Privacy Policy
Responsible for the processing of data is:
naturmädchen GmbH
Adam-Houx-Straße 34
41372
Niederkrüchten
customercare@naturmaedchen.com
Thank you for visiting our online shop. Protection of your privacy is very important to us. Below you will find extensive information about how we handle your data.
1. Access data and hosting
You may visit our website without revealing any personal information. With every visit on the website, the web server stores automatically only a so-called server log file which contains e.g. the name of the requested file, your IP address, the date and time of the request, the volume of data transferred and the requesting provider (access data), and documents the request.
These access data are analysed exclusively for the purpose of ensuring the smooth operation of the website and improving our offer. This serves according to Art. 6 (1) 1 lit f GDPR the protection of our legitimate interests in the proper presentation of our offer that are overriding in the process of balancing of interests. All access data are deleted no later than seven days after the end of your visit on our website.
Third-party hosting services
Data are also processed by a third-party provider that we have engaged to render hosting and website presentation services on our behalf. This provider processes on its servers all data that are collected in the manner specified below when you visit our website or fill in forms made available for this purpose in our online shop. Data are processed on other servers only in the scope described herein.
This service provider is based in an EU or EEA member state.
2. Data collection and use for processing the contract and for opening a customer account
We collect personal data that you voluntarily submit to us when you place an order, contact us (e.g. via contact form or by email) or open a customer account with us. Mandatory fields are marked as such because we absolutely need those data to perform the contract or process your contact request or open your customer account, and you would otherwise not be able to complete your order and/or create your customer account or send the contact request. It is evident in each input form what data are collected. We use the data that you disclose to us to perform the contract and process your enquiries according to Art. 6 (1) 1 lit b GDPR. Upon completion of the contract or deletion of your customer account, any further processing of your data will be restricted, and your data will be deleted upon expiry of the retention period applicable under relevant regulations, unless you expressly consent to the further use of your data or we reserve the right to further use your personal data in the scope and manner permitted by law, of which we inform you in this notice. Your customer account can be deleted at any time. For this purpose you can either send a message to the contact option specified below or use the relevant function available in the customer account.
3. Transfer of data
We disclose your data to the shipping company in the scope required for the delivery of the ordered goods according to Art. 6 (1) 1 lit. b GDPR. Depending on the payment service provider you have selected during the ordering process, we disclose the payment details collected for order processing purposes to the bank commissioned to handle the payment and, as the case may be, to the payment service provider commissioned by us or to the selected payment service. Some of those data are collected by the selected payment service providers themselves if you open an account with them. In such a case, during the ordering process, you must register with your payment service provider using your access data. In this respect, the privacy notice of the relevant payment service provider applies.
In order to process orders and contracts we also use an external merchandise management system. The data transfer or the data processing that takes place in this respect is based on order processing.
4. Email newsletter
E-mail advertising if you subscribe to the newsletter
If you subscribe to our newsletter, we will regularly send you our e-mail newsletter based on your consent according to Art. 6 (1) 1 lit a GDPR, using the data required or disclosed by you separately for this purpose.
You may unsubscribe from the newsletter service at any time. For this purpose you can either send a message to the contact option specified below or use the opt-out link in the newsletter. Upon unsubscription, we will delete your email address unless you have expressly consented to the further use of your data or we reserve the right to further use your personal data in the scope and manner permitted by the law, of which we inform you in this notice.
5. Integration of the Trusted Shops Trustbadge
The Trusted Shops Trustbadge is integrated on this website to display our Trusted Shops Trustmark and the collected reviews as well as to offer Trusted Shops products to buyers after an order.
This is necessary to safeguard our legitimate prevailing interests in an optimal marketing by ensuring the safety of your purchase according to Article 6 (1) f GDPR. The Trustbadge and the services advertised with it are an offer of the Trusted Shops GmbH, Subbelrather Str. 15C, 50823 Cologne, Germany. The Trustbadge is made available by a CDN provider (Content-Delivery-Network) as part of order processing. The Trusted Shops GmbH uses also service provider from the USA. An adequate level of data protection is guaranteed. Further information to the data security of the Trusted Shops GmbH can be found here.
When the Trustbadge is called up, the web server automatically saves a server log file which contains, for example, your IP address, the date and time of the call, the amount of data transferred and the requesting provider (access data) and documents the call. Individual access data are stored in a security database for the analysis of security problems. The log files are automatically deleted 90 days after creation at the latest.
Further personal data will be transferred to Trusted Shops GmbH if you decide to use Trusted Shops products after completing an order or have already registered for use. The contractual agreement made between you and Trusted Shops applies. For this purpose personal data is automatically collected from the order data. Whether or not you are already registered as a Trusted Shops customer is automatically checked by means of a neutral parameter, the e-mail address hashed by cryptological one-way function. The e-mail address is converted to this hash value, which cannot be decrypted by Trusted Shops before it is transmitted. After checking for a match, the parameter is deleted automatically.
This is necessary for the fulfillment of our and Trusted Shops’ legitimate prevailing interests in the provision of the buyer protection linked to the specific order and the transactional review services in accordance with Art. 6 para. 1 s. 1 lit. f GDPR. Further details, including your right to object, can be found in the Trusted Shops Privacy Policy linked above and within the Trustbadge.
6. Cookies and web-analysis
To improve the user experience on our website and enable you to use its certain features in order to show suitable products or conduct market research, some pages of this website use the so-called cookies. This serves the protection of our legitimate interests in the optimised presentation of our offer according to Art. 6 (1) 1 lit a GDPR that are overriding in the process of balancing of interests. A cookie is a small text file which is stored automatically on your end device. Some of the cookies we use are deleted after you close the browser session, i.e. when you close the browser (that’s the so-called session cookies). Other cookies are stored in your end-user device and enable us to recognise your browser when you visit us again (persistent cookies). To check the cookie storage period, you can use the Overview function in the cookie settings of your web browser. You can configure your browser for it to inform you whenever a page uses cookies and decide on a case-by-case basis whether to accept or reject the cookies on a given website or generally. Every browser has a different policy for managing the cookie settings. The browser’s policy is described in the Help menu of every browser and explains how you can change your cookie settings. To find out how to change the settings in your browser, see the links below:
Internet Explorer™: https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies
Safari™: https://support.apple.com/en-gb/guide/safari/sfri11471/12.0/mac/10.14
Chrome™: https://support.google.com/chrome/answer/95647?hl=en&hlrm=en
Firefox™: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
Opera™ : https://help.opera.com/en/latest/web-preferences/#cookies
Please note that disabling cookies may limit your access to some features of our website.
Using of Google (Universal) Analytics for web analytics
Insofar as you have given your consent according to Art. 6 (1) 1 lit a GDPR, this website uses Google (Universal) Analytics. Google Universal Analytics is an offer from Google Ireland Limited, a company incorporated and operated under Irish law with its registered office at Gordon House, Barrow Street, Dublin 4, Ireland (www.google.co.uk). Google (Universal) Analytics uses methods, like e.g. cookies, that enable an analysis of your use of the website. The information collected automatically by cookies about your use of this website are as a rule transmitted to and stored on a Google server in the United States. At the same time, as IP anonymisation is enabled on this website, the IP address will be shortened before being transmitted within the area of member states of the European Union or other parties to the Agreement on the European Economic Area. Only in exceptional cases, the full IP address will be sent to a Google server in the USA and shortened there. Generally, Google does not associate the anonymised IP address, transmitted from your browser through Google Analytics, with any other data held by Google.
Where information is transmitted to and stored by Google on servers located in the United States, the U.S. company Google LLC is certified under the EU-US Privacy Shield. You will see the up-to-date certificate here. Based on this agreement between the USA and the European Commission, the latter has recognised entities certified to the Privacy Shield as those ensuring an adequate level of data protection.
You may revoke your consent at any time with future effect by downloading and installing the browser plug that is available at the following link:
https://tools.google.com/dlpage/gaoptout?hl=en. This prevents the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google.
If you clear your cookies, you will be asked to provide your consent again.
Facebook Pixel and Facebook Custom Audience (Remarketing)
On our website we use the so-called “Facebook pixel” of the company “Facebook” (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland). With the Facebook pixel we can classify the visitors of our website into certain target groups in order to be able to show you corresponding advertisements (“Ads”) on Facebook. The data collected (e.g., IP addresses, web browser information, website location, buttons clicked, pixel IDs, if applicable, and other characteristics) is not visible to us, but can only be used to display certain advertisements. In the context of the use of the Facebook pixel code, so-called cookies are also set.
If you have a Facebook account and are logged in, your visit to this website is assigned to your Facebook user account.
Sometimes we also use the remarketing function “Custom Audiences” of the company “Facebook”. This allows users of the website to be shown interest-based advertisements (“Facebook Ads”) when they visit Facebook or other websites that also use this method. In this way, we pursue the interest in displaying advertisements corresponding to your interests in order to make our website more interesting for you.
In order to exchange the respective data, your browser automatically establishes a direct connection with the Facebook server. We have no influence on the scope and further use of the data collected by Facebook through the use of this tool and therefore inform you according to our state of knowledge: Through the integration of Facebook Custom Audiences, Facebook receives the information that you have called up the corresponding website of our Internet presence or clicked on an advertisement from us. If you are registered with a “Facebook” service, “Facebook” can assign the visit to your account. Even if you are not registered with Facebook or have not logged in, it is possible that the provider will find out and save your IP address and other identifying features.
If you have consented to this, we may pass on your telephone number or e-mail address to “Facebook” in order to be able to display advertisements corresponding to your interests.
- You can find out how the Facebook pixel is used for advertising campaigns at https://www.facebook.com/business/learn/facebook-ads-pixel
- More information about Facebook’s data policy can be found at https://www.facebook.com/policy.php
- Further information on data processing by Facebook can be found at https://www.facebook.com/about/privacy
- https://www.facebook.com/policy.php
- https://twitter.com/privacy
- https://help.instagram.com/155833707900388
- https://policy.pinterest.com/en/privacy-policy
- https://www.linkedin.com/legal/privacy-policy
- art. 15 GDPR, the right to obtain information about your personal data which we process, within the scope described therein;
- art. 16 GDPR, the right to immediately demand rectification of incorrect or completion of your personal data stored by us;
- art. 17 GDPR, the right to request erasure of your personal data stored with us, unless further processing is required
- to exercise the right of freedom of expression and information;
- or compliance with a legal obligation;
- for reasons of public interest or
- for establishing, exercising or defending legal claims;
- art. 18 GDPR, the right to request restriction of processing of your personal data, insofar as
- the accuracy of the data is contested by you;
- the processing is unlawful, but you refuse their erasure;
- we no longer need the data, but you need it to establish, exercise or defend legal claims, or
- you have lodged an objection to the processing in accordance with art. 21 GDPR;
- art. 20 GDPR, the right to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request its transmission to another controller;
- art. 77 GDPR, the right to complain to a supervisory authority . As a rule, you can contact the supervisory authority at your habitual place of residence or workplace or at our company headquarters.