Privacy Policy
The protection of YOUR data is very important to US!
It is not just the care and protection of your skin that is important to Déesse, your health is too.
Here Déesse also attaches the highest importance to the protection of your data.
We therefore respect your privacy and want you to be able to trust us just as much with your data protection as you do with our products. We provide you with transparent information about what we need your data for and whether and for how long we store it. You can make a conscious decision yourself regarding the purposes for which we may use your data. In order to ensure the best possible security, the relevant information is always transmitted to us in encrypted form. If you no longer want us to use your data, please let us know (e.g. by e-mail).
CONTENTS
I. General information
1.1. Processing of personal data
1.2. Controller
1.3. Rights of users and data subjects
1.4. Forwarding to authorities
II. Collection and processing of personal data when visiting our website and the webshop
2.1. Server data
2.2. Cookies
2.3. Web analysis
2.4. Social plugins
2.5. Social login
2.6. Videos (YouTube, Vimeo)
2.7. Online advertising, ads (Google, Facebook, Microsoft)
2.8. Google Tag Manager
2.9. Google Maps
2.10. Google Fonts
III. Contract implementation
3.1. Customer account / registration function
3.2. Forwarding of data to Déesse sales partners
IV. Other functions and offers (within and outside the website)
4.1. Contacting/communication/cooperation, live chat
4.2. Newsletter
4.3. Promotions (e.g. sweepstakes, surveys, product tests)
4.4. Objection or revocation
I. GENERAL INFORMATION
With this privacy policy we would like to inform you in particular about the nature, scope, purpose, duration and legal basis of the collection and processing of personal data, insofar as we decide either alone or together with others about the purposes and means of processing. In addition, we will inform you below about the third-party components used by us for optimisation purposes as well as to increase the quality of use, insofar as third parties process data in turn under their own responsibility.
Personal data (hereinafter referred to only as "data") will only be processed by us within the scope of what is necessary and for the purpose of providing a functional and user-friendly website, including its contents and the services offered there.
1.1. PROCESSING PERSONAL DATA
Personal data is all information relating to an identified or identifiable natural person, e.g. name, address, e-mail addresses, etc., within the meaning of Article 4 of the EU General Data Protection Regulation (hereinafter referred to as GDPR).
In accordance with Art. 4 Para. 1 GDPR, “processing” means any operation or series of operations carried out with or without the aid of automated procedures in connection with personal data, such as the collection, recording, organisation, ordering, storage, adaptation or modification, exporting, querying, use, disclosure by transmission, dissemination or any other form of provision, comparison or linking, restriction, deletion or destruction.
1.2. CONTROLLER
The responsible party, known as the Controller, for processing personal data as defined in Art. 4 (7) GDPR
in Germany/Allemagne/Germania; European Union/EU is (see our imprint):
Déesse International GmbH, Keltenring 14, D-82041 Oberhaching
Tel +49 (89) 230 2150-0
Fax +49 (89) 230 2150 99
www.deesse.com
E-mail: hello@deesse.com
in Switzerland:
Déesse AG, Industriestrasse 10, CH-8618 Oetwil am See
Tel +41 (44) 929 65 65
Fax +41 (44) 929 65 66
www.deesse.com
E-mail: hello@deesse.com
Contact details of the Data Protection Officer (EU and Switzerland):
datenschutz@deesse.com
or
using the above-mentioned postal address (EU or Switzerland) of the Controller with the addition “FAO the Data Protection Officer”.
1.3. RIGHTS OF USERS AND DATA SUBJECTS
In view of the data processing described in more detail below, users and data subjects have the right to
- receive confirmation as to whether data relating to them is being processed, obtain information about the processed data, request further information about the data processing as well as copies of the data (see also Art. 15 GDPR);
- request correction or completion of inaccurate or incomplete data (see also Article 16 GDPR);
- request immediate deletion of the data concerning them (see also Art. 17 GDPR), or, alternatively, insofar as further processing is required in accordance with Article 17 (3) GDPR, to request restriction of the processing in accordance with Art. 18 GDPR;
- obtain the data concerning them and provided by them and have this data transmitted to other providers/controllers (see also Art. 20 GDPR);
- appeal to the supervisory authority if they are of the view that the data that pertains to them is being processed by the provider in a manner that infringes data protection regulations (see also Art. 77 GDPR).
In addition, the provider is obliged to inform all recipients to whom data has been disclosed by the provider of any correction or deletion of data or the restriction of processing carried out pursuant to Articles 16, 17 (1), 18 GDPR. However, this obligation does not apply if such notification is impossible or involves a disproportionate degree of effort. Without prejudice to this, the user has a right to receive information about these recipients.
Also, under Article 21 GDPR, users and data subjects have the right to object to the future processing of the data concerning them, provided that the data is being processed by the provider in accordance with Article 6 (1) lit. (f) GDPR. Objections to data processing that is carried out for the purposes of direct advertising are in particular admissible.
When processing your rights, we may ask you for proof of identity. For further information on how we process your data in this regard, see III.1.
1.4. FORWARDING YOUR INFORMATION TO AUTHORITIES
In the event of a legal obligation, we reserve the right to disclose information about you if we are required to disclose details of lawful authorities or law enforcement bodies.
II. COLLECTION AND PROCESSING OF PERSONAL DATA WHEN VISITING OUR WEBSITE AND THE WEBSHOP
If you are only using the website for information purposes, i.e. if you do not register or transfer information to us in another way, we will only collect the personal data that your browser transmits to our server and which is technically necessary for the presentation of our website and to guarantee stability and security.
We forward the collected data to the responsible internal departments and other affiliated companies of Déesse AG and Déesse International GmbH or to external service providers, contractors (e.g. hosting, content management system) for processing in line with the required purposes (for the presentation of the website and for the creation of the content), legal basis: Art. 6 (1) b GDPR.
Any of your data which is processed while you use our website will be deleted or blocked as soon as the purpose of the storage no longer applies, the deletion of the data is not precluded by legal retention obligations and no contrary specifications on individual processing methods are provided below.
2.1. SERVER DATA
For technical reasons, in particular to ensure a secure and stable website, data is transmitted to us or to our webspace provider by your Internet browser. Among other things, these so-called server log files collect the type and version of your Internet browser, the operating system, the website from which you switched to our website (referrer URL), the website(s) of our Internet presence which you visit, the date and time of the respective access, and the IP address of the Internet connection from which our website is used.
The data collected in this way is stored temporarily, but not however together with other data you have provided.
This storage is carried out on the legal basis of Art. 6 (1) lit. f) GDPR. The improvement, stability, functionality and security of our website constitutes our legitimate interest.
The data will be deleted at the latest after seven days, unless further storage is required for evidentiary purposes. Otherwise, the data is excluded from deletion in whole or in part until an incident is finally resolved.
2.2. COOKIES
When you visit a website, information may be retrieved or stored in your browser, usually using cookies. This information may relate to you, your settings or your device and is mainly used to make the website work as intended. Generally, the information does not directly identify you, but may provide you with a more personalized web experience. We respect your right to privacy, so you can choose not to allow the use of certain cookies. Please visit each category to learn more and change the default settings. Please note that blocking some types of cookies may affect your experience on the website and the services we provide. This website uses the following types of cookies, the scope and operation of which are explained below:
2.2.1. Mandatory Cookies
2.2.2. Statistics cookies
2.2.3. Marketing Cookies
We will inform you in the tools we use which cookie types are set and used in each case.
2.2.1.Mandatory Cookies
These cookies are required for the website to function and cannot be disabled on our systems They are usually set to respond to actions taken by you to receive services, such as adjusting your privacy settings, logging into your account or filling out forms. You can set your browser to block these cookies or to alert you to their presence, but some parts of the website will not function. These cookies do not store any personally identifiable information.
2.2.2. Statistics COOKIES
These cookies are used to record your browsing behaviour. They help us understand how you use our website and how we can improve it.
2.2.3. Marketing COOKIES
These cookies may be placed throughout the website by our advertising partners. They do not store personal information directly, but are based on the unique identification of your browser and internet access device. The purpose of this type of cookie is to provide these advertising partners with information to profile your interests, so that they can display relevant advertising on other websites.
Opt-out for marketing cookies
You can also manage cookies used for online advertising using tools developed in many countries as part of self-regulatory programmes, such as the US-based https://www.aboutads.info/choices/ or the EU-based http://www.youronlinechoices.com/uk/your-ad-choices.
You can revoke this consent to the cookies at any time with effect for the future here.
Legal basis: Art. 6 (1) a GDPR
2.2.4. MANAGEMENT AND DELETION OF ALL COOKIES
In addition, you can set your Internet browser in such a way that the storage of cookies on your device is prevented in general or to ensure that every time you call up a website you are asked if you agree to cookies being set. You can also delete cookies that have been set at any time. The help function of your browser will tell you how all of this works in detail. Please note that a general deactivation of cookies may result in you not being able to use all the functions of our website.
2.3. WEB ANALYTICS/ANALYSIS
2.3.1. GOOGLE ANALYTICS
This website uses Google Analytics, a web analysis service provided by Google Inc. ("Google"). Google Analytics uses what are known as "cookies". These are text files that are stored on your computer and which enable an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. However, if IP anonymisation is activated on this website, your IP address will be truncated beforehand by Google within Member States of the European Union or in other contracting states of the Agreement on the European Economic Area. The full IP address will only be transmitted to a Google server in the USA and truncated there in exceptional cases. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compile reports on website activity and provide other services relating to website activity and Internet usage to the website operator. The IP address transmitted by your browser within the scope of Google Analytics will not be merged with other data from Google.
You can prevent the storage of cookies by setting your browser software accordingly; however, we would like to point out that, if you do so, you may not be able to use all the functions of this website to their full extent. You can also prevent the collection and provision of data generated by the cookie and relating to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
This website uses Google Analytics with the extension “_anonymizeIp()”. As a result, IP addresses are processed further in a truncated form, which prevents them from being directly linked to a particular individual. If a personal reference is made to the data collected about you, this is therefore ruled out immediately and the personal data deleted immediately.
We use Google Analytics to analyse and regularly improve the use of our website. Through the statistics obtained, we can improve our offering and make it more interesting for you as a user. In exceptional cases where personal data is transferred to the USA, Google has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
Information of the third-party provider: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001. Terms of use:
http://www.google.com/analytics/terms/de.html, privacy policy overview:
http://www.google.com/intl/de/analytics/learn/privacy.html, as well as the privacy policy:
http://www.google.de/intl/de/policies/privacy.
Cookies used: Type b. More information can be found in the "Cookies" section.
Lifetime of cookies: up to 12 months (this applies only to cookies set through this website). Storage period: up to 26 months.
Legal basis: Art. 6 (1) f GDPR
Google Analytics advertising functions
If you agree to the use of the Google Analytics advertising
functions, this website also uses the extended functions of Google Analytics in addition to the standard functions. The Google Analytics advertising features implemented on this website include the Google Analytics performance reports based on demographic characteristics and interests. For this purpose, we use first party cookies (e.g. Google Analytics cookies) and third party cookies (e.g. DoubleClick cookies) together to evaluate which demographic characteristics and interests visitors to our website typically have in an anonymised and aggregated manner. We use this information to improve our online offerings.
You can prevent participation in this tracking procedure in various ways:
a) by setting your browser software accordingly;
b) by deactivating Google's ad settings on https://www.google.com/ads/preferences/?hl=de
c) by setting the appropriate cookie. We would like to point out that, if you do any of the above, you may not be able to use all functions of this offering to their full extent.
Storage period: up to 26 months.
Legal basis: Art. 6 (1) a GDPR
2.3.2. A/B TESTING
This website analyses user behaviour using what is known as A/B testing. We display the website in a slightly customized version, depending on the profile. This allows us to analyse our offerings, improve them regularly and make them more interesting for you as a user. Cookies are stored on your computer for these analyses. The information collected in this way is stored exclusively on a server in the EU. You can prevent the storage of cookies by setting your browser software accordingly. Before the analyses are carried out, the IP addresses are processed further in abbreviated form, so that direct personal contact can be ruled out. The IP address transmitted by your browser will not be merged with other data we collect. The data can be accessed by our analysis service providers based in Switzerland and the EU.
Cookies used: Type b. More information can be found in the "Cookies" section.
Lifetime of cookies: up to 24 months (this applies only to cookies set through this website).
Storage period: up to 25 months.
Legal basis: Art. 6 (1) f GDPR
2.4. SOCIAL PLUGINS
On our websites, what are known as social plugins ("plug-ins") of social networks are used, in particular the "Share" or "Share with Friends" button of the provider "Facebook", whose website facebook.com is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA. Facebook Ireland Limited, Hanover Reach, 5-7 Hanover Quay, Dublin 2, Ireland is responsible for the German version of the Facebook website, facebook.de. The plug-ins are usually marked with a Facebook logo.
In addition to Facebook, we use plug-ins from "Twitter” (provider: Twitter, Inc., 1355 Market St, Suite 900, San Francisco, CA 94103), “LinkedIn” (provider: LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA “XING” (provider: Xing AG, Gänsemarkt 43, 20354 Hamburg, Germany), “Instagram” (provider: Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA), “Whatsapp” (provider: WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland), “Vimeo” (provider: Vimeo, LLC 555 West 18th Street, New York, New York 10011) and “Pinterest” (provider: Pinterest Inc., 808 Brannan Street San Francisco, CA 94103, USA).
For data protection reasons, we have deliberately chosen not to use direct plug-ins of social networks on our websites. Instead, we use what is known as the "Shariff" solution. Using Shariff, you can determine yourself whether and when data is transmitted to the operators of the respective social networks. Therefore, when you call up our websites, no data is automatically transmitted to social networks such as Facebook, Twitter or Pinterest. Only when you actively click the respective button yourself, does your internet browser establish a connection to the servers of the respective social network, i.e. by clicking the respective button (e.g. "Forward", "Share" or "Share with friends"), you are giving your consent for your Internet browser to establish a connection to the servers of the respective social network and to transmit usage data to the respective operator of the social network.
The plug-in provider stores the data collected about you as usage profiles and uses them for the purposes of advertising, market research and/or the needs-based design of its website. Such an evaluation is carried out in particular (even for non-logged-in users) in order to display needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact the respective plug-in provider in order to exercise this right. Through the plug-ins, we offer you the opportunity to interact with social networks and other users, so that we can improve our offering and make it more interesting for you as a user. The data is passed on regardless of whether you have an account with the plug-in provider and are logged in there. If you are logged in to the plug-in provider, your data collected by us will be assigned directly to the existing account you hold with the plug-in provider. If you press the activated button and, for example, link the page, the plug-in provider also stores this information in your user account and communicates it publicly to your contacts. We recommend that you log out regularly after using a social network, especially before activating the button, as this will allow you to avoid being assigned to the profile you hold with the plug-in provider.
Further information on the purpose and scope of the data collection and its processing by the plug-in provider can be found in the privacy policies of these providers supplied below. Here you will also find further information on your rights in this regard and settings options for protecting your privacy.
Addresses of the respective plug-in providers and URLs with their privacy notices:
a) Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA; http://www.facebook.com/policy.php more information on data collection: http://www.facebook.com/help/186325668085084, http://www.facebook.com/about/privacy/your-info-onother# applications as well as http://www.facebook.com/about/privacy/your-info#everyoneinfo. Facebook has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
b) Google Inc., 1600 Amphitheater Parkway, Mountainview, California 94043, USA; https://www.google.com/policies/privacy/partners/?, hl=de. Google has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
c) Twitter, Inc., 1355 Market St, Suite 900, San Francisco, California 94103, USA; https://twitter.com/privacy. Twitter has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
d) Pinterest Inc., 808 Brannan Street San Francisco, CA 94103, USA, http://about.pinterest.com/privacy/
e) Xing AG, Gänsemarkt 43, 20354 Hamburg, DE; http://www.xing.com/privacy.
f) LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA; http://www.linkedin.com/legal/privacy-policy. LinkedIn has submitted to the EU-US-Privacy-Shield, https://www.privacyshield.gov/EU-US-Framework.
g) Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. For details on how they handle your personal information, please visit Instagram's privacy policy
https://help.instagram.com/519522125107875
h) WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. Privacy notices at: https://www.whatsapp.com/legal/#privacy-policy-contact-information
i) Vimeo, LLC 555 West 18th Street, New York, New York 10011, https://vimeo.com/privacy
2.5. SOCIAL LOGIN
To register and login to the customer account, you can also authenticate yourself using your existing profile in one of the following social networks: Facebook, Instagram, LinkedIn, Xing, You Tube, Vimeo or Twitter and then finally register or log in. For this purpose, you will find the corresponding logos of the respective providers of the social networks supported by our website on the registration or login page. Before a connection is established to the provider, you must explicitly agree to the process described below and the data transmission itself:
By clicking the relevant logo, a new window (what is known as an app) will be opened in which you must log in with your login data for the social network. After you have successfully logged in, the social network will inform you which data (name and e-mail address) will be transmitted to us for authentication purposes as part of the registration or login process. If you have consented to this data transfer, the fields required by us for registration will be filled with the transmitted data. The data we need to register or log in is (i) your name and (ii) your e-mail address. Your data will only be stored by us and used for the purposes mentioned in point II above once you have given your express consent to the use of the transmitted and required data. A link between the customer account created by us and your account with the corresponding social network will not be established beyond the authentication process.
In order to be able to perform the authentication process for registration and login, your IP address is transmitted to the respective provider of the social network. We have no influence over the purpose and scope of the data collection and on the further processing of the data by the respective provider of the social network. For more information, please read the privacy notice of the respective provider.
a) Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA; http://www.facebook.com/policy.php more information on data collection: http://www.facebook.com/help/186325668085084, http://www.facebook.com/about/privacy/your-info-on-other#applications as well as http://www.facebook.com/about/privacy/your-info#everyoneinfo. Facebook has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
b) Google Inc., 1600 Amphitheater Parkway, Mountainview, California 94043, USA; https://www.google.com/policies/privacy/partners/?hl=de. Google has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
c) Twitter, Inc., 1355 Market St, Suite 900, San Francisco, California 94103, USA; https://twitter.com/privacy. Twitter has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
d) Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. For details on how they handle your personal information, please visit Instagram's privacy policy: https://help.instagram.com/519522125107875
e) Xing AG, Gänsemarkt 43, 20354 Hamburg, DE; http://www.xing.com/privacy.
f) LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA; http://www.linkedin.com/legal/privacy-policy. LinkedIn has submitted to the EU-US Privacy Shield https://www.privacyshield.gov/EU-US-Framework.
g) Vimeo, LLC 555 West 18th Street, New York, New York 10011, https://vimeo.com/privacy
h) Youtube, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
https://www.google.de/intl/de/policies/privacy; Google also processes your personal data in the USA and has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
Facebook Connect
If there is a "Facebook Connect Button" on this website, you can log in to our website with your Facebook user data. In addition, Facebook Connect can automatically incorporate information about your activities on our website into your Facebook profile. In this respect, when you activate the button, you can give your express consent for other parties to access your Facebook user data as well as your consent to the publication of information and activities in your Facebook profile. Other data (e.g. contacting you via your e-mail address) will only be used if you have given your prior express consent in this regard. Please note that Facebook receives information about the application and website via Facebook Connect, including which actions you perform. To personalise the process of establishing connections, there is a possibility that in some cases Facebook may receive a limited amount of information before the application or website is authorised. For further details on the purpose and scope of the data collection and the further processing and use of the data by Facebook, as well as your rights in this regard and settings options to protect your privacy, please refer to the privacy policy of Facebook
Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA; http://www.facebook.com/policy.php; more information on data collection: http://www.facebook.com/help/186325668085084, http://www.facebook.com/about/privacy/your-info-on-other#applications as well as http://www.facebook.com/about/privacy/your-info#everyoneinfo. Facebook has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
2.6. VIDEOS
2.6.1. YOUTUBE
We have integrated YouTube videos into our online offering. These are stored on http://www.YouTube.com and can be played directly from our website. These are all included in "advanced privacy mode", i.e. no data about you as a user is transferred to YouTube if you do not play the videos. Only when you play the videos will the data mentioned in the next paragraph be transferred. We have no influence over this data transfer.
By visiting the website, YouTube receives the information that you have accessed the corresponding subpage of our website. In addition, the data specified in Section II of this privacy policy is transmitted. This is done regardless of whether YouTube provides a user account by means of which you are logged in or whether there is no user account. If you are logged in to Google, your data is assigned directly to your account. If you do not want to be assigned to your profile on YouTube, you must log out before activating the button. YouTube stores your data as usage profiles and uses them for the purposes of advertising, market research and/or the needs-based design of its website. Such an evaluation is carried out in particular (even for non-logged-in users) in order to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact YouTube in order to exercise this right.
For more information on the purpose and scope of the data collection and its processing by YouTube, please see the privacy policy. Here you will also find more information about your rights and settings you can use to protect your privacy:
https://www.google.de/intl/de/policies/privacy; Google also processes your personal data in the USA and has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
2.6.2. VIMEO
We also use the provider Vimeo to integrate videos. Vimeo is operated by Vimeo, LLC, headquartered at 555 West 18th Street, New York 10011.
We use Vimeo plugins on some of our websites. When you access the websites of our Internet presence equipped with such a plugin – for example, to play a video – a connection to the Vimeo servers is established and the plugin is displayed. This transmits information about which of our websites you have visited to the Vimeo server. If you are logged in to Vimeo as a member, Vimeo assigns this information to your personal user account. When you are using the plugin, for example if you are clicking the Start button of a video, this information is also assigned to your user account. You can prevent this assignment by logging out of your Vimeo user account and deleting the corresponding Vimeo cookies before using our website.
For more information about Vimeo's data processing and privacy policies, see https://vimeo.com/privacy.
2.7. ONLINE ADVERTISING
2.7.1. GOOGLE ADS
2.7.1.1. Google Ads Conversion
We use the Google Ads Conversion offering to draw attention to our attractive offers with the help of advertising materials (what are known as Google Ads) on external websites. We can determine how successful the individual advertising measures are in relation to the data of the advertising campaigns. We are therefore interested in displaying advertisements that are of interest to you, making our website more interesting for you and achieving a fair calculation of advertising costs. These advertising materials are delivered by Google via what are known as "ad servers". For this purpose, we use ad server cookies, which can be used to measure certain parameters for measuring success, such as displaying the advertisements or quantifying clicks by users. If you access our website via a Google ad, Google Ads stores a cookie on your device. These cookies usually expire after 30 days and are not intended to identify you personally. For this cookie, the unique cookie ID, number of ad impressions per placement (frequency), last impression (relevant for post-view conversions) and opt-out information (marking that the user no longer wants to be addressed) are usually stored as analysis values.
These cookies enable Google to recognise your Internet browser on subsequent visits. If a user visits certain pages of an Ads customer's website and the cookie stored on his computer has not yet expired, Google and the customer can detect that the user has clicked on the ad and has been redirected to this page. Each Ads customer is assigned a different cookie. Cookies cannot therefore be tracked through the websites of Ads customers. We ourselves do not collect or process any personal data in the advertising measures mentioned above. We only receive statistical evaluations from Google. On the basis of these evaluations, we can identify which of the advertising measures used are particularly effective. We do not receive any further data from the use of the advertising materials, in particular we cannot identify the users on the basis of this information. Due to the marketing tools used, your browser automatically establishes a direct connection to the Google server. We have no influence over the scope and further use of the data collected by Google through the use of this tool and therefore inform you according to our state of knowledge: By integrating Ads Conversion, Google receives the information that you have accessed the corresponding part of our website or clicked on an advertisement from us. If you are registered with a Google service, Google can assign the visit to your account. Even if you are not registered with Google or have not logged in, there is the possibility that the provider will find out and store your IP address.
2.7.1.2. Google Ads Remarketing
We use the remarketing function within the Google Ads service. With the remarketing feature, we can present to users of our website ads based on their interests on other websites within the Google advertising network (in Google Search or on YouTube, what are known as "Google Ads" or on other websites). For this purpose, the interaction of the users on our website is analysed, e.g. which offers the user was interested in in order to be able to display targeted advertisements on other pages to the users even after they have visited our website. For this purpose, Google stores a number in the browsers of users who visit certain Google services or websites on the Google Display Network. This number, known as a "cookie", records the visits of these users. This number is used for the unique identification of a web browser on a particular device and not for the identification of a person, personal data is not stored.
You may prevent participation in this tracking procedure in various ways: a) by setting your browser software accordingly; in particular suppressing third-party cookies will prevent you from receiving third-party advertisements;
b) by installing the plug-in provided by Google at the following link: https://www.google.com/settings/ads/plugin;
c) by disabling the provider's interest-based ads which are part of the self-regulatory campaign "About Ads” via the link http://www.aboutads.info/choices, whereby this setting is deleted when you delete your cookies;
d) by permanent deactivation in your Firefox, Internet Explorer or Google Chrome browsers at the link http://www.google.com/settings/ads/plugin,
e) by making the appropriate cookies settings.
We would like to point out that, if you do any of the above, you may not be able to use all functions of this offering to their full extent.
For more information on Google's privacy policies, please visit http://www.google.com/intl/de/policies/privacy and https://services.google.com/sitestats/de.html. Alternatively, you can visit the Network Advertising Initiative (NAI) website at http://www.networkadvertising.org.
Google has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
Cookies used: Type c. More information can be found in the "Cookies" section.
Lifetime of cookies: up to 12 months (this applies only to cookies set through this website).
Legal basis: Art. 6 (1) a GDPR
2.7.1.3. Google Remarketing
We use the Google Remarketing application. This is a procedure that we would like to contact you about again within 24 months. Through this application, our advertisements can be displayed to you after visiting our website when you continue to use the Internet. This is done by means of cookies stored in your browser, through which your usage behaviour when visiting various websites is recorded and evaluated by Google. This allows Google to detect your previous visit to our website. According to Google, the data collected in the course of remarketing will not be combined with your personal data, which may be stored by Google. According to Google, pseudonymisation in particular is used in remarketing.
You may prevent participation in this tracking procedure in various ways: a) by setting your browser software accordingly; in particular suppressing third-party cookies will prevent you from receiving third-party advertisements;
b) by installing the plug-in provided by Google at the following link: https://www.google.com/settings/ads/plugin;
c) by disabling the provider's interest-based ads which are part of the self-regulatory campaign "About Ads” via the link http://www.aboutads.info/choices, whereby this setting is deleted when you delete your cookies;
d) by permanent deactivation in your Firefox, Internet Explorer or Google Chrome browsers at the link http://www.google.com/settings/ads/plugin,
e) by making the appropriate cookies settings. We would like to point out that, if you do any of the above, you may not be able to use all functions of this offering to their full extent.
For more information on Google's privacy policies, please visit http://www.google.com/intl/de/policies/privacy and https://services.google.com/sitestats/de.html. Alternatively, you can visit the Network Advertising Initiative (NAI) website at http://www.networkadvertising.org.
Google has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
Cookies used: Type c. More information can be found in the "Cookies" section.
Legal basis: Art. 6 (1) a GDPR
2.7.1.4. Campaign Manager (formerly DoubleClick by Google)
This website continues to use Google's online marketing tool, Campaign Manager. Campaign Manager uses cookies to display ads that are relevant to users, to improve campaign performance reports, or to prevent a user from seeing the same ads multiple times. Using a cookie ID, Google records which ads are displayed in which browser and can thus prevent them from being displayed multiple times. In addition, Campaign Manager can use cookie IDs to record what are known as conversions which are related to ad requests. This is the case, for example, when a user sees a Campaign Manager ad and later uses the same browser to call up the advertiser's website and buy something there. According to Google, Campaign Manager cookies do not contain any personal information. Due to the marketing tools used, your browser automatically establishes a direct connection to the Google server. We have no influence over the scope and further use of the data collected by Google through the use of this tool and therefore inform you according to our state of knowledge: By integrating Campaign Manager, Google receives the information that you have accessed the corresponding part of our website or clicked on an advertisement from us. If you are registered with a Google service, Google can assign the visit to your account. Even if you are not registered with Google or have not logged in, there is the possibility that the provider will find out and store your IP address. In addition, the Campaign Manager (DoubleClick Floodlight) cookies used allow us to understand whether you are performing certain actions on our website after you have called up or clicked one of our display/video ads on Google or on another platform via Campaign Manager (conversion tracking). Campaign Manager uses this cookie to understand the content you have interacted with on our websites so that it can send you targeted advertising at a later stage.
You may prevent participation in this tracking procedure in various ways:
a) by setting your browser software accordingly, in particular, suppressing third-party cookies will prevent you from receiving third-party advertisements;
b) by disabling cookies for conversion tracking, by setting your browser to block cookies from the domain www.googleadservices.com, https://www.google.de/settings/ads, whereby this setting is deleted when you delete your cookies;
c) by disabling the provider's interest-based ads which are part of the self-regulatory campaign "About Ads" via the link http://www.aboutads.info/choices, whereby this setting is deleted when you delete your cookies;
d) by permanent deactivation in your Firefox, Internet Explorer or Google Chrome browsers at the link http://www.google.com/settings/ads/plugin
e) by making the appropriate cookies settings. We would like to point out that, if you do any of the above, you may not be able to use all functions of this offering to their full extent.
In addition, you can prevent Google from collecting the data generated by the cookies about your use of the websites and the processing of this data by Google by downloading and installing the browser plug-in available at https://support.google.com/adsense/answer/142293?hl=de under "Display Settings", "Extension for Campaign Manager Deactivation". For more information about Campaign Manager, visit https://www.google.de/doubleclick, and Google’s privacy policies in general: https://www.google.de/intl/de/policies/privacy. Alternatively, you can visit the Network Advertising Initiative (NAI) website at http://www.networkadvertising.org. Google has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EUUS-Framework.
Cookies used: Type c. More information can be found in the "Cookies" section.
Legal basis: Art. 6 (1) a GDPR
2.7.2. FACEBOOK CUSTOM AUDIENCES (FOR WEBSITES) – FACEBOOK PIXEL
The website uses the remarketing function "Custom Audiences" developed by Facebook Inc. ("Facebook") in order to be able to address you again within 6 months. This allows users of the website to display interest-based advertisements ("Facebook ads") as part of their visit to the social network Facebook or other websites that also use the procedure. We are therefore interested in showing you advertisements that are of interest to you in order to make our website more interesting to you. Due to the marketing tools used, your browser automatically establishes a direct connection to the Facebook server. We have no influence over the scope and further use of the data collected by Facebook through the use of this tool and therefore inform you according to our state of knowledge: By integrating Facebook Custom Audiences, Facebook receives the information that you have accessed the corresponding website of our Internet presence or clicked on an advertisement from us. If you are registered with a Facebook service, Facebook can assign the visit to your account. Even if you are not registered with Facebook or have not logged in, there is the possibility that the provider will find out and store your IP address and other identifiers. You can deactivate the "Facebook Custom Audiences" function and if you are a logged-in user, do so at https://www.facebook.com/settings/?tab=ads#.
For more information about data processing by Facebook, see https://www.facebook.com/about/privacy.
Cookies used: Type c. More information can be found in the "Cookies" section.
Legal basis: Art. 6 (1) a GDPR
2.7.3. BING ADS UNIVERSAL EVENT TRACKING (UET)
USE OF BING ADS UNIVERSAL EVENT TRACKING (UET)
On our website, Bing Ads technologies collect and store data from which usage profiles are created using pseudonyms. This is a Microsoft Corporation service, One Microsoft Way Redmond, WA 98052‐6399, USA. This service allows us to track the activities of users on our website if these users have accessed our website via Bing Ads ads If you access our website via such an advertisement, a cookie will be set on your computer. A Bing UET‐tag is integrated on our website. This is a code that, in connection with the cookie, stores some non-personal data about the use of the website.
Information about your identity is not recorded. The collected information is transmitted to the Microsoft server in the USA and stored there for a maximum of 180 days. You can prevent the collection of data generated by the cookie and relating to your use of the website and the processing of this data by disabling the setting of cookies. This may limit the functionality of the website. In addition, Microsoft may be able to track your usage behaviour across several of your electronic devices through what is known as cross‐devicetracking enabling it to display personalised advertising on or in Microsoft websites and apps. You can disable this behaviour by following the link below: http://choice.microsoft.com/de-DE/opt-out
More detailed information about Bing's analytics services can be found on the Bing Ads website: https://help.bingads.microsoft.com/#apex/3/de/53056/2
More detailed information about Microsoft's and Bing’s data protection policies can be found in the Microsoft Privacy Statement: Microsoft: https://privacy.microsoft.com/de-de/privacystatement
2.8. GOOGLE TAG MANAGER
This website uses Google Tag Manager. Google Tag Manager is a solution that allows marketers to manage website tags from a single interface. The Tag Manager tool itself (which implements the tags) is a cookie-free domain and does not record any personal data. The tool causes other tags to be tagged, which in turn may collect data. Google Tag Manager does not access this data. If deactivation has been performed at domain or cookie level, it will remain in place for all tracking tags implemented with Google Tag Manager.
2.9. GOOGLE MAPS
On this website we use the Google Maps service. This allows us to display interactive maps directly on the website and enables you to use the map function conveniently.
When you visit the website, Google receives the information that you have accessed the corresponding subpage of our website. In addition, the data specified in Para. II. 1. of this privacy policy is transmitted. This is done regardless of whether Google provides a user account by means of which you are logged in or whether there is no user account. If you are logged in to Google, your data is assigned directly to your account. If you do not want to be assigned to your profile on Google, you must log out before activating the button. Google stores your data as usage profiles and uses them for the purposes of advertising, market research and/or the needs-based design of its website. Such an evaluation is carried out in particular (even for non-logged-in users) in order to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact Google in order to exercise this right.
Further information on the purpose and scope of the data collection and its processing by the plug-in provider can be found in the privacy policies of the provider.
Here you will also find further information on your rights in this regard and the settings options for protecting your privacy http://www.google.de/intl/de/policies/privacy.
Google also processes your personal data in the USA and has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
2.10. GOOGLE Fonts
In our web shop, the *.woff files (FrutigerLTCom, MuseoSlab, OctoberStorm) are installed as the main font, and external fonts "Google Fonts" (such as Open+Sans and Inconsolata) are used. Google Fonts is a service provided by Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland. Your browser also gives personal data to Google LLC. on to the USA. The legal basis for data processing is Art. 6 Para.1 a) GDPR. You can find more information about data processing by Google here: https://www.google.de/intl/de/policies/privacy.
III. CONTRACT IMPLEMENTATION
The data transmitted by you for the use of our goods and/or services will be processed by us for the purpose of implementing the contract and is necessary in this respect. If you do not provide your data, it will not be possible to conclude and implement the contract. The legal basis for the processing is Art. 6 Para. 1 lit. b) GDPR.
We delete the data when the contract has been implemented in full but must observe the retention periods under tax and commercial law.
As part of the contract implementation, we forward your data to the transport company commissioned with the delivery of goods or to the financial service provider, insofar as the forwarding is necessary for the delivery of goods or for payment purposes.
The legal basis for the forwarding of the data is then Art. 6 Para. 1 lit. b) GDPR.
3.1. CUSTOMER ACCOUNT / REGISTRATION FUNCTION
If you create a customer account with us via our website, we will collect and store the data you entered during registration (e.g. your name, address or e-mail address) exclusively for pre-contractual services, for the fulfilment of the contract or for the purpose of customer care (e.g. to provide you with an overview of your previous orders with us or to offer you what is known as the notepad function). At the same time, we will store the IP address and the date of your registration along with the time. Of course, this data will not be passed on to third parties.
As part of the ongoing registration process, your consent to this processing will be obtained and reference made to this privacy policy. The data collected by us will only be used for the provision of the customer account.
Insofar as you consent to this processing, Art. 6 Para. 1 lit. a) GDPR is the legal basis for the processing.
If the opening of the customer account also serves to carry out pre-contractual measures or the fulfilment of the contract, the legal basis for this processing is still also Art. 6 Para. 1 lit. b) GDPR.
You can revoke the consent you have given to us regarding the opening and maintenance of the customer account at any time with effect for the future in accordance with Art. 7 Para. 3 GDPR. All you need to do is inform us of your revocation.
The data collected in this respect will be deleted as soon as the processing is no longer necessary. In doing so, however, we must respect retention periods under tax and commercial law.
3.2. FORWARDING OF DATA TO DÉESSE SALES PARTNERS
In addition, we offer you the option of being contacted and looked after by one of our sales partners, a Déesse consultant (m/f/d). For this purpose, it is generally necessary for your data to be passed on to one of our sales partners, a Déesse consultant (m/f/d) near your residential/business address. Appropriate consent to the forwarding of your data to the Déesse sales partner can be given separately during the ordering process - this is optional.
IV. OTHER FUNCTIONS AND OFFERS (WITHIN AND OUTSIDE THE WEBSITE), OBJECTION OR REVOCATION
In addition to using our website and the webshop for purely informative purposes, we offer various services that you can use if you are interested. To do so, you usually need to provide additional personal data that we use to provide the respective service and to which the aforementioned data processing principles apply. If we would like to rely on commissioned service providers for individual functions of our offer or if we would like to use your data for advertising purposes, we will inform you in detail about the respective processes below. We also mention the specified criteria for the storage period.
Commissioned external service providers have been carefully selected and commissioned by us, are bound by our instructions and are regularly checked.
Furthermore, we may share your personal data with third parties if promotion participation, sweepstakes, contracts or similar services are offered by us together with partners. Further information can be obtained by providing your personal data or in the description of the offer below.
In derogation of the above, in some cases, Déesse AG is responsible for the functions and offers described below, which have already been specified to you in the course of the communication. Therefore, if reference is made to sections of this privacy policy, e.g. by way of a link, and a responsible person has already been named to you in the course of the communication, e.g. in the footer/signature of an email or action card, this person is responsible in accordance with Art. 4 No. 7 GDPR. Insofar as our service providers or partners are based in a country outside the European Union (EU) or outside the European Economic Area (EEA), international data transfers may take place. We will inform you about the consequences of this circumstance in the description of the offer.
4.1. CONTACTING
When communicating and/or cooperating with us, e.g. by e-mail, via a contact form on our website, via a data exchange platform, whether as a consumer, business partner or customer, the data provided by you (your e-mail address, if applicable your name and telephone number or the personal data provided within the communication) are stored by us to answer your questions or to carry out the communication required for our business purposes, for example. We delete the data generated in this connection again once its storage is no longer necessary, unless there are legal retention obligations or limitation periods have to be observed.
When processing the data that accrues in the course of communication, we have a legitimate interest in processing the data in accordance with the legal requirements, for internal verification or in accordance with the respective communication request In order to combat terrorism, we are obliged by law to carry out a comparison with sanctions lists. Therefore, we also process your data in order to meet legal requirements for carrying out comparisons with these lists. Furthermore, we process your data within the Déesse companies for the prevention and investigation of criminal offences and other misconduct, assessment and management of risks, for internal communication and for appropriate administrative purposes. You may object to this processing in accordance with the above-mentioned specifications. In the case of consumer enquiries processed via our internal consumer management tool, the personal data is usually deleted after one year. By way of derogation, the data will be retained for a longer period of time if the data is required for the assertion, exercise or defence of legal claims.
We pass on the collected data for processing to the respective internal agencies as well as to other companies affiliated to the Déesse companies or to external service providers, order processors (e.g. hosting, call centre service providers) according to the necessary purposes (for contacting, business-related communication and customer care). Platform/hosting service providers have access to personal data from a third country (countries outside the European Economic Area).
Standard contractual clauses have been concluded with these service providers as appropriate guarantees in accordance with Art. 46 GDPR or the service providers are alternatively or additionally certified in accordance with the EU-US Privacy Shield. More information can be found here: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu_de
The legal basis is Art. 6 (1) b, c, f GDPR.
4.1.1. LIVE CHAT SYSTEM
On this website for the purpose of operating a live chat system to answer live requests (e.g. regarding our products etc.) the chat name and chat content you have communicated are collected and stored for the duration of the chat. The chat and your specified chat name will only be stored in what is known as the RAM (Random Access Memory) and will be deleted immediately as soon as we or you have ended the chat conversation, but no later than 2 hours after the last message in the chat history. Cookies are used for the operation of the chat function (see para. II. 2.).
The live chat system is operated by the third-party providers:
• Whats App for Business Chat
• Facebook Live Chat
Further information about the above-mentioned third-party providers and the data processing carried out by them can be found at:
WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland
https://www.whatsapp.com/legal/?eea=1#privacy-policy
Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA; http://www.facebook.com/policy.php, http://www.facebook.com/help/186325668085084, http://www.facebook.com/about/privacy/your-info-on-other#applications as well as http://www.facebook.com/about/privacy/your-info#everyoneinfo.
Facebook has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
4.2. NEWSLETTER
The newsletter contains news, offers and further information about the respective chosen Déesse products. By registering for the newsletter, you will receive, in accordance with the specific agreements you have given in each case, personalised information about the products, if applicable services, or suggestions for participating in promotions, such as sweepstakes or product tests via e-mail or an advertisement on our own or third-party channels (e.g. via social media). By registering for the newsletter, you will receive a newsletter tailored to you (provided that the newsletter is "personalised", "individualised" or "personally tailored"). For this purpose, we evaluate your buying and click behaviour on our websites or within the newsletter in order to compile the information that is relevant to you. The newsletter is usually sent once a month ("regular"). In individual cases (e.g. special promotions), weekly mailings may also take place. We also use remarketing measures to show you the relevant online advertising. The data is forwarded to our customer management platform, to which service providers may also have access in order to support and implement the newsletter. The platform service provider has access to personal data from a third country (countries outside the EU and the European Economic Area). Standard contractual clauses have been concluded with these service providers as appropriate guarantees in accordance with Art. 46 GDPR or the service providers are alternatively or additionally certified in accordance with the EU-US Privacy Shield. Further information can be found here: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu_de.
This collected data is automatically deleted after 24 months if you are no longer responding to the newsletter, e.g. opening it (inactivity). If you no longer wish to receive the newsletter, you can object to receiving it at any time and unsubscribe accordingly. To do so, click on the link contained in each newsletter, you will then be guided through the unsubscribe process, or send us your revocation by e-mail.
Legal basis: Art. 6 (1) a GDPR
The newsletter is sent via "MailChimp", a newsletter sending platform from the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA. The e-mail addresses of our newsletter recipients, as well as their other data described in the context of this notice, are stored on the MailChimp servers in the USA. MailChimp uses this information to send and evaluate the newsletters on our behalf. Furthermore, according to its own information, MailChimp may use this data to optimise or improve its own services, e.g. for the technical optimisation of the dispatch and presentation of the newsletters or for economic purposes, in order to determine from which countries the recipients come. However, MailChimp does not use the data of our newsletter recipients to write to them personally or pass them on to third parties.
The privacy policy of MailChimp can be found here: https://mailchimp.com/legal/privacy
Statistical survey and analyses.
The newsletters contain what is known as a "web-beacon", i.e. a pixel-sized file, which is retrieved from the MailChimp server when the newsletter is opened. As part of this retrieval, technical information, such as information about the browser and your system, as well as your IP address and the time of retrieval are collected first. This information is used to improve the services technically on the basis of the technical data or the target groups and their reading behaviour based on their retrieval locations (which can be determined using the IP address) or the access times.
Statistical surveys also include determining whether the newsletters are opened, when they are opened and which links are clicked. For technical reasons, this information can be assigned to the individual newsletter recipients. However, it is neither our intention, nor MailChimp’s, to observe individual users. We use the evaluations much more to recognise the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.
4.3. PROMOTIONS (E.G. SWEEPSTAKES, SURVEYS, PRODUCT TESTS)
If you participate in sweepstakes, surveys or similar promotions offered by us, we will use the personal data you have specified to carry out the promotion. Further information on the purposes can be found in the respective terms and conditions of participation of the promotion. We pass on the collected data for processing to the respective internal agencies as well as to other affiliated companies within the Déesse companies or to external service providers, order processors (e.g. hosting, dispatch, settlement service providers) according to the necessary purposes (to carry out the promotion). Platform/hosting service providers have access to personal data from a third country (countries outside the EU or European Economic Area). Standard contractual clauses have been concluded with these service providers as appropriate guarantees in accordance with Art. 46 GDPR or the service providers are alternatively or additionally certified in accordance with the EU-US Privacy Shield. More information can be found here: https://ec.europa.eu/info/law/law-topic/dataprotection/ data-transfers-outside-eu_de.
The data you have provided will be deleted after the promotion has been finally wound up (see terms and conditions of participation), unless this is precluded by statutory retention obligations or a statute of limitations. In order for a contract to be concluded, you must provide your personal data. You are not obligated to provide your personal data. If you do not provide your data, the promotion cannot be carried out.
Further information may be provided in the respective terms and conditions of participation.
Legal basis: Art. 6 (1) b GDPR
4.4. OBJECTION OR REVOCATION
If you have given your consent to the processing of your data, you can revoke it at any time. Once you have pronounced it to us, such revocation affects the admissibility of the processing of your personal data.
Insofar as we base the processing of your personal data on the balancing of interests, you can lodge an objection to the processing. This is the case in particular if the processing is not necessary for the fulfilment of a contract concluded with you, which is presented by us in each case in the description of the functions and offers. In exercising such an objection, we would ask you to explain the reasons why we should not process your personal data as we do. If your objection is justified, we will examine the situation and will either discontinue or adapt the data processing or demonstrate our compelling reasons for continuing the processing to you.
Of course, you can object to the processing of your personal data for the purposes of advertising and data analysis at any time. If you object to the processing of your personal data for the purposes of advertising, you can inform us using the contact details listed for the Controller.
Déesse AG, Déesse International GmbH