Planted

Privacy policy

  1. What is this privacy policy about?

Eatplanted, Golden Cross House, 8 Duncannon Street, London, WC2N 4JF (hereinafter "Eatplanted" or "we") processes personal data relating to you or other individuals in different ways and for different purposes. "Personal data" or hereinafter also "data" is information that can be associated with a specific person and "processing" means any handling of it, e.g. obtaining, storing, using, disclosing and deleting it.

This Privacy Policy explains our processing of such data when you

- purchase products from us online

- participate in our loyalty or referral programme,

- otherwise deal with us under a contract (e.g. as a distributor, restaurant, supplier or their contact person),

- communicate with us,

- visit our website,

- register for services (e.g. our newsletter),

- take part in competitions, prize draws or surveys,

- deal with us in the course of any other data processing in connection with our offers.

We have aligned this data protection declaration with both the Swiss Data Protection Act (DSG) and the European General Data Protection Regulation (GDPR). If the data protection statement refers to "personal data" and "process", this also includes "personal data" and "process" in accordance with the GDPR. Whether and to what extent the DPA or the GDPR is applicable depends on the individual case.

If you provide us with data about other persons, we assume that you are authorised to do so and that this data is correct. Please ensure that these persons have been informed about this privacy policy.

If you have any questions or would like further information about our personal data processing, please do not hesitate to contact us. You will find our contact details in section 2 below.

  1. Who is responsible for processing your data?

Planted is the "responsible party" for data processing in accordance with this data protection declaration, i.e. the party primarily responsible under data protection law, unless otherwise stated below or in individual cases.

If you have any questions about data protection, please feel free to contact us at the following address:

Eatplanted
Golden Cross House
8 Duncannon Street
London, WC2N 4JF
United Kingdom

E-mail: hello@eatplanted.com

  1. What data do we process?

We process different categories of personal data depending on the purpose. The most important categories are listed below for your information, although this list is not exhaustive. Information on the purposes of this processing can be found in section 4.

3.1 Master data

We use the term "master data" to refer to data that we need to process our business relationships or for marketing and advertising purposes and that relates to your person. We process, for example, the following master data and, if you provide us with further master data, also these:

- Name;

- Delivery and billing address;

- e-mail address;

- telephone number;

- In the case of contact persons of companies, also relations to the company for which you work.

3.2 Contract data

Contract data is information that accrues in connection with the conclusion or execution of a contract. We conclude contracts primarily with business partners (especially suppliers) and customers. We process the following contract data, for example:

- Date, application process, information on the type and duration as well as conditions of the relevant contract;

- Contact details and delivery addresses;

- Information on accumulated loyalty points in our loyalty programme; information on which customers have been acquired through our referral programme and who has recommended us to them; information on the use of services, receivables, invoices and payments as well as selected payment methods;

- Information on financial matters such as credit rating (i.e. information that indicates the likelihood of payment) which may be handled by our service provider (see section 10), reminders, debt collection and enforcement;

- Information on customer satisfaction, complaints, feedback, etc.

3.3 Communication Data

Communication data is data in connection with our communication with you, e.g. if you are in contact with us via e-mail or other means of communication. We record the data exchanged between you and us, including your contact details and the peripheral data of the communication (e.g. time, type and place of communication).

Where necessary (e.g. if you make a request for information), we also collect data to identify you, e.g. a copy of an identity document.

3.4 Technical data

Technical data is collected in connection with the use of our website. This includes, for example, the following data:

- IP address of the end device and device ID;

- Information about your terminal device, e.g. operating system or language settings;

- information about your internet provider;

- accessed content or logs in which the use of our systems is recorded;

- Date and time of access to the website and your approximate location;

- If applicable, details of the content and files accessed in your user account.

We may also assign an individual code to your terminal device (e.g. by means of a cookie; see section 5). This code is stored for a certain period of time, often only during your visit. As a rule, we cannot deduce who you are from technical data, unless you register on our website, for example. In this case, we can link technical data with master data - and thus with your person.

3.5 Behavioural and transactional data

When you buy our products or use our services, we often collect data about your behaviour or purchases. This is the case, for example, when you assign purchases from our sales partners to your loyalty ID (e.g. for the crediting of points), when you shop in our online shop or when you visit our website. Behavioural and transactional data includes, for example, the following information to the extent that it is available to us on a personal basis:

- about your behaviour when making purchases (e.g. how often, what and at what prices you make purchases, as well as the type of payment method and delivery method selected);

- about your behaviour in the online shop (ordered and cancelled shopping cart, watch lists, viewed articles, search terms and results, submitted ratings and comments, etc.);

- about your participation in competitions, prize draws and similar events;

- about your use of electronic communications (e.g. whether and when you opened an e-mail or clicked on a link).

You can also use many of our offers anonymously. For example, you can shop with our business partners without giving your loyalty ID. However, if you have a user account, behavioural and transactional data may be associated with your profile even if you are not logged in when you visit the website.

3.6 Preference data

We want to tailor our offers and services to our customers in the best possible way. We therefore also process data on your interests and preferences. To this end, we may link behavioural and transactional data with other data and evaluate this data on a personal and non-personal basis. This allows us to draw conclusions about characteristics, preferences and expected behaviour, e.g. your preferences and affinities for certain products and services.

  1. For what purposes do we process your personal data?

We process personal data in particular for the following purposes:

- We process your data for the conclusion, execution and enforcement of contracts with you or with the company for which you work. In this context, we also process data in order to decide whether and how (e.g. with which payment options) we enter into a contract with you (including credit assessment); for this purpose, we process master data and contract data in particular.

- We process your data in connection with communication with you, e.g. to answer enquiries and assert your rights and to contact you in the event of queries. For this purpose, we use communication data in particular, and possibly also master data. We keep this data in order to document our internal communication with you and to be able to answer queries.

- We also process data for statistical evaluations. Such evaluations support the improvement and development of products and business strategies. We may also use personal data for marketing purposes; see below.

- We also process data for market research, marketing purposes and customer care. For example, we may send you information, advertising and product offers from Eatplanted or display them on third party sites and platforms. Like most companies, we also personalise marketing and other communications so that we can provide you with information and offers that are relevant to you. In particular, we use your behavioural and preference data and, where applicable, master data for these purposes.

- To ensure IT security and prevention: We process personal data to ensure IT security, to prevent fraud and abuse and for evidence purposes.

- To comply with laws, directives and recommendations from authorities and internal regulations ("Compliance"). For these purposes, we use your master data and contract data in particular.

- We may also process personal data for the purpose of legal protection, i.e. to enforce claims in court, before or out of court and before authorities in Switzerland and abroad, or to defend ourselves against claims. For these purposes, we use in particular your master data, communication data and contract data.

- If we sell or acquire receivables, other assets, business units or companies, we process data to the extent necessary to prepare and carry out such transactions, e.g. information about customers or their contact persons or employees, and also disclose corresponding data to buyers or sellers.

- Other purposes: Very many processes are not possible without processing personal data, including usual and even unavoidable internal processes. We process data to the extent necessary for other purposes such as training and education, administration (e.g. contract management, accounting, evaluation and improvement of internal processes and safeguarding other legitimate interests.

You can object to processing for marketing purposes by notifying us, also for individual communication channels (e.g. only advertising via e-mail) or for certain advertising campaigns (see section 14).

  1. How do we process data in connection with our website?

Every time you use our website, technical data is collected (see section 3.4). We use this data so that our website can be used, to ensure system security and stability and to optimise our website, and for statistical purposes.

Our website also uses cookies, i.e. files that your browser automatically saves on your terminal device. This allows us to distinguish individual visitors, but usually without identifying them. Cookies may also contain information about pages accessed and the duration of the visit. Certain cookies ("session cookies") are deleted when the browser is closed. Others ("persistent cookies") remain stored for a certain duration so that we can recognise visitors on a subsequent visit.  We may also use other technologies, e.g. for storing data in the browser, but also for recognition, e.g. pixel tags. Pixel tags are invisible images or program code that are loaded from a server and thereby transmit certain information.

When you access our website, you can activate or deactivate certain categories of cookies via a button displayed in the browser. Furthermore, you can configure your browser in the settings so that it blocks certain cookies or similar technologies or deletes cookies and other stored data. You can find out more about this in the help pages of your browser (usually under the keyword "Privacy").

These cookies and other technologies may also come from third-party companies that provide us with certain functions. These may also be located outside of Switzerland and the EEA (you can find details of this in section 11). For example, we use analysis services so that we can optimise our website. The relevant third-party providers may record the use of the website for this purpose and combine their recordings with further information from other websites. In this way, they can record user behaviour across several websites and end devices in order to provide us with statistical evaluations on this basis. The providers may also use this information for their own purposes, e.g. for personalised advertising on their own website or other websites. If a user is registered with the provider, the provider can assign the usage data to the relevant person.

Two examples of third-party providers are Google and Meta. You can find more information about them below. Other third-party providers generally process personal and other data in a similar way.

- We use Google Analytics on our website, an analytics service provided by Google LLC (1600 Amphitheatre Parkway, Mountain View, CA, USA) and Google Ireland Ltd (Google Building Gordon House, Barrow St, Dublin 4, Ireland). Google collects certain information about the behaviour of users on the website and about the terminal device used. We have configured Google Analytics so that visitors' IP addresses are anonymised before being forwarded to the USA. Google provides us with analyses based on the recorded data, but also processes certain data for its own purposes. You can find information on the data protection of Google Analytics here, and if you have a Google account yourself, you can find further details here.

 

- Our website also uses the "Meta Pixel", an analytics tool provided by Meta Platforms Ireland Ltd (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland). This allows us to control ads on Meta and Meta's partners so that they are only displayed to users for whom ads are likely to be of interest. We may also measure the effectiveness of such ads for statistical and market research purposes. We are jointly responsible with Meta for sharing the data Meta receives as a result, for displaying personalised ads, improving ad delivery and personalising content. The data is stored on servers in the EU/EEA and the US. Users can send requests for information and other enquiries directly to Meta. You can find more information about Meta's data protection and corresponding settings options here.

  1. How do we process data on social media presences?

We may operate our own presences on third-party platforms (in particular social networks) (e.g. Instagram, TikTok, Facebook, YouTube, Linkedin). If you communicate with us there or comment on content, we collect and process the corresponding data. Please make sure that you only share your content with the group of people you wish to. When you visit our social media sites, data may be transmitted directly to or collected by the relevant provider (e.g. data on your user behaviour), and the provider may process this data together with other data known to it. For more information on data processing by social network providers, please refer to the privacy policy of the relevant social network. If we are jointly responsible with the provider, we will enter into an agreement to this effect, which you can find out about by contacting the provider.

  1. How do we process data for newsletters?

When you order our newsletter, you give us your consent to send you electronic newsletters by e-mail in accordance with this privacy policy. The newsletters may contain advertisements for our offers (including, but not limited to, competitions and our loyalty programme), as well as offers from other companies with whom we work. You can unsubscribe at any time via a link in the relevant emails.

In this context, we also process information about which services you have already used, whether you open our newsletters and which links you click on. For this purpose, our email delivery service provider provides a function that essentially works with invisible image data that is loaded from a server via a coded link and thereby transmits the corresponding information. This is a common method that helps us to assess the effect of newsletters and to optimise our newsletters. You can avoid this measurement by setting your email programme accordingly (e.g. by switching off the automatic loading of image files).

  1. How do we use profiling?

"Profiling" means the automated processing of personal data in order to evaluate personal aspects or make predictions, e.g. the analysis of personal interests, preferences and affinities or the prediction of probable behaviour. Profiling can be used in particular to derive preference data (see section 3.6 for more details).

Profiling is a common process, e.g. in the automated processing of master data, contract data, behavioural data, etc.

- of master data, contract data, behavioural data and transaction data for purchases in our online shop;

- of behavioural, transactional and technical data in connection with our website;

- other behavioural and transactional data.

Profiling helps us, for example,

- continuously improve our offers and tailor them better to individual needs;

- to present our content and offers to you according to your needs;

- provide you with advertising and offers that are likely to be relevant to you;

- to provide you with better customer service;

- to decide which payment options are available based on a credit check.

We carry out profiling by evaluating your shopping behaviour and assigning you to certain customer segments based on this. These are groups of people who have similarities with regard to certain characteristics. This profiling enables us, for example, to offer you relevant rewards in connection with the loyalty programme.

Profiling also takes place, for example, in connection with the user account, e.g. by evaluating your usage and shopping behaviour in our online shop and on our website, in order to offer you an individual user experience and to provide you with offers tailored to your interests and preferences.

If you do not want us to analyse personal aspects or make predictions, you can choose not to participate in the loyalty programme or make your purchases without using your loyalty ID, create a user account and register for other services. You can also object to profiling in certain cases as described in section 14.

  1. How do the Eatplanted societies work together?

Planted exists in Switzerland and the EEA, where we have planted (founded) Planted companies. Currently, in addition to us , there are also Planted Foods AG in Switzerland and Planted Foods GmbH. Together we form the Planted Group. We purchase certain services from the group, e.g. accounting and IT services (for more information on service providers, see section 10). The Planted companies also support each other in other matters and may exchange personal data for this purpose. Planted companies may also use data they receive from other Planted companies for their own purposes, analogous to point 4. We assume that such disclosures do not conflict with any confidentiality interests unless you inform us otherwise. We often work with Planted companies under joint responsibility in terms of data protection law. For your data protection rights, you are welcome to contact us (we will coordinate with other Planted companies in this case), but you can also contact them directly.

  1. How do we work with service providers and distributors?

We use various services from third parties, especially IT services (examples are providers of hosting, data analysis services, webshops and newsletter delivery services), logistics services and services from payment service providers, banks, the postal service, consultants, etc. You will find details of service providers for our website under point 5. These service providers may also process personal data to the extent necessary. As a rule, these service providers process personal data on our behalf as so-called "order processors". Our order processors are obliged to process personal data exclusively in accordance with our instructions and to take suitable data security measures. Certain service providers are also jointly responsible with us or independently (e.g. debt collection companies).

Our distribution partners include, for example, retailers and restaurants. As a matter of principle, we do not pass on any personal customer data to them. If you pass on your personal data to our sales partners or have them pass on your personal data to them, e.g. by using a loyalty card of the sales partner or by placing an order on the website of the sales partner, the sales partners are independently responsible for this data processing. Under certain circumstances, distributors may also be service providers of ours (in accordance with the above section).

  1. Can we disclose data abroad?

The recipients of data are not only located in the UK, Switzerland or the EEA. This applies in particular to certain IT service providers. Some of these also have locations in other countries around the world, e.g. in the USA. We may also transfer data to authorities and other persons abroad if we are legally obliged to do so or, for example, in the context of a company sale or legal proceedings (see section 4). Not all of these countries have adequate data protection. We compensate for the lower level of protection through appropriate contracts, in particular the so-called standard contractual clauses of the European Commission, which can be accessed here. In certain cases, we may also transfer data without such contracts in accordance with data protection requirements, e.g. if you have consented to the corresponding disclosure or if the disclosure is necessary for the performance of the contract, for the establishment, exercise or enforcement of legal claims or for overriding public interests.

  1. On what legal basis is data processing based?

Depending on the applicable law, data processing is only permitted if the applicable law specifically allows it. This does not apply under the Swiss Data Protection Act, but does apply under the GDPR, for example. In this case, we base the processing of your personal data on the fact that it is necessary for the preparation and execution of contracts, that it is necessary for the legitimate interests of us or third parties, e.g. for statistical evaluations or for marketing purposes, that it is required or permitted by law or that you have separately consented to the processing. You will find the relevant provisions in Art. 6 and 9 of the GDPR.

You are not obliged to disclose data to us, subject to individual cases (e.g. if you have to fulfil a contractual obligation and this involves disclosing data to us). However, for legal and other reasons, we must process data when we conclude and execute contracts. The use of our website is also not possible without data processing.

  1. How long do we process your personal data?

We store and process your personal data as long as it is necessary for the purpose of processing, as long as we have a legitimate interest in storing it (e.g. to enforce legal claims, for archiving or to ensure IT security) and as long as data is subject to a legal obligation to retain it. If there are no legal or contractual obligations to the contrary, we will destroy or anonymise your data after the storage or processing period has expired as part of our normal processes.

  1. What rights do you have?

You have certain rights under applicable data protection law to obtain further information about our data processing and to have an influence on it:

- Right of access: you have the right to request certain information about our processing of your personal data and a copy of personal data.

- Right of rectification: You can request that we correct or complete inaccurate or incomplete data, e.g. if it is incorrect.

- Deletion: You have the right to request the deletion or anonymisation of data.

- Objection and revocation: You can object to our processing for certain purposes (e.g. processing for marketing purposes, in particular profiling). You have the right to revoke consent with effect for the future, insofar as processing is based on consent.

- Transfer: You have the right to receive personal data that you have provided to us in a structured, common and machine-readable format or to have it transferred to a third party, insofar as the corresponding data processing is based on your consent or is necessary for the performance of the contract.

If you wish to make use of such a right or have suggestions for improvements to our data processing, we are at your disposal (under the contact details in section 2). You are also free to file a complaint against our processing of your data with the competent supervisory authority, in Berlin the Berlin Commissioner for Data Protection and Freedom of Information.

 

Status of data protection declaration: 07 September 2022

How it works
You can benefit from the subscription from a shopping basket size of 5 or more products.
%
Save 20% with the Planted subscription
We reward you for your commitment with a discount on every delivery.
Small commitment, big impact
You can cancel your subscription at any time after a minimum term of 3 months.
Even more impact
Healthy for you and the planet. Without additives, 100% plant-based.