Skip to main content Logo of Eckes-Granini. The word 'ECKES' appears in bold green uppercase letters, followed by 'granini' in bold white lowercase letters inside a red rectangular box. Below the logo, a green horizontal line separates the main text from the slogan 'the best of fruit' written in green lowercase letters.
ECKES-GRANINI

Data Privacy Statement

DATA PROTECTION INFORMATION

of Eckes-Granini Group GmbH

As of November 2025

Eckes-Granini Group GmbH (hereinafter referred to as "Eckes-Granini") operates the website accessible at the domain " www.eckes-granini.com " (hereinafter referred to as the "website") as well as mobile applications and external online presences such as social media profiles (hereinafter collectively referred to as the "online offering"). Below, we provide information about the collection of personal data when using this website and our social media profiles. Personal data is any data that can be related to you personally, e.g. name, address, email addresses, user behavior.

The controller pursuant to Art. 4 No. 7 GDPR is:

Eckes-Granini Group GmbH
Ludwig-Eckes-Platz 1
55268 Nieder-Olm
service-granini@eckes-granini.de

All requests for information, correction, and deletion, objections or revocations of consent, assertions of the right to restrict processing or the right to data portability, as well as comments or questions from users regarding data protection, should be directed to this address.

Your data will be collected, processed, and used in accordance with the provisions of data protection law, in particular the General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG) as well as, where applicable, the Telecommunications Digital Services Data Protection Act (TDDDG), as described in more detail below.

The processing of personal data is based on the legal principles of the GDPR listed below. If more specific legal principles apply in individual cases, we will inform you of this in the privacy policy.

•              If the data subject has given consent to the processing of personal data concerning him or her for a specific purpose or several specific purposes - consent (Art. 6 (1) (a) GDPR).

•              If processing is necessary for the performance of a contract to which the data subject is party or in order to take steps prior to entering into a contract - performance of a contract and pre-contractual inquiries (Art. 6 (1) (b) GDPR) -.

•              If processing is necessary for compliance with a legal obligation to which we are subject - Legal obligation (Art. 6 para. 1 sentence 1 lit. c) GDPR) -.

•              If processing is necessary to safeguard our legitimate interests or the legitimate interests of a third party and does not outweigh the interests or fundamental rights and freedoms of the data subject requiring the protection of personal data - Legitimate interests (Art. 6 (1) (f) GDPR).

1.    Collection of personal data for informational use

(1) When using the website for informational purposes only, i.e. if you do not log in, register or otherwise provide us with information, we do not collect any personal data, with the exception of the data that your browser transmits to enable you to visit the website. These are:

·         IP address

·         Date and time of the request

·         Time zone difference to Greenwich Mean Time (GMT)

·         Request content (specific page)

·         Access status/HTTP status code

·         Amount of data transferred in each case

·         Website from which the request originates

·         Browser

·         Operating system and its interface

·         Language and version of the browser software.

(2) Furthermore, cookies may be stored on your computer when you use the website. Cookies are small text files that are stored on your hard drive and assigned to the browser you are using, and through which certain information flows to the entity that sets the cookie (in this case, us). A cookie typically contains the name of the domain from which the cookie originates, the "lifetime" of the cookie, and a value, usually a randomly generated unique number. Cookies cannot execute programs or transfer viruses to your computer. They serve to make the Internet offering more user-friendly and effective overall. We only use cookies in accordance with legal requirements. This means that we always obtain revocable consent, unless such consent is not required by law. This applies in particular if the storage and retrieval of information, including cookies, is absolutely necessary in order to provide our online services.

We process personal data with the help of cookies on the basis of various legal grounds. If consent has been given, the legal basis for processing is the declared consent. If consent has not been given and the cookies are necessary, the data processed using these cookies is processed on the basis of our legitimate interests (e.g., in the economic operation of our online offering and improvement of its usability) or, if this is done in the context of fulfilling our contractual obligations, in order to fulfill our contractual obligations. We explain the purposes for which we process cookies in this privacy policy or as part of our consent and processing procedures.

 We use a solution from Papoo Software & Media GmbH to manage cookies and your consent in this regard. Within the scope of order processing, we therefore transfer personal data (consent data) to Papoo Software & Media GmbH, Auguststr. 4, 53229 Bonn, Germany, as the order processor. By consent data, we mean the following data: date and time of visit or consent/rejection, device information. The data is processed for the purpose of complying with legal obligations (duty of proof pursuant to Art. 7 (1) GDPR) and the associated documentation of consent, and thus on the basis of Art. 6 (1) lit. c) GDPR. Local storage is used to store the data. The consent data is stored for 3 years. The data is stored in the European Union. Further information on the data collected and contact details can be found at https://www.ccm19.de/datenschutzerklaerung. Details on the cookies used and the option to consent to the use of cookies can be found in the consent settings. There you can also revoke your consent.

2.    Collection of personal data for personalized use

(1) In addition to the purely informational use of our website, we offer various services that you can use if you are interested. To do so, you will usually need to provide additional personal data, which we use to provide the respective service. If additional voluntary information is possible, this is marked accordingly. We only collect, process, and use personal data that is necessary for your use of the website and/or the fulfillment of a contract concluded with us, or that you provide yourself. This includes, in particular, the following inventory data and usage data, which may be transmitted via forms on our website:

·         Company

·         Name (consisting of salutation, title, first name, last name, and gender)

·         Address

·         Telephone

·         Fax

·         Email

·         Date of birth

·         User registration and login details

·         Sales tax identification number (optional)

(2) We use inventory data and usage data to establish, develop, modify, or terminate a contractual relationship with you, to fulfill our contractual obligations, to enable the user to log in to the website, and to contact you if you request this or if it is necessary within the scope of the contractual relationship or permitted by law.

With the exception of data collected by the third-party providers listed below, personal data is stored and processed within the European Union.

3.    Deletion periods

Unless otherwise described in this privacy policy or when processing data via the contact form provided on the website, we only store your data for as long as we need it, e.g., to process a request you have submitted to us. Your personal data will therefore be deleted after your request has been processed, unless otherwise agreed. Inventory data will be deleted two years after the end of the contractual relationship at the end of the calendar year, unless longer storage is necessary and legally permissible.

4.    Statistical anonymous evaluation of usage data

We are entitled to create usage profiles using pseudonyms for the purposes of advertising, market research, or the needs-based design of the website, provided you do not object to this. In particular, we evaluate the usage data anonymously for statistical purposes in order to design the website in line with requirements. You can object to this use of your personal data by notifying us.

5.    Use of Google Analytics

(1) We use Google Analytics to measure and analyze the use of our website based on a pseudonymous user identification number. The user identification number is used to assign analysis information to a device in order to identify which content the users of the device have accessed within one or more usage processes, which search terms they have used, which they have accessed again, or when and for how long they have interacted with our website online offering, without containing any unique data such as names or email addresses. Pseudonymous user profiles are created using information from the use of various devices, whereby cookies may be used. Google Analytics does not log or store individual IP addresses for users from the EU. However, Google Analytics provides rough geographical location data derived from the structure of the IP address. For users from the EU, IP address data is used exclusively for this derivation of geolocation data before it is deleted. When Google Analytics collects measurement data, all IP queries are performed on EU-based servers before traffic is forwarded to Analytics servers outside the EU for processing.

(2) The service provider for Google Analytics is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (https://marketingplatform.google.com/intl/de/about/analytics/). The privacy policy can be found at https://policies.google.com/privacy. We have concluded a data processing agreement with Google Ireland Limited, the content of which can be viewed here: https://business.safety.google/adsprocessorterms. The basis for the transfer to third countries is the EU-US Data Privacy Framework (DPF) and standard contractual clauses (https://business.safety.google/adsprocessorterms). You can object to this use of your personal data as follows: Opt-out plugin: https://tools.google.com/dlpage/gaoptout?hl=de; settings for the display of https://myadcenter.google.com/personalizationoff?hl=de. Further information on Google Analytics, the types of processing, and the data processed can be found at https://business.safety.google/intl/de/adsservices/

 

6.    Use of Google Consent Mode

We use Google Consent Mode on our website, a feature provided by Google that allows us to ensure compliance with data protection regulations and cookie consent regulations. Google Consent Mode enables us to take your consent settings into account, particularly in connection with the use of Google products such as Google Analytics and Google Ads.

Google Consent Mode works by collecting information about whether you have consented to the use of cookies and other tracking technologies on our website. Based on this information, Google Analytics will or will not collect and send data from your current session.

If you have not consented to the use of cookies, no information about your online activities will be shared with Google Analytics or Google Ads.

7.    Use of Friendly Captcha

We use the "Friendly Captcha" service (http://www.friendlycaptcha.com) on our website. This service is provided by Friendly Captcha GmbH, Am Anger 3-5, 82237 Wörthsee, Germany.
Friendly Captcha is a new, privacy-friendly protection solution that makes it more difficult for automated programs and scripts (known as "bots") to use our website.
To this end, we have integrated a program code from Friendly Captcha into our website (e.g. for contact forms) so that the visitor's device can establish a connection to the Friendly Captcha servers in order to receive a calculation task from Friendly Captcha. The visitor's device solves the calculation task, which uses certain system resources, and sends the calculation result to our web server. The web server contacts the Friendly Captcha server via an interface and receives a response indicating whether the puzzle has been solved correctly by the device. Depending on the result, we can apply security rules to requests via our website and, for example, process or reject them. The data is used exclusively for the protection against spam and bots described above.
Friendly Captcha does not set or read any cookies on the visitor's device.

IP addresses are only stored in hashed (one-way encrypted) form and do not allow us or Friendly Captcha to identify an individual.

If personal data is stored, this data is deleted within 30 days. The legal basis for processing is our legitimate interest in protecting our website from misuse by bots, including spam protection and protection against attacks (e.g., mass requests), Art. 6 (1) lit. f GDPR.

Further information on data protection when using Friendly Captcha can be found at https://friendlycaptcha.com/legal/privacy-end-users/.

8.    Email newsletter

(1) If you give your separate consent, we may send you information about the use of the website and general customer information (email newsletter) by email. Your consent will be logged and you can access the content of the consent and this notice at any time. You can revoke your consent at any time with effect for the future. In particular, you can object to processing for direct marketing purposes. The registration process is logged on the basis of our legitimate interests for the purpose of verifying that it has been carried out properly. If we commission a service provider to send emails, this is done on the basis of our legitimate interests in an efficient and secure mailing system.

(2) Before we delete them, we store unsubscribed email addresses for up to three years based on our legitimate interests, solely for the purpose of defending against possible claims, in order to be able to prove that consent was previously given. An individual deletion request is possible at any time, provided that the former existence of consent is confirmed at the same time. In the case of obligations to permanently observe objections, we reserve the right to store the email address in a block list for this purpose only.

9.    Integration of third-party services

(1) We have integrated YouTube videos into our online offering, which are stored on www.YouTube.com and can be played directly from our website. These are all integrated in "extended data protection mode," which means that no data about you as a user is transferred to YouTube if you do not play the videos. Only when you play the videos will the data mentioned in paragraph 2 be transferred. We have no influence on this data transfer. We have also integrated content from the following third-party providers on this website: Google Maps.

(2) When you visit the website, the third-party provider receives information that you have accessed the corresponding subpage of our website. In addition, the data mentioned in section 1.(1) of this statement is transmitted. This occurs regardless of whether this third-party provider provides a user account through which you are logged in or whether no user account exists. If you are logged in to the plug-in provider, this data is directly assigned to your account. If you do not want this assignment to your profile with the third-party provider, you must log out before activating the button.

(3) The third-party provider stores this data as usage profiles and uses it for the purposes of advertising, market research, and/or the needs-based design of its website. Such evaluation is carried out in particular (even for users who are not logged in) to provide needs-based advertising. You have the right to object to the creation of these user profiles, whereby you must contact the respective third-party provider to exercise this right.

(4) Further information on the purpose and scope of data collection and its processing by the third-party provider can be found in the privacy policies of these third-party providers, which are provided below. There you will also find further information on your rights in this regard and settings options for protecting your privacy.

(5) Addresses of the respective providers and URLs with their privacy policies:

Google Inc., 1600 Amphitheater Parkway, Mountain View, California 94043, USA; https://www.google.com/policies/privacy/partners/?hl=de.

10. Hosting and deployment (Netlify Enterprise)

Type of data processing
When you visit our website, technical information such as your IP address, browser type, operating system, referrer URL, and access time is automatically processed. This data is necessary to deliver the website correctly and to ensure system security.

Purpose and legal basis of processing
Our website is hosted and provided via the Netlify Enterprise service. Processing is carried out in accordance with Art. 6 (1) (f) GDPR (legitimate interest) to ensure the secure and high-performance delivery of our content.

Recipients of the data
The recipient of the data is exclusively the aforementioned service provider (Netlify Enterprise), which acts as a processor in accordance with Art. 28 GDPR. The data is not passed on to third parties.

Hosting and data transfer
The service is provided via Netlify Enterprise servers located within the European Union or for which an adequate level of data protection is ensured in accordance with Art. 45 ff. GDPR. On July 10, 2023, the European Commission issued an adequacy decision for the US under the EU-US Data Privacy Framework (DPF). This certifies that personal data transferred to the US – specifically to DPF-certified companies such as Netlify – receives a level of data protection that complies with the EU General Data Protection Regulation. Netlify is contractually obliged to comply with the GDPR. Appropriate technical and organizational measures are taken in accordance with Art. 32 GDPR to ensure the security of your data.

Privacy Shield certification: Netlify is certified under the EU-U.S. Data Privacy Framework (successor to the Privacy Shield). This certification confirms that the provider is committed to complying with EU data protection standards. Further information on the certification can be found here: https://www.dataprivacyframework.gov/.

Storage period
Server log data is only stored for as long as is necessary to ensure operation and for error analysis, or as long as there are legal retention obligations.

11. Contact forms (SendGrid & DigitalOcean)

Type of data processing
The personal data you enter in the contact form (e.g., name, email address, message) is transmitted to the SendGrid service via an API-based solution and stored and processed there in compliance with the GDPR on servers within the European Union. SendGrid acts as a processor in accordance with Art. 28 GDPR.

Purpose and legal basis of processing
Your data is processed via our contact forms for the purpose of handling your request in accordance with Art. 6 (1) (a) GDPR (consent) and, where applicable, Art. 6 (1) (f) GDPR (legitimate interest in efficient communication with consumers, customers, or other third parties).

The technical transmission of the data is carried out via servers from DigitalOcean, which are also contractually obliged to comply with the GDPR. Appropriate technical and organizational measures are taken in accordance with Art. 32 GDPR to ensure the security of your data.

Recipients of the data
The recipients of your data are exclusively the aforementioned service providers (SendGrid and DigitalOcean), who act as processors and are contractually obliged to comply with the provisions of the GDPR. The data will not be passed on to third parties.

Storage period
Your data will only be stored for as long as is necessary to process your request or as long as there are legal retention obligations.

12. Job advertisements (Cornerstone & DigitalOcean)

Type of data processing
The job vacancies listed on our careers page originate from our Cornerstone applicant tracking system. Two exports from Cornerstone are used for this purpose, which are temporarily stored on DigitalOcean servers and technically processed in order to display the job advertisements correctly.

No personal applicant data is processed or stored. The data only includes job information such as job title, location, and description.

Purpose and legal basis of processing
The processing of data in connection with the display of job vacancies on our website is carried out in accordance with Art. 6 (1) (f) GDPR (legitimate interest) in order to provide you with current job vacancies.

Applicant data
All personal data that you provide in the context of an application will be processed exclusively in Cornerstone. Cornerstone acts as a processor in accordance with Art. 28 GDPR. For more information on the processing of your applicant data via Cornerstone, please refer to Cornerstone's privacy policy: [https://www.cornerstoneondemand.com/de/client-privacy-policy/].

Hosting and security
Job advertisements are temporarily stored on DigitalOcean servers within the European Union. DigitalOcean is contractually obliged to comply with the GDPR. Appropriate technical and organizational measures are taken in accordance with Art. 32 GDPR to ensure the security of the data.

Recipients of the data
The recipients of the data are exclusively the aforementioned service providers (Cornerstone and DigitalOcean), who act as processors and are therefore contractually obliged to comply with the provisions of the GDPR. The data will not be passed on to third parties.

 

13. Presence on social networks (social media)

As part of our online presence on social networks, we process data from users who are active there. This may also involve the processing of personal data outside the European Union. This may pose risks for users, as it could make it more difficult for them to enforce their rights, for example. Furthermore, user data within social networks is generally processed for market research and advertising purposes. For a detailed description of the respective forms of processing and the options for objection (opt-out), we refer to the privacy policies and information provided by the operators of the respective networks.

Requests for information and the assertion of data subject rights can be most effectively asserted with the providers themselves. Only the providers have access to the user data and can take appropriate measures and provide information directly. However, if you still need help, you can contact us.

14. Protection of personal data

We take technical and organizational measures in accordance with data protection requirements to protect the user's personal data. All our employees who are involved in the processing of personal data are bound to data secrecy and have been trained accordingly. The user's personal data is encrypted using HTTPS when transmitted to the website.

15. Rights of data subjects

Users and other data subjects have various rights in relation to their personal data under the GDPR, which arise in particular from Articles 15 to 21 GDPR:

  • Right of access to the personal data concerned (Article 15 GDPR)

  • Right to rectification (Article 16 GDPR)

  • Right to erasure (Art. 17 GDPR)

  • Right to restriction of processing (Article 18 GDPR)

  • Right to object to processing if the data processing is based on Art. 6 para. 1 lit. e or lit. f GDPR (Art. 21 GDPR): see also the following note on the right to object under Art. 21 GDPR

  • Right to data portability (Art. 20 GDPR)

  • Right to withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal, if data processing is based on consent pursuant to Art. 6 (1) (a) or Article 9 (2) (a) GDPR

  • You also have the right to complain to a data protection supervisory authority about our processing of your personal data (Article 77 GDPR).

 

 

Reference to the right to object pursuant to Article 21 GDPR

You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is based on Article 6(1)(e) or (f) GDPR; this also applies to profiling based on these provisions. If the personal data concerning you is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling insofar as it is related to such direct marketing.

 

16. Data protection supervisory authority and right to lodge a complaint

You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, your place of work or the place of the alleged infringement, if you consider that the processing of personal data concerning you infringes the provisions of the GDPR. The data protection supervisory authority responsible for us is:


The State Commissioner for Data Protection and Freedom of Information Rhineland-Palatinate, P.O. Box 30 40, 55020 Mainz
Phone: +49 (0) 6131 8920-0
Fax: +49 (0) 6131 8920-299
Email: poststelle@datenschutz.rlp.de  

17. Data protection officer

You can contact our data protection officer at privacy@eckes-granini.com or at our postal address with the addition "The Data Protection Officer."

18. Updates to this privacy policy

From time to time, it is necessary to adapt the content of this privacy policy. We therefore reserve the right to change it at any time. We will publish the amended version of the privacy policy in the same place as this privacy policy.

 

If we provide addresses and contact information for companies and organizations in this privacy policy, please note that the addresses may change over time and the information should be checked before contacting them.