Privacy policy

1. General information


1.1 What are personal data

Personal data is information that discloses or may disclose the identity of the user. We adhere to the principle of data avoidance. As far as possible, we refrain from collecting personal data.


1.2 Handling of personal data

Personal data is used exclusively for the purpose of establishing the contract, structuring its content, implementing or handling the contractual relationship (Art. 6 I S. 1 b GDPR).


In addition, personal data will only be processed if we have received your consent to do so (Art. 6 I p. 1 a GDPR) or if the processing of such data is necessary for our legitimate interests and provided that the weighing of interests shows that there are no overriding interests, fundamental rights or fundamental freedoms that conflict with your interests (Art. 6 I p. 1 f GDPR).


We may use contract processors to process your personal data, but will not pass on your personal data to third parties.


The data will only be passed on to the shipping company commissioned with the delivery for the fulfillment of the contract, insofar as this is necessary for the delivery of ordered goods. In order to process payments, the necessary payment data will be passed on to the credit institution commissioned with the payment and, if applicable, to the commissioned and selected payment service provider.


The processing of your personal data takes place exclusively within the EU unless otherwise stated below.


1.3 Usage data

General technical information is collected when visiting the website. These are the IP address used, time of day, duration of the visit, browser type and, if applicable, the originating page. This usage data is registered in a log file for technical reasons and can be used and stored for the purpose of statistical evaluation of this website. This usage data is not linked to your other personal data.


1.4 Registration data

Registration is required for the full use of the functions of our website. The registration data is collected through your corresponding entries and used for the specifically stated purpose according to your consent (Art. 6 I S. 1 a GDPR).


1.5 Duration of storage

We store your personal data after the end of the purpose for which the data was collected, only as long as this is necessary due to legal (especially tax) regulations.



2. Your rights


2.1 Information

You can request information from us as to whether we process personal data about you and, if this is the case, you have the right to be informed of this personal data and the other information mentioned in Art. 15 GDPR.


2.2 Right of rectification

You have the right to rectify incorrect personal data concerning you and, in accordance with Art. 16 of the GDPR, you may request the completion of incomplete personal data.


2.3 Right to deletion

You have the right to demand from us that the personal data concerning you be deleted immediately. We are obliged to delete them immediately, especially if one of the following reasons applies:

– Your personal data is no longer necessary for the purposes for which it was collected or otherwise processed.

– You revoke your consent on which the processing of your data was based and there is no other legal basis for the processing.

– Your data have been processed unlawfully.

The right to deletion does not exist insofar as your personal data is necessary for the assertion, exercise or defense of our legal claims.


2.4 Right to limit processing

You have the right to request us to limit the processing of your personal data if

– you dispute the accuracy of the data and we, therefore, verify the accuracy,

– the processing is unlawful and you refuse to delete it and instead request that its use be restricted,

– we no longer need the data, but you need it to assert, exercise or defend legal claims,

– you have lodged an objection to the processing of your data and it is not yet clear whether our legitimate reasons outweigh your reasons.


2.5 Right to data transferability

You have the right to receive the personal data concerning you that you have provided to us in a structured, common and machine-readable format and you have the right to transfer this data to another controller without hindrance from us, provided that the processing is based on consent or a contract and the processing is carried out by us using automated procedures.


2.6 Right of withdrawal

If the processing of your personal data is based on consent, you have the right to revoke this consent at any time.


2.7 General and right of complaint

The exercise of your aforementioned rights is basically free of charge for you. You have the right to contact the supervisory authority responsible for us, the State Data Protection Commissioner, directly in the event of complaints.



3. data security


3.1 Data security

All data on our website is protected by technical and organizational measures against loss, destruction, access, modification and distribution.


3.2 Sessions and cookies

For the operation of our website, we use cookies or server-side sessions in which data can be stored. We ensure that no personal data is transferred from sessions or through cookies without your express consent and that cookies are only used if this is technically necessary for the website (e.g., spam protection for contact form, shopping basket function) and thus the weighing shows that no predominant interests on your part are opposed (Art. 6 I S. 1 f GDPR) or an express consent on your part is present.

After your express consent, we use cookies to personalize content and advertisements, to offer functions for social media and to analyze access to our website. With your consent, we can pass on the information on your use of our website to our partners for social media, advertising and analysis. Our partners may be able to combine this information with other data that the partners already have about you.

Below you will find the domain, name and duration of the cookies used only with your consent:



Site cookies



4. Newsletter


If you register for our newsletter, we will use the data required for this purpose or data provided separately by you to send you our e-mail newsletter regularly on the basis of your consent in accordance with Art. 6 Para. 1 S. 1 lit. a GDPR. You can unsubscribe from the newsletter at any time and either by sending us a message via the contact details given in the imprint or via the link provided for this purpose in the newsletter. After unsubscribing, we will delete your e-mail address unless you have expressly consented to further use of your data or we reserve the right to use your data in a manner that goes beyond that which is legally permitted and about which we inform you in this declaration.



5. Presence on social media platforms


We use the following social media platforms for company presentation and communication (the following linked privacy statements and opt-out options are expressly referred to).


Facebook (Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland)

Privacy policy:

Opt-out: alternatively


Instagram (Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA)

Privacy policy and opt-out:


YouTube (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland)

Privacy policy:


These social media platforms may process personal data outside the EU and we refer to the above privacy statements of the social media platforms.

The respective social media platforms may create user profiles from your usage behavior and the resulting interests and actions on your part and save cookies on your computer in which your usage behavior is stored. If you have an account on the respective social media platform and are logged in, your usage behavior can even be saved independently of the device. Your user profile can be used, for example, to place advertisements that presumably correspond to your interests.


We process the personal data exclusively for communication with you via the social media platform you have chosen and for the optimization of our online presence and ensure that no interests on your part are affected which outweigh this legitimate interest on our part (Art. 6 I S. 1 f GDPR). Insofar as you have already given the respective operator of the social media platform effective consent to the corresponding data processing, the processing of your personal data will also be based on this consent (Art. 6 I S. 1 a GDPR).



6. Third-party services


6.1 Social media links

We have our own social media pages at third-party providers that can be reached via links from this website. By using the links, you will be able to reach the respective websites of the third-party providers (e.g., Facebook, Twitter). In order to avoid unnecessary data transfer, we recommend that you log out of the respective third-party provider before using a link so that the use of the link does not result in the creation of user profiles by the third-party provider.


6.2 Use of Google Remarketing Pixels

We use the “Double Click Remarketing Pixel” remarketing feature of Google on this website, operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). This feature allows us to target visitors to this website as customers with advertisements. With this remarketing, a pixel is embedded on our pages. A pixel is a small, invisible code snippet that Ad Exchange uses to store cookies from website visitors. When users visit our pages, the cookie is added to the remarketing list. The pixel is used to establish a direct connection to the Google server when visiting our website. The Google server is thus transmitted to which of our websites the customer has visited. Further information on the collection and use of data by Google, on your rights in this regard and on ways to protect your privacy can be found in the data protection information regarding Google’s advertising at Users can deactivate the DoubleClick cookies by visiting the following websites: or


6.3 Google Web Fonts

We use so-called web fonts from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”) to display a uniform font on our website. These are automatically stored in your browser cache when you call up one of our pages to enable the desired display. If your browser does not support the web fonts used, a standard font of your computer may be used. This does not affect any user interests that outweigh this technical necessity (Art. 6 I p. 1 f GDPR). You can view Google’s privacy policy here: Further information on Google Web Fonts can be found at


6.4 Use of Youtube

This website and the integrated offers contain so-called embeddings of videos on YouTube. These enable the connection to YouTube and the videos stored there. YouTube is an offer from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). No user interests are affected here which outweigh this technical necessity of integrating the videos (Art. 6 I p. 1 f GDPR). The purpose and scope of data collection and data use by Google, as well as your rights and setting options for protection as a YouTube customer, can be found in the YouTube privacy policy. You can find this under:



7. contacting


To contact us regarding data protection, you are welcome to use the following contact options. Responsible in the terms of the GDPR:


B. A. Beauty GmbH

Alte Rothofstraße 2-4

60313 Frankfurt


Phone: +49 69 97691071