Swiss data protection law (DSG) applies. Specific reference is made to any additional applicable law from the European General Data Protection Regulation (GDPR).
2. Processing of personal data; nature, purpose and their use
When visiting the website
When you visit our website, information is temporarily stored in so-called log files on our server. This is information that the browser of your terminal device automatically sends. Namely:
IP address of the contacting device
- Date and time
- URL of the called page
- Referrer URL
- Browser and other device information
- Data required for transmission reliability, troubleshooting and improvements
The aforementioned data will be processed by us for the following purposes:
- Connection establishment of the website
- Use of our website
- System security and stability
The data processing is carried out in response to your request and is necessary for the aforementioned purposes for the fulfillment of the contract and pre-contractual measures according to Art. 6 para. 1 sentence 1 lit. b DSGVO or you have given your consent to the described data processing according to Art. 6 para. 1 sentence 1 lit. a DSGVO, since you have accessed the website.
When you contact us or enter into a contract
When you enter into a contract with us, the following data is collected:
- Name, first name, address, date of birth, mobile number
- Information about orders placed
The data processing is carried out in response to your request and is necessary for the aforementioned purposes for the fulfillment of the contract and pre-contractual measures according to Art. 6 para. 1 sentence 1 lit. b DSGVO or you have given your consent to the described data processing according to Art. 6 para. 1 sentence 1 lit. a DSGVO.
3. Disclosure of data to third parties (incl. joint controllers and commissioned data processors).
Your personal data will not be transferred to third parties for purposes other than those listed.
We use external service providers (order processors) for web hosting. A separate order data processing was concluded with the service provider to ensure the protection of your personal data.
4. For the execution of the contract
As far as this is legally permissible according to Art. 6 para. 1 sentence 1 lit. b DSGVO and necessary for the processing of contractual relationships with you, your personal data will be passed on to third parties. This includes in particular the disclosure to shipping companies for the purpose of delivery of the goods ordered by you and the disclosure of payment data to payment service providers or credit institutions to carry out a payment transaction. The data passed on may be used by the third party exclusively for the purposes mentioned.
In addition, we also use temporary cookies to optimize user-friendliness, which are stored on your end device for a certain fixed period of time. If you visit our site again to use our services, it is automatically recognized that you have already been with us and which entries and settings you have made so that you do not have to enter them again.
The legal basis for the data processing is Art. 6 para. 1 sentence 1 lit. f DSGVO. Our legitimate interest follows from the operation of the website.
You can configure your browser settings so that no cookies are stored on your computer. Complete deactivation of cookies may mean that you cannot use all the functions of our website.
6. Analysis tools
The legal basis for the data processing is Art. 6 para. 1 sentence 1 lit. a and f DSGVO.
7. Social media plug-in
We use the social plug-ins listed below on our website to make our company better known. The underlying promotional purpose is to be regarded as a legitimate interest within the meaning of Art. 6 (1) lit. f DSGVO. The responsibility for data protection-compliant operation is to be ensured by their respective providers. Data processing in connection with these plug-ins takes place with your consent when you use them.
If you use the services of these social networks independently or in connection with our website, the social networks evaluate your use of the plug-in. In this case, information about the plug-in is forwarded to the social networks.
Our website uses plug-ins of the social network Facebook, which is offered by Facebook Inc. The Facebook plug-ins are marked with a Facebook logo or the addition “Like” or “Share”. An overview of the Facebook plug-ins and their appearance can be found at https://developers.facebook.com/docs/plugins.
When you call up a page of our website that contains such a plug-in, your browser establishes a direct connection to the Facebook servers. The content of the plug-in is transmitted by Facebook directly to your browser and integrated into the page.
Through this integration, Facebook receives the information that your browser has called up the corresponding page of our website, even if you do not have a Facebook profile or are not currently logged in to Facebook. This information (including your IP address) is transmitted by your browser directly to a Facebook server in the USA and stored there.
If you are logged in to Facebook, Facebook can directly assign your visit to our website to your Facebook profile. If you interact with the plug-ins, for example by clicking the “Like” button, this information is also transmitted directly to a Facebook server and stored there. The information is also published on your Facebook profile and displayed to your Facebook friends.
Plug-ins of the short message network Twitter Inc. are integrated on our website. You can recognize the Twitter plug-ins (“Twitter” button) by the Twitter logo and the addition “Twitter”. When you call up a page of our website that contains such a plug-in, a direct connection is established between your browser and the Twitter server. Twitter thereby receives the information that you have visited our site with your IP address. If you click the Twitter button while you are logged into your Twitter account, you can link the content of our pages on your Twitter profile. This allows Twitter to assign the visit to our pages to your user account.
We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Twitter. You can find more information about this here: http://twitter.com/privacy.
Plug-ins of the social network LinkedIn Corporation, USA, are installed on our website. You can recognize the LinkedIn plug-in (“LinkedIn Recommended” button) by the LinkedIn logo. If you call up a page of our website that contains such a plug-in, a direct connection is established between your browser and the LinkedIn server. LinkedIn thereby receives the information that you have visited our site with your IP address. If you click the LinkedIn button while you are logged into your LinkedIn account, you can link the content of our pages on your LinkedIn profile. This allows LinkedIn to associate the visit to our pages with your user account. We point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by LinkedIn. For more information, please visit: www.linkedin.com/legal/privacy-policy.
Plug-ins of the social network XING SE, are installed on our website. You can recognize the LinkedIn plug-in (“XING” button) by the XING logo. When you call up a page of our website that contains such a plug-in, a direct connection is established between your browser and the XING server. LinkedIn thereby receives the information that you have visited our site with your IP address. If you click the XING button while logged into your XING account, you can link the content of our pages on your XING profile. This allows XING to associate the visit to our pages with your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by XING. For more information, please visit: www.xing.com/app/share?op=data_protection.
Google Maps services are used on our website (e.g. in-screen or via interfaces/API). Google LLC, USA, may therefore process information about your actual location. Google uses various technologies such as IP addresses, GPS and other sensors to determine your location, which provide Google with information about nearby devices, WLAN access points or mobile phone masts, for example.
With the registration to the newsletter and the confirmation to receive the newsletter (double opt-in) the following personal data are processed: Name, first name, e-mail address. The data is processed for the purpose of authenticating the subscriber at registration and to deliver a newsletter to the subscriber, to determine whether and when he opened this and individual articles on it.
The data you enter for the purpose of receiving the newsletter will be processed by our provider. The processing of this data is based exclusively on your consent. You can revoke this consent at any time, for example via the “unsubscribe” link in the newsletter. The data processing operations that have already taken place remain unaffected by the revocation. When we send newsletters with the help of our provider, we can determine whether a newsletter has been opened and which links have been clicked.
8. Cross-border disclosure to third countries without adequate level of data protection
Insofar as data transfers are made to a recipient outside the EEA, an adequate level of data protection for the foreign transfer is ensured by appropriate security measures. If you have any questions about such data protection contracts based on the EU standard contractual clauses, or if you would like more information about additional security mechanisms and security measures for data transfers to third countries, please feel free to contact our data protection officer.
9. Your rights
You have the right:
- You may request information about your personal data processed by us. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the origin of your data if it has not been collected by us, as well as the existence of automated decision-making, including profiling, and, if applicable, meaningful information about its details (Art. 15 DSGVO). In the event of disproportionate effort, we reserve the right to request proof of legitimacy from you in advance as well as the assumption of the effective costs.
- Request the correction of inaccurate or incomplete personal data stored by us without delay (Art. 16 DSGVO).
- Request the deletion of your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defense of legal claims (Art. 17 DSGVO).
- Request the restriction of the processing of your personal data, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure and we no longer need the data, but you need it for the assertion, exercise or defense of legal claims or you have objected to the processing pursuant to Art. 21 DSGVO (Art. 18 DSGVO).
- Receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or request the transfer to another controller (Art. 20 DSGVO).
- You may revoke your consent at any time. This has the consequence that we may no longer continue the data processing based on this consent for the future (Art. 7 para. 3 DSGVO).
- You have the right to lodge a complaint with a supervisory authority (see below) (Art. 77 GDPR).
10. Right of objection
If your personal data is processed on the basis of legitimate interests pursuant to Art. 6 (1) sentence 1 lit. f DSGVO, you have the right to object to the processing of your personal data pursuant to Art. 21 DSGVO, provided that there are grounds for doing so that arise from your particular situation or the objection is directed against direct marketing. In the latter case, you have a general right to object, which will be implemented by us without specifying a particular situation.
11. Data security
Your data is protected by means of SSL encryption and organizational measures within the company.
12. Retention period
13. Contact details
Responsible Company : EJO Cosmetics Switzerland AG
Address : Wilenstrasse 106
Zip code City : 8832 Wilen bei Wollerau
Country : Switzerland
E-mail address: info(at)@ejo-lifestyle.com
Phone : +41 43 268 49 05
URL website: www.ejocosmetics.com
Supervisory authority (in Switzerland)
Federal Public Information and Data Protection Commissioner, FDPIC
Wilen bei Wollerau, 2022