Privacy policy

you look perfect Inh. Sandra Milacher

Abtsdorf 170

A-4864 Attersee

info@youlookperfect.at

Tel. +43-660-1464437


Declaration

For us it is of utmost importance to protect your personal data and to treat it confidentially. It is a matter of course for us to comply with the legal data protection regulations and to work DSGVO compliant.

Your data on our homepage https://www.youlookperfect.at is transmitted absolutely securely thanks to SSL (Secure Socket Layer) encryption and cannot be read by third parties. When you order as a customer in the online store, we need some personal information from you, such as: Your name, address and e-mail address. Only with this information we are able to deliver the goods ordered by you quickly and smoothly and to reach you if necessary in case of queries. We do not pass on your personal data to third parties.

You have a right to information, correction and deletion - see point 7.


1. legal basis

The EU General Data Protection Regulation, the Data Protection Act 2000 and the Data Protection Amendment Act 2018 serve the right to protection of personal data. We process your data exclusively on the basis of the legal provisions (DSGVO, DSG 2018, TKG 2003).


2. basic principles

The company/sole proprietor responsible is: Sandra Cornelia Milacher, Abtsdorf 170, 4864 Attersee, AUSTRIA, info@youlookperfect.at, Tel. +43-6601464437


3. data security

For security reasons, our website uses SSL encryption (Secure Sockets Layer). This protects your transmitted data and can not be read by third parties. You can recognize successful encryption by the fact that the protocol designation in the status bar of the browser changes from "http://" to "https://" and that a closed lock symbol is visible there.

We also use technical and organizational security measures to protect the stored personal data against accidental or intentional manipulation, loss or destruction and against access by unauthorized persons. Our security measures are continuously improved in accordance with technical progress.


4 Purpose, legal basis, storage period and data recipients

4.1 We need the collected personal data (if applicable name, address, telephone number, email address, purchased goods, purchase date, payment data) for the fulfillment of the contract and billing, assertion of contractual claims and for customer service purposes. The data is collected, stored, processed and used for this purpose.

4.2 The legal basis for the processing of your personal data are, on the one hand, contract performance of the online purchase, legitimate interests, the fulfillment of our legal or contractual obligations and, on the other hand, your consent in the contact form or newsletter. Failure to provide the data may have different consequences.

4.3 We process your personal data as far as necessary for the duration of the entire business relationship (from the initiation, processing to the termination of the contract) as well as beyond that in accordance with the statutory retention and documentation obligations, which result, among other things, from the Unternehmensgesetzbuch (UGB), the Bundesabgabenordnung (BAO) as well as until the end of any litigation, ongoing warranty and guarantee periods, etc.

4.4 In the course of operating our websites and executing the purchase contract, we commission companies that may gain access to your personal data in the course of their activities, insofar as they require the data to perform their respective services. These companies have undertaken to comply with the applicable data protection regulations.

4.5 Contact form

Your information including personal data from our contact form will be transmitted to us via the mail server for processing the request, processed and stored by us. This data will not be collected or passed on without your declaration of consent. Without this data we cannot process the request. The storage period is 2 years.

A transmission of the data takes place to:

- Our domain and email provider (1&1 IONOS SE, Germany) for the purpose of managing the messages from the contact form. We have concluded a corresponding contract with the provider for order data processing. They have undertaken to comply with the applicable data protection regulations vis-à-vis us. The privacy policy of 1&1 IONOS SE can be found at https://www.ionos.de/terms-gtc/terms-privacy.

- Our homepage operator (Shopify Inc., Canada) for the purpose of managing messages from the contact form. We have concluded a corresponding contract with the provider for order data processing. They have undertaken to comply with the applicable data protection regulations towards us. The privacy policy of Shopify can be found at https://www.shopify.com/legal/privacy.

4.6 Newsletter

If you register for our newsletter, we use the data required for this purpose or separately provided by you to regularly send you our e-mail newsletter based on your consent pursuant to Art. 6 para. 1 p. 1 lit. a DSGVO.

Unsubscribing from the newsletter is possible at any time and can be done either by sending a message to the contact option described above or via a link provided for this purpose in the newsletter. After unsubscribing, we will delete your e-mail address unless you have expressly consented to further use of your data or we reserve the right to use data beyond this, which is permitted by law and about which we inform you in this statement. The newsletter is sent as part of a processing on our behalf by a service provider, to whom we pass on your e-mail address for this purpose. A transmission of the data takes place to:

- Our marketing and newsletter tool (Klaviyo Inc., USA) for the purpose of managing contacts and sending newsletters. This service provider is located in the USA and is certified under the EU-US Privacy Shield. A current certificate can be viewed at https://www.privacyshield.gov/participant?id=a2zt00000008RNFAA2. Based on this agreement between the USA and the European Commission, the latter has determined an adequate level of data protection for companies certified under the Privacy Shield.

- Our homepage operator (Shopify Inc., Canada) for the purpose of managing contacts. We have concluded a corresponding contract for commissioned data processing with the provider. They have undertaken to comply with the applicable data protection regulations vis-à-vis us. The privacy policy of Shopify can be found at https://www.shopify.com/legal/privacy.

4.7 Online purchase

For the purpose of contract processing, the following data will also be stored by us: Name, address, telephone number, email address, purchased goods, purchase date, payment data.

The data provided by you are necessary for the fulfillment of the contract or for the implementation of pre-contractual measures. Without this data we cannot conclude the contract with you.

The legal minimum storage period is 7 years.

In the case of a purchase, the data is transmitted to:

- Our domain and email provider (1&1 IONOS SE, Germany) for the purpose of receiving an email about the order. We have concluded a corresponding contract with the provider for order data processing. They have undertaken to comply with the applicable data protection regulations vis-à-vis us. The privacy policy of 1&1 IONOS SE can be found at https://www.ionos.de/terms-gtc/terms-privacy.

- The responsible transport company DPD or DHL Express for the purpose of delivery. These have undertaken to comply with all legal data protection guidelines. Your personal data will not be used for any other purpose than for the transport service.

- Our shipping portal Sendcloud (Sendcoud GmbH, Munich) for the purpose of delivery. Here we prepare the deliveries, create parcel labels, you receive the delivery info by email and can also create your return label. You can find Sendcloud's privacy policy at https://www.sendcloud.de/datenschutz/.

- Our tax advisor and our accounting department to fulfill our tax obligations.

- Our order processing system via the service provider Billbee

(Billbee GmbH, Germany). We use this to create the invoices. Name, address and, if applicable, other personal data will be passed on to Billbee in accordance with Art. 6 para. 1 lit. b DSGVO exclusively for the processing of the online order. Your data will only be passed on to the extent that this is actually necessary for the processing of the order. Details of Billbee's data protection and its privacy policy can be viewed here https://www.billbee.io/datenschutz/.

- Your banking institution for the purpose of debiting the purchase price. The data protection regulations of your selected banking institution apply here.

o In the case of payment by PayPal, the data is automatically transferred to PayPal (Europe) S.à r.l. et Cie, S.C.A., Luxembourg for the purpose of debiting the purchase price. Here the data protection regulations of this banking institution apply, to be read here https://www.paypal.com/at/webapps/mpp/ua/privacy-full.

o In the case of payment by credit card, Apple Pay, iDeal, Bancontact, the verification and transmission is carried out by Stripe Payments Europe Ltd, Ireland for the purpose of debiting the purchase price. The data protection regulations of this banking institution apply here, to be read here https://stripe.com/at/privacy

o In the case of payment by Sofortüberweisung Pay now with Klarna, the data is automatically transmitted to Klarna GmbH Munich, Germany. Please note that Klarna may perform an identity and credit check. It may use for the identity and credit check the credit reporting agencies mentioned in Klarna's privacy policy (https://cdn.klarna.com/1.0/shared/content/policy/data/de_de/data_protection.pdf ). You can revoke your consent to this use of personal data at any time to Klarna.

o In the case of payment by invoice with Klarna, data is automatically transmitted to Klarna AB (publ), Sweden. Please note that Klarna may perform an identity and credit check. It may use for the identity and credit check the credit reporting agencies mentioned in Klarna's privacy policy (https://cdn.klarna.com/1.0/shared/content/policy/data/de_de/data_protection.pdf ). You can revoke your consent to this use of personal data at any time to Klarna.

- Our homepage operator (Shopify Inc., Canada) and apps controlled by Shopify for the purpose of managing customers and orders. We have concluded a corresponding contract for commissioned data processing with the provider. They have undertaken to comply with the applicable data protection regulations vis-à-vis us. The privacy policy of Shopify can be found here https://www.shopify.com/legal/privacy

- The Trusted Shops rating tool. A few days after ordering, every customer automatically receives an email asking him to rate our store. This email is sent by our partner Trusted Shops GmbH, Cologne, Germany. We have concluded a corresponding contract for order data processing. They have committed themselves to comply with the applicable data protection regulations towards us. The privacy policy of Trusted Shops can be found here https://legal.trustedshops.com/privacy.

- Our marketing tool (Klaviyo Inc., USA) for the purpose of managing customers. This service provider is located in the USA and is certified under the EU-US Privacy Shield. A current certificate can be viewed here https://www.privacyshield.gov/participant?id=a2zt00000008RNFAA2 . Based on this agreement between the USA and the European Commission, the latter has determined an adequate level of data protection for companies certified under the Privacy Shield.

You can request more information about the processors and data recipients we use at info@youlookperfect.at.

4.8 Opening of a customer account

We collect personal data if you voluntarily provide it to us when opening a customer account. Mandatory fields are marked as such, because in these cases we need the data to process the contract or to open the customer account and you can not complete the account opening without their information. Which data is collected can be seen from the respective input forms. We use the data provided by you in accordance with Art. 6 para. 1 p. 1 lit. b DSGVO for contract processing and processing your requests. After complete processing of the contract or deletion of your customer account, your data will be restricted for further processing and deleted after expiry of the retention periods under tax and commercial law, unless you have expressly consented to further use of your data or we reserve the right to use data beyond this, which is permitted by law and about which we inform you in this statement. The deletion of your customer account is possible at any time and can be done by sending a message to the contact option described below.

A transfer of the data takes place to:

- Our homepage operator (Shopify Inc., Canada) and apps controlled by Shopify for the purpose of managing customers and orders. We have concluded a corresponding contract with the provider for order data processing. They have undertaken to comply with the applicable data protection regulations vis-à-vis us. The privacy policy of Shopify can be found here https://www.shopify.com/legal/privacy

4.9 Data processing is carried out on the basis of the legal provisions of § 96 para 3 TKG as well as Art 6 DSGVO (in particular consent and/or the need to fulfill the contract).


5 Cookies and web analysis

5.1 Cookies in general

In order to make visiting our website attractive and to enable the use of certain functions, we use so-called cookies. These are small text files that are stored on your terminal device and store certain information for exchange with our system. The legal basis for the processing of this data is Art. 6 (1) sentence 1 lit. f DSGVO. Some of the cookies we use are deleted again after the end of the browser session, i.e. after closing the browser (transient cookies). These include, in particular, session cookies. These store a unique identifier (session ID). This session ID can be used to assign various requests from your browser to a common session. This means that your end device can be recognized when you return to our website during a session. Session cookies are also deleted when you log out. Other cookies remain on your end device for a specified period of time and allow us to recognize your browser or end device the next time you visit (persistent cookies).

Please note that certain cookies are already set as soon as you enter our website. You can set your browser in such a way that you are informed about the setting of cookies and can decide individually about their acceptance or exclude the acceptance of cookies for certain cases, in particular cookies from third parties (third party cookies) or in general. If you do not accept cookies, the functionality of our website may be limited.

You have the option of preventing cookies from being stored on your computer by making the appropriate browser settings. Each browser differs in the way it manages cookie settings. This is described in the help menu of each browser, which explains how you can change your cookie settings.

You can find the browser settings for each browser at the following links:

Internet Explorer: http://windows.microsoft.com/de-DE/windows-vista/Block-or-allow-cookies

Safari: https://support.apple.com/de-at/guide/safari/sfri11471/mac

Chrome: http://support.google.com/chrome/bin/answer.py?hl=de&hlrm=en&answer=95647

Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen

5.2 Google Analytics

This website uses Google Analytics, a web analytics service provided by Google Ireland limited, Gordon House , Barrow Street, Dublin 4 , Ireland ("Google").

We use Google Analytics with the extension "_anonymizeIp()". This means that IP addresses are processed in a shortened form, which, according to Google, should virtually rule out the possibility of personal references. Insofar as the data collected about you has a personal reference, this should be excluded immediately and the personal data deleted immediately. The data sent by us and linked to cookies, user recognition or advertising IDs are automatically deleted after 14 months. The deletion of data whose retention period has been reached takes place automatically once a month.

Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of this website will be transmitted to and stored by Google on servers in the United States. In the event that IP anonymization is activated on this website, however, your IP address will be truncated beforehand by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports and statistics on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google.

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.

You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plug-in available here http://tools.google.com/dlpage/gaoptout?hl=de.

This website uses the "demographic characteristics" function of Google Analytics. This allows reports to be generated that contain statements about the age, gender and interests of site visitors. This data comes from interest-based advertising from Google as well as visitor data from third-party providers. This data cannot be assigned to a specific person. You can deactivate this function at any time via the ad settings in your Google account or generally prohibit the collection of your data by Google Analytics as shown in the item "Objection to data collection".

We use Google Analytics to analyze and regularly improve the use of our website. The statistics obtained enable us to improve our offer and make it more interesting for you as a user.

We have concluded an order processing agreement with Google in accordance with Art. 28 DSGVO to protect your personal data.

You can find more information about Google here:

User Terms: http://www.google.com/analytics/terms/de.html

Privacy policy: https://policies.google.com/privacy

5.3 Google Fonts

We use Google Fonts of the company Google Ireland limited, Gordon House , Barrow Street, Dublin 4 , Ireland ("Google") on our website. Google Fonts are used without authentication and no cookies are sent to the Google Fonts API. If you have an account with Google, none of your Google account information is transmitted to Google while using Google Fonts. Google only records the usage of CSS and the fonts used and stores this data securely. You can find out more about these and other issues at https://developers.google.com/fonts/faq.

What data is collected by Google and what it is used for can be found here https://policies.google.com/privacy.

5.4 Google reCaptcha

We use the reCAPTCHA function of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google") on our website. We use this function on pages with (contact) forms to protect them from automated access (e.g. by so-called "bots"). Through the integration of reCAPTCHA, personal data (e.g. IP address) can be collected by Google to find out whether the request really comes from a human. The data processing is based on our legitimate interests, namely our interest in the security of our website and the defense against automated access within the meaning of Art. 6 (1) f) DSGVO. Google is certified under the Privacy Shield agreement and thereby offers the guarantee of compliance with European data protection law. Detailed information on data protection in connection with the use of Google reCAPTCHA can be found here https://policies.google.com/privacy.

5.5 Google Adwords Remarketing / Google Tag Manager

We use Google remarketing tags. These are services provided by Google Ireland limited, Gordon House , Barrow Street, Dublin 4 , Ireland ("Google"). Google uses cookies that are stored on your computer and that enable an analysis of your use of the website. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. The IP address is then shortened by Google by the last three digits, a clear assignment of the IP address is therefore no longer possible. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. Third-party providers, including Google, place advertisements on websites on the Internet. Third-party vendors, including Google, use stored cookies to serve ads based on a user's previous visits to this website. Google will not associate your IP address with any other data held by Google. You can object to the collection and storage of data at any time with effect for the future. You can deactivate the use of cookies by Google by visiting the Google advertising deactivation page. However, we would like to point out that in this case you may not be able to use all functions of this website to their full extent.

By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above. You may object to the collection and storage of data at any time with effect for the future. Further information on Google's terms and conditions can be found here https://policies.google.com/privacy.

Our website uses Google Tag Manager for the purpose of personalized, interest and location-based online advertising. The option to anonymize IP addresses is controlled by Google Tag Manager via an internal setting that is not visible in the source of this page. This internal setting is set to achieve the required anonymization of IP addresses.

5.6 Google Adwords Conversion Tracking

This website also uses Google Conversion Tracking from Google Ireland limited, Gordon House , Barrow Street, Dublin 4 , Ireland ("Google").

Google Adwords sets a cookie on your computer if you have accessed our website via a Google ad. These cookies lose their validity after 30 days and are not used for personal identification. If the user visits certain pages of the Adwords customer's website and the cookie has not yet expired, Google and the customer can recognize that the user clicked on the ad and was redirected to this page. Each Adwords customer receives a different cookie. Cookies can therefore not be tracked across Adwords customers' websites. The information obtained using the conversion cookie is used to create conversion statistics for Adwords customers who have opted for conversion tracking.

The Adwords customers learn the total number of users who clicked on their ad and were redirected to a page tagged with a conversion tracking tag. However, they do not receive any information that can be used to personally identify users. If you do not wish to participate in the tracking process, you can also refuse the setting of a cookie required for this - for example, via a browser setting that generally disables the automatic setting of cookies. You can also disable cookies for conversion tracking by setting your browser to block cookies from the domain "www.googleadservices.com". Google's privacy policy on conversion tracking can be found at https://policies.google.com/privacy.

5.7 Facebook Pixel

We use the "conversion pixel" or visitor action pixel of Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA ("Facebook"). By calling up this pixel from your browser, Facebook can subsequently recognize whether a Facebook ad was successful, e.g. led to an online purchase. We only receive statistical data from Facebook for this purpose without any reference to a specific person. This allows us to record the effectiveness of the Facebook ads for statistical and market research purposes. In particular, if you are logged in to Facebook, we also refer you to their data protection information, which can be viewed at https://de-de.facebook.com/policy.php.

5.8 Facebook Website Customer Audiences

Within our website, we use the "Website Custom Audiences" pixel of the social network Facebook, 1601 South California Avenue, Palo Alto, CA 94304, USA. So-called tracking pixels are integrated on our pages. When you visit our pages, a direct connection between your browser and the Facebook server is established via the tracking pixel. Facebook thereby receives, among other things, the information from your browser that our page was called up from your end device. If you are a Facebook user, Facebook can thereby assign the visit to our pages to your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Facebook. We can only select which segments of Facebook users (such as age, interests) should be displayed our advertising. In doing so, we use one of two ways of working of Custom Audiences, in which no data records, in particular no email addresses of our users - neither encrypted nor unencrypted - are transmitted to Facebook. Further information on this can be found in Facebook's privacy policy, which can be viewed here https://de-de.facebook.com/policy.php.

5.9 Shopify Analytics

Our homepage operator (Shopify Inc., Canada) uses its own analytics tool for the purpose of analyzing visitor flows and purchases. We have concluded a corresponding contract for commissioned data processing with the provider. They have undertaken to comply with the applicable data protection regulations vis-à-vis us. The privacy policy of Shopify can be found here https://www.shopify.com/legal/privacy

5.10. Bing Ads / Microsoft

On the website, we use technologies from Bing Ads (bingads.microsoft.com), which are provided and operated by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA ("Microsoft"). In doing so, Microsoft sets a cookie on your terminal device if you have reached our website via a Microsoft Bing ad. In this way, Microsoft and we can recognize that someone has clicked on an ad, has been redirected to our website and has reached a previously determined target page ("conversion site"). We only learn the total number of users who clicked on a Bing ad and were then redirected to the conversion site. Microsoft collects, processes and uses information via the cookie, from which usage profiles are created using pseudonyms. These usage profiles are used to analyze visitor behavior and are used to display advertisements. No personal information about the identity of the user is processed. If you do not want Microsoft to use information about your behavior as explained above, you can refuse the necessary setting of a cookie - for example, by selecting a browser setting that generally disables the automatic setting of cookies. You can also prevent the collection of data generated by the cookie and related to your use of the website and the processing of this data by Microsoft here https://choice.microsoft.com/de-DE/opt-out. Further information on data protection at Microsoft and Bing Ads can be found here https://privacy.microsoft.com/de-de/privacystatement.

5.11. LinkedIn Ads

We use the conversion tracking technology and the retargeting function of LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA on our website. With the help of this technology, visitors to our website can be shown personalized advertisements on LinkedIn. Furthermore, it is possible to create anonymous reports on the performance of the advertisements as well as information on website interaction. For this purpose, the LinkedIn Insight tag is embedded on this website, which establishes a connection to the LinkedIn server if you visit this website and are logged into your LinkedIn account at the same time. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by LinkedIn. The information collected by the LinkedIn Insight tag about your use of our website is encrypted. The cookie is stored in the LinkedIn member's browser until the member deletes the cookie or it expires (the expiration date is rolling six months after the member's browser last loaded the Insight tag). You can object to the collection and use of your data to display LinkedIn Ads at any time or revoke your consent, e.g. by changing your cookie settings on our site accordingly. LinkedIn members have the option to opt out of LinkedIn conversion tracking and to block and delete cookies or disable demographic features, more here https://www.linkedin.com/signup/cold-join?session_redirect=https%3A%2F%2Fwww.linkedin.com%2Fpsettings%2Fadvertising%2F . In LinkedIn's settings, there is no separate opt-out option for third-party impressions or click tracking for campaigns running on LinkedIn, as all underlying campaigns respect LinkedIn members' settings. You can also opt-out of the LinkedIn Insight Conversion Tool and interest-based advertising as a non-member by visiting https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out. You can find more information about data protection at LinkedIn here https://de.linkedin.com/legal/privacy-policy .


6. consent and right of revocation

6.1 If your consent is required for the processing of your data, we will process it only after your express consent.

6.2 In principle, we do not process data of minors and are not authorized to do so. By giving your consent, you confirm that you have reached the age of 14 or that you have the consent of your legal representative.

6.3 You can revoke your consent at any time at the following e-mail address: info@youlookperfect.at.

In such a case, the data previously stored about you will be anonymized and subsequently used only for statistical purposes without reference to persons. By means of the revocation of consent, the lawfulness of the processing carried out on the basis of the consent until the revocation is not affected.


7. your rights

7.1 You have the right to obtain information from the data controller (Sandra Cornelia Milacher, info@youlookperfect.at ) about the personal data concerned at any time. Insofar as there is no legal obligation to retain the data, you have the right to have this data deleted and to object to the processing. Furthermore, you have the right to correct the data as well as to restrict processing, to data portability as well as to lodge a complaint with the Austrian Data Protection Authority (Wickenburggasse 8-10, 1080 Vienna, e-mail: dsb@dsb.gv.at).

7.2 Please contact us regarding your rights :

you look perfect Inh. Sandra Milacher

Abstdorf 170

4864 Attersee, AUSTRIA

info@youlookperfect.at


8. change of the privacy policy

The data protection measures are always subject to technical renewal. For this reason, we ask you to inform yourself about our data protection measures at regular intervals by consulting our data protection declaration.

We therefore reserve the right to update this data protection information from time to time.



If you have any questions about our products, you look perfect will of course be happy to answer them at any time. We hope you enjoy using our products.


Status 09 June 2021