privacy

Here you can find our Privacy Policy.

A. Responsible for data processing

Responsible for the processing of personal data on this website in accordance with the provisions of the General Data Protection Regulation (GDPR) is:

ERA Esthetic GmbH
9 long street
63110 Rodgau
Telephone: +49 (0) 69 – 664 29 124

Web: https://www.eraesthetic.de/
Email: info@eraesthetic.de

e-mail
With this data protection declaration we inform you about the scope of the processing of your personal data (hereinafter only "data").

B. Data processing

We process data as part of the operation of our website. The processing of the data also includes disclosure by transmission.

For data transfers to the USA, there is an adequacy decision by the EU Commission, the EU-US Privacy Shield. In this, the Commission has certified that the guarantees for the transfer of data to the USA on the basis of the EU-US Privacy Shield correspond to the data protection standards in the EU. Insofar as we transmit data to the USA, we have marked the participation of our service providers in the EU-US Privacy Shield.

The data affected in detail, processing purposes, legal bases, recipients and transmissions to third countries are listed below:

a) log file

We log your visit to our website. The following data is processed: Name of the website accessed, date and time of access, the amount of data transferred, the browser type and version, the operating system you are using, the referrer URL (the previously visited website), your IP address and the requesting provider. This is necessary to ensure the security of the website. We process the data accordingly on the basis of our legitimate interests in accordance with Art. 6 para. 1 f) GDPR. The log file will be deleted after seven days, unless it is required to clarify or prove specific violations of the law that became known within the retention period.

b) hosting

All data to be processed in connection with the operation of this website is stored as part of the hosting. This is necessary to enable the website to operate. We process the data accordingly on the basis of our legitimate interests in accordance with Art. 6 para. 1 f) GDPR. To provide our online presence, we use the services of web hosting providers to whom we transmit the above data.

c) contact

If you contact us, your data (name, contact details, if provided by you) and your message will be processed exclusively for the purpose of processing and processing your request. This data is processed by us on the basis of Art. 6 para. 1 b) GDPR or Art. 6 para. 1 f) GDPR to process your request.

d) Applications

If you contact us to send us your application as an employee, e.g. by e-mail or via a contact form, your data (e.g. name, e-mail address, desired place of work if specified by you) your message and the transmitted application documents are processed exclusively for the purpose of processing and processing your application request. The legal basis for data processing is § 26 BDSG (new) and Art. 6 para. 1 lit. b) GDPR.

The application data will be deleted 2 months after the end of the application process, but no later than 6 months after receipt of the application. If an employment relationship is established, the data will be transferred to the personnel file. The legal basis for this is also Art. 6 para. 1 lit. b) GDPR.

e) newsletters

In order to be able to provide you with regular information about our company and our offers, we offer to send you a newsletter. When you register for the newsletter, we process the data you enter (e-mail address and other voluntary information). The sending of the newsletter by registering takes place on the basis of your consent in accordance with Art. 6 para. 1 a) GDPR.

The registration for the newsletter takes place in the so-called double opt-in procedure. To prevent misuse, we will send you an e-mail after your registration in which we ask you to confirm your registration. In order to be able to prove the registration process in accordance with the legal requirements, your registration will be logged. This affects the storage of the registration and confirmation times as well as your IP address.

f) comment function

We offer a comment function on our website. If you use this function, in addition to your IP address and your comment, we also process information about the time the comment was created and - if you do not post anonymously - the user name you have chosen.

We process this data on the basis of your consent in accordance with Art. 6 para. 1 a) GDPR.

g) Website Analysis and Marketing

In order to enable the use of certain functions, we use so-called cookies. These are short data packages that are stored on your device and exchanged with other providers. Some of the cookies we use are deleted immediately after you close your browser (so-called session cookies). Other cookies remain on your end device and enable your browser to be recognized the next time you visit (persistent cookies).

You can delete all cookies stored on your end device and set the common browser so that the storage of cookies is prevented.

In this case, you may have to make some settings again each time you visit this website and accept the impairment of some functions.

We use cookies in connection with the following functionalities:

aa) Google Analytics

We use Google Analytics, a service provided by Google LLC 1600 Amphitheater Parkway Mountain View, CA 94043 USA. Google uses certain cookies for this purpose. The information generated by the cookie about your use of this website (including your IP address) is transmitted to a Google server in the USA and stored there. We use the information stored to evaluate your use of the website, to compile reports on website activity for website operators and to provide other services related to website use. We process the data obtained in this way due to our overriding interest in the optimal marketing of our online offer in accordance with Art. 6 Para. 1 f) GDPR. Under no circumstances will Google associate your IP address with other Google data.

We would like to point out that this website uses Google Analytics with the extension "anonymizeIp()". This shortens IP addresses before they are sent to a server in the United States. A direct personal reference in connection with the stored data is therefore generally excluded. Only in exceptional cases will the full IP address be sent to a server in the USA and shortened there.

You can object to data collection at any time with effect for the future by using the deactivation add-on for Google Analytics browsers at

http://tools.google.com/dlpage/gaoptout?hl=de.

Please also note the information on the use of data by Google in the Google partner network at:

http://www.google.com/intl/de/policies/privacy/partners/

Google is certified under:

https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

Further information on data protection can be found at: https://policies.google.com/privacy?hl=de&gl=de

bb) Google Remarketing/Retargeting

We use so-called tracking cookies on our website. When you visit our site, permanent cookies store information about which products you have viewed from us and which third-party ads and pages users used to access our website. If you then visit a partner website, we can display personalized advertising for you based on the articles you have viewed.

We process the data obtained in this way due to our overriding interest in the optimal marketing of our online offer in accordance with Art Section. 1 f) GDPR. The information generated by the cookie about your use of this website (including your IP address) is transmitted to a Google server in the USA and stored there.

Google is certified under:

https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

Further information on data protection can be found at: https://policies.google.com/privacy?hl=de&gl=de

c) Google AdWords

We use Google ADWords, an online advertising program from Google Inc., on our website. 1600 Amphitheater Parkway, Mountain View, CA 94043, United States ("Google"). This service uses so-called conversion tracking. If you click on an ad placed by Google, a cookie will be set. These cookies lose their validity after 30 days and are not used to personally identify users. If the user visits certain pages of this website and the cookie has not yet expired, we and Google can recognize that the user clicked on the ad and was redirected to this page.

The data collected using the conversion cookie is used to create statistics for AdWords customers who have opted for conversion tracking and are processed by us due to our overriding legitimate interest in the optimal marketing of our online offer in accordance with Art. 6 Para. 1 f) GDPR processed.

You can object to data collection at any time with effect for the future by deactivating the Google Conversion Tracking cookie in your Internet browser under User Settings.

Further information on data protection can be found at: https://policies.google.com/privacy?hl=de&gl=de

h) Integration of external content

We use external dynamic content to optimize the presentation and offering of our website. When you visit the website, a request is automatically sent to the server of the respective content provider via API, in which certain log data (e.g. the IP address of the user) is transmitted. The dynamic content is then transmitted to our website and displayed there.

We use external content in connection with the following functionalities:

aa) Integration of YouTube videos

On our website we have videos from the YouTube portal of YouTube LLC, 901 Cherry Ave. San Bruno, CA 94066, USA ("YouTube"). When playing the videos, log data is transmitted to the YouTube servers in the USA. This processing is based on our overriding legitimate interest in optimal marketing of our offer in accordance with Art. 6 para. 1 f) GDPR.

YouTube is certified at: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

Further information at: https://policies.google.com/privacy?hl=de&gl=de

b) Google Maps

We use Google's "Google Maps" map service on our website to provide you with an interactive map. When the map is displayed, data including your IP address and your location are transmitted to and stored by Google on servers in the USA. This processing is based on our overriding legitimate interest in optimal marketing of our offer in accordance with Art. 6 para. 1 f) GDPR.

Google is certified under:

https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

Further information on data protection can be found at: https://policies.google.com/privacy?hl=de&gl=de

c) Google Fonts

To make visiting our website attractive, we use external fonts from Google Fonts. These are loaded from Google Inc. servers, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA ("Google") when you visit the site. Google does not store any cookies in your browser. According to our information, however, the IP address of the user's end device is transmitted to Google and stored. This processing is based on our overriding legitimate interest in optimal marketing of our offer in accordance with Art. 6 Para. 1 f) GDPR.

Google is certified under:

https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

Further information on data protection can be found at: https://policies.google.com/privacy?hl=de&gl=de

dd) Cloudflare

We use the Cloudflare service from Cloudflare Inc., 101 Townsend Street San Francisco, CA 94107, USA ("Cloudflare") on our website. Cloudflare processes the following data from you: name of the website accessed, date and time of access, the amount of data transferred, the browser type and version, the operating system you are using, the referrer URL (the previously visited website), your IP address and the requesting provider. This data processing takes place due to our overriding interest in the optimal marketing of our online offer in accordance with Art. 6 Para. 1 f) DSGVO. The data is transmitted to the Cloudflare servers in the USA.

Cloudflare is certified at: https://www.privacyshield.gov/participant?id=a2zt0000000GnZKAA0&status=Active

Further information on data protection can be found at:

https://www.cloudflare.com/security-policy/

ee) Bootstrap.cdn

To make visiting our website attractive, we use Bootstrap, a service provided by Max CDN 2021 MCKinney Ave., Suite 1100, Dallas, TX 75201 ("Max CDN"). The content of the service is stored locally so that no data is transferred to the USA. The data processing that takes place through the use of the service is based on our overriding legitimate interest in optimal marketing of our offer in accordance with Art. 6 Para. 1 f) DSGVO.

f) Amazon CloudFront

In order to be able to present the content of our website to you without delay, we use the Amazon CloudFront service provided by Amazon Web Services, Inc., 410 Terry Avenue North, Seattle WA 98109, USA ("Amazon"). When the content concerned is displayed, data, including your IP address and your location, is transmitted to Amazon servers and stored there. This processing is based on our overriding legitimate interest in optimal marketing of our offer in accordance with Art. 6 Para. 1 f) GDPR.

Further information on data protection can be found at: https://aws.amazon.com/de/privacy/?nc1=f_pr

gg) rating seal

An evaluation seal from the provider Excellent.org, AUBII GmbH, Alsterufer 34, 20354 Hamburg (“Excellent.org”) is integrated on our website.

When you call up our website, your IP address, the date and time of the call, the amount of data transferred and the requesting provider (access data) are transmitted to the servers of Excellent.org through the integrated seal. This data is processed on the basis of our legitimate interest in the best possible marketing of our offer in accordance with Art. 6 para. 1 f) GDPR.

hh) What's Help

To improve our offer, we use the What's Help chatbot from WhatsHelp, LLC. The chatbot uses a cookie. The chatbot processes the following data, which the service provider does not have access to: e-mail address and password/PIN when registering, interactions of the logged-in user such as: messages entered, change e-mail address, change password, login / logout, opt-in/opt-out, etc., the user ID provided by Facebook and data provided by the third party (name, gender, region) if the user makes contact via Facebook Messenger or other messaging apps. The data is processed on the basis of your consent in accordance with Art. 6 Para. 1 a) GDPR and our overriding legitimate interest in optimizing our website in accordance with Art. 6 Para. 1 f) GDPR.

i) Social Plugins

We use third-party plugins on our websites. This allows you to inform your contacts whether you like our website, point out content or share content. The plugins are identified by the logo of the respective third-party provider.

When you visit our site, your data will be transmitted to the respective third-party provider.

If you are also a user of a third-party provider, this data can be assigned to the corresponding user account with the provider.

This data may also be transferred to the third-party provider if you are not registered as a user with the third-party provider and do not click on the plugin on our website.

In the case of transmission without simultaneous registration with the third-party provider, however, it is not immediately possible to establish a direct personal reference to you, for example via the IP address; this would only be possible via information from your provider.

The purpose and scope of the data processing by the third-party provider can be found in the data protection information of the respective provider.

The processing of this data is based on our overriding legitimate interest in optimal marketing of our online offer in accordance with Art. 6 Para. 1 f) GDPR.

Plugins from the following providers are used on our website:

• Facebook plugin from Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.

Certification at: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active

Further information at: https://www.facebook.com/privacy/explanation

• Xing plugin from XING SE, Dammtorstraße 30, 20354 Hamburg, Germany.

Further information at: https://www.xing.com/privacy

j) Google+ login

You can register on our site with the Google+ login. In this case, no additional registration is necessary. To register, you will be redirected to the Google+ page, where you can log in with your usage data.

When registering via Google+, our services are linked to your Google+ user profile. The link automatically transmits the following information to us from Google+:

– Username

- E-mail address

We process this data on the basis of your prior consent in accordance with Art. 6 Para. 1 a) GDPR.

In addition, when authenticating using these services, Google+ gives you the option of accessing your contacts. However, we do not make use of this.

We would like to point out that the use of the Google+ login can result in Google+ possibly collecting and using personal data. However, these processes are the responsibility of Google+ and cannot be influenced by us.

In this regard, please note the terms of use and data protection declarations of Google: https://policies.google.com/privacy?hl=de&gl=de.

C. Duration of Data Retention

We only store personal data for as long as is necessary for the purposes for which it is processed or for as long as you have withdrawn your consent. Insofar as statutory storage obligations have to be observed, the storage period for certain data can be up to 10 years, regardless of the processing purposes.

D. Your Data Subject Rights

a) Information

Upon request, you will receive information about all personal data that we have stored about you at any time free of charge.

b) Correction, deletion, restriction of processing (blocking), objection

If you no longer agree to the storage of your personal data or if it has become incorrect, we will, following a corresponding instruction, arrange for the deletion or blocking of your data or make the necessary corrections (to the extent that this is possible under applicable law). The same applies if we are only to process data to a limited extent in the future.

c) Data portability

Upon request, we will provide you with your data in a common, structured and machine-readable format so that you can transmit the data to another person responsible if you wish.

d) Right to complain

There is a right of appeal to a supervisory authority:

(https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html).

e) Right of withdrawal for consents with effect for the future

You can revoke your consent at any time with effect for the future. Your revocation does not affect the legality of the processing up to the time of revocation.

f) Restrictions

Data for which we are not able to identify the data subject, e.g. if these have been anonymized for analysis purposes are not covered by the above rights. Information, deletion, blocking, correction or transmission to another company may be possible with regard to this data if you provide us with additional information that allows us to identify you.

g) Exercising your rights as a data subject

If you have any questions about the processing of your personal data, information, correction, blocking, objection or deletion of data or if you wish to transfer the data to another company, please contact info@eraesthetic.de.