PRIVACY POLICY
We, Antica Erboristeria GmbH, take the protection of your personal data very seriously and adhere strictly to the rules of the applicable data protection laws.
The following explanations provide you with an overview of what type of personal data of website visitors is collected by us and for what purpose, what we use the data collected in this way for, how we guarantee the protection of this data and how you can always obtain information about the relevant information and revoke consent to the use of data.
You can use our online services without disclosing your identity. If we request personal data on the website, e.g. in the context of contact forms or in the context of orders, this is done on a voluntary basis or as part of the necessary transmission of data for the order. We use this information for our own business purposes (such as the provision of requested information or the dispatch of our products).
For orders from the online store, we will only process your data to process the order. For this purpose, you have the option of placing orders via our website. In order to be able to process the order, the corresponding fields are marked as mandatory. The data processing in the context of the order from the online store is carried out in accordance with Art. 6 para. 1 lit. a and Art. 6 para. 1 lit. f.
If you have questions of any kind, we offer you the opportunity to contact us using a form provided on the website. The data marked as mandatory is required in order to be able to assign the request and answer it adequately. Further information can be provided voluntarily. Data processing for the purpose of contacting us is carried out in accordance with Art. 6 para. 1 lit. a of the General Data Protection Regulation (GDPR) on the basis of your voluntarily given consent.
The personal data collected by us for the use of the contact form or the order in the online store will be deleted after completion of the request or comment made by you (in the absence of special circumstances usually after 3 months) or alternatively after expiry of the relevant tax and commercial law retention obligations.
Once you have given your consent, you can revoke it at any time without giving reasons with effect for the future. To do so, you can send an email to “contact@anticaerboristeria.com” or contact us:
Responsible body:
Antica Erboristeria GmbH
Bremer Street 67
40221 Düsseldorf, Germany
E-Mail: contact@anticaerboristeria.com
DATA COLLECTION ON THIS WEBSITE
Our website uses Shopify and several tools provided by Shopify. Shopify is a tool for creating and hosting websites. When you visit our website, Shopify collects your IP address and information about the device you are using and your browser.
For more information on how Shopify handles customer data, visit https://www.shopify.de/legal/datenschutz.
Collection, storage, use and duration of use of personal data
We collect, process and use the following of your personal data:
(a) in the context of mere website use: anonymized or pseudonymized IP address, type and scope of the website elements accessed by you, date and time of access and (in the case of website access via a link) the last URL visited, in accordance with Art. 6 para. 1 lit f GDPR;
(b) when using the contact form or when ordering the newsletter: your surname and first name, your e-mail address and your address, in accordance with Art. 6 para. 1 lit. a GDPR;
(c) for the occasional organization of competitions via our social media (in particular on Facebook and Instagram, the data protection regulations of Facebook and Instagram apply).
We only use the data mentioned under (a), (b) and (c) to process your inquiries and to run the competitions (the data is then deleted and not passed on to third parties). The duration of data storage in the context of processing inquiries or competitions corresponds to the statutory retention periods. Your personal data will be deleted thereafter or after three months at the latest.
We use the Google Analytics tool for statistical purposes. Further information can be found in the “Analysis and advertising tools” section.
DISCLOSURE OF THE DATA
Your data will not be passed on to third parties for commercial or non-commercial purposes without your express consent. We only pass on your personal data to third parties if this is required by law (Art. 6 para. 1 lit. c GDPR), if you have consented to this (Art. 6 para. 1 lit. a GDPR) or if it is necessary in the context of product orders (Art. 6 para. 1 lit. f GDPR).
The full responsibility for data processing remains with us. In addition, we do not transfer the data directly to third countries.
NOTE ON DATA TRANSFER TO THE USA AND OTHER THIRD COUNTRIES
Our website includes tools from companies based in the USA or other third countries that are not secure under data protection law. If these tools are active, your personal data may be transferred to these third countries and processed there. We would like to point out that no level of data protection comparable to that in the EU can be guaranteed in these countries. For example, US companies are obliged to hand over personal data to security authorities without you as the data subject being able to take legal action against this. It can therefore not be ruled out that US authorities (e.g. secret services) may process, evaluate and permanently store your data on US servers for surveillance purposes. We have no influence on these processing activities.
YOUR RIGHTS AS A DATA SUBJECT
We hereby inform you that, pursuant to Art. 15 et seq. GDPR with regard to your personal data under the conditions defined therein
- the right to information in accordance with Art. 15;
- the right to rectification pursuant to Art. 16;
- the right to erasure pursuant to Art. 17;
- the right to restriction of processing pursuant to Art. 18;
- the right to object to processing under Art. 21; and
- the right to data portability under Art. 20.
In accordance with Art. 77 GDPR, you also have the right to lodge a complaint with a data protection supervisory authority if you believe that the processing of your personal data violates this regulation.
If the processing is based on Art. 6 para. 1 sentence 1 lit. a GDPR (consent), you also have the right to withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
INFORMATION ON THE USE OF DATA, DELETION OF DATA, WITHDRAWAL OF CONSENT
At your request, we will be happy to provide you with information about how we collect and use your data and what data we have stored about you as a result of your use of the website. Please contact us at contact@anticaerboristeria.com. We will be happy to correct or delete this data at your request.
COOKIES
Our Internet pages use so-called “cookies”. Cookies are small text files and do not cause any damage to your end device. They are stored on your device either temporarily for the duration of a session (session cookies) or permanently (permanent cookies). Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your device until you delete them yourself or they are automatically deleted by your web browser.
In some cases, cookies from third-party companies may also be stored on your device when you visit our website (third-party cookies). These enable us or you to use certain services of the third-party company (e.g. cookies for processing payment services).
Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g. the shopping cart function or the display of videos). Other cookies are used to evaluate user behavior or display advertising.
Cookies that are required to carry out the electronic communication process (necessary cookies) or to provide certain functions that you have requested (functional cookies, e.g. for the shopping cart function) or to optimize the website (e.g. cookies to measure the web audience) are stored on the basis of Art. 6 para. 1 lit. f GDPR, unless another legal basis is specified. The website operator has a legitimate interest in the storage of cookies for the technically error-free and optimized provision of its services. If consent to the storage of cookies has been requested, the cookies in question are stored exclusively on the basis of this consent (Art. 6 para. 1 lit. a GDPR); consent can be revoked at any time.
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be restricted.
If cookies are used by third-party companies or for analysis purposes, we will inform you about this separately in this privacy policy and, if necessary, request your consent.
SERVER LOG FILES
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are
- Browser type and browser version
- Operating system used
- Referrer URL
- Host name of the accessing computer
- Time of the server request
- IP address
This data is not merged with other data sources.
This data is collected on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website - the server log files must be recorded for this purpose.
ANALYSIS AND ADVERTISING TOOLS
Google Analytics
This website uses Google Analytics, a web analysis service of Google Inc (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. However, if IP anonymization is activated on this website, your IP address will first be truncated by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. Google will use this information on behalf of the operator of this website for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator.
The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
This website uses Google Analytics with the extension “_anonymizeIp()”. This means that IP addresses are further processed in abbreviated form, so that they cannot be linked to individuals.
For the exceptional cases in which personal data is transferred to the USA, Google has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework. The legal basis for the use of Google Analytics is Art. 6 para. 1 sentence 1 lit. f GDPR.
The legal basis for the processing of users' personal data is Art. 6 para. 1 lit. f GDPR.
The processing of users' personal data enables us to analyze the surfing behavior of our users. By evaluating the data obtained, we are able to compile information about the use of the individual components of our website. This helps us to continuously improve our website and its user-friendliness. These purposes also constitute our legitimate interest in processing the data in accordance with Art. 6 para. 1 lit. f GDPR. By anonymizing the IP address, the interest of users in the protection of their personal data is sufficiently taken into account.
Cookies are stored on the user's computer and transmitted from there to our website. As a user, you therefore have full control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing the settings in your Internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically.
However, we would like to point out that in this case you may not be able to use all functions of this website to their full extent. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
Google Dublin, Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001. Terms of use: http://www.google.com/analytics/terms/de.html, overview of data protection: http://www.google.com/intl/de/analytics/learn/privacy.html, as well as the privacy policy: http://www.google.de/intl/de/policies/privacy.
Google Analytics in consent mode
We use Google's “Consent Mode” (also known as “consent mode”). In Consent Mode, users' personal data is processed by Google for measurement and advertising purposes, subject to the user's consent. Consent is obtained from users as part of our online services. Without the user's consent, the data is only processed in aggregated form (i.e. not assigned to individual users or summarized). Users' personal data is not processed for the placement of advertisements or to measure the success of advertising if the consent only includes statistical measurement. Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a) GDPR); Website: https://support.google.com/analytics/answer/9976101?hl=de.
Google Ads
On our website, we use Google Ads Conversion, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. With this service, we can use advertising material (so-called Google Ads) on external websites to draw attention to our offers and services. With regard to the data of the advertising campaigns, we can determine how successful the individual advertising measures are.
These advertising materials are delivered by Google via so-called “ad servers”. For this purpose, we use ad server cookies (see above for information on cookies), which can be used to measure certain parameters for measuring success, such as the display of ads or clicks by users. If you access our website via a Google ad, Google Ads stores a cookie on your device. These cookies usually expire after 30 days and are not intended to identify you personally. The unique cookie ID, the number of ad impressions per placement (frequency), the last impression (relevant for conversions after the placement) and the opt-out information (marking that the user no longer wishes to be contacted) are usually stored as analysis values for this cookie.
These cookies enable Google to recognize your internet browser. If a user visits certain pages of an advertiser's website and the cookie stored on their computer has not expired, Google and the customer can recognize that the user clicked on the ad and was redirected to this page. A different cookie is assigned to each advertiser. Therefore, cookies cannot be tracked on the websites of advertisers.
When Google transfers personal data from the European Union (EU) to the United States, it does so in accordance with the framework agreed between the US Department of Commerce and the European Commission (the “Privacy Shield Framework”). For more information, please visit: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active
You can find more information about the handling of user data in Google's privacy policy at: https://policies.google.com/privacy?hl=de&gl=de
Sharing data with Facebook (only applies to registered Facebook users)
We participate in a statistical program of the company Facebook, 1601 South California Avenue, Palo Alto, CA 94304, USA, which is used to identify Facebook users who have a similar usage profile to our existing customers (“Facebook Custom Audiences - Statistical Twins”). As part of this program, customer email addresses are transmitted to Facebook in an anonymized form (as a so-called “hash”). The email address can no longer be derived from the transmitted data. Facebook itself uses the same method to create a hash of its users' email addresses, compares this anonymized data and determines whether one of our users is registered on Facebook with the same email address.
Facebook ensures that it does not store this match or use it outside of this program. On this basis, third parties who use Facebook in a similar way to the customer are then identified and we are given the opportunity to target these people. You yourself will not receive any additional advertising or messages from us or from Facebook.
If you are not registered on Facebook with the same e-mail address as us, Facebook will not receive any information about you. Under no circumstances will we find out whether you are registered with Facebook or receive any other data about you.
You hereby consent to the anonymized forwarding of your e-mail address in the form described above. Although we have every reason to trust Facebook's assurances, we would like to point out that Facebook is not subject to German data protection law.
For more information about the purpose and scope of data collection and the further processing and use of data by Facebook, as well as your setting options for protecting your privacy, please refer to Facebook's privacy policy, which can be found at https://www.facebook.com/about/privacy/.
Facebook social plugin
Social plugins (“plugins”) from the social network facebook.com (“Facebook”) are used on our website. Facebook is operated by the company Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, in the USA.
When you visit a page on our website that contains such a plugin, your browser establishes a direct connection to the Facebook servers. The content of the plugin is transmitted by Facebook directly to your browser, which integrates it into the website. By integrating the plugins, Facebook receives the information that you have accessed the corresponding page of our website. If you are logged in to Facebook, Facebook can assign the visit to your Facebook account.
The purpose and scope of the data collection and the further processing and use of the data by Facebook as well as your rights in this regard and setting options to protect your privacy can be found in Facebook's data protection information: https://www.facebook.com/policy.php If you are a Facebook member and do not want Facebook to collect data about you via our website and link it to your member data stored on Facebook, you must log out of Facebook before visiting our website. It is also possible to block Facebook social plugins with add-ons for your browser, for example with the “Facebook Blocker”.
Pinterest conversion tag
We use Pinterest Conversion Tag from Pinterest Inc, 651 Brannan Street, San Francisco, CA 94107, United States, to create so-called Custom Audiences, i.e. to segment visitor groups of our online offer, determine conversion rates and then optimize them. This happens in particular when you interact with advertisements that we have placed with Pinterest Inc. We process your data with the help of Pinterest Conversion Tag for the purpose of optimizing our website and for marketing purposes on the basis of your consent pursuant to Art. 6 para. 1 lit. a. GDPR. The specific storage period of the processed data cannot be influenced by us, but is determined by Pinterest Inc. Further information can be found in the privacy policy for Pinterest Conversion Tag: https://policy.pinterest.com/de/privacy-policy.
UPDATES TO THIS INFORMATION
Technical, legal and internal marketing strategy changes may result in us amending or correcting this privacy policy. The current privacy policy will then apply to your next visit.
Please check this notice from time to time for any such changes.