Privacy policy
1. general
In the following, we describe how we process your personal data. Unless otherwise stated in the subsequent sections or in separate data protection notices, the information in this general section applies.
2. name and contact details of the data controller
The responsible party within the meaning of the GDPR is:
Mascha Leskien, c/o Bierlein & Jerrent GbR, Schillerpromenade 39, 12049 Berlin, Germany.
Email: info@nakedsolidarity.de,
Phone: +49 17684639512.
Instagram:
www.instagram.com/nakedsolidarity
3. data subject rights
You have the right:
According to Art. 15 DSGVO, to request information about your personal data processed by us. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the origin of your data if it has not been collected by us, as well as the existence of automated decision-making, including profiling, and, if applicable, meaningful information about its details;
in accordance with Art. 16 DSGVO, to demand the immediate correction of incorrect or completion of your personal data stored by us;
pursuant to Art. 17 DSGVO, to request the erasure of your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defense of legal claims;
pursuant to Art. 18 DSGVO, to request the restriction of the processing of your personal data, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure and we no longer require the data, but you need it for the assertion, exercise or defense of legal claims or you have objected to the processing pursuant to Art. 21 DSGVO;
pursuant to Art. 20 DSGVO, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request that it be transferred to another controller;
in accordance with Art. 7 (3) DSGVO, to revoke your consent once given to us at any time. This has the consequence that we may no longer continue the data processing, which was based on this consent, for the future; and
to complain to a supervisory authority in accordance with Art. 77 DSGVO.
If your personal data is processed on the basis of legitimate interests pursuant to Art. 6 (1) p. 1 lit. f DSGVO, you have the right to object to the processing of your personal data pursuant to Art. 21 DSGVO, provided that there are grounds for doing so that arise from your particular situation or the objection is directed against direct marketing. In the latter case, you have a general right of objection, which is implemented by us without specifying a particular situation.
4. transfer of data
A transfer of your personal data to third parties for purposes other than those listed below does not take place.
We only pass on your personal data to third parties if:
you have given your express consent to do so in accordance with Art. 6 para. 1 p. 1 lit. a DSGVO,
the disclosure is necessary for the assertion, exercise or defense of legal claims pursuant to Art. 6 para. 1 p. 1 lit. f DSGVO and there is no reason to assume that you have an overriding interest worthy of protection in the non-disclosure of your data,
in the event that there is a legal obligation for disclosure pursuant to Art. 6 (1) p. 1 lit. e DSGVO, as well as
this is legally permissible and necessary according to Art. 6 para. 1 p. 1 lit. b DSGVO for the processing of contractual relationships with you.
Insofar as we use subcontractors to provide our services, we take appropriate legal precautions as well as corresponding technical and organizational measures to ensure the protection of personal data in accordance with the relevant legal provisions, including by concluding order processing agreements pursuant to Art. 28 DSGO .
The transfer of data to third (i.e. non-EU) countries takes place either if an adequate level of data protection, user consent or legal permission is available. Where the conclusion of standard data protection clauses are required, these have been concluded.
5. collection and storage of personal data as well as type and purpose of their use
5.1 When visiting the website https://www.nakedsolidarity.de
When you visit our website, the browser used on your terminal device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file. The following information is collected without your intervention and stored until automated deletion:
IP address of the requesting computer,
Date and time of access,
Name and URL of the accessed file,
websites from which the access is made (referrer URL),
browser used and, if applicable, the operating system of your computer and, if applicable, the name of your access provider,
websites that were accessed by the user's system via our website.
The aforementioned data is processed by us for the following purposes:
Ensuring a smooth connection setup of the website,
Ensuring a comfortable use of our website,
Securing our technical systems,
evaluation of system security and stability, and
for further administrative purposes.
5.1.1.Legal basis
The legal basis for data processing and temporary storage of log files is Art. 6 para. 1 p.1 lit. f DSGVO. Our legitimate interest follows from the purposes for data collection listed above. In no case do we use the collected data for the purpose of drawing conclusions about your person.
5.1.2.Storage period
As a rule, your data will be deleted after 7 days, unless a security incident is detected that justifies longer storage.
5.2 Online store
You have the option of purchasing products or services via our online store.
For this purpose, we process the following personal data:
- Contact data (name, email address, address, telephone number, ... )
- bank data
- delivery-specific information
5.2.1.Legal basis
The legal basis for the processing is Art. 6 para. 1 lit. b DSGVO for the implementation of the contractual relationship.
5.2.2 Passing on to third parties
For the execution of the contract, we use service providers for payment processing and shipping. This is done exclusively for the purpose of executing the contract.
The information on data protection of Paypal can be found here: https://www.paypal.com/de/webapps/mpp/ua/privacy-full?locale.x=de_DE.
5.2.3.storage period
The data will be deleted after the expiration of the commercial law regulations (usually 6 years), but at the latest after 10 years.
5.3. contacting
For questions of any kind, we offer you the possibility to contact us via email. In doing so, it is necessary to provide a valid email address so that we know from whom the inquiry originates and in order to be able to answer it. Further information can be given voluntarily.
5.3.1 Legal basis
Data processing for the purpose of contacting us is carried out in accordance with Art. 6 Para. 1 S.1 lit. a, b DSGVO on the basis of your voluntarily given consent or for the initiation/implementation of a contractual relationship.
5.3.2 Duration of storage
We delete your data after the purpose has ceased to exist. All content data is stored for a period of one year and then deleted, unless we are required by commercial law to store it for a longer period.
5.4 Contact form
A contact form is available on our website, which can be used for electronic contact.
5.4.1.Description, purpose and scope of data processing
Insofar as you contact us via the contact form, the data you enter in the input mask is transmitted to us and stored. This includes:
Name
Email address
Telephone number
Request/message
The following data is also stored at the time the message is sent:
The IP address of the user
Date and time of the contact
The personal data from the input mask is processed for the purpose of handling your contact.
The other personal data processed during transmission serve to prevent misuse of the contact form and to ensure the security of our information technology systems.
In this context, the data will not be passed on to third parties. The data is used exclusively for processing the conversation.
5.4.2 Legal basis for data processing
The legal basis for processing the data is regularly your consent pursuant to Art. 6 (1) lit. a DSGVO.
If the purpose of contacting you is to conclude a contract, the additional legal basis for processing is Art. 6 (1) lit. b DSGVO.
5.4.3 Duration of storage
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. For the personal data from the input mask of the contact form and those sent by email, this is the case when the respective conversation with the user has ended. The conversation is ended when it is clear from the circumstances that the matter in question has been conclusively clarified.
The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.
5.5 Newsletter dispatch
We offer a newsletter.
Personal data is processed for the purpose of sending the newsletter and improving it. These data include:
- Name
- e-mail address
- technical data (IP address, browser, operating system,... ).
5.5.1.Legal basis
The data storage is based on consent (Art. 6 para. 1 lit. a DSGVO) or on a legitimate interest (Art. 6 para. 1 lit. f DSGVO) to improve the presentation and performance of the newsletter.
5.5.2.Storage period
The personal data will be stored - unless there are other legal grounds - until the data subject objects to the use of the data, revokes consent or orders deletion. An exception to this is data that is to be classified as business letters within the meaning of the German Commercial Code (HGB) or as accounting-relevant data. Here, the respective statutory retention obligations apply.
If consent is revoked, we restrict processing to the extent that we blacklist the e-mail address in order to effectively comply with the request not to receive a newsletter in the future, Art. 6 (1) f) DSGVO.
5.6 Cookies
We use cookies on our website. These are small files that are automatically created by your browser and stored on your end device (laptop, tablet, smartphone or similar) when you visit our site. Cookies do not cause any damage to your end device, do not contain viruses, Trojans or other malware.
In the cookie, information is stored that arises in each case in connection with the specific end device used. However, this does not mean that your identity is immediately known.
The use of cookies serves on the one hand to make the use of our offer more user-friendly for you. For example, we use so-called session cookies to recognize that you have already visited individual pages of our website. These are automatically deleted after you leave our site.
In addition, we also use temporary cookies to optimize user-friendliness, which are stored on your terminal device for a certain specified period of time. If you visit our site again to use our services, it is automatically recognized that you have already been to our site and which entries and settings you have made so that you do not have to enter them again.
The data processed by cookies is necessary for the aforementioned purposes to protect our legitimate interests pursuant to Art. 6 (1) p. 1 lit. f DSGVO to ensure the functionality of our website.
Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or a notice always appears before a new cookie is created. However, the complete deactivation of cookies may mean that you cannot use all the functions of our website.
6. data security
Within the website visit, we use the widespread SSL procedure (Secure Socket Layer) in connection with the highest encryption level supported by your browser. As a rule, this is a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is encrypted by the closed display of a key or lock symbol in the (lower) status bar of your browser.
We also use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.
6.1.
This data protection declaration has the status October 2022.
Due to the further development of our website and offers on it or due to changed legal or regulatory requirements, it may become necessary to change this privacy policy. You can access and print out the current data protection declaration at any time on the website http://www.nakedsolidarity.de.
In case of doubt, the German version of the privacy policy applies.