Data Protection Statement

Global Privacy Fundamentals

Our privacy practices reflect current global principles and standards on handling personal information. These principles include notice of data use, choice of data use, data access, data integrity, security, onward transfer, and enforcement/oversight. Capri Sun AG abides by the EU General Data Protection Regulation (GDPR).

It is our policy not to collect and store any personal data about you when you visit the Capri Sun AG website. Rather, this only happens in cases where we have expressly asked you for personal data beforehand. If, for example, you participate in a prize draw, we will ask you for your name and address to contact you in case you win.

Consent

By using this website, you consent to the electronic collection and use of the information as described here. If Capri Sun AG decides to make changes to this privacy statement, we will post the changes on this site so that you will always know what data we store, and how we use it.

From time to time, as may be required by applicable law, we may also seek your explicit consent to process certain personal data and information collected on this website or volunteered by you.

Collection and Processing of Your Personal Data

To serve you better and understand your needs and interests, Capri Sun AG collects and uses personal information in the following manner and in accordance with applicable data protection laws.

When you visit our website, we may record your IP address in anonymized form and use cookies and other Internet technologies (referred to below as "Automated Tools" and "Embedded Web Links") to gather general information about our visitors and their interests. The technologies used and the information collected are described in more detail below.

We may further collect and process any information and data that you volunteer to us, e.g. when you register for events, subscribe to newsletters, participate in online surveys, discussion groups or forums, or when you make purchases.

Use and Purpose of Collected Personal Data

The data Capri Sun AG collects to understand your needs and interests helps Capri Sun AG deliver a consistent and personalized experience. Capri Sun AG will use such data only as described in this privacy statement. We will not subsequently change the way your personal data is used without your consent unless this is otherwise permitted by law.

We always process your personal data for a specific purpose.

• To manage our relationship with you, e.g. through our databases, in which we collect data about you from our various sources in order to get an overview of the collaboration; also, to improve and individualize our understanding of your preferences and our communication with you;
• To process your orders and deliver the products and services that you have ordered.
• To implement tasks in preparation of or to perform existing contracts;
• To evidence transactions and ensure transparency on transfers of value;
• To provide you with appropriate and current information about research as well as our products and services;
• To improve the quality of our products and services by adapting our offering to your specific needs;
• To answer your requests and provide you with efficient support;
• To track our activities (e.g. measuring collaboration or sales, number of appointments/calls, issues discussed, documents presented);
• To invite you to events sponsored or used by us (e.g. speaker events, conferences);
• To grant you access to our specified IT systems so that you can use certain services of Capri Sun AG;
• To manage our IT resources, including infrastructure management and business continuity;
• To preserve the company’s economic interests and ensure compliance and reporting (such as complying with our policies and local legal requirements, tax and deductions, internally defined contribution caps, managing alleged cases of misconduct or fraud; conducting audits and defending litigation);
• Archiving and record keeping;
• To support recruitment inquiries;
• Billing and invoicing;
• Any other purposes imposed by law and authorities.
• In certain cases, we are legally obliged to transfer certain data to the requesting government agency (institution or authority). The legal basis for the processing is Art. 6. Para. 1 (c) GDPR
• In some cases, business partners require personal data from our customers. This is usually done for the purpose of order fulfillment (e.g. in case of complaints). This is expressly provided for by law. In this case, Capri Sun AG remains responsible for the protection of your data – in addition, the processor may also be responsible. The service provider works strictly in accordance with our instructions, which Capri Sun AG ensures by means of strict contractual regulations.
• To fulfil legal obligations to record, document and report to the responsible authorities.

IP Addresses

We use IP addresses to help diagnose problems, to administer our website, and to gather demographic information. We may also use IP addresses or other information you have shared on this website to determine which pages on our sites are being visited and topics that may be of interest to our visitors so we can provide you with information about relevant products and services. Capri Sun AG only collects such data in anonymized form and will not link it to a registered user's profile without the consent of that user. When you visit our site, we recognize only your domain name.

Capri Sun AG will only gather data related to your visit to the Capri Sun website. We do not track or collect personal data from your visits to companies or entities outside the Capri Sun AG group of companies.

Cookie Consent With Borlabs Cookie

This website uses the cookie consent tool "CookiePro" from OneTrust LLC, 1200 Abernathy Rd NE, Sandy Springs, GA 30328, USA ("OneTrust") to obtain effective user consent for cookies requiring consent and cookie-based applications.

By integrating a corresponding JavaScript code, a banner is displayed to users when they access the page, in which consent for certain cookies and/or cookie-based applications can be given by ticking a box. The tool blocks the setting of all cookies that require consent until the respective user gives their consent by ticking the box. This ensures that such cookies are only set on the user's end device if consent has been granted.

To enable the cookie consent tool to clearly assign page views to individual users and to individually record, log and store the consent settings made by the user for the duration of a session, certain user information (including the IP address) is collected by the cookie consent tool when our website is accessed, transmitted to OneTrust servers and stored there.

This data processing is carried out in accordance with Art. 6 Para. 1 lit. f GDPR on the basis of our legitimate interest in legally compliant, user-specific and user-friendly consent management of cookies and thus in a legally compliant design of our website.

Another legal basis for the described data processing is Art. 6 Para. 1 lit. c GDPR. As the controller, we are subject to the legal obligation to make the use of technically unnecessary cookies dependent on the respective user consent.

OneTrust LLC. is certified for the US-European data protection agreement "Privacy Shield", which guarantees compliance with the data protection level applicable in the EU. A current certificate can be viewed here: https://www.privacyshield.gov/participant?id=a2zt0000000GnPeAAK&status=Active

Further information on the use of data by OneTrust can be found in OneTrust's privacy policy at https://www.cookiepro.com/privacy-notice/

Cookies

a) We use cookies on our website(s). These are small files that your browser automatically creates and stores on your device (laptop, tablet, smartphone, etc.) when you visit our websites. Cookies cannot do damage to your computer and do not contain viruses, trojans or any other malware. The information stored in the cookie pertains to the specific device used. This, however, does not give us direct knowledge of your identity. The use of cookies serves to make using our online services more pleasant for you. For example, we use what are known as session cookies to determine that you have already visited individual pages on our website. These are automatically deleted after leaving our website.

b) In addition, to further improve usability, we also use temporary cookies that are stored on your device for a specified period of time. If you visit our website again to use our services, we will automatically determine that you have already visited our website and what inputs and settings you have made in order to avoid having to re-enter them.

c) Furthermore, we use cookies to statistically record the use of our website and to analyse it for the purpose of optimizing our website offerings. These cookies enable us to automatically determine that you have visited our website before. These cookies are automatically deleted after a defined period of time.

d) The data processed by cookies are necessary for the purposes mentioned in order to safeguard our legitimate interests and the interests of third parties under Art. 6 Para.1 Sent. 1 (f) GDPR.

e) Most browsers accept cookies automatically. You can, however, configure your browser in such a way that no cookies are stored on your computer or that a notice is displayed before a new cookie is created. Disabling cookies completely, however, may mean that you will not be able to use all the features on our website.

Transfer of personal data to a Third Country

If your personal data is transferred to countries outside the EU/EEA whose data protection standards do not correspond to those of the EU, we will ensure the required data protection standard through appropriate contractual clauses with the data recipients if no adequacy decision justifies such a transfer. In this way, we ensure the protection of your personal data. The aforementioned standard contractual clauses can be downloaded from the following website.

Transfer of personal data to the USA

For the transfer of data from the EU to the USA, the provider has signed up to the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.

Links to social networks

The Capri Sun's website has links on some of its pages that can establish a connection to social networks such as Facebook, Instagram, TikTok, LinkedIn, and XING.

This allows for a connection between your Internet browser and the server of the relevant social network to be established for a short period of time and the content of the platform to be transmitted from there to your Internet browser.

The operator of the social network learns your IP address when you click on these links. In certain cases, the operator of the social network additionally tries to store a cookie on your computer, which is deleted when you close your internet browser.

If you are logged in to your relevant social network account at the same time, information regarding your visit to the Capri Sun AG website may be attributed to your account with that social network and stored, processed and used by the operator of the social network.

The Capri Sun Website contains links to the social networks www.facebook.com, www.xing.com, www.linkedin.com, www.tiktok.com, and www.instagram.com. You can only use the website if you have a Facebook user account and or an Instagram user account and are logged in with it. Go to http://www.facebook.com/about/privacy/ to learn how Facebook processes and uses the data you disclose as a user of facebook.com and to what extent you can restrict its publication.

Analysis Tools

The tracking measures listed below and used by us are carried out based on Art. 6 Para. 1 Sent. 1 (f) GDPR. With the tracking measures used, we want to ensure a needs-based design and the continuous optimization of our website. Furthermore, we use tracking measures to statistically record the use of our website and to analyse it for the purpose of optimizing our website offerings. These interests are considered legitimate within the meaning of the aforementioned provision. For the respective data processing purposes and data categories, please refer to the corresponding tracking tools described in detail below.

Privacy Statement for the Use of Google Analytics 4

This website uses Google Analytics 4, a service provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"), which can be used to analyse the use of websites.

When using Google Analytics 4, so-called "cookies" are used as standard. Cookies are text files that are stored on your end device and enable your website use to be analysed. The information collected by cookies about your use of the website (including the IP address transmitted by your device, shortened by the last digits, see below) is usually transmitted to a Google server, where it is stored and processed. This may also result in information being transmitted to the servers of Google LLC based in the USA and further processing of the information there.

When using Google Analytics 4, the IP address transmitted by your end device when you use the website is always collected and processed in anonymized form by default and automatically, so that the information collected cannot be directly linked to a person. This automatic anonymization is achieved by Google truncating the IP address transmitted by your device within member states of the European Union (EU) or other parties to the Agreement on the European Economic Area (EEA).

Google uses this and other information on our behalf to evaluate your use of the website, to compile reports on your website activity and usage behaviour and to provide us with other services relating to your use of the website and the Internet. The abbreviated IP address transmitted by your device as part of Google Analytics 4 will not be merged with other Google data. The data collected as part of the use of Google Analytics 4 is stored for 2 months and then deleted.

Google Analytics 4 also enables the creation of statistics with statements about age, interest-based advertising and the use of third-party information via a special function, the so-called "demographic characteristics". This makes it possible to determine and differentiate between user groups of the website for the purpose of target group-optimized marketing measures. However, data collected via the "demographic characteristics" cannot be assigned to a specific person and therefore cannot be assigned to you personally. This data collected via the "demographic characteristics" function is stored for two months and then deleted.

All processing described above, in particular the setting of Google Analytics cookies for the storage and reading of information on the terminal device used by you for the use of the website, will only take place if you have given us your explicit consent to do so in accordance with Art. 6 Para. 1 lit. of the GDPR. Without your consent, Google Analytics 4 will not be used during your use of the website. You can revoke your consent at any time with effect for the future. To exercise your revocation, please deactivate this service via the "cookie consent tool" provided on the website.

In connection to this website, the "UserIDs" function is also used as an extension of Google Analytics 4. By assigning individual UserIDs, we can have Google create cross-device reports (so-called "cross-device tracking"). This means that if you have given your consent to the use of Google Analytics 4 in accordance with Art. 6 Para. 1 lit. GDPR, your usage behaviour can also be analysed across devices if you have set up a personal account by registering on this website.

We have concluded a so-called order processing contract with Google for our use of Google Analytics 4, which obliges Google to protect the data of our website users and not to pass it on to third parties.

Google's privacy policy can be viewed here.

Details on the processing triggered by Google Analytics 4 and how Google handles data from websites can be found here.

Privacy Statement for the Use of Google Tag Manager

Use of Google Tag Manager: Google Tag Manager is a solution that allows marketers to manage website tags using an interface. The Tag Manager tool itself (which implements the tags) is a cookie-less domain and does not collect any personal data. The tool causes other tags to be activated which may, for their part, register data under certain circumstances. Google Tag Manager does not access this information. If recording has been deactivated on domain or cookie level, this setting will remain in place for all tracking tags implemented with Google Tag Manager. https://www.google.de/tagmanager/use-policy.html

Privacy Policy for the Use of Google AdSense

This website uses Google AdSense, a service for integrating advertisements from Google Inc ("Google"). Google AdSense uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site. Google AdSense also uses so-called web beacons (invisible graphics). These web beacons can be used to analyze information such as visitor traffic on these pages.

The information generated by cookies and web beacons about the use of this website (including your IP address) and the delivery of advertising formats is transmitted to a Google server in the USA and stored there. This information may be passed on by Google to contractual partners of Google. However, Google will not merge your IP address with other data stored by you.

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.

For the transfer of data from the EU to the USA, the provider has signed up to the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.

Privacy Statement for the Use of Display & Video DV 360 Platform by Google

Our website uses Display & Video 360 (DV360) – a tool of the Google Marketing Platform. DV360 uses cookies to serve ads relevant to users and optimize campaign performance. In addition, cookie ID information may be used to track conversions related to ad inquiries. The cookie ID may be used to link the ad served to a subsequent purchase. According to Google, DV360 cookies do not contain any personal information. We have no influence on any processing and use of the data by Google as well as identifiability through any (personally identifiable) aggregation of data on the part of Google.

The DV360 cookies placed help us analyze and understand how you communicate with our website and/or perform certain actions when you click on our content on Google or other platforms (conversion tracking). In the event that personal data is transferred to the USA, we obtain your express consent for this data transfer via the cookie banner in accordance with Art. 49 Para. 1 (a) GDPR.

You can also object to the display of personalized advertising through Google’s advertising settings here, or through the “About Ads” self-regulatory campaign.

Privacy Statement for Amazon Advertising Tag - Conversion Tracking

This website uses the conversion tracking technology "Amazon Tag" by Amazon Advertising, amazon.com, PO Box 504, 94302 Palo Alto, CA.

If you have arrived at our website from an ad in the Amazon inventory, a cookie is set by us on your computer, which interacts with a likewise implemented "tag" in the form of a JavaScript code from Amazon. Cookies are small text files that are stored on your end device. These cookies expire after 180 days and are not used for personal identification.

If the user is redirected from an ad in the Amazon inventory to pages on this website and the cookie has not yet expired, the tag records certain user actions predefined by us and can track them (e.g. completed transactions, leads, searches on the website, calls to product pages). When such an action is performed, your browser sends an HTTP request from the cookie to Amazon's server via the Amazon tag, with certain information about the action (including type of action, time, browser type of the end device).

Through this transmission, Amazon can create statistics about the usage behavior on our website after forwarding from an ad in the Amazon inventory, which serve us to optimize our offer.

If personal user data is processed in the process, this is done in accordance with Art. 6 Para. 1 (f) GDPR on the basis of our legitimate interest in the statistical evaluation of the success of product ads in the Amazon inventory and the purchasing behavior of the user and thereby serves to optimize our online offering.

However, we will not receive information that personally identifies users.

When using Amazon DSP, personal data may also be transmitted to the servers of Amazon.com in the USA.

If you do not wish to participate in the tracking program, you can refuse the use of this program by deactivating the Amazon Tag tracking conversion cookie via your Internet browser through the user settings. You will then no longer be included in the conversion tracking statistics.

If you would like to prevent the collection of pseudonymized data by Amazon DSP, please click on the following link: Link to opt-out (interest-based advertising)

Insofar as legally required, we have obtained your consent for the processing of your data as described above in accordance with Art. 6 Para. 1 (a) GDPR. You have the right at any time to withdraw your consent with effect for the future. In order to exercise your right to withdrawal, please follow the procedure described above for making an objection.

For the transfer of data from the EU to the USA, the provider has signed up to the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.

Privacy Statement for the Use of Facebook Dynamic Ads for Remarketing

On our website, we use the remarketing function of Facebook Dynamic Ads of Facebook Inc. (1601 S. California Ave, Palo Alto, CA 94304, USA; "Facebook") to target our website visitors with interest-based advertising on the Facebook social network. For this purpose, Facebook remarketing tags have been implemented on the website, which establish a direct connection to the Facebook servers. In doing so, it is transmitted to the Facebook servers which of our pages were visited, which products were viewed or purchased. Facebook matches this information to your personal Facebook user account.
When using Facebook Dynamic Ads for Remarketing, personal data may also be transmitted to the servers of Facebook in the USA.
When you visit the social network Facebook, you will be served personalized, interest-based Facebook ads.
You have the right to object, on grounds relating to your particular situation, at any time to this processing of personal data concerning you which is based on Art. 6 Para. 1 (f) GDPR.
For this purpose, you can disable the Facebook Dynamic Ads functionality at the following link of the non-profit association EDAA: http://www.youronlinechoices.com/de/praferenzmanagement/
You can find more information about Facebook's collection and use of the data, about your rights in this regard, and your options to protect your privacy Facebook's privacy policy at https://www.facebook.com/about/privacy/.
Insofar as legally required, we have obtained your consent for the processing of your data as described above in accordance with Art. 6 Para. 1 (a) GDPR. You have the right at any time to withdraw your consent with effect for the future. In order to exercise your right to withdrawal, please follow the procedure described above for making an objection.

Privacy Statement for the Use of ChannelSight eCommerce

Many of our products can be purchased directly through hyperlinks (e.g. "Purchase Online" button) to online shops of retailers that work with us ("Buy now" function). If you click on the respective hyperlink to the chosen product page in the dealer's online shop, we use JavaScript code and cookies (i.e. conversion tracking) to log that you clicked on the hyperlink and whether or not you purchase the product in the dealer's online shop. The usage data collected in this way is used to measure the attractiveness of the "Buy now" function and, where applicable, for commission settlement purposes with the dealer's online shop (i.e. affiliate marketing). Sometimes dealers' online shops pay us a commission when we successfully redirect prospective customer/buyers to them.
For tracking, we rely on the service provider ChannelSight Ltd., Suite 3, Anglesea House, Carysfort Ave., Blackrock, Co. Dublin, Ireland (www.channelsight.com). The information regarding your use of the “Buy now” function is transferred to ChannelSight servers, analyzed and returned to us only in the form of cumulative data indicating trends regarding the use of the "Buy now" function.
In direct relation to the "Buy now" function, we will again inform you separately about the collection of your usage data. By using the respective buttons on our website, you give your consent for the inter-website tracking of your website use and the analysis by us for the indicated purposes, and in particular to the associated data collection by ChannelSight and the retailer, as well as the transfer of data from ChannelSight and the retailer to us. The usage data is deleted once it is no longer required for commission settlement and analysis.
Opt-out: To prevent the collection of usage data via ChannelSight, please use the ChannelSight opt-out website which can be reached at the following link: https://www.channelsight.com/privacy-policy/.

Privacy Statement for the Use of Facebook Social Plugins

We use social plugins ("plugins") of the social network facebook.com on the basis of our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offering within the meaning of Art. 6 Para. 1 (f) GDPR) social plugins ("plugins") of the social network facebook.com, which is operated by Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("Facebook"). The plugins can display interaction elements or content (e.g. videos, graphics or text contributions) and are recognizable by one of the Facebook logos (white "f" on blue tile, the terms "Like" or a "thumbs up" sign) or are marked with the addition "Facebook Social Plugin". For a list and appearance of Facebook social plugins go to: https://developers.facebook.com/docs/plugins/.
Facebook is certified under the Privacy Shield agreement and thereby offers a guarantee of compliance with European data protection law

Privacy Statement for the Use of TikTok

We use "TikTok" services on our website (for EU: TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland).
If you have not given your consent in the Consent Manager, you have the option of giving it at a later time with what is known as the "2-click solution". When you visit a page that has a TikTok video embedded, a connection to the TikTok servers is not established until you click the confirm button. In this case, TikTok will set cookies and use the data from your visit for its own purposes. If you are logged in to TikTok at that time, the information about the videos you watch will be matched to your TikTok user account. You can prevent this by logging out of your member account before visiting our website.
You run the risk that your data will be processed in and transferred to the United States, i.e., a third country outside the European Union (EU) or the European Economic Area (EEA). For this country, there is no adequacy decision by the EU Commission to ensure that its level of data protection is equivalent to the European standard. According to the European Court of Justice (ECJ), there is a particular risk that data will be processed unnoticed by U.S. authorities for surveillance purposes. The legal basis for the processing of your data is your consent pursuant to Art. 49 Para. 1 Sent. 1 (a) GDPR. You have the right at any time to withdraw your consent with effect for the future.
For more information, please read TikTok's privacy policy at https://www.tiktok.com/legal/privacy-policy-eea?lang=en.
The legal basis for this processing is your consent pursuant to Art. 6 Para. 1 Sent. 1 (a) GDPR. You have the right at any time to withdraw your consent with effect for the future by accessing the cookie settings and changing your selection.

Privacy Statement on the Use of Facebook

This website uses technology from Facebook Ireland Limited ("Facebook", 4 Grand Canal Square, Dublin 2, Ireland). Facebook is an Internet advertising service that allows advertisers to target users with ads on Facebook directly and on the Facebook ad network. By using the remarketing function "Custom Audiences", users of the website are shown what is known as "Facebook Ads" when visiting Facebook or other sites using the technology, which contain interest-based ads. The purpose is to make our website more attractive through targeted marketing as well as the placement of ads. If you have a Facebook account, this can be recognized by the set Facebook pixel through which the collected usage data is transmitted to Facebook. The Facebook pixel is a JavaScript code. Facebook uses tracking cookies to target Facebook ads based on information about user behavior and device-related information. This data is stored for no longer than 180 days. For more information on the purpose and extent of data collection, further processing and use of data by Facebook and your configuration options to protect your privacy please refer to Facebook's Privacy Policy. If you do not want to be shown interest-based ads, you can disable this feature in your browser.

We have no influence on information that is processed and/or merged by Facebook. Facebook may be able to identify you, for example, if the data can be matched to your Facebook account or you are logged into a Facebook account.

You can find out about corresponding Facebook ad settings at https://www.facebook.com/about/basics/advertising and manage settings accordingly. Instructions on how to do this can be found here https://www.facebook.com/about/basics/advertising/ad-preferences. Logged in users can disable and manage the settings here https://www.facebook.com/settings/?tab=ads#_.

The data generated in this context may be transferred by Facebook to a server in the USA for analysis and stored there. In the event that personal data is transferred to the USA, we obtain your express consent for this data transfer via the cookie banner in accordance with Art. 49 Para. 1 (a) GDPR.

Privacy Statement for the Use of LinkedIn

Our website employs plug-ins provided by the LinkedIn network, a service of LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA (hereinafter "LinkedIn"). You can recognize the LinkedIn plug-ins by the LinkedIn logo or the "Share" button on our site (hereinafter referred to as "LinkedIn plug-ins"). When you visit our website, the LinkedIn plug-ins establish a direct connection between your browser and the LinkedIn server. This provides LinkedIn with the information that you have visited this website using your IP address. When you click the LinkedIn “Share” button while you are logged into your LinkedIn account, you can link the contents of this website with your LinkedIn profile. This allows LinkedIn to allocate the visit to this website to your account. Please note that as the provider of this website we receive no information from LinkedIn regarding the contents of the transmitted data or how it is used. For details on data collection (purpose, extent, further processing, use) as well as your rights in this regard and your settings options, refer to LinkedIn's privacy policy. You can find the LinkedIn privacy policy at http://www.linkedin.com/static?key=privacy_policy&trk=hb_ft_priv

Privacy Statement for the Use of XING

The "XING share button" is used on this website. When you visit this website, your web browser will briefly connect to the servers of XING AG ("XING") which provide the functions of the "XING share button" (including a visitor counter). XING does not store any personal data about you and your visit when you visit the website. XING does not store IP addresses or use cookies to monitor your visit behavior in relation to the "XING share button". Please visit the following website for the latest version of the XING share button privacy policy and for further information: https://dev.xing.com/plugins/share_button/privacy_policy

Privacy Statement for the Use of Instagram

Our online offering may include functions and contents of the service Instagram, provided by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. This may include, for example, content such as images, videos, or text and buttons that allow users to express their liking for the content, subscribe to the content creators, or subscribe to our posts. If the users are members of the Instagram platform, Instagram can match the accessing of the above-mentioned content and functions to the profiles of the users there. Instagram's Privacy Policy: http://instagram.com/about/legal/privacy/.

Privacy Statement for the Use of Microsoft Teams

We use the "Microsoft Teams" service of Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399 USA (hereinafter "Microsoft Teams") to conduct online meetings, video conferences, and/or webinars. In the case of using Microsoft Teams, different types of data are processed.
The extent of the data processed depends on the data you provide before or during participation in an online meeting, video conference, or webinar. When using Microsoft Teams, data of the communication participants is processed and stored on Microsoft Teams servers. This data may include, but is not limited to, your credentials (name, email address, phone (optional),

Links to Other Websites

Our website may contain links to third-party websites. Capri Sun AG is not responsible for the privacy practices or the content of third-party websites or websites that are not owned by Capri Sun AG or its affiliates.

Data Retention

Capri Sun AG will not retain your personal data longer than is necessary to fulfill the purposes for which it was collected or as required by applicable laws or regulations.

Applicant Privacy Notice

(1) We process applicant data only for the purpose and in the context of the application procedure in accordance with the legal requirements. The processing of the applicant data takes place in order to fulfil our (pre)contractual obligations within the scope of the application procedure pursuant to Art. 6 Para. 1 (b). GDPR, Art. 6 para. 1 (f) GDPR insofar as data processing becomes necessary for us, e.g. within the framework of legal proceedings.

(2) The application process requires that applicants provide us with their data. Necessary applicant data are personal details, postal and contact addresses, email address, and the documents accompanying the application, such as cover letter, curriculum vitae and certificates. In addition, applicants may voluntarily provide us with additional information.

(3) By submitting the application to Capri Sun AG, applicants agree to the processing of their data for the purposes of the application process in accordance with the type and scope set out in this privacy statement.

(4) Insofar as special categories of personal data pursuant to Art. 9 Para. 1 GDPR are voluntarily disclosed in the application process, they are additionally processed in accordance with Art. 9 Para. 2 (b) GDPR (e.g. health data, e.g. severely disabled status or ethnic origin). Insofar as special categories of personal data pursuant to Art. 9 Para. 1 GDPR are requested from applicants in the application process, they are additionally processed in accordance with Art. 9 Para. 2 (a) GDPR (e.g. health data, if these are required for exercising the profession).

(5) Applicants can send their applications by mail or email. Please note, however, that emails are generally not sent in encrypted form and that the applicants themselves must ensure that they are encrypted. We therefore cannot accept any responsibility for the transmission of the application between the sender and the reception on our server. If the applicant is concerned about the security of the application documents sent by email, we recommend sending the application documents by mail.

(6) The data provided by the applicants may be further processed by us in the event of a successful application for employment purposes. Otherwise, if the application for a job opening is not successful, the applicants' data will be deleted. Applicants' data will also be deleted if an application is withdrawn, which the applicants are entitled to do at any time.

(7) The deletion is subject to a legitimate withdrawal by the applicant and carried after a six-month application period so that we can answer any follow-up questions regarding the application and meet our obligations under the Equal Treatment Act.
In the event that you have agreed to the continued storage of your personal data, we will transfer your data to our applicant pool. There, the data will be deleted after two years.
If you have been accepted for a job in the application process, the data from the applicant data system will be transferred to our personnel information system.

Invoices for any reimbursement of travel expenses are archived in accordance with tax regulations.

Data Subject Rights

You have the right
a) in accordance with Art. 15 GDPR, to request information about your personal data processed by us. In particular, you may request information about the purposes of processing, the categories of personal data concerned, the categories of recipients to whom your personal data have been or will be disclosed, the planned storage period, the existence of the right to rectification, deletion, restriction or objection of processing of personal data, the right to lodge a complaint with a supervisory authority, the origin of your data where the personal data was not collected by us, and the existence of automated decision-making and, if applicable, meaningful information about the logic involved;
b) in accordance with Art. 16 GDPR, to demand without delay the correction of incorrect data or the completion of your personal data stored by us;
c) to request the deletion of your personal data stored with us in accordance with Art. 17 GDPR, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
d) in accordance with Art. 18 GDPR to restrict the processing of your personal data if you dispute the accuracy of the data, if the processing is unlawful but you reject its deletion and we no longer need the data, but you need it to assert, exercise or defend legal claims, or if you have filed an objection to the processing in accordance with Art. 21 GDPR;
e) in accordance with Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request its transfer to another person responsible;
f) in accordance with Art. 7 Para. 3 GDPR, to revoke your consent to us at any time. As a result, we will no longer be allowed to continue processing the data based on this consent in the future and
g) in accordance with Art. 77 GDPR, to complain to a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or of the registered office of our company.

The competent supervisory authorities for data protection at Capri Sun AG are:

Baden-Württemberg supervisory authority:

Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit Baden-Württemberg
Tel. 0711 615541 – 0
Fax: 0711 615541 – 15
Mail: [email protected]
http://www.baden-wuerttemberg.datenschutz.de

The competent supervisory authority for data protection of Capri Sun AG for Switzerland is:

Eidgenössischer Datenschutz- und Öffentlichkeitsbeauftragter
Feldeggweg 1
3003 Bern
Switzerland
Phone: 0041 - 058 464 94 10 (for media inquiries only)
Fax: 0041 - 058 465 99 96

The competent supervisory authority for data protection of Capri Sun AG for Austria is:

Österreichische Datenschutzbehörde
Barichgasse 40-42
1030 Vienna
Telephone: +43 1 52 152-0
E-mail: [email protected]
Internet: www.dsb.gv.at

For the assertion of the aforementioned rights as well as for questions regarding data protection, you can contact the person responsible or send an email to [email protected].

Right to Object

If your personal data are processed on the basis of legitimate interests pursuant to Art. 6 Para. 1 Sent. 1 (f) GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR, provided that there are reasons for this which arise from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right of objection, which we will implement without specifying a particular situation. If you would like to exercise your right of withdrawal or objection, simply send an email to [email protected].

Data Security

a) While you visit our website, we use the common SSL procedure (Secure Socket Layer) with the highest possible encryption level supported by your browser. As a general rule, this is a 256-bit encryption. If your browser does not support 256-bit encryption, we will resort to 128-bit v3 technology instead. Whether an individual page of our website is transmitted in encrypted form is indicated by the display of the closed key/lock symbol in the lower status bar of your browser.
b) We also use appropriate technical and organizational security measures to protect your data against accidental or intentional tampering, partial or complete loss, destruction or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.
Furthermore, we bind our employees to observe your privacy and confidentiality rights pursuant to the EU General Data Protection Regulation (GDPR).

Changes to This Privacy Statement

In the event of new developments such as changes to the applicable data privacy laws, we will, if necessary, update this privacy statement accordingly.

PLEASE NOTE: The German version of this Privacy Policy will govern our relationship. This translated version is provided for convenience only and will not be interpreted to modify the German version.
Last updated: June 1, 2024