Data privacy statement
We appreciate your interest in our website. Protecting your privacy is very important to us. This data protection declaration clarifies the type, scope and purpose of the processing of personal data within our online shop and the websites, functions and content connected to it, as well as external online presences, e.g. our social media profile.
Responsible body for the collection, processing and use of your personal data i.S. the General Data Protection Regulation (GDPR) is:
Dorothy Roffat Cosmetics GmbH
Prager Straße 12
E-Mail address: firstname.lastname@example.org
Managing director / owner: Dorothy Roffat
If you want to object to individual measures of the collection, processing and use of your personal data, please send your objection to email@example.com. For a postal objection, use the postal address given below. At any time, you have the option of requesting information about your stored data free of charge using the contact details provided.
2. Collection, processing and use of personal data
2.1 Personal data
Personal data means all information on factual or personal circumstances of a natural person. This includes, among other things, your telephone number, your name, your address details and your e-mail address, which you provide when completing the order, when registering for a customer account or when sending the contact form to us.
2.2 Customer account
By registering with us in the online shop, a personal, password-protected customer account will be created for you. This stores your basic data such as name, billing address, delivery address, telephone number, email, preferred shipping and payment method and the order history, which you can view at any time. In addition, you have the option to manage newsletter subscriptions and unsubscriptions in your customer account. You are obliged to treat your personal access data such as user name and password with strict confidentiality and to protect them against access by unauthorized third parties. We expressly point out that we assume no liability for any misuse of your access data that is your fault. We therefore advise you to use passwords that have at least 8 characters and consist of lower and upper case letters, as well as numbers and special characters. If you do not log out of your customer account, you will automatically remain logged in. Your password will only be requested again if you change your personal profile or place a new order.
2.3 Data collection and use for contract processing
Data protection is our top priority. For this reason, we strictly adhere to the legal provisions of the Federal Data Protection Act and the Telemedia Act when collecting, processing and using your personal data. We collect personal data if you voluntarily provide it to us as part of your order, when you contact us (e.g. via the contact form or email) or when you open a customer account. Which data is collected can be seen from the respective input forms. We use the data you provide to process the contract and process your inquiries. After completion of the contract or deletion of your customer account, your data will be blocked for further use and deleted after the tax and commercial retention periods, unless you have expressly consented to further use of your data or we reserve the right to use the data beyond that is permitted by law and about which we will inform you below. Deleting your customer account is possible at any time and can be done by sending a message to the contact option below.
2.4 Data transfer for contract fulfillment
To fulfill the contract, we pass on your data to the shipping company commissioned with the delivery, insofar as this is necessary for the delivery of ordered goods. Depending on which payment service provider you selected in the ordering process, we will forward the payment data collected for this to the credit institution commissioned with the payment and, if applicable, the payment service provider commissioned by us or the selected payment service provider to process payments. Some of the selected payment service providers also collect this data themselves, provided that you have created an account there. In this case, you must log in to the payment service provider with your access data during the ordering process. In this respect, the data protection declaration of the respective payment service provider applies.
2.5 Use of data when registering for the e-mail newsletter
If you register for our newsletter, we will use the data required for this or separately provided by you in order to regularly send you our email newsletter in accordance with your consent. You can unsubscribe from the newsletter at any time and either by sending a message to the contact details below or by using the link provided in the newsletter. Our newsletter is sent by the shipping service provider: Mailchimp - The Rocket Science Group, LLC, 675 Ponce de Leon Ave NE Suite 5000, Atlanta, GA 30308 USA. You can view the data protection regulations of the shipping service provider here: https://mailchimp.com/legal/privacy/. The shipping service provider is based on our legitimate interests. Art. 6 para. 1 lit. f GDPR and an order processing contract in accordance with 28 para. 3 sentence 1 GDPR. The shipping service provider can store the recipient's data in pseudonymous form, i.e. use without assignment to a user, to optimize or improve their own services, e.g. use for technical optimization of the dispatch and presentation of the newsletter or for statistical purposes. However, the shipping service provider does not use the data of our newsletter recipients to write to them themselves or to pass the data on to third parties.
2.6 Use of data for mail advertising and your right to object
In addition, we reserve the right to summarize your first and last name, your postal address and - insofar as we have received this additional information from you within the framework of the contractual relationship - your title, academic degree, year of birth and your professional, industry or business name Save lists and use them for your own advertising purposes, e.g. to send interesting offers and information about our products by post. You can object to the storage and use of your data for these purposes at any time by sending a message to the contact option below.
2.7 Competitions, market and opinion research
If you participate in one of our competitions, we use the data provided there for the purpose of notifying you of the prize and promoting our offers. You will find detailed information on the competition conditions and participation in the respective competition. In order for us to further develop our offers and services in the best possible way, we also use this data for market and opinion research purposes. This is done anonymously. All information is not passed on to third parties and is only used for our own statistical purposes. You can object to the use of data for market and opinion research at any time in full or for certain purposes. For this you can use the contact option below and send us a written cancellation by email, letter or fax. In every survey you will also find a link to unsubscribe.
In order to make visiting our website attractive and to enable the use of certain functions, we use so-called cookies on various pages. These are small text files that are saved on your device. Some of the cookies we use are deleted after the end of the browser session, i.e. after you close your browser (so-called session cookies). Other cookies remain on your device and enable us to recognize your browser the next time you visit (persistent cookies). You can set your browser so that you are informed about the setting of cookies and decide individually whether to accept them or to exclude the acceptance of cookies for certain cases or in general. If cookies are not accepted, the functionality of our website may be restricted.
4. LOG FILES
You can visit our website without providing any personal information. We only store access data in so-called server log files, e.g. Date and time of access, name of the page accessed, IP address, URL of origin, the amount of data transferred, as well as product and version information of the browser used. Your IP address will be deleted or anonymized after use has ended. With anonymization, the IP addresses are changed in such a way that the individual details about personal or factual circumstances can no longer be assigned. This data is only evaluated to ensure trouble-free operation of the site and to improve our offer and do not allow us to draw any conclusions about you personally.
5. Use of external services
5.1 Use of GOOGLE ANALYTICS
This website uses Google (Universal) Analytics, a web analytics service provided by Google Inc. (www.google.de). Google (Universal) Analytics uses methods that enable your use of the website to be analyzed, such as so-called “cookies”, text files that are stored on your computer. The information generated about your use of this website is usually transferred to a Google server in the USA and stored there. By activating IP anonymization on this website, the IP address will be shortened before transmission within the member states of the European Union or in other contracting states of the Agreement on the European Economic Area. The full IP address will only be transmitted to a Google server in the USA and abbreviated there in exceptional cases. The anonymized IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. You can prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available under the following link : http://tools.google.com/dlpage/gaoptout?hl=de As an alternative to the browser plugin, you can click this link to prevent Google Analytics from collecting data on this website in the future. An opt-out cookie is placed on your device. If you delete the cookies, you must click the link again.
The hosting services used by us serve to provide the following services: infrastructure and platform services, computing capacity, storage space and database services, security services and technical maintenance services that we use for the purpose of operating this online offer. Here, we or our hosting provider process inventory data, contact data, content data, contract data, usage data, meta and communication data of customers, interested parties and visitors to this online offer based on our legitimate interests in the efficient and secure provision of this online offer in accordance with. Art. 6 para. 1 lit. f GDPR in conjunction Art. 28 GDPR (conclusion of an order processing contract).
6. Integration of external content
We use content or service offers from third-party providers within our online offer based on our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 Para. 1 lit. Videos or fonts. This always presupposes that the third-party providers of this content perceive the IP address of the user, since without the IP address they could not send the content to their browser. The IP address is therefore required to display this content. We strive to only use content whose respective providers only use the IP address to deliver the content. Third-party providers can also use so-called pixel tags (invisible graphics, also known as "web beacons") for statistical or marketing purposes. The "pixel tags" can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information can also be stored in cookies on the user's device and contain, among other things, technical information about the browser and operating system, referring websites, time of visit and other information on the use of our online offer, as well as being linked to such information from other sources.
We integrate the videos from the “YouTube” platform from Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. Data protection declaration: https://www.google.com/policies/privacy/, opt-out: https://adssettings.google.com/authenticated.
6.2 Google Maps
We integrate the maps of the service “Google Maps” from Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. Data protection declaration: https://www.google.com/policies/privacy/, opt-out: https://adssettings.google.com/authenticated.
6.3 Google Fonts
We integrate the fonts ("Google Fonts") from the provider Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. Data protection declaration: https://www.google.com/policies/privacy/, opt-out: https://adssettings.google.com/authenticated.
7. Secure data transmission
All of your personal data is securely transmitted through encryption. This applies to every order, form entries and customer login. We use the SSL (Secure Socket Layer) coding system for this. In addition, our website and all other systems are protected by technical and organizational measures against loss, destruction, access, modification or distribution of your data by unauthorized persons.
8. Deletion of data
The data processed by us is deleted in accordance with Art. 17 and 18 GDPR or its processing is restricted. Unless expressly stated in this data protection declaration, the data stored by us will be deleted as soon as it is no longer required for its intended purpose and there are no statutory retention requirements to prevent deletion. If the data is not deleted because it is required for other and legally permissible purposes, its processing will be restricted. That the data will be blocked and not processed for other purposes. This applies e.g. for data that must be kept for commercial or tax reasons. According to legal requirements in Germany, storage is carried out in particular for 6 years in accordance with Section 257 (1) HGB (trading books, inventories, opening balance sheets, annual accounts, trading letters, booking receipts, etc.) and for 10 years in accordance with Section 147 (1) AO (books, records , Management reports, booking vouchers, commercial and business letters, documents relevant for taxation, etc.).
9. Right to information and contact options
You have the right to free information about the data we have stored about you and, if necessary, the right to correct, block or delete this data. If you have any questions about the collection, processing or use of your personal data, information, correction, blocking or deletion of data as well as revocation of any given consent or objection to a specific use of data, please contact: Dorothy Roffat Cosmetics GmbH, Hauptstraße 21, 01909 Schmiedefeld Telephone: +49 35954 520740, email: firstname.lastname@example.org. Storage of access data in server log files You can visit our website without being required to provide personal information. In these cases we will merely record access data in so-called server log files, including information on the name of the requested file, the date and time of access, the transmitted data volume and the provider submitting the enquiry. The data is used solely for ensuring fault-free operation of the website and helping us improve our online offerings. It does not disclose any information in respect to who you are.
Data collection and use for contract fulfilment and when opening a customer account
We record personal data that you provide voluntarily, for instance when you place an order, make contact with us (e.g. using the contact form or by email) or when you open a customer account. The respective input forms state which data is recorded. We use the information communicated by you in such cases for performing the individual contract in question and to deal with your enquiries. Following complete performance of the specific contract or deletion of your user account, your data is blocked for any further use, and will be deleted upon expiry of the retention periods prescribed under tax and commercial law unless you have expressly consented to the further use of your data or if we have reserved the right to use the data extending beyond such use, where this is permitted by law and we have informed you below. You can delete your customer account at any time, either by sending a message using one of the contact methods given below or by using the feature designed for this purpose in your customer account.
Data disclosure for contract fulfilment
To fulfil the contract, we will share your data with the shipping company commissioned with the delivery to the extent required for the supply of the goods ordered. Depending on the payment service you select during the ordering process, we pass on the data collected for the settlement of payments to the to the credit institution commissioned to process payments and any payment service commissioned by us or to the selected payment service. Some of the selected payment service providers collect this data when you open an account with them. In this case, you have to sign in during the ordering process with your new login for the payment service provider. The data privacy statements of each payment service provider shall apply.
Data use in signing up for e-mail newsletters
If you sign up to our newsletter, we will use the data required for this purpose, or which you have separately communicated to us in order to send you our regular email newsletter for which you have subscribed. You are entitled to unsubscribe to the newsletter at any time simply by sending a message to the contact options shown below or by clicking on the unsubscribe link in the newsletter.
Data use for email marketing and your right to opt out
In addition, we reserve the right to store your surname and first name, your postal address and, if we have received such additional details in the course of our contractual relationship with you, your title, academic degree, your date of birth and your professional title, sector or business designation in summary lists and to use these for our own advertising purposes, e.g. to forward offers of goods and services that may be of interest to you, as well as information on our products by post. You are entitled at any time to object to this use of your email address by notification to the contact options given below or by clicking on a dedicated link in the marketing email.
We use the so-called cookies on some of our pages in order to make your visit to our website as attractive as possible and to enable the use of certain functions. Cookies are small text files that are stored on your device. Some of the cookies we use are deleted at the end of your browser session (session cookies). Other cookies remain on your terminal device and allow us to recognise your browser the next time you visit us (permanent cookies). You can adjust the settings of your browser in such a way that you will be informed when cookies are placed on your device; in these cases you can decide individually to accept or reject cookies for certain cases, or to reject them entirely. Rejecting cookies may restrict the features available on our website.
Use of Google (Universal) Analytics for web analytics
This website uses Google Analytics, a web analytics service provided by Google Inc. (www.google.de). Google (Universal) Analytics uses methods that allow analysis of your use of the website, such as the so-called "cookies" (i.e. text files that are stored on your computer). The information generated by the cookie about your use of this website is generally transmitted to and stored on a Google server in the United States. In case of activation of IP anonymization on this website, Google will, however, truncate your IP address beforehand within Member States of the European Union or other parties to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. The IP address transmitted by your browser in connection with Google Analytics will not be associated with any other data held by Google.
You may prevent the storage of data created by the cookie relating to your use of the website (including your IP address) to Google and processing of such data by Google by downloading and installing the browser plug-in accessible under the following link: http://tools.google.com/dlpage/gaoptout?hl=de As an alternative to the browser plug-in, you can click on this link, in order to prevent data collection by Google Analytics on this website in the future. Tapping on the link will place an opt-out cookie on your device. You need to click on the link once again to prevent data recording by Google in the event that you delete your cookies.
Use of social plug-ins from Facebook, Instagram through Shariff solution
We also use social plug-ins from social networks on this website. In order to increase the protection of your data when visiting our website, the plug-ins are linked to our website by means of the so-called "Shariff-Lösung'' [shariff solution] from c‘t). This link ensures that when you access any page of our website containing such plug-ins this will not yet create any link to the servers of those providers. Your browser will only establish a direct connection to the provider servers if you click on a Share/Like button after providing your login data as needed. To learn more about the purpose and extent of data collection by these providers, as well as your relevant rights and how to set options to protect your privacy, please refer to the providers’ data protection information.
Youtube video plug-ins
This website contains data of third parties. This data is provided by Google Inc. ("Provider").
Youtube is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google").
In respect of YouTube videos which are linked to our website, we have enabled the extended data protection settings. What this means is that no information from website users is collected and stored by YouTube, except where you view the video.
The purpose and the extent of data collection and further processing and use of data by the provider in question, and your rights in respect of this, as well as options for settings to protect your privacy, please refer to the data privacy statements by Google http://www.google.com/intl/de/+/policy/+1button.html.
Right to Information and Contact Options
The customer is entitled to receive without charge notification of all information stored in respect to their person. The customer is invited to contact the data protection officer for all questions and requests to delete, correct or block personal data and in respect to the collection, processing and use of this data using the contact details provided in our legal notice.