Privacy Statement
1. Provider of the Privacy Statement
Ralph Leonhardt, Barigerstr. 3, 35799 Merenberg. Here you can print the .2. Definition
- buenoo Online-Plattform buenoo.com and Subplattforms beauty.buenoo.com, m.beauty.buenoo.com, sport.buenoo.com, m.sport.buenoo.com, market.buenoo.com, m.market.buenoo.com, ssl.buenoo.com, m.ssl.buenoo.com referred to as "platform".
- The contracting party that provides this Privace Statement to the other party is here referred to as the "provider". Ralph Leonhardt, Barigerstr. 3, 35799 Merenberg is referred to as "provider".
- Private persons which are older then 18 years old (consumers in the sense of ยง 13 BGB) are referred to as "users".
- Companies, enterprises, organizations and commercial providers who use the buenoo "platform" to publish information, arrange appointments, buy or sell services and products are referred to as "business users".
- The password-protected and secure area on the buenoo "platform" where the "user" and "business users" creates a profile and defines settings is called "user account".
3. Purpose and scope of the privacy statement
- This privacy policy explains how the "provider" receives, collects, uses, stores, processes, discloses and deletes personal information from the "users" and "business users" or from authorized third parties.
- This privacy policy also defines the rights of the "users" and "business users" with regard to the personal data.
4. Obligation to inform about elicitation when collecting personal data
If the "provider" will collect or process personal data from the "users", "business users", following information will be provided to the affected persons at the time of data collection:- The purpose of the collection and processing of personal data which can be found in points 5, 6, 7.
- Legal basis of the processing of personal data which can be found under point 8.
- Storage period of the personal data which can be found under point 9.
- Access to the personal data which can be found under point 10.
- Other important data protection information which can be found under point 13.
- The responsible person for the data is the data protection officer - Ralph Leonhardt. Contact Details of the data protection officer can be found under point 14.
- All other details that have been defined for personal data according to the GDPR are explained in this privacy policy in the points listed below.
5. General principles governing the processing of personal data
Personal data will be collected, stored, processed and transmitted in accordance with the guidelines established by the "provider" and the applicable local and international laws, rules and regulations. The principles relating to the processing of personal data are:- Personal data will be processed fairly and lawfully by the "provider";
- Personal data are collected by the "provider" for specific, explicit and legitimate purposes and are not further processed for incompatible purposes;
- Personal data collected from the "provider" are adequate, relevant and not excessive in relation to the purposes for which they are collected;
- Personal data collected by the "provider" are correct and will be kept as up to date as possible when necessary;
- Personal data is protected against unauthorized access and unauthorized processing by appropriate technical and organizational security measures and controls;
- Personal data collected by the "provider" will not be kept as identifiable data for longer than necessary to serve the purposes for which the personal data was collected.
6. Collection of information
- The "provider" may collect personal data from a variety of sources as "users", "business users", other users, customers, service providers, third parties, subsidiaries and through the operation of the "platform".
Personal data are defined as information that can be directly or indirectly traced back to a person. The personal data collected by the "provider" are:
- Company name and precise contact information, website
- First and last name; sex
- Orders and their billing or delivery addresses;
- Payment information.
- VAT number or EU TAX ID;
- E-mail addresses
- Telephone number
- purchase information and history
- Curriculum vitae or professional information;
- Combination of user name and password used to access the website.
- The "provider" collects personal data as follows:
- Information provided voluntarily. The "provider" may collect personal information directly from the "users" if it is provided voluntarily. This may be done by telephone, via the website, e-mail, online chat, webform, or online account registration to access offers, register for an event or training, purchase a product or service, ask questions, solve problems related to the website or offers, submit an application, or provide feedback and comments.
- Information which are collected automatically:
- Information from devices visited the "platform". In some countries, including countries of the European Union, this information may be considered as personal data under applicable data protection laws.
- Information such as IP address, device type, browser type, geographic location (such as country or city).
- The "provider" can:
- Collect information about how the device interacts with the "platform", including page views and links.
- Collect information using cookies and similar tracking technologies, as explained under the heading "Cookies and other site usage information".
- Personal data received from third parties which contains information about "users" and "business users" and who have the right or the obligation to provide personal data.
- Obtain personal data from publicly available sources such as open government databases or other publicly available data.
- Save personal data about login time, login frequency, IP address and parts of the userAgent data (digital information about which browser and which operating system the user is using) for performance optimization.
- The use of the "platform" except for the password protected area is anonymously possible.
7. Purpose and use of personal data and information
- The "provider" uses personal data for "platform" operations, to create offers, improvement of the offers and the personalization of the experiences.
- The "provider" can also use data to communicate with the "users" and "business users", for example to inform about the accounts, products, services, dates.
- The "provider" may use personal data for a variety of purposes, including to:
- Provide, maintain and improve the "platform" and offers, including the operation of certain functions and features of the "platform";
- Understand "users" and "business users" preferences to improve the usability of the "platform" and its associated companies, contractors and business partners;
- Research and analysis of the effectiveness of the "platform" and the marketing, advertising and sales efforts of the "providers" and subsidiaries, contractors and business partners;
- Receiving claims from "users" and "business users";
- Process orders and payments via the "platform";
- Development of additional offers;
- Edit applications.
- Comply with legal obligations or respond to legitimate requests from authorities (including national security or law enforcement requirements);
- Management of daily business requirements;
- Enforce compliance with the terms of use and applicable law;
- Court, arbitration tribunal or similar court proceedings and/or to defend;
- Communications, newsletters, promotions and special offers or information about new products, services, dates according to your marketing preferences. "Users" and "business users" can unsubscribe marketing communications by clicking on "unsubscribe" at the bottom of the email or by contacting the "provider" via the contact details below;
- Communicate by phone, respond to customer service requests or comments via the "platform", social media or otherwise, discuss account or "platform" related issues and provide customer support;
- Advertising, including assisting advertisers and publishers to place and manage ads on the "platform" or on third party websites, and to customize ads based on "users" interests and browsing history;
- Aggregated statistics on the operation and use of the "platform" to better understand the preferences of visitors to our "platform";
- Carry out other legitimate business purposes of which "users" and "business users" will be informed upon request.
8. Legal base for the processing of personal data
- The legal base for the collection and use of the personal data depends on the personal data concerned and the specific context in which the "provider" collects them.
In general, the "provider" collects only personal data from the "users" and "business users":
- in case the "provider" needs the personal data to conclude a contract (e.g. to fulfil your purchase of an offer);
- in the event that the processing is in the legitimate interest of the "provider" and is not invalidated by your rights;
- in case the "provider" has your consent. In some cases, the "provider" is also legally obliged to collect personal data, or the "provider" otherwise needs the personal data to protect vital interests or those of another person.
- "Users" and "business users" may at any time disagree the processing of the personal data, restrict, delete or request the portability of the personal data.
- "Users" and "business users" have the right to refuse marketing communication at any time. "Users" and "business users" may use this right by clicking on the "unsubscribe" button or the "unsubscribe" link in the marketing emails sent. To opt-out of other forms of marketing (e.g., postmarketing or telemarketing), contact the "provider" via the contact information below;
- If the "provider" collects and processes personal data with the consent of the "users" and "business users", "users" and "business users" revoke the consent at any time. Revocation of consent shall not affect the lawfulness of any processing carried out prior to revocation, nor the processing of personal data carried out with consent in reliance on other lawful grounds for processing;
- "Users" and "business users" have the right to lodge a complaint with a data protection authority about the collection and use of personal data, for further information please contact your local data protection authority. We will be happy to answer all enquiries from "users" and "business users" who wish to exercise their data protection rights in accordance with the applicable data protection laws.
9. Storage period of personal data
- The "provider" will store personal data in accordance with the applicable law only as long as there is a continuing legitimate business need to do so, for example, to present or provide information or offers to "users" and "business providers" or to comply with applicable legal, tax or accounting requirements.
10. Access to personal data
- Only authorized persons from the "provider" and "business user" have access to personal data.
- "Users" and "business users" can have access, correct, update or remove their personal data. If requested, the data protection officer can be contacted.
11. Exchange of information
- The "provider" pass personal data of the "users" and "business users" if necessary in order to complete a transaction, to submit offers that the "users" and "business users" have requested or approved.
- The "provider" also discloses personal information to third parties, affiliates and business entities when required to do so by law or in response to legal process, in order to protect "users" and "business users", safeguard lives, ensure security and protect the rights or property of "provider".
- The "provider" may disclose personal data as follows:
- Subsidiaries and business units. The "provider" may transfer personal data to the subsidiaries, provided that the use of the personal data remains subject to the applicable law.
- Law enforcement and security. The "provider" may disclose personal information to appropriate law enforcement agencies, regulatory authorities, government agencies, courts, other government officials, or other third parties if the "provider" believes that disclosure is necessary:
- within the framework of applicable laws or regulations;
- to exercise, establish or defend legal rights
- to protect the interests of the users.
- Sale or purchase of assets. When the "provider" transfers ownership or control of any part of the "platform" to an actual or potential buyer, whether it is a takeover, merger, reorganisation or other disposition of all or part of the business, assets or shares (whether in bankruptcy or similar proceedings) the "provider" may transfer personal data from "user" to this actual or potential purchaser, provided that the use of the personal data by this third party remains subject to applicable law.
12. Cookies and other site usage information
- The "provider" may automatically collect information about how "users" and "business users" access, use and interact with the "platform" via cookies.
- A cookie is a small text file that is stored on a user's device. Cookies allow information such as time spent on the "platform", pages visited and language settings. The "provider" uses the information for security purposes to facilitate navigation, display information more effectively and improve the customer experience.
In general, the cookies used on the "platform" can be divided into the following categories:
- Necessary cookies and actual used. These cookies are necessary for the technical operation of the "platform".
- Analytical/Performance Cookies. Not set. These cookies are used to analyze how the "platform" is used.
- Functional/tracking cookies. Not set. These cookies enable the "provider" to recognize returning visitors to the "platform".
- Cookies can also be divided into cookies that are used during each visit "in-session" (these expire when you leave the "platform" or shortly after) and cookies that are stored for a certain period of time and are not deleted when the browser is closed.
- The "users" and "business users" can choose whether to accept or reject the cookies. Most web browsers automatically accept cookies. "Users" and "business users" can usually change the browser settings to reject cookies if requested. If "users" and "business users" prefer not to accept cookies, this can be set in most browsers. However, please note that if cookies are disabled or rejected, some features and services may not work.
13. Other important privacy information
- The "provider" use appropriate technical and organizational controls and measures to protect the personal data against unauthorized loss, misuse and disclosure, such as strong user access controls, segmented network architecture and comprehensive employee policies and training.
- No data transmitted or accessible via the Internet can be guaranteed to be 100% secure. The "provider" tries to protect all personal data, it cannot be guaranteed that personal data is fully protected against misuse by hackers or other nefarious or criminal activities or in the event of a failure of computer hardware, software or a telecommunications network.
- The "provider" will inform the "user" if the "provider" has knowledge of any breach of security that affects personal data (as defined by applicable foreign, federal, state and local laws) that has been stored in accordance with applicable laws.
- The "provider" use servers located in Germany for the "platform". Subsidiaries, third party providers and partners are active in Europe. This means that European data protection legislation applies to the collection of personal data processed by the "User".
- Unless the "User" explicitly requests it, do not send or transmit sensitive personal data (for example information on racial or ethnic origin, political opinions, religion or other beliefs, health, criminal background or trade union membership) via the "Platform". If the "user" asks you to provide sensitive personal data, we will do so with your express consent.
- Third party websites. The "Platform" may not only provide access to offers, but may also contain links to other websites and web services. This Privacy Policy does NOT apply to these websites and services and the privacy practices of these websites and services may differ from those described in this Privacy Policy. The "provider" recommends that the "users" and "business users" read carefully the privacy policy of any website or web service that may be accessed by the "user" from the visit.
- Compliance. The "provider" uses a self-assessment approach to review compliance with this Privacy Policy and to periodically check that the Privacy Policy is accurate and comprehensive for the information, that it is covered, prominently displayed, implemented and accessible.
- Changes. The "provider" may revise this privacy policy from time to time at its sole and absolute discretion to reflect changes in business practices. If the "provider" revises this privacy policy, the "provider" will notify you by posting the updated privacy policy on this website or by sending you an e-mail notification.
- Changes to the privacy policy will take effect and will apply to information collected by us from the date the revised privacy policy is posted on the "platform". If the "provider" need to obtain your consent to changes in the use of your personal information as described in our updated Privacy Policy by applicable data protection laws, the "provider" will do so.
14. Contact
If you have any questions or concerns about this privacy statement, the collection or use of personal information, or if you wish to access your personal information, please contact us at: privacy@buenoo.comThe data protection officer is Ralph Leonhardt and can be reached at privacy@buenoo.com.