We are pleased about your interest in our website. Protecting your privacy is very important to us. Below, we provide detailed information on how we handle your data.
1. Responsible Party for Data Processing
The responsible party within the meaning of the General Data Protection Regulation (GDPR) is:
Health & Beauty Germany GmbH
Königsallee 19
40212 Düsseldorf
Email: support@hbdeadsea-germany.de
2. Collection and Storage of Personal Data
When you visit our website, our servers automatically store information that your browser transmits to us. This includes:
- When you visit our website, our servers automatically store information that your browser transmits to us. This includes:
- IP address of the requesting computer,
- Date and time of access,
- Name and URL of the retrieved file,
- Website from which access occurs (referrer URL),
- Browser used and, if applicable, the operating system of your computer, as well as the name of your access provider.
This data is processed for the following purposes:
- Ensuring a smooth connection to the website,
- Ensuring comfortable use of our website,
- Evaluating system security and stability, and
- For further administrative purposes.
The legal basis for data processing is Art. 6 para. 1 lit. f GDPR. Our legitimate interest arises from the purposes listed above for data collection. In no case do we use the collected data to draw conclusions about your person.
3. Data Collection and Use for Contract Processing
We collect personal data when you voluntarily provide it to us in the context of your order, when you contact us (e.g., via contact form or email), or when registering a customer account. Mandatory fields are marked as such since we need this data to process your order, to handle your inquiries, or to open the customer account, and you cannot complete the order and/or registration without providing this information. Which data is collected can be seen from the respective input forms.
We use the data you provide to us for contract processing and handling your inquiries. After full contract processing or deletion of your customer account, your data will be restricted for further processing and deleted after the expiration of statutory retention periods, unless you have explicitly consented to further use of your data or we reserve further data use that is legally permitted and of which we inform you in this declaration.
4. Payment Processing
For payment processing, we work with the payment service provider Stripe. When selecting credit card payment or other payment methods supported by Stripe, the payment data (e.g., credit card numbers) is collected and processed directly by Stripe. We do not store any payment data, such as credit card data or information about other payment methods.
Stripe Privacy Policy
Stripe Inc. is responsible for processing your payment data. Stripe collects and processes this data according to Stripe’s privacy regulations. For more information on data protection at Stripe, please visit: https://stripe.com/de/privacy.
5. Data Disclosure
Your personal data will only be disclosed to third parties if:
- You have given your explicit consent (Art. 6 para. 1 lit. a GDPR),
- The disclosure is necessary for the assertion, exercise, or defense of legal claims, and there is no reason to believe that you have an overriding legitimate interest in not disclosing your data (Art. 6 para. 1 lit. f GDPR),
- This is legally permissible and necessary for the execution of contractual relationships with you (Art. 6 para. 1 lit. b GDPR).
6. Data Storage
The personal data you provide will be stored by us for the duration of the contractual relationship and until all legal obligations have been fulfilled. Once the purpose ceases to exist and the statutory retention periods have expired, the data will be deleted unless consent for longer storage is given.
7. Rights of the Affected Person
You have the right to:
- Request information about your personal data processed by us in accordance with Art. 15 GDPR;
- Request the immediate correction of incorrect or incomplete personal data stored with us in accordance with Art. 16 GDPR;
- Request the deletion of your personal data stored with us in accordance with Art. 17 GDPR, provided that no statutory retention obligation prevents this;
- Request the restriction of the processing of your personal data in accordance with Art. 18 GDPR;
- Receive your personal data in a structured, commonly used, and machine-readable format or request the transfer to another responsible party in accordance with Art. 20 GDPR;
- Withdraw your once granted consent at any time in accordance with Art. 7 para. 3 GDPR;
- Lodge a complaint with a supervisory authority in accordance with Art. 77 GDPR.
8. Right to Object
You have the right to object to the processing of your personal data if we process it based on our legitimate interests (Art. 6 para. 1 lit. f GDPR). If you wish to exercise your right to object, it is sufficient to send an email to: [Your Email Address].
9. Data Security
We use appropriate technical and organizational security measures to protect your data from accidental or intentional manipulation, partial or complete loss, destruction, or unauthorized access by third parties.
10. Changes to the Privacy Policy
We reserve the right to adjust this privacy policy as necessary, for example, in the case of changes in legislation or the implementation of new technologies. The current version can be found on our website.