United Fashion Europe is aware that the protection of your privacy when using our website is important to you. We take the protection of your personal data very seriously. For this reason, we want you to know when we save particular data and how we use it. With this data privacy statement, we would like to inform you of our data privacy measures.
SECTION 1 INFORMATION ABOUT COLLECTING PERSONAL DATA
(1) In the following, we shall provide information about the collection of personal data when using our website. Personal data is all data that can be personally related to you, e.g. name, address, email addresses, user behaviour. The controller in accordance with Article 4 Para. 7 EU General Data Protection Regulation (GDPR) is United Fashion Europe. (see our legal notice).
(2) If you contact us by email, the data provided by you (your email address, possibly your name and telephone number) will be saved by us to answer your questions. We delete the data arising in this context after the storage is no longer necessary or restrict processing if there are statutory retention obligations.
(3) In the event that we contracted service providers for individual functions of our service or would like to use your data for advertising purposes, we will inform you in detail about the respective processes below. We will also specify the defined criteria for the storage duration.
SECTION 2 YOUR RIGHTS
(1) You have the following rights relating to us with regard to your personal data:
- right to information,
- right to correction or deletion,
- right to restrict processing,
- right to oppose processing,
- right to data transferability.
(2) You also have the right to complain to a data protection supervisory authority regarding the processing of your personal data by us.
SECTION 3 COLLECTING PERSONAL DATA UPON VISITING OUR WEBSITE
(1) When using the website for informational purposes only, i.e. if you do not register or provide us with any other information, we will only collect personal data about you that your browser transmits to our server. If you want to visit our website, we collect the following data that is technically necessary for us to display our website to you and to ensure its stability and security (legal basis is Article 6 Para. 1 Sentence 1 Lit. f GDPR):
- IP address
- date and time of the request
- time zone difference to Greenwich Mean Time (GMT)
- content of the request (specific site)
- access status/HTTP status code
- the amount of data transferred in each case
- website from which the request comes
- operating system and its interface
- language and version of the browser software.
(2) In addition to the aforementioned data, cookies shall be stored on your computer when using our website. Cookies are small text files that are stored on your hard drive by the browser you use and through which certain information flows to the place that sets the cookies (in this case by us) Cookies cannot run programs or transmit viruses to your computer. Their purpose is to make the website more user-friendly and effective overall.
- a) This website uses the following types of cookies, the scope and functionality of which are explained below:
– transient cookies (see b)
– persistent cookies (see c).
- b) Transient cookies are automatically deleted when you close your browser. This notably includes session cookies. They store a so-called “session ID” with which different requests from your browser can be assigned to a common session. This will allow your computer to be recognised when you return to our website. These session cookies are deleted when you logout or close your browser.
- c) Persistent cookies are automatically deleted after a specified period, which may vary depending on the cookie. You can delete cookies in your browser’s security settings at any time.
- d) You can configure your browser settings according to your wishes and e.g. refuse the acceptance of third party cookies or all cookies. Please note that you may not be able to use the full functionality of this website.
SECTION 4 NEWSLETTER (VIA THE PROVIDER MAILCHIMP)
(1) With your consent, you can subscribe to our newsletter, which we use to inform you about the current work and events in our group.
(2) Registering for our newsletter is doing via a so-called “double opt-in” procedure.
This means that you receive an email after registering, which asks you to confirm your registration. This confirmation is necessary so that no one can register with unfamiliar email addresses. Newsletter registrations are logged to be able to prove the registration process took place in accordance with legal requirements. This includes storage of the time of registration and confirmation, as well as the IP address. Changes to your data stored with MailChimp are also logged.
(3) Your email address alone is mandatory for sending the newsletter. [Giving other, separately marked data is voluntary and is used to be able to address you personally.] After giving confirmation, we store your email address for the purpose of sending the newsletter. The legal basis is Article 6 Para. 1 Sentence 1 Lit. a GDPR.
(4) The newsletter is sent via “MailChimp”, a newsletter dispatch platform from the US provider Rocket Science Group, LLC 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA. The email addresses of our newsletter recipients, as well as their data described in this information, are saved on MailChimp servers in the USA. MailChimp uses this information to send and evaluate the newsletter on our behalf. Furthermore, MailChimp can use this data according to their own information to optimise or improve their services, e.g. for technically optimising dispatch and presenting the newsletter or for economic purposes in order to determine from which countries recipients come. However, MailChimp does not use our newsletter recipients’ data to contact them itself or pass it on to third parties.
(5) We trust in the reliability, IT and data security of MailChimp. MailChimp is certified under the US-EU protection agreement “Privacy Shield” and undertakes to comply with EU data protection requirements. Furthermore, we have entered into a “Data Processing Agreement” with MailChimp (see: https://mailchimp.com/legal/forms/data-processing-agreement/). This is a contract in which MailChimp undertakes to protect our users’ data, to process it in accordance with their data protection regulations on our behalf and, in particular, not pass it on to third parties. MailChimp’s data privacy provisions can be viewed using the following link: https://mailchimp.com/legal/privacy/.
(6) Newsletters contain a so-called “web beacon”, meaning a pixel-sized file, which is retrieved by the MailChimp server when the newsletter is opened. In this retrieval, technical information, such as information about the browser and your system, your IP address and the time of retrieval, is initially collected. This information is used to make technical improvements to the services based on technical data or target groups and their reading behaviour based on their retrieval locations (determined using the IP address) or access times.
(7) Statistical data collection also includes determining whether newsletters are opened, when they are opened and which links are clicked. This information can be assigned to individual newsletter recipients for technical reasons. However, it is neither our nor MailChimp’s aim to monitor individual users. The analyses help us to recognise the reading habits of our users and to adapt our content to them or to send different content according to users’ interests.
(8) There are cases in which we direct newsletter recipients to MailChimp websites, for example, if our newsletter contains a link with which newsletter recipients can retrieve the newsletter online (e.g. in the event of display problems in the email program). Furthermore, newsletter recipients can subsequently correct their data, e.g. the email address. MailChimp’s data privacy statement can also be seen only on its website.
(10) You can cancel receipt of our newsletter at any time, meaning you can revoke your consent. In doing so, your consents to dispatch via MailChimp and the statistical analyses expire at the same time. A separate revocation of dispatch via MailChimp or statistical analyses is, unfortunately, not possible. You will find a link to cancel the newsletter at the end of every newsletter.
(11) In accordance with the provisions valid from 25 May 2018 in the General Data Protection Regulation (GDPR), we inform you that your consent to sending to email addresses is based on Article 6 Para. 1 Lit a GDPR and Section 7 Para. 2 No. 3 or Para 3 UWG (Unfair Competition Act). The use of the dispatch service provider MailChimp, the execution of statistical data collection and analyses and logging the registration procedure are based on our legitimate interests in accordance with Article 6 Para. 1 Lit. f GDPR. We are interested in using a user-friendly and secure newsletter system that serves both our business interests as well as the expectations of users.
(12) We would also like to point out that you can object to the future processing of your personal data at any time in accordance with the statutory provisions according to Article 21 GDPR. The objection may be lodged in particular against for direct marketing purposes.
SECTION 5 SOCIAL MEDIA
Use of social media plug-ins
(1) We currently use the following social media plug-ins: [Instagram]. By doing so, we use the so-called “two-click solution”. This means that when you visit our site, no personal data is generally initially passed on to the plug-in provider. You can recognise the plug-in provider by the mark on the box above its first letter or the logo. We provide you with the option of communicating directly with the plug-in provider via the button. Only when you click on the marked field and activate it does the plug-in provider receive the information that you have visited the corresponding website of our online service. In addition, the data mentioned in Section 3 of this policy will be transmitted. In the case of Facebook and Instagram, the IP address is anonymised immediately after collection by the respective provider in Germany. By activating the plug-in, your personal data is transmitted to the respective plug-in provider and stored there (by providers in the USA). As the plug-in provider collects data mainly via cookies, we recommend that you delete all cookies before clicking on the greyed-out box using your browser’s security settings.
(2) We have no influence on the data collected and data processing procedures, nor are we familiar with the full extent of data collection, the purpose of processing or the storage periods. We also have no information on the deletion of the data collected by the plug-in provider.
(3) The plug-in provider stores the data collected about you as usage profiles and uses it for the purpose of advertising, market research and/or demand-orientated design of its website. An analysis like this takes place in particular (even for users that are not logged in) to present demand-orientated advertising and to inform other uses of the social network about your activities on our website. You have a right to object to the creation of these user profiles, whereby you must contact the respective plug-in provider to exercise this right. Using this plug-in, we provide you with the option of interacting with the social network and other users so that we can improve our service and make it more interesting for you as the user. The legal basis for using plug-ins is Article 6 Para. 1 Lit. f GDPR.
(4) Data is passed on regardless of whether you have an account with the plug-in provider and are logged in there. If you are logged in with the plug-in provider, your data collected by us will be directly assigned to the existing account with the plug-in provider. If you click the activated button and, for example, link the page, the plug-in provider also stores this information in your user account and shares it publicly with your contacts. We recommend that you log out regularly after using a social network, especially before activating the button, as this way you can avoid being assigned to your profile with the plug-in provider.
(5) For more information on the purpose and scope of data collection and its processing by the plug-in provider, please refer to the following privacy policies of these providers. There you will also find more information about your rights concerning this and setting options to protect your privacy.
(6) Addresses of the respective plug-in providers and URL with data privacy policies:
- a) Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA;