Amiea Shop
Privacy Policy
1 PREAMBLE
We
MT.DERM GmbH
Blohmstrasse 37-61
12307 Berlin
Germany
are the operators (hereinafter referred to as "We" or the "Operators") of the website shop.amiea.com (hereinafter referred to as the "Website") and the services offered on it and are therefore responsible for the collection, processing and use of personal data within the meaning of the General Data Protection Regulation (GDPR), the German Federal Data Protection Act (new FDPA) and the German Telemedia Act (TMG).
The principle of data minimisation is of great importance to us even at the data collection stage. We shall only collect and process personal data if you have given us your consent or if the law expressly permits or mandates us to do so. We will explain below which data we collect, how we use it and which rights you have with regard to the use of your data.
2 SECURITY
The data entered on our website shall be encrypted (according to the state of the art) and transmitted to our servers via the internet.We protect our website and other systems through technical and organisational measures against loss, destruction, access, modification or dissemination of your data by unauthorised persons. Our security measures are continuously improved in line with technological developments.
3 COLLECTION, STORAGE AND USE OF PERSONAL DATA
3.1 Personal data
The term personal data defines individual information about personal or factual circumstances of a specific or identifiable natural person (data subject). This includes, for example, your real name, your address, your telephone number or your date of birth.
3.2 Collection, processing and use of personal data
We shall adhere strictly to the statutory provisions of the General Data Protection Regulation, the German Federal Data Protection Act and the German Telemedia Act when collecting, processing and using personal data.
We will collect, store and process your data for the entire complaint handling process, the implementation and improvement of our services, technical administration, improvement of our products and services as well as our own marketing purposes.
When using the website for information purposes only, i.e. if you do not register or otherwise provide us with information, we will only collect the personal data that your browser transmits to our server. If you wish to view our website, we will collect the following data that are technically necessary for us to display our website to you and to guarantee stability and security (legal basis is Art. 6(1)(1)(f) of the GDPR):
– IP address;
– Date and time of the request;
– Time zone difference from Greenwich Mean Time (GMT;)
– Content of the request (specific page);
– Access Status/HTTP Status Code;
– The amount of data transferred in each case;
– Website from which the request comes;
– Browser;
– Operating system and its interface;
– Language and browser software version.
For the processing of complaints, we will collect a person’s full name, address, country, telephone number and e-mail address, IP address and gender.If you contact us by e-mail or through the contact form, we will store your e-mail address and other information according to the form. This is done for the purpose of responding to you or, if necessary, contacting you at a later point in time about the subject of the inquiry.
When the processing of your request has been completed, your data will be blocked for further use and deleted after expiry of the periods provided for under tax and commercial law, unless you have expressly consented to further use of your data.
3.3 Children
Persons under the age of 18 should not transmit any personal data to us without the consent of their parents or legal guardians. We do not request personal data from children and young people, shall not collect any and shall not pass on any to third parties.
3.4 Retention period
Personal data provided to us via our website will only be stored until the purpose for which they were entrusted to us has been fulfilled. If retention periods under commercial and tax law have to be observed, the storage period for certain data can be up to 10 years or longer.
3.5 Disclosure of data/ transmission to third parties
In some cases, we use external service providers to process your data. We have carefully selected and commissioned these providers, who are bound by our instructions and are regularly monitored.
Your personal data will only be passed on or otherwise transmitted to third parties if this is necessary for the purpose of contract processing or invoicing or if you have given your prior consent. As part of complaints handling, for example, the service providers we use here (such as logisticians) will receive the necessary data for order processing. The data passed on in this way may only be used by our service providers for the performance of their tasks. Any other use of the information is not permitted and shall not be made by any of the service providers commissioned by us.
We will not sell or otherwise pass on your data to third parties without your consent. Anything to the contrary shall only apply if there is a legal obligation to do so (e.g. transmitting information to certain authorities within the scope of their statutory duties) or if this is necessary for the enforcement of our rights, especially for the enforcement of claims arising from the contractual relationship with you.
3.6 Storage of log files
Every time you visit our website, the access will be recorded (access log). The recording is automated and will be anonymised. This means that the collected personal data (e.g. IP address) will be changed such that the individual information about personal or factual circumstances can no longer be assigned to a specific or identifiable natural person or this can only be done with a disproportionately high expenditure of time, cost and manpower.
The stored log files serve to further improve our website and the services offered as well as to better control the capacities of the servers.
4 NEWSLETTER
If you consent to doing so, you can subscribe to our newsletter through which we inform you about ourselves and our work, projects, campaigns and offers. We use the so-called double opt-in procedure for the registration to our newsletter. This means that after your registration we will send you an e-mail to the specified e-mail address in which we will ask you to confirm that you would like the newsletter to be sent. If you do not confirm your registration within [24 hours], your information will be blocked and automatically deleted after one month. In addition, we will store your IP addresses and the time of registration and confirmation. The purpose of the procedure is to be able to prove your registration and, if necessary, to resolve any misuse of your personal data.If you would like to receive the newsletter, you will have to supply us a valid e-mail address as well as information allowing us to verify that you are the owner of the given e-mail address or that the owner agrees to receive the newsletter.
You can also provide us with your first and last name and additional information using the online form. No other data will be collected. After your confirmation, we will save your e-mail address for the purpose of sending you the newsletter. The legal basis for this is Art. (6) ( 1) (1)(a) of the GDPR.
This data will only be used for the newsletter’s dispatch and will not be passed on to third parties. We will save your IP address and the date of registration when you register for the newsletter. This storage serves solely as proof in the event that a third party misuses an e-mail address and registers for the newsletter’s receipt without the authorised party’s knowledge. You can revoke your consent to the storage of the data and the e-mail address as well as their use for the newsletter’s despatch at any time.
Revocation can be effected through a link in the newsletters themselves or by communication using the contact procedures below.
5 WEB ANALYTICS SERVICES
5.1 Google Analytics
This website uses Google Analytics, a web analysis service of Google Inc. ("Google"). Google Analytics uses so-called "cookies", which are text files stored on your computer to enable the website analyse your use of the site. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. However, if IP anonymisation has been activated on this website, Google shall truncate your IP address beforehand within Member States of the European Union or in other signatory states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. On behalf of this website’s operator, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide the website operator with other services relating to website and Internet use. The IP address transmitted by your browser in the context of Google Analytics shall not be merged with other Google data. You may refuse the use of cookies by selecting the appropriate settings on your browser, however, please note that if you do this you may not be able to use this website’s full functionality. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by downloading and installing the browser plug-in available at the following link.
You can prevent the collection by Google Analytics by clicking on the following link. An opt-out cookie will be set which prevents the future collection of your data when visiting this website: deactivate Google Analytics.
We use Google Analytics to analyse and regularly improve the use of our website. We can improve our offer and make it more interesting for you as a user. Google has signed up to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework for the exceptional cases in which personal data is transferred to the USA. The legal basis for the use of Google Analytics is Art. 6(1)(1)(f) of the GDPR.
You can find more information on terms of use and data protection at http://www.google.com/analytics/terms/de.html or at http://www.google.de/intl/de/policies/. Please note that on this website, Google Analytics has been supplemented with the code "anonymizeIp" to ensure anonymous collection of IP addresses (so-called IP masking).
6 SOCIAL PLUG-INS AND INTEGRATION OF YOUTUBE VIDEOS
6.1 Social Plug-Ins
We do not use plug-ins from social networks called "social plug-ins” on our site. The symbols of social networks used on the website merely represent links to the respective services.
6.2 YouTube Videos
We use YouTube to integrate videos. The videos were embedded in the extended data protection mode. Like most websites, however, YouTube also uses cookies to collect information about the visitors to its website. YouTube uses them, among other things, to collect video statistics, to prevent fraud and to improve user-friendliness. This also leads to the establishment of a connection to the Google DoubleClick network. You could trigger further data processing by starting the video. We have no control over that. For more information about privacy at YouTube, please see their privacy policy: http://www.youtube.com/t/privacy_at_youtube
7 RIGHT OF OBJECTION AND THE RIGHTS TO INFORMATION, RECTIFICATION, CORRECTION AND DELETION OF DATA
You have a right to information regarding the personal data stored about you and a right to correction of incorrect data as well as their blocking, completion and deletion.You can object to the use of your data for the aforementioned purposes at any time with effect for the future without incurring any costs other than transmission costs according to the basic tariffs.
Upon request, we will provide you with a copy of your personal data in a structured, common and machine-readable format.
For information about your personal data, to have incorrect data corrected or blocked or deleted, to exercise your right of objection and for further questions about the use of your personal data, please contact us:
MT.DERM GmbH
Data protection
Blohmstrasse 37-61
12307 Berlin
Germany
datenschutz@mtderm.de
8 COMPLAINT TO THE SUPERVISORY AUTHORITY
Pursuant to Art. 77 of the GDPR, data subjects have the right to complain to the competent supervisory authority if they believe that the processing of their personal data is unlawful. The competent data protection supervisory authority is the Berlin Commissioner for Data Protection and Freedom of Information.9 DISCLAIMER OF LIABILITY
All information contained on this website has been verified very carefully. However, we do not guarantee that the contents of our own websites are always correct, complete and up to date.We exclude liability for external links referring to third parties’ internet offers.