Privacy Policy
The person responsible for data processing is:
Christina Krum-Kluth
Benderstrasse 65
40625 Dusseldorf
Germany
info@ckk-cosmetics.com
0211-94192661
We are delighted that you are interested in our online shop. The protection of your privacy is very important to us. Below we will provide you with detailed information about how we handle your data.
1. Access data and hosting
You can visit our websites without providing any personal information. Each time you access a website, the web server automatically saves a so-called server log file, which contains, for example, the name of the requested file, your IP address, the date and time of access, the amount of data transferred and the requesting provider (access data) and documents the access.
This access data is evaluated solely for the purpose of ensuring trouble-free operation of the site and improving our offering. In accordance with Art. 6 Paragraph 1 Clause 1 Letter f of GDPR, this serves to safeguard our legitimate interests in a correct presentation of our offering, which prevail within the framework of a balancing of interests. All access data is deleted no later than seven days after the end of your visit to the site.
Hosting services provided by a third party
As part of processing on our behalf, a third-party provider provides us with the services for hosting and displaying the website. All data collected as part of the use of this website or in the forms provided for this purpose in the online shop as described below is processed on its servers. Processing on other servers only takes place within the scope explained here.
This service provider is located within a country of the European Union or the European Economic Area.
2. Data collection and use for contract processing, contact and when opening a customer account
We collect personal data when you voluntarily provide it to us as part of your order or when you contact us (e.g. via contact form or email). Mandatory fields are marked as such because in these cases we absolutely need the data to process the contract or to process your contact and you cannot send the order or contact without providing it. The data collected can be seen from the respective input forms. We use the data you provide in accordance with Art. 6 Para. 1 Clause 1 Letter b of GDPR to process the contract and process your enquiries.
If you have given your consent in accordance with Art. 6 Paragraph 1 Clause 1 Letter a of GDPR by deciding to open a customer account, we will use your data for the purpose of opening a customer account.
After the contract has been fully processed or your customer account has been deleted, your data will be restricted for further processing and deleted after the tax and commercial retention periods have expired, unless you have expressly consented to further use of your data or we reserve the right to use the data in any other way that is permitted by law and about which we will inform you in this declaration. Your customer account can be deleted at any time and can be done either by sending a message to the contact option described below or via a function provided for this purpose in the customer account.
3. Data transfer
In order to fulfil the contract in accordance with Art. 6 Paragraph 1 Clause 1 Letter b of GDPR, we pass on your data to the shipping company commissioned with the delivery, insofar as this is necessary for the delivery of ordered goods. Depending on which payment service provider you select in the ordering process, we pass on the payment data collected for this purpose to the credit institution commissioned with the payment and, if applicable, to payment service providers commissioned by us or to the selected payment service in order to process payments. In some cases, the selected payment service providers also collect this data themselves if you create an account with them. In this case, you must log in to the payment service provider with your access data during the ordering process. In this respect, the data protection declaration of the respective payment service provider applies.
Data transfer to debt collection companies
In order to fulfil the contract in accordance with Art. 6 Paragraph 1 Clause 1 Letter b of GDPR, we will pass on your data to a commissioned debt collection company if our payment claim has not been settled despite a previous reminder. In this case, the claim will be collected directly by the debt collection company. In addition, the transfer serves to protect our legitimate interests, which prevail within the framework of a balancing of interests, in the effective assertion or enforcement of our payment claim in accordance with Art. 6 Paragraph 1 Clause 1 Letter f of GDPR.
4. Email newsletter
E-mail advertising with newsletter registration
If you subscribe to our newsletter, we will use the data required for this purpose or separately provided by you to regularly send you our e-mail newsletter based on your consent in accordance with Art. 6 Paragraph 1 Clause 1 Letter a of GDPR.
You can unsubscribe from the newsletter at any time by sending a message to the contact option described below or via a link provided for this purpose in the newsletter. After unsubscribing, we will delete your email address from the recipient list unless you have expressly consented to further use of your data or we reserve the right to use the data in any other way that is permitted by law and about which we will inform you in this declaration.
5. Cookies and web analytics
In order to make visiting our website attractive and to enable the use of certain functions, to display suitable products or for market research, we use so-called cookies on various pages. This serves to safeguard our legitimate interests in an optimized presentation of our offer in accordance with Art. 6 Paragraph 1 Clause 1 Letter f of GDPR, which predominate in the context of a balancing of interests. Cookies are small text files that are automatically saved on your device. Some of the cookies we use are deleted at the end of the browser session, i.e. after you close your browser (so-called session cookies). Other cookies remain on your device and enable us to recognize your browser the next time you visit (persistent cookies). You can find out how long they are stored for in the overview in the cookie settings of your web browser. You can set your browser so that you are informed when cookies are set and decide individually whether to accept them or to exclude the acceptance of cookies in certain cases or in general. Each browser differs in the way it manages cookie settings. This is described in the help menu of each browser, which explains how you can change your cookie settings. You can find these for the respective browsers under the following links:
Internet Explorer™
Safari™
Chrome™
Firefox™
Opera™
If you do not accept cookies, the functionality of our website may be limited.
Use of Google (Universal) Analytics for web analysis
If you have given your consent in accordance with Art. 6 Paragraph 1 Clause 1 Letter a of GDPR, this website uses Google (Universal) Analytics for the purpose of website analysis. The web analysis service is offered by Google Ireland Limited, a company registered and operated under Irish law with its registered office at Gordon House, Barrow Street, Dublin 4, Ireland. ( www.google.de ). Google (Universal) Analytics uses methods that enable an analysis of your use of the website, such as cookies. The automatically collected information about your use of this website is usually transferred to a Google server in the USA and stored there. By activating IP anonymization on this website, the IP address is shortened before transmission within the member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. The anonymized IP address transmitted by your browser as part of Google Analytics is generally not merged with other Google data. Once the purpose no longer applies and we no longer use Google Analytics, the data collected in this context will be deleted.
To the extent that information is transferred to Google servers in the USA and stored there, the American company Google LLC is certified under the EU-US Privacy Shield. A current certificate can be viewed here . Based on this agreement between the USA and the European Commission, the latter has determined an appropriate level of data protection for companies certified under the Privacy Shield.
You can revoke your consent at any time with effect for the future by downloading and installing the browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout?hl=de . This will prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) as well as the processing of this data by Google.
As an alternative to the browser plug-in, you can click <a href=""javascript:gaOptout()"">this link</a> to prevent Google Analytics from collecting data on this website in the future. An opt-out cookie will be stored on your device. If you delete your cookies, you will be asked to give your consent again.
6. Online marketing
Google reCAPTCHA
To protect against misuse of our web forms and against spam, we use the Google reCAPTCHA service in some forms on this website. Google reCAPTCHA is an offer from Google Ireland Limited, a company registered and operated under Irish law with its registered office at Gordon House, Barrow Street, Dublin 4, Ireland. ( www.google.de ). By checking a manual input, this service prevents automated software (so-called bots) from carrying out abusive activities on the website. In accordance with Art. 6 Paragraph 1 Clause 1 Letter f of GDPR, this serves to safeguard our legitimate interests, which prevail in the context of a balancing of interests, in protecting our website against misuse and in ensuring that our online presence is displayed without disruption.
Google reCAPTCHA uses a code embedded in the website, a so-called JavaScript, to carry out the check, which enables an analysis of your use of the website, such as cookies. The automatically collected information about your use of this website, including your IP address, is usually transferred to a Google server in the USA and stored there. In addition, other cookies stored in your browser by Google services are evaluated by Google reCAPTCHA.
No personal data is read or saved from the input fields of the respective form.
To the extent that information is transferred to Google servers in the USA and stored there, the American company Google LLC is certified under the EU-US Privacy Shield. A current certificate can be viewed here . Based on this agreement between the USA and the European Commission, the latter has determined an appropriate level of data protection for companies certified under the Privacy Shield.
You can prevent Google from collecting the data generated by JavaScript or cookies and relating to your use of the website (including your IP address) and from processing this data by Google by disabling JavaScript or cookies in your browser settings. Please note that this may limit the functionality of our website for your use.
Further information on Google’s privacy policy can be found here .
Adobe Typekit
This website includes the script code “Adobe Typekit” from Adobe Systems Incorporated, 345 Park Avenue San Jose, CA 95110-2704, USA (hereinafter: Adobe). This serves to protect our legitimate interests in a uniform presentation of the content on our website in accordance with Art. 6 (1) (f) GDPR, which prevail within the framework of a balancing of interests. In this context, a connection is established between the browser you use and the Adobe servers. This allows Adobe to know that our website was accessed via your IP address.
Adobe is certified under the EU-US Privacy Shield. A current certificate can be viewed here . Based on this agreement between the USA and the European Commission, the latter has determined an adequate level of data protection for companies certified under the Privacy Shield.
Further information about data processing within the framework of Adobe Typekit can be found in Adobe’s privacy policy .
7. Social-Media
Use of social plugins from Whatsapp via the Shariff solution using the Shariff solution.
Our website uses social buttons from social networks.
This serves to safeguard our legitimate interests in the optimal marketing of our offer in accordance with Art. 6 Paragraph 1 Clause 1 Letter f of GDPR, which prevail within the framework of a balancing of interests. In order to increase the protection of your data when visiting our website, these buttons are not integrated into the page as plugins without restrictions, but only using an HTML link. This integration ensures that when you access a page on our website that contains such buttons, no connection is established with the servers of the provider of the respective social network.
If you click on one of the buttons, a new window will open in your browser and call up the page of the respective service provider, where you can (if necessary after entering your login data) press the Like or Share button, for example.
Use of social plugins from Facebook, Twitter, Instagram, Pinterest, using the “2-click solution”
In order to increase the protection of your data when you visit our website, the plugins are integrated into the page using a so-called "2-click solution". This integration ensures that when you access a page on our website that contains such plugins, no connection is established with the servers of the respective social network. Only when you activate the plugins does your browser establish a direct connection to the servers of the respective social network.
The content of the respective plug-in is then transmitted directly to your browser by the associated provider and integrated into the page. By integrating the plug-in, the providers receive the information that your browser has accessed the corresponding page of our website, even if you do not have a profile with the respective provider or are not currently logged in. This information (including your IP address) is transmitted directly from your browser to a server of the respective provider (possibly in the USA) and stored there. If you interact with the plug-ins, for example by pressing the "Like" or "Share" button, the corresponding information is also transmitted directly to a server of the provider and stored there. The information is also published on the social network and displayed to your contacts there. This serves to safeguard our legitimate interests in the optimal marketing of our offer, which predominate in the context of a balancing of interests in accordance with Art. 6 Paragraph 1 Clause 1 Letter f of GDPR.
The purpose and scope of data collection and the further processing and use of the data by the providers on their websites as well as a contact option and your related rights and setting options to protect your privacy can be found in the data protection information of the providers:
https://www.facebook.com/policy.php
https://twitter.com/de/privacy
https://help.instagram.com/155833707900388
https://policy.pinterest.com/en/privacy-policy
https://policies.google.com/privacy
https://www.whatsapp.com/legal/#privacy-policy
Our online presence on Facebook, Twitter, Instagram
Our presence on social networks and platforms serves to improve and actively communicate with our customers and prospective customers. We provide information about our products and current special offers there.
When you visit our online presence on social media, your data may be automatically collected and stored for market research and advertising purposes. So-called usage profiles are created from this data using pseudonyms. These can be used, for example, to place advertisements within and outside the platforms that presumably correspond to your interests. Cookies are usually used on your device for this purpose. These cookies store visitor behavior and the interests of users. In accordance with Art. 6 (1) (f) GDPR, this serves to safeguard our legitimate interests, which predominate in a balancing of interests, in an optimized presentation of our offer and effective communication with customers and interested parties. If you are asked by the respective social media platform operators for consent (agreement) to data processing, e.g. using a checkbox, the legal basis for data processing is Art. 6 (1) (a) GDPR.
If the aforementioned social media platforms have their headquarters in the USA, the following applies: For the USA, there is an adequacy decision from the European Commission. This is based on the EU-US Privacy Shield. A current certificate for the respective company can be viewed here .
For detailed information on the processing and use of data by the providers on their websites, as well as a contact option and your rights and setting options to protect your privacy, in particular the option to object (opt-out), please refer to the providers' data protection notices linked below. If you still need help in this regard, you can contact us.
Facebook: https://www.facebook.com/about/privacy/
The data processing is carried out on the basis of an agreement between joint controllers in accordance with Art. 26 GDPR, which you can view here .
Further information on data processing when visiting a Facebook fan page (information on Insights data) can be foundhere .
Twitter: https://twitter.com/de/privacy
Instagram: https://help.instagram.com/519522125107875
Opt-out option:
Facebook: https://www.facebook.com/settings?tab=ads
Twitter: https://twitter.com/personalization
Instagram: https://help.instagram.com/519522125107875
8. Sending review reminders by email
If you have given us your express consent to do so during or after your order in accordance with Art. 6 Paragraph 1 Clause 1 Letter a of GDPR, we will use your email address as a reminder to submit a review of your order via the Rating system. This consent can be revoked at any time by sending a message to the contact option described below.
9. Contact options and your rights
As a data subject, you have the following rights:
- pursuant to Art. 15 GDPR, the right to request information about your personal data processed by us to the extent specified therein;
- pursuant to Art. 16 GDPR, you have the right to immediately request the rectification of inaccurate or completion of your personal data stored by us;
- pursuant to Art. 17 GDPR, you have the right to request the deletion of your personal data stored by us, unless further processing
- to exercise the right to freedom of expression and information;
- to fulfill a legal obligation;
- for reasons of public interest or
- is necessary for the establishment, exercise or defence of legal claims;
- pursuant to Art. 18 GDPR, you have the right to request the restriction of the processing of your personal data, insofar as
- you dispute the accuracy of the data;
- the processing is unlawful but you oppose its erasure;
- we no longer need the data, but you require it to assert, exercise or defend legal claims or
- You have objected to the processing pursuant to Art. 21 GDPR;
- pursuant to Art. 20 GDPR, the right to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request that it be transmitted to another controller;
- pursuant to Art. 77 GDPR, you have the right to complain to a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or work or of our company headquarters.
If you have any questions about the collection, processing or use of your personal data, information, correction, restriction or deletion of data, as well as revocation of consent granted or objection to a specific use of data, please contact us directly using the contact details in our legal notice.
Data Protection Officer:
Benderstrasse 65
40625 Dusseldorf
info@ckk-cosmetics.com
|
Right of objection After exercising your right of objection, we will no longer process your personal data for these purposes unless we can demonstrate compelling legitimate grounds for the processing which outweigh your interests, rights and freedoms, or if the processing serves to assert, exercise or defend legal claims. This does not apply if the processing is carried out for direct marketing purposes. In this case, we will no longer process your personal data for this purpose. |
Privacy policy created with FÖHLISCH Rechtsanwälte .