We are delighted to welcome you to the website of Capri Sun AG, part of the Capri Sun Group Holding AG (Capri-Sun website). We have created this privacy statement to demonstrate our firm commitment to the protection of your privacy and personal data.
Capri Sun AG takes your legitimate interests in data protection very seriously and observes the provisions of the European General Data Protection Regulation (GDPR) and where applicable, the provisions of other applicable data protection regulations.
Capri Sun AG handles the data transmitted by you carefully and with due diligence. As far as data of any kind is collected, processed or used, this is always done within the scope of the applicable legal provisions or after obtaining explicit consent from you.
Protecting the individual’s privacy on the Internet is crucial to the future of Internet-based business models and the move toward a true Internet economy. Capri Sun AG has created this privacy statement to demonstrate its firm commitment to the individual’s right to privacy. This privacy statement outlines Capri Sun AG's personal information handling practices for this website.
This privacy statement covers this website and all other sites that reference this privacy statement. Some Capri Sun AG entities may have their own, possibly different, privacy statements. We encourage you to carefully read the privacy statements of each of the Capri Sun websites you visit.
The controller according to Art. 4 Para. 7 of the General Data Protection Regulation (GDPR) is:
Capri Sun AG
Neugasse 22
CH – 6300 Zug
Trade Register Office Canton of Zug: CHE-102.016.538
Phone: +41 41 7689508
Fax: +41 417689501
Contact us here
You can contact Capri Sun AG's company data protection officer at:
Capri Sun AG
Anke Moser
Global Privacy Fundamentals
Our privacy practices reflect current global principles and standards on handling personal information. These principles include notice of data use, choice of data use, data access, data integrity, security, onward transfer, and enforcement/oversight. Capri Sun AG abides by the EU General Data Protection Regulation (GDPR).
It is our policy not to collect and store any personal data about you when you visit the Capri Sun AG website. Rather, this only happens in cases where we have expressly asked you for personal data beforehand. If, for example, you participate in a prize draw, we will ask you for your name and address to contact you in case you win.
Consent 
By using this website, you consent to the electronic collection and use of the information as described here. If Capri Sun AG decides to make changes to this privacy statement, we will post the changes on this site so that you will always know what data we store, and how we use it.
From time to time, as may be required by applicable law, we may also seek your explicit consent to process certain personal data and information collected on this website or volunteered by you.
Collection and Processing of Your Personal Data
To serve you better and understand your needs and interests, Capri Sun AG collects and uses personal information in the following manner and in accordance with applicable data protection laws.
When you visit our website, we may record your IP address in anonymized form and use cookies and other Internet technologies (referred to below as "Automated Tools" and "Embedded Web Links") to gather general information about our visitors and their interests. The technologies used and the information collected are described in more detail below.
We may further collect and process any information and data that you volunteer to us, e.g. when you register for events, subscribe to newsletters, participate in online surveys, discussion groups or forums, or when you make purchases.
Use and Purpose of Collected Personal Data
The data Capri Sun AG collects to understand your needs and interests helps Capri Sun AG deliver a consistent and personalized experience. Capri Sun AG will use such data only as described in this privacy statement. We will not subsequently change the way your personal data is used without your consent unless this is otherwise permitted by law.
We always process your personal data for a specific purpose.
In particular, we process your personal data for the following purposes:
  • To manage our relationship with you, e.g. through our databases, in which we collect data about you from our various sources in order to get an overview of the collaboration; also, to improve and individualize our understanding of your preferences and our communication with you;
  • To process your orders and deliver the products and services that you have ordered.
  • To implement tasks in preparation of or to perform existing contracts;
  • To evidence transactions and ensure transparency on transfers of value;
  • To provide you with appropriate and current information about research as well as our products and services;
  • To improve the quality of our products and services by adapting our offering to your specific needs;
  • To answer your requests and provide you with efficient support;
  • To track our activities (e.g. measuring collaboration or sales, number of appointments/calls, issues discussed, documents presented);
  • To invite you to events sponsored or used by us (e.g. speaker events, conferences);
  • To grant you access to our specified IT systems so that you can use certain services of Capri Sun AG;
  • To manage our IT resources, including infrastructure management and business continuity;
  • To preserve the company’s economic interests and ensure compliance and reporting (such as complying with our policies and local legal requirements, tax and deductions, internally defined contribution caps, managing alleged cases of misconduct or fraud; conducting audits and defending litigation);
  • Archiving and record keeping;
  • To support recruitment inquiries;
  • Billing and invoicing; and any other purposes imposed by law and authorities.

In certain cases, we are legally obliged to transfer certain data to the requesting government agency (institution or authority). The legal basis for the processing is Art. 6. Para. 1 (c) GDPR.

In some cases, business partners require personal data from our customers. This is usually done for the purpose of order fulfillment (e.g. in case of complaints). This is expressly provided for by law. In this case, Capri Sun AG remains responsible for the protection of your data – in addition, the processor may also be responsible. The service provider works strictly in accordance with our instructions, which Capri Sun AG ensures by means of strict contractual regulations.

To fulfil legal obligations to record, document and report to the responsible authorities.

IP Addresses
We use IP addresses to help diagnose problems, to administer our website, and to gather demographic information. We may also use IP addresses or other information you have shared on this website to determine which pages on our sites are being visited and topics that may be of interest to our visitors so we can provide you with information about relevant products and services. Capri Sun AG only collects such data in anonymized form and will not link it to a registered user's profile without the consent of that user. When you visit our site, we recognize only your domain name.
Capri Sun AG will only gather data related to your visit to the Capri Sun website. We do not track or collect personal data from your visits to companies or entities outside the Capri Sun AG group of companies.
Server Log Files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
  • browser type and browser version
  • the operating system used
  • referrer URL
  • the host name of the accessing computer
  • the time of the server request
  • IP address
This data is not merged with other data sources. The legal basis for processing these data is Art. 6 Para. 1 (b) GDPR, which permits the processing of data for the fulfilment of a contract or pre-contractual measures.
Cookie Consent With Borlabs Cookie

 

Our website uses Borlabs Cookie Content technology to obtain your consent to the storage of certain cookies in your browser and to document this consent in accordance with data protection regulations. This technology is provided by Borlabs – Benjamin A. Bornschein, Georg-Wilhelm-Str. 17, 21107 Hamburg, Germany (hereinafter Borlabs).
When you enter our website, a Borlabs cookie is saved in your browser which stores the consent you have given or the revocation of such consent. This data is not shared with the provider of the Borlabs cookie.
The collected data will be stored until you request us to delete it or delete the Borlabs cookie yourself or until the purpose for which the data is stored no longer applies. Statutory retention periods remain unaffected. Details on the data processing of Borlabs Cookie can be found at https://borlabs.io/kb/what-information-does-borlabs-cookie-store/
Borlabs Cookie Consent technology is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 Para. 1 Sent. 1 (c) GDPR.
Cookies

a) We use cookies on our website(s). These are small files that your browser automatically creates and stores on your device (laptop, tablet, smartphone, etc.) when you visit our websites. Cookies cannot do damage to your computer and do not contain viruses, trojans or any other malware. The information stored in the cookie pertains to the specific device used. This, however, does not give us direct knowledge of your identity. The use of cookies serves to make using our online services more pleasant for you. For example, we use what are known as session cookies to determine that you have already visited individual pages on our website. These are automatically deleted after leaving our website.

b) In addition, to further improve usability, we also use temporary cookies that are stored on your device for a specified period of time. If you visit our website again to use our services, we will automatically determine that you have already visited our website and what inputs and settings you have made in order to avoid having to re-enter them.

c) Furthermore, we use cookies to statistically record the use of our website and to analyze it for the purpose of optimizing our website offerings. These cookies enable us to automatically determine that you have visited our website before. These cookies are automatically deleted after a defined period of time.

d) The data processed by cookies are necessary for the purposes mentioned in order to safeguard our legitimate interests and the interests of third parties under Art. 6 Para.1 Sent. 1 (f) GDPR.

e) Most browsers accept cookies automatically. You can, however, configure your browser in such a way that no cookies are stored on your computer or that a notice is displayed before a new cookie is created. Disabling cookies completely, however, may mean that you will not be able to use all the features on our website.

Email Addresses

If you choose to give us your email address or submit it through our contact form, we will communicate with you via email. We do not share your email address with others outside Capri Sun AG or the Capri Sun Group Holding AG group of companies. You can opt out of receiving email communications from Capri Sun AG at any time.

External Service Providers

We work with external service providers that process certain data on our behalf. This is done exclusively in accordance with the applicable data protection laws. In particular, we have entered into commissioned data processing agreements with our service providers which satisfy the requirements of Art. 28 GDPR.

Prize Draws
From time to time we run prize draws on the Capri Sun AG website and in social networks like Facebook and Instagram. We use the personal data that we collect from you as part of your entry in the prize draw only for the purpose of running the prize draw – and only with your express prior consent.
You can withdraw your consent at any time by sending an email to [email protected] Withdrawing your consent, however, means you will no longer participate in the prize draw.
In case you win, we need your address to be able to send you your prize. If we ask you for your address data for the purpose of sending you a prize and you subsequently supply us with the address, this implies your consent to the collection of your address data. You may also withdraw this implied consent at any time. If, however, we have not yet sent the prize at the time of withdrawal, we will no longer be able to send you your prize.
Email Newsletter
Information About the Newsletter and Consent

With the following information, we inform you about the content of our newsletter as well as the registration, sending and statistical analysis procedures as well as your right of objection. By subscribing to our newsletter, you agree to the receipt and the procedures described.

Content of the Newsletter
You can subscribe to an email newsletter on the Capri Sun AG website.
To sign up for the newsletter, it is sufficient to enter your email address. We also use additional data such as last and first name, country, and customer group. The sole purpose of the information provided is personalization and segmentation of the newsletter.
We send newsletters and emails with advertising information (hereinafter "newsletter") only with the consent of the recipient or a legal permission. The content of the newsletter described as part of the newsletter registration are authoritative for the consent of the users.
Your consent – which may be withdrawn at any time – is given by entering your email address in the field for subscribing to the newsletter.
Double Opt-in and Logging

Subscribing to our newsletter involves what is known as a double opt-in process. This means that after subscribing, you will receive an email requesting that you confirm your subscription. This confirmation is necessary to verify that you are subscribing with your own email address. Subscriptions to the newsletter are logged in order to be able to verify that the subscription process was consistent with legal requirements. This includes storing the time of subscription and confirmation as well as the IP address.

Statistical Survey and Analysis
The newsletters contain a "web beacon", that is, a pixel-sized file that is retrieved when the newsletter is opened. With this retrieval, technical information such as information about the browser and your system as well as your IP address and the time of retrieval is initially collected. This information serves to improve the technical performance of services based on the technical data or target audiences and their reading habits, based on their locations (which can be determined using the IP address) or access times.
These statistical surveys also include determining whether newsletters are opened, when they are opened, and which links are clicked. Even though this information can be attributed to individual newsletter recipients for technical reasons we do not endeavor to monitor individual users. Rather, these analytics serve to determine the reading habits of our users and to adapt our content accordingly or to send different content that accommodates the interests of our users.
Data Transfer, Transfer to a Third Country
Your personal data will not be transferred to third parties for any purposes other than those set out below. We will only transfer your personal data to third parties if:
a) you have given your express consent in accordance with Art. 6 Para. 1 Sent. 1 (a) GDPR, Art. 26 Para. 2 German Federal Data Protection Act (BDSG),
b) the transfer is necessary in accordance with Art. 6 Para. 1 Sent. 1 (f) GDPR for the purpose of asserting, exercising or defending legal claims, and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data,
c) in the event that there is a legal obligation to transfer the data pursuant to Art. 6 Para. 1 Sent. 1 (c) GDPR and
d) this is legally permissible and necessary under Art. 6 Para. 1 Sent. 1 (b) GDPR for the execution of a contractual relationship with you or for pre-contractual measures at your request.
With the exception of the Capri Sun Group Holding AG group of companies, transfer to a third country or an international organization is not intended and there is no automated decision making unless otherwise provided in this privacy statement.
Capri Sun AG may also share such information with business partners, service vendors, authorized third-party agents or contractors in order to provide a requested service or transaction, including processing orders, providing customer support, or providing you with information on products and services that may be of interest to you.
We do not, however, sell or rent your personal data to third parties for marketing purposes unless you have granted us permission to do so.
Capri Sun AG may respond to subpoenas, court orders, or legal process by disclosing your personal data and other related information, if necessary. We also may choose to establish or exercise our legal rights or defend against legal claims.
Circumstances may arise where, whether for strategic or other business reasons, Capri Sun AG decides to sell, buy, merge, or otherwise reorganize businesses. Such a transaction may involve, in accordance with applicable law, the disclosure of personal information to prospective or actual purchasers. It is Capri Sun AG’s practice to seek appropriate protection for information in these types of transactions.
We may collect and possibly share personal data and any other additional information available to us in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, or violations of Capri Sun AG's terms of use, or as otherwise required by law.
Data Transfer to Third Countries, Particularly to the USA

Some third-party providers also process personal data in a third country without an adequate level of EU data protection, e.g. in the USA. We are obliged to inform you that according to the decision of the European Court of Justice and in the opinion of the Conference of Independent Data Protection Supervisory Authorities of the Federation and the Länder (DSK) of July 28, 2020 (Schrems II), there is currently no adequate level of data protection for the transfer of data to the USA. This can be associated with various risks to the legality and security in terms of data protection law. As a basis for data processing at recipients located in third countries (outside the European Union, Iceland, Liechtenstein, Norway and particularly in the USA) or a data transfer there, third party providers use standard contractual clauses approved by the EU Commission (Art. 46 Para. 2 and 3 GDPR). These clauses oblige third-party providers to comply with the EU level of data protection when processing relevant data even outside the European Union. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here, among other places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=e

 

Links to social networks
The Capri Sun's website has links on some of its pages that can serve to establish a connection to social networks such as Facebook, Instagram, LinkedIn, and XING.
This allows for a connection between your Internet browser and the server of the relevant social network to be established for a short period of time and the content of the platform to be transmitted from there to your Internet browser.
The operator of the social network learns your IP address when you click on these links. In certain cases, the operator of the social network additionally tries to store a cookie on your computer, which is deleted when you close your internet browser.
If you are logged in to your relevant social network account at the same time, information regarding your visit to the Capri Sun AG website may be attributed to your account with that social network and stored, processed and used by the operator of the social network.
The Capri Sun Website contains links to the social networks www.facebook.com and www.instagram.com. You can only use the website if you have a Facebook user account and or an Instagram user account and are logged in with it. Go to www.facebook.com/about/privacy/ to learn how Facebook processes and uses the data you disclose as a user of facebook.com and to what extent you can restrict its publication.
Analysis Tools

The tracking measures listed below and used by us are carried out based on Art. 6 Para. 1 Sent. 1 (f) GDPR. With the tracking measures used, we want to ensure a needs-based design and the continuous optimization of our website. Furthermore, we use tracking measures to statistically record the use of our website and to analyze it for the purpose of optimizing our website offerings. These interests are considered legitimate within the meaning of the aforementioned provision. For the respective data processing purposes and data categories, please refer to the corresponding tracking tools described in detail below.

 

Privacy Statement for the Use of Google Analytics

This website uses Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House 4, Barrow St, Dublin, D04 E5W5, Ireland ("Google"). Google (Universal) Analytics uses "cookies", which are text files placed on your end device to help analyze how you use the website. The information generated by the cookie about your use of this website (including your truncated IP address) will usually be transmitted to and stored by Google on servers, where it may also be transmitted to servers of Google LLC. in the USA.

This website uses Google Analytics exclusively with the extension "_anonymizeIp()", which ensures an anonymization of the IP address by truncation and excludes a direct personal reference. Through the extension, Google will truncate your IP address within member states of the European Union or in other member states of the European Economic Area. Only in exceptional cases will your full IP address be transmitted to a Google LLC. server in the USA and truncated there.

On our behalf, Google will use this information to for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing us with other services relating to website activity and internet usage. During this process, Google will not associate your browser’s IP address, transmitted for Google Analytics purposes, with any other data held by Google.

Google Analytics also enables the creation of statistics with statements about the age, gender and interests of site visitors on the basis of an evaluation of interest-based advertising and with the inclusion of third-party information via a special function, the so-called "demographic characteristics". This allows the definition and differentiation of user groups of the website for the purpose of targeting marketing measures. However, data records collected via the "demographic characteristics" cannot be matched to a specific person.

Details on the processing triggered by Google Analytics and Google's handling of data from websites can be found here:
All of the processing described above, in particular the setting of Google Analytics cookies for the reading of information on the end device used, will only be carried out if you have given us your express consent to do so in accordance with Art. 6 Para. 1 (a) GDPR. Without this consent, Google Analytics will not be used during your visit to the website.
You have the right at any time to withdraw your consent with effect for the future. To exercise your right to withdraw your consent, please disable this service in the "Cookie Consent Tool" provided on the website. We have concluded a data processing agreement with Google for the use of Google Analytics, which obliges Google to protect the data of our site visitors and not to pass it on to third parties.
For the transfer of data from the EU to the USA, Google refers to so-called standard data protection clauses of the European Commission, which are intended to ensure compliance with the European data protection level in the USA.
Privacy Statement for the Use of Google Tag Manager
Use of Google Tag Manager: Google Tag Manager is a solution that allows marketers to manage website tags using an interface. The Tag Manager tool itself (which implements the tags) is a cookie-less domain and does not collect any personal data. The tool causes other tags to be activated which may, for their part, register data under certain circumstances. Google Tag Manager does not access this information. If recording has been deactivated on domain or cookie level, this setting will remain in place for all tracking tags implemented with Google Tag Manager. https://www.google.de/tagmanager/use-policy.html
Privacy Statement for the Use of Google AdSense
This website uses Google AdSense, a Web-advertising-service of Google Inc. (“Google”). Google AdSense uses "cookies", which are text files placed on your computer to help the website analyze how users use the site. Google AdSense also uses web beacons (transparent graphic images). These web beacons are used to analyze information such as website traffic.
The information created by the cookies and web beacons about the usage of this website (including IP address) and advertisement formats will be transferred to a Google server in the USA. Google can pass this information on to contracted partners. Google will not merge your IP address with your other information though.
You may refuse the use of cookies by selecting the appropriate settings on your browser, however, please note that if you do this you may not be able to use the full functionality of this website. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.

 

Privacy Statement for the Use of Display & Video DV 360 Platform by Google
Our website uses Display & Video 360 (DV360) – a tool of the Google Marketing Platform. DV360 uses cookies to serve ads relevant to users and optimize campaign performance. In addition, cookie ID information may be used to track conversions related to ad inquiries. The cookie ID may be used to link the ad served to a subsequent purchase. According to Google, DV360 cookies do not contain any personal information. We have no influence on any processing and use of the data by Google as well as identifiability through any (personally identifiable) aggregation of data on the part of Google. The DV360 cookies placed help us analyze and understand how you communicate with our website and/or perform certain actions when you click on our content on Google or other platforms (conversion tracking). In the event that personal data is transferred to the USA, we obtain your express consent for this data transfer via the cookie banner in accordance with Art. 49 Para. 1 (a) GDPR.
You can also object to the display of personalized advertising through Google’s advertising settings here, or through the “About Ads” self-regulatory campaign at: http://www.aboutads.info/choices.
Privacy Statement for Amazon Advertising Tag - Conversion Tracking
This website uses the conversion tracking technology "Amazon Tag" by Amazon Advertising, amazon.com, PO Box 504, 94302 Palo Alto, CA.
If you have arrived at our website from an ad in the Amazon inventory, a cookie is set by us on your computer, which interacts with a likewise implemented "tag" in the form of a JavaScript code from Amazon. Cookies are small text files that are stored on your end device. These cookies expire after 180 days and are not used for personal identification.
If the user is redirected from an ad in the Amazon inventory to pages on this website and the cookie has not yet expired, the tag records certain user actions predefined by us and can track them (e.g. completed transactions, leads, searches on the website, calls to product pages). When such an action is performed, your browser sends an HTTP request from the cookie to Amazon's server via the Amazon tag, with certain information about the action (including type of action, time, browser type of the end device).
Through this transmission, Amazon can create statistics about the usage behavior on our website after forwarding from an ad in the Amazon inventory, which serve us to optimize our offer.
If personal user data is processed in the process, this is done in accordance with Art. 6 Para. 1 (f) GDPR on the basis of our legitimate interest in the statistical evaluation of the success of product ads in the Amazon inventory and the purchasing behavior of the user and thereby serves to optimize our online offering.
However, we will not receive information that personally identifies users.
When using Amazon DSP, personal data may also be transmitted to the servers of Amazon.com in the USA.
If you do not wish to participate in the tracking program, you can refuse the use of this program by deactivating the Amazon Tag tracking conversion cookie via your Internet browser through the user settings. You will then no longer be included in the conversion tracking statistics.
If you would like to prevent the collection of pseudonymized data by Amazon DSP, please click on the following link: Link to opt-out (interest-based advertising)
Insofar as legally required, we have obtained your consent for the processing of your data as described above in accordance with Art. 6 Para. 1 (a) GDPR. You have the right at any time to withdraw your consent with effect for the future. In order to exercise your right to withdrawal, please follow the procedure described above for making an objection.
Privacy Statement for the Use of Facebook Dynamic Ads for Remarketing
On our website, we use the remarketing function of Facebook Dynamic Ads of Facebook Inc. (1601 S. California Ave, Palo Alto, CA 94304, USA; "Facebook") to target our website visitors with interest-based advertising on the Facebook social network. For this purpose, Facebook remarketing tags have been implemented on the website, which establish a direct connection to the Facebook servers. In doing so, it is transmitted to the Facebook servers which of our pages were visited, which products were viewed or purchased. Facebook matches this information to your personal Facebook user account.
When using Facebook Dynamic Ads for Remarketing, personal data may also be transmitted to the servers of Facebook in the USA.
When you visit the social network Facebook, you will be served personalized, interest-based Facebook ads.
You have the right to object, on grounds relating to your particular situation, at any time to this processing of personal data concerning you which is based on Art. 6 Para. 1 (f) GDPR.
For this purpose, you can disable the Facebook Dynamic Ads functionality at the following link of the non-profit association EDAA: http://www.youronlinechoices.com/de/praferenzmanagement/
You can find more information about Facebook's collection and use of the data, about your rights in this regard, and your options to protect your privacy Facebook's privacy policy at https://www.facebook.com/about/privacy/.
Insofar as legally required, we have obtained your consent for the processing of your data as described above in accordance with Art. 6 Para. 1 (a) GDPR. You have the right at any time to withdraw your consent with effect for the future. In order to exercise your right to withdrawal, please follow the procedure described above for making an objection.
Privacy Statement for the Use of ChannelSight eCommerce
Many of our products can be purchased directly through hyperlinks (e.g. "Purchase Online" button) to online shops of retailers that work with us ("Buy now" function). If you click on the respective hyperlink to the chosen product page in the dealer's online shop, we use JavaScript code and cookies (i.e. conversion tracking) to log that you clicked on the hyperlink and whether or not you purchase the product in the dealer's online shop. The usage data collected in this way is used to measure the attractiveness of the "Buy now" function and, where applicable, for commission settlement purposes with the dealer's online shop (i.e. affiliate marketing). Sometimes dealers' online shops pay us a commission when we successfully redirect prospective customer/buyers to them.
For tracking, we rely on the service provider ChannelSight Ltd., Suite 3, Anglesea House, Carysfort Ave., Blackrock, Co. Dublin, Ireland (www.channelsight.com). The information regarding your use of the “Buy now” function is transferred to ChannelSight servers, analyzed and returned to us only in the form of cumulative data indicating trends regarding the use of the "Buy now" function.
In direct relation to the "Buy now" function, we will again inform you separately about the collection of your usage data. By using the respective buttons on our website, you give your consent for the inter-website tracking of your website use and the analysis by us for the indicated purposes, and in particular to the associated data collection by ChannelSight and the retailer, as well as the transfer of data from ChannelSight and the retailer to us. The usage data is deleted once it is no longer required for commission settlement and analysis.
Opt-out: To prevent the collection of usage data via ChannelSight, please use the ChannelSight opt-out website which can be reached at the following link: https://www.channelsight.com/privacy-policy/.
Privacy Statement for the Use of Facebook Social Plugins
We use social plugins ("plugins") of the social network facebook.com on the basis of our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offering within the meaning of Art. 6 Para. 1 (f) GDPR) social plugins ("plugins") of the social network facebook.com, which is operated by Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("Facebook"). The plugins can display interaction elements or content (e.g. videos, graphics or text contributions) and are recognizable by one of the Facebook logos (white "f" on blue tile, the terms "Like" or a "thumbs up" sign) or are marked with the addition "Facebook Social Plugin". For a list and appearance of Facebook social plugins go to: https://developers.facebook.com/docs/plugins/.
Facebook is certified under the Privacy Shield agreement and thereby offers a guarantee of compliance with European data protection law

 

Privacy Statement for the Use of Facebook Pixel and Custom Audiences
We use the online marketing tools "Facebook Pixel and Custom Audiences" of Facebook Inc, 1 Hacker Way, Menlo Park, CA 94025, USA, and Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, respectively, if you are a resident of the EU ("Facebook").
Facebook processes your data under its own data protection responsibility as part of Facebook's data usage policy. You can find information about Facebook ads and Facebook pixels with the following links: https://www.facebook.com/policy and https://www.facebook.com/business/help/651294705016616
Opt-out: To permanently prevent the collection of usage data, please use the following link: http://www.aboutads.info/choices or http://www.youronlinechoices.eu/
As a registered Facebook user, you can also set what types of ads are displayed to you within Facebook. Call the following link: https://www.facebook.com/settings/?tab=ads
FACEBOOK INC. and THE EU-US PRIVACY SHIELD and SWISS-US PRIVACY SHIELD

Facebook Inc. ("Facebook") is now certified for the EU-US Privacy Shield Framework Agreement and the Swiss-US Privacy Shield Framework Agreement (https://www.dataprivacyframework.gov) (collectively, the "Privacy Shield Framework Agreements") by the U.S. Department of Commerce. These agreements address the collection and processing of personal data of our advertisers, customers, or business partners in the European Union and Switzerland (if a Swiss data controller uses Facebook as a data processor) (the "Partners") in connection with the products and services described in our Certification (https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fflx%2Fwarn%2F%3Fu%3Dhttps%253A%252F%252Fwww.privacyshield.gov%252Fparticipant%253Fid%253Da2zt0000000GnywAAC%26h%3DAT3_cQ8UZ-wUJ6Kg9odJMpjNI5OqMCAqKA04-OJDuEkuoftAFn-81PRkQ8aUtLP1aSqWDZKvprTxNVl3NX6A_OM52Yw_A1F8DS5e4iURH571uU4Asl0YBU6tRU4lvZ1gADVEykmJAkAST66PW19dnKD84YFTs4zPIX74CA).

When a user calls up a function of this online offering that contains such a plugin, his device establishes a direct connection with the Facebook servers. The content of the plugin is transmitted directly from Facebook to the user’s device, which integrates it into the online offering. In doing so, usage profiles of the users can be created from the processed data. We therefore have no influence on the amount of data that Facebook collects with the help of this plugin and therefore inform users according to our level of knowledge.

By embedding the plugins, Facebook receives the information that a user has called up a certain page of the online offering. If the user is logged in to Facebook, Facebook may match the visit to their Facebook account. If users interact with the plugins, e.g. press the Like button or leave a comment, the respective information is transmitted directly to Facebook by your device and stored there. If a user has no Facebook account, there is still a possibility that Facebook identifies and stores their IP address. According to Facebook, only an anonymized IP address is saved in Germany.

Purpose and extent of data collection, further processing and use of data by Facebook as well as rights in this regard and configuration options to protect the privacy of users can be found in the Privacy Policy of Facebook at: https://www.facebook.com/about/privacy/.

If a user has a Facebook account and does not want Facebook to collect data about them through this online offering and link it to their account data stored by Facebook, they must log out of Facebook before using our online offering and delete their cookies. Further settings and objections to the use of data for advertising purposes, are possible within the Facebook profile settings: https://www.facebook.com/settings?tab=ads or via the US site http://www.aboutads.info/choices/ or the EU site http://www.youronlinechoices.com/. The settings are platform-independent, i.e. they are applied to all devices, such as desktop computers or mobile devices.

Privacy Statement for the Use of YouTube Plug-Ins
Our website employs plug-ins provided by the Google-operated website YouTube. Operator of this site is: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, fax: +353 (1) 436 1001.
When you visit a site equipped with a YouTube plug-in, a connection is established to the YouTube servers. In the process, the YouTube server is informed which of our pages you have visited. If you are logged in to your YouTube account, you enable YouTube to associate your browsing behavior with your personal profile. You can prevent this by logging out of your YouTube account.
The use of YouTube takes place in the interest of an appealing presentation of our online services. This represents a legitimate interest in the sense of Art. 6 Para. 1 (f) GDPR. For more information on the handling of user data, please refer to YouTube's privacy policy at: https://www.google.com/analytics/terms/us.html, the data protection overview at: https://support.google.com/analytics/answer/6004245?hl=en, and the privacy statement at: https://policies.google.com/privacy?hl=en&gl=en.
If you do not wish to participate in the tracking process, you can disable the automatic setting of cookies in your browser settings. You can also choose to block only specific cookies for conversion tracking by modifying your browser settings so that cookies from the domain "googleadservices.com" are not allowed.
For further information and to view the Google privacy policy, click here (https://policies.google.com/technologies/ads?hl=enhttps://policies.google.com/technologies/ads?hl=en) and here (https://policies.google.com/privacy?hl=en&gl=en).
Privacy Statement for the Use of TikTok
We use "TikTok" services on our website. (for EU: TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland).
If you have not given your consent in the Consent Manager, you have the option of giving it at a later time with what is known as the "2-click solution". When you visit a page that has a TikTok video embedded, a connection to the TikTok servers is not established until you click the confirm button. In this case, TikTok will set cookies and use the data from your visit for its own purposes. If you are logged in to TikTok at that time, the information about the videos you watch will be matched to your TikTok user account. You can prevent this by logging out of your member account before visiting our website.
You run the risk that your data will be processed in and transferred to the United States, i.e., a third country outside the European Union (EU) or the European Economic Area (EEA). For this country, there is no adequacy decision by the EU Commission to ensure that its level of data protection is equivalent to the European standard. According to the European Court of Justice (ECJ), there is a particular risk that data will be processed unnoticed by U.S. authorities for surveillance purposes. The legal basis for the processing of your data is your consent pursuant to Art. 49 Para. 1 Sent. 1 (a) GDPR. You have the right at any time to withdraw your consent with effect for the future.
For more information, please read to TikTok's privacy policy at https://www.tiktok.com/legal/privacy-policy-eea?lang=en.
The legal basis for this processing is your consent pursuant to Art. 6 Para. 1 Sent. 1 (a) GDPR. You have the right at any time to withdraw your consent with effect for the future by accessing the cookie settings and changing your selection.
Privacy Statement on the Use of Facebook

This website uses technology from Facebook Ireland Limited ("Facebook", 4 Grand Canal Square, Dublin 2, Ireland). Facebook is an Internet advertising service that allows advertisers to target users with ads on Facebook directly and on the Facebook ad network. By using the remarketing function "Custom Audiences", users of the website are shown what is known as "Facebook Ads" when visiting Facebook or other sites using the technology, which contain interest-based ads. The purpose is to make our website more attractive through targeted marketing as well as the placement of ads. If you have a Facebook account, this can be recognized by the set Facebook pixel through which the collected usage data is transmitted to Facebook. The Facebook pixel is a JavaScript code. Facebook uses tracking cookies to target Facebook ads based on information about user behavior and device-related information. This data is stored for no longer than 180 days. For more information on the purpose and extent of data collection, further processing and use of data by Facebook and your configuration options to protect your privacy please refer to Facebook's Privacy Policy. If you do not want to be shown interest-based ads, you can disable this feature in your browser.

We have no influence on information that is processed and/or merged by Facebook. Facebook may be able to identify you, for example, if the data can be matched to your Facebook account or you are logged into a Facebook account.

You can find out about corresponding Facebook ad settings at https://www.facebook.com/about/basics/advertising and manage settings accordingly. Instructions on how to do this can be found here https://www.facebook.com/about/basics/advertising/ad-preferences. Logged in users can disable and manage the settings here https://www.facebook.com/settings/?tab=ads#_.

The data generated in this context may be transferred by Facebook to a server in the USA for analysis and stored there. In the event that personal data is transferred to the USA, we obtain your express consent for this data transfer via the cookie banner in accordance with Art. 49 Para. 1 (a) GDPR.

 

Privacy Statement for the Use of LinkedIn

Our website employs plug-ins provided by the LinkedIn network, a service of LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA (hereinafter "LinkedIn"). You can recognize the LinkedIn plug-ins by the LinkedIn logo or the "Share" button on our site (hereinafter referred to as "LinkedIn plug-ins"). When you visit our website, the LinkedIn plug-ins establish a direct connection between your browser and the LinkedIn server. This provides LinkedIn with the information that you have visited this website using your IP address. When you click the LinkedIn “Share” button while you are logged into your LinkedIn account, you can link the contents of this website with your LinkedIn profile. This allows LinkedIn to allocate the visit to this website to your account. Please note that as the provider of this website we receive no information from LinkedIn regarding the contents of the transmitted data or how it is used. For details on data collection (purpose, extent, further processing, use) as well as your rights in this regard and your settings options, refer to LinkedIn's privacy policy. You can find the LinkedIn privacy policy at http://www.linkedin.com/static?key=privacy_policy&trk=hb_ft_priv

Privacy Statement for the Use of XING

The "XING share button" is used on this website. When you visit this website, your web browser will briefly connect to the servers of XING AG ("XING") which provide the functions of the "XING share button" (including a visitor counter). XING does not store any personal data about you and your visit when you visit the website. XING does not store IP addresses or use cookies to monitor your visit behavior in relation to the "XING share button". Please visit the following website for the latest version of the XING share button privacy policy and for further information: https://dev.xing.com/plugins/share_button/privacy_policy

Privacy Statement for the Use of Instagram

Our online offering may include functions and contents of the service Instagram, provided by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. This may include, for example, content such as images, videos, or text and buttons that allow users to express their liking for the content, subscribe to the content creators, or subscribe to our posts. If the users are members of the Instagram platform, Instagram can match the accessing of the above-mentioned content and functions to the profiles of the users there. Instagram's Privacy Policy: http://instagram.com/about/legal/privacy/.

Privacy Statement for the Use Microsoft Teams
We use the "Microsoft Teams" service of Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399 USA (hereinafter "Microsoft Teams") to conduct online meetings, video conferences, and/or webinars. In the case of using Microsoft Teams, different types of data are processed.
The extent of the data processed depends on the data you provide before or during participation in an online meeting, video conference, or webinar. When using Microsoft Teams, data of the communication participants is processed and stored on Microsoft Teams servers. This data may include, but is not limited to, your credentials (name, email address, phone (optional), and password) and meeting data (topic, participant IP address, device information, description (optional)).
In addition, visual and auditory contributions of the participants, as well as voice inputs in chats may be processed. When processing personal data that is necessary for the performance of a contract with you (this also applies to processing operations that are necessary for the implementation of pre-contractual measures), Art. 6 Para. 1 (b) GDPR serves as the legal basis. If you have given us your consent for the processing of your data, the processing is based on Art. 6 Para. 1 (a) GDPR. Consent, once given, can be withdrawn at any time with effect for the future. Furthermore, the legal basis for data processing when conducting online meetings, video conferences, or webinars is our legitimate interest in accordance with Art. 6 Para. 1 (f) GDPR in the effective conduct of the online meeting, webinar, or video conference.
For more information regarding data usage by Microsoft Teams, please refer to the Microsoft Teams Privacy Policy at:
Links to Other Websites

Our website may contain links to third-party websites. Capri Sun AG is not responsible for the privacy practices or the content of third-party websites or websites that are not owned by Capri Sun AG or its affiliates.

 

Data Retention

Capri Sun AG will not retain your personal data longer than is necessary to fulfill the purposes for which it was collected or as required by applicable laws or regulations.

Applicant Privacy Notice

(1) We process applicant data only for the purpose and in the context of the application procedure in accordance with the legal requirements. The processing of the applicant data takes place in order to fulfil our (pre)contractual obligations within the scope of the application procedure pursuant to Art. 6 Para. 1 (b). GDPR, Art. 6 para. 1 (f) GDPR insofar as data processing becomes necessary for us, e.g. within the framework of legal proceedings.

(2) The application process requires that applicants provide us with their data. Necessary applicant data are personal details, postal and contact addresses, email address, and the documents accompanying the application, such as cover letter, curriculum vitae and certificates. In addition, applicants may voluntarily provide us with additional information.

(3) By submitting the application to Capri Sun AG, applicants agree to the processing of their data for the purposes of the application process in accordance with the type and scope set out in this privacy statement.

(4) Insofar as special categories of personal data pursuant to Art. 9 Para. 1 GDPR are voluntarily disclosed in the application process, they are additionally processed in accordance with Art. 9 Para. 2 (b) GDPR (e.g. health data, e.g. severely disabled status or ethnic origin). Insofar as special categories of personal data pursuant to Art. 9 Para. 1 GDPR are requested from applicants in the application process, they are additionally processed in accordance with Art. 9 Para. 2 (a) GDPR (e.g. health data, if these are required for exercising the profession).

(5) Applicants can send their applications by mail or email. Please note, however, that emails are generally not sent in encrypted form and that the applicants themselves must ensure that they are encrypted. We therefore cannot accept any responsibility for the transmission of the application between the sender and the reception on our server. If the applicant is concerned about the security of the application documents sent by email, we recommend sending the application documents by mail.

(6) The data provided by the applicants may be further processed by us in the event of a successful application for employment purposes. Otherwise, if the application for a job opening is not successful, the applicants' data will be deleted. Applicants' data will also be deleted if an application is withdrawn, which the applicants are entitled to do at any time.

(7) The deletion is subject to a legitimate withdrawal by the applicant and carried after a six-month application period so that we can answer any follow-up questions regarding the application and meet our obligations under the Equal Treatment Act.
In the event that you have agreed to the continued storage of your personal data, we will transfer your data to our applicant pool. There, the data will be deleted after two years.
If you have been accepted for a job in the application process, the data from the applicant data system will be transferred to our personnel information system.
Invoices for any reimbursement of travel expenses are archived in accordance with tax regulations.
Data Subject Rights
You have the right
a) in accordance with Art. 15 GDPR, to request information about your personal data processed by us. In particular, you may request information about the purposes of processing, the categories of personal data concerned, the categories of recipients to whom your personal data have been or will be disclosed, the planned storage period, the existence of the right to rectification, deletion, restriction or objection of processing of personal data, the right to lodge a complaint with a supervisory authority, the origin of your data where the personal data was not collected by us, and the existence of automated decision-making and, if applicable, meaningful information about the logic involved;
b) in accordance with Art. 16 GDPR, to demand without delay the correction of incorrect data or the completion of your personal data stored by us;
c) to request the deletion of your personal data stored with us in accordance with Art. 17 GDPR, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
d) in accordance with Art. 18 GDPR to restrict the processing of your personal data if you dispute the accuracy of the data, if the processing is unlawful but you reject its deletion and we no longer need the data, but you need it to assert, exercise or defend legal claims, or if you have filed an objection to the processing in accordance with Art. 21 GDPR;
e) in accordance with Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request its transfer to another person responsible;
f) in accordance with Art. 7 Para. 3 GDPR, to revoke your consent to us at any time. As a result, we will no longer be allowed to continue processing the data based on this consent in the future and
g) in accordance with Art. 77 GDPR, to complain to a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or of the registered office of our company.
The competent supervisory authority for data protection for Capri Sun AG at its Swiss location is:
Eidgenössischer Datenschutz- und Öffentlichkeitsbeauftragter
[Federal Data Protection and Information Commissioner]
Feldeggweg 1
3003 Bern
Switzerland
Phone: 0041 - 058 464 94 10 (for media inquiries only)
Fax: 0041 - 058 465 99 96
For the assertion of the aforementioned rights as well as for questions regarding data protection, you can contact the person responsible or send an email to [email protected].
Right to Object

If your personal data are processed on the basis of legitimate interests pursuant to Art. 6 Para. 1 Sent. 1 (f) GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR, provided that there are reasons for this which arise from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right of objection, which we will implement without specifying a particular situation. If you would like to exercise your right of withdrawal or objection, simply send an email to [email protected]

Data Security
a) While you visit our website, we use the common SSL procedure (Secure Socket Layer) with the highest possible encryption level supported by your browser. As a general rule, this is a 256-bit encryption. If your browser does not support 256-bit encryption, we will resort to 128-bit v3 technology instead. Whether an individual page of our website is transmitted in encrypted form is indicated by the display of the closed key/lock symbol in the lower status bar of your browser.
b) We also use appropriate technical and organizational security measures to protect your data against accidental or intentional tampering, partial or complete loss, destruction or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.
Furthermore, we bind our employees to observe your privacy and confidentiality rights pursuant to the EU General Data Protection Regulation (GDPR).
Changes to This Privacy Statement
In the event of new developments such as changes to the applicable data privacy laws, we will, if necessary, update this privacy statement accordingly.
PLEASE NOTE: The German version of this Privacy Policy will govern our relationship. This translated version is provided for convenience only and will not be interpreted to modify the German version.
Last updated: June 2, 2022