1. AN OVERVIEW OF DATA PROTECTION
DATA COLLECTION ON OUR WEBSITE
Who is responsible for the data collection on this website?
The data collected on this website are processed by the website operator. The operator's contact details can be found in the website's required legal notice.
How do we collect your data?
Some data are collected when you provide it to us. This could, for example, be data you enter in a contact form.
Other data are collected automatically by our IT systems when you visit the website. These data are primarily technical data such as the browser and operating system you are using or when you accessed the page. These data are collected automatically as soon as you enter our website.
What do we use your data for?
Part of the data is collected to ensure the proper functioning of the website. Other data can be used to analyse how visitors use the site.
What rights do you have regarding your data?
You always have the right to request information about your stored data, its origin, its recipients, and the purpose of its collection at no charge. You also have the right to request that it be corrected, blocked, or deleted. You can contact us at any time using the address given in the legal notice if you have further questions about the issue of privacy and data protection. You may also, of course, file a complaint with the competent regulatory authorities.
ANALYTICS AND THIRD-PARTY TOOLS
2. GENERAL INFORMATION AND MANDATORY INFORMATION
Please note that data transmitted via the internet (e.g. via email communication) may be subject to security breaches. Complete protection of your data from third-party access is not possible.
NOTICE CONCERNING THE PARTY RESPONSIBLE FOR THIS WEBSITE
The party responsible for processing data on this website is:
BodyFokus GmbH Hohenzollernring 5 50672 Cologne, Germany
The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (names, email addresses, etc.).
REVOCATION OF YOUR CONSENT TO THE PROCESSING OF YOUR DATA
Many data processing operations are only possible with your express consent. You may revoke your consent at any time with future effect. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.
RIGHT TO FILE COMPLAINTS WITH REGULATORY AUTHORITIES
If there has been a breach of data protection legislation, the person affected may file a complaint with the competent regulatory authorities. The competent regulatory authority for matters related to data protection legislation is the data protection officer of the German state in which our company is headquartered. A list of data protection officers and their contact details can be found at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
RIGHT TO DATA PORTABILITY
You have the right to have data which we process based on your consent or in fulfillment of a contract automatically delivered to yourself or to a third party in a standard, machine-readable format. If you require the direct transfer of data to another responsible party, this will only be done to the extent technically feasible.
SSL OR TLS ENCRYPTION
This site uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as the inquiries you send to us as the site operator. We also use this encryption for passing on products which you have placed in our shopping cart to our German payment processor AffiliCon GmbH – after you have clicked the “pay now” button (or similar) – so that your transaction can be completed there.
INFORMATION, BLOCKING, DELETION
As permitted by law, you have the right to be provided at any time with information free of charge about any of your personal data that is stored as well as its origin, the recipient and the purpose for which it has been processed. You also have the right to have this data corrected, blocked or deleted. You can contact us at any time using the address given in our legal notice if you have further questions on the topic of personal data.
AMENDMENTS TO OUR DATA PRIVACY STATEMENT
3. Data Protection Officer
Statutory data protection officer
We have appointed a data protection officer for our company.
SBS Data Protect GmbH
4. DATA COLLECTION ON OUR WEBSITE
Most of the cookies we use are so-called "session cookies." They are automatically deleted after your visit. Other cookies remain in your device's memory until you delete them. These cookies make it possible to recognize your browser when you next visit the site.
SERVER LOG FILES
The website provider automatically collects and stores information that your browser automatically transmits to us in "server log files". These are:
- Browser type and browser version
- Operating system used
- Referrer URL
- Host name of the accessing computer
- Time of the server request
- IP address
These data will not be combined with data from other sources.
The basis for data processing is Art. 6 (1) (b) DSGVO, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.
Should you send us questions via the contact form, we will collect the data entered in the form, including the contact details you provide, to answer your question and any follow-up questions. We do not share this information without your permission.
We will, therefore, process any data you enter into the contact form only with your consent per Art. 6 (1)(a) DSGVO. You may revoke your consent at any time. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.
We will retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Any mandatory statutory provisions, especially those regarding mandatory data retention periods, remain unaffected by this provision.
STORAGE PERIOD AND TIME LIMITS FOR ERASURE
We only store your personal data to the extent that we need to fulfill the purpose. The storage period depends on the statutory provisions and the term of our contractual relationship.
Should the data no longer be used, it will be anonymised and/or erased according to the statutory provisions.
Should you request that the data be erased, please bear in mind that whilst we block your data promptly, due to statutory reasons and technical limitations (e.g. necessary system back-ups), it may take up to 180 days to finally erase the data from the productive systems.
Please also bear in mind that after we have confirmed your request for erasure, we are not able to restore your data.
5. ANALYTICS AND ADVERTISING
This website uses Google Analytics, a web analytics service. It is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Google Analytics uses so-called "cookies". These are text files that are stored on your computer and that allow an analysis of the use of the website by you. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there.
Google Analytics cookies are stored based on Art. 6 (1) (f) DSGVO. The website operator has a legitimate interest in analysing user behavior to optimise both its website and its advertising.
We have activated the IP anonymisation feature on this website. Your IP address will be shortened by Google within the European Union or other parties to the Agreement on the European Economic Area prior to transmission to the United States. Only in exceptional cases is the full IP address sent to a Google server in the US and shortened there. Google will use this information on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activity, and to provide other services regarding website activity and Internet usage for the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with any other data held by Google.
You can prevent these cookies being stored by selecting the appropriate settings in your browser. However, we wish to point out that doing so may mean you will not be able to enjoy the full functionality of this website. You can also prevent the data generated by cookies about your use of the website (incl. your IP address) from being passed to Google, and the processing of these data by Google, by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en.
Objecting to the collection of data
You can prevent the collection of your data by Google Analytics by clicking on the following link. An opt-out cookie will be set to prevent your data from being collected on future visits to this site: Disable Google Analytics.
Demographic data collection by Google Analytics
This website uses Google Analytics' demographic features. This allows reports to be generated containing statements about the age, gender, and interests of site visitors. This data comes from interest-based advertising from Google and third-party visitor data. This collected data cannot be attributed to any specific individual person. You can disable this feature at any time by adjusting the ads settings in your Google account or you can forbid the collection of your data by Google Analytics as described in the section "Refusal of data collection".
Contracted data processing
We have concluded a contract with Google to process data for us and implement in full the strict requirements set by the German data protection authorities when using Google Analytics.
On our website, we use Mouseflow, a web analytics tool by Mouseflow ApS, Flaesketorvet 68, 1711 Copenhagen, Denmark, for recording individual visits that are randomly selected (IP address anonymised).
It produces a protocol of mouse movements and clicks which we use to play back random individual website visits and to identify potential improvements for our website. The information is not personal and will not be passed on to third parties.
If you do not want to be recorded, you can deactivate Mouseflow for all websites that use the tool at the following link: http://www.mouseflow.com/opt-out/.
GOOGLE ANALYTICS REMARKETING
Our websites use the features of Google Analytics Remarketing combined with the cross-device capabilities of Google AdWords and DoubleClick. This service is provided by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA.
This feature makes it possible to link target audiences for promotional marketing created with Google Analytics Remarketing to the cross-device capabilities of Google AdWords and Google DoubleClick. This allows advertising to be displayed based on your personal interests, identified based on your previous usage and surfing behavior on one device (e.g. your mobile phone), on other devices (such as a tablet or computer).
Once you have given your consent, Google will associate your web and app browsing history with your Google Account for this purpose. That way, any device that signs in to your Google Account can use the same personalized promotional messaging.
To support this feature, Google Analytics collects Google-authenticated IDs of users that are temporarily linked to our Google Analytics data to define and create audiences for cross-device ad promotion.
You can permanently opt out of cross-device remarketing/targeting by turning off personalized advertising in your Google Account; follow this link: https://adssettings.google.com/authenticated?hl=en.
GOOGLE ADWORDS AND GOOGLE CONVERSION TRACKING
This website uses Google AdWords. AdWords is an online advertising program from Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, United States ("Google").
As part of Google AdWords, we use so-called conversion tracking. When you click on an ad served by Google, a conversion tracking cookie is set. Cookies are small text files that your internet browser stores on your computer. These cookies expire after 30 days and are not used for personal identification of the user. Should the user visit certain pages of the website and the cookie has not yet expired, Google and the website can tell that the user clicked on the ad and proceeded to that page.
Each Google AdWords advertiser has a different cookie. Thus, cookies cannot be tracked using the website of an AdWords advertiser. The information obtained using the conversion cookie is used to create conversion statistics for the AdWords advertisers who have opted for conversion tracking. Customers are told the total number of users who clicked on their ad and were redirected to a conversion tracking tag page. However, advertisers do not obtain any information that can be used to personally identify users. If you do not want to participate in tracking, you can opt-out of this by easily disabling the Google Conversion Tracking cookie by changing your browser settings. In doing so, you will not be included in the conversion tracking statistics.
Conversion cookies are stored based on Art. 6 (1) (f) DSGVO. The website operator has a legitimate interest in analysing user behavior to optimise both its website and its advertising.
BING ADS UNIVERSAL EVENT TRACKING (UET)
On our website, we use functions of Bing Ads through which we collect and store data which we use for creating user profiles with pseudonyms. This is a service of Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA.
The service enables to track the activities of users on our website where these users are directed to our website via advertisements by Bing Ads. If you are directed to our website via such an advertisement, a cookie will be installed on your computer. On our website, we have integrated a Bing UET tag. This is a code which stores some non-personal data about the use of the website with the help of the cookie. This data includes, for example, the time spent on our website, which parts of the website were retrieved and which advertisement directed the user to our website. No data relating to your identity will be collected.
The data collected is transferred to Microsoft servers in the US and stored there for a maximum of 180 days. You can prevent us from collecting the data created by the cookie and related to the use of our website as well as from processing that data by deactivating the installation of cookies. This may, however, reduce the functionality of the website.
Moreover, Microsoft can track your usage pattern on more than one electronic device by so-called cross device tracking and through this is able to display personalised advertisements on Microsoft websites and apps. You can deactivate this at https://account.microsoft.com/privacy/ad-settings/signedout?ru=https:%2F%2Faccount.microsoft.com%2Fprivacy%2Fad-settings.
For more information on the analytics services of Bing, please visit the Bing Ads website (https://help.bingads.microsoft.com/#apex/3/en/53056/2). Detailed information on data protection by Microsoft and Bing is available in the Microsoft data protection policy (https://privacy.microsoft.com/en-us/privacystatement).
On our website, we use the retargeting technology AdRoll (AdRoll, 972 Mission St, 3rd Floor, San Francisco, CA 94103, USA). It enables us to target the visitors on our website directly with interest-related advertising by analysing their usage pattern by means of cookies. No personal data is stored during this process. The use of the retargeting technology complies with the applicable statutory data protection law. More information on Ad Roll’s privacy statement and their data protection policy as well as on your option to opt out of the anonymous analysis of your surfing pattern, can be found here. http://www.adroll.com/about/privacy.
FACEBOOK PIXEL AND WEBSITE CUSTOM AUDIENCE
With this online service, we would like to offer our users advertising and special offers that are customised to their interests (“interest-related advertising”) and limit the frequency of certain advertisements. For this purpose, we use the Facebook Website Custom Audiences and Facebook Pixel tools.
HTTP header information (i.a. IP address, information about the web browser, place where websites are stored, document, URL of the website and user agent of browser, date and time of visit); pixel-specific data; this includes the pixel ID and Facebook cookie data, in particular your Facebook ID (those are used to link events to a specific Facebook advertising account and to correlate them with a Facebook user); additional information about your visit and about standard and user-related data events. We use the following user-related data events:
product content searched for and viewed;
product was placed in the shopping cart;
initiating a check-out during the ordering process; and
completion of an ordering process.
By means of the hashed user-related Facebook ID (included in the Facebook cookie), Facebook automatically checks whether the data transmitted by Facebook Pixel can be correlated to a specific Facebook user. If there is no Facebook cookie stored in your browser, there will be no classification into one of the user groups called “Custom Audience”.
Where a correlation of the Facebook ID included in the Facebook cookie with a specific Facebook user can be made, Facebook will classify this user to one of the Custom Audience groups according to the rules set by us if the requirements are met. The information which we receive from this process is used for displaying advertisements on Facebook (“Facebook Ads”). Advertisements will, however, only be displayed from a Custom Audience number of 20 different users – it is therefore not possible to deduce any characteristics of the users from the advertisements. The classification into one Custom Audience group is only valid for a maximum of 180 days. The time limit will start again when you visit our website again and there is a correlation with the same Custom Audience rules.
Facebook can correlate your visit to our website and your activities there to your Facebook account. We cannot do that. We only receive statistical information on the usage of our website by means of Audience Insights from Facebook.
Facebook transfers your data to Facebook Inc., Facebook 1 Hacker Way Menlo Park, CA 94025, USA and uses your data to improve the quality of their advertising by e.g. improving the optimisation algorithm used by Facebook to display Facebook Ads as well as the news feed ranking.
You can also deactivate the custom audiences remarketing feature in the Ads Settings section at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. You will first need to log into Facebook. A so-called opt-out cookie will be installed that prevents the transfer of data via Facebook Pixel. This opt-out cookie is valid indefinitely. Please bear in mind that the opt-out function is linked to specific devices and/or browsers and is always only valid for the device and/or browser used at that moment. If you use more than one device and/or browser, you should activate the opt out on every single device and on every browser used. Should you delete all cookies in your browser, a withdrawal might not be taken into account and need to be asserted by you again.
If you do not have a Facebook account, you can opt out of usage-based advertising from Facebook on the website of the European Interactive Digital Advertising Alliance: http://www.youronlinechoices.com/de/praferenzmanagement/.
If you would like to receive our newsletter, we require a valid email address as well as information that allows us to verify that you are the owner of the specified email address and that you agree to receive this newsletter. No additional data is collected or is only collected on a voluntary basis. We only use this data to send the requested information and do not pass it on to third parties.
We will, therefore, process any data you enter in the contact form only with your consent per Art. 6 (1) (a) DSGVO. You can revoke consent to the storage of your data and email address as well as their use for sending the newsletter at any time, e.g. through the "unsubscribe" link in the newsletter. The data processed before we receive your request may still be legally processed.
The data provided when registering for the newsletter will be used to distribute the newsletter until you cancel your subscription when said data will be deleted. Data we have stored for other purposes (e.g. email addresses for the members area) remain unaffected.
This website uses Klick-Tipp to send newsletters. This service is provided by KLICK-TIPP LIMITED, 15 Cambridge Court, 210 Shepherd's Bush Road, London W6 7NJ, United Kingdom.
Klick-Tipp is a service which organises and analyses the distribution of newsletters. The data you provide to subscribe to our newsletter will be stored on Klick-Tipp servers
Data analysis by Klick-Tipp
If we send out newsletters with the help of Klick-Tipp, we can determine if a newsletter message has been opened and which links have been clicked on.
Klick-Tipp also allows us to classify newsletter recipients into different categories (tagging). For example, newsletter recipients can be subdivided according to gender, personal preference (e.g. vegetarian or non-vegetarian), or customer relationship (e.g. existing or potential customer). This allows us to adapt the newsletters to the respective target groups. For more information, please visit https://www.klick-tipp.com and https://www.klick-tipp.com/handbuch.
If you do not want your usage of the newsletter to be analysed by Klick-Tipp, you will have to unsubscribe from the newsletter. For this purpose, we provide a link in every newsletter we send. You can also unsubscribe from the newsletter directly on the website.
Data processing is based on Art. 6 (1) (a) DSGVO. You may revoke your consent at any time. The data processed before we receive your request may still be legally processed.
The data provided when registering for the newsletter will be used to distribute the newsletter until you cancel your subscription when said data will be deleted from our servers and those of Klick-Tipp. Data we have stored for other purposes (e.g. email addresses for the members area) remains unaffected.
Completion of an outsourced data processing contract
We have entered into a data processing agreement with Klick-Tipp, in which we require Klick-Tipp to protect the data of our customers and not to disclose said data to third parties.
7. PLUGINS AND TOOLS
AWS is a subsidiary of Amazon.com or of a company affiliated with it (“Amazon.com”). We use this storage service to store and deliver videos and pictures.
GOOGLE WEB FONTS
For uniform representation of fonts, this page uses web fonts provided by Google. When you open a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly.
When you call up a page of our website that contains a social plugin, your browser makes a direct connection with Google servers. Google thus becomes aware that our web page was accessed via your IP address. The use of Google Web fonts is done in the interest of a uniform and attractive presentation of our website. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO.
On our website, we use Kayako, a customer service software by Kayako Ltd./ ESW Capital, 401 Congress Avenue Suite 2650 Austin, TX 78701 USA, for processing customer requests. The Kayako ticket system software consolidates support requests from customers from different sources and manages them centrally.
In this way, support teams receive tickets with uniform structures at all times, regardless of the route the customer used for contacting the team (e-mail, telephone, chat, twitter etc.). This simplifies ticket management and accelerates the problem solving. Each request will transfer the e-mail address and the user name. Other data will not be collected and/or will only be collected when consent is given.
The data processing is based on your consent (Article 6 (1) (a) GDPR). You can withdraw your consent at any time. Your withdrawal will not affect the lawfulness of any data processing already conducted.
On our website, we use DTMS, a provider of service numbers and automated and hybrid customer interaction services. The provider is dtms GmbH, Taunusstraße 57, 55118 Mainz.
When we receive/make a call, the provider of the routing portal will store: date/time of the call, number of the caller, call duration and number that is called. The data is stored on servers owned by the DTMS company and situated in a certified computer centre in Frankfurt.
Data not required will be erased immediately, data necessary for invoices will be erased, as a rule, 3 months after the invoice was sent. DTMS is guided by the Guidelines established by the German Data Protection and Freedom of Information Supervisor and by the Federal Network Agency. The statutory basis for any data storage is the German Telecommunications Act (TKG), the German Federal Data Protection Act (BDSG) and the EU General Data Protection Regulation.
Last update: 05.11.2019
© 2020 All rights reserved.