Thank you for your interest in our company. We take data protection seriously.
In principle, you can use our website without providing any personal data. If a person concerned wishes to use the services of our company via our website, it may be necessary to process personal data. If it is necessary to process personal data and there is no legal basis for such processing, we always obtain the consent of the person concerned.
The processing of personal data (e.g. name, address, e-mail address or telephone number of a data subject) is always carried out in accordance with the Basic Data Protection Regulation (DSGVO) and in compliance with the country-specific data protection regulations applicable to us.
With the following data protection declaration we would like to inform the public about the type, scope and purpose of the personal data collected, used and processed by us. This data protection declaration also informs affected persons about their rights.
As data controllers, we have implemented numerous technical and organisational measures to ensure that the personal data processed via our website is protected as completely as possible. However, data transmissions via the Internet can generally contain security gaps. Therefore, a 100 % protection cannot be guaranteed. For this reason, every person concerned can, of course, alternatively provide us with personal data, e.g. by telephone.
This data protection declaration is based on the definitions used by the European legislator when the DSGVO was adopted (Article 4 DSGVO). This data protection declaration should be both easy to read and easy to understand for every person. To ensure this, we would first like to explain the terms used. These definitions are used in this data protection declaration, among others:
personal data shall mean any information relating to an identified or identifiable natural person (hereinafter referred to as "data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, on-line identification, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person
data subject shall mean any identified or identifiable natural person whose personal data are processed by the controller
processing shall mean any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organisation, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
limitation of processing means the marking of stored personal data with a view to limiting their processing in the future;
profiling means any automated processing of personal data consisting in the use of such personal data to evaluate certain personal aspects relating to a natural person, in particular with a view to analysing or predicting aspects relating to the performance of work, economic situation, health, personal preferences, interests, reliability, conduct, location or movement of that natural person
responsible person shall mean the natural or legal person, public authority, agency or any other body which alone or jointly with others determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or national law, provision may be made for the controller or the specific criteria for his or her designation in accordance with Union or national law
recipient shall mean any natural or legal person, public authority, agency or any other body to whom personal data are disclosed, whether or not a third party. However, authorities which may receive personal data in the context of a specific investigation task under Union or national law shall not be considered as recipients; the processing of such data by those authorities shall be carried out in accordance with the applicable data protection rules and in accordance with the purposes of the processing;
third party means any natural or legal person, public authority, agency or any other body other than the data subject, the controller, the processor and the persons who, under the direct authority of the controller or the processor, are authorized to process the personal data
consent of the data subject means any freely given specific, informed and unequivocal expression of his or her wishes in the form of a statement or any other unequivocal affirmative act by which the data subject signifies his or her agreement to the processing of personal data relating to him or her.
2. Name and contact details of the person
Responsible: Bella&Bona GmbH, represented by the managing director Mr Matteo Cricco, Gotthardstraße 89 Munich 80689 Email: firstname.lastname@example.org Tel: +49 151-54079664
a) When visiting the website
You can use our website without disclosing your identity. When you call up our website, information is automatically sent to the server of our website by the browser used on your terminal device. This information is temporarily stored in a so-called log file. The following information is recorded without your intervention and stored until it is automatically deleted:
The above-mentioned data will be processed by us for the following purposes:
The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f DSGVO. Our legitimate interest follows from the above-mentioned purposes for data collection. Under no circumstances do we use the data collected for the purpose of drawing conclusions about your person.
**b) When using our contact form **
For questions of any kind, we offer you the possibility to contact us via a form provided on our website. In order to do so, it is necessary to enter a valid e-mail address so that we know who the enquiry comes from and can answer it. Further information can be given voluntarily.
It is your free decision whether you wish to enter this data in the contact form.
The data processing for the purpose of contacting us is carried out in accordance with Art. 6 Para. 1 S. 1 lit. a DSGVO on the basis of your voluntarily given consent.
The personal data collected by us for the use of the contact form will be automatically deleted after completion of your request.
**c) For orders via our website **You can either place orders via our website as a guest without registering, or register in our shop as a customer for future orders. Registration has the advantage for you that you can log in to our shop directly with your e-mail address and password in the event of a future order without having to enter your contact details again.
Your personal data will be entered into an input mask and transmitted to us and stored. If you place an order via our website, we collect the following data both in the case of a guest order and in the case of a registration in the shop:
The collection of this data is carried out,
During the ordering process, your consent to the processing of this data is obtained.
The data processing is carried out upon your order and/or registration and is required in accordance with Art. 6 Para. 1 S. 1 lit. b DSGVO for the aforementioned purposes for the appropriate processing of your order and for the mutual fulfilment of obligations arising from the purchase contract.
The personal data collected by us for the processing of your order will be stored until the expiry of the statutory storage obligation and deleted thereafter, unless we are obliged to store the data for a longer period of time in accordance with Article 6 Paragraph 1 S. 1 lit. c DSGVO due to tax and commercial law storage and documentation obligations (from HGB, StGB or AO) or you have consented to storage beyond this in accordance with Article 6 Paragraph 1 S. 1 lit. a DSGVO.
4. Transfer of data
Your personal data will be passed on by us to third parties exclusively to the service partners involved in the execution of the contract, such as the logistics company commissioned with the delivery and the credit institute commissioned with payment matters. In cases where your personal data is passed on to third parties, the amount of data transmitted is limited to the necessary minimum.
In the case of payment via PayPal, credit card via PayPal, direct debit via PayPal or "purchase on account" via PayPal, we will pass on your payment data to PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter referred to as "PayPal") within the scope of payment processing. PayPal reserves the right to carry out a credit check for the payment methods credit card via PayPal, direct debit via PayPal or "purchase on account" via PayPal. The result of the credit assessment with regard to the statistical probability of non-payment shall be used by PayPal for the purpose of deciding whether to provide the respective payment method. The credit report may contain probability values (so-called score values). If score values are included in the result of the credit report, they are based on a scientifically recognized mathematical-statistical procedure. Among other things, address data is included in the calculation of the score values. You can find further information on data protection law in the PayPal data protection principles: https://www.paypal.com/de/webapps/mpp/ua/privacy-full
Your personal data will not be transferred to third parties for purposes other than those mentioned above.
We will also only pass on your personal data to third parties if:
you have given your express consent in accordance with Art. 6 para. 1 sentence 1 lit. a DSGVO,the disclosure pursuant to Art. 6 para. 1 sentence 1 lit. f DSGVO is necessary for the assertion, exercise or defence of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data,in the event that there is a legal obligation to pass on the data in accordance with Art. 6 para. 1 sentence 1 lit. c DSGVO, andthis is legally permissible and required for the processing of contractual relationships with you in accordance with Art. 6 Para. 1 S. 1 lit. b DSGVO.
During the ordering process, your consent to the transfer of your data to third parties will be obtained.
Information is stored in the cookie that is related to the specific terminal device used. This does not mean, however, that we are immediately informed of your identity.
In addition, we also use temporary cookies to optimise user-friendliness, which are stored on your end device for a certain defined period of time. If you visit our site again to make use of our services, it is automatically recognised that you have already been with us and which entries and settings you have made so that you do not have to enter them again.
The data processed by cookies is required for the above-mentioned purposes to protect our legitimate interests and those of third parties in accordance with Art. 6 Para. 1 S. 1 lit. f DSGVO.
Most browsers automatically accept cookies. However, you can configure your browser so that no cookies are stored on your computer or so that a message always appears before a new cookie is created. However, completely deactivating cookies may mean that you cannot use all the functions of our website.
6. Links to websites of third parties
The links published on our website are researched and compiled by us with the greatest possible care. However, we have no influence on the current and future design and content of the linked pages. We are not responsible for the content of the linked pages and expressly do not adopt the content of these pages as our own. For illegal, incorrect or incomplete contents as well as for damages resulting from the use or non-use of the information, only the provider of the linked website is liable. The liability of the person who merely refers to the publication by a link is excluded. We are only responsible for external references if we have positive knowledge of them, i.e. also of possible illegal or criminal content, and if it is technically possible and reasonable for us to prevent their use.
7. Analysis and tracking tools
The tracking measures listed below and used by us are carried out on the basis of Art. 6 para. 1 sentence 1 lit. f DSGVO. With the tracking measures used, we want to ensure that our website is designed to meet the needs of our customers and is continuously optimised. On the other hand, we use the tracking measures to record the use of our website statistically and evaluate it for the purpose of optimising our offer for you. These interests are to be regarded as justified in the sense of the aforementioned regulation.
The respective data processing purposes and data categories can be taken from the corresponding tracking tools.
a) Google Analytics1
For the purpose of designing and continuously optimizing our pages according to your needs, we use Google Analytics, a web analysis service of Google Inc. (https://www.google.de/intl/de/about/) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter "Google"). In this context, pseudonymised user profiles are created and cookies (see section 5) are used. The information generated by the cookie about your use of this website such as
are transmitted to a Google server in the USA and stored there. The information is used to evaluate the use of the website, to compile reports on the website activities and to provide further services associated with the use of the website and the Internet for the purposes of market research and demand-oriented design of these Internet pages. This information may also be transferred to third parties where required by law or where third parties process this data on our behalf. Under no circumstances will your IP address be merged with other data from Google. The IP addresses are made anonymous, so that an assignment is not possible (IP masking).
You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=de).
As an alternative to the browser add-on, especially for browsers on mobile devices, you can also prevent Google Analytics from collecting the data by clicking on the above link. An opt-out cookie will be set to prevent the future collection of your data when you visit our website. The opt-out cookie is only valid in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you will have to set the opt-out cookie again.
Further information on data protection in connection with Google Analytics can be found under the following link in the Google Analytics help: https://support.google.com/analytics/answer/6004245?hl=de
**b) Google Adwords Conversion Tracking **
In order to statistically record the use of our website and evaluate it for the purpose of optimizing our website for you, we also use Google Conversion Tracking. Google Adwords sets a cookie (see point 5) on your computer if you have reached our website via a Google ad.
These cookies lose their validity after 30 days and are not used for personal identification. If the user visits certain pages of the Adwords client's website and the cookie has not yet expired, Google and the client can recognize that the user clicked on the ad and was redirected to that page.
Each Adwords client receives a different cookie. As a result, cookies cannot be tracked on the websites of Adwords customers. The information collected using the conversion cookie is used to generate conversion statistics for Adwords customers who have opted for conversion tracking. Adwords advertisers know the total number of users who have clicked on their ad and been redirected to a page with a conversion tracking tag. However, they do not receive any information that can be used to personally identify users.
8. Social media plugins
We use social plugins of social networks (e.g. Facebook, Twitter, Google+) on our website on the basis of Art. 6 Para. 1 S. 1 lit. f DSGVO in order to make our company better known. The advertising purpose behind this is to be regarded as a legitimate interest within the meaning of the DSGVO. The responsibility for data protection compliant operation is to be guaranteed by their respective providers. The integration of these plugins by us is done by the so-called two-click method to protect visitors of our website in the best possible way.
On our website, social media plugins from Facebook are used to make their use more personal. For this we use the "LIKE" or "SHARE" button. This is an offer from Facebook.
If you call up a page of our website that contains such a plugin, your browser establishes a direct connection with the Facebook servers. The content of the plugin is transmitted by Facebook directly to your browser and integrated into the website by it.
Through the integration of the plugin, Facebook receives the information that your browser has called up the corresponding page of our website, even if you do not have a Facebook account or are not currently logged in to Facebook. This information (including your IP address) is transmitted by your browser directly to a Facebook server in the USA and stored there.
If you are logged in to Facebook, Facebook can assign your visit to our website directly to your Facebook account. If you interact with the plugins, for example by clicking the "LIKE" or "SHARE" button, the corresponding information is also transmitted directly to a Facebook server and stored there. The information is also published on Facebook for everyone to see.
Facebook may use this information for the purposes of advertising, market research and the design of Facebook pages to meet the needs of the user. For this purpose, Facebook creates usage, interest and relationship profiles, e.g. to evaluate your use of our website with regard to the advertisements shown to you on Facebook, to inform other Facebook users about your activities on our website and to provide other services associated with the use of Facebook.
If you do not want Facebook to assign the data collected via our website to your Facebook account, you must log out of Facebook before visiting my website.
For the purpose and scope of data collection and the further processing and use of data by Facebook, as well as your rights in this regard and setting options for protecting your privacy, please refer to the data protection information, in particular the Facebook data policy, which you can view under the following link: https://www.facebook.com/about/privacy/
On our website you will find plugins of the short message network of Twitter Inc. (Twitter) are integrated on our website. You can recognize the Twitter plugins (tweet button) by the Twitter logo on our site. An overview of tweet buttons can be found under this link on Twitter: https://dev.twitter.com/web/tweet-button
If you call up a page on our website that contains such a plugin, a direct connection is established between your browser and the Twitter server. Twitter thereby receives the information that you have visited our site with your IP address. If you click the Twitter "tweet button" while you are logged in to your Twitter account, you can link the contents of our pages on your Twitter profile. This allows Twitter to associate your visit to our pages with your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Twitter.
If you do not want Twitter to be able to link your visit to our pages, please log out of your Twitter user account.
c) Google "+1" button
Our website uses the "+1" button of the social network Google, which is operated by Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043-1351, USA. The button is marked with a "+1".
The "+1" button is an abbreviation for "this is pretty cool" or "check it out". The button is not used to record your visits to the web.
If a web page on our site contains the "+1" button, your web browser will load and display this button from the Google server. The website of our internet presence that you visit is automatically reported to the Google server. When displaying a +1 button, Google does not permanently log your browsing history, but only for a period of up to two weeks.
Google stores this data about your visit for this period for system maintenance and troubleshooting purposes. However, this data is not structured by individual profiles, usernames or URLs. Nor is this information available to website publishers or advertisers. This information is used only for maintenance and troubleshooting purposes in Google's internal systems. Your visit to a page with a +1 button is not evaluated in any other way by Google.
There will be no further evaluation of your visit to a page of our website with a "+1" button.
The assignment of +1 itself is a public process, i.e. anyone who performs a Google search or calls up content on the web to which you give +1 can potentially see that you have given the content in question a +1. So only give +1 if you're sure you want to share this recommendation with the world.
A click on this +1 button will serve as a recommendation to other users in Google's search results. You can publicly say that you like our website, that you approve of our website or that you can recommend our website. If you have registered for Google+ and are logged in, the +1 button turns blue when you click it. The +1 will also be added to the +1 tab in your Google profile. On this tab you can manage your +1 and decide if you want to make the +1 tab public.
In order to store and make your +1 recommendation public, Google collects information from your profile about the URL you recommend, your IP address and other browser-related information. If you opt out of your +1, this information is deleted. All of your +1 referrals are listed on the +1 tab in your profile.
We only want to show our services or products to people who are really interested in them. With the help of Facebook pixels, our advertising measures can be better tailored to your wishes and interests. This way, Facebook users (if they have allowed personalized advertising) get to see suitable advertisements. Furthermore, Facebook uses the collected data for analysis purposes and its own advertisements.
In the following, we show you those cookies that were set by integrating Facebook pixels on a test page. Please note that these are only sample cookies. Different cookies are set depending on the interaction on our website.
Note: The cookies mentioned above refer to individual user behavior. Especially when using cookies, changes in Facebook can never be excluded.
If you are logged in to Facebook, you can change your settings for advertisements at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen yourself. If you are not a Facebook user, you can basically manage your usage-based online advertising at http://www.youronlinechoices.com/de/praferenzmanagement/. There you have the possibility to deactivate or activate providers.
For our website we use the Google Tag Manager of the company Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA). This Tag Manager is one of many helpful marketing products from Google. The Google Tag Manager allows us to centrally install and manage code sections of various tracking tools that we use on our website.
Google is an active participant in the EU-U.S. Privacy Shield Framework, which regulates the correct and secure transfer of personal data. You can find more information about this at https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&tid=311141658. If you want to learn more about the Google Tag Manager, we recommend the FAQs at https://www.google.com/intl/de/tagmanager/faq.html.
When you register for our newsletter, you provide us with the personal data mentioned above and give us the right to contact you by e-mail. We use the data stored during the registration for the newsletter exclusively for our newsletter and do not pass them on.
If you unsubscribe from our newsletter - you will find the link for this at the bottom of every newsletter - we will delete all data stored with the registration for the newsletter.
More information about data protection at Cloudflare can be found on https://www.cloudflare.com/de-de/privacypolicy/.
On our website we use social plug-ins from the social media network LinkedIn, from the company LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. The social plug-ins may be feeds, content sharing or linking to our LinkedIn site. The social plug-ins are clearly marked with the well-known LinkedIn logo and allow, for example, to share interesting content directly through our website. For the European Economic Area and Switzerland, LinkedIn Ireland Unlimited Company Wilton Place in Dublin is responsible for data processing.
Our primary goal is to ensure that our website is as safe and secure as possible for you and for us. To ensure this, we use Google reCAPTCHA from Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA). With reCAPTCHA we can determine whether you are really a flesh and blood human being and not a robot or other spam software. By spam, we mean any unsolicited information sent to us electronically. With the classic CAPTCHAS, you usually had to solve text or image puzzles to check it. With Google's reCAPTCHA we usually do not have to bother you with such puzzles.
If you do not want any data about you or your behaviour to be transmitted to Google, you must log out completely from Google and delete all Google cookies before you visit our website or use the reCAPTCHA software. In principle, the data is automatically transmitted to Google as soon as you visit our website. To delete this data again, you must contact Google support at https://support.google.com/?hl=de&tid=311141658.
So when you use our website, you agree that Google LLC and its representatives automatically collect, process and use data.
9. Rights of data subjects
You have the right:
to request information about your personal data processed by us in accordance with Art. 15 DSGVO. In particular, you may request information on the purposes of the processing, the category of personal data, the categories of recipients to whom your data have been or will be disclosed, the planned duration of storage, the existence of a right of rectification, cancellation, restriction of processing or opposition, the existence of a right of appeal, the origin of your data, if not collected from me, as well as the existence of automated decision making including profiling and, if applicable, meaningful information on the details thereof;
in accordance with Art. 16 DSGVO, to demand without delay the correction of incorrect or incomplete personal data stored by us;pursuant to Art. 17 DSGVO to demand the deletion of your personal data stored with us, unless processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
pursuant to Art. 18 DSGVO, to demand the restriction of the processing of your personal data, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you refuse to delete it and we no longer require the data, but you require it for the assertion, exercise or defence of legal claims or you have lodged an objection to the processing pursuant to Art. 21 DSGVO;in accordance with Art. 20 DSGVO, to receive your personal data that you have provided us with in a structured, common and machine-readable format or to request that it be transferred to another responsible party;
in accordance with Art. 7 para. 3 DSGVO, to revoke your consent to us at any time. As a result, we may no longer continue data processing based on this consent in the future andto complain to a supervisory authority in accordance with Art. 77 DSGVO As a rule, you can turn to the supervisory authority of your usual place of residence or workplace or to our head office.
10. Right of objection
If your personal data are processed on the basis of legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f DSGVO, you have the right to object to the processing of your personal data pursuant to Art. 21 DSGVO, if there are reasons for doing so that arise from your particular situation or if the objection is directed against direct advertising. In the latter case, you have a general right of objection, which will be implemented by us without indicating a special situation.
If you wish to exercise your right of revocation or objection, simply send an e-mail to: email@example.com
11. Data security
We use the common SSL (Secure Socket Layer) method in connection with the highest encryption level supported by your browser. As a rule, this is a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is being transmitted in encrypted form by the closed display of the key or lock symbol in the lower status bar of your browser.
We also use suitable technical and organisational security measures to protect your data against accidental or deliberate manipulation, partial or complete loss, destruction or unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.
12. Topicality and amendment of this data protection declaration