top of page

DATA PROTECTION

Data protection

We have written this data protection declaration (version 20.05.2020-311178901) in order to provide you withGeneral Data Protection Regulation (EU) 2016/679  to explain what information we collect, how we use data and the choices you have as a visitor to this website.

Unfortunately, it is in the nature of things that these explanations sound very technical, but we have tried to describe the most important things as simply and clearly as possible when creating them.

Automatic data storage

When you visit websites today, certain information is automatically created and stored, including on this website.

If you visit our website as you are right now, our web server (computer on which this website is stored) automatically saves data such as

  • the address (URL) of the accessed website

  • Browser and browser version

  • the operating system used

  • the address (URL) of the previously visited page (referrer URL)

  • the hostname and IP address of the device from which access is being made

  • Date and Time

in files (web server log files).

As a rule, web server log files are stored for two weeks and then automatically deleted. We do not pass on this data, but cannot rule out that this data will be viewed in the event of illegal behavior.

cookies

Our website uses HTTP cookies to store user-specific data.
In the following we explain what cookies are and why they are used so that you can better understand the following data protection declaration.

What exactly are cookies?

Whenever you surf the Internet, you use a browser. Well-known browsers include Chrome, Safari, Firefox, Internet Explorer and Microsoft Edge. Most websites store small text files in your browser. These files are called cookies.

One thing cannot be denied: Cookies are really useful little helpers. Almost all websites use cookies. More precisely, they are HTTP cookies, because there are other cookies for other purposes. HTTP cookies are small files that our website stores on your computer. These cookie files are automatically stored in the cookie folder, which is basically the "brain" of your browser. A cookie consists of a name and a value. When defining a cookie, one or more attributes must also be specified.

Cookies store certain user data from you, such as language or personal page settings. When you visit our site again, your browser transmits the "user-related" information back to our site. Thanks to the cookies, our website knows who you are and offers you your usual default setting. In einigen Browsern hat jedes Cookie eine eigene Datei, in anderen wie beispielsweise Firefox sind alle Cookies in einer einzigen Datei saved.

There are both first-party cookies and third-party cookies. First-party cookies are created directly by our site, third-party cookies are created by partner websites (e.g. Google Analytics). Each cookie must be evaluated individually, as each cookie stores different data. The expiry time of a cookie also varies from a few minutes to a few years. Cookies are not software programs and do not contain viruses, trojans or other "pests". Cookies also cannot access information on your PC.

For example, cookie data can look like this:

  • Name: _ga

  • Expiry time: 2 years

  • Use: Differentiation of website visitors

  • Sample value: GA1.2.1326744211.152311178901

A browser should support the following minimum sizes:

  • A cookie should contain at least 4096 bytes

  • At least 50 cookies should be stored per domain

  • A total of at least 3000 cookies should be able to be stored

What types of cookies are there?

The question of which cookies we use in particular depends on the services used and is clarified in the following sections of the data protection declaration. At this point we would like to briefly discuss the different types of HTTP cookies.

There are 4 types of cookies:

Strictly Necessary Cookies
These cookies are necessary to ensure basic functions of the website. For example, these cookies are needed if a user puts a product in the shopping cart, then continues surfing on other pages and only goes to the checkout later. These cookies do not delete the shopping cart, even if the user closes their browser window.

Functional cookies
These cookies collect information about user behavior and whether the user receives any error messages. In addition, these cookies are also used to measure the loading time and behavior of the website in different browsers.

Targeting cookies
These cookies ensure a better user experience. For example, entered locations, font sizes or form data are saved.

advertising cookies
These cookies are also called targeting cookies. They are used to provide the user with individually tailored advertising. This can be very useful, but also very annoying.

Usually, when you visit a website for the first time, you will be asked which of these types of cookies you would like to allow. And of course this decision is also stored in a cookie.

How can I delete cookies?

You decide for yourself how and whether you want to use cookies. Regardless of which service or website the cookies come from, you always have the option of deleting Cookies, only partially allowing them or deactivating them. For example, you can block third-party cookies but allow all other cookies.

If you want to find out which cookies have been stored in your browser, if you want to change or delete cookie settings, you can find this in your browser settings:

Chrome: Delete, enable and manage cookies in Chrome

Safari: Managing Cookies and Website Data with Safari

Firefox: Clear cookies to remove data websites have placed on your computer

Internet Explorer: Delete and manage cookies

Microsoft Edge: Deleting and managing cookies

If you generally do not want any cookies, you can set up your browser so that it always informs you when a cookie is to be set. You can decide for each individual cookie whether you allow the cookie or not. The procedure differs depending on the browser. It is best to search the instructions in Google with the search term “delete cookies Chrome” or “disable cookies Chrome” in case of a Chrome browser or replace the word “Chrome” with the name of your browser, e.g. Edge, Firefox, Safari.

What about my data protection?

The so-called “Cookie Guidelines” have been in place since 2009. It states that the storage of cookies requires the consent of the website visitor (i.e. you). Within the EU countries, however, there are still very different reactions to these directives. In Germany, the cookie guidelines have not been implemented as national law. Instead, this guideline was largely implemented in Section 15 (3) of the Telemedia Act (TMG).

If you want to know more about cookies and don't shy away from technical documentation, we recommend https://tools.ietf.org/html/rfc6265, the Internet Engineering Task Force (IETF) Request for Comments called “HTTP State Management Mechanism”.

storage of personal data

Personal data that you transmit to us electronically on this website, such as name, e-mail address, address or other personal information when submitting a form or comments on the blog, will be stored by us together with the time and the IP Address used only for the purpose stated, kept safe and not passed on to third parties.

We therefore only use your personal data for communication with those visitors who expressly request contact and for the processing of the services and products offered on this website. We do not pass on your personal data without your consent, but we cannot rule out that this data will be viewed in the event of illegal behavior.

If you send us personal data by e-mail - thus outside of this website - we cannot guarantee a secure transmission and the protection of your data. We recommend that you never send confidential data unencrypted by e-mail.

The legal basis is after Article 6  paragraph 1 a GDPR  (lawfulness of processing) in that you give us consent to process the data you have entered. You can revoke this consent at any time - an informal e-mail is sufficient, you will find our contact details in the imprint.

Rights under the General Data Protection Regulation

According to the provisions of the GDPR, you have the following rights:

  • Right to rectification (Article 16 GDPR)

  • Right to erasure (“right to be forgotten”) (Article 17 GDPR)

  • Right to restriction of processing (Article 18 GDPR)

  • Right to notification – obligation to notify in connection with rectification or erasure of personal data or restriction of processing (Article 19 GDPR)

  • Right to data portability (Article 20 GDPR)

  • Right to object (Article 21 GDPR)

  • Right not to be subject to a decision based solely on automated processing, including profiling (Article 22 GDPR)

If you believe that the processing of your data violates data protection law or your data protection rights have otherwise been violated in any way, you can contact die Federal Commissioner for Data Protection and Freedom of Information (BfDI) contact.

Evaluation of visitor behavior

In the following data protection declaration we inform you whether and how we evaluate data from your visit to this website. The evaluation of the collected data is usually anonymous and we cannot draw any conclusions about your person from your behavior on this website.

You can find out more about the possibilities of objecting to this evaluation of visit data in the following data protection declaration.

TLS encryption with https

We use https to transmit data securely on the Internet (data protection by Technikgestaltung Article 25 paragraph 1 GDPR). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission on the Internet, we can ensure the protection of confidential data. You can recognize the use of this protection of data transmission by the small lock symbol in the top left corner of the browser and the use of the https scheme (instead of http) as part of our Internet address.

Google Fonts Privacy Policy

We use Google Fonts on our website. These are the “Google fonts” from Google Inc. The company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services in Europe. You do not need to register or enter a password to use Google fonts. Furthermore, no cookies are stored in your browser. The files (CSS, typefaces/fonts) are requested via the Google domains fonts.googleapis.com and fonts.gstatic.com. According to Google, requests for CSS and fonts are completely separate from all other Google services. If you have a Google account, you don't have to worry about your Google account data being transmitted to Google while using Google Fonts. Google records the use of CSS (Cascading Style Sheets) and the fonts used and stores this data securely. How the data storage looks exactly, we will look at in detail.

What are Google Fonts?

Google Fonts (formerly Google Web Fonts) is a directory with over 800 fonts that Google  makes it available to its users free of charge. Many of these fonts are released under the  SIL Open Font License_cc781905-5cde-3194-bb3b-136bad5cf58d-5cc-98de9015cde-941 bb3b-136bad5cf58d_apache-license  were published. Both are free software licenses.

Why do we use Google Fonts on our website?

With Google Fonts we can use fonts on our own website, but do not have to upload them to our own server. Google Fonts is an important component in keeping the quality of our website high. All Google fonts are automatically optimized for the web and this saves data volume and is a great advantage especially for use with mobile devices. When you visit our site, the small file size ensures fast loading time. Furthermore, Google Fonts are secure web fonts. Different image synthesis systems (rendering) in different browsers, operating systems and mobile devices can lead to errors. Such errors can partially distort texts or entire websites. Thanks to the fast Content Delivery Network (CDN), there are no cross-platform problems with Google Fonts. Google Fonts supports all common browsers (Google Chrome, Mozilla Firefox, Apple Safari, Opera) and works reliably on most modern mobile phones Operating systems including Android 2.2+ and iOS 4.2+ (iPhone, iPad, iPod). So we use Google Fonts so that we can present our entire online service as beautifully and uniformly as possible.

Which data is stored by Google?

When you visit our website, the fonts are reloaded via a Google server. This external call transmits data to the Google servers. In this way, Google also recognizes that you or your IP address are visiting our website. The Google Fonts API was developed to reduce the use, storage and collection of end-user data to what is necessary for proper font delivery. Incidentally, API stands for "Application Programming Interface" and is used at other things as a data transmitter in the software sector.

Google Fonts securely stores CSS and font requests on Google and is therefore protected. Through the collected usage figures, Google can determine how well the individual fonts are received. Google publishes the results on internal analysis pages, such as Google Analytics. Google also uses data from its own web crawler to determine which websites use Google fonts. This data is published in the Google Fonts BigQuery database. Entrepreneurs and developers use the Google Webservice BigQuery to examine and move large amounts of data.

However, it should be remembered that with each Google Font request, information such as language settings, IP address, browser version, browser screen resolution and browser name are automatically transmitted to the Google servers. Whether this data is also stored cannot be clearly determined or is not clearly communicated by Google.

How long and where is the data stored?

Google stores requests for CSS assets for one day on its servers, which are mainly located outside the EU. This enables us to use the fonts using a Google style sheet. A style sheet is a template that you can use to change the design or font of a website, for example, quickly and easily.

The font files are stored by Google for one year. Google is thus pursuing the goal of fundamentally improving the loading time of websites. When millions of websites refer to the same fonts, they are cached after the first visit and immediately reappear on all other websites visited later. Sometimes Google updates font files to reduce file size, increase language coverage, and improve design.

How can I delete my data or prevent data storage?

The data that Google stores for a day or a year cannot simply be deleted. The data is automatically transmitted to Google when the page is accessed. To be able to delete this data prematurely, you must contact Google support on https://support.google.com/?hl=de&tid=311178901Contact  . In this case, you only prevent data storage if you do not visit our site.

Unlike other web fonts, Google allows us unlimited access to all fonts. So we have unlimited access to a sea of fonts and thus get the best out of our website. You can find more about Google Fonts and other questions at https://developers.google.com/fonts/faq?tid=311178901. Although Google addresses data protection issues there, it does not contain really detailed information about data storage. It is relatively difficult to get really precise information about stored data from Google.

You can also find out which data is generally collected by Google and what this data is used for on https://www.google.com/intl/de/policies/privacy/Read  .

Custom Google Search Privacy Policy

We have integrated the Google plug-in for user-defined search on our website. Google is the largest and best-known search engine in the world and is operated by the US company Google Inc. The company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for the European area. The user-defined Google search can transfer data from you to Google. In this data protection declaration we inform you why we use this plug-in, which data is processed and how you can manage or prevent this data transmission.

What is Google Custom Search?

The Google Custom Search plugin is a Google search bar right on our website. The search finds like auf www.google.com  instead, but the search results focus on our content and products or on a limited search area.

Why do we use Google Custom Search on our website?

A website with a lot of interesting content is often so big that you can lose track of it. We have also accumulated a lot of valuable material over time and as part of our service we want you to find our content as quickly and easily as possible. Custom Google Search makes finding interesting content a breeze. The built-in Google plug-in improves the overall quality of our website and makes it easier for you to search.

What data is stored by the custom Google search?

The custom Google search only transfers data from you to Google if you actively use the Google search built into our website. This means that only when you enter a search term in the search bar and then confirm this term (e.g. click on "Enter") will your IP address and the search term be sent to Google, saved and processed there. Based on the set cookies (such as 1P_JAR) it can be assumed that Google also receives data on website usage. If you search for content during your visit to our website using the built-in Google search function and are logged in to your Google account at the same time, Google can also assign the data collected to your Google account. As the website operator, we have no influence on what Google does with the data collected or how Google processes the data.

The following cookies are set in your browser when you use Google Custom Search and are not logged in with a Google account:

Name: 1P_JAR
Value: 2020-01-27-13311178901-5
Purpose: This cookie collects statistics on website usage and measures conversions. A conversion occurs, for example, when a user becomes a buyer. The cookie is also used to display relevant advertisements to users.
Expiry date: after one month

Name: CONSENT
Value: WP.282f52311178901-9
Purpose: The cookie stores the status of a user's consent to the use of various Google services. CONSENT is also used for security, to check users and protect user data from unauthorized attacks.
Expiry date: after 18 years

Name: NID
Value: 196=pwIo3B5fHr-8
Purpose: NID is used by Google to adapt advertisements to your Google search. With the help of the cookie, Google “remembers” your entered search queries or your previous interaction with ads. So you always get tailor-made advertisements.
Expiry date: after 6 months

Note: This list cannot claim to be complete, since Google is constantly changing the choice of its cookies.

How long and where is the data stored?

The Google servers are distributed all over the world. Since Google is an American company, most of the data is stored on American servers. Unter https://www.google.com/about/datacenters/inside/locations/?hl=de  see exactly where the Google servers are located.
Your data is distributed across different physical media. As a result, the data can be called up more quickly and is better protected against possible manipulation. Google also has corresponding emergency programs for your data. If, for example, there are internal technical problems at Google and servers are no longer working as a result, the risk of a service interruption and loss of data remains small.
Depending on which data is involved, Google stores it for different lengths of time. You can delete some data yourself, others are automatically deleted or made anonymous by Google. However, there is also data that Google stores longer if this is necessary for legal or business reasons.

How can I delete my data or prevent data storage?

Under European Union data protection law, you have the right to access, update, delete or restrict your data. There is some data that you can delete at any time. If you have a Google account, you can delete data about your web activity there or set it to be deleted after a certain period of time.
In your browser you also have the option of deactivating or deleting cookies or managing them according to your wishes and preferences. Here you will find instructions for the most important browsers:

Chrome: Delete, enable and manage cookies in Chrome

Safari: Managing Cookies and Website Data with Safari

Firefox: Clear cookies to remove data websites have placed on your computer

Internet Explorer: Delete and manage cookies

Microsoft Edge: Deleting and managing cookies

Google is an active participant in the EU-US Privacy Shield Framework, which regulates the correct and secure data transfer of personal data. More information can be found on https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI. We hope we were able to provide you with the most important information about data processing by Google. If you want to learn more about this, we recommend Google's comprehensive data protection declaration at https://policies.google.com/privacy?hl=de.

Google Tag Manager Privacy Policy

We use the Google Tag Manager from Google Inc. for our website. The company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services in Europe. This tag manager is one of many helpful marketing products from Google. Using the Google Tag Manager, we can centrally install and manage code sections from various tracking tools that we use on our website.

In this privacy policy, we want to explain to you in more detail what the Google Tag Manager does, why we use it and how data is processed.

What is Google Tag Manager?

The Google Tag Manager is an organizational tool that we can use to integrate and manage website tags centrally and via a user interface. Tags are small code sections that, for example, record (track) your activities on our website. For this purpose, JavaScript code sections are used in the source code of our site. The tags often come from internal Google products such as Google Ads or Google Analytics, but tags from other companies can also be integrated and managed via the manager. Such tags take on different tasks. They can collect browser data, feed marketing tools with data, embed buttons, set cookies and also track users across multiple websites.

Why do we use Google Tag Manager for our website?

As the saying goes: organization is half the battle! And of course that also applies to the maintenance of our website. In order to make our website as good as possible for you and all people who are interested in our products and services, we need various tracking tools such as Google Analytics. The data collected by these tools show us what interests you most, where we can improve our services and to which people we should still show our offers. And for this tracking to work, we have to embed the appropriate JavaScript codes into our website. In principle, we could integrate each code section of the individual tracking tools separately into our source code. However, this requires a relatively large amount of time and it is easy to lose track. That's why we use the Google Tag Manager. We can easily build in the necessary scripts and manage them from one place. In addition, the Google Tag Manager offers an easy-to-use user interface and you do not need any programming knowledge. This is how we manage to keep order in our daily jungle.

What data is stored by Google Tag Manager?

The Tag Manager itself is a domain that does not set cookies and does not store any data. It acts as a mere "manager" of the implemented tags. The data is recorded by the individual tags of the different web analysis tools. The data is passed through to the individual tracking tools in the Google Tag Manager and not saved.

However, it looks completely different with the integrated tags of the various web analysis tools, such as Google Analytics. Depending on the analysis tool, various data about your web behavior is usually collected, stored and processed with the help of cookies. To do this, please read our data protection texts on the individual analysis and tracking tools that we use on our website.

In the Tag Manager account settings, we have allowed Google to receive anonymous data from us. However, this only relates to the use and utilization of our tag manager and not to your data, which is stored via the code sections. We enable Google and others to receive selected data in an anonymous form. We therefore agree to the anonymous transfer of our website data. Despite extensive research, we were not able to find out exactly which summarized and anonymous data is forwarded. In any case, Google deletes all information that could identify our website. Google combines the data with hundreds of other anonymous website data and creates user trends as part of benchmarking measures. In benchmarking, your own results are compared with those of your competitors. Processes can be optimized on the basis of the information collected.

How long and where is the data stored?

When Google saves data, this data is saved on Google's own servers. The servers are spread all over the world. Most are in America. Unter https://www.google.com/about/datacenters/inside/locations/?hl=de  you can read exactly where the Google servers are located.

How long the individual tracking tools store your data can be found in our individual data protection texts for the individual tools.

How can I delete my data or prevent data storage?

The Google Tag Manager itself does not set any cookies, but manages tags from various tracking websites. In our data protection texts for the individual tracking tools, you will find detailed information on how to delete or manage your data.

Google is an active participant in the EU-US Privacy Shield Framework, which regulates the correct and secure data transfer of personal data. More information can be found on https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&tid=311178901. If you want to learn more about the Google Tag Manager, we recommend the FAQs under https://www.google.com/intl/de/tagmanager/faq.html.

Source: Created with dem Privacy Generator by AdSimple in cooperation with hashtagbeauty.de

bottom of page