Login

Country

Language

YOU RECEIVE A 15€ DISCOUNT

Stay up to date and benefit from exclusive offers by subscribing to our newsletter

Privacy policy

YOU LOOK PERFECT Owner Sandra Cornelia Milacher

Abtsdorf 170

A-4864 Attersee

info@youlookperfect.at

Tel. +43-660-1464437

Explanation

It is of the utmost importance to us to protect your personal data and treat it confidentially. It is a matter of course for us to comply with the statutory data protection regulations and to work in compliance with the GDPR.

Your data on our website https://www.youlookperfect.at is transmitted absolutely securely thanks to SSL (Secure Socket Layer) encryption and cannot be read by third parties. If you order as a customer in the online store, we need some personal information from you, such as Your name, address and e-mail address. Only with this information are we able to deliver the goods you have ordered quickly and smoothly and to contact you if we have any queries. We do not pass on your personal data to third parties.

You have a right to information, correction and deletion - see point 7.

1. legal basis

The EU General Data Protection Regulation, the Data Protection Act 2000 and the Data Protection Amendment Act 2018 serve the right to protection of personal data. We process your data exclusively on the basis of the statutory provisions (GDPR, DSG 2018, TKG 2003).

2. basic principles

Responsible is the company/sole proprietor: Sandra Cornelia Milacher, Abtsdorf 170, 4864 Attersee, AUSTRIA, info@youlookperfect.at, Tel. +43-6601464437

3. data security

For security reasons, our website uses SSL encryption (Secure Sockets Layer). This protects your transmitted data and prevents it from being read by third parties. You can recognize successful encryption by the fact that the protocol name in the status bar of the browser changes from "http://" to "https://" and that a closed lock symbol is visible there.

We also use technical and organizational security measures to protect the stored personal data against accidental or intentional manipulation, loss or destruction and against access by unauthorized persons. Our security measures are continuously improved in line with technical progress.

4 Purpose limitation, legal basis, storage duration and data recipients

4.1 We require the collected personal data (if applicable, name, address, telephone number, e-mail address, purchased goods, date of purchase, payment data) for the fulfillment of the contract and billing, assertion of contractual claims and for customer service purposes. The data is collected, stored, processed and used for this purpose.

4.2 The legal basis for the processing of your personal data is, on the one hand, contract fulfillment of the online purchase, legitimate interests, the fulfillment of our legal or contractual obligations and, on the other hand, your consent in the contact form or the newsletter. Failure to provide the data may have various consequences.

4.3 We process your personal data, where necessary, for the duration of the entire business relationship (from initiation, processing to termination of the contract) and beyond in accordance with the statutory retention and documentation obligations arising from the Austrian Commercial Code (UGB), the Federal Fiscal Code (BAO) and until the end of any legal disputes, ongoing warranty and guarantee periods, etc.

4.4 As part of the operation of our websites and execution of the purchase contract, we commission companies that may gain access to your personal data in the course of their activities, insofar as they require the data to fulfill their respective services. These companies have undertaken to comply with the applicable data protection regulations.

4.5 Contact form

Your details, including personal data from our contact form, will be transmitted to us via the mail server, processed and stored by us in order to process your inquiry. This data will not be collected or passed on without your consent. We cannot process the request without this data. The storage period is 2 years.

The data will be transmitted to:

-Our domain and email provider IONOS (IONOS SE, Elgendorfer Str. 57, 56410 Montabaur, Germany) for the purpose of managing the messages from the contact form. We have concluded a corresponding contract with the provider for order data processing. They have undertaken to comply with the applicable data protection regulations. You can find the IONOS privacy policy at https://www.ionos.de/terms-gtc/terms-privacy

-Our website operator SHOPIFY (Shopify Intrenational Limited, 1-2 Victoria Buildings, Haddington Road, Dublin 4, D04 XN32, Ireland) for the purpose of managing messages from the contact form. We have concluded a corresponding contract with the provider for commissioned data processing. They have undertaken to comply with the applicable data protection regulations. You can find Shopify's privacy policy at https://www.shopify.com/legal/privacy

4.6 Newsletter

If you subscribe to our newsletter, we will use the data required for this or separately provided by you to regularly send you our email newsletter based on your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.

Unsubscribing from the newsletter is possible at any time and can be done either by sending a message to the contact option described above or via a link provided for this purpose in the newsletter. The newsletter is sent as part of processing on our behalf by a service provider to whom we pass on your email address for this purpose. The data will be transmitted to:

  • Our homepage operator SHOPIFY (Shopify Intrenational Limited, 1-2 Victoria Buildings, Haddington Road, Dublin 4, D04 XN32, Ireland) for the purpose of managing contacts and sending the newsletter. We have concluded a corresponding contract with the provider for commissioned data processing. They have undertaken to comply with the applicable data protection regulations. You can find Shopify's privacy policy at https://www.shopify.com/legal/privacy

-Our marketing and newsletter tool (Klaviyo, Inc., 60 South Street, Suite 910, Boston, Massachusetts 02111, USA) for the purpose of managing contacts and sending newsletters. Data is transmitted to Klaviyo for the purpose of sending newsletters and stored on their servers. Klaviyo uses this information exclusively for sending and evaluating the newsletter on our behalf and does not pass your data on to third parties. Further information on data processing by Klaviyo can be found at https://www.klaviyo.com/legal/data-processing-agreement and https://www.klaviyo.com/legal/privacy/privacy-notice.

We trust in the reliability and IT and data security of Klaviyo. Klaviyo is certified under the US-EU data protection agreement "Privacy Shield" and thus undertakes to comply with EU data protection regulations. We have also concluded a "Data Processing Agreement" with Klaviyo. This is a contract in which Klaviyo undertakes to protect the data of our users, to process it on our behalf in accordance with its data protection provisions and, in particular, not to pass it on to third parties. You can find Klaviyo's privacy policy in English here: https://www.klaviyo.com/legal/privacy/privacy-notice. Klaviyo uses so-called standard contractual clauses in accordance with Art. 46 (2) and (3) GDPR (https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de ) as the basis for processing or transferring data to countries outside the EU. Through these clauses, Klaviyo undertakes to comply with the EU data protection standard when processing your data, even if the data is transferred to third countries such as the USA and processed and stored there. You can find out more about this on the Klaviyo website at https://www.klaviyo.com/legal/data-processing-agreement and https://www.klaviyo.com/legal/privacy/privacy-notice

Statistical collection and analysis

Our newsletters contain technologies that allow us to track whether and when a newsletter has been opened and which links have been clicked on. The purpose of these analyses is to optimize the content of our newsletters and to better tailor them to the interests of our subscribers. The analysis results are not used to monitor users individually.

Right of withdrawal and unsubscribing

You have the right to withdraw your consent to receive the newsletter at any time, either by using the unsubscribe link in every newsletter or by sending an email to info@youlookperfect.at. After unsubscribing, your personal data will be deleted unless you have expressly consented to further use of your data or we reserve the right to legally permissible data processing.

Email advertising without subscribing to the newsletter and your right to object

If we receive your e-mail address in connection with the sale of a product or service and you have not objected to this, we reserve the right to send you offers for similar products to those you have already purchased from our range by e-mail in accordance with the German Existing Customers Act on the basis of § 7 para. 3 UWG. This serves to safeguard our legitimate interests, which predominate in the context of a balancing of interests, in a promotional approach to our customers. You can object to this use of your email address at any time by sending an email to info@youlookperfect.at or via a link provided for this purpose in the advertising email.

Legal basis

The processing of your data in the context of sending the newsletter is based on your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. The use of Klaviyo as a mailing service provider, the performance of statistical analyses and the double opt-in procedure are based on our legitimate interests in an effective and secure newsletter system in accordance with Art. 6 para. 1 lit. f GDPR. The processing of your data in the context of e-mail advertising without registration is based on § 7 para. 3 UWG and our legitimate interests pursuant to Art. 6 para. 1 lit. f GDPR.

4.7 Online shopping

The following data is also stored by us for the purpose of contract processing Name, address, telephone number, email address, purchased goods, date of purchase, payment data.

The data provided by you is required to fulfill the contract or to carry out pre-contractual measures. Without this data, we cannot conclude the contract with you.

The statutory minimum storage period is 7 years.

When a purchase is made, the data is transmitted to:

  • Our domain and email provider IONOS (IONOS SE, Elgendorfer Str. 57, 56410 Montabaur, Germany)for the purpose of receiving an email about the order. We have concluded a corresponding contract with the provider for order data processing. They have undertaken to comply with the applicable data protection regulations. You can find IONOS SE's privacy policy at https://www.ionos.de/terms-gtc/terms-privacy
  • The responsible transport company DPD, DHL Express or POST and their partners for the purpose of delivery. They have undertaken to comply with all legal data protection guidelines. Your personal data will not be used for any purpose other than the transportation service.
  • Our shipping portal SENDCLOUD (Sendcloud GmbH, Fürstenrieder Str.70, 80686 Munich, Germany) for the purpose of parcel label creation. Here we prepare the deliveries and create parcel labels. You will receive the delivery information by email. You can find Sendcloud's privacy policy at https://www.sendcloud.de/datenschutz/
  • Our tax advisor and our accounting department to fulfill our tax obligations.
  • The merchandise management system via the service provider BILLBEE
    (Billbee GmbH, Arolser Str. 10, 34477 Twistetal, Germany). We use this to create invoices/delivery notes/return bills. Name, address and any other personal data will be passed on to Billbee in accordance with Art. 6 para. 1 lit. b GDPR exclusively for processing the online order. Your data will only be passed on if this is actually necessary for processing the order. Details on Billbee's data protection and privacy policy can be found here     https://www.billbee.io/datenschutz/
  • The merchandise management system via the service provider PLENTY ONE
    (PlentyONE GmbH    , Johanna-Waescher-Straße 7, 34131 Kassel, Germany). We use this to create invoices/delivery notes/return bills. Name, address and any other personal data will be passed on to PlentyOne in accordance with Art. 6 para. 1 lit. b GDPR exclusively for processing the online order. Your data will only be passed on if this is actually necessary for processing the order. Details on PlentyOne's data protection and privacy policy can be found here https://www.plentyone.com/de/datenschutz
  • Your bank for the purpose of debiting the purchase price. The data protection regulations of your selected banking institution apply here.
    • In the case of payment with PayPal, the data is automatically transmitted to PayPal (Europe) S.à r.l. et Cie, S.C.A., Luxembourg for the purpose of debiting the purchase price. The data protection regulations of this banking institution apply here, to be read here https://www.paypal.com/at/webapps/mpp/ua/privacy-full
    • In the case of payment by credit card, Apple Pay, iDeal, EPS, Bancontact, the verification and transmission is carried out by Stripe Payments Europe Ltd, Ireland for the purpose of debiting the purchase price. The data protection regulations of this banking institution apply here, to be read here https://stripe.com/at/privacy
    • In the case of payment with Klarna, the data is automatically transmitted to Klarna AB (publ), Sweden. Please note that Klarna may carry out an identity and credit check.(https://cdn.klarna.com/1.0/shared/content/policy/data/de_de/data_protection.pdf ). You can revoke your consent to this use of your personal data at any time by contacting Klarna.
  • Our website operator SHOPIFY (Shopify Intrenational Limited, 1-2 Victoria Buildings, Haddington Road, Dublin 4, D04 XN32, Ireland) and apps controlled by Shopify for the purpose of managing customers and orders. We have concluded a corresponding contract with the provider for commissioned data processing. They have undertaken to comply with the applicable data protection regulations vis-à-vis us. You can find Shopify's privacy policy here https://www.shopify.com/legal/privacy
  • The TRUSTED SHOPS evaluation tool (TRUSTED SHOPS GmbH, Subbelrather Str. 15c, 50823 Cologne, Germany). A few days after ordering, the customer automatically receives an email asking him to rate our store. This email is sent by our partner Trusted Shops. We have concluded a corresponding contract for order data processing. They have undertaken to comply with the applicable data protection regulations. You can find Trusted Shops' privacy policy here https://legal.trustedshops.com/privacy

-The Loox rating tool (Loox Online Ltd. Rehov Har Sinai 2 6581602 Tel Aviv-Yafo, Israel). Your data may be transferred to Israel. Israel is outside the scope of the GDPR. However, the European Commission has decided on the basis of Art. 45 para. 1 GDPR that Israel offers a level of protection comparable to the standard of the GDPR. You can view the decision here: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32011D0061. You can view Loox's privacy policy here https://loox.app/legal/privacy-policy-merchants. You can find out more about the data processed through the use of Loox in the privacy policy at https://loox.app/legal/privacy-policy-merchants.

  • We use the analytics tool ANYTRACK (AnyTrack Analytics, Inc. 2035 Sunset Lake Road, Suite B-2, Newark, Delaware 19702, USA) to recognize whether our advertisements were successful. We receive statistical data to optimize the effectiveness of our advertisements. Anytrack complies with the GDPR and is hosted in the EU, no data is transferred to the USA. Anytrack therefore offers an adequate level of data protection. Further information can be found in the provider's data protection information at the following URL: https://anytrack.io/privacy-policy
  • Our marketing and newsletter tool (Klaviyo, Inc., 60 South Street, Suite 910, Boston, Massachusetts 02111, USA) for the purpose of managing contacts and sending newsletters. Data is transmitted to Klaviyo for the purpose of sending newsletters and stored on their servers. Klaviyo uses this information exclusively for sending and evaluating the newsletter on our behalf and does not pass your data on to third parties. Further information on data processing by Klaviyo can be found at https://www.klaviyo.com/legal/data-processing-agreement and https://www.klaviyo.com/legal/privacy/privacy-notice

Email advertising without subscribing to the newsletter and your right to object

If we receive your e-mail address in connection with the sale of a product or service and you have not objected to this, we reserve the right to send you offers for similar products to those you have already purchased from our range by e-mail in accordance with the German Existing Customers Act on the basis of § 7 para. 3 UWG. This serves to safeguard our legitimate interests, which predominate in the context of a balancing of interests, in a promotional approach to our customers. You can object to this use of your email address at any time by sending an email to info@youlookperfect.at or via a link provided for this purpose in the advertising email. The processing of your data in the context of sending the newsletter is based on your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. The use of Klaviyo as a mailing service provider, the performance of statistical analyses and the double opt-in procedure are based on our legitimate interests in an effective and secure newsletter system in accordance with Art. 6 para. 1 lit. f GDPR. The processing of your data in the context of e-mail advertising without registration is based on § 7 para. 3 UWG and our legitimate interests pursuant to Art. 6 para. 1 lit. f GDPR.

You can requestfurther information on the processors and data recipients commissioned by us at info@youlookperfect.at.

4.8 Opening a customer account

We collect personal data if you provide it to us voluntarily when opening a customer account. Mandatory fields are marked as such, as in these cases we need the data to process the contract or open the customer account and you cannot complete the account opening process without providing it. Which data is collected can be seen from the respective input forms. We use the data provided by you in accordance with Art. 6 para. 1 sentence 1 lit. b GDPR for contract processing and processing your inquiries. After complete processing of the contract or deletion of your customer account, your data will be restricted for further processing and deleted after expiry of the retention periods under tax and commercial law, unless you have expressly consented to further use of your data or we reserve the right to use data beyond this, which is permitted by law and about which we inform you in this declaration. The deletion of your customer account is possible at any time and can be done by sending a message to the contact option described below.

The data will be transmitted to:

  • Our homepage operator SHOPIFY (Shopify Intrenational Limited, 1-2 Victoria Buildings, Haddington Road, Dublin 4, D04 XN32, Ireland) and apps controlled by Shopify for the purpose of managing customers and orders. We have concluded a corresponding contract with the provider for commissioned data processing. They have undertaken to comply with the applicable data protection regulations vis-à-vis us. You can find Shopify's privacy policy herehttps://www.shopify.com/legal/privacy

4.9 Data processing is carried out on the basis of the legal provisions of § 96 para. 3 TKG and Art 6 DSGVO (in particular consent and/or necessity of contract fulfillment).

5. cookies and web analysis

5.1 Cookies in general

In order to make visiting our website attractive and to enable the use of certain functions, we use so-called cookies. These are small text files that are stored on your end device and that store certain information for exchange with our system. The legal basis for the processing of this data is Art. 6 para. 1 sentence 1 lit. f GDPR. Some of the cookies we use are deleted after the end of the browser session, i.e. after closing the browser (transient cookies). These include session cookies in particular. These store a unique identifier (session ID). This session ID can be used to assign various requests from your browser to a common session. This allows your device to be recognized when you return to our website during a session. Session cookies are also deleted when you log out. Other cookies remain on your end device for a specified period of time and enable us to recognize your browser or end device the next time you visit our website (persistent cookies).

Please note that certain cookies are already set as soon as you enter our website. You can set your browser so that you are informed about the setting of cookies and can decide individually whether to accept them or to exclude the acceptance of cookies for certain cases, in particular cookies from third-party providers (third-party cookies) or in general. If you do not accept cookies, the functionality of our website may be restricted.

You have the option of preventing cookies from being stored on your computer by making the appropriate browser settings. Each browser differs in the way it manages cookie settings. This is described in the help menu of each browser, which explains how you can change your cookie settings.

You can find the browser settings for each browser under the following links:

Internet Explorer: http://windows.microsoft.com/de-DE/windows-vista/Block-or-allow-cookies

Safari: https://support.apple.com/de-at/guide/safari/sfri11471/mac

Chrome: http://support.google.com/chrome/bin/answer.py?hl=de&hlrm=en&answer=95647

Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen

5.2 Google Analytics

This website uses the web analysis service GOOGLE ANALYTICS (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland).

We use Google Analytics with the extension "_anonymizeIp()". This means that IP addresses are further processed in abbreviated form, which, according to Google, virtually eliminates the possibility of personal identification. If the data collected about you is personally identifiable, this should therefore be excluded immediately and the personal data deleted immediately. The data sent by us and linked to cookies, user recognition or advertising IDs are automatically deleted after 14 months. Data that has reached the end of its retention period is automatically deleted once a month.

Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of the website will be transmitted to and stored by Google on servers in the United States. However, by activating IP anonymization on this website, your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. Google will use this information on behalf of the operator of this website for the purpose of evaluating your use of the website, compiling reports and statistics on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.

You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available here http://tools.google.com/dlpage/gaoptout?hl=de.

This website uses the "demographic features" function of Google Analytics. This allows reports to be created that contain statements about the age, gender and interests of site visitors. This data comes from interest-based advertising from Google and visitor data from third-party providers. This data cannot be assigned to a specific person. You can deactivate this function at any time via the ad settings in your Google account or generally prohibit the collection of your data by Google Analytics as described in the section "Objection to data collection".

We use Google Analytics to analyze and regularly improve the use of our website. We can use the statistics obtained to improve our offer and make it more interesting for you as a user.

To protect your personal data, we have concluded an order processing agreement with Google in accordance with Art. 28 GDPR. The provider is certified in accordance with the EU-U.S. Data Privacy Framework and therefore offers an appropriate level of data protection. You can find more information about Google here:

Terms of use: http://www.google.com/analytics/terms/de.html

Privacy policy: https://policies.google.com/privacy

5.3 Google Fonts

We use GOOGLE FONTS (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland). Google Fonts are used without authentication and no cookies are sent to the Google Fonts API. If you have an account with Google, none of your Google account data will be transmitted to Google when you use Google Fonts. Google only records the use of CSS and the fonts used and stores this data securely. Google Fonts is certified with the "Data Privacy Framework" and thus guarantees a legally secure transfer of data. You can find out more about these and other questions at https://developers.google.com/fonts/faq

You can find out which data is collected by Google and what this data is used for here https://policies.google.com/privacy

5.4 Google reCaptcha

We use the reCAPTCHA function from GOOGLE (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) on our website. We use this function on pages with (contact) forms to protect them from automated access (e.g. by so-called "bots"). By integrating reCAPTCHA, personal data (e.g. IP address) can be collected by Google to find out whether the request really comes from a human being. The data processing is carried out on the basis of our legitimate interests, namely our interest in the security of our website and the defense against automated access within the meaning of Art. 6 para. 1 lit. f) GDPR. The provider is certified in accordance with the EU-U.S. Data Privacy Framework and therefore offers an appropriate level of data protection. Detailed information on data protection in connection with the use of Google reCAPTCHA can be found here https://policies.google.com/privacy

5.5 Google Adwords Remarketing / Google Tag Manager

We use Google Remarketing Tags. These are services provided by GOOGLE (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland). Google uses cookies, which are stored on your computer and enable your use of the website to be analyzed. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. The IP address is then shortened by Google by the last three digits, so that a clear assignment of the IP address is no longer possible. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. Third-party providers, including Google, place advertisements on websites on the Internet. Third-party providers, including Google, use stored cookies to place ads based on a user's previous visits to this website. Google will not associate your IP address with any other data held by Google. You can object to the collection and storage of data at any time with effect for the future. You can deactivate the use of cookies by Google by visiting the page for deactivating Google advertising. However, we would like to point out that in this case you may not be able to use all functions of this website to their full extent.

By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above. You can object to the collection and storage of data at any time with effect for the future. Further information on Google's provisions can be found here https://policies.google.com/privacy

Our website uses Google Tag Manager for the purpose of personalized, interest-based and location-based online advertising. The option to anonymize IP addresses is controlled by Google Tag Manager via an internal setting that is not visible in the source of this page. This internal setting is set in such a way that the required anonymization of IP addresses is achieved. The provider is certified in accordance with the EU-U.S. Data Privacy Framework and therefore offers an appropriate level of data protection.

5.6 Google Adwords Conversion Tracking

This website uses Google Conversion Tracking from GOOGLE (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland). Google Adwords places a cookie on your computer if you have reached our website via a Google ad. These cookies lose their validity after 30 days and are not used for personal identification. If the user visits certain pages of the Adwords customer's website and the cookie has not yet expired, Google and the customer can recognize that the user clicked on the ad and was redirected to this page. Each Adwords customer receives a different cookie. Cookies can therefore not be tracked via the websites of Adwords customers. The information collected using the conversion cookie is used to generate conversion statistics for Adwords customers who have opted for conversion tracking.

Adwords customers learn the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, they do not receive any information with which users can be personally identified. If you do not wish to participate in the tracking process, you can also refuse the setting of a cookie required for this - for example, by using a browser setting that generally deactivates the automatic setting of cookies. You can also deactivate cookies for conversion tracking by setting your browser to block cookies from the domain "www.googleadservices.com". The provider is certified in accordance with the EU-U.S. Data Privacy Framework and therefore offers an appropriate level of data protection.

You can find Google's privacy policy on conversion tracking at https://policies.google.com/privacy

5.7 Facebook/Meta Pixel

We use the "conversion pixel" or visitor action pixel from Facebook (Meta Plattform Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Dublin, D02x525, Ireland). By calling up this pixel from your browser, Facebook can subsequently recognize whether a Facebook ad was successful, e.g. whether it led to an online purchase. We only receive statistical data from Facebook for this purpose without reference to a specific person. This allows us to record the effectiveness of Facebook ads for statistical and market research purposes. The provider is certified in accordance with the EU-U.S. Data Privacy Framework and therefore offers an appropriate level of data protection. In particular, if you are registered with Facebook, we also refer you to their data protection information, which can be viewed at https://de-de.facebook.com/policy.php

5.8 Facebook/Meta Website Customer Audiences

We use the "Website Custom Audiences" pixel from Facebook (Meta Plattform Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Dublin, D02x525, Ireland) on our website. So-called tracking pixels are integrated on our pages. When you visit our pages, a direct connection is established between your browser and the Facebook server via the tracking pixel. Among other things, Facebook receives the information from your browser that our site has been accessed from your device. If you are a Facebook user, Facebook can assign the visit to our pages to your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by Facebook. We can only select which segments of Facebook users (such as age, interests) our advertising should be displayed to. The provider is certified in accordance with the EU-U.S. Data Privacy Framework and therefore offers an appropriate level of data protection. Further information on this can be found in Facebook's privacy policy, which can be viewed here https://de-de.facebook.com/policy.php

5.9 Shopify Analytics

Our website operator SHOPIFY (Shopify Intrenational Limited, 1-2 Victoria Buildings, Haddington Road, Dublin 4, D04 XN32, Ireland) uses its own analysis tool for the purpose of analyzing visitor flows and purchases. We have concluded a corresponding contract with the provider for commissioned data processing. They have undertaken to comply with the applicable data protection regulations. You can find Shopify's privacy policy here https://www.shopify.com/legal/privacy

5.10 Affiliate

We work together with affiliate networks. An affiliate network is an online advertising service provider and intermediary between advertisers and publishers (website operators). Publishers can enter into a partnership via the affiliate network and thus participate in special promotions. The publishers integrate an advertising medium/promotion code/hyperlink in the content on their website and thus direct the customer to our online store, for example through an editorial text.

As soon as the user makes a purchase on our website, the publisher receives a corresponding commission. Only purchase completion information such as order ID, product ID and the price of the purchased products is transmitted to the networks. No personal data is collected or transmitted.

5.11 Anytrack

We use the analytics tool ANYTRACK (AnyTrack Analytics, Inc. 2035 Sunset Lake Road, Suite B-2, Newark, Delaware 19702, USA) to recognize whether our advertisements were successful. We receive statistical data to optimize the effectiveness of our advertisements. Anytrack complies with the GDPR and is hosted in the EU, no data is transferred to the USA. Anytrack therefore offers an adequate level of data protection. Further information can be found in the provider's data protection information at the following URL: https://anytrack.io/privacy-policy

5.12 Bing Ads (Microsoft Corporation)

The website uses the remarketing function "Bing Ads" of Microsoft Corporation One Microsoft Way, Redmond, WA 98052-6399, USA. ("Microsoft Advertising"). Microsoft Bing Ads stores a cookie on your computer if you have reached our website via a Microsoft Bing ad. In this way, Microsoft Bing and we can recognize that someone has clicked on an ad, has been redirected to our website and has reached a previously determined target page (conversion page). We only learn the total number of users who clicked on a Bing ad and were then forwarded to the conversion page. No personal information about the identity of the user is disclosed.

If you do not want information about your behavior to be used by Microsoft as explained above, you can refuse the setting of a cookie required for this - for example, by setting your browser to generally deactivate the automatic setting of cookies. You can also prevent the collection of data generated by the cookie and related to your use of the website and the processing of this data by Microsoft by clicking on the following link: http://choice.microsoft.com/de-DE/opt-out to declare your objection. Further information on data protection and the cookies used by Microsoft and Bing Ads can be found on the Microsoft website at https://privacy.microsoft.com/de-de/privacystatement

6 Consent and right of revocation

6.1 If your consent is required for the processing of your data, we will only process it with your express consent.

6.2 In principle, we do not process data of minors and are not authorized to do so. By giving your consent, you confirm that you have reached the age of 14 or that you have the consent of your legal representative.

6.3 You can revoke your consent at any time at the following e-mail address: info@youlookperfect.at

In such a case, the data previously stored about you will be anonymized and subsequently only used for statistical purposes without personal reference. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

7 Your rights

7.1 You have the right to obtain information from the controller (Sandra Cornelia Milacher, info@youlookperfect.at ) about the personal data concerned at any time. Insofar as there is no statutory retention obligation, you have the right to have this data erased and to object to its processing. You also have the right to rectification of the data and to restriction of processing, to data portability and to lodge a complaint with the Austrian Data Protection Authority (Wickenburggasse 8-10, 1080 Vienna, e-mail: dsb@dsb.gv.at ). ).

7.2 Please contact us regarding your rights:

YOU LOOK PERFECT Owner Sandra Milacher

Abtsdorf 170

4864 Attersee, AUSTRIA

info@youlookperfect.at

8. change of the privacy policy

The data protection measures are always subject to technical innovations. For this reason, we ask you to inform yourself about our data protection measures at regular intervals by consulting our privacy policy.

We therefore reserve the right to update this data protection information from time to time.

If you have any questions about our products, YOU LOOK PERFECT will of course be happy to help you at any time. We hope you enjoy using our products.

Status Nov 12, 2025