1. General information
1.1 What are personal data
Personal data is information that discloses or may disclose the identity of the user. We adhere to the principle of data avoidance. As far as possible, we refrain from collecting personal data.
1.2 Handling of personal data
Personal data is used exclusively for the purpose of establishing the contract, structuring its content, implementing or handling the contractual relationship (Art. 6 I S. 1 b GDPR).
In addition, personal data will only be processed if we have received your consent to do so (Art. 6 I p. 1 a GDPR) or if the processing of such data is necessary for our legitimate interests and provided that the weighing of interests shows that there are no overriding interests, fundamental rights or fundamental freedoms that conflict with your interests (Art. 6 I p. 1 f GDPR).
We may use contract processors to process your personal data, but will not pass on your personal data to third parties.
The data will only be passed on to the shipping company commissioned with the delivery for the fulfillment of the contract, insofar as this is necessary for the delivery of ordered goods. In order to process payments, the necessary payment data will be passed on to the credit institution commissioned with the payment and, if applicable, to the commissioned and selected payment service provider.
The processing of your personal data takes place exclusively within the EU unless otherwise stated below.
1.3 Usage data
General technical information is collected when visiting the website. These are the IP address used, time of day, duration of the visit, browser type and, if applicable, the originating page. This usage data is registered in a log file for technical reasons and can be used and stored for the purpose of statistical evaluation of this website. This usage data is not linked to your other personal data.
1.4 Registration data
Registration is required for the full use of the functions of our website. The registration data is collected through your corresponding entries and used for the specifically stated purpose according to your consent (Art. 6 I S. 1 a GDPR).
1.5 Duration of storage
We store your personal data after the end of the purpose for which the data was collected, only as long as this is necessary due to legal (especially tax) regulations.
2. Your rights
You can request information from us as to whether we process personal data about you and, if this is the case, you have the right to be informed of this personal data and the other information mentioned in Art. 15 GDPR.
2.2 Right of rectification
You have the right to rectify incorrect personal data concerning you and, in accordance with Art. 16 of the GDPR, you may request the completion of incomplete personal data.
2.3 Right to deletion
You have the right to demand from us that the personal data concerning you be deleted immediately. We are obliged to delete them immediately, especially if one of the following reasons applies:
– Your personal data is no longer necessary for the purposes for which it was collected or otherwise processed.
– You revoke your consent on which the processing of your data was based and there is no other legal basis for the processing.
– Your data have been processed unlawfully.
The right to deletion does not exist insofar as your personal data is necessary for the assertion, exercise or defense of our legal claims.
2.4 Right to limit processing
You have the right to request us to limit the processing of your personal data if
– you dispute the accuracy of the data and we, therefore, verify the accuracy,
– the processing is unlawful and you refuse to delete it and instead request that its use be restricted,
– we no longer need the data, but you need it to assert, exercise or defend legal claims,
– you have lodged an objection to the processing of your data and it is not yet clear whether our legitimate reasons outweigh your reasons.
2.5 Right to data transferability
You have the right to receive the personal data concerning you that you have provided to us in a structured, common and machine-readable format and you have the right to transfer this data to another controller without hindrance from us, provided that the processing is based on consent or a contract and the processing is carried out by us using automated procedures.
2.6 Right of withdrawal
If the processing of your personal data is based on consent, you have the right to revoke this consent at any time.
2.7 General and right of complaint
The exercise of your aforementioned rights is basically free of charge for you. You have the right to contact the supervisory authority responsible for us, the State Data Protection Commissioner, directly in the event of complaints.
3. data security
3.1 Data security
All data on our website is protected by technical and organizational measures against loss, destruction, access, modification and distribution.
3.2 Sessions and cookies
Below you will find the domain, name and duration of the cookies used only with your consent:
If you register for our newsletter, we will use the data required for this purpose or data provided separately by you to send you our e-mail newsletter regularly on the basis of your consent in accordance with Art. 6 Para. 1 S. 1 lit. a GDPR. You can unsubscribe from the newsletter at any time and either by sending us a message via the contact details given in the imprint or via the link provided for this purpose in the newsletter. After unsubscribing, we will delete your e-mail address unless you have expressly consented to further use of your data or we reserve the right to use your data in a manner that goes beyond that which is legally permitted and about which we inform you in this declaration.
5. Presence on social media platforms
We use the following social media platforms for company presentation and communication (the following linked privacy statements and opt-out options are expressly referred to).
Facebook (Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland)
Opt-out: https://www.facebook.com/settings?tab=ads alternatively http://www.youronlinechoices.com
Instagram (Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA)
YouTube (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland)
These social media platforms may process personal data outside the EU and we refer to the above privacy statements of the social media platforms.
The respective social media platforms may create user profiles from your usage behavior and the resulting interests and actions on your part and save cookies on your computer in which your usage behavior is stored. If you have an account on the respective social media platform and are logged in, your usage behavior can even be saved independently of the device. Your user profile can be used, for example, to place advertisements that presumably correspond to your interests.
We process the personal data exclusively for communication with you via the social media platform you have chosen and for the optimization of our online presence and ensure that no interests on your part are affected which outweigh this legitimate interest on our part (Art. 6 I S. 1 f GDPR). Insofar as you have already given the respective operator of the social media platform effective consent to the corresponding data processing, the processing of your personal data will also be based on this consent (Art. 6 I S. 1 a GDPR).
6. Third-party services
6.1 Social media links
We have our own social media pages at third-party providers that can be reached via links from this website. By using the links, you will be able to reach the respective websites of the third-party providers (e.g., Facebook, Twitter). In order to avoid unnecessary data transfer, we recommend that you log out of the respective third-party provider before using a link so that the use of the link does not result in the creation of user profiles by the third-party provider.
6.2 Use of Google Remarketing Pixels
We use the “Double Click Remarketing Pixel” remarketing feature of Google on this website, operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). This feature allows us to target visitors to this website as customers with advertisements. With this remarketing, a pixel is embedded on our pages. A pixel is a small, invisible code snippet that Ad Exchange uses to store cookies from website visitors. When users visit our pages, the cookie is added to the remarketing list. The pixel is used to establish a direct connection to the Google server when visiting our website. The Google server is thus transmitted to which of our websites the customer has visited. Further information on the collection and use of data by Google, on your rights in this regard and on ways to protect your privacy can be found in the data protection information regarding Google’s advertising at http://www.google.com/policies/technologies/ads/. Users can deactivate the DoubleClick cookies by visiting the following websites:
https://www.google.de/settings/ads/anonymous?sig=ACi0TCgs7SqFp3lN7Bx8arrH0dIHs2SLA-5DJ1SGFoHgFPlezJZBsR32IdFw0zp7mcu1lpuiEO0jUwYVPXnyo857jkrVHpCum96q2lWm1ZUt3Lb68im0l84&hl=de#display_optout or http://www.networkadvertising.org/choices/
6.3 Google Web Fonts
6.4 Use of Youtube
To contact us regarding data protection, you are welcome to use the following contact options. Responsible in the terms of the GDPR:
B. A. Beauty GmbH
Alte Rothofstraße 2-4