Data Protection Information

The Alnavit GmbH (hereinafter named "Alnavit") develops organic products. Below we would like to inform you about processing personal data within our online offers. Careful handling of personal information is an important issue for us. When processing your personal data we naturally adhere to the legal regulations and take the protection of your data very seriously. You can print out or save this document by using the normal functions of your browser (usually file / save as). You can also download this document in PDF format by clicking here. To open the PDF file you require the free programme Adobe Reader or a comparable programme which runs in the PDF format.


1. Point of Contact

Point of contact and so-called responsible person for processing your personal data when visiting this website in terms of the EU General Data Protection Regulation (GDPR) is th


Alnavit GmbH

Mahatma-Gandhi-Straße 7

64295 Darmstadt




Phone: +49 6151 356 7100

Fax: +49 6151 356 8791


Please contact us at any time for all questions about data security in connection with our products or the use of our website. You can reach us through the above contact data and also through our contact form.

2. Processing of Personal Data 

We process personal data if you use our online offers or interact with our websites (e.g. fill out and send a contact form).

2.1 Personal Data 

Personal data is information which concerns identified or identifiable persons. This concerns above all information which allow conclusions to your identity, for example your name, your telephone number, your address or email address. Statistical data which we collect, for example on visiting our website and which cannot be directly associated with your person do not fall under the term of personal data.

2.2 Informational Use   

We do not collect personal data during merely informational use of online offers, except for data which your browser transfers in order for you to visit the online offers. These include:


Request (file name of requested file)

Browser type / version (e.g.: Internet Explorer 6.0)

Browser language (e.g.: German) 

Operating system used (e.g. Windows XP)

Screen Resolution

Java script activation

Java on / off

Cookies on / off

Colour depth

Referrer URL (the site visited before)

IP address – will be deleted immediately

Time of access

Town and Country


If necessary form content (for free space for text, e.g. name and password, only "filled out" or "not filled out" is entered)


The IP addresses of the users are deleted or anonymised after ending the use. For the anonymization the IP addresses are modified in such a way that individual details on personal or factual circumstances can only be assigned to a certain or identifiable natural person with a disproportionately considerable amount of time, cost and manpower. The data in the so-called log files are evaluated by us in anonymised form in order to improve and design more user friendly Alnavit online offers as well as to find and correct errors quicker. In addition they are used to control the server capacities in order to be able to make appropriate date volumes available.

2.3 Contact Form and Making Contact by Email 

Apart from the informational use of our online offers there are various possibilities to interact with us and we offer services which you could use if interested. This includes the contact form and making contact by email. To use these functions you must provide further personal data which we use and store to supply each service. If you provide us personal data through the contact form or by email, we only use this to answer your questions and also to process complaints and in accordance with the data protection principles. If you make contact by contact form your first and surnames, your email and your preferred title is stored so that your request can be fully and properly processed.  If additional optional information is possible, this is marked accordingly and serves to better process your request. The legal basis for requests with product reference is article 6 section 1 lit. b GDPR (EU General Data Protection Regulation). The legal basis for requests without product reference is article 6 section 1 lit. f GDPR (EU General Data Protection Regulation).


We will only use the data for the underlying purpose and according to the data protection principles.

3. Forwarding Personal Data  

Forwarding data collected by us is only made when:


• you have explicitly given your consent to article 6 section 1 S. 1 lit. a GDPR,

• forwarding data is required according to art. 6 section 1 S. 1 lit. f GDPR for enforcing, exercising or defending legal claims and there is no reason to believe that you do not have an overriding legitimate interest to stop your data being passed on,

• we are obliged to forward data according to art. 6 section 1 S. 1 lit. c GDPR or

• this is permitted by law and is required according to art. 6 section 1 S. 1 lit. b GDPR for processing the contractual relationship with you or for carrying out precontractual measures which are made upon your request.


A part of the data processing can be made by our service provider. Apart from the service providers mentioned in this data protection declaration, others include in particular computer centres which store our website and databases, IT service providers who maintain our system and also consulting companies. As far as we forward data to our service providers, they are only allowed to use the data exclusively to fulfil their tasks. The service providers were carefully selected by us and commissioned. They are bound by contract to our instructions, have suitable technical and organisational measures in place to protect the rights of the persons affected and will be controlled regularly by us.


Forwarding personal data can be made to the Alnatura Produktions- und Handels GmbH, Mahatma-Gandhi-Straße 7, 64295 Darmstadt, Germany for processing contracts or answering customer enquiries.


In addition passing on data can be made which relates to an official request, court orders and legal proceedings if it is necessary for prosecution or law enforcement. 

4. Maintaining and Deleting Personal Data 

We only store personal data as long as required to fulfil contractual and legal obligations to which we have collected the data. We subsequently delete the data immediately unless we require the data for purposes of proof for civil claims or due to legal retention obligations up to expiry of the statutory limitation period.


For proof purposes, we must keep contract data three years from the end of the year in which the business relationship with you ends. Any claims expire at the earliest at this time according to the statutory standard limitation period.


Even afterwards we must store some of your data for accounting purposes. We are bound to carry this out by statutory documentation obligation resulting in particular from the commercial and fiscal code. The periods specified there for keeping documents are up to ten years.

5. Cookies 

Cookies are small files which are stored on your data carrier and which store certain settings and data for exchanging with our system through your browser. Cookies cannot execute programmes or transmit viruses to your computer. They serve to make the internet offer overall user friendly and more effective.


Basically there are two different types of cookies, the so-called session cookies which are deleted as soon as your browser is closed (end of session) and temporary/permanent cookies which are stored for a longer time or indefinitely on your data carrier. This storage helps us to design our website and makes your use easier by for example storing certain input for you so that you do not have to keep repeating them.


Most of the cookies we use are session cookies and are automatically deleted from your hard disk at the end of a browser session. In addition we also use permanent cookies which remain on your hard disk. During the next visit it will be automatically recognised that you have already visited us and which input and settings you prefer. These cookies are stored on your hard disk and delete themselves after a specified time.


The cookies used by us cannot be assigned to a certain person and thus also not to you. An identification number is assigned to the cookie when it is activated. It is not possible at any time to assign your personal data to this identification number and it is not done. Storage of your name or similar data which would allow the cookie to be assigned to you is not made.


You can delete cookies in the security settings of your browser at any time and configure your browser settings according to your wishes (e.g. accepting cookies from third parties or rejecting all cookies). How you can reject new cookies or delete cookies already received is usually displayed in the menu bar of your web browser via the help function. However, we would like to make you aware that you may then not be able to use all the functions of our online offers.

6. Analysis and Advertising Measures 

To improve our website we use different technologies to analyse user behaviour and to assess the associated data.  Data collected includes in particular the IP address of the end device, the date and time of access, the identification number of a cookie, the device identification of mobile end devices and also technical data on the browser and the operating system. However, the data collected will only be stored under a pseudonym so that no direct conclusions about the persons is possible. This data will also be processed for marketing purposes so that individual advertising messages can be played to you. The legal basis for data processing is article 6 section 1 S. 1 lit. f GDPR being based on the legitimate interest of Alnavit advertising the products and analysis of user behaviour to improve and further develop the website. In the following section we would like to clarify to you this technology and the suppliers used for this.


Below you will find objection options for our analysis and advertising measures. Alternatively you can reject these by appropriate settings on the, a site with a number of objection options of advertisers. The website of TRUSTe, Inc, 835 Market Street, San Francisco, CA 94103-1905, USA („TRUSTe“) allows you to deactivate all advertisements at once using the opt-out cookie or alternatively to carry out settings for each provider. Please be aware that after deleting all cookies in your browser or after the later use of another browser and/or profile, an opt-out cookie must be reset.

6.1. Use of eTracker 

On this website data is collected and stored with technologies of eTracker GmbH ( for marketing and improvement purposes. Pseudonym user profiles can be created from this data. For this purpose cookies can be used. Cookies are small text files which are stored locally in the cache of the internet browser of the visitor to the site. The cookies allow the recognition of the internet browser. The data collected with the eTracker technologies will not be used to personally identify the visitor of this website and not joined with personal data through the holder of the pseudonym without the special permission of the person concerned. Collection and storage of data can be rejected at any time with future effect. 



We use the eTracker so that we can analyse the use of our website and to improve it regulary. Through the statistics gained we can improve our offer and design it more interestingly for you as user. The data collected will be stored permanently and analysed as a pseudonym. Legal basis for the use of eTracker is article 6 section 1 S.1 lit .f GDP


Information of the third party provider: eTracker GmbH, Erste Brunnenstraße 1, 20459 Hamburg, Germany;


7. Social Plugins


7.1. Facebook 

Facebook is a social network of Facebook Inc., 1601 Willow Road, Menlo Park, California, 94025, USA („Facebook”). Facebook functions are labelled with the Facebook logo. Further information can be added depending on the type of function (e.g. "share", "recommend“). Facebook is subject to EU-US Privacy Shield in the case that personal data is transmitted to the USA. The legal basis is article 6 section 1 S. 1 lit. f GDPR being based on our legitimate interest of attracting attention to our activities in social networks, we inform you of our content via social networks and thus increase our coverage.


If you visit an Alnavit website which contains a Facebook button and you click the Facebook button, a direct link with the Facebook server is established and the button to the respective function is loaded from there. At the same time the information is transmitted to Facebook that a corresponding internet site of Alnavit was accessed. Except you visit a site on which we use a Facebook plug-in with the aid of which the current Facebook activities of Alnavit on our online offers are shown. In this case a direct link with the Facebook server is established from your browser or the application.


If you are logged in at the same time as Facebook user to Facebook then it also possible to assign a page visit to your profile on Facebook. If you click an integrated Facebook button (or you are already logged in), you can open for example the "shared" or "recommended" information on Facebook in your profile and your chronicle/timeline in short form. Facebook can, if necessary, collect and store further use data. In this way Facebook user profiles can be made which go beyond that which you disclose on Facebook. You can deactivate advertisements on the basis of social actions in the advertising preferences of Facebook.


Alnavit does not find out at any time which Facebook buttons you used when, but receives from Facebook exclusively summarised non-personal statistics about the use of the Alnavit fan pages on Facebook and summarised statistics for use of the Facebook buttons.


Further information can be found in the Data Protection Declaration of Facebook.

8. Use of Google Web Fonts 

Our online offer uses Google Web Fonts for uniform presentation of fonts, a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland („Google“). When accessing a page your browser loads the required web fonts in your browser cache in order to display text and fonts correctly. If your browser does not support Web Fonts, a standard font from your computer is used.


For this purpose the browser you use must establish a connection to the Google server. Through this, Google receives information that our website was accessed through your IP address.  The server to which a connection was established to can be located in the US. In the case that personal data is transmitted to the USA Google is subject to EU-US Privacy Shield. We use Google Web Fonts in the interests of a uniform and appealing presentation of our online presence. The legal basis for data processing is article 6 section 1 S. 1 lit. f GDPR being based on the legitimate interests. Further information can be found in the frequent questions and in the Data Protection Declaration of Google.

9. Your Rights 

You have the right at any time to request information on the processing of your personal data by us. We will explain the data processing to you within the exchange of information and provide you with a summary of stored data about your person. If data stored by us is false or not up to date, you have the right to have the data corrected. You can also demand that your data is deleted. Should deletion of the data as an exception not be possible pursuant to other legal regulations then the data will be blocked so that it is only accessible for this legal purpose.  You can also have processing of your data restricted, e.g. if you are of the opinion that the data stored by us is not correct. You also have the right of data transferability, i.e. that we send you, if requested, a digital copy of personal data provided by you.


You can use the above contact data at any time to assert your rights described here. This is also valid as far as you wish to receive copies of guarantees for proof of an adequate data protection level.


In addition you have the right to object to data processing which relates to article 6 section. 1 lit. e or f GDPR. Finally you have the right to complain to the data protection regulatory board responsible for us. You can assert this right with a regulatory board in a member state of your residence, your work place or the place of the supposed violation. In Hesse the seat of Alnavit, the responsible regulatory body is: Der Hessische Datenschutzbeauftragte, Postfach 3163, 65021 Wiesbaden, Germany.

10. Data Security 

We maintain current technical measures to guarantee data security, in particular for the protection of your personal data against the dangers during data transmission and also against third parties obtaining information. These are updated to the current state of the art accordingly.

11. Amendments to the Data Protection Declaration 

From time to time we update this data protection declaration, for example if we modify our website or legal provisions are changed.


Date: July 2018