Data protection notice / legal notice
Welcome and thank you for visiting our website.
Protecting your privacy is of particular importance to us. Of course, this also applies, if you visit our websites or contact our customer service centre via telephone, e-mail or our contact form. We would therefore like to make transparent which data processing operations are involved, when you visit our websites or contact our customer service centre. With the following information, we would like to explain, which websites are covered by this data protection notice, how we protect your personal data and which data we collect.
Click here to receive information on video surveillance by HOFER KG and data processing in our stores. Click here to read the data protection notices for our social media sites. Our suppliers and business partners can inform themselves here about data processing in the context of our business relationship.
We are committed to protect the data of the visitors to our websites and of our customers. We only provide stored data to third parties in the manner described above.
We reserve the right to amend the information provided in this data protection notice without prior notice. The version currently published here always applies.
1. HOFER KG Websites
2. General information
2.1. Legal basis
2.3. Collection and processing of personal data, retention period and data recipients
2.4. Rights of data subject
2.5. Consent and right to withdrawal of consent
2.6. Data security
3. Visiting our websites
3.1. General information
3.2. Marketing- and Personalization tools
3.2.1. Analysis tools
3.2.1. Marketing- and retargeting tools
3.3. Third Party Providers/Extended functions (plug-ins)
4. Your interaction with us
4.1. Customer satisfaction survey
4.3. Prize competitions
4.5. Warranty portal
4.6. User account
4.7. Meine Meinung. Mein HOFER.
4.8. Online Shop
4.9. Mein HOFER. Meine Einkäufe
4.11. Career pages
4.12. HOFER services
4.13. Reminder service
4.14. Mobile app-test
5. Status of using cookies and similar technologies
This data protection notice applies to the following websites of HOFER KG:
The EU General Data Protection Regulation (GDPR) protects fundamental rights and freedoms of natural persons and in particular their right to the protection of personal data. Personal data means any information relating to an identified or identifiable natural person.
To the extent we obtain a data subject's consent for processing personal data, Art. 6 (1), lit. a, GDPR serves as the legal basis.
If processing of personal data is necessary for the performance of a contract to which the data subject is party, Art. 6 (1), lit. b, GDPR serves as the legal basis. This also applies to processing steps that are necessary for carrying out pre-contractual measures.
If processing of personal data is necessary for compliance with legal obligations to which our company is subject, Art 6 (1), lit. c, GDPR serves as the legal basis.
If processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party, Art. 6 (1) (f), GDPR serves as the legal basis for processing, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject.
The Controller in the definition of Art. 4 (7), GDPR, is HOFER Kommanditgesellschaft, Hofer Straße 1, A-4642 Sattledt.
All personal data is collected, processed and used in compliance with the applicable regulations for the protection of personal data, primarily for the purpose of providing the services you requested and to process your inquiries.
Unless otherwise specified in this data protection notice, your personal data will only be stored for the duration necessary for the respective purposes or until any applicable warranty, guarantee, statute of limitations or statutory retention period expires.
Within the scope of operating our websites and our customer service centre, we cooperate with software service providers and agencies that may gain access to your personal data in the course of their activities. These entities are contractually obligated to comply with the relevant data protection regulations. Additional information on the service providers we cooperate with may be requested from firstname.lastname@example.org.
If service providers have their business seat in a third country, or if no adequacy decision by the European Commission is available for your country, we have implemented suitable guarantees for secure data transfer. Further information is available from email@example.com.
It may be necessary to share your personal data with contractors, vendors, insurance companies or legal representatives in order to process your inquiries or service requests. Please refer to the modules below for further details.
You have the following rights:
- right to obtain information about our use of your personal data (Art. 15, GDPR)
- right to obtain the rectification of inaccurate personal data concerning you and to have incomplete personal data completed (Art. 16, GDPR)
- right to obtain the erasure of personal data where one of the grounds listed in Art. 17, GDPR applies
- right to obtain restriction of processing where one of the grounds listed in Art. 18, GDPR applies
- right to data portability according to Art. 20, GDPR
- right to lodge a complaint with the competent supervisory authority
|You also have the right to object to processing on grounds relating to your particular situation (Art. 21 (1), GDPR).|
Of course, you can also contact us with your questions or complaints at any time. To guarantee speedy processing, please direct your inquiries to: firstname.lastname@example.org
We will only process/use your personal data with your explicit consent in all cases where such consent is required. By giving your consent, you confirm that you are at least 14 years old or have the approval of your legal guardian. You may withdraw your consent at any time (email@example.com). When you withdraw your consent, any data collected about you will be erased or anonymised and possibly included in statistical evaluations without personal reference. Withdrawal of consent does not affect the lawfulness of processing based on consent that occurred prior to the withdrawal.
We utilise all available state-of-the-art technical and organisational options to protect your personal data from loss, unauthorised access and misuse. We transmit our e-mails (incl. newsletter) in encrypted format to securely communicate with you. Doing so protects the communication between you and our web server and helps to prevent data misuse by third parties. We use Transport Layer Security (TLS) for encryption. If your e-mail service provider does not support TLS encryption, e-mails will be sent to you in unencrypted format.
Whenever a user accesses our website, i.e., every time a user opens, or attempts to open, a file on the respective server, and every time our offer is used (e.g. HOFER user account) data about this process is collected in a log file and stored for 30 days. In detail, the following data record is stored for every website access:
- IP address
- name of requested file
- date and time of access
- transferred data volume
- message indicating whether access was successful
- message indicating why access may have failed
- name of your internet service provider (i.e., our log file only states that an AOL or T-Online user visited our website, but does not specify who it was)
- your computer operating system and browser software if applicable
- the website that referred you to our site.
The processing of the above data is based on our legitimate interests according to Art. 6 (1), lit. f, GDPR to provide the website, guarantee system stability and ensure data and operating security. The collected data are also part of evaluations under the aspects of performance analysis.
We also use analysis and retargeting tools as well as plug-ins and cookies as described in sections 3.2 to 3.5 below with your consent (Art. 6 (1), lit. a, GDPR).
These (technically not mandatory) technologies are only activated after your explicit agreement by selecting the individual categories and clicking on "Confirm selection" or "Confirm all".
Technologies requiring consent are not used if you only agree to the "necessary cookies" with "Confirm selection" when accessing the page. If you wish to revoke the consent you have already given, you can adjust your privacy settings under point 5 of this data protection notice.
3.2.1. Analysis tools
Analysis tools are used to collect and evaluate data to help analyse the behaviour of website visitors. Analysis tools, also known as tracking tools, typically analyse where visitors come from and which areas of our website they access. The integration of analysis tools aims to improve and continuously optimise the website experience for visitors.
Our websites use multiple utilities by Adobe Systems Software Ireland Limited, 4-6 Riverwalk, City West Business Campus, Dublin 24, Ireland (“Adobe”). General Information about data protection at Adobe can be found at https://www.adobe.com/privacy/policy.html.
You can opt out of Adobe’s collection of data generated by the cookie and pertaining to your use of this website and stop the processing of this data by Adobe by downloading and installing the browser plug-in that is available from the following link: http://www.adobe.com/privacy/opt-out.html
To optimise your user experience, our websites include a utility of the service provider Piwik PRO Sp. Z.o.o., ul. Św. Antoniego 2/4, 50-073 Wrocław, Poland for analysing user behaviour. The collected information is transferred to and stored in Piwik Pro servers in Austria and Germany. The analysis tool collects the following data: IP address, cookie to distinguish different visitors, previously visited websites (referrer) if transferred by the browser, name and version of operating system, browser name, version and language setting, click behaviour, time spent on pages, time of page access, URLs visited within the website etc. This process immediately anonymises your IP address to protect your user identity. That means we do not have any identifying information about the users who access data. We will not make any attempt to collect this information. We and our contracted service providers only analyse the recorded usage data for statistical purposes. We use this data to improve and optimise the user experience of our websites as needed.
We use marketing tools to analyse and optimise our websites with reference to usage behaviour to create an optimised customer experience.
Retargeting or remarketing refers to personalised targeting strategies, or customised advertising to accommodate user preferences. Users who visit our websites are marked when they accept all cookies. After that, our visitors may receive targeted ads from the corresponding advertising program when they visit other websites.
Our websites include multiple utilities by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). For further information about data protection at Google, visit https://policies.google.com/privacy?hl=en-US
Global advertising network, remarketing and Google Marketing Platform (Floodlight)
Our websites use multiple pixels by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland ("Facebook"). For general information about data protection at Facebook, visit https://www.facebook.com/policy.php
Visitor action pixel (Facebook pixel)
Facebook Custom Audience
Our website uses the Facebook Custom Audience utility to provide you with targeted ads and to further optimise our services. This utility is a Facebook service. Based on the inclusion of this utility on our website, the data transfer to Facebook will at a minimum include: IP address, website URL, time stamp of website visit. This data transfer occurs regardless of whether you have and are logged in to a Facebook user account or whether no user account exists. If you are logged in, this data will be directly allocated to your user account. For more information on the purpose and scope of data collection and processing by Facebook, visit https://www.facebook.com/about/privacy
Our websites use multiple utilities by Adobe Systems Software Ireland Limited, 4-6 Riverwalk, City West Business Campus, Dublin 24, Ireland (“Adobe”). General Information about data protection at Adobe can be found at https://www.adobe.com/privacy/policy.html
Adobe Audience Manager
Adobe Audience Manager generates pseudonymous user profiles with a tracking pixel, which does not generate any identifying information for us. The following information is collected in the context of the user profile: sub pages visited, surfing behaviour, advertising banners clicked etc. The program allows for retrieving data from various sources to create target groups and export them to segments.
To learn about opting out of Adobe Audience Manager and other data protection information, visit: http://www.adobe.com/privacy/opt-out.html
Adobe Launch Tag Management System
We use a tag management system by Adobe for the controlled management of analysis and online marketing software on our website and to improve our website’s technical performance. The tag management system uses customisable rules to control how the specific software components (tags) that are explained in this data protection notice are used in the website. This ensures that only the listed tags are used and that they only collect data to the extent described here. The tag management system transfers data to the specified tags in the form explained above. That process also includes cookies. However, the tag management system does not involve data storage.
We use the Adobe Target software. It allows us to perform so-called A/B tests or multivariate tests on our website. To do this, the software executes a variant that has been modified from the original website version (e.g., with different design and content). The comparison of the two variants allows us to determine which display our website visitors prefer. All interactions focus on optimising the customer experience. Adobe Target enables us to offer omni-channel customisation to offer a consistent and personalised experience with a uniform customer profile. Further information on the functions of Adobe Test & Target can be found at http://www.adobe.com/marketing-cloud/testing-targeting.html
In no event will Adobe Target store or process identifying information such as a full IP address through our website. The program exclusively processes data that does not allow for drawing conclusions about individuals. All user behaviour is represented by quantitative methods. Adobe uses session cookies and permanent cookies. The former are temporarily stored for the duration of your website visit. Permanent cookies record information about visitors who repeatedly access our website.
10% of visitors who have agreed to marketing and personalization cookies are automatically excluded via cookie from personalization and testing activities on the website and in the app. This serves the purpose of having a valid control group to obtain comparative values.
Our websites use Microsoft Ads Universal Event Tracking, a utility provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA (“Microsoft”). The program saves Microsoft cookies in user devices to analyse the use of our web content in cases when users come to our web pages via a Microsoft ad. This enables us to recognise that someone clicked on an ad and was redirected to our web content to reach a previously designated landing page. We only see the total number of users who clicked on an ad and were redirected to the landing page. No IP addresses are saved in the process. We do not receive any identifying user information.
Users who want to opt out of Microsoft Ads tracking can deactivate the respective cookie settings in their browser or visit the Microsoft opt-out page at https://account.microsoft.com/privacy/ad-settings/signedout?lang=en-GB For further information on data protection and Microsoft Ads cookies, please refer to the Microsoft privacy statement (https://privacy.microsoft.com/en-us/privacystatement).
Our websites use multiple pixels by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Irland („LinkedIn“). For general information about data protection at LinkedIn, visit https://www.linkedin.com/legal/privacy-policy.
LinkedIn Insight Tag
Our websites use the LinkedIn Insight Tag. This utility enables us to track the behaviour of users who were directed to our site by clicking on a LinkedIn ad. The information allows us to evaluate the effectiveness of LinkedIn ads and to optimise future advertising activities. The LinkedIn Insight Tag enables the collection of data regarding members’ visits on our website, including the URL, referrer, IP address, device and browser characteristics (User Agent), and timestamp. The IP addresses are truncated or (when used for reaching members across devices) hashed, and members’ direct identifiers are removed within seven days in order to make the data pseudonymous. This remaining pseudonymized data is then deleted within 180 days.
LinkedIn does not share the personal data with us, it only provides reports and alerts (which do not identify the member) about the website audience and ad performance. LinkedIn also provides retargeting for website visitors, enabling the website owner to show personalized ads off its website by using this data, but without identifying the member. LinkedIn also use data that does not identify the member to improve ad relevance and reach members across devices. LinkedIn members can control the use of their personal data for advertising purposes through their account settings (https://www.linkedin.com/psettings/advertising). For more information on the purpose and scope of data collection and processing by LinkedIn, visit https://www.linkedin.com/legal/privacy-policy.
LinkedIn Jobs Conversion Tracking
Our websites also use LinkedIn Jobs Conversion Tracking. LinkedIn Conversion Tracking allows us allows us to track completed applications once the user has viewed a job ad posted on LinkedIn and clicked the apply button. The LinkedIn Conversion Pixel enables the collection of metadata such as IP address information, timestamp, and events (e.g. page views). All data is encrypted. The LinkedIn browser cookie is stored in a user's browser until a user deletes the cookie or the cookie expires (there's a rolling six-month expiration from the last time the user's browser loaded the Conversion Pixel). For more information about LinkedIn Cookies, visit https://www.linkedin.com/legal/l/cookie-table.
Our websites in part contain content elements by other providers (“plug-ins”) to offer you additional functions and content. As with any website access, this requires transferring your IP address to the respective provider for technical reasons. This transfer takes place directly through your browser. HOFER KG does not process any data in this context.
Plug-ins will only be opened with your explicit consent, which you can give either by accessing our website or by using the respective plug-in.
Our websites include multiple utilities by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). For further information about data protection at Google, visit https://policies.google.com/privacy?hl=en-US
For information about Google’s privacy settings, visit https://safety.google/?hl=en_US
If you are logged in to your Google account, Google may add the processed information to your account and treat it as personal data, depending on your account settings. Further details can be found at https://www.google.de/policies/privacy/partners/.
Google offers the following description:
“We may combine the information we collect among our services and across your devices for the purposes described above. For example, if you watch videos of guitar players on YouTube, you might see an ad for guitar lessons on a site that uses our ad products. Depending on your account settings, your activity on other sites and apps may be associated with your personal information in order to improve Google’s services and the ads delivered by Google.”(https://policies.google.com/privacy?hl=en-US)
Our websites use web fonts (https://fonts.google.com/) to display the font. Your browser will load the required web font into your browser cache when you visit our website. This is necessary for a visually optimised display of our texts in your browser. If your browser does not support this feature, your computer will use a default font for display. Further information on Google Web Fonts can be found at https://developers.google.com/fonts/faq?hl=de-DE&csw=1.
Our websites use the reCAPTCHA utility to protect the order information you enter into online forms. The collected data is generally transferred to and saved on a Google server in the USA. The data collected by reCAPTCHA includes: IP address, user screen resolution, browser language setting, time zone, installed browser plug-ins, click behaviour, browser ID as well as all Google cookies placed in the last six months.
Google use this information to evaluate your use of this utility. The data collection serves to distinguish whether the input in the form was created by a person or with automated machine processing.
Our microsites use the Google Maps API utility. Our websites use Google Maps to display map information. When a user accesses Google Maps, Google also processes data about the use of the Maps functions. Based on the integration of this utility on our web pages, the data transfer to Google will at a minimum include: IP address, time of website visit, user’s screen resolution, website URL (referrer), browser ID (user agent) as well as search terms. This data transfer occurs regardless of whether you have and are logged in to a Google user account or whether you do not have a user account. If you are logged in, this data will be directly allocated to your user account. If you do not want this data to be assigned to your profile, you have to log out prior to activating the button and delete the associated cookies. Google stores this data for usage profiles and utilises it for advertising, market research and/or demand-driven design of its website. You have the right to object to the generation of such user profiles by contacting Google directly.
Google Sign In
Our website offers the “Google Sign In” function, which means that no additional registration is necessary to access our website.
If you want to use this function to log in or register for our websites, you will first be redirected to Google, where you can log in with your account information. Of course, we will not save your Google log-in details. If you already are logged in to Google, this step will be skipped.
Your registration links your Google profile to our service. Based on this link, Google will automatically transmit the following information to us:
- first name
- last name
- e-mail address
- profile picture
Google will then let you know which data was transmitted to us. You confirm this notification with the “OK” button. This information is required for logging in to properly identify you.
We use the transferred information to create your customer account or to log you in. There is no permanent link between your customer account and your Google account.
Our website includes YouTube videos, which are saved at www.youtube.com and can be viewed directly from our website. They are integrated using the so-called “privacy-enhanced mode” (see https://support.google.com/youtube/answer/171780?hl=en). When you open the plug-in, YouTube cookies may be saved on your computer and the data transfer to Google as the operator of YouTube will at a minimum include: IP address and cookie ID, specific address of the accessed web page, browser language setting, system date and time of access as well as browser ID. This data transfer occurs regardless of whether you have and are logged in to a Google user account or whether you do not have a user account. If you are logged in, this data will be directly allocated to your user account. YouTube or Google will save this data as usage profiles and utilise it for advertising, market research and/or demand-driven design of its website. This analysis will specifically occur (even for users who are not logged in) to deliver on-demand advertising and to inform other social network users about your activities in our website. You have the right to object to the generation of such user profiles by contacting Google as the operator of YouTube.
This website uses social plug-ins of the social network WhatsApp, which is operated by WhatsApp Ireland Limited, 4 Grand Central Square, Dublin 2, Ireland. When you interact with the plug-in, for instance by activating a WhatsApp button, your device will transfer the corresponding information to WhatsApp. WhatsApp collects device and connection-specific information when you install, access or use its utilities. This includes information such as hardware model, operating system information, battery status, signal strength, app version, browser information and cellular network, connection information including phone number, mobile operator or ISP, language and time zone and IP, device operating information, and identifiers such as device identifiers (including identifiers that only apply to Facebook products associated with the same device or account).
For more information about the purpose and scope of data collection and processing by WhatsApp, Inc., visit https://www.whatsapp.com/legal/?lang=en
If you are a member of Twitter and do not want Twitter to collect data about you in our website and allocate the information to your Twitter account, you have to log out of Twitter prior to visiting our website and delete the respective cookies.
We offer you the option to register or log in to our website with Facebook Connect. No additional registration is necessary. You will be redirected to the Facebook page to log in or register, where you can log in with your user data. Of course, we will not collect any data about your Facebook log-in information. If you are already logged into Facebook, this step will be skipped.
Your registration links your Facebook profile to our service. This link will automatically prompt Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland ("Facebook") to transfer the following information from your public profile to us
- first name
- last name
- e-mail address
Once you log in, Facebook will let you know which information was transferred to us. You confirm this notification with the “OK” button. This information is required for logging in to properly identify you. We use the transferred information to create your customer account or to log you in. There is no further permanent link between your HOFER customer account and your Facebook account.
We offer you the option to register or log in for our website services using your Apple ID. No additional registration at hofer.at is required. You will be redirected to the Apple website to log in or register, where you can log in with your account information. Of course, we will not collect any data about your Apple log-in information. This step will be skipped if you are already logged into Apple.
The registration will link your Apple ID to our service. This link will automatically prompt Apple Inc., One Apple Park Way, Cupertino, CA 95014, USA “Apple”) to transfer the following information from your public profile to us:
- first name
- last name
- e-mail address
Once you log in, Apple will let you know which information has been submitted to us. You confirm the registration with your Face ID or Touch ID or by entering your device code and clicking the “Continue” button. If you do not have a Face ID or Touch ID or have not set up a code, you can enter your Apple ID password instead. This information is required for logging in to properly identify you. We use the transferred information to create your customer account or to log you in. There is no further permanent link between your HOFER customer account and your Apple account.
If you do not want to share your e-mail address with the app or website, you can hide it or use Apple to generate a unique, random e-mail address that forwards emails to the real address.
Apple does not use tracking or profiling during “Sign in with Apple” or “Log in with Apple.”
To prevent the collection of user data (e.g., IP address) by social media channels without your consent, our career website (karriere.hofer.at) uses the plug-in “Shariff” by Heise Medien GmbH & Co. KG (business address: Karl-Wiechert-Allee 10, D-30625 Hannover). When you access our career page, which contains social media buttons and an e-mail button, your browser will not automatically establish a connection with the servers of social media services or e-mail service providers. The buttons will only establish direct contact with the social media or e-mail service provider and your browser when you actively click the button. The buttons are integrated as graphics and contain a link to the corresponding utility. You must click the button to be redirected to the website or app of the respective provider as a prerequisite for data transfer via your browser (e.g., IP address). No data is transferred if the buttons are not clicked.
Our career website offers buttons for the following services:
Our microsite adventkalender.hofer.at uses the WonderPush utility to send out push notifications. You can sign up to receive our push notifications by accepting our cookies and confirming the request to receive push messages. We use the “WonderPush” notification service for our push notifications, which is operated by WonderPush, 19 avenue d’Italie, 75013 Paris, France (“WonderPush”). Our push notifications will provide you with regular information about the Advent calendar and upcoming special offers.
To sign up, you have to first accept our cookies and then confirm your browser’s query about receiving notifications. WonderPush documents and saves this process, which includes saving the time of registration and your browser ID or device ID. Collecting this data helps us trace back processes in the event of abuse and therefore serves our legal interests. In order to display your push notifications, WonderPush collects and processes your browser ID, as well as your device ID in the case of mobile access, on our behalf.
By subscribing, you agree to receive push notifications. The legal basis for processing data after subscribing to our push notifications with the user’s consent is Art. 6 (1), lit. a, GDPR.
WonderPush also analyses our push notifications statistically to detect if and when our push notifications were displayed and clicked.
You can withdraw your consent to the storage and use of your data to receive our push notifications and the above-described statistical evaluation at any time with effect for the future. To opt out, you can change the respective setting in your browser for receiving push notifications. Your data will be deleted as soon as it is no longer required for the purposes of collection. Accordingly, your data will be stored as long as your subscription to our push notifications is active. Further information on the delivery process can be found at the following link: https://www.wonderpush.com/policies/privacy/
We use (third-party) cookies to offer you an optimal user experience and to make our website as attractive as possible for you, including in the future.
Technologies requiring your consent will not be used if you only select "necessary cookies " and accept it with "confirm selection" in the query dialog that appears when you access a page. If you wish to withdraw the consent you have already given, you can select and adjust your preferences under point 5. of this data protection notice. You can delete any cookies saved in your device with your browser settings. To fully opt out of cookies, you have to set your browser to request your consent for creating or rejecting all cookies. However, please note that the use of some website areas may be restricted or impossible without setting cookies. You can deactivate cookies for collecting and managing usage-based online advertising by visiting www.youronlinechoices.com. Further options to prevent the use of individual tools can be found in the list below.
Each browser differs in the way cookie settings are managed. Refer to the help menu of each browser to find explanations on changing your cookie settings. Click on the respective browser name to find information about cookie settings in the most common browsers:
4. Your Interaction with us
Your satisfaction is our highest priority. With your consent, we will send you surveys to solicit your valuable feedback about your satisfaction with our customer service and our products.
Data processing associated with our customer satisfaction surveys complies with Art. 6 (1), lit. a, GDPR. With your approval, your survey results will be assigned to your customer service case and stored for the retention period specified in section 4.4 Contact. We may use a service provider to send out our customer satisfaction surveys. This company is contractually obligated to comply with the relevant data protection regulations. Additional information on the service provider we cooperate with may be requested from firstname.lastname@example.org.
We provide our customers with regular e-mail updates about our current offers. You can subscribe to our newsletter to receive this information. Subscribers learn about our various products, current and upcoming promotions and offers, prize competitions, surveys and the best everyday ingredients. We will use your e-mail address to send newsletters and will analyse the interaction data to optimise the newsletter for our customers’ interests to suit their personal preferences. The subscription uses the double-opt-in procedure. After registering, you will receive an e-mail asking you to confirm your subscription.
Data processing associated with our newsletter complies with Art. 6 (1), lit. a, GDPR. You can withdraw your consent to receive newsletters at any time by clicking on the opt-out link included at the bottom of every notification. For technical reasons, it may take a few hours for your opt-out to take effect after unsubscribing. In exceptional cases, you may therefore receive one final newsletter before your subscription ends. You can also select your personal newsletter preferences in your HOFER account. We may use a service provider to send out our newsletter. This company is contractually obligated to comply with the relevant data protection regulations. Additional information on the service provider we cooperate with may be requested from email@example.com.
We welcome your messages and inquiries submitted by telephone (+43 57 03035500), e-mail (firstname.lastname@example.org), live chat or via the contact form. In case of telephone inquiries, personal data will only be collected as necessary for processing your concern. Data collected in the course of your telephone or e-mail or live chat inquiry as well as the data marked as mandatory in the contact form are required to process your concern, either internally or through our suppliers and contract partners. If mandatory information is not made available, your concern cannot be processed and potential claims cannot be addressed.
When you contact us, you consent to the processing of the provided data (Art. 6 (1), 1 lit. a, GDPR). If this information pertains to the special data categories listed in Art. 9 (1), GDPR, you also consent to the processing of this data (Art. 9 (2), lit. a, GDPR). In addition, we process data on the basis of Art. 6 (1), lit. f, GDPR to pursue our legitimate interests in the provision, quality assurance and process optimisation of our customer service.
Furthermore, Article 6 (1), lit. b, c, GDPR serves as the legal foundation for processing and storing data in the context of processing personal data for contractual relationships (e.g., for processing warranties and complaints). In such cases, your data will be stored for seven years (or ten years if product liability claims are involved). For all other inquiries, data will be stored for three months. Your phone number can be stored in the call history for 28 days. If mandatory information is not made available, your concern cannot be processed and potential claims cannot be addressed.
To answer your inquiry as promptly and competently as possible, we rely on the expertise of our suppliers and conduct partners to answer product inquiries and complaints. We may therefore share your inquiries with them with your consent. In the case of suppliers and contractors, it cannot be ruled out that data will be transferred to a third country outside the European Union. The level of data protection in such a third country may differ from the level of protection provided within the European Union. In the case of product inquiries and complaints, your consent to the transfer of the request also applies to any transfer to a third country (Art. 49 (1), lit. a, GDPR).
We process data according to Art. 6 (1), lit. b, GDPR for contract fulfilment and order processing in connection with warranty services and will share this data with the respective suppliers and their service partners. In the case of suppliers and service partners, the transfer of data to a third country outside the European Union cannot be ruled out. The level of data protection in such a third country may differ from the level of protection provided within the European Union. If applicable, this data transfer will be handled according to Art. 49 (1), lit. b, GDPR. Our suppliers and their service partners require the information marked as mandatory in the warranty portal data fields to follow up on your warranty claim, which otherwise cannot be fully processed. Data about warranty claims will be retained for up to seven years. If a warranty claim is associated with product liability, data will be retained for ten years.
If you register for an user account on hofer.at, personal data will be processed for your use of HOFER services on hofer.at on the basis of the user agreement pursuant to Art. 6 (1) lit. b GDPR. The provision of the mandatory data (e-mail address, date of birth and password) is necessary to create an user account. If this minimum information is not provided, no user account can be created. In addition, we offer you the option of registering or logging in using your Facebook or Apple login data. An additional registration with HOFER is therefore not necessary. You can find more information on data transfer above under the function extensions. We personalize the HOFER information offers you subscribe to or use (e.g. website, app, newsletter) by linking the data you provide (e.g. profile data, offers, functions and services used).
From hofer.at, you will receive automated e-mail notifications about your own activities (e.g. password reset, password changes, notifications about preregistered products, etc.). You can also announce your interests in the user account under settings and make adjustments to receive newsletters.
After completing a survey about your shopping experience, you can take part in our prize competition and sign up for our free HOFER newsletter. No personal data will be collected if you only take part in the survey. When you consent to the use of your data for direct marketing purposes as part of the prize competition, your personal data will be linked to survey participation, but not to the survey results. In that case, processing is based on your explicit consent according to Art. 6 (1), lit. a, GDPR.
Special Buy products
We collect data on the legal basis of Art. 6 (1), lit. b, GDPR for HOFER contract fulfilment and order processing and will forward this information to the respective supplier(s). Suppliers need the information marked as mandatory in the order process data fields to fulfil your order. Orders cannot be processed without this data. Online payment is processed by payment service providers, to whom the necessary payment data will be transferred. Information about past and current orders can be viewed under “My profile”. In accordance with the legally mandated retention period, order data will be stored for seven years. If the user account at hofer.at is deleted, user data will be anonymised. If the statutory retention period for order documents has not yet expired, this will not apply to customer data listed on the order. Additional information on the suppliers/payment service providers we cooperate with may be requested from email@example.com
On the portal provided by ROKSH GmbH, Pater-Schwartz-Gasse 11a, 1150 Vienna, you have the opportunity to purchase food from HOFER and have it conveniently delivered to your home. The purchase contract for the items ordered in this way is concluded between you and HOFER, while the contract for the use of the online portal and the collection and delivery of the items is concluded between you and ROKSH. We cooperate with this provider in order to provide you with an uncomplicated shopping experience. In order to fulfill the orders, it is necessary that personal customer data is processed by both us and ROKSH and that this data is exchanged between us and ROKSH. Information on which data is collected and processed by ROKSH on its portal can be found at www.einkaufen.roksh.at/datenschutzhinweis.
We would like to explain the data processing concerning us below:
In order to be able to issue you with a proper invoice as part of the purchase contract, it is necessary for us to process your personal data such as your name, address, email address and details of the purchase you have made. This data is collected by ROKSH on our behalf. The processing is based on Art. 6 (1) lit. b DSGVO to fulfill our contractual obligations. The provision of this data is mandatory in order to properly fulfill the concluded purchase contract, because if we do not receive this information, we cannot release the items to you or invoice them. The created invoices will be deleted after the seven-year legal retention period.
If you submit an inquiry or complaint about our articles to ROKSH's online portal, ROKSH will forward it to us as our processor for processing. We process the data (your name, address, e-mail address, telephone number as well as your request and the information contained therein) on the basis of your consent as well as to fulfill our contractual relationship or to defend legal claims. We strive to provide you with the best possible customer service and therefore also process your data for the provision, quality assurance and process optimization of our customer service based on our legitimate interests. If your request contains special categories of data pursuant to Art. 9 (1) DSGVO, you also consent to the processing of this data (Art. 9 (2) lit. a DSGVO). Requests, in connection with our contractual relationship, are stored in accordance with legal requirements for seven (if product liability claims are considered, for ten) years. For other inquiries, your data will be stored for three months. Your telephone number may remain stored in the call history for 28 days. If the obligatory data is not provided, it would not be possible to process your request and, if applicable, to process claims, or only partially. In order to be able to answer your inquiry promptly and competently, we use the expertise of our suppliers and contractual partners for product inquiries and complaints. In order to respond, we forward your inquiries to them with your consent. In the case of suppliers and contractual partners, a transfer of data to a third country outside the European Union cannot be ruled out. The level of data protection in this third country may differ from the level of protection within the European Union. In the case of product inquiries and complaints, the consent given for the transmission of the inquiry also applies to any transmission to a third country (Art. 49 para. 1 lit. a DSGVO).
The “Mein HOFER. Meine Enkäufe.” service can be used via the HOFER website or on mobile devices after downloading the digital wallet of our partner, Payment Services Austria (PSA). These activities will involve personal data processing according to Art. 6 (1), lit. b, GDPR. This HOFER service allows for managing digital copies of your receipts and searching for individual product purchases. In the case of items under warranty, your digital receipts will show the remaining warranty period. If you voluntarily enter your debit card number in your “MEIN HOFER” account, all purchases made with your debit card will automatically be saved as digital receipts. Receipts can also be added manually by entering the receipt number. Scanning the QR code on receipts is currently only feasible with the digital wallet.
Debit card information entered into your “MEIN HOFER” account uses an embedded field provided by PSA (Payment Services Austria GmbH, Rennweg 46-50, 1030 Vienna). The bank card data in the digital wallet apps is managed by the respective banks. PSA transfers the personal data of “Mein HOFER. Meine Einkäufe.” users who pay by debit card (customer ID, invoice ID, time stamp and invoice amount) to us so we can subsequently list your purchases in your account (with receipt). HOFER does not process or save your bank data at any time. Settings you personally delete in your customer account will disappear within three days. You may also send an erasure request to firstname.lastname@example.org.
All personal data (including other visitors’ data) will be collected and processed in accordance with the applicable data protection regulations, exclusively for the purpose of processing ticket purchases (issuing and sending tickets) (Art. 6 (1), lit. b, GDPR). When personalised tickets are issued for an event, personal data must be provided for contractual reasons. No ticket can be generated if the necessary data is not provided. If you purchase personalised tickets for another person, you must be authorised to share the personal data of this person for our processing. Your data will be transferred to the respective organisers for this purpose. Any other use requires your explicit consent. The personal data of ticket buyers (e-mail address and name) will be stored and deleted after seven years after the first date of sale in accordance with statutory retention periods.
We will set up a hashtag printer for select events. Photos that are posted on a public Instagram profile with the defined hashtag #hofereventplus will be transferred to the locally installed hashtag printer. The photos generated with this process will be published in our HOFER Area at the respective event. We will destroy these photos after the event. In this case, we process voluntarily posted public photos to pursue our legitimate interests (Art. 6 (1), 1 lit. f, GDPR) in promoting our events and making your photos available in an appealing format.
The career pages of HOFER KG include:
All personal data in the above-listed career pages is exclusively collected, processed and used for the purpose of providing the services you requested and to process your inquiries and applications. Please refer to the respective websites for further details.
We offer a reminder service for promotional items of your choice. You have the option to be reminded of special offers via e-mail on the website or via e-mail and push notification, if activated, in the app. The processing of your personal data occurs with your consent (Art. 6 (1), lit. a, GDPR).
To use the reminder service, you have to first create a customer account at hofer.at or log into your existing account. After registering, you will receive a confirmation link via e-mail. Once you have confirmed your registration, you can set reminders for your preferred products. You can cancel these settings at any time before you receive notifications of the respective product.
The HOFER app offers the additional option to receive e-mails and push notifications on your device. You have to create a customer account or log into your account to receive reminders via e-mail and push notification. When you install the app, you will also be asked for your permission to send push notifications. You can withdraw your consent in the settings at any time. Once you activate the reminder service in the app and have agreed to receive push notifications, you will receive a reminder via e-mail and push notification one day before the item goes on sale. If you did not consent to receive push notifications in the app, the reminder service will only send you e-mail reminders.
Your reminder service preferences are saved in our customer database.
Please note that activating the reminder service is only permissible if you yourself are the recipient.
5. Status of using Cookies and other technologies
Here you can view the status about the cookies and similar technologies you accept and edit them if necessary. Please be aware that this settings can only be displayed in german language.
By accepting those technologies, you agree that data may be transferred to the US. Please refer to section 2.3 to inform yourself of the risks associated with this non-EU data transfer. Further information on the different tool categories can be found in section 3.2 and 3.3.
If a change is not possible here, you can make modifications to the cookies and similar technologies in the settings of your Internet browser with regard to the websites additionally listed under point I. 1.
If you wish to use all the functions of our website and have therefore given your full consent to the activation of cookies and similar technologies, both boxes relating to marketing and personalization cookies or third-party providers are selected. If you revoke your decision, you can remove the respective checkmark and click on "Confirm selection". Your setting will then be applied.
Hofer Straße 1
VAT no. ATU24963706
Company register number: FN 26451z, Regional Court Wels
Phone: +43 57 03035500
Business purpose: Retail company trading goods of all kinds
Member of the Upper Austria Chamber of Commerce
Trade code: www.ris.bka.gv.at
Wels-Land District Commission
Anyone using this website is obligated to observe copyrights, trademarks and other intellectual property rights of third parties. Copyright protection extends to all website content, including images, videos, music, writing and brands. Users undertake to refrain from any misuse of contents and are not permitted to integrate said content in private or commercial web pages and to make any other commercial use of them. The same applies to downloading and using our website contents for the aforementioned purposes.