privacy policy

Privacy Policy

The person responsible for data processing is:

Miriam Jacks
Rotherstraße 16
10245 Berlin
Germany

support@jacks-beautyline.com or use our Contact form.

We appreciate your interest in our online shop. Protecting your privacy is very important to us. Below we inform you in detail about how we handle your data.

  1. Access data and hosting

You can visit our websites without providing personal information. Each time a webpage is called, the web server automatically stores a so-called server log file, which contains, for example, the name of the requested file, your IP address, date and time of the request, amount of data transferred, and the requesting provider (access data) and documents the request.

These access data are evaluated solely to ensure the smooth operation of the site and to improve our offer. This serves, according to Art. 6 para. 1 sentence 1 lit. f GDPR, to protect our overriding legitimate interests in a correct presentation of our offer after weighing interests. All access data are deleted no later than seven days after the end of your site visit.

Hosting services by a third-party provider

As part of processing on our behalf, a third-party provider offers us services for hosting and displaying the website. All data collected during the use of this website or in designated forms in the online shop as described below are processed on its servers. Processing on other servers only takes place within the scope explained here.

This service provider is located in a country outside the European Union for which the European Commission has determined an adequate level of data protection by decision.

  1. Data collection and use for contract processing, contact, account creation, or participation in digital product consultation

We collect personal data when you voluntarily provide it to us as part of your order, when contacting us (e.g., via contact form or email), or when participating in the digital product consultation. Mandatory fields are marked as such because we need the data in these cases to process the contract or handle your inquiry, and without providing them, you cannot submit the order or contact request. Which data is collected is visible from the respective input forms. We use the data you provide in accordance with Art. 6 para. 1 sentence 1 lit. b GDPR for contract processing and handling your inquiries.

If you have given your consent according to Art. 6 para. 1 sentence 1 lit. a GDPR by choosing to open a customer account, we use your data for the purpose of opening the customer account.

After the contract has been fully processed or your customer account has been deleted, your data will be restricted for further processing and deleted after the expiration of the tax and commercial retention periods, unless you have expressly consented to further use of your data or we reserve the right to use data beyond this which is legally permitted and about which we inform you in this declaration. Deleting your customer account is possible at any time and can be done either by sending a message to the contact option described below or via a function provided for this purpose in the customer account.

The personal data used to determine the product recommendation is stored as long as it is necessary to fulfill the processing purpose. The data is deleted as soon as it is no longer required for the purpose.

  1. Data transfer

To fulfill the contract according to Art. 6 para. 1 sentence 1 lit. b GDPR, we pass your data on to the shipping company commissioned with the delivery, insofar as this is necessary for the delivery of ordered goods. Depending on which payment service provider you select during the ordering process, we pass the payment data collected for this purpose on to the credit institution commissioned with the payment and, if applicable, to payment service providers commissioned by us or to the selected payment service. In part, the selected payment service providers also collect this data themselves if you create an account there. In this case, you must log in to the payment service provider with your access data during the ordering process. The privacy policy of the respective payment service provider applies in this regard.

The use of your data for product recommendation is based on our legitimate interest in appropriately presenting our products according to Art. 6 para. 1 lit. f GDPR.

For order and contract processing, we also use an external merchandise management system. The data transfer or processing that takes place in this context is based on commissioned data processing.

Data transfer to debt collection agency

To fulfill the contract according to Art. 6 para. 1 sentence 1 lit. b GDPR, we pass your data on to a commissioned debt collection agency if our payment claim has not been settled despite prior reminders. In this case, the claim is collected directly by the debt collection agency. Furthermore, the transfer serves to protect our overriding legitimate interests in the effective assertion or enforcement of our payment claim according to Art. 6 para. 1 sentence 1 lit. f GDPR.

  1. Email newsletter

Email advertising with newsletter subscription

When you sign up for our newsletter, we use the data required for this or separately provided by you to regularly send you our email newsletter based on your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.

Unsubscribing from the newsletter is possible at any time and can be done either by sending a message to the contact option described below or via a designated link in the newsletter. After unsubscribing, we delete your email address from the recipient list unless you have explicitly consented to further use of your data or we reserve the right to use data beyond this, which is legally permitted and about which we inform you in this declaration.

The newsletter is sent on our behalf by a service provider to whom we pass on your email address for this purpose. This service provider is located within a country of the European Union or the European Economic Area.

  1. Cookies and web analysis

To make visiting our website attractive and to enable the use of certain functions, such as displaying suitable products or for market research, we use so-called cookies on various pages. This serves to safeguard our overriding legitimate interests in an optimized presentation of our offer within the framework of a balancing of interests in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR. Cookies are small text files that are automatically stored on your device. Some of the cookies we use are deleted after the end of the browser session, i.e., after you close your browser (so-called session cookies). Other cookies remain on your device and allow us to recognize your browser on your next visit (persistent cookies). You can find the duration of storage in the overview in the cookie settings of your web browser. You can set your browser so that you are informed about the setting of cookies and decide individually whether to accept them or exclude the acceptance of cookies for certain cases or in general. Each browser differs in how it manages cookie settings. This is described in the help menu of each browser, which explains how you can change your cookie settings. You can find this for the respective browsers at the following links:

Internet ExplorerTM

SafariTM

ChromeTM

FirefoxTM

OperaTM

If you do not accept cookies, the functionality of our website may be limited.

  1. More information on data protection

Google DoubleClick

If you have given your consent according to Art. 6 para. 1 sentence 1 lit. a GDPR, this website also uses the so-called DoubleClick cookie within the scope of Google Analytics (see below) for advertising purposes, which enables the recognition of your browser when visiting other websites. The information automatically generated by the cookie about the visit to this website is usually transmitted to a Google server in the USA and stored there. The IP address is shortened by activating IP anonymization on this website before transmission within the member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there. The anonymized IP address transmitted by your browser within Google Analytics is not merged with other data from Google.

Google will use this information to compile reports on website activity and to provide other services related to website usage. Google may also transfer this information to third parties if required by law or if third parties process this data on behalf of Google. After the purpose has been fulfilled and Google DoubleClick is no longer used by us, the data collected in this context will be deleted.

Google DoubleClick is a service offered by Google Ireland Limited, a company registered and operating under Irish law with its headquarters at Gordon House, Barrow Street, Dublin 4, Ireland (www.google.de).

As far as information is transferred to and stored on servers of Google in the USA, the American company Google LLC is certified under the Trans-Atlantic Data Privacy Framework. Based on this agreement between the USA and the European Commission, the latter has determined an adequate level of data protection for companies certified under the Privacy Shield.

You can revoke your consent at any time with effect for the future by deleting the DoubleClick cookie via this link disable. Additionally, you can learn about cookie settings and make adjustments at the Digital Advertising Alliance. Finally, you can configure your browser to notify you about cookie settings and decide individually whether to accept them or to block cookies for specific cases or entirely. If you do not accept cookies, the functionality of our website may be limited.

Google Analytics

We use the Google Analytics service of Google Ireland Limited, Gordon House, Barrow Street Dublin 4, Ireland; parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter "Google"). The service analyzes and evaluates the use of our website and creates statistics and reports based on this, which help us optimize and improve our site for visitors. For this purpose, Google Analytics uses cookies.

For this purpose, the information generated by the cookie such as your anonymized IP address, device and browser characteristics, session duration, visited pages, is transmitted to a Google server on our behalf, stored there, and evaluated.

On this website, we use the IP anonymization feature of Google Analytics. This ensures anonymized collection of IP addresses. The anonymization of your IP address usually takes place by shortening your IP address by Google within the European Union or in other contracting states of the European Economic Area (EEA). In exceptional cases, your IP address is transmitted to a Google server in the USA and anonymized there. The IP address transmitted in this process is not merged with other data from Google.

As part of the Google Analytics advertising feature, remarketing and reports on performance based on demographic characteristics and interests are used. These procedures aim to better align advertising measures with the interests of the respective users using information about user behavior. Within the scope of remarketing, personalized advertising measures can be displayed on other websites based on the user's browsing behavior on this website. The advertising materials may include products that the user previously viewed on the website. If you have agreed that your web and app browsing history is linked to your Google account and information from your Google account is used to personalize ads, Google uses this data for cross-device remarketing.

Data processing, especially the setting of cookies, is carried out with your consent based on Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out based on the consent until the revocation. The revocation can be done by disabling the corresponding selection on our consent management platform, which you can access via the following link: https://jacks-beautyline.com/pages/datenschutzeinstellungen

You can also prevent the collection and processing of data by Google by downloading and installing the browser add-on available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

Alternatively, or within browsers on mobile devices, please click on the following link: https://support.google.com/analytics/answer/181881?hl=de. This will place an opt-out cookie on your device for our websites effective for the browser you are currently using. If you delete your cookies in this browser, you will need to click this link again.

Google offers registered Google users and other users the option to disable personalized advertising. Details can be found here: https://support.google.com/ads/answer/2662922?hl=de.

You can find Google's privacy policy here: https://policies.google.com/privacy?hl=de and here: https://policies.google.com/technologies/partner-sites

 

Google Ads Remarketing

Through Google Ads, we advertise this website in Google search results as well as on third-party websites. For this purpose, the so-called remarketing cookie from Google is set when you visit our website, which automatically enables interest-based advertising using a pseudonymous cookie ID and based on the pages you have visited. This serves to protect our overriding legitimate interests in optimal marketing of our website within the framework of a balancing of interests according to Art. 6 para. 1 sentence 1 lit. f GDPR. After the purpose ceases and the use of Google Ads remarketing by us ends, the data collected in this context will be deleted.

Further data processing only takes place if you have consented to Google linking your web and app browser history with your Google account and using information from your Google account to personalize ads you see on the web. In this case, if you are logged into Google during your visit to our website, Google uses your data together with Google Analytics data to create and define audience lists for cross-device remarketing. For this purpose, your personal data is temporarily linked by Google with Google Analytics data to form audiences.

Google Ads is a service offered by Google Ireland Limited, a company registered and operated under Irish law with its headquarters at Gordon House, Barrow Street, Dublin 4, Ireland (www.google.de).

As far as information is transferred to and stored on servers of Google in the USA, the American company Google LLC is certified under the Trans-Atlantic Data Privacy Framework. Based on this agreement between the USA and the European Commission, the latter has determined an adequate level of data protection for companies certified under the Privacy Shield.

You can disable the remarketing cookie via this link disable. In addition, you can find information about the setting of cookies and make settings at the Digital Advertising Alliance.

Google Ads Conversion Tracking

We use the online advertising program "Google Ads" on our website and, within this framework, conversion tracking (visit action evaluation). Google Conversion Tracking is an analysis service of Google Ireland Limited, Gordon House Barrow Street Dublin 4, Ireland; parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter "Google").

If you click on an ad placed by Google, a cookie for conversion tracking is placed on your computer. These cookies have a limited validity, do not contain personal data, and therefore do not serve personal identification. If you visit certain pages of our website and the cookie has not yet expired, Google and we can recognize that you clicked on the ad and were redirected to this page. Each Google Ads customer receives a different cookie. Therefore, there is no possibility that cookies can be tracked across the websites of Ads customers. The information collected with the help of the conversion cookie is used to create conversion statistics. In this process, we learn the total number of users who clicked on one of our ads and were redirected to a page tagged with conversion tracking. However, we do not receive any information that would allow us to personally identify users.

Data processing, especially the setting of cookies, is carried out with your consent based on Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out based on the consent until the revocation. The revocation can be done by disabling the corresponding selection on our consent management platform, which you can access via the following link: https://jacks-beautyline.com/pages/datenschutzeinstellungen
Google offers registered Google users and other users the option to disable personalized advertising. Details can be found here: https://support.google.com/ads/answer/2662922?hl=de.

As part of the service, data is transferred to the USA. The transfer is based on the standard contractual clauses of the EU Commission. Details can be found at https://policies.google.com/privacy/frameworks?hl=de and https://business.safety.google/adscontrollerterms/sccs/.

You can find Google's privacy policy here: https://policies.google.com/privacy?hl=de.

Google AdSense

On our website, we use Google AdSense, a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. With Google AdSense, we can display advertisements on our website that are tailored to our website offering and your interests.

Google AdSense collects and processes, via cookies and so-called web beacons (invisible graphics), not only the IP address but also the individual user behavior on the website (e.g., interactions with the advertisement). Google can create individual user profiles for advertising, optimize ad delivery, and measure the success of ads.

Data processing, especially the setting of cookies, is carried out with your consent according to Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time with effect for the future.

You can find Google's privacy policy here: https://policies.google.com/privacy?hl=de.

Google Optimize

The web analysis and optimization service "Google Optimize" is used on our website, which is provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. We use the Google Optimize service to increase the attractiveness, content, and functionality of our website by rolling out new features and content to a percentage of our users and statistically evaluating the change in usage. Google Optimize is a sub-service of Google Analytics (see section Google Analytics).

Google Optimize uses cookies that enable the optimization and analysis of your use of our website. The information generated by these cookies about your use of our website is usually transferred to a Google server in the USA and stored there. We use Google Optimize with IP anonymization enabled, so your IP address is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area beforehand. Only in exceptional cases is the full IP address transferred to a Google server in the USA and shortened there. Google will use this information to evaluate your use of our website, to compile reports on the optimization tests and the associated website activities, and to provide us with other services related to website and internet usage.

Data processing, especially the setting of cookies, is carried out with your consent based on Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time without affecting the lawfulness of the processing carried out based on the consent until the revocation.

Furthermore, you can prevent the collection of data generated by the cookie and related to your use of our website (including your IP address) by Google, as well as the processing of this data by Google, by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de. More information about data collection and processing by Google can be found in Google's privacy policy, which you can access at https://policies.google.com/privacy?hl=de.

Google Meet

For communication with customers, we use Google Meet. Google Meet is an online conferencing tool. This service is provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. When communicating with this tool via video or audio conferences, personal data is processed by us and the tool provider. The data collected includes all information you provide when using the tool. Additionally, metadata regarding the conference is processed. Furthermore, technical information necessary for the function of online communication is processed. Moreover, all files shared within the tool are stored on the servers of the tool provider. Google Meet can also set cookies. These cookies are only set with consent. This consent can be revoked at any time. The legal basis for this is Art 6 para. 1 lit. a GDPR. Otherwise, the legal basis for data processing by Google Meet is Art. 6 para. 1 lit. b GDPR. The communication is related to the fulfillment of a contract or is necessary for the fulfillment of pre-contractual obligations. Furthermore, this tool is used to simplify communication with our company. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. These data are stored as long as the data subject requests deletion, revokes consent for storage, or the purpose for storage no longer applies. Cookies remain on the end device until the user deletes them. Mandatory legal provisions on retention periods remain unaffected.

Further details: https://policies.google.com/privacy?hl=de.

Google Fonts

We use Google Fonts on this website. Google Fonts is a tool that enables a uniform display of fonts (so-called Google Fonts). This service is offered by Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

As soon as a website visitor visits a website that uses Google Fonts, the browser used must connect to the Google servers. No cookies are set in this process. However, the IP address of the website visitor is collected and used for analysis purposes. The legal basis for processing is Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as this consent includes access to information on the user's device or the storage of cookies within the meaning of the TDDDG. This consent can be revoked at any time.

Details on this:

https://developers.google.com/fonts/faq?hl=de

https://policies.google.com/privacy?hl=de.

 

Google Tag Manager

This website uses Google Tag Manager, a service of Google Ireland Limited, Gordon House Barrow Street Dublin 4, Ireland; parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter "Google"). Google Tag Manager is a solution that allows marketers to manage website tags through an interface. The Tag Manager tool itself (which implements the tags) is a cookie-free domain and does not collect personal data. The tool triggers other tags that may collect data. Google Tag Manager does not access this data. If deactivation has been made at the domain or cookie level, it remains effective for all tracking tags implemented with Google Tag Manager.

Pandectes GDPR Compliance

We use the consent management tool Pandectes GDPR Compliance (Pudisoo, 74626 Harju maakond, Estonia) on our website. The tool allows you to give consent to data processing via the website, especially the setting of cookies, and to exercise your right of withdrawal for consents already given. The data processing serves the purpose of obtaining and documenting the necessary consents for data processing and thus complying with legal obligations. Cookies may be used for this purpose. Among other things, the following information can be collected and transmitted to Pandectes: anonymized IP address, date and time of consent, URL from which the consent was sent, anonymous, random, encrypted key, consent status. This data is not passed on to any other third parties.

The data processing is carried out to fulfill a legal obligation based on Art. 6 para. 1 lit. c GDPR. More information about terms of use and data protection at Pandectes can be found at: https://pandectes.io/privacy-policy/.

Rakuten Advertising

Our website participates in the Rakuten Advertising Partner Program. This is offered by Rakuten Marketing Germany GmbH, Schönhauser Allee 112, 10439 Berlin Germany (hereinafter "Rakuten"). This is a so-called affiliate system, where persons registered with Rakuten (also "publishers") promote the products or services of the so-called "advertisers" on their websites using advertising media. This serves to protect our overriding legitimate interests in optimizing and economically exploiting our online offer within the framework of a balancing of interests according to Art. 6 para. 1 lit. f GDPR.

By means of a cookie (rmuid) Rakuten can track the process of the respective order and in particular verify that you clicked the respective link and then ordered the product via the affiliate partner program. You can prevent the setting of cookies by our contractual partners or our website at any time by adjusting your internet browser settings accordingly. In addition, cookies that have already been set can be deleted at any time via the internet browser or other software programs.

Further information about data processing at Rakuten can be found here (PDF).

Hotjar

We use Hotjar on our website, an analytics software from Hotjar Limited, Dragonara Business Center, 5th Floor, Dragonara Road, Paceville St Julian’s STJ 3141, Malta. Hotjar makes it possible to measure and evaluate user behavior on our website. The information generated by the "Hotjar Tracking Code" script implemented on the website and the use of cookies about your visit to our website is transmitted to Hotjar servers in Ireland and stored there.

In addition to mouse events (clicks, mouse movements, scroll heights, etc.), Hotjar also processes meta and communication data (e.g., anonymized IP address, device information) and date and location data (e.g., geographic location, timestamp of the website visit). Hotjar will use this information to analyze your use of our website, create usage reports (e.g., using heat maps), and for other services related to website usage and internet analysis of the website.

Data processing, especially the setting of cookies, is done with your consent based on Art. 6 para. 1 sentence 1 lit. a GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out based on the consent until the revocation.

You can prevent data collection by Hotjar by clicking on the following link and following the instructions there: https://www.hotjar.com/de/legal/policies/do-not-track/.

You can view Hotjar's privacy policy at https://www.hotjar.com/legal/policies/privacy/de/.

Shopify

To operate our online shop, we use the shop and e-commerce platform Shopify, a service of Shopify International Limited, Victoria Buildings, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland ("Shopify"). This allows us to present and sell our products online in a web shop.

Shopify provides us with software that we use to operate our e-commerce. This is a tool for creating and hosting websites, especially online shops.

When you visit our online shop as our customer or make a purchase, Shopify collects and processes personal data from you. This data is used only to provide you with our online shop and to enable the purchase of our products.

When you visit our website, Shopify collects your IP address as well as information about the device and browser you are using.

When you make a purchase on our website, personal data that you provide yourself, such as name, billing address, shipping address, email address, phone number, payment information, as well as other data related to your purchase, is processed to enable you to complete a transaction, to check orders for fraud and risks, and to be able to fulfill orders.

In addition, information about how you access your account and our platform on our website, including information about the device and browser you use, your network connection, your IP address, and details about how you navigate on our website and platform, is collected and processed. This allows us to receive analytics, such as the number of our shop visitors, and enables us to fix errors or improve our shop offering for you.

Some of this information is collected by Shopify using cookies or other similar technologies directly from your device.

The use of Shopify and the processing of your data is carried out partly for contract fulfillment based on Art. 6 para. 1 sentence 1 lit. b GDPR and based on Art. 6 para. 1 sentence 1 lit. f GDPR. We have a legitimate interest in a reliable and secure technical presentation of our website (our online shop).

For more information, please visit the Shopify website: https://www.shopify.de/. Additional information on how Shopify processes personal data can be found in the privacy policy: https://www.shopify.de/legal/datenschutz.

Facebook, Instagram

Our website uses so-called Social Plugins ("plugins") from social networks.

When you visit a page on our website that contains such a plugin, your browser establishes a direct connection to the servers of the respective social network. The content of the plugin is transmitted directly from the respective provider to your browser and integrated into the page. By integrating the plugins, the providers receive the information that your browser has accessed the corresponding page of our website, even if you do not have a profile or are not currently logged in. This information (including your IP address) is transmitted directly from your browser to a server of the respective provider (possibly in the USA) and stored there. If you are logged into one of the services, the providers can directly assign the visit to our website to your profile in the respective social network. If you interact with the plugins, for example by clicking the "Like" or "Share" button, the corresponding information is also transmitted directly to a server of the providers and stored there. The information is also published on the social network and shown to your contacts there. This serves to protect our overriding legitimate interests in the optimal marketing of our offer in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR.

Please refer to the providers' privacy notices for the purpose and scope of data collection and the further processing and use of the data by the providers on their sites, as well as contact options and your related rights and settings to protect your privacy:

https://www.facebook.com/policy.php

https://help.instagram.com/155833707900388

If you do not want the social networks to directly assign the data collected via our website to your profile in the respective service, you must log out of the corresponding service before visiting our website. You can also completely prevent the loading of plugins with add-ons for your browser, e.g., with the script blocker "NoScript".

Our presence on social networks and platforms serves better, active communication with our customers and interested parties. We provide information there about our products and ongoing special offers.

When visiting our online presences on social media, your data may be automatically collected and stored for market research and advertising purposes. Pseudonymized so-called usage profiles are created from this data. These can be used, for example, to display advertisements within and outside the platforms that presumably match your interests. For this purpose, cookies are usually used on your device. These cookies store visitor behavior and user interests. This serves, according to Art. 6 para. 1 lit. f GDPR, to safeguard our overriding legitimate interests in an optimized presentation of our offer and effective communication with customers and interested parties within the framework of a balancing of interests. If you are asked by the respective social media platform operators for consent (agreement) to data processing, e.g., by means of a checkbox, the legal basis for data processing is Art. 6 para. 1 lit. a GDPR.

If the aforementioned social media platforms have their headquarters in the USA, the following applies: For the USA, there is an adequacy decision by the European Commission. This is based on the Trans-Atlantic Data Privacy Framework.

Detailed information on the processing and use of data by the providers on their pages, as well as a contact option and your related rights and settings to protect your privacy, especially objection options (opt-out), can be found in the privacy notices of the providers linked below. If you still need help in this regard, you can contact us.

Facebook: https://www.facebook.com/about/privacy/

The data processing is based on an agreement between joint controllers according to Art. 26 GDPR.

Further information on data processing in the context of visiting a Facebook fan page (information on Insights data) can be found in Facebook's privacy policy.

Instagram: https://help.instagram.com/519522125107875

Option to object (Opt-Out):

Facebook: https://www.facebook.com/settings?tab=ads

Instagram: https://help.instagram.com/519522125107875

Meta Pixel

On this website, we use the Meta Pixel service from Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, parent company Meta Platforms, Inc (USA) ("Meta") for conversion measurement, to show you and other interested users ads on Meta and other websites and to measure the effectiveness of advertising.

Through the Meta Pixel, which we have implemented on our website, your browser establishes a connection with Facebook, allowing user data such as IP address or user ID to be matched. If you are registered with Facebook, Meta can assign the visit to your account. This allows your behavior to be tracked if you arrived on our site by clicking on a Facebook ad or were redirected to the advertiser by clicking on an ad displayed by us. The ads can thus be evaluated in terms of effectiveness for statistical or other market research purposes and further advertising can be improved. We cannot draw any conclusions about the identity of the users from this. However, Meta can then adjust the placement of ads on and off Facebook accordingly.

For this purpose, Meta may use cookies, web beacons, or other storage technologies and sets a cookie for up to 180 days, including information that you have visited our website or clicked on one of our ads, as soon as you have consented to the use of consent-required cookies.

Data processing is carried out with your consent based on Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time with effect for the future via our consent management platform, which you can access here, without affecting the legality of the processing carried out based on the consent until the revocation. In addition, you can revoke your consent by adjusting your browser settings accordingly or as a logged-in user of the social network Facebook at https://www.facebook.com/settings/?tab=ads#_. You can also deactivate user-based advertising via the Network Advertising Initiative opt-out page (http://optout.networkadvertising.org/), via http://www.youronlinechoices.com/de/praferenzmanagement/ or the US website (http://www.aboutads.info/choices). The remarketing feature "Custom Audiences" can be deactivated by logged-in Facebook users in the ad settings area.

As far as personal data is collected on our website using the mentioned tool and forwarded to Meta, we and Meta are jointly responsible for this data processing to a limited extent. We have concluded a contract with Meta on joint responsibility regarding the processing of your data according to Art. 26 GDPR, the terms of which you can view here. We are responsible for providing the data protection information and for the data protection-compliant implementation of the tool on our website. Meta is responsible for data security. Data subject rights regarding the data processed by Meta can be asserted directly with Facebook and will be forwarded to Facebook by us in case of a claim. More information about which personal data is processed within the scope of joint responsibility can be found at https://www.facebook.com/legal/terms/businesstools_jointprocessing. The processing by Meta after forwarding is not done under joint responsibility.

It cannot be ruled out that Meta transfers data to the USA for storage and further processing. If such a data transfer to the USA takes place, it is based on the EU Commission's standard contractual clauses: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381.

More information about how Meta processes personal data, including options to exercise your data subject rights with Meta, can be found in Meta's data policy at https://de-de.facebook.com/privacy/policy/?entry_point=data_policy_redirect&entry=0.

Meta Conversion API

On this website, we use the Meta Conversions API service from Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland; parent company: Meta Platforms, Inc., 1601 Willow Road Menlo Park, CA 94025, USA (hereinafter "Meta").

Using the Conversion API, we can capture user actions on our website (e.g., page view, product added to cart, purchase). In addition to these action data, your IP address, device information, and meta/communication data (e.g., user agent, language settings) are processed. The collected data is forwarded to Meta. If you are registered with Facebook, Meta can associate the visit to our website with your account.

The processing of the data serves to reach customer groups relevant to us through the personalization of ads, the optimization of our advertising campaigns, and the measurement of their success.

The legal basis for data processing is your consent according to Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time with effect for the future. The revocation can be done by deactivating the corresponding selection on our consent management platform, which you can access via the following link: https://jacks-beautyline.com/pages/datenschutzeinstellungen

To the extent that personal data is collected on our website with the mentioned tool and forwarded to Meta, we and Meta are joint controllers for this data processing to a limited extent (Art. 26 GDPR). The processing carried out by Meta after forwarding is not under joint responsibility. The framework conditions of the joint responsibility have been recorded in a joint processing agreement: https://www.facebook.com/legal/controller_addendum. We are responsible for providing the privacy information and for the data protection-compliant implementation of the tool on our website. Meta is responsible for the data security of Meta products. Data subject rights (e.g., requests for information) regarding data processed by Meta can be asserted with Meta. If rights are asserted with us, we are obliged to forward these requests to Meta.

 Information on how Meta processes personal data, including the legal basis Meta relies on, the options for exercising the rights of data subjects towards Meta, and contact options for Meta and the Meta Data Protection Officer can be found in Meta's privacy policy at https://www.facebook.com/privacy/policy

 
YouTube Video Plugins

This website includes content from third-party providers. This content is provided by Google ("providers"). YouTube is a service of Google Ireland Limited, a company registered and operated under Irish law with its registered office at Gordon House, Barrow Street, Dublin 4, Ireland (www.google.de).

For YouTube videos embedded on our site, the extended privacy setting is activated. This means that no information about website visitors is collected or stored by YouTube unless they play the video. The embedding of the videos serves to safeguard our overriding legitimate interests in optimal marketing of our offer within the framework of a balancing of interests according to Art. 6 para. 1 sentence 1 lit. f GDPR.

Please refer to the providers' privacy notices for the purpose and scope of data collection and the further processing and use of the data by the providers on their sites, as well as contact options and your related rights and settings to protect your privacy:https://policies.google.com/privacy

https://policies.google.com/privacy?hl=de

Option to object (Opt-Out):

https://adssettings.google.com/authenticated?hl=de

TikTok Pixel

On our website, we use the TikTok Pixel, a service of TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland, and TikTok Information Technologies UK Limited, 4 Lindsey Street, Barbican, London, EC1A 9HP, United Kingdom (hereinafter "TikTok") to show you and other potentially interested users advertising on TikTok and to measure the effectiveness of our advertising.

Through the TikTok Pixel, your browser establishes a connection with TikTok and sets a cookie with the information that you have visited our website or clicked on one of our ads, as soon as you have consented to the use of cookies requiring consent. If you are registered with TikTok, TikTok can assign the visit to your account. TikTok's conversion tracking allows us to measure actions of website visitors (e.g., purchasing a product, viewing a specific page element). Visitors to our website can also be re-targeted with targeted and personalized advertising on TikTok. The TikTok Pixel collects meta and communication data (e.g., IP address, device information, browser properties, operating system, timestamp of the website action). From the collected data, we cannot draw conclusions about the identity of the website visitors.

Data processing, especially the setting of cookies, is carried out with your consent based on Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time without affecting the lawfulness of the processing carried out based on the consent until the revocation.

You can view TikTok's privacy policy at https://www.tiktok.com/legal/page/eea/new-privacy-policy/de-DE.

hellocharles

You can contact us via WhatsApp and start a conversation. We are the controller within the meaning of Art. 4 No. 7 GDPR for subsequent data processing related to WhatsApp. For offering and using WhatsApp, we use the software solution of Charles GmbH, Gartensstr. 86-87, 10115 Berlin, within the framework of a data processing agreement. Charles stores all personal data in the EU. As an official WhatsApp partner, Charles uses the WhatsApp Business API, which means that within our area of responsibility, no other third parties or WhatsApp have access to your communication content.

The use of WhatsApp is subject solely to the agreements you have made with WhatsApp. According to WhatsApp's terms of use, we receive your phone number and username through your contact with us. We use this and other information you provide to recognize you and your preferences and to respond to your WhatsApp messages. The legal basis here is your consent to contact according to Art. 6 para. 1 lit. a GDPR. In addition, we send you newsletters via WhatsApp if you have given us your consent for this. Furthermore, you have the option to use WhatsApp to compile your shopping cart. In this case, the data processing is based on Art. 6 para. 1 lit. b GDPR.

You can revoke any consent already given at any time with effect for the future. Under the GDPR, you also have the right to access, rectify, transfer, and delete your personal data as well as the right to restrict or object to certain processing. You also have the option to lodge a complaint with the supervisory authority responsible for you.

For more information, please refer to our data processors:

Charles GmbH: https://www.hello-charles.com/c-com-blog/whatsapp-newsletters.

WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland: https://www.whatsapp.com/legal/privacy-policy-eea.

Okendo

If you have given us your explicit consent according to Art. 6 para. 1 lit. a GDPR during or after your order, we will transmit your email address to Okendo, 100 Harris Street, Pyrmont, New South Wales 2009, Australia (https://www.okendo.io/), so that they can send you a review reminder by email. This consent can be revoked at any time by sending a message to the contact option described in the imprint or directly to Okendo Pty Ltd.

Klar Insights GmbH

We use a technology from Klar Insights GmbH (Marktstr. 18, 80802 Munich, Germany) on this website to collect data for marketing purposes. Klar processes this data in Germany and the Netherlands based on the use of cookies for marketing purposes according to Art. 6 para. 1 lit. (a) GDPR and based on the user's consent.

The data is used to create anonymized usage profiles. In addition to cookies, a fingerprint is created to identify the usage profile.

The data is not collected without the prior consent of the user and no identification of the user takes place. Consent can be revoked at any time at the following link: https://september.durchsichtig.xyz/donottrack/me

ABlyft

We conduct A/B tests to analyze different versions of a specific webpage and thereby improve the page design. For this purpose, ABlyft, a web analytics service of Conversion Expert GmbH, is used. ABlyft uses cookies. The information generated by cookies about the use of our website is usually transferred to a server of ABlyft in Germany and stored there.

No storage of your IP address (not even shortened or hashed) takes place, nor the storage of a user ID. On behalf of the operator of this website, ABlyft will use aggregated data to evaluate the non-personal use of the website and to compile reports about website activities.

Provider: ABlyft is a service of Conversion Expert GmbH, Zeppelinring 52c, 24146 Kiel, Germany (https://ablyft.com)

Purpose of tracking: ABlyft collects information about user behavior to improve the user-friendliness of the website.

Processing of personal data: No personal data is stored or transferred to the platform. Data is stored anonymized and aggregated.

Storage duration: No storage of user data (IDs, etc.) takes place.

Option to prevent processing (Opt-out): You can object to the use of ABlyft at any time by clicking the following link: https://jacks-beautyline.com/?ablyft_opt_out=true.

Data transfer to third country? No

Klaviyo

We use Klaviyo to provide our newsletter. This service is offered by Klaviyo, Inc., 125 Summer Street, Boston MA, 02111, USA. This service allows the organization and analysis of newsletter distribution. The data entered to receive the newsletter is stored on the service's servers. With the help of Klaviyo, interactions with the newsletter can be analyzed. Additionally, conversion rates can be determined and newsletter users categorized to tailor the newsletter to different target groups. The legal basis for processing is Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. Consent can be revoked at any time by unsubscribing from the newsletter. The legality of processing already carried out remains unaffected by any revocation. We also use other email services from Klaviyo to fulfill our contractual services and customer management. The legal basis for this is Art. 6 para. 1 lit. b GDPR. Data is deleted at the end of the contract between us and Klaviyo unless the website visitor revokes their consent beforehand. In this case, the data is removed from the distribution list. For data transfer to the USA, the EU Commission's Standard Contractual Clauses (SCC) apply. This contract text can be viewed here: https://www.klaviyo.com/privacy/dpa.

Further details: https://www.klaviyo.com/legal/privacy/privacy-notice.

Calendly

To schedule an appointment with us, we integrate the functions of Calendly on our website. This service is offered by Calendly LLC, 271 17th St NW, 10th Floor, Atlanta, Georgia 30363, USA. The data requested for this purpose is used for planning, conducting, and following up on the appointment and is stored on Calendly's servers. Calendly uses cookies to collect and store data on our website. These cookies are set only with your consent. You can revoke and manage your consent at any time in our cookie consent tool. The legal basis for this is Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as this consent includes access to information on the user's device or the storage of cookies within the meaning of the TDDDG. Furthermore, the legal basis for using Calendly is Art. 6 para. 1 lit. f GDPR, as we have a legitimate interest in engaging directly with customers, potential customers, and other interested parties and processing inquiries immediately and as quickly as possible. The data is stored as long as the data subject requests deletion, revokes consent for storage, or the purpose for storage no longer applies. Mandatory legal retention periods remain unaffected. For data transfer to the USA, the EU Commission's Standard Contractual Clauses (SCC) apply.

More information can be found here:

https://calendly.com/de/pages/privacy

https://calendly.com/pages/dpa

Clarity

We use the Clarity service on our website, an analytics tool from Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland, to better understand our users' experiences and optimize the offerings on this website. Clarity's technology helps us gain a better understanding of user experiences, for example, how much time they spend on which pages, how far they scroll, and which links or areas are clicked most often. Clarity works with cookies and other technologies to collect information about usage behavior and corresponding devices. This involves processing personal data, especially the device's IP address (which is recorded and stored only in anonymized form). Additionally, screen size, device type, information about the browser used, and location (only the country) are collected. Clarity stores this information in a pseudonymized usage profile, with a storage duration of one year. This is done based on your consent, which you can revoke at any time. The information is neither used by Clarity nor by us to identify individual users or combined with other data about individual users. More information can be found in Microsoft's privacy policy at https://privacy.microsoft.com/de-de/privacystatement.

Cloudfare

We use the "Content Delivery Network" Cloudflare on this website, a service of Cloudflare, Inc. 101 Townsend St, San Francisco, CA 94107, USA (hereinafter "Cloudflare"). The service is used to optimize loading times when opening our website and thus improve the use of our website by you and other users. In addition, the service helps us protect our website from attacks (e.g., DDoS and bot attacks).

As part of the service, the data flow between your browser and our website is routed through the Cloudflare network. Cloudflare processes, among other things, IP address, device information, and protocol data (e.g., time and date of the request) and user interaction with our website. Cloudflare also uses cookies for this purpose.

The data processing serves our legitimate interest under Art. 6 para. 1 lit. f GDPR to optimize our website offering and thus improve the user experience. In addition, we have a legitimate interest in protecting our website from malicious attacks and ensuring the functionality of the website.

You can find Cloudflare's privacy policy here: https://www.cloudflare.com/de-de/privacypolicy/.

Criteo

This website uses functions from Criteo, a JavaScript tag that Criteo uses to track user behavior while browsing your website. The provider is Criteo SA, 32 Rue Blanche, 75009 Paris (hereinafter "Criteo").

Criteo is used to show you interest-based advertisements within the Criteo advertising network. Your interests are determined based on your previous usage behavior. For example, Criteo records which products you have viewed, added to the shopping cart, or purchased. Further details about the data collected by Criteo can be found here: https://www.criteo.com/de/privacy/how-we-use-your-data/.

To show you interest-based advertising, we or other Criteo partners must be able to recognize you again. For this purpose, a cookie is stored on your device or a comparable identifier is used that links your user behavior with a pseudonymous user profile. Details can be found in Criteo's privacy policy at: https://www.criteo.com/de/privacy/.

Your personal data and the Criteo cookies stored in your browser are stored for a maximum of 13 months from the date of collection.

The use of Criteo is for the purpose of targeted advertising. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If a corresponding consent has been obtained, processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information on the user's device (e.g., device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.

Criteo and we are jointly responsible within the meaning of Art. 26 GDPR. An agreement on joint processing has been concluded between Criteo and us, the essential contents of which Criteo describes at the following link: https://www.criteo.com/de/privacy/how-we-use-your-data/.

LoyaltyLion

On our website, we use the LoyaltyLion service from LoyaltyLion Ltd., 20 Farringdon Street, London, UK, to analyze customer data and attract new customers. Personal data is processed for this purpose. This is done based on your consent according to Art. 6 para. 1 lit. a GDPR, which you can revoke at any time. More information can be found in LoyaltyLion Ltd.'s privacy policy at https://loyaltylion.com/privacy.

Wishlist King

On our website, we use the Wishlist King service from Scope Digital Ventures Ltd., 71 Lower Baggot Street, Dublin, Ireland, to analyze customer behavior and send reminder emails. Personal data is processed for this purpose. This is done based on your consent according to Art. 6 para. 1 lit. a GDPR, which you can revoke at any time. More information can be found in Wishlist King's privacy policy at https://www.appmate.io/legal/privacy-policy.

Ask Stella AI

On our website, we use the Stella AI service from Woow Club GmbH, Pettenkoferstraße 4E, 10247 Berlin, to analyze customer shopping behavior and personalize it using artificial intelligence. Personal data is processed for this purpose. This is done based on your consent according to Art. 6 para. 1 lit. a GDPR, which you can revoke at any time. More information can be found in the Ask Stella AI privacy policy at https://askstella.io/privacy.

Hive

On our website, we use the Hive service from Hive Technologies GmbH, Rosenthaler Straße 36, 10178 Berlin, to optimize the ordering and delivery process. Personal data is processed for this purpose. This is done based on your consent according to Art. 6 para. 1 lit. a GDPR, which you can revoke at any time. More information can be found in Hive's privacy policy at https://www.hive.app/privacy-policy.

Unplinkly Digital Downloads

On our website, we use the Unplinkly Digital Downloads service from Stratoware Pte Limited, 20 Collyer Quay, Singapore 049319, Singapore, to operate this as a digital products platform. Personal data is processed for this purpose. This is done based on your consent according to Art. 6 para. 1 lit. a GDPR, which you can revoke at any time. More information can be found in Hive's privacy policy at https://www.uplinkly.com/data-processing-addendum/.

EasyGift

We use the EasyGift service from FiftyPoint6 Ltd., 84 Eccleston Square, Pimlico, London, UK, on our website to manage the shopping cart. For this purpose, personal data is processed. This is done based on your consent according to Art. 6 para. 1 lit. a GDPR, which you can revoke at any time. More information can be found in EasyGift's privacy policy at https://506.io/easygift/privacy.

Fast Bundle

We use the Fast Bundle service on our website to compile and offer product bundles to customers during the ordering process. For this purpose, personal data is processed. This is done based on your consent according to Art. 6 para. 1 lit. a GDPR, which you can revoke at any time. More information can be found in Fast Bundle's privacy policy at https://fastbundle.co/privacypolicy/.

Pathway

We use the Pathway service from pathway solutions Gmbh, Alstertwiete 3, 20099 Hamburg, on our website to handle invoicing. For this purpose, personal data is processed. This is done based on your consent according to Art. 6 para. 1 lit. a GDPR, which you can revoke at any time. More information can be found in Pathway's privacy policy at https://www.pathway-solutions.de/pages/datenschutzerklaerung.

Tolstoy

We use the Tolstoy service from Tolstoy Ltd., 2-3 Bard Road, London, UK, on our website to embed video media on the site. For this purpose, personal data is processed. This is done based on your consent according to Art. 6 para. 1 lit. a GDPR, which you can revoke at any time. More information can be found in Tolstoy's privacy policy at https://www.gotolstoy.com/privacy-policy.

Stocklist Store Locator

We use the Stocklist service from Nitra LLC, 285 Fulton St, New York, United States, on our website to consolidate information about retail stores. For this purpose, personal data is processed. This is done based on your consent according to Art. 6 para. 1 lit. a GDPR, which you can revoke at any time. More information can be found in Stocklist's privacy policy at https://stockist.co/privacy.

Payments: Credit Check

For payment methods where we advance payment (e.g., purchase on account), we reserve the right to conduct a credit check. The data entered will be transmitted to a credit agency for this purpose. Based on this data, the likelihood of a payment default will be determined. If the risk of payment default is too high, the respective payment method may be refused. If the request is related to the fulfillment of a contract or necessary for the fulfillment of pre-contractual obligations, the legal basis for processing this data is Art. 6 para. 1 lit. b GDPR. Additionally, we have a legitimate interest in processing this data under Art. 6 para. 1 lit. f GDPR to prevent payment defaults.

VISA

We use VISA on this website. VISA is a payment service provider. This service is offered by Visa Europe Services Inc., London Branch, 1 Sheldon Square, London W2 6TT, United Kingdom. For the purpose of payment processing, the payment data of the website visitor is processed by the payment service provider as soon as a purchase is made through this website. The respective contractual and data protection provisions of the payment service provider apply to the respective transaction. The legal basis is Art. 6 para. 1 lit. b GDPR. The data is processed for the purpose of (pre-)contractual obligations. In addition, we have a legitimate interest in processing this data within the meaning of Art. 6 para. 1 lit. f GDPR to ensure a fast and reliable payment process. For data transfer to the USA, the EU Commission's Standard Contractual Clauses (SCC) apply.

Further details: https://www.visa.de/nutzungsbedingungen/visa-privacy-center.html.

Mastercard

On this website, we use Mastercard. Mastercard is a payment service provider. This service is offered by Mastercard Europe SA, Chaussée de Tervuren 198A, B-1410 Waterloo, Belgium. For the purpose of payment processing, the payment data of the website visitor is processed by the payment service provider as soon as a purchase is made through this website. The respective contractual and data protection provisions of the payment service provider apply to the respective transaction. The legal basis is Art. 6 para. 1 lit. b GDPR. The data is processed for the purpose of (pre-)contractual obligations. In addition, we have a legitimate interest in processing this data within the meaning of Art. 6 para. 1 lit. f GDPR to ensure a fast and reliable payment process. Mastercard may transfer the data to the parent company in the USA. For this, Mastercard has Binding Corporate Rules (BRaUl).

Further details:

https://www.mastercard.us/content/dam/mccom/global/documents/mastercard-bcrs.pdf

https://www.mastercard.de/de-de/datenschutz.html

Shopify Payment

This website uses Shopify Payment. Shopify Payment is a payment service provider. This service is offered by Shopify International Limited, 2nd Floor Victoria Buildings, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland. For the purpose of payment processing, the payment data of the website visitor is processed by the payment service provider as soon as a purchase is made through this website. The respective contractual and data protection provisions of the payment service provider apply to the respective transaction. The legal basis is Art. 6 para. 1 lit. b GDPR. The data is processed for the purpose of (pre-)contractual obligations. In addition, we have a legitimate interest in processing this data within the meaning of Art. 6 para. 1 lit. f GDPR to ensure a fast and reliable payment process.

Further details: https://www.shopify.com/de/legal/datenschutz.

 

Sofortüberweisung

We use Sofortüberweisung on this website. Sofortüberweisung is a payment service provider. This service is offered by Sofort GmbH, Theresienhöhe 12, 80339 Munich, Germany. For the purpose of payment processing, the payment data of the website visitor is processed by the payment service provider as soon as a purchase is made through this website. For this purpose, the PIN and a valid TAN are transmitted to Sofort GmbH, which logs into the online banking account. The account balance is checked and the corresponding transfer is carried out. In addition, transactions, the credit limit of the overdraft facility, and the existence of other accounts and their balances are queried. The respective contractual and data protection provisions of the payment service provider apply to the respective transaction. The legal basis is Art. 6 para. 1 lit. b GDPR. The data is processed for the purpose of (pre-)contractual obligations. In addition, we have a legitimate interest in processing this data within the meaning of Art. 6 para. 1 lit. f GDPR to ensure a fast and reliable payment process.

Further details:

https://www.sofort.de/datenschutz.html

https://www.klarna.com/sofort/

Paydirekt

We use Paydirekt on this website. Paydirekt is a payment service provider. This service is offered by Paydirekt GmbH, Hamburger Allee 26-28, 60486 Frankfurt am Main, Germany. For the purpose of payment processing, the payment data of the website visitor is processed by the payment service provider as soon as a purchase is made through this website. In addition, further data such as the delivery address and the individual items in the shopping cart are transmitted. Subsequently, Paydirekt authenticates the transaction using the account registered with the bank. The website operator has no access to the account data. The respective contractual and data protection provisions of the payment service provider apply to the respective transaction. The legal basis is Art. 6 para. 1 lit. b GDPR. The data is processed for the purpose of (pre-)contractual obligations. In addition, we have a legitimate interest in processing this data within the meaning of Art. 6 para. 1 lit. f GDPR to ensure a fast and reliable payment process.

Further details:

https://www.paydirekt.de/agb/index.html

Klarna

We use Klarna on this website. Klarna is a payment service provider. This service is offered by Klarna AB, Sveavägen 46, 111 34 Stockholm, Sweden. For the purpose of payment processing, the payment data of the website visitor is processed by the payment service provider as soon as a purchase is made through this website. The respective contractual and data protection provisions of the payment service provider apply to the respective transaction. The legal basis is Art. 6 para. 1 lit. b GDPR. The data is processed for the purpose of (pre-)contractual obligations. In addition, we have a legitimate interest in processing this data within the meaning of Art. 6 para. 1 lit. f GDPR to ensure a fast and reliable payment process.

Further details:

https://cdn.klarna.com/1.0/shared/content/policy/cookie/de_de/checkout.pdf

https://www.klarna.com/de/datenschutz/.

Google Pay

We use Google Pay on this website. Google Pay is a payment service provider. This service is offered by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. For the purpose of payment processing, the payment data of the website visitor is processed by the payment service provider as soon as a purchase is made through this website. The respective contractual and data protection provisions of the payment service provider apply to the respective transaction. The legal basis is Art. 6 para. 1 lit. b GDPR. The data is processed for the purpose of (pre-)contractual obligations. In addition, we have a legitimate interest in processing this data within the meaning of Art. 6 para. 1 lit. f GDPR to ensure a fast and reliable payment process.

Further details: https://policies.google.com/privacy.

Apple Pay

We use Apple Pay on this website. Apple Pay is a payment service provider. This service is offered by Apple Inc., Infinite Loop, Cupertino, CA 95014, USA. For the purpose of payment processing, the payment data of the website visitor is processed by the payment service provider as soon as a purchase is made through this website. The respective contractual and data protection provisions of the payment service provider apply to the respective transaction. The legal basis is Art. 6 para. 1 lit. b GDPR. The data is processed for the purpose of (pre-)contractual obligations. In addition, we have a legitimate interest in processing this data within the meaning of Art. 6 para. 1 lit. f GDPR to ensure a fast and reliable payment process.

Further details: https://www.apple.com/legal/privacy/de-ww/.

PayPal

We use PayPal on our website. PayPal is a payment service provider. This service is offered by PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg. For the purpose of payment processing, the payment data of the website visitor is processed by the payment service provider as soon as a purchase is made through this website. The respective contractual and data protection provisions of the payment service provider apply to the respective transaction. The legal basis is Art. 6 para. 1 lit. b GDPR. The data is processed for the purpose of (pre-)contractual obligations. In addition, we have a legitimate interest in processing this data within the meaning of Art. 6 para. 1 lit. f GDPR to ensure a fast and reliable payment process. For data transfer to the USA, the EU Commission's Standard Contractual Clauses (SCC) apply.

https://www.paypal.com/de/webapps/mpp/ua/pocpsa-full.

Stripe

We use Stripe on this website. Stripe provides technology for operating online payment systems. This service is offered by Stripe Payments Europe Limited, 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, D02 H210, Ireland Attention. For the purpose of payment processing, the payment data of the website visitor is processed by Stripe as soon as a contractual relationship is established through this website. The respective contractual and data protection provisions of Stripe apply to the respective transaction. Stripe also uses cookies to collect data. These cookies are only set with your consent. Consent can be revoked at any time. The legal basis for this is Art. 6 para. 1 lit. a GDPR. Otherwise, the legal basis for processing by Stripe is Art. 6 para. 1 lit. b GDPR. The data is processed for the purpose of contractual obligations. We also have a legitimate interest in processing this data within the meaning of Art. 6 para. 1 lit. f GDPR to ensure a fast and reliable payment process. The data is deleted as soon as it is no longer required for data processing.

Further details: https://stripe.com/de/privacy/

American Express

On this website, we use American Express. American Express is a payment service provider. This service is offered by American Express Europe S.A., Theodor-Heuss-Allee 112, 60486 Frankfurt am Main, Germany ("American Express"). For the purpose of payment processing, the payment data of the website visitor is processed by the payment service provider as soon as a purchase is made through this website. The respective contractual and data protection provisions of the payment service provider apply to the respective transaction. The legal basis is Art. 6 para. 1 lit. b GDPR. The data is processed for the purpose of (pre-)contractual obligations. In addition, we have a legitimate interest in processing this data within the meaning of Art. 6 para. 1 lit. f GDPR to ensure a fast and reliable payment process. American Express may transfer the data to the parent company in the USA. For this purpose, American Express has Binding Corporate Rules.

Further details: https://www.americanexpress.com/en-iec/company/legal/privacy-centre/binding-corporate-rules/.

Union Pay

On this website, we use Union Pay. Union Pay is a payment service provider. This service is offered by Union Pay International Co., Ltd., German Branch, An der Welle 4, 60322 Frankfurt ("Union Pay"). For the purpose of payment processing, the payment data of the website visitor(s) is processed by the payment service provider as soon as a purchase is made through this website. The respective contractual and privacy terms of the payment service provider apply to the respective transaction. The legal basis is Art. 6 para. 1 lit. b GDPR. The data is processed for the purpose of (pre-)contractual obligations. In addition, we have a legitimate interest in processing this data within the meaning of Art. 6 para. 1 lit. f GDPR to ensure a fast and reliable payment process. Union Pay may transfer the data to the parent company in China. For this purpose, Union Pay has Binding Corporate Rules.

Further details: https://www.unionpayintl.com/en/privacyNotice/.

Shop Pay

On this website, we offer payment with Shop Pay, among other options. The provider is Shopify International Limited, Victoria Buildings, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland ("Shop Pay").

If you choose to pay with Shop Pay, Shop Pay will collect various personal data from you. Details can be found in the Shop Pay help at https://www.shopify.com/pay as well as in the privacy policy of Shop Pay at https://www.shopify.de/legal/datenschutz read. The transmission of your data to Shop Pay is based on Art. 6 para. 1 lit. a GDPR and Art. 6 para. 1 lit. b GDPR. You have the option to revoke your consent to data processing at any time. A revocation does not affect the validity of data processing operations carried out in the past.

Right to object

To the extent that we process personal data as explained above to protect our overriding legitimate interests within the scope of a balancing of interests, you can object to this processing with effect for the future here object. If the processing is for direct marketing purposes, you can exercise this right at any time as described above. If the processing is for other purposes, you have a right to object only if there are reasons arising from your particular situation.

After exercising your right to object, we will no longer process your personal data for these purposes unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or if the processing serves the assertion, exercise, or defense of legal claims.

This does not apply if the processing is carried out for direct marketing purposes. In that case, we will not process your personal data further for this purpose.

 

Status of the privacy policy: 07/05/2024

We reserve the right to change this privacy policy at any time with effect for the future.