Become exhibitor
Get tickets

Data protection

General

As the operator of this website and as a company, we come into contact with your personal data. This refers to all data that says something about you and with which you can be identified. In this privacy policy, we would like to explain to you how, for what purpose and on what legal basis we process your data.

We are responsible for data processing on this website and in our company:

CANNAFRIENDS hemp trade fair & manufactory
Heiko Klein
Iltener Straße 87
31275 Lehrte, Germany

Phone: 05132 9234680
E-mail: info@canna-friends.de

General information

SSL or TLS encryption

When you enter your data on websites, place online orders or send e-mails via the Internet, you must always be aware that unauthorized third parties may access your data. There is no complete protection against such access. However, we make every effort to protect your data in the best possible way and to close security gaps as far as possible.

An important protection mechanism is the SSL or TLS encryption of our website, which ensures that data that you transmit to us cannot be read by third parties. You can recognize the encryption by the lock icon in front of the Internet address entered in your browser and by the fact that our Internet address begins with https:// and not with http://.

How long do we store your data?

In some places in this privacy policy, we inform you about how long we or the companies that process your data on our behalf store your data. If no such information is provided, we will store your data until the purpose of the data processing no longer applies, you object to the data processing or you withdraw your consent to the data processing.

However, in the event of an objection or revocation, we may continue to process your data if at least one of the following conditions is met:

  • We have compelling legitimate grounds for continuing the data processing that outweigh your interests, rights and freedoms (only if you object to the data processing; if the objection is directed against direct marketing, we cannot provide any legitimate grounds).
  • Data processing is necessary in order to assert, exercise or defend legal claims (does not apply if your objection is directed against direct advertising).
  • We are legally obliged to store your data.

In this case, we will delete your data as soon as the requirement(s) cease(s) to apply.

Your rights

Objection to data processing

IF YOU READ IN THIS DATA PROTECTION DECLARATION THAT WE HAVE LEGITIMATE INTERESTS FOR THE PROCESSING OF YOUR DATA AND THEREFORE BASE THIS ON ART. 6 ABS. 1 SET 1 LIT. F) GDPR, YOU HAVE THE RIGHT TO OBJECT TO THIS IN ACCORDANCE WITH ART. 21 GDPR, YOU HAVE THE RIGHT TO OBJECT TO THIS. THIS ALSO APPLIES TO PROFILING CARRIED OUT ON THE BASIS OF THE AFOREMENTIONED PROVISION. THE PREREQUISITE IS THAT YOU STATE REASONS FOR THE OBJECTION THAT ARISE FROM YOUR PARTICULAR SITUATION. NO JUSTIFICATION IS REQUIRED IF THE OBJECTION IS DIRECTED AGAINST THE USE OF YOUR DATA FOR DIRECT ADVERTISING.

THE CONSEQUENCE OF THE OBJECTION IS THAT WE MAY NO LONGER PROCESS YOUR DATA. THIS ONLY DOES NOT APPLY IF ONE OF THE FOLLOWING CONDITIONS IS MET:

  • WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS.
  • THE PROCESSING SERVES THE ASSERTION, EXERCISE OR DEFENSE OF LEGAL CLAIMS.

THE EXCEPTIONS DO NOT APPLY IF YOUR OBJECTION IS DIRECTED AGAINST DIRECT ADVERTISING OR AGAINST PROFILING IN CONNECTION WITH THIS.

Further rights

Revocation of your consent to data processing

Many data processing operations are carried out on the basis of your consent. You grant this consent, for example, by ticking the appropriate box on online forms before you send the form or by allowing certain cookies when you visit our website. You can withdraw your consent at any time without giving reasons (Art. 7 (3) GDPR). We may then no longer process your data from the time of revocation. The only exception is that we are legally obliged to store the data for a certain period of time. Such retention periods exist in particular in tax and commercial law.

Right to lodge a complaint with the competent supervisory authority

If you believe that we are in breach of the General Data Protection Regulation (GDPR), you have the right to lodge a complaint with a supervisory authority in accordance with Art. 77 GDPR. You can contact a supervisory authority in the Member State of your place of residence, your place of work or the place where the alleged infringement took place. The right of appeal exists alongside administrative or judicial remedies.

Right to data portability

Data that we process automatically on the basis of your consent or in fulfillment of a contract must be handed over to you or a third party in a commonly used, machine-readable format if you request this. We can only transfer the data to another controller if this is technically possible.

Right to data access, erasure and rectification

In accordance with Art. 15 GDPR, you have the right to receive information free of charge about what personal data we have stored about you, where the data comes from, to whom we transmit the data and for what purpose it is stored. If the data is incorrect, you have a right to rectification (Art. 16 GDPR); under the conditions of Art. 17 GDPR, you may request that we erase the data.

Right to restriction of processing

In certain situations, you can request that we restrict the processing of your data in accordance with Art. 18 GDPR. Apart from storage, the data may then only be processed as follows:

  • with your consent
  • for the assertion, exercise or defense of legal claims
  • to protect the rights of another natural or legal person
  • for reasons of important public interest of the European Union or a Member State

The right to restriction of processing exists in the following situations:

  • You have disputed the accuracy of your personal data stored by us and we need time to check this. Here the right exists for the duration of the examination.
  • The processing of your personal data is unlawful or was unlawful in the past. Here the right exists as an alternative to deletion of the data.
  • We no longer need your personal data, but you need it for the exercise, defense or assertion of legal claims. Here the right exists as an alternative to deletion of the data.
  • You have objected in accordance with Art. 21 para. 1 GDPR and now your and our interests must be weighed against each other. The right exists here as long as the result of the consideration has not yet been determined.

Hosting and Content Delivery Networks (CDN)

External hosting

Our website is hosted on a server of the following internet service provider (hoster):

WP Engine
Irongate House, 22-30 Duke’s
Place
London, EC3A 7LP United Kingdom

Has an order processing contract been concluded with the hoster or are standard contractual clauses (SCC) used?

Yes

How do we process your data?

The host stores all data from our website. This also includes all personal data that is collected automatically or through your input. This can be in particular: Your IP address, pages accessed, names, contact details and requests as well as meta and communication data. When processing data, our hoster complies with our instructions and only ever processes the data to the extent that this is necessary to fulfill the service obligation to us.

On what legal basis do we process your data?

Since we address potential customers via our website and maintain contact with existing customers, the data processing by our hoster serves to initiate and fulfill the contract and is therefore based on Art. 6 para. 1 lit. b) GDPR. Furthermore, it is our legitimate interest as a company to provide a professional website that meets the necessary requirements in terms of security, speed and efficiency. In this respect, we also process your data on the basis of Art. 6 para. 1 lit. f) GDPR.

Cloudflare

What is Cloudflare?

Content Delivery Network (CDN) with Domain Name System (DNS)

Who processes your data?

Cloudflare Inc, 101 Townsend St., San Francisco, CA 94107, USA

Has an order processing contract been concluded with Cloudflare?

Yes

Where can you find more information about data protection at Cloudflare?

https://www.cloudflare.com/privacypolicy/

On what basis do we transfer your data to the USA?

Based on the adequacy decision of the European Commission and the corresponding certification of the company.

How do we process your data?

We use the services of Cloudflare for our website. The global content delivery network ensures that all the content we make available online reaches you quickly, even when large volumes of data have to be moved over long distances. This is made possible by Cloudflare, with all its technical capabilities and servers around the world, being interposed between our website and your browser, analyzing the traffic and filtering out malicious data before it reaches our server. Cloudflare also comes into contact with personal data that is collected via our website. The company may also use cookies or other technologies to recognize Internet users. Data processing by Cloudflare always serves the sole purpose of enabling fast data traffic.

On what legal basis do we process your data?

We have a legitimate interest in providing visitors to our website with an online service that is as fast and efficient as possible. Data processing is therefore carried out on the basis of Art. 6 para. 1 lit. f) GDPR.

Data collection on this website

Use of cookies

Our website places cookies on your device. These are small text files that are used for different purposes. Some cookies are technically necessary for the website to function at all (necessary cookies). Others are required to perform certain actions or functions on the site (functional cookies). For example, without cookies it would not be possible to use the benefits of a shopping cart in an online store. Other cookies are used to analyze user behavior or to optimize advertising measures. If we use third-party services on our website, e.g. to process payment transactions, these companies may also leave cookies on your device when you visit the website (so-called third-party cookies).

How do we process your data?

Session cookies are only stored on your device for the duration of a session. As soon as you close the browser, they disappear automatically. Permanent cookies, on the other hand, remain on your device if you do not delete them yourself. This can, for example, lead to your user behavior being permanently analyzed. You can use the settings in your browser to influence how it handles cookies:

  • Do you want to be informed when cookies are set?
  • Do you want to exclude cookies in general or for certain cases?
  • Do you want cookies to be deleted automatically when you close your browser?

If you deactivate or do not allow cookies, the functionality of the website may be restricted.

If we use cookies from other companies or for analysis purposes, we will inform you about this in this privacy policy. We also ask for your consent in this regard when you visit our website.

On what legal basis do we process your data?

We have a legitimate interest in ensuring that our online services can be used by visitors without technical problems and that all desired functions are available to them. The storage of necessary and functional cookies on your device therefore takes place on the basis of Art. 6 para. 1 lit. f) GDPR. We set all other cookies on the basis of Art. 6 para. 1 lit. a) GDPR, provided that you give us your consent to do so. You can revoke this at any time with effect for the future. If you have consented to the placement of necessary and functional cookies when your consent was requested, these cookies will also be stored exclusively on the basis of your consent.

Cookie consent with Borlabs Cookie

What is Borlabs Cookie?

Cookie plugin for compliance with the GDPR and ePrivacy

Who processes your data?

Only we, not the provider of Borlabs Cookie

Where can you find more information about data protection at Borlabs Cookie?

https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/

How do we process your data?

We use Borlabs Cookie to obtain your consent to the storage of cookies on your device. When you visit our website and close the Borlabs Cookie window with the request for consent, a Borlabs cookie with the following content is stored in your browser:

  • Cookie runtime
  • Cookie version
  • Domain and path of the website
  • Consents
  • a randomly generated ID

This data is not transmitted to the provider of Borlabs Cookie.

We store the data until the purpose of the data storage no longer applies, you delete the Borlabs cookie or request us to delete the data. This only does not apply if we are legally obliged to store the data.

On what legal basis do we process your data?

We are legally obliged to obtain the consent of our website visitors for the use of certain cookies. To fulfill this obligation, we use Borlabs Cookie. The legal basis for data processing is therefore Art. 6 para. 1 lit. c) GDPR.

Server log files

Server log files log all requests and access to our website and record error messages. They also include personal data, in particular your IP address. However, this is anonymized by the provider after a short time so that we cannot assign the data to your person. The data is automatically transmitted from your browser to our provider.

How do we process your data?

Our provider stores the server log files in order to be able to track the activities on our website and to detect errors. The files contain the following data:

  • Browser type and version
  • Operating system used
  • Referrer URL
  • Host name of the accessing computer
  • Time of the server request
  • IP address (anonymized if necessary)

We do not merge this data with other data, but only use it for statistical analysis and to improve our website.

On what legal basis do we process your data?

We have a legitimate interest in ensuring that our website runs smoothly. It is also in our legitimate interest to obtain an anonymized overview of access to our website. The data processing is therefore in accordance with Art. 6 para. 1 lit. f) GDPR is lawful.

Contact form

You can send us a message using the contact form on this website.

How do we process your data?

We save your message and the information from the form in order to be able to process your request, including follow-up questions. This also applies to the contact details provided. We will not pass the data on to other persons without your consent.

How long do we store your data?

We delete your data as soon as one of the following points occurs:

  • Your request has been finally processed.
  • You ask us to delete the data.
  • You revoke your consent to storage.

This only does not apply if we are legally obliged to retain the data.

On what legal basis do we process your data?

If your request is related to our contractual relationship or serves the implementation of pre-contractual measures, we process your data on the basis of Art. 6 para. 1 lit. b) GDPR. In all other cases, it is in our legitimate interest to process requests addressed to us effectively. The legal basis for data processing is therefore Art. 6 para. 1 lit. f) GDPR. If you have consented to the storage of your data, Art. 6 para. 1 lit. a) GDPR is the legal basis. In this case, you can withdraw your consent at any time with effect for the future.

Request by e-mail, telephone or fax

You can send us a message by e-mail or fax or give us a call.

How do we process your data?

We store your message and the contact details you have provided or the telephone number you have transmitted so that we can process your request, including any follow-up questions. We will not pass the data on to other persons without your consent.

How long do we store your data?

We delete your data as soon as one of the following points occurs:

  • Your request has been finally processed.
  • You ask us to delete the data.
  • You revoke your consent to storage.

This only does not apply if we are legally obliged to retain the data.

On what legal basis do we process your data?

If your request is related to our contractual relationship or serves the implementation of pre-contractual measures, we process your data on the basis of Art. 6 para. 1 lit. b) GDPR. In all other cases, it is in our legitimate interest to process requests addressed to us effectively. The legal basis for data processing is therefore Art. 6 para. 1 lit. f) GDPR. If you have consented to the storage of your data, Art. 6 para. 1 lit. a) GDPR is the legal basis. In this case, you can withdraw your consent at any time with effect for the future.

Comment function

You have the option of commenting on content on our website via corresponding input windows. To be able to use the comment function, you must enter your e-mail address. It is also possible to subscribe to the comments of others.

How do we process your data?

If you leave comments on our website, we store the following data:

  • Your comment
  • Your e-mail address
  • the time of the commentary
  • other data that you provide in the course of commenting, e.g. your user name
  • Your IP address

We store data with which you can be identified in order to be able to take legal action against you if your comment is offensive, inciting hatred or otherwise criminally relevant.

If you subscribe to comments, we will send you an e-mail to verify that you are the owner of the e-mail address provided. You can unsubscribe from receiving comments at any time via a link in this e-mail.

How long do we store your data?

We store your comments and the associated data until the commented content has been completely deleted or the comments have to be deleted for legal reasons, e.g. because they violate criminal law.

If you have subscribed to comments and unsubscribe, all data provided as part of the subscription will be deleted. If we have also stored your data for another reason, e.g. because you have subscribed to our newsletter, this data is not affected by the deletion.

On what legal basis do we process your data?

By using the comment function, you consent to the storage of your data. The basis for data processing is therefore Art. 6 para. 1 lit. a) GDPR. You can revoke your consent at any time by sending us an e-mail in which you declare your revocation. From this point on, we are no longer allowed to process your data.

Analysis tools and advertising

We use the following tools to analyze the behavior of our website visitors and to show you advertising.

Matomo Analytics (installed locally)

You may choose to prevent this website from aggregating and analyzing the actions you take here. Doing so will protect your privacy, but will also prevent the owner from learning from your actions and creating a better experience for you and other users.

How do we process your data?

We are always interested in optimizing our website for users and placing advertising in the best possible way. Matomo Analytics, an open source tool that analyzes user behavior and thus provides us with the necessary database for adjustments, helps us to do this. Matomo uses cookies, device fingerprinting and other technologies that enable the cross-page recognition of the user to analyze user behavior. Matomo records the page views, the region from which they come, the IP address, referrer, browser used and operating systems. The tool can also measure whether our website visitors perform certain actions (e.g. click on links or make purchases). After anonymization of your IP address, the collected data is stored exclusively on our server.

On what legal basis do we process your data?

As a website operator, we have a legitimate interest in the anonymized analysis of user behaviour for the purpose of optimizing our website and the advertising placed on it. The data processing is therefore permitted under Art. 6 para. 1 lit. f) GDPR is lawful. In the event that you have consented to the storage of cookies, for example, or have consented to data processing in any other way, only Art. 6 para. 1 lit. a) GDPR is the legal basis. You can revoke your consent at any time with effect for the future.

Newsletter

MailerLite

What is MailerLite?

Service for sending newsletters and analyzing recipient behavior

Who processes your data?

MailerLite Limited, Ground Floor, 71 Lower Baggot Street, Dublin 2, D02 P593, Ireland

Where can you find more information about data protection at MailerLite?

https://www.mailerlite.com/legal/privacy-policy and https://www.mailerlite.com/legal/security-statement

How do we process your data?

We use MailerLite to send out our newsletter. The service manages the data of newsletter subscribers for us, sends out our newsletter and analyzes our newsletter campaigns. If you would like to receive our newsletter, we need your e-mail address. We will also use a confirmation e-mail (double opt-in procedure) to check whether you are really the owner of this e-mail address. We do not collect any further data or only on a voluntary basis. We use your data exclusively for sending the newsletter. If we send a newsletter via MailerLite and you open it, a file contained in the newsletter automatically connects to the MailerLite servers. This tells the service that the newsletter has been opened and registers all clicks on the links it contains. In addition, MailerLite collects technical information such as the time of access, IP address, browser type and operating system. You can unsubscribe from the newsletter at any time.

How long do we store your data?

After you have unsubscribed, your data will be deleted from the newsletter distribution list. Under certain circumstances, we may also place your e-mail address on a blacklist; this is necessary, for example, if we have received an objection to advertising from you. The storage then takes place on the basis of Art. 6 para. 1 lit. f) GDPR. Furthermore, we reserve the right to delete the data at any time once the purpose for which it was collected no longer applies or at our own discretion.

On what legal basis do we process your data?

By adding your name to the subscriber list, you consent to the processing of your data by MailerLite. This is therefore carried out lawfully on the basis of Art. 6 para. 1 lit. a) GDPR. You can revoke your consent by unsubscribing from the newsletter or by sending us an informal message. For us, this means that we are no longer allowed to send you newsletters from this point on.

Brevo

What is Brevo?

Service for sending newsletters and messages, analyzing recipient behavior and managing marketing activities

Who processes your data?

Sendinblue GmbH, Köpenicker Str. 126, 10179 Berlin, Germany

Has an order processing contract been concluded with Brevo?

Yes

Where can I find more information about data protection at Brevo?

https://www.brevo.com/de/legal/privacypolicy/ and https://www.brevo.com/de/legal/antispampolicy/

How do we process your data?

Brevo allows us to manage a database of email contacts, phone numbers or any other contact information to communicate with customers and other interested parties. Information can also be collected about the date and time a message was read, as well as when the person contacted interacts with incoming messages, for example by clicking on links contained in them. It is also possible to send – timed – messages to customers and other interested parties. If you would like to receive our newsletter or other news, we need your e-mail address/corresponding contact information. We will also use a confirmation e-mail (double opt-in procedure) to check whether you are really the owner of this e-mail address and/or telephone number. We do not collect any further data or only on a voluntary basis. We use your data exclusively for sending newsletters / messages. If we send a newsletter via Brevo and you open it, a file contained in the newsletter automatically connects to the Brevo servers. This tells the service that the newsletter has been opened and registers all clicks on the links it contains. In addition, Brevo collects technical information such as the time of access, IP address, browser type and operating system. You can unsubscribe from the newsletter at any time.

How long do we store your data?

After you have unsubscribed, your data will be deleted from the newsletter distribution list. Under certain circumstances, we may also place your e-mail address on a blacklist; this is necessary, for example, if we have received an objection to advertising from you. The storage then takes place on the basis of Art. 6 para. 1 lit. f) GDPR. Furthermore, we reserve the right to delete the data at any time once the purpose for which it was collected no longer applies or at our own discretion.

On what legal basis do we process your data?

With your entry in the subscriber list, you consent to data processing by Brevo. This is therefore carried out lawfully on the basis of Art. 6 para. 1 lit. a) GDPR. You can revoke your consent by unsubscribing from the newsletter or by sending us an informal message. For us, this means that we are no longer allowed to send you newsletters from this point on.

Google Fonts (local hosting)

We use fonts from the US company Google on our website. We have installed the fonts locally so that there is no connection to Google’s servers when you visit our website. Further information on Google Fonts can be found at https://developers.google.com/fonts/faq and in Google’s privacy policy: https://policies.google.com/privacy?hl=de.

For exhibitors

For visitors

General information

Our newsletter

© CannaFriends 2024

Linkedin Instagram Facebook-f Tiktok