← Back

Privacy Policy

Privacy Policy

1. Controller and Data Protection Officer

Controller pursuant to the GDPR:
100 Gramm GmbH
Weinbergsweg 25
10119 Berlin, Germany
E-Mail: claudius@100gramm.berlin
Phone: +49 30 896 52057
Represented by the Managing Director: Claudius-Roman Wiehe

External Data Protection Officer:
Simon Pokrony
DLx Media
Badstraße 49
13357 Berlin, Germany
E-Mail: 100grammvino@dlx-media.com
Web: www.dlx-media.com

2. General Information on Data Processing

The protection of your personal data is important to us. We process your data exclusively on the basis of applicable legal provisions, in particular the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).

Our website can generally be used without providing personal data. Where personal data is collected on our pages, this is done on a voluntary basis or where required by law.

3. Hosting and Server Log Files

When you visit our website, our hosting provider automatically stores general technical access data in so-called server log files. This includes:

  • Browser type and version
  • Operating system used
  • Referrer URL (previously visited page)
  • Date and time of access
  • IP address (anonymised)
  • Internet service provider

This data is processed solely to ensure the technical operation of the website, for error analysis and to defend against attacks. It is not combined with any other personal data.

Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest in the secure operation of the website).
Retention period: Log files are automatically deleted after a maximum of 30 days.

4. Website Analytics with DLx Analytics

We use DLx Analytics, a service provided by DLx Media, Badstraße 49, 13357 Berlin, Germany (www.dlx-analytics.com), to analyse usage behaviour on our website.

DLx Analytics is a privacy-compliant analytics solution based in Germany. The service operates without cookies, without fingerprinting and without collecting personal data. Only anonymised, aggregated usage statistics are recorded (e.g. page views, time on site, country of origin). The identification of individual persons is technically impossible.

As no personal data is processed, neither consent nor an opt-out is required for this service. No data is transferred to third countries outside the EU.

5. Contact Form

You can send us a message via the contact form on our website. The data you provide (e.g. name, e-mail address, message) will be used exclusively to process your enquiry and will not be passed on to third parties.

Legal basis: Art. 6 para. 1 lit. b GDPR (initiation of a contract or pre-contractual measures) or Art. 6 para. 1 lit. f GDPR (legitimate interest in responding to enquiries).
Retention period: Your data will be deleted once your enquiry has been fully processed, provided no statutory retention obligations apply.

6. Newsletter

You can subscribe to our newsletter on our website. We use a double opt-in procedure: after signing up, you will receive a confirmation e-mail asking you to actively confirm your subscription. Only then will your e-mail address be added to our mailing list.

We store your e-mail address and the timestamp of your confirmation at the time of registration. This data is used exclusively for sending the newsletter and is not passed on to third parties. The newsletter is sent via our own self-operated infrastructure.

You may unsubscribe from the newsletter at any time. Every newsletter contains an unsubscribe link. Upon unsubscribing, your e-mail address will be removed from our mailing list without delay.

Legal basis: Art. 6 para. 1 lit. a GDPR (consent).

7. Your Rights as a Data Subject

You have the following rights with regard to your personal data:

  • Right of access (Art. 15 GDPR): You may request information at any time about what data we hold about you.
  • Right to rectification (Art. 16 GDPR): You have the right to have inaccurate data corrected.
  • Right to erasure (Art. 17 GDPR): You may request the deletion of your data, provided no statutory retention obligations apply.
  • Right to restriction of processing (Art. 18 GDPR): You may request that the processing of your data be restricted.
  • Right to data portability (Art. 20 GDPR): You have the right to receive your data in a commonly used, machine-readable format.
  • Right to object (Art. 21 GDPR): You may object at any time to the processing of your data on the basis of legitimate interests.
  • Right to withdraw consent (Art. 7 para. 3 GDPR): Any consent you have given may be withdrawn at any time with effect for the future.
  • Right to lodge a complaint (Art. 77 GDPR): You have the right to lodge a complaint with a data protection supervisory authority. The competent authority is the Berlin Commissioner for Data Protection and Freedom of Information, Friedrichstr. 219, 10969 Berlin, Germany.

To exercise your rights, please contact our Data Protection Officer (see contact details in Section 1).

8. Applicant Data

You may apply to us via the application form on our website (including file upload for your CV and further documents) or by e-mail. We process the personal data you provide (e.g. name, contact details, CV, certificates) solely for the purpose of conducting the application process. Data is processed exclusively internally and is not passed on to third parties.

The transmission of your application documents via our form is encrypted (HTTPS). Uploaded files are stored on our own servers and are accessible only to those persons involved in the application process.

Legal basis: § 26 BDSG in conjunction with Art. 6 para. 1 lit. b GDPR.

Retention period: In the event of a rejection, your application documents including any uploaded files will be deleted no later than 6 months after the conclusion of the application process. In the event of employment, the data will be transferred to your personnel file.

If you expressly consent to inclusion in our applicant pool, we will retain your data on the basis of Art. 6 para. 1 lit. a GDPR for up to 2 years. You may withdraw this consent at any time.

9. Data Security

We implement technical and organisational security measures to protect your data against accidental or intentional manipulation, loss, destruction or access by unauthorised persons. Our security measures are continuously updated in line with technological developments.

Data transmission on our website is encrypted using the HTTPS protocol.

10. Updates to this Privacy Policy

This privacy policy is currently valid and was last updated in May 2026. Further development of our website or changes to legal requirements may make it necessary to update this privacy policy. The current version is available on this page at any time.