://” to “https://” and by the lock symbol in your browser line.

If the SSL or TLS encryption is activated, the data that you transmit to us cannot be read by third parties.

Information, blocking, deletion
You have the right to In accordance with applicable legal provisions, you have the right to free information at any time about your stored personal data, its origin and recipient and the purpose of data processing and, if necessary, a right to correct, block or delete this data. You can contact us at any time at the address given in the legal notice for this purpose or for further questions on the subject of personal data.

3. DATA COLLECTION ON OUR WEBSITE

Cookies
Internet sites sometimes use so-called cookies. Cookies do not cause any damage to your computer and do not contain any viruses. Cookies serve to make our offering more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and that your browser stores.

Most of the cookies we use are so-called “session cookies”. They will be automatically deleted at the end of your visit. Other cookies remain stored on your device until you delete them. These cookies enable us to recognize your browser the next time you visit.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be restricted.

Cookies that are necessary to carry out the electronic communication process or to provide certain functions you require (e.g. shopping cart function) are used on the basis of Article 6 Paragraph 1 Letter f GDPR. The website operator has a legitimate interest in storing cookies in order to provide its services in a technically error-free and optimized manner. If other cookies (e.g. cookies to analyze your surfing behavior) are stored, these will be treated separately in this data protection declaration.

Server log data
The provider of the pages collects and automatically saves information in so-called server log files, which your browser automatically transmits. These are primarily:

• Browser type and browser version

• Operating system used

• Referrer URL (origin address)

• Date and time of the server request| ||189

• IP-Adresse

This data is stored separately from other data that you may transmit to us and not with Data from other sources is brought together.

The basis for data processing is Art. 6 Paragraph 1 Letter f GDPR, which allows the processing of data based on legitimate interests. In this case, there is a legitimate interest in secure and trouble-free operation of the web server. To ensure this, the administration must be able to detect and understand attacks and system malfunctions via server log files. In order to be able to recognize attack patterns, access to the server must be saved. As soon as this data is no longer needed, it will be deleted. For technical reasons, the data is available to the hosting service provider, who is, however, bound to our instructions and contractually obliged.

Plausible Analytics
We use the web analysis service “Plausible Analytics” to In order to better understand the use of our website by visitors.

For analysis purposes, the following is recorded in particular: date and time of your visit, title and URL of the pages visited, incoming links, the country in which you are located and the user agent of your browser software. This information is processed pseudonymously and anonymized after one day.

The legal basis for this data processing is Article 6 Paragraph 1 Letter f GDPR. Our legitimate interests are to be able to analyze the use of our offer and then optimize it.

Data will not be transferred to Plausible Insights OÜ or third parties.

Further information on data processing by You can find Plausible athttps://plausible.io/data-policy.

4. DATA PROTECTION INFORMATION FOR VIDEO SURVEILLANCE IN OUR BAKERIES

In order to exercise house rules and prevent and investigate possible crimes, we partially monitor our bakeries via video. Responsible for this video surveillance is:

AF ZFB GmbH
rückerstraße 4
10119 Berlin

novaras.info

Kontakt zu unseren Datenschutzbeauftragten findest Du unter datenschutz@novaras.info.

The purposes and legal basis are the exercise of domestic rights and the prevention and investigation of possible crimes. The legal basis is the protection of our legitimate interests. We store the data for a maximum of 72 hours and then delete it automatically.

Information on the rights of those affected
The person affected by these measures has the right to obtain confirmation of this from the person responsible to request whether personal data concerning them is being processed. If this is the case, he or she has the right to information about this personal data and to the information listed in detail in Art. 15 GDPR.

The data subject has the right to request that the person responsible immediately correct it to request the relevant incorrect personal data and, if necessary, the completion of incomplete personal data (Art. 16 GDPR).

The data subject has the right to request that the person responsible delete personal data concerning them immediately if one of the reasons listed in detail in Article 17 GDPR applies, e.g. B. if the data is no longer needed for the purposes pursued (right to deletion).

The data subject has the right to request that the controller restrict processing if one of the reasons specified in Article 18 The requirements listed in the GDPR are met, e.g. B. if the data subject has objected to the processing, for the duration of the review by the controller.

The data subject has the right to object at any time for reasons arising from his or her particular situation to object to the processing of personal data concerning you. The person responsible will then no longer process the personal data unless he can demonstrate compelling legitimate reasons for the processing which outweigh the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims (Art . 21 GDPR).

Every data subject has the right to lodge a complaint with a supervisory authority, without prejudice to any other administrative or judicial remedy. if the data subject is of the opinion that the processing of personal data concerning him or her violates the GDPR (Article 77 GDPR). The data subject may exercise this right before a supervisory authority in the Member State of his or her place of residence, place of work or place of the alleged infringement. The responsible supervisory authority for data protection issues is the state data protection officer of the federal state in which the respective store is located. A list of the data protection officers and their contact details can be found at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschrift_links-node.html .