Privacy policy

Privacy policy

The controller responsible for data processing is:
DESIGNER BOUTIQUE E-COMMERCE LIMITED
SUITE C, LEVEL 7, WORLD TRUST TOWER, 50 STANLEY STREET
999077

Thank you for your interest in our online store. The protection of your privacy is very important to us. Below we inform you in detail about the handling of your data.

1. access data and hosting:

You can visit our website without providing any personal data. Each time a website is accessed, the web server merely automatically saves a so-called server log file, which contains, for example, the name of the requested file, your IP address, the date and time of access, the amount of data transferred and the requesting provider (access data) and documents the access. This access data is analyzed exclusively for the purpose of ensuring trouble-free operation of the site and improving our offer. This serves to safeguard our legitimate interests, which predominate in the context of a weighing of interests, in a correct presentation of our offer in accordance with Art. 6 Para. 1 S. 1 lit. f GDPR.

 

2. data processing for contract processing and for establishing contact

2.1 Data processing for contract processing

For the purpose of contract processing (including inquiries about and processing of any existing warranty and service disruption claims as well as any statutory updating obligations) in accordance with Art. 6 Para. 1 S. 1 lit. b GDPR, we collect personal data if you voluntarily provide it to us as part of your order. Mandatory fields are marked as such, as in these cases we absolutely need the data to process the contract and we cannot send the order without it. Which data is collected can be seen from the respective input forms.

Further information on the processing of your data, in particular on the transfer to our service providers for the purpose of order, payment and shipping processing, can be found in the following sections of this privacy policy. After completion of the contract, your data will be restricted for further processing and deleted after expiry of the retention periods under tax and commercial law in accordance with Art. 6 para. 1 sentence 1 lit. c GDPR, unless you have expressly consented to further use of your data in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR or we reserve the right to use data beyond this, which is permitted by law and about which we inform you in this declaration.

2.2 Customer account

If you have given your consent to this in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR by deciding to open a customer account, we will use your data for the purpose of opening a customer account and storing your data for further future orders on our website. Deletion of your customer account is possible at any time and can be done either by sending a message to the contact option described in this privacy policy or via a function provided for this purpose in the customer account. After deletion of your customer account, your data will be deleted unless you have expressly consented to further use of your data in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR or we reserve the right to use data beyond this, which is permitted by law and about which we inform you in this declaration.

2.3 Making contact

In the context of customer communication, we collect personal data to process your inquiries in accordance with Art. 6 para. 1 sentence 1 lit. b GDPR if you voluntarily provide us with this data when contacting us (e.g. via contact form or e-mail). Mandatory fields are marked as such, as in these cases we absolutely need the data to process your contact. Which data is collected can be seen from the respective input forms. Once your request has been fully processed, your data will be deleted unless you have expressly consented to further use of your data in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR or we reserve the right to use data beyond this, which is permitted by law and about which we inform you in this declaration.

3. data processing for the purpose of shipping processing

In order to fulfill the contract in accordance with Art. 6 para. 1 sentence 1 lit. b GDPR, we pass on your data to the shipping service provider commissioned with the delivery, insofar as this is necessary for the delivery of ordered goods.

The same applies to the transfer of data to our manufacturers or wholesalers in cases where they take over the shipping for us (drop shipment). These are considered shipping service providers within the meaning of this privacy policy.

Our service providers are located and/or use servers in these countries China
There is no adequacy decision by the European Commission for these countries. Our cooperation with you is based on these guarantees: Standard data protection clauses of the European Commission, Standard data protection clauses of a supervisory authority, Approved binding internal data protection rules, Approved contractual clauses, Approved code of conduct, Approved certification mechanism

4. data processing for payment processing

We work with the following partners to process payments in our online store: technical service providers, credit institutions, payment service providers.

4.1 Data processing for transaction processing

Depending on the selected payment method, we pass on the data necessary for processing the payment transaction to our technical service providers, who work for us as part of order processing, or to the commissioned credit institutions or to the selected payment service provider, insofar as this is necessary for processing the payment. This serves to fulfill the contract in accordance with Art. 6 para. 1 sentence 1 lit. b GDPR. In some cases, the payment service providers collect the data required for processing the payment themselves, e.g. on their own website or via a technical integration in the ordering process. In this respect, the privacy policy of the respective payment service provider applies.
If you have any questions about our partners for payment processing and the basis of our cooperation with them, please use the contact option described in this privacy policy.

4.2 Data processing for the purpose of fraud prevention and optimization of our payment processes

If necessary, we provide our service providers with further data, which they use together with the data necessary for processing the payment as our processors for the purpose of fraud prevention and the optimization of our payment processes (e.g. invoicing, processing of disputed payments, accounting support). In accordance with Art. 6 para. 1 sentence 1 lit. f GDPR, this serves to safeguard our legitimate interests in our protection against fraud and efficient payment management, which predominate in the context of a balancing of interests.

5. advertising by e-mail

E-mail newsletter with registration

If you subscribe to our newsletter, we will use the data required for this or separately provided by you to regularly send you our email newsletter based on your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. You can unsubscribe from the newsletter at any time, either by sending a message to the contact option described below or via a link provided for this purpose in the newsletter. After unsubscribing, we will delete your email address from the list of recipients, unless you have expressly consented to further use of your data in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR or we reserve the right to use data beyond this, which is permitted by law and about which we inform you in this declaration.

6. cookies and other technologies

General information

In order to make visiting our website attractive and to enable the use of certain functions, we use technologies on various pages, including so-called cookies. Cookies are small text files that are automatically stored on your end device. Some of the cookies we use are deleted again at the end of the browser session, i.e. after you close your browser (so-called session cookies). Other cookies remain on your end device and enable us to recognize your browser on your next visit (persistent cookies).

Privacy protection for end devices
When using our online offer, we use absolutely necessary technologies in order to be able to provide the expressly requested telemedia service. The storage of information in your end device or access to information that is already stored in your end device does not require consent in this respect.

For functions that are not absolutely necessary, the storage of information in your end device or access to information that is already stored in your end device requires your consent. We would like to point out that if you do not give your consent, parts of the website may not be fully usable. Any consent you have given will remain in place until you adjust or reset the respective settings on your device.

Any downstream data processing by cookies and other technologies
We use technologies that are absolutely necessary for the use of certain functions of our website (e.g. shopping cart function). These technologies collect and process the IP address, time of visit, device and browser information as well as information about your use of our website (e.g. information about the contents of the shopping cart). In the context of a balancing of interests, this serves overriding legitimate interests in an optimized presentation of our offer in accordance with Art. 6 Para. 1 S. 1 lit. f GDPR.

You can find the cookie settings for your browser under the following links Microsoft Edge™ / Safari™ / Chrome™ / Firefox™ / Opera™

If you have consented to the use of the technologies in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR, you can revoke your consent at any time by sending a message to the contact option described in the data protection declaration.

7. social media

7.1 Social buttons from Facebook (by Meta)

Social buttons from social networks are used on our website. These are only integrated into the page as HTML links, so that no connection to the servers of the respective provider is established when our website is accessed. If you click on one of the buttons, the website of the respective social network opens in a new window of your browser, where you can click on the Like or Share button, for example.

7.2 Our online presence on Facebook (by Meta)

If you have given your consent to the respective social media operator in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR, your data will be automatically collected and stored for market research and advertising purposes when you visit our online presences on the social media mentioned above, from which user profiles are created using pseudonyms. These can be used, for example, to place advertisements within and outside the platforms that presumably correspond to your interests. Cookies are generally used for this purpose. For detailed information on the processing and use of data by the respective social media operator as well as a contact option and your rights and settings options for protecting your privacy, please refer to the providers' data protection notices linked below. If you still need help in this regard, you can contact us.

Facebook (by Meta) is a service provided by Meta Platforms Ireland Ltd, Block J, Serpentine Avenue, Dublin 4, Ireland (“Meta Platforms Ireland”). The information automatically collected by Meta Platforms Ireland about your use of our online presence on Facebook (by Meta) is usually transmitted to a server of Meta Platforms, Inc, 1601 Willow Road, Menlo Park, California 94025, USA and stored there. Data processing in the context of a visit to a Facebook (by Meta) fan page is based on an agreement between jointly responsible parties in accordance with Art. 26 GDPR. Further information (information on Insights data) can be found here.

Our service providers are located and/or use servers in the following countries for which the European Commission has determined an adequate level of data protection by decision: USA, Canada, Japan, South Korea, New Zealand, United Kingdom, Argentina.

There is a decision of the European Commission on an adequate level of data protection for the USA as a basis for a third country transfer, insofar as the respective service provider is certified. Certification is available.

Our service providers are located and/or use servers in these countries Australia, Hong Kong, India, Indonesia, Malaysia, Singapore, Thailand, Taiwan, Brazil, Mexico.
There is no adequacy decision by the European Commission for these countries. Our cooperation with you is based on these guarantees: standard data protection clauses of the European Commission.

8 Contact options and your rights

8.1 Your rights

As a data subject, you have the following rights

in accordance with Art. 15 GDPR, the right to request information about your personal data processed by us to the extent specified therein
in accordance with Art. 16 GDPR, the right to request the immediate rectification of incorrect or incomplete personal data stored by us
in accordance with Art. 17 GDPR, the right to request the erasure of your personal data stored by us, unless further processing is necessary
to exercise the right to freedom of expression and information
for compliance with a legal obligation;
for reasons of public interest or
is necessary for the establishment, exercise or defense of legal claims;

in accordance with Art. 18 GDPR, the right to demand the restriction of the processing of your personal data, insofar as
the accuracy of the data is disputed by you
the processing is unlawful, but you oppose the erasure of the data
we no longer need the data, but you need it for the establishment, exercise or defense of legal claims, or
you have objected to the processing pursuant to Art. 21 GDPR
in accordance with Art. 20 GDPR, the right to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request transmission to another controller
in accordance with Art. 77 GDPR, the right to lodge a complaint with a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our company headquarters.

 

Right to object

Insofar as we process personal data as explained above in order to safeguard our legitimate interests, which outweigh your interests, you can object to this processing with effect for the future. If the processing is carried out for direct marketing purposes, you can exercise this right at any time as described above. If the processing is carried out for other purposes, you only have the right to object if there are grounds relating to your particular situation.

After exercising your right to object, we will no longer process your personal data for these purposes unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or if the processing serves the establishment, exercise or defense of legal claims.

This does not apply if the processing is for direct marketing purposes. In this case, we will no longer process your personal data for this purpose.

8.2 Contact options

If you have any questions regarding the collection, processing or use of your personal data, for information, correction, restriction or deletion of data as well as revocation of consents granted or objection to a specific use of data, please contact us directly using the contact details in our legal notice.