DEUTSCHE VERSION IN ARBEIT
Protection of your data is important to us!
We treat your privacy as we would treat our own data and want others to treat us. Your personal data is private and confidential with us and is required only to perform the orders, make your experience on our website seamless and pleasant or to give you some relevant information.
The only e-mails we will send you are related to handling your order or if you have subscribed to our newsletter, you will get them regularly.
If you want your data to be deleted, please contact us via E-mail: email@example.com or use our contact form for this.
We use encryption for your order placement, to ensure that the data is secured.
Protecting your privacy is of the highest importance to us. Below you can find the information in greater details and full transparency as to the way we handle your data.
1) Information about the collection of personal data and contact details of the person responsible.
1.2 Responsible for the data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is Lou Fiedeler, L'OUskincare, Wielandstraße 18,10629 Berlin, Germany, Tel .:01742146390, E-Mail: firstname.lastname@example.org.
The person responsible for the processing of personal data is a natural or legal person who, alone or in cooperation with others, decides on the purposes and means of processing personal data.
1.3 For reasons of security and to protect the transfer of personal data and other confidential content (for example, orders or inquiries to the person responsible), this website uses an SSL secure encryption, particularly TLS encryption. You can recognize an encrypted connection by the string "https: //" and the lock icon in your browser bar.
2) Data collection when visiting our website.
In the case of merely informative use of our website, i.e. if you do not register or otherwise provide us with information, we only collect data that your browser transmits to our server (so-called "server log files"). When you visit our website, we collect the following information that is technically necessary for us to display the website:
Our visited website
Date and time at the time of access
Amount of data sent in bytes
Source/reference from which you came to the site
Operating system used
Used IP-address (possibly in anonymous form)
The processing is carried out in accordance with Art. 6 (1) lit. f GDPR based on our legitimate interest in improving the stability and functionality of our website. A transfer or other use of the data does not take place in this case. However, we reserve the right to retrospectively check the server log files should concrete evidence point to unlawful use.
In order to make the visit to our website attractive and to enable the use of certain functions, we use so-called cookies on various pages. These are small text files that are stored on your device. Some of the cookies we use are deleted after the end of the browser session, i.e. after closing your browser (so-called session cookies). Other cookies remain on your device and allow us or our affiliate (third-party cookies) to recognize your browser the next time you visit our website(so-called persistent cookies). If cookies are set, they collect and process specific user information, such as browser and location data as well as IP address values, to an individual extent. Persistent cookies are automatically deleted after a specified period, which may differ depending on the cookie.
Some of the cookies are used to simplify the ordering process by storing settings (for example, remembering the contents of a virtual shopping cart for a later visit to our website).
The data processing by cookies is carried out in accordance with Art. 6 (1) lit. b GDPR either for the execution of the contract or, in accordance with Art. 6 (1) lit. f GDPR, for the purpose of maintaining our legitimate interests in the best possible functionality of the website as well as a customer-friendly and effective design of the page visit.
We work with advertising partners to help us make our web site more interesting to you. For this purpose, when you visit our website, cookies from partner companies are stored on your hard disk (third-party cookies). If we cooperate with the aforementioned advertising partners, you will be informed individually and separately about the use of such cookies and the scope of the information collected in the following paragraphs.
Please note that you can set your browser so that you are informed about the setting of cookies and individually decide on their acceptance or can exclude the acceptance of cookies for specific cases or in general. Each browser differs in the way it manages the cookie settings. This is described in the Help menu of each browser, which explains how to change your cookie settings. These can be found for the respective browser under the following links:
Internet Explorer: https://support.microsoft.com/en-us/help/17442/windows-internet-explorer-delete-manage-cookies
Please note that if you do not accept cookies, the functionality of our website may be limited.
When contacting us (for example via contact form or e-mail), personal data is collected.
Which data are collected in the case of a contact form can be seen from the respective contact form. These data are stored and used solely for the purpose of answering your request or for establishing contact and the associated technical administration. The legal basis for the processing of this data is our legitimate interest in answering your request in accordance with Art. 6 para. 1 lit. f GDPR.
If your contact is aimed at the conclusion of a contract, then the additional legal basis for processing is Art. 6 (1) lit. b GDPR. Your data will be deleted after final processing of your request, under the provision that the contact purpose was has been fully resolved and provided that there are no legal obligations to store the information.
5) Data processing when opening a customer account and for contract execution
According to Art. 6 (1) lit. b GDPR, personal data will continue to be collected and processed if you provide it to us for the purpose of concluding a contract or opening a customer account. The data collected is shown in the respective input forms. Deletion of your customer account is possible at any time and can via the contact form, or using the aforementioned contact details of the responsible person. We store and use the data you have provided as these are necessary for the execution of the contract. After completion of the contract or deletion of your customer account, your data will be blocked for the statutory retention periods and deleted after expiration of these periods, unless you have expressly consented to further use of your data or a legally permitted further data use by our side which we will inform you accordingly below.
6) Comment function
As part of the comment function on this website, in addition to your comment, information on the time of writing the commentary and the name of the commentator you have chosen will be saved and published on this website. Furthermore, your IP address will be logged and saved. This storage of the IP address is made for security reasons and in the event that the data subject violates the rights of third parties or posts unlawful contents by submitting a comment. We need your e-mail address in order to contact you if a third party objects to your published content as unlawful. The legal basis for the storage of your data is Art. 6 (1) lit. b and f GDPR. We reserve the right to delete comments if they are objected to by third parties as unlawful.
7) Use of your data for direct mail
7.1 Subscribing to our e-mail newsletter
If you subscribe to our e-mail newsletter, we will send you regular information about our offers. Mandatory information for sending the newsletter is your e-mail address alone. The specification of further data is voluntary and will be used to address you personally. We will send you our newsletter only if you have explicitly consented to it. The legal basis for the sending you the newsletter is Art. 6 para. 1 lit. b and f GDPR.
When registering for the newsletter, we store your e-mail address as well as the date and time of registration. The data collected by us when registering for the newsletter will be used exclusively for promotional purposes by means of the newsletter. You can unsubscribe from the newsletter at any time via the provided link in the newsletter or by sending a message to email@example.com. If you have unsubscribed, your e-mail address will be deleted immediately from our newsletter distribution, as far as you have not expressly consented to further use of your data or we reserve the right to further data usage, which is permitted by law and about which we are informing you in this statement.
7.2 Sending Newsletter via MailChimp
The distribution of our e-mail newsletters is through the technical service provider The Rocket Science Group, LLC d / b / a MailChimp, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA (https://mailchimp.com), to which we pass on your data provided you have subscribed to our newsletter. This transfer is made in accordance with Art. 6 (1) lit. f GDPR and serves our legitimate interest in the use of a promotional, secure and user-friendly newsletter system. Please note that your data is usually transmitted to and stored by a MailChimp server in the USA.
MailChimp uses this information for sending and statistical evaluation of the newsletter on our behalf. For the evaluation, the e-mails sent include so-called web beacons or tracking pixels, which represent one-pixel image files that are stored on our website. This will determine if a newsletter message has been opened and which links may have been clicked.
MailChimp uses the web beacons to automatically generate general, non-personal statistics on how to respond to newsletter campaigns. Based on our legitimate interest in the statistical evaluation of newsletter campaigns for the optimization of advertising communication and a better focus on recipient interests, the web beacons in accordance with Art. 6 (1) lit. f GDPR also includes data from the respective newsletter recipient e-mail address, Time of retrieval, IP address, browser type and operating system. These data are processed by MailChimp to automatically generate statistics that indicate whether a particular recipient has opened a newsletter message or not.
If you want to deactivate the data analysis for statistical evaluation purposes, you just need to unsubscribe from the newsletter or send us a message, using our contact form or e-mail address: firstname.lastname@example.org
MailChimp can also provide this data in accordance with Art. 6 (1) lit. f Use GDPR itself for its own legitimate interest in the needs-based design and optimization of the service, as well as for market research purposes, for example, to determine from which countries the recipients come. However, MailChimp does not use the data of our newsletter recipients to write them down or to pass them on to third parties.
To secure your information in the United States, we have entered into a data processing agreement with MailChimp based on the standard contractual clauses of the European Commission to allow the transfer of your personal information to MailChimp. If you are interested, this data processing contract can be viewed at the following Internet address: https://mailchimp.com/legal/data-processing-addendum/
8) Data processing for order processing
8.1 In order to process your order, we cooperate with the following service providers who assist us wholly or partially in the execution of concluded contracts. Certain personal data will be transmitted to these service providers in accordance with the following information.
The personal data collected by us will be passed on to the transport company commissioned with the delivery within the scope of the contract, insofar as this is necessary for the delivery of the goods. We will pass on your payment details to the commissioned bank as part of the processing of payments if this is necessary for the processing of payments. Which payment service providers could be used on our website you can see in the points below. The legal basis for the transfer of the data is Art. 6 para. 1 lit. b GDPR.
8.2 Use of payment service providers (payment services)
For payments via PayPal, credit card via PayPal, direct debit via PayPal or - if offered - "purchase on account" or "installment payment" via PayPal, we will transfer your payment data to PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal"). The disclosure is made in accordance with Art. 6 (1) lit. b GDPR and only insofar as this is necessary for the payment process.
You can object to this processing of your data at any time by sending a message to PayPal. However, PayPal may continue to be entitled to process your personal data if this is necessary for the contractual payment process.
9) Use of rating and seal graphics
Store Vote Graphics
To display our ShopVote seal and any collected and/or aggregated evaluations, we have included ShopVote graphics on this website.
This serves to our legitimate interests in the optimal marketing of our offer pursuant to Art. 6 (1) sentence 1 lit. f GDPR. The ShopVote graphics and the advertised services are an offer of Blickreif GmbH, Alter Messeplatz 2, 80339 Munich.
When the ShopVote graphics are called, the web server automatically saves a so-called server log file, which, for example, contains and documents Your IP address, date and time of retrieval, transmitted amount of data and the source of the call (access data). These access data will not be evaluated and will automatically be overwritten within seven days after the end of your page visit. Other personal data will not be collected or stored by the ShopVote graphics.
10) Use of Social Media: Videos
Using Youtube videos
This site uses the Youtube embedding feature to display and play videos from "Youtube", which belongs to Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google").
Regardless of any playback of the embedded video, every time you visit this site, you will be connected to the Google Network, which may cause further data processing without our having any influence.
In any case, Google LLC is certified by the US-European Data Protection Convention "Privacy Shield", which ensures compliance with the data protection standards in the EU. A current certificate can be viewed here: https://www.privacyshield.gov/list
11) Online Marketing
11.1 Facebook Pixel for creating custom audiences
For marketing and advertising purposes of this website the "Facebook pixel" of the social network Facebook is used, which is operated by Facebook Ireland Limited, 4 Grand Canal Quare, Dublin 2, Ireland ("Facebook").
If a user clicks on our ad that is displayed on Facebook, the URL of our linked page will be added by Facebook Pixel. If our site allows pixel data sharing with Facebook, this URL parameter is written into the user's browser via a cookie. This cookie is then read out by Facebook Pixel and allows the data to be forwarded to Facebook.
Facebook Pixel is used for two purposes: to show our advertising only to people, to who it is relevant via so-called “Facebook ads”; or otherwise to display our advertising to the people, who showed already interest in our website through so-called “Custom Audiences”.
With the help of Facebook pixel, we also want to make sure that our Facebook ads meet the potential interest of users and do not seem annoying. This allows us to further evaluate the effectiveness of Facebook advertisements for statistical and market research purposes by understanding whether users have been redirected to our website after clicking on a Facebook ad (so-called "conversion").
The collected data are anonymous to us, so we do not have any information about the identity of the users. However, the data is stored and processed by Facebook, so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes, according to the Facebook data usage policy (https://www.facebook.com/about/privacy/). The data may enable Facebook and its affiliates to display ads on and off Facebook. The data processing associated with the use of the Facebook pixel is due to our predominant legitimate interest in the evaluation, optimization and economic operation of our online offer and our advertising measures in accordance with Art. 6 para. 1 lit. f GDPR.
The information generated by Facebook is usually transmitted to a server of Facebook and stored there, this can also mean transmission to the servers of Facebook Inc. in the United States. US-based Facebook Inc. is certified under US-EU “Privacy Shield”, which ensures compliance with the level of data protection in the EU. In order to contradict the collection by the Facebook pixel and the use of your data for the display of Facebook ads altogether, you can either click on our banner for the cookies preferences and unclick “Marketing Cookies” or on the Facebook website directly https://www.facebook.com/privacy
11.2 Using Google Ads Conversion Tracking
This website uses the Google Ads online advertising program and, as part of Google Ads, Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google") conversion tracking. We use the offer of Google Ads to draw attention to our attractive offers with the help of advertising materials (so-called Google Adwords) on external websites. With this measure, we can determine how successful the individual advertising measures are. In doing so, we aim to show you only the advertising, which is relevant to you and in order to make our website more interesting and to achieve a fair calculation of the advertising costs incurred.
The conversion tracking cookie is set when a user clicks on a Google-served ads ad. Cookies are small text files that are stored on your device. These cookies usually lose their validity after 30 days and are not used for personal identification. If the user visits certain pages on this website and the cookie has not yet expired, Google and we can recognize that the user clicked on the ad and was redirected to this page. Each Google Ads customer receives a different cookie. Cookies cannot be tracked through Google Ads customer sites. The information gathered using the conversion cookie is used to generate conversion statistics for Google Ads customers who have opted for conversion tracking. We do not receive any information that personally identifies users. If you do not want to participate in tracking, you can block this usage by disabling the Google Conversion Tracking cookie through its Internet browser in "User Preferences", by doing so you will no longer be included in the conversion tracking statistics. We use Google Ads based on our legitimate interest in targeted advertising based on Art. 6 (1) lit. f GDPR. As part of the use of Google Ads, it may also lead to a transfer of personal information to the servers of Google LLC in the US.
Google LLC is certified for the European Data Protection Convention US-EU "Privacy Shield", which ensures compliance with the data protection standard in force in the EU. A current certificate can be viewed here: https://www.privacyshield.gov/list
You can permanently deactivate cookie/-s by blocking them by changing your browser settings or by downloading and installing the browser plug-in available under the following link:
12) Web analysis services
This website uses Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"). Google Analytics uses so-called cookies, which are text files that are stored on your computer and that allow an analysis of your use of this website. The information generated by the cookie about your use of this website (including the shortened IP address) is usually transmitted to and stored by Google on a server, in which case it may also be transmitted to the servers of Google LLC in the US.
This website uses Google Analytics exclusively with the extension "_anonymizeIp ()", which shortens your IP address to ensure anonymization and excludes a direct personal reference. The extension will shorten your IP address before it goes to Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a server of Google LLC.in the USA and shortened there. In these exceptional cases, this processing is carried out in accordance with Art. 6 (1) lit. f GDPR based on our legitimate interest in the statistical analysis of user behavior for optimization and marketing purposes.
Google will use this information on our behalf to evaluate your use of the website, to compile reports on website activity and to provide us with other services related to website activity and internet usage. The IP address provided by Google Analytics within the framework of Google Analytics will not be merged with other data provided by Google.
You can prevent the storage of cookies by setting your browser accordingly. However, please be aware that if you do this you may not be able to use the full functionality of this website. In addition, you may prevent the collection of the data by Google generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de
As an alternative, you can unclick the use of Marketing cookies on our website at the cookies preferences.
In the case of transmission of personal data to Google LLC. Based in the US, Google LLC is certified for the US-European Data Protection Convention "Privacy Shield", which ensures compliance with the data protection standard in force in the EU. A current certificate can be viewed here: https://www.privacyshield.gov/list
More information about Google (Universal) Analytics can be found here: https://support.google.com/analytics/answer/2838718?hl=en&ref_topic=6010376
13) Retargeting / Remarketing / Referral Advertising
AdRoll (AdRoll Advertising Ltd.)
This website uses retargeting technology from AdRoll Advertising Ltd, Level 6, 1, Burlington Plaza, Burlington Road, Dublin 4, Ireland ("AdRoll"). This makes it possible to specifically target visitors to our websites with personalized, interest-based advertising that has already taken an interest in our shop and our products. The display of the advertising material is based on a cookie-based analysis of the previous usage behavior. In the case of retargeting technology, a cookie is stored on your computer or mobile device in order to collect pseudonymized data about your interests and thus to adapt the advertising individually to your preferences. These cookies are small text files that are stored on your computer or mobile device. You will see ads that are likely to match your product and information interests. Insofar as the information collected has a personal reference, the processing is carried out in accordance with Art. 6 (1) lit. f GDPR on the basis of our legitimate interest in the display of personalized advertising and market research.
14) Tools and Miscellaneous
14.1 Google reCAPTCHA
On this website, we also use the reCAPTCHA feature of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"). This function is primarily used to distinguish whether an input is made by a natural person or abused by bots and automated processing. The service includes the sending of the IP address and any other data required by Google for the reCAPTCHA service to Google and is carried out in accordance with Art. 6 (1) lit. f GDPR on the basis of our legitimate interest in the determination of individual responsibility on the Internet and the prevention of abuse and spam. As part of the use of Google reCAPTCHA, it could also happen that also personal information is transferred to the servers of Google LLC in the US.
In the case of transmission of personal data to the Google LLC, based in the US, Google LLC is certified for the US-European Data Protection Convention "Privacy Shield", which ensures compliance with the data protection standard in force in the EU. A current certificate can be viewed here: https://www.privacyshield.gov/list
14.2 Google Maps
On our website, we use Google Maps (API) from Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"). Google Maps is a web service for displaying interactive (land) maps to visually represent geographic information. As soon as you visit those subpages where the map of Google Maps is integrated, information about your use of our website (such as your IP address) will be transmitted to and stored by Google's servers, in which case it may also be sent to the servers the Google LLC in the US. This is done regardless of whether you are logged in the google account or not. When you're logged in to Google, your data will be assigned directly to your account. If you do not wish to be associated with your profile on Google, you must log out before visiting our website. Google stores your data (even for non-logged-in users) as usage profiles and evaluates them. The collection, storage, and evaluation are carried out in accordance with Art. 6 (1) lit. f GDPR based on the legitimate interest of Google in the display of personalized advertising, market research and/or the needs of designing Google websites. You have the right to object to the creation of these user profiles, and you must contact Google to use them.
In the case of transmission of personal data to Google LLC. Based in the US, Google LLC is certified for the US-European Data Protection Convention "Privacy Shield", which ensures compliance with the data protection standard in force in the EU. A current certificate can be viewed here: https://www.privacyshield.gov/list
15) Rights of the person concerned
15.1 The applicable data protection law grants you the following comprehensive data protection rights (information and intervention rights):
- Right to demand the information according to Art. 15 GDPR: In particular, you have a right to request the information about the personal data processed by us, the processing purposes, the categories of processed personal data, the recipients or categories of recipients to whom your data has been disclosed, the prospective storage period or criteria for defining the storage of such, the right of rectification, deletion, limitation of processing, objection to processing, complaint to a supervisory authority, the origin of your data, if they were not collected by us, the existence of automated decision-making, including profiling and, where appropriate, meaningful information about the logic involved and the scope involved and the intended effects of such processing, as well as your right to be informed, which is guaranteed to you by Art. 46 GDPR, when your data is sent to third countries;
- Right for correction based on Art. 16 GDPR: You have the right to immediate correction of incorrect data concerning you and/or completion of your incomplete data stored by us;
- Right for cancellation according to Art. 17 GDPR: You have the right to demand the deletion of your personal data if the requirements of Art. 17 (1) GDPR are met. However, that right does not apply, if the processing is necessary for the exercise of the right for freedom of expression and information, for the fulfillment of a legal obligation/-s, for reasons of public interest or for the exercise, pursuit or defense of rights;
- Right to restriction of the processing according to Art. 18 GDPR: You have the right to demand the restriction of processing of your personal data, to the extent that the accuracy of the data is contested by you, processing is unlawful, but you oppose erasure and we no longer need the personal data, but you still require them for the establishment, exercise or defense of legal claims or you have objected to processing pursuant to Article 21 GDPR;
- Right to information in accordance with Article 19 GDPR: If you have asserted the right to rectify, delete or limit the processing to the person responsible, this person is obliged to rectify or delete the data to all recipients to whom the personal data relating to you have been disclosed or limit the processing of it, unless proved to be impossible or involves disproportionate effort. You have the right to be informed about those recipients.
- Right to receive the data, which you have provided to us, in accordance with Article 20 GDPR, in a structured, commonly used and machine-readable format or to demand transmission to another controller, as far as this is technically feasible;
- Right to withdraw the granted consent pursuant to Art. 7 (3) GDPR: You have the right to revoke a consent once given for the processing of data at any time with future effect. In the case of withdrawal, we will delete the data concerned immediately, as far as further processing cannot be based on a legal basis for consentless processing. The revocation of consent does not affect the lawfulness of the processing effected on the basis of the consent until the withdrawal;
- The right to appeal under Article 77 GDPR: If you are of the opinion that the processing of personal data is against the GDPR, you have the right to complain to a supervisory authority. Usually, you may contact such authority at your place of residence, your place of work or the place of our registration.
15.2 OPPOSITION RIGHT
IF WE HAVE PROCESSED YOU DATA FOR LEGITIMATE REASONS, YOU HAVE THE RIGHT TO OBJECT, ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION, AT ANY TIME TO OUR PROCESSING OF YOUR PERSONAL DATA BASED ON POINT (e) OR (f) OF ARTICLE 6 (1). WE WILL NO LONGER PROCESS YOUR DATA UNLESS THERE ARE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING, WHICH OVERRIDE THE INTERESTS, RIGHTS, AND FREEDOMS OF YOURS OR FOR THE ESTABLISHMENT, EXERCISE OR DEFENCE OF LEGAL CLAIMS.
SHOULD YOU EXERCISE YOUR RIGHT TO OBJECT AGAINST DIRECT MARKETING, WE WILL STOP THE PROCESSING FOR DIRECT MARKETING WITHOUT ANY NEED FOR A PARTICULAR PERSONAL SITUATION.
If you want to exercise your withdrawal right or right to object, simply send us an email to email@example.com or use our contact form on the website.
16) Duration of storage of personal data
The duration of the storage of personal data is based on the respective legal basis, the purpose of processing and - if applicable - additionally based on the respective statutory retention period (for example, commercial and tax retention periods).
In the processing of personal data on the basis of explicit consent pursuant to Art. 6 (1) lit. a GDPR, these data are stored until the person withdraws his/her consent.
There are statutory retention periods for data which, in the context of legal or similar obligations, are processed based on Art. 6 (1) lit. b GDPR, these data are routinely deleted after expiry of the retention periods, if they are no longer required for the fulfillment of the contract or for initiating a contract and/or if there is no legitimate interest in the re-storage on our part.
In the processing of personal data on the basis of Art. 6 (1) lit. f GDPR, these data will be stored until the person concerned exercises his right of objection under Art. 21 (1) GDPR, unless we can prove compelling legitimate grounds for processing that outweigh the interests, rights, and freedoms of the person concerned, or the processing serves the assertion, exercise or defense of legal claims.
In the processing of personal data for the purpose of direct advertising on the basis of Art. 6 (1) lit. f DGPR, these data will be stored until you exercise his right of objection under Art. 21 (2) GDPR.
Date of Current Data Privacy Statement Validity: 04.09.2019