Collection and Use of Personal Data
- The controller pursuant to Article 4 (7) General Data Protection Regulation (GDPR) is
Schlegel Seifried Gbr, Mulackstraße 15, 10119 Berlin
Return Address : starstyling ateliers, Wassertorstr. 62 , 10969 Berlin, Germany
Phone: +49 30 9700 51 82
- If, to provide individual functions of our offer, we make use of any contracted service providers or if we would like to use your data for advertising purposes, we will inform you in detail about the respective processes below. We will also specify criteria for how long we store your data.
- You are entitled to the following rights towards us regarding your personal data:
- Right to information,
- Right to rectification or deletion,
- Right to restriction of processing,
- Right to object to the processing,
- Right to data portability.
To exercise your rights, you can contact the controller or the Data Protection Officer, using the above contact details.
- You also have the right to complain to the data protection supervisory authorities about our processing of your personal data.
Objection against the processing of your data or withdrawal of consent
- If you have given your consent to the processing of your data, you have the right to withdraw said consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
- If we base the processing of your personal data on the pursuit of our legitimate interests, you have the right to object to such processing. This is the case if the processing is not necessary for the performance of a contract to which you are a party, but for other purposes, details of which we will provide in the description of those processes. When exercising such an objection, we ask you to explain the reasons why we should not process your personal data in that manner. In the event of your justified objection, we will examine the situation and either stop or adjust data processing or point out to you our compelling reasons worthy of protection, which form the basis of the processing.
Collection of personal data when you visit our website
- When you visit our website for information purposes only, i.e. if you do not register or otherwise provide information to us, we only collect the personal data that your browser transmits to our server. When you visit our website we collect the following data, which is technically necessary for us to display our website to you and to guarantee stability and security (the legal basis being Article 6(1) 1 lit. f GDPR):
- IP address
- Date and time of the request
- Time zone difference to Greenwich Mean Time (GMT)
- Content of the request (specific page)
- Access status/HTTP status code
- Website transmitting the request
- Websites accessed by the user`s system via our website
- Bytes downloaded
- Operating system and interface
- Language and version of the browser software.
The above data will be stored in a so-called log file for the duration of 7 days, after which we will limit processing. The data will be deleted after 4 weeks
- In addition to the aforementioned data, cookies are stored on your computer when you use our website. Cookies are small text files that your browser stores on your hard drive which transmit certain information back to the initiating entity (in this case, us). Cookies cannot run programs or transmit viruses to your computer. They are widely used in order to make websites function properly as well as to improve their user-friendliness and effectiveness.
- 4.3.1.This website uses the following types of cookies; the scope and functioning of which are explained below:
– Transient cookies (see 4.3.2)
– Persistent cookies (see 4.3.3).
- 4.3.2.Transient cookies (notably session cookies) are automatically deleted when you close your browser. They store a so-called session ID, with which different requests of your browser can be assigned to the common session. This will allow your computer to be recognized when you return to our website. Session cookies also include the cookies that we use to ensure the correct display of our website on the device used by you. Session cookies are deleted when you log out or close your browser.
- 4.3.3.Persistent cookies are automatically deleted after a specified period, which may vary depending on the cookie. You can delete cookies at any time in the security settings of your browser.
Use of our web shop
- If you would like to order in our web shop, we will require such personal data as is necessary for the completion of your order and thus the conclusion of our contract with you. Information which is required for the execution of this contract is marked separately, any further information may be provided voluntarily. Specifically, we collect the following data:
- First name
- Invoice data
- Delivery data
- Payment details
We will process the data provided by you to fulfil your order, the legal basis for this being Article 6 (1) 1 lit. b GDPR.
We may also process the information you provide to inform you about other interesting products we offer or to send you e-mails containing technical information.
5.2 We are obliged by commercial and tax laws to store your address, payment and order data for a period of ten years. However, after two years we will restrict processing, i.e. your data will only be used to comply with our legal obligations.
5.3 To prevent unauthorized access to your personal data, especially financial data, the order process is encrypted using TLS technology.
Recipients of your data / categories of recipients
- In connection with the above processing of your data, we will use service providers for shipment. The data required for the fulfillment of the contract will be passed on to these service providers for this purpose only.
- We use third party payment processors PayPal and WireCard AG, Einsteinring 35, 85609 Aschheim („WireCard“). After your order, you will be forwarded to your chosen payment processor so that you may make your payment from there.
- Alternatively, you may choose advance payment, in which case you do not need to enter any further payment data.
- Our online shop is maintained by a hosting company based in Switzerland. Switzerland is a so-called safe third country within the meaning of the GDPR. If you visit our webshop, the data mentioned under point 4.1 will also be transmitted to this hoster. Likewise all data in connection with your purchase in our webshop (point 5) and your customer account (point 7) will be processed by this hoster. The obligation of our service provider to treat your data in accordance with the GDPR and to take suitable technical and organisational measures for data security has been stipulated in a data processing contract.
- Creating a customer account
- 7.1.You may create an optional customer account to allow us to store your data for future purchases. To create a customer account, you must choose a password and enter it in addition to your name and e-mail address. We strongly advise you to keep your password safe and protect it against unauthorized access by third parties. Upon creation of an account during your purchase in our web shop, the data provided by you will be revocably stored on our server. You can view your past and present purchases in your customer account.
- 7.2.The legal basis for the processing of your data is Article 6 (1) 1 lit. b GDPR, because you make the data available within the framework of a contractual relationship or for the initiation of such a relationship.
- 7.3.You may ask us to delete your account at any time by sending us an e-mail to mail[at]starstyling[dot]net. Your data will be stored until the deletion of your user account.
Contacting us by e-mail or through our contact form
- If you contact us by e-mail or by using our contact form, we will store the data you provide (your e-mail address and - where applicable - your name, telephone number and your message) in order to answer your query. Once storage is no longer necessary, we will delete all data collected with regard to your query or limit processing of your data to comply with any legal obligation we are subject to.
- We will process said data to respond to your request. Said processing is based on a contractual basis (Article 6 (1)1 lit. b GDPR) as far as issues regarding your purchase of our products are concerned. With regards to general customer service and answering of your queries, said processing takes place for the purposes of our legitimate interests (Article 6 (1)1 1 lit. b GDPR), as it enables us to provide a satisfactory customer service.
- Google Fonts
This website uses Google Fonts to integrate fonts. Google Fonts is a service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, US,. To display our site, Google servers are called up, namely fonts.googleapis.com and fonts.gstatic.com. In order to display those fonts on our site as quickly and efficiently as possible, such requests are stored by Google resulting in fonts and preferences being cached by your browser. The use of Google Web Fonts follows from our interest in a uniform and appealing online presentation of our services. This represents a legitimate interest within the scope of Article 6 (1) 1 lit. f GDPR. With regard to the transfer of personal data to the US, Google has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework. More information about Google Fonts and privacy can be found here: https://developers.google.com/fonts/faq#what_does_using_the_google_fonts_api_mean_for_the_privacy_of_my_users.
- ajax.googleapis.com/ jQuery
Use of Social Media Plug-ins / Instagram
- 11.1.We use the following Social Media Plug-ins: Instagram (a service owned by Facebook). When you visit our site, the plug-in providers receive information about your visit to the corresponding page of our website. In addition, the data mentioned under point 4.1 of this declaration may be transmitted. By activating the plug-in, personal data is transferred from you to Instagram and stored by Instagram in the US.
- 11.2.We have no influence on the data collected and the data processing processes, nor are we aware of the full extent of data collection, the purposes of processing or the storage periods. We also have no information on the deletion of the data collected by Instagram.
- 11.3.Instagram stores the data collected about you in it’s user profiles and uses it for the purposes of advertising, market research and/or demand-oriented design of it’s website. Your data will thus be evaluated (even that of users who are not logged in), notably to provide demand-oriented advertising and to inform other users of Instagram’s social network about your activities on our website. You have the right to object to the creation of such user profiles, however you must contact Instagram to exercise this right. We use this plug-in to offer you the possibility of interacting with social networks and other users, and so that we may improve our offer and make it more interesting to you. This is deemed to be in our legitimate interest, the legal basis is Article 6 (1) 1 lit. f GDPR.
- 11.4.This takes place regardless of whether Instagram provides a user account that you are logged in with or whether no such user account exists. If you are logged in to Facebook, your information will be directly associated with your account. If you do not wish to be associated with your profile on Instagram/Facebook, we recommend you log out before visiting our website.
- 11.6.Instagram is a product of Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.
- Social Media Profiles
We maintain a company profile on the following social networks and platforms: Facebook, Instagram, Pinterest, Tumbler. We maintain these profiles in order to communicate with our customers, users and interested parties and in order to provide further information about our products and activities. In the case of any messages or contributions we receive on these profiles, we will process your data to enable us to communicate with you. This is a legitimate interest; the legal basis is Article 6 (1) 1 lit f GDPR. No further storage of this communication takes place outside of these networks on our part. The terms and conditions of the platform operators apply. Regarding the purpose and scope of said data collection and further processing and use of this data by the operators of these social platforms, as well as your rights and optional settings with regard to the protection of your privacy, please refer to the respective privacy statements: