§ 1 INFORMATION ON COLLECTION OF PERSONAL DATA
(1) Below, we provide information on the collection of personal data during use of our website. Personal data is all data that can be related to you personally, such as name, address, email addresses, and user behavior.
(2) The responsible party under Art. 4 Para. 7 of the EU General Data Protection Regulation (GDPR) is [haircare.group GmbH, represented by its managing director Timo Allert] (see our publication information). [You can reach our data protection officer at [gustke@gfp24.de] or at our postal address to the attention of the “data protection officer”.]
(3) When you contact us by email or through a contact form, we will store the data you provide (your email address, and if applicable your name and telephone number) in order to answer your questions. We delete the data arising in this context after storage is no longer necessary or restrict processing if there are statutory retention requirements.
(4) If we use contracted service providers for individual functions of our website or would like to use your data for advertising purposes, we will inform you in detail of the respective processes below. We also indicate the defined storage period criteria.
§ 2 YOUR RIGHTS
(1) You have the following rights toward us regarding personal data related to you:
– The right to information
– The right to correction or deletion
– The right to limit processing
– The right to object to processing
– The right to data portability
(2) You also have the right to complain to a data protection supervisory authority about our processing of your personal data.
§ 3 COLLECTON OF PERSONAL DATA DURING VISITS TO OUR WEBSITE
(1) If you use the website solely for informational purposes, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server. If you would like to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure stability and security (the legal basis is Art. 6 Para. 1 Sentence 1 Letter f GDPR):
– IP address
– Date and time of request
– Time difference from Greenwich Mean Time (GMT)
– Content of request (specific page)
– Access status / HTTP status code
– Quantity of data transferred
– Website from which the request comes
– Browser
– Operating system and its interface
– Language and version of browser software
(2) In addition to the aforementioned data, when you use our website, cookies are stored on your computer. Cookies are small text files that are stored on your hard drive and associated with the browser you are using and through which certain information flows to the place that sets the cookie (in this case, to us). Cookies cannot execute any programs or transfer viruses to your computer. They are only for making the website generally more user-friendly and effective.
(3) Use of cookies:
a) This website uses the following types of cookies, whose scope and function are explained below:
– Transient cookies (see b)
– Persistent cookies (see c)
b) Transient cookies are automatically deleted when you close the browser. These particularly include session cookies. These store a “session ID” with which various requests from your browser can be associated with the shared session. This allows your computer to be recognized again if you return to our website. Session cookies are deleted when you log out or close the browser.
c) Persistent cookies are automatically deleted after a specified time period, which can differ depending on the cookie. You can delete cookies at any time in your browser’s security settings.
d) If you wish, you can configure your browser settings to refuse third-party cookies or all cookies, for example. Please note that doing so may prevent you from being able to use all functions of this website.
e) We set cookies to identify you on later visits if you have an account with us. Otherwise, you would have to log in each time you visit.
f) Flash cookies used are not recorded by your browser, but by your Flash plug-in. We also use HTML5 storage objects, which are stored on your device. These objects store the necessary data regardless of the browser you use and have no automatic expiration date. If you do not want Flash cookies to be processed, you must install a corresponding add-on, such as “Better Privacy” for Mozilla Firefox (https://addons.mozilla.org/de/firefox/addon/betterprivacy/) or the Adobe Flash Killer cookie for Google Chrome. You can prevent use of HTML5 storage objects by using your browser in private mode. We also recommend manually deleting your cookies and browser history regularly.
§ 4 NEWSLETTER
(1) With your consent, you can subscribe to our newsletter, which will inform you of current offerings of interest. The advertised goods and services are named in the declaration of consent.
(2) To register for our newsletter, we use the “double opt-in” process. This means that after you register, we will send an email to the address you have provided, in which we ask you to confirm that you want to receive the newsletter. If you do not confirm your registration within [24 hours], your information will be locked and then deleted after one month. Additionally, we save the IP addresses you use and the time of registration and confirmation. The purpose of this process is to verify your registration and, if necessary, to be able to clarify misuse of your personal data.
(3) The only mandatory information for sending the newsletter is your email address. Providing further, separately marked data is voluntary and is used to address you personally. After your confirmation, we store your email address for the purpose of sending the newsletter. The legal basis is Art. 6 Para. 1 Sentence 1 Letter a GDPR.
(4) You can revoke your permission to send the newsletter at any time, and unsubscribe to the newsletter. You can declare revocation by clicking on the link provided in every newsletter email, by email to [info@haircare-group.com] or by sending a message to the contact details provided in the publication information.
(5) We point out that we evaluate your user behavior when we send the newsletter. For this evaluation, the emails sent contain what are called web beacons or tracking pixels, which represent single-pixel image files that are stored on our website. For the evaluations, we link the data mentioned in § 3 and the web beacons to your email address and an individual ID.
4 With the data thus collected, we create a user profile to tailor the newsletter to your individual interests. In so doing, we record when you read our newsletter, which of its links you click on, and use this to track your personal interests. We link this data to actions you take on our website.
You can object to this tracking at any time by clicking on the special link provided in each email or by informing us through another contact channel. The information is stored as long as you are subscribed to our newsletter. After you unsubscribe, we store the data statistically and anonymously only.
§ 5 USE OF GOOGLE ANALYTICS
(1) This website uses Google Analytics, a web analysis service of Google Inc. (“Google”). Google Analytics uses what are called “cookies”, text files stored on your computer to allow analysis of your use of the website. The information created by the cookies about your use of this website is usually transferred to Google in the United States and stored there. However, if IP anonymization is activated on this website, your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases is your full IP address transferred to a Google server in the United States and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services related to website and Internet usage to the website operator.
(2) The IP transferred from your browser to Google Analytics will not be merged with other Google data.
(3) You can prevent storage of cookies by setting your browser software accordingly; however, we point out that in this case you may not be able to use all functions of this website to their full extent. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by downloading and installing the browser plug-in available at the following link: tools.google.com/dlpage/gaoptout.
(4) This website uses Google Analytics with the extension “_anonymizeIp()”. This means that IP addresses are further processed in shortened form, which means that any personal connection can be ruled out. If the data collected about you relates to you personally, it will be excluded immediately and the personal data will be deleted right away.
(5) We use Google Analytics to analyze and regularly improve our website. The resulting statistics allow us to improve our site and make it more interesting to you, the user. In exceptional cases, in which personal data is transferred to the United States, Google has submitted to the EU-US Privacy Shield, www.privacyshield.gov/EU-US-Framework. The legal basis for the use of Google Analytics is Art. 6 Para. 1 Sentence 1 Letter f GDPR.
(6) Information on third-party provider: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001. User conditions: www.google.com/analytics/terms/de.html, overview of data protection: support.google.com/analytics/answer/6004245, and the data protection declaration: policies.google.com/privacy.
(7) This website also uses Google Analytics for a cross-device analysis of visitor flows, which is done through a user ID. You can deactivate cross-device analysis of your usage in your customer account under “My data”, “Personal data”.
§ 6 INCLUSION OF YOUTUBE-VIDEOS
(1) We have incorporated YouTube videos in our website, which are stored at https://www.youtube.com/ and can be played directly from our website. [These are all integrated in “extended data protection mode”, i.e. no data about you as a user will be transmitted to YouTube if you do not play the videos. Only if you play the videos is the data mentioned in Paragraph 2 transferred. We have no influence over this data transfer.]
(2) When you visit the website, YouTube receives information that you have accessed the corresponding subpage of our website. In addition, the data mentioned in § 3 of this declaration will be transferred. This happens regardless of whether YouTube provides a user account, through which you are logged in, or whether no user account exists. If you are logged directly in to Google, your data is associated directly with your account. If you do not want your data associated with your YouTube profile, you must log out before activating the button. YouTube stores your data as use profiles and uses it for purposes of advertising, market research and/or need-based configuration of their website. Such an evaluation particularly takes place (even for users who are not logged in) to provide custom advertising and to inform other users on the social network of your activities on our website. You have the right to object to creation of these user profiles; to exercise this you must contact YouTube.
(3) Further information on the purpose and scope of data collection and processing by YouTube can be found in the data protection declaration. There you will also receive further information on your rights and settings options to protect your private sphere: https://www.google.de/intl/de/policies/privacy. Google also processes your personal data in the United States and has submitted to the EU-US Privacy Shield https://www.privacyshield.gov/EU-US-Framework.
§ 7 INCLUSION OF GOOGLE MAPS
1) On this website we use Google Maps. This allows us to show you interactive maps directly on the website and enables you to use the maps function conveniently.
(2) When you visit the website, Google receives information that you have accessed the corresponding subpage of our website. In addition, the data mentioned in § 3 of this declaration will be transferred. This happens regardless of whether Google provides a user account, through which you are logged in, or whether no user account exists. If you are logged directly in to Google, your data is associated directly with your account. If you do not want Google to associate your data with your Google profile, you must log out before activating the button. Google stores your data as use profiles and uses it for purposes of advertising, market research and/or need-based configuration of their website. Such an evaluation particularly takes place (even for users who are not logged in) to provide custom advertising and to inform other users on the social network of your activities on our website. You have the right to object to creation of these user profiles; to exercise this you must contact Google.
(3) Further information on the purpose and scope of data collection and its processing by the plug-in provider can be found in the provider’s data protection declarations. There you will also receive further information on your rights in this regard and settings options to protect your private sphere: https://policies.google.com/privacy?hl=de&gl=de. Google also processes your personal data in the United States and has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
Data protection declaration for Facebook
DATA PROTECTION DECLARATION FOR OUR FACEBOOK PAGE
Data use by Facebook
When you visit our page on Facebook, you are generally subject to the data protection regulations of Facebook.com (operated by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland; board: Gareth Lambe, Shane Crehan; registered in Ireland (Companies Registration Office); commercial register number 462932 – hereinafter: “Facebook”). You can find information on the content and purpose of storing and processing your data in Facebook’s data protection information: https://www.facebook.com/about/privacy/ .
Every time you visit our Facebook page, especially when you trigger the programs automatically integrated into Facebook pages (such as the “Like” button), you transmit information about yourself to Facebook. We point out that due to data storage by Facebook, there is a risk that your personal data will also be transferred to the United States and stored and processed there, because the parent company, Facebook Inc., is based in the United States. Facebook alone is responsible for this type of data processing.
Facebook uses your data, including the fact that you have looked around on our fan page, for market research and advertising purposes. This means that Facebook uses this data to create extensive profiles about you, which are then used, for example, to show you advertising tailored to your interests as part of your timeline.
A detailed description of the respective data processing by Facebook and also the objection options (opt out) can be found in the following documents from Facebook:
Data protection declaration: https://www.facebook.com/about/privacy/,
Opt-Out: https://www.facebook.com/settings?tab=ads
and http://www.youronlinechoices.com.
Cookies
Facebook sets cookies on its website under its own responsibility. When you log in to Facebook, Facebook can read data about you and your interaction with our site, which may be stored in cookies. Cookies are small files that are stored on your data carrier and which store certain settings and data for exchange with the Facebook system through your browser. The duration time for storage can be set to several years. Regardless of the set duration, you can also delete cookies manually in your browser or configure your browser such that cookies are automatically deleted as soon as you close the browser. Most browsers accept cookies by default. In the security settings, you can allow or forbid cookies independently.
Acceptance of cookies is not a prerequisite for visiting our website. If you deactivate cookies from Facebook, certain options that Facebook offers may not be available to you on our page and content may not be displayed or may not be displayed correctly. More information about Facebook cookies and possible settings can be found here https://www.facebook.com/policies/cookies/.
How we use your data
The processing of data on this Facebook page is based on an agreement on joint processing of personal data with Facebook. Facebook and baslerbeauty GmbH & Co. KG are therefore joint controllers within the meaning of Art. 26 GDPR.
haircare.group GmbH
Gansäcker 20
74321 Bietigheim-Bissingen
Germany
Tel.: 07142 – 375 212 0
info(at)haircare-group.com
www.haircare-group.com
Stuttgart District Court HRB 757714
Tax ID: 55001 / 23009
VAT ID: DE307306710
Authorized managing directors: Michael Allert, Timo Allert, Dennis Böhm, Mattias Mußler
Entries on Facebook
We use your personal data – such as provided in Facebook for activating social plug-ins, for example – only as they appear on our Facebook page (legal basis: Art. 6 Para. 1 Letter b GDPR). When you click the “Like” button on one of our posts, the message “[username] likes this” appears below this post. Your username will thus be indicated. Additionally, your profile picture’s thumbnail will also be shown.
Your comments, which you can enter using the “Comment” function, also appear on our page, as provided on Facebook, with your username and the profile picture you have set. This data is also visible to people you have not friended on Facebook. In addition, these notices may also be activated for visitors to our page who are not logged in to Facebook. Facebook is not a platform for sending us confidential information, especially not on the state of your health or other data. Entries and comments on our page should be treated like any other public entries.
Contacting us
If you contact us using our electronic contact options, we will save your message. The personal data contained therein will be used to process your request and communicate with you (legal basis Art. 6 Para. 1 Letter b GDPR).
Moreover, all Facebook messages you send to us are archived and undergo regular data backup. Other messages, such as those sent by email or postal mail, are retained and archived after the matter has been resolved in accordance with legal requirements and for purposes of legal defense. Messages will be deleted after the archiving periods have expired or after our interest in archiving for legal defense purposes ceases (usually after any claims have expired). Please note that we have no influence on or knowledge of whether Facebook actually deletes the messages if we remove them from our Facebook inbox.
Technical data collection at Facebook
Facebook also provides operators of company pages, including us, with anonymous statistics unsolicited.
This involves anonymized data, such as
- Page activities
- Page call-ups
- Number of subscribers
- “Like” data
- Range
- Interactions, such as clicks on specific information, elements or links.
This does not result in any personal reference to you. We use the statistical data presented to us based on the interest in improving the offering on our social media presences and websites and their design and maintaining security as well as in the event of violations in cooperation with authorities (legal basis is Art. 6 Para. 1 Letters c and f GDPR).
Placement of advertising on Facebook
We place advertising on Facebook and use statistical data that we receive from Facebook to determine targeted delivery. This does not result in any personal reference to you. Facebook provides you with information about the settings you can make for advertising on Facebook and other sites, to the extent that they are controlled by Facebook (https://www.facebook.com/about/privacy/, under “Control over Facebook advertisements”).
Contests on Facebook
When we hold contests on Facebook, we only use the participant data received for implementing the contest and, if necessary, for notification of winners. Personal data of winners will only be published in abbreviated manner, with first name, abbreviated last name and location (example: “Bernd K. from Bonn”).
You can also object to our using your data during your participation in a contest. Data use prior to the receipt of the objection remains unchanged. However, once your objection is received, your participation ends. The chance to win is lost.
We point out that Facebook is not connected to the contest and that the contest is in no way sponsored, supported or organized by Facebook. baslerbeauty GmbH & Co. KG is solely responsible for the implementation and lawful procedure.
We also adhere to Facebook’s guidelines for data use in promotions. According to them, personal timelines and connections to friends may not be used to organize promotions.
Your rights and further information
You have the right to object if personal data is used for advertising purposes, in particular for direct advertising.
You also have the right to information about the personal data we process about you and to correction, addition or deletion or to restriction of processing.
You also have a right to data portability if the rights and freedoms of third parties are not impaired. This applies to the data you provide to us, which we have processed based on valid consent or to enter into or fulfill a valid contract. Your rights may be tied to the fulfillment of legal requirements and may therefore be limited.
If you have questions about data protection,contact us at
Among other things, you also have: a right to lodge a complaint with the supervisory authority responsible for data protection, in particular in the Member State of your place of residence, your place of work or the place of the alleged violation.
If you would like to exercise your right to information or other data subject rights regarding Facebook’s data processing, we point out that you should assert this directly with Facebook. This is the most effective way to exercise your rights, because only Facebook has access to its users’ data and can therefore take appropriate measures and provide information directly.
Further information about your rights can be found athttps://www.haircare-group.com/datenschutz/ , under section “V. What rights do I have?”