Data Protection and Security

DATA PROTECTION AND SECURITY
DATA PROTECTION INFORMATION 

www.salwapetersen.com

As of October 1st 2020

Article 1 – Overview

The following data protection information informs you about the type and extent of the processing of personal data by the Salwa Petersen GmbH. Personal data is information that can be directly or indirectly attributed or assigned to your person.

The data processing by Salwa Petersen GmbH can be primarily divided into two categories:

  • For the purpose of the contract execution, all data necessary for the execution of a contract with Salwa Petersen GmbH are processed. If external service providers are involved in the execution of the contract, e.g. logistics companies or payment service providers, your data will be transmitted to them to the required extent.
  • By visiting the website of Salwa Petersen GmbH, various information is transmitted between your device and our server. This can also be personal data. The information collected in this way will e.g. be used to optimize our website or to display advertisements in the browser of your device.

Our site and our services are not intended for use by children under 16 years.

According to the provisions of the General Data Protection Regulation (Hereafter “GDPR”), you have different rights that you can assert against us. This includes amongst other things the right to contradict against selected data processing, in particular, data processing for advertising purposes.

If you have any questions about our privacy policy, you can always contact our corporate data protection officer. The contact details can be found below.

Article 2 – Name and contact data of the persons responsible for the data processing and the data protection officer

This data protection information applies to the data processing by Salwa Petersen GmbH, Hafenweg 22, 48155 Münster, Germany, CEO: Salwa Petersen, District Court Münster HRB 16844 ("Responsible person"), and for the following website www.salwapetersen.com. The operational data protection officer of Salwa Petersen GmbH is reachable under the above mentioned address or by email:  contact@salwapetersen.com.

Article 3 – Purposes of data processing, legal bases, and legitimate interests pursued by the Salwa Petersen GmbH or a third party as well as categories of recipients

3.1.Visiting our website

When you visit our website, the browser used on your device automatically sends information to the server of our website/application and temporarily stores it in a so-called log file. We have no influence on this. The following information will also be collected without your intervention and stored until automated deletion:

  • the IP address of the requesting Internet-enabled device,
  • the date and time of access,
  • the name and URL of the retrieved file,
  • the website/application from which the access was made (referrer URL), the browser you use and, if necessary, the operating system of your Internet-capable computer as well as the name of your access provider.

The legal basis for processing the IP address is Article 6 (1) (f) GDPR. Our legitimate interest follows from the purposes of data collection listed below. At this point the annotation, we are not able to take direct conclusions about your identity from the collected data, and we do not draw any conclusion to your identity.

The IP address of your device and the other data listed above are used by us for the following purposes:

  • ensuring a smooth connection setup,
  • ensuring comfortable use of our website,
  • the name and URL of the retrieved file,
  • evaluation of system security and stability.

The data is stored for a time period of 7 days and then the IP address is automatically deleted. For security reasons, but without your IP address, this information will be stored in log files for longer and deleted after 31 days. The data contained in the log files are stored separately from other data by you.

We also use so-called cookies, tracking tools, targeting methods and social media plug-ins for our website/application. The exact procedures used and how your data are used for this purpose are described more detail in Section 3.4.

3.2.Conclusion, execution or termination of a contract

3.2.1.Data processing at the conclusion of the contract

Salwa Petersen GmbH’s business is the selling of goods and services, the retail trade within the framework of the officially issued permits and the serial production of the goods to be offered. In this context, we process the data required to complete, execute or terminate a contract. That includes:

  • First name, last name, title, salutation
  • Invoice and delivery address, if necessary, additional address
  • E-mail address
  • If applicable Company name and VAT ID
  • Date of birth
  • if necessary telephone number

The legal basis for this is Article 6 (1) (b) GDPR that means you provide the data based on the contractual relationship between you and us. To process your e-mail address, we are also obliged to send an electronic order confirmation in the form of a confirmation of dispatch due to a requirement in the German Civil Code (BGB) (Article 6 (1) (c) GDPR). Insofar as we do not use your contact data for advertising purposes (see below 3.3.), we store the data collected for the execution of the contract until the expiry of the legal or possible contractual warranty and guarantee rights. After expiry of this period, we retain the information required by commercial and tax law of the contractual relationship for the legal periods. For this period (usually ten years from the conclusion of the contract), the data will be reprocessed in the event of a review by the tax authorities.

To process the purchase contract, the following additional data processing is required:

The companies Stripe is commissioned with the processing of credit card payments. All entries of credit card data are entered directly into the systems of Stripe and cannot be read or stored by us.

We will transmit details of your delivery address to a logistics company commissioned by us for the purpose of processing the purchase contract.

In order to ensure that the goods are delivered according to your wishes, we use your e-mail address to contact you in advance of the delivery in order to inform you of the delivery time. Within this email, you also have the option of specifying your preferred delivery location or a storage location.

3.2.2.Transmission to credit bureaus

In the event of a delay in payment, we submit the necessary data to a company commissioned, if other legal requirements exist, with the assertion of the claim. Legal bases for this are both Article 6 (1) (b) and Article 6 (1) (f) GDPR. The assertion of a contractual claim is to be regarded as a legitimate interest within the meaning of the second-named regulation.

If the other legal requirements exist, we also provide information about the payment delay or any default on loans to credit agencies cooperating with us. The legal basis for this is Article 6 (1) (f) GDPR. The legitimate interest which this requires arises from our and third parties' interest in reducing contract risks for future contracts.

3.3. Data processing for advertising purposes

The following statements refer to the processing of personal data for advertising purposes. The GDPR declares such data processing on the basis of Article 6 (1) (f) as fundamentally conceivable and as a legitimate interest. The duration of data storage for advertising purposes does not follow any rigid principles and is based on the question of whether the storage is required for the promotional approach.

To find out more about the process in case of a opposition, please refer to para. 3.3.3.

3.3.1.Advertising purposes of the Salwa Petersen GmbH and third parties

As far as you have concluded a contract with us, we will keep you as an existing customer. In this case, we will process your postal contact details outside the scope of a specific consent in order to provide you with information about new products and services in this way. We process your e-mail address in order to provide you with information about similar products, outside of the availability of a specific approval. You can contradict this service in the checkout within every order or in each customer information at the end of the information.

 

3.3.2.Interest righteous advertising

In order for you to receive only those promotional information that is of perceived interest to you, we categorize and supplement your customer profile with further information. Statistical information, as well as information about yourself (e.g. basic data of your beauty profile in the "My Account" area), are used. The aim is to provide you with advertisements oriented only to your actual or perceived needs and not to bother you with useless advertising. Your address and order data will be processed by us for our own marketing purposes.

 

3.3.3. Right of revocation

Against the data processing for the aforementioned purposes, you can at any time charge for the respective communication channel separately and with effect for the future objection. All you need to do is send an e-mail or a letter to the contact details listed under para. 2.

Insofar as you object, the affected contact address for further advertising data processing will be blocked. We point out that in exceptional cases, even after receipt of your objection; there may be a temporary shipment of advertising material. This is technically due to the necessary lead time of advertisements and does not mean that we do not implement your objection. Thank you for your understanding.

 

3.3.4. Newsletter dispatch

On our website, we offer you the opportunity to sign up for our newsletter. In order to be sure that no errors have occurred when entering the email address, we use the so-called double-opt-in procedure: After you have entered your email address in the registration field, we will send you a confirmation link. Only if you click on this confirmation link your email address will be included on our mailing list. The processing of your electronic contact data takes place here only on the basis of your consent (Article 6 (1) (a) GDPR):

By signing up, you agree that Salwa Petersen GmbH collects the information (customer master data, purchase data) and usage data (use of the  Online Services) stored on your customer account, use it for our own market and opinion research and on this basis exclusively make personalized advertising and special offers of products and services from the fields of beauty, clothing, nutrition and lifestyle, namely:

  • via email
  • On the Salwa Petersen website
  • via mail and any form of contacting Salwa Petersen GmbH.

3.4.Online presence and website optimization

Overview and contradictions to web analytics and marketing services.

3.4.1.Cookies and cookie-like technologies - General notes

Please check our cookies policy.

We use so-called cookies on our website. Cookies are small files that your browser automatically creates and that are stored on your device (laptop, tablet, smartphone, etc.) when you visit our site. Cookies do not harm your device; do not contain viruses, Trojans or other malicious software. In the cookie information is stored, each resulting in connection with the specific terminal used. However, this does not mean that we are immediately informed of your identity. On the one hand, the use of cookies serves to make the use of our offer more pleasant for you. For example, we use so-called session cookies to recognize that you have already visited individual pages on our website or that you have already logged in to your customer account. These are automatically deleted after leaving our page. In addition, for the reason of usability, we also use temporary cookies that are stored on your device for a specific period of time. If you visit our site again to take advantage of our services, it will automatically recognize that you have already been with us and what inputs and settings you have made, so you do not have to re-enter them.

If you have a customer account with Salwa Petersen GmbH and you are logged in or activate the function "stay logged in", the information stored in cookies will be added to your customer account.

On the other hand, we use cookies in order to statistically record the use of our website and to evaluate it for the purpose of optimizing our offer and to display information tailored to your specific needs. These cookies allow us to automatically recognize if you visit our site again, that you have already been on this site. These cookies are automatically deleted after a defined time. Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or a note always appears before a new cookie is created. However, disabling cookies completely may mean that you cannot use all features of our website. The storage period of cookies depends on their purpose and not the same for everyone.

3.4.2. Opposition / opt-out possibility

In addition to the deactivation methods described above, you can generally prevent the ex-plained targeting technologies via cookies by setting a corresponding cookie in your brows-er. In addition, you have the option of deactivating preference-based advertising with the help of the preference manager that can be called up here, so that all tags are no longer delivered.

3.5. Customer account

For our customers registered with a customer account the purchase on salwapetersen.com becomes a special experience. Registration is free and opens the door to your personal space with many benefits. In order to provide you with the greatest possible comfort during your purchase, we offer you the permanent storage of your personal data in a password-protected customer account. The investment of the customer account is optional and takes place on the basis of your consent within the meaning of Article 6 paragraph 1 letter a) GDPR. After setting up a customer account, no re-entry is required. In addition, you can view and change the data stored in your customer account at any time.

In addition to the data requested during an order, you must provide a self-selected password to set up a customer account. This serves together with your e-mail address for access to your customer account. Please treat your personal access data confidentially and in particular do not make it accessible to unauthorized third parties. We cannot accept liability for misused passwords unless we are responsible for the abuse. Please note that even after leaving our website, you will automatically be logged in, unless you actively log out.

In addition, you can decide for yourself which personal information you entrust to us in addition. The more we know about you, the better we can respond to your needs and the greater the comfort we can offer you on salwapetersen.com. Moreover, you can select preferred payment methods and save your payment data or different delivery addresses.

You have the option to delete your customer account at any time. Please note, however, that this does not mean that the data in the customer account can be deleted. As a rule, the data stored about your person will be deleted or anonymized immediately after the expiry of the existing commercial and taxable duty of storage after 10 years.

Article 4 – Transmission to recipients outside the EU

We do not share your information with recipients located outside the European Union or the European Economic Area.

Article 5 –Integration of third party content

We have included third-party content in some places on our website. These are videos, map services, pictures or fonts. In connection with the integration of this content, it is technically necessary that we inform the offering third party of your IP address so that they can display the content to you. Storage of your IP address by us for the integration of external content does not take place. The third-party providers may use your IP address, the use of cookies and other technologies (e.g. pixel tags, i.e. invisible graphics) to understand your browsing behavior and, in addition to your IP address, provide further technical information (e.g. browser type/version, operating system used, the page you previously visited, the host name of the accessing device and the time, and other information about using our online service).

The legal basis for the processing of your data is Article 6 paragraph 1 sentence 1 letter f) of the GDPR. We have a legitimate interest in optimizing our website and improving our offer to you by including third-party content.

For a more detailed description of who we embed content in and how your data is processed, see the description of the embedded content below.

  • YouTube (Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). Data protection: https://policies.google.com/privacy - An opt-out is possible under:https://adssettings.google.com/authenticated
  • Google Maps (Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). Data protection:https://policies.google.com/privacy - An opt-out is possible under:https://adssettings.google.com/authenticated
  • Instagram (Instagram LLC, 1601 Willow Rd, Menlo Park CA 94025, USA). Data protection: https://help.instagram.com/155833707900388

Article 6 – Your rights

6.1. Overview

In addition to the right of revocation of your consent granted to us, you are entitled to the following further rights if the relevant legal requirements apply:

  • Right of information about your personal data stored with us in accordance with. Art. 15 DSG Regulation; in particular, you can provide information about the purposes of proces-sing, the category of personal data, the categories of recipients to whom your data has been disclosed, the planned retention period, the source of their data, if not collected directly from you,
  • Right to correct incorrect or correct data according to Art. 16 GDPR,
  • Right to delete your stored data in accordance with. Art. 17 DSGVO insofar as no statutory or contractual retention periods or other statutory obligations or rights for further storage is to be observed,
  • Right to restriction of the processing of your data acc. Art. 18 GDPR, as far as the accuracy of the data is disputed by you, the processing is unlawful, but you reject its deletion; the person in charge no longer needs the data, but you need it for the assertion, exercise or defense of legal claims or you have objected to the processing according to Art. 21 GDPR,
  • Right to data portability acc. Art. 20 DSGVO, this means the right to transfer selected data stored about us in a common, machine-readable format, or to request transmission to an-other person in charge,
  • Right to complain to a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or work or our company headquarters.

6.2. Right of revocation

Under the conditions of Article 21 (1) GDPR, data processing may be objected for reasons that arise from the particular situation of the person concerned.

The above general right of revocation applies to all processing purposes described in this privacy statement, which are processed on the basis of Article 6 (1) (f) GDPR. Unlike the special right of objection to data processing for commercial purposes, according to the GDPR, we are only obliged to implement a general objection if you give us reasons of major importance (e.g. a possible danger for life or health). In addition, it is possible to contact the Salwa Petersen GmbH supervisory authority, the data protection officer or contact@salwapetersen.com.

7.Data security measures

All personally transmitted data, including your payment data, will be transmitted using the common and secure SSL (Secure Socket Layer) standard. SSL is a secure and proven standard, e.g. is also used in online banking. You will see a secure SSL connection, including the attached s at the http (i.e. https: // ...) in the address bar of your browser or the lock icon at the bottom of your browser.

Incidentally, we use appropriate technical and organizational security measures to protect your personal data stored against manipulation, partial or complete loss and against unauthorized access by third parties.

What does a secure password look like? A secure password should be chosen randomly and consist of all the characters and special characters your keyboard provides. As a rule, you should note the following points when creating your password: Your password should: - consist of at least eight characters, - contain upper and lower case letters, numbers and special characters, - be changed every three months, - and each account should have its own password receive.

Example: 6%$GlndhOs/87/!l.flit.

Avoid sending passwords, login or account information via e-mail. Confidential data, such as passwords should generally not be passed on to third parties due to possible misuse! Never answer unknown advertising e-mails and do not click on any links contained therein. This will confirm to the spammer that your address actually exists and is being used.

Salwa Petersen is verified as a sender at trustedDialog, can be identified by all email providers and classified as authentic. This can be recognized by the sign to the left of the sender in your Inbox. If mails without this number are received you are not from Salwa Petersen.

If someone tries to trick you and us with your credit card or your PayPal account, please follow the instructions of your credit card company or PayPal and inform us immediately at the email address contact@salwapetersen.com. Most credit card companies and/or PayPal cover all the damages that may be caused by misuse of your credit card or PayPal account under certain conditions.

Article 8 – Modifications to this statement

As far as we introduce new products or services, change Internet procedures or if the Internet and computer security technology evolves, the "Privacy Policy" should be updated. We, therefore, reserve the right to change or supplement the explanation as needed. The changes will be published here. Therefore, you should visit this website regularly to keep up to date with the privacy policy.