Privacy Policy

We appreciate your interest in our website. Protecting your privacy is very important to us.

The following notes provide a simple overview of what happens to your personal data when you visit our website. Personal data are all data with which you can be personally identified. Detailed information on data protection can be found in our privacy policy listed below this text.

All customer data is stored and processed by les-soeurs-shop.de exclusively in compliance with the applicable data protection laws.

1. General Information

Who is responsible for data collection on this website?
The data processing on this website is carried out by the website operator. You can find their contact details in the imprint of this website.

How do we collect your data?
Your data is collected partly because you provide it to us. Other data is automatically collected by our IT systems when you visit the website. These are mainly technical data (e.g., internet browser, operating system, or time of page access). The collection of this data happens automatically as soon as you enter our website.

What do we use your data for?
Some of the data is collected to ensure error-free provision of the website. Other data may be used to analyze your user behavior.

What rights do you have regarding your data?
You have the right at any time to receive free information about the origin, recipients, and purpose of your stored personal data. You also have the right to request the correction, blocking, or deletion of this data. For this and other questions about data protection, you can contact us at any time at the address provided in the imprint. Furthermore, you have the right to file a complaint with the competent supervisory authority.

Analysis Tools and Third-Party Tools
When visiting our website and our Shopiffy shop, your browsing behavior may be statistically analyzed. This mainly happens with cookies and so-called analysis programs. The analysis of your browsing behavior is usually anonymous; the browsing behavior cannot be traced back to you. You can object to this analysis or prevent it by not using certain tools. We will inform you about the options to object in this privacy policy.

2. Data Protection

When you use this website, various personal data are collected. Personal data are data with which you can be personally identified. This privacy policy explains which data we collect and what we use them for. It also explains how and for what purpose this happens.

We point out that data transmission over the Internet (e.g., communication via email) can have security vulnerabilities. Complete protection of data from access by third parties is not possible.

Note on the responsible party
The responsible party for data processing on this website is:

Les Soeurs Shop GmbH
Managing Directors: Julia Chevalley, Jasmin Moallim
Grolmanstr. 16
10623 Berlin

Phone: +49 (0)30 54 84 45 08
E-mail: service@les-soeurs-shop.de

The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (e.g., names, email addresses, or similar).

Revocation of your consent to data processing
Many data processing operations are only possible with your explicit consent. You can revoke a previously given consent at any time. A simple notification by email to us is sufficient. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

Right to file a complaint with the competent supervisory authority
In the event of data protection violations, the affected person has the right to file a complaint with the competent supervisory authority. The competent supervisory authority for data protection matters is the state data protection officer of the federal state in which our company is based. A list of data protection officers and their contact details can be found at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

Right to data portability
You have the right to receive data that we process automatically based on your consent or in fulfillment of a contract, either to yourself or to a third party, in a common, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done if technically feasible.

Encrypted payment transactions on this website
If there is an obligation to provide us with your payment data (e.g., credit card number, etc.) after concluding a paid contract, this data is required for payment processing.

Payment transactions via common payment methods (Visa/MasterCard, direct debit) are conducted exclusively over an encrypted SSL or TLS connection. You can recognize an encrypted connection by the browser's address bar changing from "http://" to "https://" and by the lock icon in your browser bar.

In encrypted communication, your payment data that you transmit to us cannot be read by third parties.

Information, blocking, deletion
You have the right at any time under the applicable legal provisions to receive free information about your stored personal data, their origin and recipients, and the purpose of data processing, and, if applicable, a right to correction, blocking, or deletion of this data. For this purpose and for further questions on the subject of personal data, you can contact us at any time at the address given in the imprint.

Objection to advertising emails
The use of contact data published within the framework of the imprint obligation for sending unsolicited advertising and information materials is hereby objected to. The operators of the pages expressly reserve the right to take legal action in the event of unsolicited sending of advertising information, such as spam emails.

3. Data collection on our website

Cookies

The websites partially use so-called cookies. Cookies do not harm your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, effective, and secure. Cookies are small text files that are stored on your computer and saved by your browser.

Most of the cookies we use are so-called "session cookies." They are automatically deleted after your visit ends. Other cookies remain stored on your device until you delete them. These cookies allow us to recognize your browser on your next visit.

You can set your browser so that you are informed about the setting of cookies and only allow cookies on a case-by-case basis, exclude the acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when closing the browser. Disabling cookies may restrict the functionality of this website.

Cookies that are necessary for carrying out the electronic communication process or for providing certain functions you desire (e.g., shopping cart function) are stored based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in storing cookies for the technically error-free and optimized provision of its services. Other cookies (e.g., cookies for analyzing your surfing behavior) are treated separately in this privacy policy.

Server log files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

Browser type and browser version
Operating system used
Referrer URL
Hostname of the accessing computer
Time of server request
IP address
No merging of this data with other data sources takes place.

The basis for data processing is Art. 6 para. 1 lit. f GDPR, which permits the processing of data to fulfill a contract or pre-contractual measures.

Processing of data (customer and contract data)
We collect, process, and use personal data only to the extent necessary to establish, design, or change the legal relationship (master data). This is based on Art. 6 para. 1 lit. b GDPR, which permits the processing of data to fulfill a contract or pre-contractual measures. We collect, process, and use personal data about the use of our websites (usage data) only to the extent necessary to enable or bill the user for the use of the service.

The collected customer data is deleted after the order is completed or the business relationship ends. Statutory retention periods remain unaffected.

Data transmission upon conclusion of contract for online shops, merchants, and goods shipping
We only transmit personal data to third parties if this is necessary for contract processing, such as to companies responsible for delivering the goods or the credit institution responsible for payment processing. No further transmission of data takes place or only if you have expressly consented to the transmission. Your data will not be passed on to third parties without your explicit consent, for example for advertising purposes.

Les Soeurs Shop is hosted on Shopify Inc. Personal data is therefore sent to the United States to be stored on Shopify's servers. Shopify provides the online e-commerce platform for a fee. This enables the sale of goods to the customer. Customer data is stored by Shopify. This concerns both their database and the general Shopify applications. Shopify stores customer data on a secure server behind a firewall. For full transparency, les-soeurs-shop.de refers to Shopify's Privacy Policy: https://www.shopify.com/legal/privacy

The basis for data processing is Art. 6 para. 1 lit. b GDPR, which permits the processing of data to fulfill a contract or pre-contractual measures.

4. Social Media

Facebook Plugins (Like & Share Button)
Our pages include plugins from the social network Facebook, provider Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA. You can recognize the Facebook plugins by the Facebook logo or the "Like Button" ("Like") on our site. An overview of the Facebook plugins can be found here: https://developers.facebook.com/docs/plugins/.

When you visit our pages, the plugin establishes a direct connection between your browser and the Facebook server. Facebook thereby receives the information that you have visited our page with your IP address. If you click the Facebook "Like Button" while logged into your Facebook account, you can link the content of our pages on your Facebook profile. This allows Facebook to associate your visit to our pages with your user account. We point out that as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by Facebook. More information can be found in Facebook's privacy policy at: https://de-de.facebook.com/policy.php.

If you do not want Facebook to associate your visit to our pages with your Facebook user account, please log out of your Facebook user account.

Instagram Plugin
On our site, we use social plugins from the social network Instagram, which is operated by Instagram LLC, represented by Kevin Systrom and Mike Krieger, 1601 Willow Rd Menlo Park CA 94025 USA  .

When you visit a page that contains such a plugin, your browser establishes a direct connection to Pinterest's servers. The plugin transmits log data to Instagram's server in the USA. This log data may include your IP address, the addresses of websites visited that also contain Instagram features, the type and settings of your browser, the date and time of the request, your use of Instagram, and cookies.

More information about the purpose, scope, and further processing and use of data by Instagram, as well as your related rights and options to protect your privacy, can be found in Instagram's privacy policy: https://help.instagram.com/155833707900388/?helpref=hc_fnav&bc[0]=368390626577968&bc[1]=285881641526716

Pinterest Plugin

This offer uses the buttons ("Pin It") of the Pinterest service, http://pinterest.com. With the help of the buttons, users can share the provider's articles on their "Pinterest Boards."
When a user visits a website that contains a "Pin It" button, their browser establishes a direct connection with Pinterest's servers. The content of the "Pin It" button is transmitted directly from Pinterest to the user's browser. The provider therefore has no influence on the scope of the data that Pinterest collects using the "Pin It" button and informs users according to its knowledge. According to this, only the user's IP address and the URL of the respective website are transmitted, but only for the purposes of displaying the "Pin It" button and sharing the content. Further information can be found in Pinterest's privacy policy at http://pinterest.com/about/privacy/. 

5. Newsletter

Newsletter data

When subscribing to our company's newsletter, the data entered in the respective input form is transmitted to the party responsible for processing. The subscription to our newsletter is done through a so-called double opt-in process. This means you will receive an email after signing up, asking you to confirm your subscription. This confirmation is necessary to ensure that no one can subscribe using someone else's email address. When subscribing to the newsletter, the user's IP address as well as the date and time of registration are stored. This serves to prevent misuse of the services or the email address of the person concerned. The data will not be passed on to third parties. An exception exists if there is a legal obligation to disclose the data. The data is used exclusively for sending the newsletter. The subscription to the newsletter can be canceled by the person concerned at any time. Likewise, consent to the storage of personal data can be revoked at any time. For this purpose, each newsletter contains a corresponding link. The legal basis for processing the data after the user subscribes to the newsletter is, if the user has given consent, Art. 6 para. 1 lit. a) GDPR. The legal basis for sending the newsletter as a result of the sale of goods or services is § 7 para. 3 UWG.

5.1 Use of rapidmail

Description and purpose: We use rapidmail for sending newsletters. The provider is rapidmail GmbH, Wentzingerstraße 21, 79106 Freiburg, Germany. rapidmail organizes and analyzes the sending of newsletters, among other things. The data you enter for the purpose of receiving the newsletter is stored on rapidmail's servers in Germany. If you do not want analysis by rapidmail, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message. For analysis purposes, the emails sent with rapidmail contain a so-called tracking pixel that connects to rapidmail's servers when the email is opened. This allows us to determine whether a newsletter message was opened. Furthermore, with the help of rapidmail, we can determine if and which links in the newsletter message are clicked. Optionally, links in the email can be set as tracking links, which allow your clicks to be counted.

Legal basis: The legal basis for data processing is Art. 6 para. 1 lit. a) GDPR.

Recipient: The recipient of the data is rapidmail GmbH.

Transfer to third countries: No transfer of data to third countries takes place.

Duration: The data you provide to us for the purpose of the newsletter as part of your consent will be stored by us until you unsubscribe from the newsletter and will be deleted from both our servers and the servers of rapidmail after unsubscribing. Data stored for other purposes (e.g., email addresses for the member area) remain unaffected.

Right of withdrawal: You have the option to revoke your consent to data processing with effect for the future at any time. The legality of the data processing carried out up to the point of revocation remains unaffected.

Additional privacy information: For details, please refer to the data security information from rapidmail at: https://www.rapidmail.de/datensicherheit. For more information about the analysis functions of rapidmail, please see the following link: https://www.rapidmail.de/wissen-und-hilfe


6. Product Reviews / Judge.me

We use Judge.me to display and manage product reviews in our shop.

Which data is transmitted:

  • Information about your visits to product pages is transmitted to Judge.me to retrieve relevant product reviews
  • When submitting a review: review content, name (as provided), email address

Purpose of data processing:

  • Displaying product reviews for our products
  • Enabling the submission of reviews
  • Improving the transparency and information quality of our offer

Legal basis:

  • For displaying product reviews: Art. 6 para. 1 lit. f GDPR (legitimate interest). Our legitimate interest is to provide our customers with a transparent shopping experience with access to the experiences of other customers.
  • When submitting a review: Art. 6 para. 1 lit. a GDPR (your consent). Submitting a review is completely voluntary and constitutes your explicit consent to the processing of the data you provide for this purpose. You can revoke this consent at any time.

More information:

Judge.me stores data on servers in the USA. The transfer is based on EU standard contractual clauses. For more information on data protection at Judge.me, please visit: https://judge.me/privacy

7. Plugins and Tools

Google Analytics

This website uses Google Analytics, a web analytics service provided by Google Inc. ("Google"). Google Analytics uses so-called "cookies," text files that are stored on your computer and allow an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there.
If IP anonymization is activated on this website, your IP address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area beforehand. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. IP anonymization is active on this website. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, compile reports on website activity, and provide other services related to website and internet usage to the website operator.
The IP address transmitted by your browser as part of Google Analytics is not merged with other data from Google. You can prevent the storage of cookies by adjusting your browser settings; however, we point out that in this case you may not be able to use all functions of this website fully. Furthermore, you can prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) by Google, as well as the processing of this data by Google, by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.


Les-soeurs-shop.de uses the Google Remarketing feature on its website. This feature allows us to show text and display ads within the Google Content Network only to users who have previously visited the les-soeurs-shop.de website. Users can disable the use of cookies by Google by visiting the page to deactivate Google advertising.

 

8. Payment Providers

PayPal
On our website, we offer payment via PayPal, among others. The provider of this payment service is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal").

If you choose to pay via PayPal, the payment data you enter will be transmitted to PayPal.

The transmission of your data to PayPal is based on Art. 6 para. 1 lit. a GDPR (consent) and Art. 6 para. 1 lit. b GDPR (processing to fulfill a contract). You have the option to revoke your consent to data processing at any time. A revocation does not affect the legality of data processing carried out in the past.

Stripe

In our online shop, we offer payment methods that are processed through the payment service provider Stripe. The provider is Stripe Payments Europe Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland (hereinafter "Stripe").

If you select a payment method offered by Stripe, personal data will be transmitted to Stripe and processed there as part of the payment process. Depending on the payment method, this particularly includes:

  • your name

  • your address

  • your email address

  • payment information (e.g., IBAN, card number, payment amount)

  • technical transaction data (e.g., IP address, device information)

Processing is carried out for payment execution and fraud prevention in accordance with Art. 6 para. 1 lit. b GDPR (contract fulfillment) and Art. 6 para. 1 lit. f GDPR (legitimate interest in secure payment processing).

Stripe may share data with affiliated companies and service providers as far as necessary for contract fulfillment or technical processing. Stripe may also transfer data to countries outside the European Union. Stripe commits to complying with GDPR requirements and uses, among other things, current standard contractual clauses.

More information about data processing by Stripe can be found in Stripe's privacy policy at:
https://stripe.com/privacy

Klarna

We offer payment methods in our online shop that are processed via the payment service provider Klarna. The provider is Klarna Bank AB (publ), Sveavägen 46, 111 34 Stockholm, Sweden (hereinafter "Klarna").

If you select a payment method offered by Klarna (e.g., purchase on account, instant transfer, installment purchase), personal data will be transmitted to Klarna and processed there as part of the payment processing. The data processed includes in particular:

  • name

  • address

  • email address

  • phone number

  • payment information (e.g., IBAN, account number, payment amount)

  • order information (items, invoice amount, payment terms)

  • technical data (e.g., IP address, device information)

Klarna may conduct its own assessment for identity and creditworthiness checks and may obtain data from credit agencies. Data processing is carried out in accordance with Art. 6 para. 1 lit. b GDPR (contract fulfillment) and Art. 6 para. 1 lit. f GDPR (legitimate interest in secure and smooth payment processing).

Klarna may share data with affiliated companies and service providers as far as necessary for contract fulfillment or technical processing. Data may also be transferred to countries outside the European Union. Klarna ensures compliance with the GDPR, including through appropriate safeguards such as standard contractual clauses.

More information about data processing by Klarna can be found in Klarna's privacy policy at:
https://www.klarna.com/de/datenschutz/