PRIVACY POLICY

General information
Your personal data (e.g. title, name, address, e-mail address, telephone number, bank details, credit card number) will only be processed by us in accordance with the provisions of German data protection law and the data protection law of the European Union (EU). In addition to the processing purposes, recipients, legal bases, storage periods, the following regulations also inform you about your rights and the person responsible for your data processing. This privacy policy only applies to our websites. If you are redirected to other sites via links on our pages, please inform yourself there about the respective handling of your data.
Data processing for contract fulfilment
(1) Purpose of processing
Your personal data, which you make available to us in the order process, are necessary for the conclusion of a contract with us. You are not obliged to provide your personal data. However, we cannot send you the goods without your address. For some payment methods we require the necessary payment data in order to pass them on to a payment service provider commissioned by us. If you send us an enquiry by e-mail, via a contact form etc. before the conclusion of the contract, we process the data obtained in this way to carry out pre-contractual measures and answer e.g. your questions about our products.(2) Legal basis
The legal basis for such processing is Article 6(1)(b) DSGVO.(3) Recipient categories
Payment service provider, shipping service provider, hosting provider, merchandise management system if necessary, suppliers if necessary (dropshipping).
(4) Storage time
We store the data required for contract processing until the statutory warranty and, if applicable, contractual warranty periods expire.
We store the data required under commercial and tax law for the periods specified by law, usually ten years (cf. § 257 HGB, § 147 AO).
The data processed to carry out pre-contractual measures will be deleted as soon as the measures have been carried out and no contract has been concluded.

remarks
(1) Purpose of processingIt is possible to write a comment. Your data (e.g. name/pseudonym, e-mail address, website) will then only be processed for the purpose of publishing your comment.(2) Legal basis
The legal basis for such processing is Art. 6 para. 1 f) DSGVO.(3) Entitled interest
Our legitimate interest is the public exchange of user opinions on specific topics and products. The publication serves, among other things, the purpose of transparency and opinion-forming. Your interest in data protection is preserved, as you can publish your comment under a pseudonym.

(4) Storage time
We store the data required for contract processing until the statutory warranty and, if applicable, contractual warranty periods expire.
We store the data required under commercial and tax law for the periods specified by law, usually ten years (cf. § 257 HGB, § 147 AO).
The data processed to carry out pre-contractual measures will be deleted as soon as the measures have been carried out and no contract has been concluded.

Remarks
(1) Purpose of processingIt is possible to write a comment. Your data (e.g. name/pseudonym, e-mail address, website) will then only be processed for the purpose of publishing your comment.(2) Legal basis
The legal basis for such processing is Art. 6 para. 1 f) DSGVO.(3) Entitled interest
Our legitimate interest is the public exchange of user opinions on specific topics and products. The publication serves, among other things, the purpose of transparency and opinion-forming. Your interest in data protection is preserved, as you can publish your comment under a pseudonym.
(4) Storage time
A certain storage period is not provided for. You can request the deletion of your comment at any time.

(5) RIGHT OF OBJECTION
You have the right to object at any time to the processing of data on the basis of Art. 6 para. 1 f) DSGVO and not for direct advertising for reasons arising from your particular situation.

In the case of direct mail, however, you may object to the processing at any time without giving reasons.

Credit assessment by KlarnaPlease note the following data protection regulations when choosing Klarna’s payment services:
http://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_en/privacy
Web analysis with Google Analytics(1) processing purpose
This website uses Google Analytics, a web analysis service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. “(“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. However, if IP anonymisation is activated on this website, Google will reduce your IP address within Member States of the European Union or in other states party to the Agreement on the European Economic Area beforehand. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide the website operator with other services relating to website and Internet use.(2) Legal basis
The legal basis for this processing is Art. 6 para.1 f) DSGVO.(3) Entitled interest
Our legitimate interest is the statistical analysis of user behavior for optimization and marketing purposes. To protect your interest in data protection, this website uses Google Analytics with the extension “anonymizeIP()”, so that the IP addresses are only processed further in an abbreviated form in order to exclude direct personal reference.(4) Recipient categories
Google, partner company
(5) Transfer to a third country
Google LLC, based in the USA, is certified for the US European data protection agreement “Privacy Shield”, which guarantees compliance with the data protection level applicable in the EU.

(6) Storage time
Unlimited

(7) RIGHT OF OBJECTION
You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available under the following link: optout
You can also prevent data entry by setting an opt-out cookie. If you would like to prevent future collection of your data when you visit this website, please click here: Disable Google Analytics

Information about cookies(1) Purpose of processing
This website uses technically necessary cookies. These are small text files that are stored in or by your Internet browser on your computer system. These cookies enable, for example, the insertion of several products in a shopping basket.(2) Legal basis
The legal basis for this processing is Art. 6 para.1 f) DSGVO.(3) Entitled interest
Our legitimate interest is the functionality of our website. The user data collected by technically necessary cookies are not used to create user profiles. This preserves your interest in data protection.(4) Storage time
As a rule, the technically necessary cookies are deleted when the browser is closed. permanently stored cookies have a different life span from a few minutes to several years.
(5) RIGHT OF OBJECTION
If you do not wish these cookies to be stored, please deactivate the acceptance of these cookies in your Internet browser. However, this may result in a functional limitation of our website. You can also delete permanently stored cookies at any time via your browser.

Social Plugins(1) We use social plugins from facebook.com, operated by Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA. The plugins can be identified by the Facebook logo or the suffix “Facebook Social Plugin”. For example, if you click the “I like” button or make a comment, your browser sends the relevant information directly to Facebook and stores it there. Facebook also shares your preferences with your Facebook friends. If you are logged in to Facebook, Facebook can directly associate the access to our page with your Facebook account. Even if you are not logged in or do not have a Facebook account at all, your browser transmits information (e.g. which website you have visited, your IP address) that is stored by Facebook. Please refer to Facebook’s privacy policy for details on how Facebook handles your personal data and your rights in this respect. If you do not want Facebook to associate the information we collect about you through our websites with your Facebook account, you must log out of Facebook before visiting our websites. You can also completely prevent the Facebook plugins from loading with add-ons for your browser, e.g. the “Facebook Blocker” (Facebook).(2) We use Twitter and the Re-Tweet functions of twitter.com, operated by Twitter Inc. 795 Folsom St., Suite 600, San Francisco, CA 94107, USA. The plugins are marked with a Twitter logo such as the blue “Twitter bird”. If you use the Re-Tweet functions, the websites you visit will be made known to third parties and connected to your Twitter account. Details on how Twitter handles your data and your rights and setting options for protecting your personal data can be found in the Twitter data protection information. If you do not want Twitter to associate the data collected via our website directly with your Twitter account, you must log out of Twitter before visiting our website. You can also completely prevent the Twitter plugins from loading with add-ons for your browser, e.g. with the script blocker (NoScript).(3) Social Plugins from Google+ Our website uses so-called Social Plugins (“Plugins”) from the social network Google+, which is operated by Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). The plugins can be recognized by buttons with the character “+1” on a white or colored background, for example. An overview of the Google plugins and their appearance can be found here.

When you access a page of our website that contains such a plugin, your browser establishes a direct connection to Google’s servers. The content of the plugin is transmitted by Google directly to your browser and integrated into the page. The integration gives Google the information that your browser has called up the corresponding page of our website, even if you do not have a Google+ profile or are not currently logged in to Google+. This information (including your IP address) is transmitted directly from your browser to a Google server in the USA and stored there.
If you are logged in to Google+, Google can immediately associate your visit to our website with your Google+ profile. If you interact with the plugins, for example by pressing the “+1” button, the corresponding information is also transmitted directly to a Google server and stored there. The information is also published on Google+ and displayed to your contacts on Google+.
The purpose and scope of the data collection and the further processing and use of the data by Google as well as your rights and setting options for the protection of your privacy can be found in Google’s data protection information.
If you do not want Google to associate the data collected via our website directly with your profile on Google+, you must log out of Google+ before visiting our website. You can also completely prevent the loading of Google plugins with add-ons for your browser.(4) On our site we use social plugins of the social network Pinterest, which is operated by Pinterest Inc. 635 High Street, Palo Alto, CA, 94301, USA (“Pinterest”). When you access a page that contains such a plugin, your browser establishes a direct connection to Pinterest’s servers. The plugin transfers protocol data to Pinterest’s server in the USA. This log information may include your IP address, the address of the sites you visit, which may also include pinterest features, the type and settings of your browser, the date and time of your request, your use of Pinterest, and cookies. For more information about Pinterest’s purpose, scope and further processing and use of the data and your rights and means of protecting your privacy, please see Pinterest’s privacy policy: https://about.pinterest.com/de/privacy-policy.
(5) Functions of the Instagram service are integrated on our pages. These functions are provided by Instagram Inc, 1601 Willow Road, Menlo Park, CA, 94025, USA. If you are logged into your Instagram account you can link the contents of our pages to your Instagram profile by clicking the Instagram button. This allows Instagram to associate the visit to our pages with your user account. We would like to point out that, as the provider of these pages, we are not aware of the content of the data transmitted or how Instagram uses it. For more information, please see Instagram’s privacy policy: http://instagram.com/about/legal/privacy/.

Newsletter(1) Purpose of processing
When registering for the newsletter, your e-mail address will be used for advertising purposes, i.e. within the scope of the newsletter we will inform you in particular about products from our range. For statistical purposes we can evaluate which links are clicked in the newsletter. It is not recognizable for us, which concrete person clicked. You have expressly given the following consent separately or, as the case may be, in the course of the ordering process: Subscribe to newsletter(2) Legal basis
The legal basis for such processing is Art. 6 para. 1 a) DSGVO.(3) Recipient categories
if applicable, newsletter provider(4) storage period
Your e-mail address will only be stored for the duration of your registration.
(5) Right of revocation
You can revoke your consent at any time with effect for the future. If you no longer wish to receive the newsletter, you can unsubscribe as follows: Via a unsubscribe link in the newsletter

Rights of the data subject
If personal data is processed by you, you are affected within the meaning of the DSGVO and you have the following rights vis-à-vis us:1) Right to information
You can ask us to confirm whether personal data concerning you will be processed by us.
If such processing has taken place, you may request information from us regarding:(1) the purposes for which the personal data are processed;(2) the categories of personal data being processed;(3) the recipients or categories of recipients to whom the personal data concerning you have been or are still being disclosed;
(4) the planned duration of the storage of the personal data concerning you or, if specific information on this is not possible, criteria for determining the storage period;

(5) the existence of a right to rectification or deletion of personal data concerning you, a right to restriction of processing by us or a right to object to such processing;

(6) the existence of a right of appeal to a supervisory authority;

(7) any available information on the origin of the data if the personal data are not collected from the data subject;

(8) the existence of automated decision-making including profiling in accordance with Art. 22 para. 1 and 4 DSGVO and – at least in these cases – meaningful information on the logic involved and the scope and intended effects of such processing for the data subject.

You have the right to request information as to whether the personal data concerning you is transferred to a third country or to an international organisation. In this context, you may request to be informed of the appropriate guarantees pursuant to Art. 46 DSGVO in connection with the transmission.

2) Right to correction
You have the right to correct and/or complete your personal data if it is incorrect or incomplete. We must make the correction immediately.

3) Right to limitation of processing
Under the following conditions, you may request that the processing of personal data concerning you be restricted:

(1) if you dispute the accuracy of the personal data concerning you for a period that enables us to verify the accuracy of the personal data;

(2) if the processing is unlawful and you refuse to delete the personal data and instead request that the use of the personal data be restricted;

(3) if we no longer need the personal data for the purposes of processing, but you do need them to assert, exercise or defend legal claims, or

(4) if you have filed an objection to the processing pursuant to Art. 21 para. 1 DSGVO and it is not yet clear whether the justified reasons to which we are entitled outweigh your reasons.

If the processing of personal data concerning you has been restricted, such data may only be processed – apart from being stored – with your consent or for the purpose of asserting, exercising or defending rights or protecting the rights of another natural or legal person or on grounds of an important public interest of the Union or a Member State.

If the restriction on processing has been restricted in accordance with the above conditions, you will be informed by us before the restriction is lifted.

4) Right to cancellation

a) Duty to delete
You can ask us to delete the personal data concerning you immediately and we are obliged to delete this data immediately if one of the following reasons applies:

(1) The personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed.

(2) You revoke your consent, on which the processing was based pursuant to Art. 6 para. 1 lit. a or Art. 9 para. 2 lit. a DSGVO, and there is no other legal basis for the processing.

(3) You file an objection against the processing pursuant to Art. 21 para. 1 DSGVO and there are no overriding legitimate reasons for the processing, or you file an objection against the processing pursuant to Art. 21 para. 2 DSGVO.

(4) The personal data concerning you have been processed unlawfully.

(5) The deletion of personal data concerning you is necessary to fulfil a legal obligation under Union law or the law of the Member States to which we are subject.

(6) The personal data concerning you were collected in relation to information society services offered pursuant to Art. 8 para. 1 DSGVO.

b) Information to third parties
If we have made the personal data concerning you public and we are obliged to delete it pursuant to Art. 17 para. 1 DSGVO, we will take appropriate measures, including technical measures, taking into account the available technology and the implementation costs, to inform those responsible for data processing who process the personal data, that you as the data subject have requested the deletion of all links to this personal data or of copies or replications of this personal data.

c) Exceptions
The right to cancellation does not exist insofar as the processing is necessary

(1) to exercise freedom of expression and information;

(2) to fulfil a legal obligation required for processing under the law of the Union or of the Member States to which we are subject, or to perform a task in the public interest or in the exercise of official authority conferred on us;

(3) for reasons of public interest in the field of public health pursuant to Art. 9 para. 2 lit. h and i and Art. 9 para. 3 DSGVO;

(4) for archiving purposes in the public interest, scientific or historical research purposes or for statistical purposes pursuant to Art. 89 para. 1 DSGVO, insofar as the law referred to under a) is likely to make it impossible or seriously impair the attainment of the objectives of such processing, or

(5) to assert, exercise or defend legal claims.

5) Right to information
If you have exercised your right to correct, delete or limit the processing, we are obliged to inform all recipients to whom the personal data concerning you have been disclosed of this correction or deletion of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort.
We have the right to be informed of these recipients.

6) Right to data transferability
You have the right to receive the personal data concerning you that you have provided to us in a structured, common and machine-readable format. You also have the right to pass this data on to another person in charge without hindrance, provided that

(1) processing is based on consent pursuant to Art. 6 para. 1 lit. a DSGVO or Art. 9 para. 2 lit. a DSGVO or on a contract pursuant to Art. 6 para. 1 lit. b DSGVO and

(2) processing is carried out by means of automated methods.
In exercising this right, you also have the right to request that the personal data concerning you be transferred directly by us to another person responsible, insofar as this is technically feasible. The freedoms and rights of other persons must not be affected by this.
The right to transferability shall not apply to the processing of personal data necessary for the performance of a task in the public interest or in the exercise of official authority conferred on us.

7) Right of objection
You have the right to object at any time, for reasons arising from your particular situation, to the processing of personal data concerning you, which is based on Art. 6 para. 1 lit. e or f DSGVO; this also applies to profiling based on these provisions.

We will then no longer process the personal data concerning you, unless we can prove compelling reasons worthy of protection for the processing, which outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

If the personal data concerning you are processed for direct marketing purposes, you have the right to object at any time to the processing of the personal data concerning you for the purpose of such advertising; this also applies to profiling, insofar as it is associated with such direct marketing.

If you object to the processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes.

You have the possibility to exercise your right of objection in connection with the use of Information Society services by means of automated procedures using technical specifications, notwithstanding Directive 2002/58/EC.

8) Right to revoke the data protection declaration of consent
You have the right to revoke your data protection declaration of consent at any time. The revocation of consent shall not affect the legality of the processing carried out on the basis of the consent until revocation.

9) Automated decision in individual cases including profiling
You have the right not to be subject to a decision based exclusively on automated processing – including profiling – that has legal effect against you or significantly impairs you in a similar manner. This does not apply if the decision

(1) is necessary for the conclusion or performance of a contract between you and us,

(2) is admissible by law of the Union or of the Member States to which we are subject and that law contains appropriate measures to safeguard your rights, freedoms and legitimate interests; or

(3) with your express consent.

However, these decisions may not be based on special categories of personal data pursuant to Art. 9 para. 1 DSGVO, unless Art. 9 para. 2 lit. a or g applies and appropriate measures have been taken to protect your rights and freedoms and your legitimate interests.

With regard to the cases mentioned in (1) and (3), we take appropriate measures to protect your rights and freedoms as well as your legitimate interests.

10) Right of appeal to a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right of appeal to a supervisory authority, in particular in the Member State where you are staying, working or suspected of infringing, if you believe that the processing of personal data concerning you is contrary to the DSGVO.

The supervisory authority to which the complaint has been lodged shall inform the complainant of the status and results of the complaint, including the possibility of a judicial remedy under Article 78 DSGVO.

Verantwortlicher für die Datenverarbeitung:
Andreas Heydecke, Hairsystems Heydecke
Altstädter Str. 6
20095 Hamburg
Telefon: 040-375 199 28
info@hairsystems-heydecke.de