Privacy policy
We appreciate your interest in our company. The protection of your personal data is important to us. We process your data in accordance with the applicable legal provisions on the protection of personal data, in particular the US General Data Protection Regulation (US GDPR) and the country-specific implementation acts that apply to our company.
Our data protection notice explains what personal data we gather from you via our website, what we use this for, when we delete this and how your data is protected as best as possible by means of security measures. In addition, we disclose the respective legal framework that authorises us to process data accordingly. Furthermore, you will be informed of your statutory rights in connection with the processing of your data. In order to provide you with the best possible transparency in connection with our processing of data, you will first find generally valid information concerning the processing of personal data and then detailed information concerning the following topics:
Tracking measures and the setting of cookies
Data processing in the newsletter
Purchasing in the online shop
Contact options
Social media
Payment systems/credit check/fraud prevention
Personal data are any information that enables the identification of a natural person. This includes, in particular, names, birthdays, addresses, telephone numbers, e-mail addresses but also your IP address.
DATA COLLECTION/PERSONAL DATA
We collect personal data in accordance with the legal requirements. All personal data that we collect from you via the website will only be processed for the purposes described in greater detail below. This collection takes place within the framework of the legal provisions already named, more specifically, only with your consent.
Article 6 EU GDPR in particular specifies when data processing is allowed. comma collects data if:
You have given consent (Article 6(1) lit. a or Article 49 para. 1 sentence 1 lit. a EU GDPR)
Processing is necessary for the performance of a contract/prior to entering into a contract (Article 6(1) lit. b EU GDPR)
Processing is necessary for compliance with a legal obligation (Article 6(1) lit. c EU GDPR)
Processing is necessary for the purposes of the legitimate interests of our company except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject (Article 6(1) lit f. EU GDPR). In particular, we view an overriding, legitimate interest in data processing in the following cases:
Tracking measures and setting of cookies
In order to be able to provide you with an optimal user experience in our online shop and with our advertisements, an experience tailored to your unique needs, we work with various service providers and technology providers, using cookies and tracking methods in the process. In such a case, we base this on our legitimate interest in data processing as far as possible; in most cases, however, we obtain your consent first (Article 6(1) lit. a or Article 49 para. 1 sentence 1 lit. a EU GDPR), which you can of course revoke at any time via the privacy settings. You can find detailed information under the “Tracking measures and setting of cookies” rubric.
Fraud prevention and reduction of payment default
In order to minimise the risk of default, a credit check is conducted within the order process. This check determines which payment options are displayed. All transferred orders which indicate fraud are checked downstream by an employee and relevant measures for preventing fraud are initiated - you can find further information in the “Payment systems / creditworthiness check / fraud prevention” rubric.
Protecting the security of our systems/investigating errors
For technical security reasons, particularly to protect against hacking attempts on our web server, data will be saved pursuant to Article 6(1) lit. f EU GDPR. No connection is established to individual users. In particular, we collect the following data: The web browser and operating system that are used/name of the internet service provider/information about the website you are visiting us from/information about the website/that you retrieve on our site, the date and time of your visit/the name of requested files/whether a file was transferred/the amount of data that is transferred/the IP address assigned by your internet service provider. Of course, personal data that is collected will be kept confidential.
INTERNAL SITES
Where necessary, we will transfer your personal data within the s.Oliver Group (s.Oliver Bernd Freier GmbH & Co. KG, s.Oliver Sales Verwaltung GmbH and LIEBESKIND GmbH). Of course, we comply with the legal framework associated with this process and ensure that your data is lawfully processed. Your personal data are accessible only by authorised employees who require data access because of their responsibilities, e.g. to fulfil your order or to contact you in case of an enquiry.
EXTERNAL SITES
Personal data will be transferred to the following categories of recipients while respecting the legal requirements:
Service providers within the framework of fulfilment
Delivery services, distributors, payment services
Companies that conduct credit checks
Companies that provide marketing services
Service providers that are part of communication systems
Government authorities and institutions to the extent that this is necessary or required
SAFE TRANSFER OF YOUR DATA
We employ the proper technical and organisational security measures to protect data that we save as best as possible from random or intentional manipulation, loss, destruction or access by unauthorised parties. The security level is constantly being monitored together with security experts and adjusted to new security standards.
It goes without saying that the security of your data is also important to us when transferred within the s.Oliver Group or to our partners or third parties - secure transfer procedures are selected accordingly:
Data is generally transferred via a transfer encoded connection. Here we apply state of the art protocols such as TLS 1.2 with PFS.
Therefore only encoded data is exchanged from and to our website. We offer HTTPS as the transfer protocol for our website, always using the current encryption protocols.
RIGHTS OF THE DATA SUBJECT
We are happy to inform you in the following of the rights that may be available to you free of charge as an affected party.
Access: We are happy to inform you about whether, and if so, which personal data of yours we have and are processing.
Rectification: If we are storing erroneous personal data, then of course we will be happy to correct them.
Restriction: You can have the processing of your personal data restricted under certain legal conditions. This is possible, for example, if you contest the accuracy of the data we have.
Erasure: We are happy to delete your personal data following a request by you, regardless of our deletion management, provided that this is legally possible for us.
Objection: You can object to the data processing procedures we use to process your personal data, which we base on balancing the interests of all parties, by indicating the specific grounds for objection.
Withdrawal: Of course, if you have given us consent to process data, you can also withdraw such consent with future effect without indicating the reason.
Data portability: We are happy to make personal data concerning you which we have received as part of concluding a contract or through consent and based on an automated data processing procedure available to you or a third party named by you in a commonly-used, machine-readable format.
You can exercise your rights as a data subject at any time using the contact options provided or consult with us regarding data protection. You can contact our data protection organisation via the following email address: kittylee679250522@gmail.com
TRACKING MEASURES AND SETTING OF COOKIES
As explained above, we wish to provide you with an optimal user experience in our online shop and with our adverts, which are tailored to your unique requirements. For this purpose, we work with various service providers and technology companies and use cookies and tracking methods during this process. You can find detailed information below:
GOOGLE ANALYTICS (ART. 6 PARA. 1 LIT. A OF THE EU GDPR / ART. 6 PARA. 1 LIT. F OF THE EU GDPR)
On the basis of your consent (Article 6 para. 1 lit. of the EU GDPR), this website uses Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). Google Analytics uses “cookies”. These are text files which are saved on your end device and which enable an analysis of your use of the website. The information generated this way will be transmitted to and stored by Google on servers in the United States. If IP anonymisation is activated, your IP address will be shortened by Google. A complete analysis by Google only takes place in exceptional cases.
On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. The IP address transmitted by your browser within the scope of Google Analytics will not be combined with other data from Google.
If you reject the use of classic Google Analytics by refusing the use of cookies in our consent banner, the personal data mentioned above will not be collected from you. For example, you will not be recognised when you visit our site again. Only one session ID is generated, which is renewed with every visit. In order to nevertheless be able to generate a statistical evaluation of our website, your age, gender, country, abbreviated postcode (97XXX) and the transaction ID are linked to this temporary session ID. In addition, the IP address is recorded but is however shortened by Google. A complete analysis by Google only takes place in exceptional cases.
GOOGLE TAG MANAGER (ARTICLE 6 PARA. 1 LIT. F OF THE EU GDPR)
This website uses Google Tag Manager provided by Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland. Using this service, website tags can be managed via an interface. The Tool Tag Manager itself (which implements the tags) is a cookie-free domain. This means that essentially no cookies are used and no personal data is recorded. Google Tag Manager activates other tags that may then record data. However, Google Tag Manager does not access this data. If deactivation has occurred at domain or cookie level, it remains in place for all tracking tags implemented by Google Tag Manager.
More information is available at http://www.google.com/tagmanager/use-policy.html
USERCENTRICS (ARTICLE 6 PARA. 1 LIT. C OF THE EU GDPR)
To obtain and manage your consents, we use the Usercentrics Consent Management Platform. The provider is Usercentrics GmbH, Sendlinger Straße 7, 80331 Munich. The Usercentrics Consent Management Platform collects device information, browser information, opt-in and opt-out data, date and time of visit, URL requests and page path of the website via JavaScript. This JavaScript allows Usercentrics GmbH to inform the user of specific tags and web technologies on our website and to obtain, manage and document the user’s consent. The legal framework for the processing of the data is Article 6 para. 1 lit. c and f of the EU GDPR, as we are required by law to provide evidence of consent (in accordance with Article 7 para. 1 of the EU GDPR). The aim is to identify the preferences of the users and implement them accordingly, as well as document them in a legally secure manner. The data is deleted as soon as it is no longer needed for logging purposes and there are no statutory retention requirements to the contrary. Consent data (consent and withdrawal of consent) is stored for three years.
SEARCH ENGINES
We use tracking methods from search engine providers to optimise our advertisements so that you can easily find our online shop in the standard search engines, even with relevant future search queries. For example, to determine the relevance of an advertisement, we record the categories that are interesting to the shop’s visitor, and whether an order was placed. These data are pseudonymised and transferred to the search engine providers. With your permission, data may be transferred to a third country outside of the EU, which may have a lower level of data protection than that of the EU (Article 49 para. 1 sentence 1 lit. a EU GDPR).
GOOGLE ADWORDS REMARKETING & CONVERSION TRACKING
Our website uses Google Adwords remarketing functions, which we use to advertise for this website in Google search results and on third party websites. These functions are provided by Google LLC., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google”). For this purpose, Google places a cookie onto the browser of your terminal device. This cookie has a pseudonymous ID which automatically facilitates interest-based advertisements based on the websites you visit. The processing takes place on the basis of your consent in accordance with Article 6(1) lit. a EU GDPR. You can withdraw at any time under the privacy settings. Please be aware that with your consent, data may also be transferred to a third country outside of the EU/European Economic Area, which may have a lower level of data protection than that of the EU (Article 49 para. 1 sentence 1 lit. a EU GDPR).
Any data processing beyond that shall only take place if you have agreed with Google to connect your internet and app browsing history from Google with your Google account and information is used from your Google account to personalise advertisements that you see online. If in this case you are logged in to Google while visiting our website, Google will use your data together with Google Analytics data in order to create and define target audience lists for remarketing across devices. To do so, your personal data from Google will be temporarily connected with Google Analytics data in order to create target audiences.
The cookie for conversion tracking is added when a user clicks on an AdWords advertisement from Google. Cookies are small text files that are deposited on your computer system. These cookies generally expire after 30 days and cannot identify a user personally. If the user visits certain pages on this website and the cookie has not yet expired, then we and Google can detect that the user clicked on the ad and was redirected to this page. Every Google AdWords customer receives a different cookie. Therefore cookies cannot be traced back to AdWords customers via a website. The information obtained through the conversion cookies serves to compile conversion statistics for AdWords customers who have decided to make use of conversion tracking. Customers find out the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. Customers do not, however, receive any information that can identify a user personally.
If need be, Google LLC may transfer personal data to the USA. Please be aware that with your consent, data may therefore be transferred to a third country outside of the EU/European Economic Area, which may have a lower level of data protection than that of the EU (Article 49 para. 1 sentence 1 lit. a EU GDPR).
AFFILIATES - NOT CURRENTLY ACTIVE
We work together with affiliate programmes and use their cookies and tracking methods so that you do not miss any exciting promotions and can benefit from bonus programmes. Affiliate programmes are the partner networks of individual website operators such as voucher portals, bonus programmes and bloggers. These technologies help us to determine if the advertisements introduced by the affiliates have generated an order. This benefits both you and the partners. With your permission, data may be transferred to a third country outside of the EU, which may have a lower level of data protection than that of the EU (Article 49 para. 1 sentence 1 lit. a EU GDPR).
RETARGETING - NOT CURRENTLY ACTIVE
We work together with retargeting providers so that we can show you advertising banners on external websites with relevant products from our online shop which you may have been interested in, but which you have not yet purchased. In order to do so, transaction data from our website are recorded, e.g. items you have viewed or placed in your shopping cart. Please do not be surprised: If you decide against the collection of data for the purpose of retargeting, a new window will open which will take you to the website of our retargeting provider. In order to ensure that data will no longer be forwarded to the partners, please follow the instructions on their website and then save your details to conclude the process. With your permission, data may be transferred to a third country outside of the EU, which may have a lower level of data protection than that of the EU (Article 49 para. 1 sentence 1 lit. a EU GDPR).
SOCIAL NETWORKS
We use the cookies and tracking technologies of social media channels to show you exciting promotions and customised advertisements on your preferred social media channels. In order to do so, pseudonymised data are transferred to the networks and merged, if necessary, with additional data by the network. With your permission, data may be transferred to a third country outside of the EU, which may have a lower level of data protection than that of the EU (Article 49 para. 1 sentence 1 lit. a EU GDPR).
FACEBOOK WEBSITE CUSTOM AUDIENCES (CUSTOM AUDIENCE PIXEL)
This website uses “Facebook Pixel” by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA ("Facebook”) or, if its registered office is in the EU, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
If express consent is granted, then user behaviour can be tracked after a user views or clicks on a Facebook advertisement. This process serves to evaluate the efficacy of Facebook advertisements for statistical and market research purposes and can contribute to optimising future advertising activities. The collected data is anonymous to us and therefore cannot be used to draw conclusions about the identity of the user. The data from Facebook will be stored and processed, however, such that a connection to a respective user profile is possible and Facebook can use the data for their own advertising purposes according to the Facebook Data Policy (https://www.facebook.com/about/privacy/).
When collecting data, we rely on your consent in accordance with Article 6(1) lit. a EU GDPR to process the data accordingly, which you may revoke at any time by changing your privacy settings. If you withdraw your consent, your data is no longer used for this purpose and is erased, as long as there are no conflicting statutory retention periods. If you do not withdraw your consent, the retention period for data is 180 days. Finally, the data is automatically erased.
Only users over the age of 13 may express consent to the use of Facebook Pixel. If you are younger, we advise you to ask your parents or legal guardians for permission. With your consent, if necessary, your data is transferred to a third country outside of the EU / EEA, which may have a lower level of data protection than that of the EU (Article 49 (1) point a GDPR).
You can withdraw your consent to the processing of your data here.
Comment