Declaration of data protection
Last edited: 17.09.2018
On 25 May 2018, the most important European data protection law comes into force. The General Data Protection Regulation (GDPR) replaces the EU Data Protection Directive of 1995. In particular, the Basic Data Protection Regulation strengthens the rights of individuals with regard to personal data and at the same time seeks to harmonise data protection laws throughout Europe, regardless of where these data are processed.
Thank you for your interest in the Miss Lashes & Miss Brows Online Shop. The protection of your personal data is very important to us. At this point we would therefore like to inform you about data protection in our company. Of course we observe the legal regulations of the Data Protection Act (BDSG), the Telemedia Act (TMG) and other data protection regulations.
You can trust us with your personal data! They are encrypted by digital security systems and transmitted to us. Our websites are protected by technical measures against damage, destruction or unauthorized access.
We use the data provided by you to fulfil and process your order. In order to fulfil the contract, we pass on your data to the shipping company commissioned with the delivery, insofar as this is necessary for the delivery of ordered goods. Depending on which payment service provider you select in the ordering process, we pass on the payment data collected for this purpose to the bank commissioned with the payment and, if applicable, to the payment service provider commissioned by us or to the selected payment service in order to process payments. In some cases, the selected payment service providers also collect this data themselves if you create an account there. In this case, you must register with the payment service provider using your access data during the ordering process. In this respect, the data protection declaration of the respective payment service provider applies.
Subject of data protection
The subject of data protection is personal data. According to § 3 Para. 1 BDSG, these are individual details about the personal or factual circumstances of a specific or identifiable natural person. This includes, for example, information such as name, postal address, e-mail address or telephone number, but may also include usage data such as your IP address.
General data protection notice
(1) If you call up our online shop or download data from these websites, information about this is stored and processed by us in a log file. This process is anonymous. Conclusions about your person are not possible.
(2) Stored: Your IP address, the date and time of the website call, the page called up or the name of the file called up, the amount of data transferred and the message whether the access/retrieval was successful.
(3) These data are not used for commercial purposes. The evaluation serves only the statistical preparation and improvement of our Internet offer. For this purpose, we will create user profiles using a pseudonym. A connection between the person behind the pseudonym and the collected usage data will not be established. After this use, your data will be deleted. Permanent storage is excluded. You can object to this data collection, storage and processing at any time.
(4) Your data will be used exclusively by us. Your data will not be passed on to third parties. (If applicable: The processing for the analysis of the user behavior takes place in place, state, a state outside of the scope of application of the directive 95/46/EC by the ... (Example company Google Analytics). You can object to the use and processing by using the deactivation add-on (http://tools.google.com/dlpage/gaoptout?hl=en).
(5) We also use so-called cookies for data collection and storage. Cookies are small data packages that your browser stores in your end device at our request. They do not cause any damage there. They do not contain viruses and do not allow us to spy on you. Two types of cookies are used for this purpose. Temporary cookies are automatically deleted when you close your browser (session cookies). In contrast, permanent cookies have a maximum lifetime of up to ... (period). This type of cookie enables them to be recognised again when you leave the website. With the help of cookies it is possible for us to trace your usage behaviour for the above-mentioned purposes and to the corresponding extent. They should also enable you to surf our website in an optimised manner. We also collect this data only in anonymised or pseudonymised form. You are able to adjust your Internet browser settings, so that our cookies cannot be stored on your end device or cookies that have already been stored will be deleted.
Scope of data collection and storage
In general, it is not necessary for you to provide personal data in order to use our website. However, in order for us to be able to actually provide our services, we may need your personal data. This applies both to the sending of information material or goods ordered as well as to the answering of individual enquiries.
If you commission us to provide a service or to send you goods, we only collect and store your personal data insofar as it is necessary for the provision of the service or the execution of the contract. For this purpose, it may be necessary to pass on your personal data to companies that we use to provide the service or to process the contract. These are, for example, transport companies or other service providers. If we carry out any of the actions described below or otherwise or provide services, we would like to collect and store your personal data and will ask for your explicit consent at the appropriate point on our website:
Sending of newsletters
- lottery participations
- Creditworthiness or age assessment to enable us to provide our services, or
- payment methods
- Personalization of our website
- further services and offers, for whose data collection your explicit consent is required.
Your data will be blocked after complete contract processing and deleted after expiry of the tax and commercial law regulations, unless you have expressly agreed to a further use of data.
If you have registered for our newsletter with your e-mail address, we will also use your e-mail address for our own advertising purposes beyond the execution of the contract until you unsubscribe from the newsletter.
Usage and Log Information. We collect information about your activities on our website and all the services we offer. This includes service-specific information and information for diagnostic and performance purposes. In addition, information about your activities is stored, such as how you use our services, your preferences for each service, how you interact with others using our services, and the time, frequency, and duration of your activities and interactions. In addition, log files as well as diagnostic, crash, website and performance logs and reports are stored.Our legitimate interest in data processing pursuant to Art. 6 Para. 1 lit. f DSGVO lies in these purposes.
Parties or Service
- Address & Jurisdiction: 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
- Purpose: Analysis of the user behavior on the website in order to
- develop new products and services
- Optimize existing products or services
- Find and fix error messages on the blog
- Measure and plan marketing campaigns
- Disclosed data
- Anonymous ID generated by first party cookies
- Address & Jurisdiction: Facebook Inc.,1 Hacker Way, Menlo Park, California, US
- Analysis of user behavior to better understand the user and offer better content
- Custom Audiences are used for advertising campaigns and personalized advertising
If you send us enquiries via the contact form, your details from the enquiry form including the contact data you provided there will be stored by us for the purpose of processing the enquiry and in the event of follow-up questions. These data will not be passed on without your consent.
If you would like to receive the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. Further data will not be collected. We use these data exclusively for the dispatch of the requested information and do not pass them on to third parties. You can revoke your consent to the storage of data, e-mail address and their use for sending the newsletter at any time, for example via the "Unsubscribe" link in the newsletter.
Your data is recorded using the double opt-in procedure, in which the recipient confirms registration by clicking on a link. The newsletter is used for certain occasions such as trade fairs, new products and general news. On average, a newsletter is sent every 2 weeks.
Collection and storage of usage data
Credit assessment and scoring
If we make an advance payment, e.g. in the case of a purchase on account, we may obtain credit information from [insert: name and address of credit agency] on the basis of mathematical-statistical procedures in order to safeguard our legitimate interests. For this purpose, we transmit the personal data required for a credit assessment to the [insert: name of credit agency] and use the information received on the statistical probability of a payment default for a balanced decision on the establishment, execution or termination of the contractual relationship.
The credit report may contain probability values (score values) which are calculated on the basis of scientifically recognised mathematical-statistical procedures and in the calculation of which address data, among other things, are included. Their interests worthy of protection shall be taken into account in accordance with the statutory provisions“.
Use of data for specific purposes
We observe the principle of earmarked data use and collect, process and store your personal data only for the purposes for which you have communicated them to us. Your personal data will not be passed on to third parties without your express consent, unless this is necessary for the provision of the service or the execution of the contract. The transmission to government institutions and authorities entitled to receive information is also only carried out within the scope of the legal obligations to provide information or if we are obliged to provide information by a court decision.
We use the data provided by you for the fulfilment and processing of your order.
In order to fulfil the contract, we pass on your data to the shipping company commissioned with the delivery, insofar as this is necessary for the delivery of ordered goods.
Depending on which payment service provider you select in the ordering process, we will pass on the payment data collected for this purpose to the credit institution and payment service provider commissioned by us or to the selected payment service in order to process payments. In some cases, the selected payment service providers also collect this data themselves if you create an account there. In this case, you must register with the payment service provider using your access data during the ordering process. In this respect, the data protection declaration of the respective payment service provider applies.
We also take internal company data protection very seriously. Our employees and the service companies commissioned by us have been obliged by us to secrecy and to comply with the data protection regulations.
Right of information and revocation
You will receive information about your data stored by us free of charge at any time without giving reasons. You can block, correct or delete your data collected by us at any time. You can also revoke the consent given to us to collect and use your data at any time without giving reasons. For this purpose, please contact the contact address given in the imprint. We will be happy to answer any further questions you may have regarding our information on data protection and the processing of your personal data at any time.
Please note that data protection regulations and data protection practices, e.g. at Google, can change continuously. It is therefore advisable and necessary to keep up to date with changes in statutory provisions and the practice of companies, e.g. Google.