Privacy Policy
The following privacy policy applies to the use of our online offer (hereinafter referred to as "Website").
We consider privacy highly important. The collection and processing of your personal data is carried out in compliance with the applicable data protection regulations, in particular the General Data Protection Regulation (GDPR). We collect and process your personal data in order to offer you the above-mentioned portal. This statement describes how and for what purpose your data is collected and used and what options you have in relation to personal information.
By using this website, you consent to the collection, use and transfer of your personal information in accordance with this Privacy Policy.
Person in charge
The person responsible for the collection, processing and use of your personal data within the meaning of Art. 4 No. 7 GDPR is
Benett Götter
Waldstraße 44
D-76661 Philippsburg
Tel.: +49 7256 94444-1
If you wish to object to our collection, processing or use of your personal data as a whole or to individual measures taken by us in accordance with this Privacy Policy, you can address your objection to the above person in charge.
You can save and print this Privacy Policy at any time.
Data Protection Officer
You can reach the Data Protection Officer at the above address and by e-mail at datenschutz[a]musterhaut.de.
General use of the website
Hosting
The hosting services we use are for the purpose of providing the following services: infrastructure and platform services, computing capacity, disk space and database services, security and technical maintenance services we use to operate the website.
In doing so, we or our hosting provider process store data, contact data, content data, contract data, usage data, meta and communication data of customers, interested parties and visitors of this online offer based on our legitimate interests in an efficient and secure provision of this online offer.
Access data
We collect information about you when you use this website. We automatically collect information about your usage and interaction with us and register information about your computer or mobile device. We collect, store and use data about every access to our online offer (so-called server log files). Access data includes:
Name and URL of the retrieved file
- date and time of retrieval
- transferred amount of data
- message about successful retrieval (HTTP response code)
- browser type and browser version
- operating system
- referer URL (i.e. the previously visited page)
- websites that are accessed by the user's system through our website
- The user’s Internet service provider
- IP address and the requesting provider
We use this log data without any assignment to you or other profiling for statistical evaluations for the purpose of the operation, the security and the optimization of our online offer, but also for the anonymous registration of the number of visitors on our website (traffic) as well as the extent and type of use of our website and services, and well as for billing purposes, to measure the number of clicks received from cooperation partners. Based on this information, we can provide personalized and location-based content, analyze traffic, troubleshoot and improve our services.
This is also our legitimate interest according to Art. 6 para. 1 sentence 1 f) GDPR.
We reserve the right to retrospectively review the log data if, on the basis of concrete evidence, there is a legitimate suspicion of unlawful use. We store IP addresses in the logfiles for a limited period of time, if this is necessary for security purposes or for the provision of services or the billing of a service, e.g. if you use one of our offers. After termination of the order process or after receipt of payment, we will delete the IP address if it is no longer required for security purposes. We also store IP addresses if we have a specific suspicion of a crime in connection with the use of our website. In addition, as part of your account, we store the date of your last visit (for example, when registering, logging in, clicking links, etc.).
Use of cookies
We use so-called session cookies to optimize our online offer. A session cookie is a small text file that is sent by the respective servers when you visit a website and is stored temporarily on your hard drive. This file as such contains a so-called session ID, by which you can assign various requests of your browser to the shared session. This will allow your computer to be recognized when you return to our website. These cookies are deleted after you close your browser. They serve for example for the purpose of using the shopping cart feature across multiple pages.
We also use persistent cookies (also small text files that are stored on your terminal device) to a small extent, which remain on your terminal device and allow us to recognize your browser upon your next visit. These cookies are stored on your hard disk and are deleted automatically after the specified time. Their life span is 1 month to 10 years. This enables us to present our services to you in a more user-friendly, effective and secure manner and, for example, to display information on the site that is specifically tailored to your interests.
Our legitimate interest in the use of cookies pursuant to Art. 6 para. 1 sentence 1 lett. f) GDPR is to make our website more user-friendly, effective and secure.
The following data and information are stored in the cookies:
- log-in information
- language settings
- entered search terms
- information on the number of visits to our website and use of individual functions of our website.
When the cookie is activated, it is assigned an identification number and your personal data is not assigned to this identification number. Your name, IP address or similar data that would allow the cookie to be assigned to you will not be placed in the cookie. Based on the cookie technology, we only receive pseudonymous information, for example about which pages of our shop have been visited, which products have been viewed etc.
You can set your browser so that you are informed in advance about the setting of cookies and can decide in individual cases whether you want to exclude the acceptance of cookies for certain cases or in general, or that cookies are completely prevented. This may limit the functionality of the website.
E-mail contact
If you contact us (e.g. via contact form or e-mail), we will store your details for the processing of your request and in the event that follow-up questions arise. We store and use other personal data only if you consent to this or if this is permitted by law without special consent.
Contact form
If you send us inquiries via the contact form, your details from the inquiry form, including the contact details you provided there, will be stored in order to process the request and in case of follow-up questions. We will not share this information without your consent.
Data collection and use for contract implementation and opening a customer account
We collect personal information if you voluntarily provide it to us as part of your order, when contacting us (for example, by contact form or e-mail) or when opening a customer account. Which data are collected, can be seen from the respective input forms. We use the data you provide for contract implementation and for processing your inquiries. After completion of the contract or deletion of your customer account, your data will be blocked for further use and deleted after expiry of the tax and commercial retention periods, unless you have expressly consented to further use of your data or if we reserve the right to use the data, which is legally permitted and about which we shall inform you. The deletion of your customer account is possible at any time and can be done either by a message to the contact option described below or via a designated function in the customer account.
Data transfer for fulfilment of the contract
For fulfilment of the contract, we will pass on your data to the shipping company commissioned with the delivery, insofar as this is necessary for the delivery of ordered goods. Depending on which payment service provider you select in the order process, we will forward payment data collected to the credit institution commissioned with the payment and any payment service providers commissioned by us to process the payments or to the selected payment service. In part, the selected payment service providers also collect this data themselves, provided that you create an account there. In this case you must log in to the payment service provider with your access data during the ordering process. In this respect, the privacy statement of the respective payment service provider applies.
Use of data for postal advertising and your right to object
In addition, we reserve the right to summarize your first and last name, mailing address and - as far as we have received them from you in the context of the contractual relationship - your title, academic degree, year of birth and occupation, branch or business name and store them into lists and use for our own promotional purposes, e.g. to send you interesting offers and information about our products by post. You can object to the storage and use of your data for these purposes at any time by sending a message to the contact option described.
Use of Google (Universal) Analytics for web analytics with anonymisation function
This website uses the web analytics service Google Analytics.
The service is provided by Google Inc. 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. Google Analytics uses so-called "cookies". These are text files that are stored on your computer and that allow an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there.
IP anonymisation
We have activated the IP anonymization function on this website. As a result, your IP address will be truncated by Google within member states of the European Union or other parties to the Agreement on the European Economic Area prior to transmission to the USA. Only in exceptional cases will the full IP address be sent to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and Internet usage to the website operator. The IP address provided by your browser as part of Google Analytics will not be merged with other Google data.
Browser plugin
You can prevent the storage of cookies by configuring your browser software accordingly; please note, however, that in this case you may not be able to use all the functions of this website to their full extent. In addition, you can prevent the capturing of data generated by the cookie and related to your use of the website (incl. your IP address) for Google and the processing of these data by Google by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de
Opposition to data collection
You can prevent the collection of your data by Google Analytics by clicking on the following link. An opt-out cookie will be set to prevent your data from being collected on future visits to this site: Google Analytics deaktivieren
For more information on how to handle user data within Google Analytics, please refer to the Google Privacy Policy: https://support.google.com/analytics/answer/6004245?hl=de
Order processing
We have entered into a contract data processing agreement with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.
Use of Google Ads
We also use the Google advertising tool "Google-Ads" to promote our website. In this context we use the analysis service "Conversion-Tracking" of the company Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereinafter called "Google". If you have accessed our website via a Google ad, a cookie will be saved on your computer. Cookies are small text files that your internet browser saves on your computer. These so-called "conversion cookies" are valid for only 30 days and are not used for personal identification. If you visit certain pages of our website and the cookie has not yet expired, we and Google can see that you as a user have clicked on one of our ads placed on Google and have been redirected to our page.
The information collected with the help of "conversion cookies" is used by Google to generate traffic statistics for our website. These statistics show us the total number of users who clicked on our ad, and, furthermore, which pages of our website were then accessed by the respective user. However, we or others who advertise through "Google Adwords" do not receive any information that personally identifies users.
You can prevent the installation of the "conversion cookies" by setting your browser accordingly, for example by a browser setting that generally deactivates the automatic setting of cookies or specifically blocks only cookies from the domain "googleadservices.com".
Google’s relevant privacy policy can be found at this link: https://services.google.com/sitestats/de.html
Use of etracker for web analysis
This website uses etracker GmbH (www.etracker.com) technology to collect and store data that is used to create user profiles using pseudonyms. These user profiles are used for the analysis of visitor behaviour and are evaluated for the improvement and demand-oriented design of our offer. Cookies can be used for this purpose. These are small text files which are stored locally on the user's terminal device and thus enable recognition when the user visits our website again. The pseudonymised user profiles will not be merged with personal data about the bearer of the pseudonym without a separate, explicit consent. You can object to the collection and storage of data at any time with future effect by clicking on this link: http://www.etracker.de/privacy?et=jLs.
After your objection, an opt-out cookie is placed on your terminal device. If you delete your cookies, you will need to click the link again.
Social plugins from Facebook, Google+, Twitter using the "2-click solution"
On our website so-called social plugins ("plugins") of the social networks Facebook and Google+ and of the microblogging service Twitter are used. These services are provided by the companies Facebook Inc., Google Inc. and Twitter Inc. ("Providers").
Facebook is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”). An overview of the plugins of Facebook and their appearance can be found here: https://developers.facebook.com/docs/plugins/
Google+ is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA („Google“). An overview of the plugins of Google and their appearance can be found here: https://developers.google.com/+/web/
Twitter is operated by Twitter Inc., 1355 Market St, Suite 900, San Francisco, CA 94103. An overview of the Twitter buttons and their appearance can be found here: https://twitter.com/about/resources/buttons
In order to increase the protection of your data when visiting our website, the plugins are integrated into the site by means of a so-called "2-click solution". This integration ensures that when you visit a page of our website that contains such plugins, no connection is yet established with the servers of Facebook, Google and Twitter. Only when you activate the plugins and thus give your consent to the data transmission, your browser establishes a direct connection to the servers of Google, Facebook or Twitter. The content of the respective plugin is then transmitted directly to your browser by the associated provider and integrated into the page. By integrating the plugins, the providers receive the information that your browser has accessed the corresponding page of our website, even if you do not have a profile with the corresponding provider or are currently not logged in. This information (including your IP address) is transmitted by your browser directly to a server of the respective provider in the USA and is stored there. If you interact with the plugins, for example the "Like", the "+1", or the "Tweet" button, the corresponding information is also transmitted directly to a provider's server and stored there. The information will also be posted on the social network or on your Twitter account and displayed there to your contacts.
For the purpose and scope of the data collection and the further processing and use of the data by the providers as well as their rights in this regard and setting options for the protection of your privacy, please refer to the privacy policy of the provider.
Facebook Privacy Policy: http://www.facebook.com/policy.php
Google Privacy Policy: http://www.google.com/intl/de/+/policy/+1button.html
Twitter Privacy Policy: https://twitter.com/privacy
Use of PayPal
For payment via PayPal, credit card via PayPal, direct debit via PayPal or - if available - “purchase on account” via PayPal, we will forward your payment data to PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter referred to as “PayPal”) as part of the payment process. PayPal reserves the right to carry out a credit rating in case of the payment methods credit card via PayPal, direct debit via PayPal or - if available - “purchase on account” via PayPal. The result of the credit rating on the statistical probability of default is used by PayPal for the purpose of deciding on the provision of the respective payment method. The credit information can contain probability values (so-called score values). Insofar as score values are included in the results of the credit rating, they are based on a scientifically recognized mathematical-statistical procedure. The calculation of score values includes, among other things, address data. For further data protection information, on the used credit enquiry agencies among other things please refer to the privacy policy of PayPal: https://www.paypal.com/de/webapps/mpp/ua/privacy-full
Use of WhatsApp Business
We hereby point out that the short message service WhatsApp does not meet the requirements for the required data security according to § 9 of the German Federal Data Protection Act (BDSG) and the Annex to § 9 BDSG and we assume no liability for the security of your data.
The protection of the personal-related data of our customers is very much in our focus. Therefore, we only support messaging programs that ensure secure communication between customer and cosmetic institute with end-to-end encryption and protect the content of the conversation from any third party. This means that even the app operator has no possibility to read the plain text (unencrypted data). We use our own technical device that contains only the voluntarily provided phone number together with the first and last names that we store for the unique classification of the patient. Internally, we keep the consent statements of customers who explicitly insist on this way of communication. Naturally, customers always have the right to have their data deleted, which we carry out as desired.
In addition, we advise you to observe the respective terms and conditions and privacy policies of the App operators, if you want to use our service, as we assume no liability for breaches by the operator. In the following, please find the links to the appropriate websites: https://www.whatsapp.com/legal/?l=de
Use of Proven Expert
Our website uses plugins from the provenexpert.com website operated by Expert Systems AG. The operator of the website is Expert Systems AG, Quedlinburger Straße 1, 10589 Berlin. If you visit one of our pages equipped with a ProvenExpert plug-in, a connection to the servers of Expert Systems AG will be established. The ProvenExpert server is informed which of our pages you have visited. ProvenExpert is used in the interest of an appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 Para. 1 lit.f GDPR.
Further information on the handling of user data can be found in ProvenExpert AG's data protection declaration at: https://www.provenexpert.com/de-de/datenschutzbestektiven/
Use of YouTube video plugins
On this website content from third party providers are included. This content is provided by Google Inc („Provider“).
YouTube is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA („Google“).
The advanced privacy setting is enabled for YouTube videos that are included on our site. This means that no information of the website visitors is collected and stored on YouTube, unless they are playing the video.
For information on the purpose and scope of the data collection and the further processing and use of the data by the providers, as well as their rights and setting options for the protection of your privacy, please refer to the privacy policy of Google
http://www.google.com/intl/de/+/policy/+1button.html
Review reminder by Trusted Shops
For displaying our Trusted Shops quality seal and any collected reviews as well as for offering Trusted Shops products to buyers after placing an order, the Trusted Shops Trustbadge is included on this website.
This serves to safeguard our legitimate interests in the optimal marketing of our offer pursuant to Art. 6 (1) sentence 1 lett. f GDPR, which predominate in the context of a weighing of interests. The Trustbadge and the services advertised are an offer of Trusted Shops GmbH, Subbelrather Str. 15C, 50823 Cologne.
When the Trustbadge is retrieved, the Web server automatically stores a so-called server log file, which contains, for example, your IP address, the date and time of the retrieval, the amount of transferred data and the requesting provider (access data) and documents the retrieval. These access data will not be evaluated and will be automatically overwritten at latest seven days after your page visit.
Other personal data will only be transferred to Trusted Shops, if you have consented to this, if you decide to use Trusted Shops products after the completion of an order or if you have already registered for their use. In this case, the contractual agreement between you and Trusted Shops applies.
Objection to advertising e-mails
We hereby expressly object to the use contact data published in the context of the imprint obligation for sending unsolicited advertising and information materials. The operators of the pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, for example through spam e-mails.
Your rights as a data subject
According to the applicable laws, you have various rights regarding your personal data. If you wish to assert these rights, please send your request by e-mail or by post to the address specified in section 1, clearly identifying yourself.
Below you will find an overview of your rights.
Right to confirmation and information
You have the right to receive confirmation from us at any time as to whether personal data relating to you will be processed. If this is the case, you have the right to request from us free of charge information about the personal data stored about you together with a copy of this data. Furthermore, there is a right to the following information:
If personal data are transferred to a third country or an international organisation, you have the right to be informed of the appropriate guarantees in connection with the transfer in accordance with Art. 46 GDPR.
Right to correction
You have the right to request us to correct any inaccurate personal data concerning you without delay. Taking into account the purposes of the processing, you have the right to request the completion of incomplete personal data - also by means of a supplementary declaration.
Right to deletion ("Right to be forgotten")
Pursuant to Art. 17 para. 1 GDPR, you have the right to demand that we delete personal data concerning you without delay, and we are obliged to delete personal data without delay if one of the following reasons applies:
If we have made the personal data public and we are obliged to delete them pursuant to Art. 17 para. 1 GDPR, we will take appropriate measures, including technical measures, taking into account the available technology and implementation costs, to inform those responsible for data processing, who process the personal data, that you have requested them to delete all links to this personal data or copies or replications of this personal data.
Right to limitation of processing
You have the right to request us to restrict processing if one of the following conditions is met:
Right to data transferability
You have the right to receive the personal data concerning you that you have provided to us in a structured, current and machine-readable format, and you have the right to transfer this data to another person in charge without our interference, provided that
When exercising your right to data transferability in accordance with paragraph 1, you have the right to request that the personal data be transferred directly by us to another person responsible, insofar as this is technically feasible.
Right of objection
You have the right to object at any time, for reasons arising from your particular situation, to the processing of personal data concerning you on the basis of Art. 6 para. 1 sentence 1 e) or f) GDPR; this also applies to profiling based on these provisions. We no longer process personal data unless we can prove compelling grounds for processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
If we process personal data for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising; this also applies to profiling, insofar as it is associated with such direct marketing.
You have the right to object to the processing of personal data concerning you, for scientific or historical research purposes or for statistical purposes in accordance with Art. 89 para. 1 GDPR, for reasons arising from your particular situation, unless the processing is necessary to fulfil a task in the public interest.
Automated decisions including profiling
You have the right not to be subject to a decision based exclusively on automated processing - including profiling - that has legal effect against you or significantly impairs you in a similar manner.
An automated decision making based on the collected personal data does not take place.
Right to revoke consent under data protection law
You have the right to revoke your consent to the processing of personal data at any time.
Right of appeal to a supervisory authority
You have the right of appeal to a supervisory authority, in particular in the Member State where you are staying, working or suspected of having infringed the law, if you believe that the processing of personal data concerning you is unlawful.
Data security
We make every effort to ensure the security of your data in accordance with the applicable data protection laws and technical possibilities.
Your personal data will be transmitted in an encrypted form. We use the SSL (Secure Socket Layer) coding system, but point out that data transmission over the Internet (e.g. communication by e-mail) can have security gaps. A complete protection of data against access by third parties is not possible.
To secure your data, we maintain technical and organisational security measures in accordance with Art. 32 GDPR, which we constantly adapt to the state of the art.
Furthermore, we do not guarantee that our offer will be available at certain times; disruptions, interruptions or failures cannot be ruled out.
Disclosure of data to third parties
In principle, we only use your personal data within our company.
If and to the extent that we involve third parties in the performance of contracts (such as logistics service providers), these receive personal data to the extent to which the transfer is necessary for the corresponding service.
In the event that we outsource certain parts of data processing ("order processing"), we contractually oblige contractors to use personal data only in accordance with the requirements of data protection laws and to ensure the protection of the rights of the data subject.
Data Protection Officer
If you have any questions or concerns about data protection, please contact our Data Protection Officer.
Sample Privacy Policy of the Law firm Weiß & Partner extended by our own data/paragraphs.
Update: January 2023