Privacy Policy for the Website https://www.functional-cosmetics.com
1. Scope
The protection of personal data is very important to us. With the following notes on data protection, we want to bring you closer to what personal data we process for what purposes while you use our Internet service.
The following information applies to all contents of the website Functional Cosmetics (https://en.functional-cosmetics.com/) (hereinafter "Offer").
The legal basis for data protection can be found in the EU General Data Protection Regulation (GDPR) and national implementing regulations (for example in Germany in the Federal Data Protection Act).
2. Definitions
a) Personal data
"Personal Data" means any information relating to an identified or identifiable natural person; a natural person is considered as identifiable, which can be identified directly or indirectly, in particular by means of assignment to an identifier such as a name, to an identification number, to location data, to an online identifier (eg cookie) or to one or more special features, that express the physical, physiological, genetic, mental, economic, cultural or social identity of this natural person.
b) Processing
"Processing" means any process performed, with or without the aid of automated procedures, or any such series relating to Personal Data such as the collection, collection, organization, ordering, storage, adaptation or modification, read-out, retrieval, processing Use, disclosure by transmission, dissemination or other form of provision, matching or linking, restriction, erasure or destruction.
3. Types of Personal Data
Access Data
Access data is data about every access to the server on which our website is located. The access data includes name of the retrieved web page, file, date and time of retrieval, amount of data transferred, message about successful retrieval, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider.
Cookies
Cookies are small files that allow device-specific information to be stored on the access device.
Input Data
If you register with us as a customer, order goods from us, fill out the contact form on our website, register for our newsletter or a raffle, we process the personal data that you enter in the respective form (eg last name, first name, e-mail). E-mail address, address, account and credit card information).
Purchase Information
This is data on the purchases made by you (item, purchase price, date of purchase, customer number).
4. Purposes of Processing
Access Data
For security reasons, we collect the access data for the operation of our website, for the fraud and abuse control as well as for the statistical recording of the website usage and optimization of our website. The legal basis for the processing is Art. 6 para. 1 sentence 1 f DSGVO. For processing of the IP address by third parties, see paragraph 6.
Cookies
Cookies are used for the user-friendliness of websites and thus for the users (eg storage of login data). On the other hand, they can be used to collect the statistical data of website use and to analyze them in order to improve our offers.
The legal basis for the use of cookies is article 6 (1) (f) GDPR. Our legitimate interest in collecting data stems from the fact that we require the use of cookies for the purpose of direct mail, the user-friendliness of our website and the optimization of our offers.
Input Data
If you enter personal data via the forms on our website and submit us by submitting, the purpose of the data processing depends on the respective form. If you register as a customer and order goods, we use your personal data for the administration of your account and the contract and payment processing (article 6 paragraph 1 sentence 1 b GDPR) and, if necessary, for credit checks (article 6 paragraph 1 sentence 1 b and f GDPR). If you use our contact form, we will use your personal data to process your request (article 6 paragraph 1 sentence 1 a, f GDPR). Regarding the registration for our newsletter, we refer to paragraph 8 of this privacy policy.
Our legitimate interest in collecting data within the meaning of article 6 paragraph 1 f GDPR results from the fact that we can not process your request (registration, order, contact, participation in a raffle, newsletter) without your data.
Purchase Information
The purchase data we use for the contract and payment processing (article 6 paragraph 1 sentence 1 b GDPR) and for statistical purposes (article 6 paragraph 1 sentence 1 f GDPR).
5. Data transfer to Switzerland
The personal data processed by us are transmitted to our headquarters in Switzerland (Functional Cosmetics Company AG, St. Jakob-Str. 84, CH-4132 Muttenz). The European Commission has decided that Switzerland has an adequate level of data protection (Commission Decision 2000/518 / EC of 26 July 2000 pursuant to Directive 95/46 / EC of the European Parliament and of the Council on the adequacy of the protection of personal data in the European Union) Switzerland, OJ L 215, from 25.08.2000. S 1.
6. Data Processing by Third Parties
Hosting
Our website is operated on the servers of the hosting provider. The latter processes the personal data mentioned under 3. on our behalf for the operation and optimization of our website. The legal basis for this is article 6 paragraph 1 sentence 1 f GDPR.
Social Media Plug-Ins, Website Analysis
We integrate various third-party services and content on our website. The integration may result in the processing of your IP address and the setting of cookies. In addition, it may be that the integration of the content of third parties, a data transfer takes place in countries outside the EU. For more information, see section 7.
The legal basis for processing the IP address is article 6 (1) sentence 1 f GDPR. Our legitimate interest in data processing stems from our use of third party services for the purpose of direct marketing, the ease of use of our website and the optimization of our offers.
stripe
We offer the option of processing the payment transaction via the payment service provider Stripe, ℅ Legal Process, 510, Townsend St., San Francisco, CA 94103 (Stripe). This corresponds to our legitimate interest in offering an efficient and secure payment method (Art. 6 Para. 1 lit. f GDPR). In this context, we pass on the following data to Stripe insofar as this is necessary for the fulfillment of the contract (Article 6 (1) (b) GDPR).
Name of Cardholder, E-mail address, customer number, Order number, Bank details, credit card details, Validity period of the credit card, Credit Card Verification Number (CVC), Date and time of the transaction, transaction total, Vendor name, location
The processing of the data specified under this section is not required by law or contract. Without the transmission of your personal data, we cannot make a payment via Stripe. [You have the option to choose another payment method.]
Stripe takes on a dual role as controller and processor in data processing activities. As the controller, Stripe uses your transmitted data to fulfill regulatory obligations. This corresponds to Stripe's legitimate interest (according to Art. 6 Para. 1 lit. f GDPR) and serves to execute the contract (according to Art. 6 Para. 1 lit. b GDPR). We have no influence on this process.
Stripe acts as a processor in order to be able to complete transactions within the payment networks. As part of the order processing relationship, Stripe acts exclusively according to our instructions and has been contractually obliged to comply with data protection regulations within the meaning of Art. 28 DSGVO.
Stripe has implemented compliance measures for international data transfers. These apply to all worldwide activities in which Stripe processes personal data of natural persons in the EU. These measures are based on the EU Standard Contractual Clauses (SCCs).
You can find more information on how to object to and remove Stripe from: https://stripe.com/privacy-center/legal
Your data will be stored by us until the payment has been processed. This includes the time it takes to process refunds, claims management and fraud prevention.
Shipping Company
If we deliver goods to you, we pass on your personal data (first and last name, address) to the commissioned shipping company, as far as they are needed for delivery. If you have consented to this within the scope of the order, we will also forward your e-mail address to the shipping service provider so that they can inform you about the order status.
7. Social Media Plug-Ins, Website Analysis
Facebook and Google+
On our website so-called social plugins ("plugins") of the social networks Facebook and Google+ are used. These services are offered by the companies Facebook Inc. and Google Inc. ("Provider"). Facebook is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA ("Facebook"). Google+ is operated by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA ("Google").
If you visit a page of our website that contains such a plugin, your browser connects directly to the servers of Google or Facebook. The content of the plugin is transmitted by the respective provider directly to your browser and integrated into the page. By integrating the plugins, the providers receive the information that your browser has accessed the corresponding page of our website, even if you do not have a profile with the corresponding social network or are currently not logged in. This information (including your IP address) is transmitted by your browser directly to a server of the respective provider in the USA and stored there.
If you are logged in to one of the social networks, the providers can directly assign the visit to our website to your profile on Facebook or Google+. If you interact with the plugins, for example by clicking the "Like" button or the "+1" button, the corresponding information is also transmitted directly to a server of the provider and stored there. The information will also be posted on the social network and displayed there to your contacts.
Purpose and extent of the data collection and the further processing and use of the data by the provider as well as your related rights and setting options for protecting your privacy, please refer to the privacy policy of the provider:
Privacy Policy of Facebook:http://www.facebook.com/policy.php
Google Privacy Policy:https://policies.google.com/privacy?hl=en-US
Facebook and Google have committed to comply with the US Department of Commerce's Privacy Shield Agreement between the EU and the US on the collection, use and storage of personal information from EU Member States. Further information can be found here:
Facebook:https://m.facebook.com/about/privacyshield
Google:https://support.google.com/analytics/answer/7105316?hl=en
If you do not want Google or Facebook to directly associate the data collected via our website with your profile in the respective social network, you must log out of the relevant network before visiting our website. You can completely prevent the plugins from being loaded even with add-ons for your browser. With the script blocker "NoScript" (http://noscript.net/).
Google Analytics
This website uses Google Analytics, a web analytics service provided by Google Inc. ("Google"). Google Analytics uses so-called "cookies", text files that are stored on your computer and that allow an analysis of the use of the website by you. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. However, if IP anonymisation is activated on this website, your IP address will be shortened by Google beforehand within member states of the European Union or other parties to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the US and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator. The IP address provided by Google Analytics as part of Google Analytics will not be merged with other Google data. You can prevent the storage of cookies by a corresponding setting of your browser software; however, please note that if you do this, you may not be able to use all the features of this website to the fullest extent possible. In addition, you may prevent the collection by Google of the data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google by downloading the browser plug-in available under the following link and install:http://tools.google.com/dlpage/gaoptout
Please note that on this website Google Analytics uses the code "gat anonymizeIp ();" was extended to ensure the anonymous collection of IP addresses (so-called IP masking).
For more information about Terms of Use and Privacy, please visithttps://support.google.com/analytics/answer/6004245?hl=en.
Google Maps
On this website we use the offer of Google Maps. This allows us to show you interactive maps directly in the website and allow you to conveniently use the map feature. By visiting the website, Google receives the information that you have accessed the corresponding subpage of our website. In addition, the address data entered in the form will be transmitted. This is done regardless of whether Google provides a user account that you are logged in to, or if there is no user account. When you're logged in to Google, your data will be assigned directly to your account. If you do not wish to be associated with your profile on Google, you must log out before activating the button. Google stores your data as usage profiles and uses them for purposes of advertising, market research and / or tailor-made website design. Such an evaluation is done in particular (even for users who are not logged in) to provide appropriate advertising and to inform other users of the social network about their activities on our website. You have a right of objection to the formation of these user profiles, and you must comply with this to Google.
For more information on the purpose and scope of the data collection and its processing by the plug-in provider, please refer to the provider's privacy policy. There you will also find further information about your rights and settings options for the protection of your privacy:
http://www.google.de/intl/de/policies/privacy.
Amazon Affiliate Program
We are a participant in the Amazon EU Affiliate Program, which has been designed to provide a medium for websites that earn advertising fees by placing advertisements and links to Amazon.com (the Affiliate System). Amazon uses cookies to track the origin of orders. Among other things, Amazon may recognize that you have clicked the affiliate link on this site and subsequently purchased a product from Amazon.
For more information about Amazon's data usage and opt-out options, please read the company's privacy policy:
http://www.amazon.de/gp/help/customer/display.html/ref=footer_privacy?ie=UTF8&nodeId=3312401.n
YouTube
We have included YouTube videos in our online offering, which are stored on http://www.YouTube.com and are directly playable from our website. These are all incorporated in the "extended privacy mode", i. that you do not transfer data about you as a user to YouTube if you are not playing the videos. By visiting the website, YouTube receives the information that you have accessed the corresponding sub-page of our website. Also, submit the IP address of your access device to YouTube. This happens regardless of whether YouTube provides a user account that you are logged in to, or if there is no user account. When you're logged in to Google, your data will be assigned directly to your account. If you do not wish to associate with your profile on YouTube, you must log out before activating the button. YouTube stores your data as usage profiles and uses them for purposes of advertising, market research and / or custom design of its website. Such an evaluation is done in particular (even for users who are not logged in) to provide appropriate advertising and to inform other users of the social network about their activities on our website. You have a right to object to the formation of these User Profiles, and you must comply with YouTube, LLC to exercise them.
For more information on the purpose and scope of your data collection and processing through YouTube, please read the privacy policy. There you will also get further information about your rights and settings options for the protection of your privacy:
https://www.google.de/intl/de/policies/privacy.
Trusted Shops Trust Badge
To display our valuations collected with Trusted Shops, the Trusted Shops Trust Badge is included on this website.
This serves to safeguard our legitimate interests, which predominate in the context of a weighing up of interests, in the optimal marketing of our offer. The Trustbadge and the services advertised are an offer of Trusted Shops AG, Subbelrather Str. 15C, 50823 Cologne.
When the Trustbadge is called, the Web server automatically stores a so-called server log file, which can be used, for example. Your IP address, date and time of the retrieval, transferred amount of data and the requesting provider (access data) contains and documented the call. These access data will not be evaluated and automatically overwritten within seven days after the end of your page visit.
Further personal data are only transferred to Trusted Shops, as far as you decide after the conclusion of an order for the use of Trusted Shops products or have already registered for the use. In this case, the contractual agreement between you and Trusted Shops applies.
Evaluation reminder by Trusted Shops
If you have given us your explicit consent during or after your order, we will forward your e-mail address to Trusted Shops AG, Subbelrather Str. 15c, 50823 Cologne (www.trustedshops.de), so that they can give you a reminder of your valuation per E-mail sent. This consent can be withdrawn at any time by sending a message to the contact option described below or directly to Trusted Shops.
8. Advertising, Newsletter
If you agree, we will inform you at regular intervals about our product and service offers, coupon and coupon deals (hereinafter "information").
You can register via our website for our newsletter. In addition, there is the possibility to give your consent in the context of lotteries and coupons / coupons. If you want to receive information, we need at least a valid e-mail address from you. The name and surname are optional. Your e-mail address will not be forwarded.
The registration for our newsletter takes place in a so-called double opt-in procedure. That After registration, you will receive an e-mail asking you to confirm your registration. This confirmation is necessary so that nobody can register with external e-mail addresses. The registration for the newsletter will be logged in order to prove the registration process according to the legal requirements. This includes the storage of the login and the confirmation time, as well as the IP address.
You can revoke your consent to the storage of the data, the e-mail address and their use for sending the information at any time. The revocation can take place via a link in the newsletters or the advertising emails sent to you or by us via the contact details provided in the imprint of our website.
The dispatch of the newsletter takes place on the basis of a consent acc. article 6 paragraph 1 sentence 1 a GDPR. The logging of the registration process is based on our legitimate interests in accordance with. article 6 paragraph 1 sentence 1 f GDPR. Our interest lies in the use of a user-friendly and secure newsletter system, which serves both our business interests and the expectations of the users and also allows us to prove our consent.
You may give us the following consent, which we reproduce here only for your information:
"I confirm that I am 16 years old and I agree that the Functional Cosmetics Company AG, St. Jakob-Str. 84, CH-4132 Muttenz uses my e-mail address given to me periodically for product and service offers To inform coupons and coupons as well as competitions. I can revoke my consent at any time to the Functional Cosmetics Company AG, St. Jakob-Str. 84, CH-4132 Muttenz via unsubscribe link in the newsletter, by e-mail to contact@functional-cosmetics.com or by post. The revocation does not change the lawfulness of the processing up to the revocation changes."
Newsletter - Success Measurement
The newsletters contain a so-called "web-beacon", i. a pixel-sized file that is retrieved from the server when opening the newsletter from our server, or if we use a shipping service provider. This call will initially collect technical information, such as information about the browser and your system, as well as your IP address and time of retrieval.
This information is used to improve the technical performance of services based on their specifications or audience and their reading habits, based on their locations (which can be determined using the IP address) or access times. Statistical surveys also include determining if the newsletters will be opened, when they will be opened and which links will be clicked. For technical reasons, this information can be assigned to the individual newsletter recipients. However, it is neither our intention nor, if used, that of the shipping service provider to observe individual users. The evaluations serve us much more to recognize the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users. The legal basis for measuring success is article 6 (1) sentence 1 f GDPR.
9. Voluntary Data Provision
The provision of personal data when visiting our website is neither required by law nor by contract nor required for a contract. You are also not obliged to provide the personal data when visiting our website, however, the collection of access data when visiting our website automatically. If you order goods, register with us as a customer or fill in the contact form, the data marked in bold is obligatory for the dispatch of the respective forms.
10. Duration of Processing
Access Data, Cookies
The access data are stored for security reasons (for example, to investigate abusive or fraudulent activities) for a maximum of 7 days and then deleted. Data whose further retention is required for evidential purposes shall be exempted from the cancellation until final clarification of the incident.
If third-party IP addresses and cookies are used to process transaction data, we have no influence on the duration of the processing. Please refer to section 7 for links to third-party privacy policies. There you can find out about the duration of the processing.
Contract Data (Input Data, Purchase Data)
We store personal data that we process for contract purposes within the framework of tax and commercial law or other legal retention periods (the retention periods are between 2-10 years). If we transfer your personal data to third parties for the purposes of contract execution and payment (clause 6), we have no influence on the duration of processing at these companies. Please contact directly these companies, we will gladly inform you about the contact details.
Newsletter
If you unsubscribe from our newsletter, we will no longer send you any newsletters; for this purpose you will be entered in a so-called blacklist. However, we will continue to process your first and last name and your e-mail address in order to prove that you have once registered for our newsletter.
Sweepstakes
The data collected in the context of a raffle will be deleted as soon as the raffle has been fully processed, unless there are statutory storage obligations that justify the continued storage of the data. These may be, for example, tax regulations in connection with the profits. At the latest after elimination of any retention periods, the data will be deleted, unless you have given consent, e.g. Use your e-mail address for newsletter shipping.
Other Input Data
The other data entered via the web forms will be stored for as long as we require to process your request, provided that these data are not subject to tax, commercial or other statutory retention periods (the retention periods are between 2-10 years).
11. Affected Rights
Revocation
In case of granted consent, you have the right to revoke this. We point out that a revocation does not affect the legality of the processing granted until the revocation (no retroactive effect of the revocation).
Opposition
You have the right to object at any time to the personal data processed on the basis of article 6 (1) sentence 1 f GDPR, provided that there are grounds for the opposition that arise from your particular situation and unless there are compelling reasons worthy of protection, to collect the data further. Insofar as we process personal data from you in order to operate direct mail, you have the right to object to the processing of personal data for the purpose of such advertising at any time without any reason (article 21 GDPR).
Other Data Subjects
You have the right to obtain information free of charge from the GDPR on request about personal data concerning you (article 15 GDPR).
Furthermore, in accordance with the GDPR, you are entitled to a correction (article 16 GDPR), a cancellation (article 17 GDPR), Restriction (article 18 GDPR) and transfer (article 20 GDPR) of your personal data.
You also have the right to complain to the Data Protection Inspectorate responsible for us in justified cases (article 77 GDPR).
With regard to the automated individual decision (credit check), you also have the right to intervene on the part of the person responsible, to explain your own position and to challenge the decision, pursuant to article 22 paragraph 3 GDPR.
You also have the right to complain to the Data Protection Inspectorate responsible for us in justified cases (article 77 GDPR).
With regard to the automated individual decision (credit check), you also have the right to intervene on the part of the person responsible, to explain your own position and to challenge the decision, pursuant to article 22 paragraph 3 GDPR.
You can assert your rights under the GDPR by e-mail or in writing. The contact details of the provider and the person responsible for the EU can be found below.
12. Contact details
Provider as responsible body:
Functional Cosmetics Company AG
St. Jakob-Str. 84
CH-4132 Muttenz
Phone: +41 61 262 10 00
Fax: +41 61 303 80 09
E-Mail: contact@functional-cosmetics.com
Internet: https://en.functional-cosmetics.com/
Representatives in the EU according to GDPR:
Functional Cosmetics Company AG
Schwarzwaldstr. 31
D-79539 Lörrach
Tel. D: +49 7621 1579 811 (D Landline, tariff depending on the provider)
Fax D: +49 7621 1579 812
E-Mail: contact@functional-cosmetics.com
Responsible: Stefan Menzi
Representative: Brice Ulich
Data Protection Inspectorate:
The State Commissioner for Data Protection Baden-Württemberg
PO Box 10 29 32, 70025 Stuttgart
Urbanstr. 32, 70182 Stuttgart
Telephone: +49 711 615541 - 0
Fax: +49 711 615541 - 15
E-Mail: poststelle@lfd.bwl.de
As of February 2023