PRIVACY POLICY
1. General
In accordance with Article 13 of the GDPR, the following privacy notice provides an overview of how we process your personal data when you visit our website.
The subject of data protection is personal data. According to Article 4(1) of the GDPR, this refers to any information relating to an identified or identifiable natural person. This includes details such as name, postal address, email address, telephone number and payment details.
Below, we provide detailed information on how we handle your personal data.
Data Controller and Data Protection Officer
Name and Contact Details of the Data Controller:
Freeze-Dry Foods GmbH
Am Eggenkamp 8-10
48268 Greven
Germany
T +49 2571 507-0
Name and Contact Details of the Data Protection Officer:
Said-Elham Sadat
Martin Luther King Way 42-44
48155 Münster
Germany
T +49 251 7187903
2. Data Collection when you visite our Website
If you use our website purely for information purposes, i.e. if you do not register or otherwise provide us with information, we only collect the data that your browser transmits to our website's server (so-called 'server log files'). When you visit our website, we collect the following technical data, which is necessary for us to display the website to you:
- The page you visited
- The date and time of access
- The amount of data sent in bytes
- The source/link from which you accessed the page.
- The browser used
- Operating system used
- IP address used (where applicable, in anonymised form).
This processing is carried out in accordance with Article 6(1)(f) of the GDPR, based on our legitimate interest in improving the stability and functionality of our website. This data will not be disclosed or used for any other purpose. However, we reserve the right to retrospectively review the server log files should there be concrete indications of unlawful use.
For security reasons, and to protect the transmission of personal data and other confidential content (e.g. orders or enquiries to the controller), this website uses SSL or TLS encryption. You can recognise an encrypted connection by the “https://” string and the padlock symbol in your browser's address bar.
3. Cookies
Our website uses cookies. These are small text files stored by your browser on your device. Some cookies are essential for the reliable provision of key site functions. Without these cookies, certain sections or processes may not work properly. These cookies are usually deleted when you close your browser. The legal basis for this is Article 6(1)(f) of the GDPR and Section 25(2) of the TTDSG, as these cookies are strictly necessary in order to provide you with the content you have requested.
We only set any other cookies after obtaining your consent. The legal basis for this is Section 25(1) of the TDDDG in conjunction with Article 6(1)(a) of the GDPR. These include cookies for measuring reach or for statistical analysis, for example.
You can configure your browser to control whether cookies can be stored, and you can delete any cookies that have already been stored at any time. Please note that without technically necessary cookies, some of the website's functions cannot be used to their full extent.
The most common types of cookie are listed below for your reference:
- Session cookies: These are stored while you are actively using a website and enable a session ID, allowing you to remain logged in when navigating to another page, for example. They are deleted when you close your browser or once the session has ended.
- Persistent cookies: These are stored for a longer period in accordance with the set expiry date. This allows websites to remember settings such as your chosen language when you visit again. They are automatically deleted once the expiry date has passed.
- Third-party cookies: These cookies originate from integrated partners. They are used for purposes such as statistical analysis and marketing.
- Technically necessary cookies: These cookies provide basic functions, such as navigation and access to secure areas, and are required to ensure the website can be used without disruption. Some content cannot be provided without these cookies, as the browser must be recognised when changing pages. These cookies are deleted when the browser is closed. The legal basis for using these cookies is Article 6(1)(f) of the GDPR, as they serve our legitimate interest in enabling the use and provision of our website.
4. Hosting Webseite
Our website is hosted by an external service provider, Wix.com Ltd., located at 5 Yunitsman St., Tel Aviv, Israel. Any personal data collected via our website is processed on the hosting provider’s servers. This may include IP addresses, metadata, communication data, details of website visits and other data generated via our website.
This processing is carried out to provide our website securely, stably and efficiently, in accordance with Article 6(1)(f) of the GDPR. Our legitimate interest lies in providing professional and reliable online services.
We have concluded a data processing agreement with the hosting service provider in accordance with Article 28 of the GDPR. This ensures that the data is processed exclusively in accordance with our instructions and protected by appropriate technical and organisational measures.
In the context of the technical provision of the website, it cannot be ruled out that access to personal data from a third country may occur under certain circumstances. The European Commission has made an adequacy decision for Israel in accordance with Article 45 of the GDPR, meaning that an adequate level of data protection is guaranteed there.
5. Processing of Personal Data
a. Google Tag Manager
This website uses 'Google Tag Manager', a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereafter referred to as 'Google').
Google Tag Manager provides a technical framework for bundling various web applications, including tracking and analytics services. It also allows users to calibrate, control and apply conditions to these applications via a unified interface. Google Tag Manager itself does not store any information on users' devices or read such information. Nor does the service carry out any independent data analysis. However, when you visit a page, Google Tag Manager transmits your IP address to Google, where it may be stored. Transmission to Google LLC servers in the USA is also possible.
This processing only takes place if you have given us your express consent in accordance with Article 6(1)(a) of the GDPR. You can withdraw your consent at any time by deactivating the service via the 'Cookie Consent Tool' on our website, which will take effect in the future.
We have entered into a data processing agreement with the provider to ensure the protection of our website visitors' data and to prohibit unauthorised disclosure to third parties.
The provider has joined the EU-US Data Privacy Framework for data transfers to the USA, which ensures compliance with European data protection standards on the basis of an adequacy decision by the European Commission.
Further legal information on Google Tag Manager can be found at https://business.safety.google/intl/de/privacy/ and
https://policies.google.com/privacy?hl=de&gl=de
b. Google Analytics 4
This website uses Google Analytics 4, a web analytics service provided by Google Ireland Limited (Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland). GA4 is used for data processing on behalf of the controller, in accordance with Article 28 of the GDPR.
By default, Google Analytics 4 sets cookies when you visit the website, in order to collect certain information. This information includes, among other things:
- IP address (truncated to prevent direct personal identification).
- device data;
- downloads;
- browser plugins.
- user behaviour data;
- click path
- referrer URL
- approximate location.
Google will use data relating to you, based on so-called 'events', to analyse your use of this website on our behalf. This allows us to compile reports on website activity and provide further services related to website and internet usage. This enables us to understand your behaviour as a user and optimise our website accordingly.
When collected from within the EU, your IP address is first used on Google’s intra-European servers to derive location data, after which it is truncated. All data collected is subsequently transmitted to Google LLC in the USA for further processing.
GA4 will only process your personal data when the function is activated in the Consent Manager, and only with your explicit consent, in accordance with Article 6(1)(a) of the GDPR. You can withdraw your consent at any time by deactivating the service via the 'Cookie Consent Tool' on the website, which will take effect in the future.
The truncated IP address transmitted by your browser as part of Google Analytics is not merged with other data held by Google. Data collected through Google Analytics 4 is stored for two months and then deleted.
Further legal information regarding Google Analytics 4 can be found at https://business.safety.google/intl/de/privacy/,
https://policies.google.com/privacy?hl=de&gl=de and at https://policies.google.com/technologies/partner-sites
Demographic characteristics
Google Analytics 4 uses a special feature called 'demographic characteristics' to generate statistics that provide insights into the age, gender and interests of website visitors. This is achieved by analysing advertising data and information from third-party providers. This allows target groups to be identified for marketing activities. However, the data collected cannot be attributed to any specific individual and is deleted after being stored for two months.
Google Signals
Google Signals is an extension of Google Analytics 4 that may be used on this website to generate cross-device reports. If you have enabled personalised ads and linked your devices to your Google account and given your consent to the use of Google Analytics under Article 6(1)(a) of the GDPR, Google may analyse your usage behaviour across devices and create database models, including those relating to cross-device conversions. We do not receive any personal data from Google, only statistics. If you wish to stop cross-device analysis, you can disable the 'Personalised ads' feature in your Google Account settings. To do so, follow the instructions on this page: https://support.google.com/ads/answer/2662922?hl=de If you would like more information about Google Signals, please follow this link: https://support.google.com/analytics/answer/7532985?hl=de
c. LinkedIn Analytics (Insight Tags)
We use the LinkedIn Insight Tag on our website. This is an analytics and marketing tool provided by LinkedIn Ireland Unlimited Company at Wilton Place, Dublin 2, Ireland. The Insight Tag is a JavaScript code embedded on our website that enables us to track visitor behaviour and evaluate our marketing activities.
We use the LinkedIn Insight Tag to analyse user behaviour on our website, measure conversions, and optimise our advertising activities on LinkedIn. Furthermore, we can use the collected data to create target groups for personalised advertising (retargeting).
The following data is collected in particular when using the LinkedIn Insight Tag:
- IP address
- device and browser information
- Referrer URL
- Timestamp
- Page views and usage behaviour
- LinkedIn member ID (if applicable) provided you are logged in to LinkedIn
Your personal data will only be collected and transmitted to LinkedIn for tracking and analysis purposes if you give your consent, in accordance with Article 6(1)(a) of the GDPR and Section 25(1) of the TTDSG. You can opt out of LinkedIn’s conversion tracking at any time. You can do this by disabling the cookie via your browser or by not consenting to data processing via the cookie banner.
The recipient of the data is LinkedIn Ireland Unlimited Company. Please note that, after transmission, LinkedIn processes the data collected via the Insight Tag for tracking across various websites and for its own advertising purposes. We have no influence over this data processing. Further information on LinkedIn's processing of data can be found in their privacy policy: https://www.linkedin.com/legal/privacy-policy
Provided that LinkedIn carries this out on its own responsibility, the transfer of data to the USA cannot be ruled out. LinkedIn is certified under the EU-US Data Privacy Framework for the transfer and storage of personal data on servers in the USA (Article 46(2)(f) of the GDPR).
We do not store any personal data ourselves in connection with the LinkedIn Insight Tag. The retention period for data processed by LinkedIn is governed by its guidelines. According to LinkedIn, cookies are generally deleted after 90 days, while aggregated data may be stored for longer. In principle, LinkedIn retains your personal data for as long as necessary to provide its services.
6. Processing of Personal Data within the Company
a. Getting in touch
You can contact us in several ways: by email or by telephone. When you contact us, we will process any personal data you provide to us for the sole purpose of communicating with you.
This processing is based on Article 6(1)(b) of the GDPR if your enquiry relates to the performance of a contract or the implementation of pre-contractual measures. In all other cases, processing is based either on our legitimate interest in the effective handling of enquiries addressed to us (pursuant to Article 6(1)(f) of the GDPR), or on your consent (pursuant to Article 6(1)(a) of the GDPR), provided that this has been requested.
We will retain the data you provide until you request its deletion, withdraw your consent to its storage, or the purpose of storing the data is no longer applicable (e.g. once your enquiry has been processed). Mandatory legal provisions – in particular retention periods – remain unaffected.
b. Customer and Supplier Data
This data is processed in connection with the performance of our contracts with customers, as well as for the implementation of pre-contractual measures. Data processing is carried out for a variety of purposes based on customer needs, which may include sales/consultancy meetings and similar activities. Furthermore, we process personal data for the purpose of initiating and fulfilling contracts with suppliers and service providers, in accordance with Article 6(1)(b) of the GDPR.
c. Links (Social Media)
On our website, you will find links to our LinkedIn profile. Clicking on the relevant icon will redirect you directly to the LinkedIn website. Please note that from this point onwards, data such as your IP address, device information and pages visited may be transmitted to and processed by the respective platform operator. This will happen whether or not you have a user account with the social network in question or are logged in. Data processing is the responsibility of the respective provider. Further information can be found in the privacy policies of the relevant platforms.
We do not ourselves process any personal data of website visitors in this context.
Further information on LinkedIn’s privacy policy can be found at: https://de.linkedin.com/legal/privacy-policy
d. Applicant Details via E-Mail
We will process the data you have sent us as part of your application to assess your suitability for this role (or other vacancies within our company, where applicable) and to carry out the application process.
As part of this process, we will process the personal data you have provided to us in order to establish an employment relationship, based on Article 6(1)(b) of the GDPR. If the data is required for legal proceedings after the application process has ended, it may be processed on the basis of the requirements of Article 6 of the GDPR, particularly to pursue legitimate interests under Article 6(1)(f) of the GDPR. In this case, our interest is to assert or defend claims. Another legal basis is your consent under Article 6(1)(a) of the GDPR, and under Article 9(2)(a) of the GDPR where special categories of personal data are concerned (e.g. information regarding your health, religion, ethnic origin, political views or other 'sensitive' data). If you do not want us to process such special categories of data from the outset, we recommend that you do not provide this information and remove or redact it from your documents.
We will process and store your personal data for as long as is necessary to fulfil the purposes of the processing, or to comply with any contractual, legal or statutory obligations. Thereafter, the data will be deleted or its processing restricted. If no employment relationship is established following the conclusion of the application process, we will delete your data after six months. If you have consented to us storing your personal data, we will transfer it to our applicant pool. The data will then be deleted after two years. If you are offered a position as part of the application process, your data will be transferred to your personnel file.
As a general rule, data is not transferred to third parties.
e. Application via the Careers Page
If you start the application process via our careers page, you will first be redirected to the Maxime Media GmbH website, where you can view our job vacancies.
Please note that Maxime Media GmbH is solely responsible for data protection in relation to the operation of this website. Please note that the privacy policy on that website applies while you are visiting it. Maxime Media GmbH processes your personal data (e.g. IP address, device data, session data, etc.) in connection with your visit to this website in accordance with its policies.
7. Data Processor
In accordance with Article 28 of the GDPR, we pass on your data to service providers for the purpose of data processing on our behalf. These providers assist us in operating our website and associated processes. These include hosting providers, for example. Our service providers are strictly bound by our instructions and are contractually obliged to comply with them.
Below, we list the data processors with whom we work, unless we have already done so in the preceding text of this privacy policy. If data is transferred outside the EU or EEA, details of the adequate level of data protection will be provided.
Data Processor
Wix.com Ltd., Yunitsman 5 St, Tel Aviv, Israel
Purpose
Hosting
Appropiate Level of Data Procession
Adequacy decision by the European Commission
Data Processor
Google Ireland Ltd., Gordon House, 4 Barrow St, Dublin, D04 E5W5, Irland
Purpose
Webanalyzis (Google Analytics), Tag Administration Google Tag Manager)
Appropiate Level of Data Procession
Data Processing within the EU/EEA
For the USA: Standard Contractual Clauses (SCCs) Certified procedure (DPF)
8. Retention Period
Unless stated otherwise in this policy for specific cases, we will only retain personal data for as long as is necessary to fulfil the purposes for which it was collected. Your personal data will be deleted as soon as the purpose of processing it no longer applies. If there are legitimate grounds, as defined in Article 17(3) of the GDPR, that prevent deletion — for example, if there is a statutory retention obligation — the processing of the data will be restricted for the duration of these grounds.
9. Rights of the Data Subject
Under the applicable legal provisions, you have the right to access, rectify, supplement or erase your personal data, as well as the right to data portability and to restrict or object to its processing.
We take the protection of your data very seriously. To prevent personal data from being disclosed to third parties, please send your request by email or post to the above address, clearly identifying yourself.
a. Right of Access
You have the right to request information about the personal data that we process. You may request the following information:
- the purposes of processing;
- the categories of personal data;
- the categories of recipients to whom your data has been or will be disclosed;
- the intended retention period;
- the right to rectification, erasure, restriction of processing or objection;
- the right to lodge a complaint;
- where your data has not been collected by us, the origin of your data;
- the existence of automated decision-making, including profiling;
- where applicable, meaningful information regarding its details. (Art. 15 GDPR).
b. Right to Rectification or Completion
You have the right to request the rectification or completion of inaccurate or incomplete personal data held by us without undue delay (Art. 16 GDPR). (Art. 16 GDPR).
c. Right to Erasure
You have the right to request the erasure of any personal data that we hold about you, unless we need to keep it for the purposes of exercising the right to freedom of expression and information, complying with a legal obligation, reasons of public interest, or establishing, exercising or defending legal claims. (Art. 17 GDPR).
d. Right to Restriction of Processing
You have the right to request the restriction of the processing of your personal data in the following circumstances:
- you contest the accuracy of the data;
- the processing is unlawful, but you oppose its erasure;
- we no longer require the data, but you require it for the establishment, exercise or defence of legal claims;
- you have objected to the processing pursuant to Article 21 of the GDPR. (Article 18 GDPR)
e. Right to Data Portability
You have the right to data portability, i.e. the right to receive the personal data that we hold about you in a commonly used, machine-readable format. (Article 20 of the GDPR)
You also have the right to request that we transfer your personal data, which we process on the basis of your consent or in fulfilment of a contract and by automated means, to another controller in a commonly used, machine-readable format.
If you request the direct transfer of your data to another controller, this will only be carried out if it does not infringe the rights and freedoms of other individuals.
10. Right to Object
You have the right to object, at any time and for reasons relating to your particular situation, to the processing of your personal data carried out on the basis of Article 6(1)(f) of the GDPR.
If you do so, we will stop processing your personal data unless we can demonstrate compelling legitimate grounds for processing that override your interests, rights and freedoms, or unless the processing is necessary for us to establish, exercise or defend legal claims.
11. Right to Withdraw Consent
If we process your personal data based on your consent, you have the right to withdraw this consent at any time, which will take effect in the future.
If you withdraw your consent, we will delete the relevant data immediately, unless further processing is based on another legal ground (e.g. statutory retention periods).
Withdrawing your consent does not affect the lawfulness of any processing carried out prior to your withdrawal.
12. Right to Lodge a Complaint with the Supervisory Authority
You also have the right to lodge a complaint with the relevant data protection supervisory authority at any time. You can contact either the data protection supervisory authority of the federal state in which you are resident, or the authority of the federal state in which the controller is established.
The supervisory authority to which the complaint was submitted shall keep the complainant informed of the status and outcome of the complaint, including any possibility of a judicial remedy under Article 78 of the GDPR.
Competent supervisory authority:
Landesbeauftragte/r für Datenschutz und Informationsfreiheit
Nordrhein-Westfalen
Postfach 20 04 44
40102 Düsseldorf
Germany
T 0211/38424-0
E poststelle(at)ldi.nrw.de
13. Date of Last Privacy Policy Update
This privacy policy is current as of April 2026.
We reserve the right to amend this policy from time to time, either to reflect changes in our data processing procedures or in response to changes in the legal landscape.