DATA PROTECTION DECLARATION

Status July 01, 2019

General Information

Responsible according to Art. 4 para. 7 EU Data Protection Basic Regulation (DSGVO):

Lara Lici e.U.

Proprietor: Larissa Cuturi
Stiftgasse 19/7
1070 Vienna – Austria

E-mail: office@laralici.com

Our website uses SSL encryption to protect your data. You can recognize this encryption on every page by the small lock symbol in the browser line.

We use a third party provider to host and display our website. All collected data described in the following will be stored and processed on the servers of this third party provider. Their software enables us to present our products in an appealing way, to take your orders, to overview and process all orders. They are therefore the recipients of your data and therefore act on our behalf. It has its headquarters in Europe.

We also use a third party supplier for our webshop. This company is based in the USA and is obliged to comply with the Privacy Shield Agreement.

The protection of your personal data and your privacy is a central concern for us. We, Lara Lici e.U., Stiftgasse 19/7, 1070 Vienna, therefore process your personal data exclusively on the basis of the statutory provisions, including the EU Data Protection Basic Regulation (hereinafter “DSGVO”), the Data Protection Act 2018, the Telecommunications Act 2003 (hereinafter “TKG 2003”), and take all technical and organisational measures to ensure an appropriate level of security.

In this data protection declaration we inform you how customer and user data is collected, evaluated and used.

User data is data that is collected on an anonymous basis in the course of using our website and whose collection is not required by law to operate our web shop.

Customer data in the sense of this data protection regulation is personal data that must be collected due to legal regulations and without which the operation of our web shop would not be legally possible.

If you have any questions concerning the protection and security of your customer and user data or if you want to register and assert claims and rights, please contact us: Lara Lici e.U., Stiftgasse 19/7, A-1070, Email: office@laralici.com, subject: data protection.

User data

In the course of using the website, user data is collected and processed by us for the purposes of smooth operation of the website and the content and offers contained therein, for analytical purposes with the aim of optimising offers and quality assurance, avoiding and eliminating operating errors, as well as for targeted communication with users and for retargeting purposes. This is always done on an anonymous basis. Nevertheless, the possibility of an individual personal reference cannot be completely excluded. In addition to the IP address, information on the operating system, browser, device name and version, CPU version, names of the files called up as well as the date and time of the call, the amount of data and URL references, any error messages and information on error causes (e.g. battery status of the device in the event of an unintentional service interruption, currently available RAM size etc.) can be collected, stored and evaluated within the scope of using the website.

The collection and processing of this data is necessary in order to be able to offer the service and content on our website.

Customer data

Customer data is personal data (i.e. all data that contains details about personal or factual circumstances, such as name, address, telephone number, e-mail address or other personal data) that you submit to us electronically via a form on this website. This data will be stored by us together with the time and IP address and will only be used for the specified purpose, stored securely and only passed on to third parties for legally compelling reasons.

We therefore use your customer data only for communication with those visitors who expressly wish to contact us and for processing the services and products offered on this website. We do not pass on this data without your consent, but we cannot rule out the possibility that this data may be viewed in the event of unlawful conduct.

If you send us personal data by e-mail – i.e. outside of this website – we cannot guarantee secure transmission and protection of your data. We therefore recommend that confidential data never be transmitted unencrypted by e-mail.

Disclosure of customer data to third parties

We do not pass on the customer data provided during the ordering process to third parties. Excluded from this are the service providers we use to fulfil the contractual relationship and to whom we make data available. Your data will only be forwarded on the basis of the DSGVO, in particular for the fulfilment of your order or on the basis of your prior consent.

We use the following service providers or categories of service providers to fulfil the contractual relationship, unless other service providers are listed under the individual points: IT service providers, logistics companies, payment service providers, newsletter service providers.

External Payment Service Providers

We use external service providers to handle the payment process in our online shop. Payment transactions via our online shop are processed by these external service providers. Here are some examples and a link to the corresponding data protection declaration:

– mPAY24: https://www.mpay24.com/web/datenschutz/

– Paypal: http://www.paypal.com/at/webapps/mpp/ua/privacy-full

– Visa: http://www.visaeurope.at/datenschutz

– Mastercard: mastercard.at/en-at/privacy.html

The payment service providers process various data for payment processing. This includes, for example, name, address and bank data (account and/or credit card number, passwords, TANs, check numbers). These data must be processed for smooth payment processing. However, the data is only processed by the payment service provider. At no time will we be given account or credit card-related information, but we will only be informed whether the respective payment has been made or cancelled. Please note the respective terms and conditions and data protection regulations of the respective payment service providers. If you require further information or wish to exercise your rights, please contact the respective payment service provider directly.

Use of cookies for analysis purposes of user data

Cookies are small text files that are automatically placed on the user’s PC or mobile device when a user visits the website. Cookies allow you to determine whether a user has already visited the website. Cookies help to understand user behavior on the Site and enable the use of the Site to be optimized for the user. Cookies can also be used to ensure that the content displayed is relevant to the user.

We will not use cookies that personally identify a user of the website. However, information from different cookies can be combined. Cookies on the Website may be either “permanent” or “temporary” in nature. A persistent cookie remains stored on your device until its expiration date or until it is deleted. Temporary cookies are deleted after closing the web browser.

The cookies we use when operating the website can be divided into two groups:

  1. Performance cookies: performance cookies collect and store information about the use of the website. Among other things, they store information associated with the user name. We also use cookies, which allow us to collect information for general use of the site. We use this data to further improve the usability of the website.
  2. Functionality cookies: these cookies allow us to tailor the website to the needs of users. By using our website, you agree to the use of cookies. In this context, user data can also be transferred to servers in the USA. You can prevent cookies from being set by adjusting your browser settings. However, we would like to point out that in this case not all functions of the website can be fully usable.

Use of Google Analytics for the analysis of user data

We use Google Analytics, a web analysis service provided by Google Inc. (“Google”). The information generated by cookies is transferred to a Google server and stored there. Google uses this information for the purpose of evaluating your use of the website, compiling reports on website activity for us and providing other services relating to website activity and internet usage. You can deactivate these cookies in the user settings of the web browser. By using the website, you consent to the collection, storage, disclosure and processing of your user data by means of Google Analytics and the disclosure of this data to other contractual and business partners to the extent described. The information collected in this way is not linked in the analysis software with personal information of Lara Lici customers.

In this context, user data may also be transferred to servers in the USA. Further information on Google Analytics can be found at https://www.google.com/analytics/. The current version of Google’s data protection policy can be found at https://policies.google.com.

Use of Google Recaptcha to protect against bots or spam software

We use Google reCAPTCHA (“reCAPTCHA”), the company Google Inc, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. reCAPTCHA is a free captcha service from Google that protects websites from spam software and abuse by non-human visitors. This service is most commonly used when you fill out forms on the Internet. This is also the case with our contact form and when you log in to your customer account.

Our primary goal is to ensure that our website is as safe and secure as possible for you and for us. With reCAPTCHA we can determine whether you are really a human being and not a robot or other spam software. By spam we mean any unsolicited information sent to us by electronic means. With reCAPTCHA a JavaScript element is integrated into the source code and then the tool runs in the background and analyzes your user behavior. From these user actions the software calculates a so-called Captcha-Score. Google uses this score to calculate the probability that you are a human being even before you enter the captcha.

Further information about the reCAPTCHA can be found under the following link: https://www.google.com/recaptcha/intro/v3.html. The privacy policy of Google can be found in the current version at https://policies.google.com.

Our Social Media Channels

We are active on Facebook, Instagram and Pinterest and try to stay in touch with our customers, interested parties and users and inform them about our offers. As soon as you access the respective network or platform, the terms and conditions and privacy policies of the respective operators apply.

Unless we indicate otherwise, we process your data when you communicate with us there, e.g. when you write articles or send us messages.

The following links will take you to the pages of the respective social media services, where we explain how they handle your data:

– Instagram Privacy Policy: https://help.instagram.com/519522125107875

– Facebook privacy policy: https://www.facebook.com/about/privacy

– Pinterest Privacy Policy: https://policy.pinterest.com/de/privacy-policy

Embedded Social Media Elements

We integrate elements of social media services on our website to display images, videos and text. When you visit pages that display these elements, data is transferred from your browser to the respective social media service and stored there. We have no access to this data

Integration of Facebook Social Plugins

Our website uses social plugins (“plugins”) of the social network facebook.com, which is operated by Facebook Inc. 1601 S. California Ave, Palo Alto, CA 94304, USA. These plugins are marked with a Facebook logo or the addition “Facebook Social Plugin”. When you call up our website, the browser establishes a direct connection with the Facebook servers. The content of the plugin is transmitted by Facebook directly to the browser in use and integrated by it into the website. By integrating the plugins, Facebook receives the information that you have called up the website. If you are logged into Facebook at the same time, Facebook can assign the visit to your Facebook account. If you interact with the plugins, for example, by clicking the “Like” button, the corresponding information is transmitted directly from your browser to Facebook and stored there. The purpose and scope of the data collection and the further processing and use of the data by Facebook, as well as the relevant rights and setting options for protecting your privacy, can be found in the Facebook privacy policy. If you do not want Facebook to collect your data via the website, you must log out of Facebook before each visit to the website.

By using the website, you agree to the integration of Facebook social plugins and the associated collection, storage, transfer and processing of user data as well as the transfer of such data to other contractual and business partners to the extent described. The information collected in this way is not linked in the analysis software with personal information of Lara Lici customers. In this context, user data may also be transferred to servers in the USA. Facebook is certified under the Privacy Shields Agreement. Further information on Facebook social plugins can be found at https://developers.facebook.com/docs/plugins/.

Integration of Facebook Pixel Plugins

Our website uses the so-called Facebook Pixel Plugin (“Facebook Pixel”) of the social network facebook.com, which is operated by Facebook Inc. 1601 S. California Ave, Palo Alto, CA 94304, USA. Through the Facebook pixel used by us, Facebook can determine the visitors of our online offer as a target group for the display of ads (so-called “Facebook ads”).

This enables us to display the Facebook ads we have placed only to Facebook users who have also shown an interest in our online offering or who exhibit certain characteristics (e.g. interests in certain products determined on the basis of the websites visited) that we transmit to Facebook (so-called “custom audiences”). This enables us to ensure that Facebook ads are only displayed to users who have a potential interest in them. With the help of the Facebook pixel, we can also track the effectiveness of Facebook ads for statistical and market research purposes by seeing whether users have been redirected to our website after clicking on a Facebook ad (so-called “conversion”).

When you visit our website, the browser establishes a direct connection with the Facebook servers. The content of the plugin is transmitted by Facebook directly to the browser in use and integrated by it into the website. By integrating the plugins, Facebook receives the information that you have called up the website. If you are logged into Facebook at the same time, Facebook can assign the visit to your Facebook account. If you interact with the plugins, for example, by clicking the “Like” button, the corresponding information is transmitted directly from your browser to Facebook and stored there. The purpose and scope of the data collection and the further processing and use of the data by Facebook, as well as the relevant rights and setting options for protecting your privacy, can be found in the Facebook privacy policy. If you do not want Facebook to collect your data via the website, you must log out of Facebook before each visit to the website.

By using the website, you agree to the integration of Facebook pixels and the associated collection, storage, transfer and processing of user data and its transfer to other contractual and business partners to the extent described. The information collected in this way is not linked in the analysis software with personal information of Lara Lici customers. In this context, user data may also be transferred to servers in the USA. Facebook is certified under the Privacy Shields Agreement. Further information on Facebook social plugins can be found at https://developers.facebook.com/docs/plugins/. Information about Facebook pixels can be found at https://www.facebook.com/business/help/651294705016616.

Integration of Instagram Plugins

Our site also uses Instagram social plugins, which are operated by Instagram LLC, 1601 Willow Road, Menlo Park, CA 94025, USA (“Instagram”). The plugins are marked with an Instagram logo, for example in the form of an “Instagram Camera”. An overview of the Instagram plugins and their appearance can be found here: http://blog.instagram.com/post/36222022872/introducing-instagram-badges.

When you visit a page on our website that contains such a plugin, your browser will connect directly to the Instagram servers. The content of the plugin is transmitted by Instagram directly to your browser and integrated into the page. Through this integration, Instagram receives the information that your browser has called the corresponding page of our website, even if you do not have an Instagram profile or are not currently logged in to Instagram. This information (including your IP address) is transmitted by your browser directly to an Instagram server in the USA and stored there.

If you are logged in to Instagram, Instagram can immediately associate your visit to our website with your Instagram account. When you interact with the plugins, for example by clicking the “Instagram” button, this information is also sent directly to an Instagram server and stored there. The information is also published to your Instagram account and displayed to your contacts.

Instagram is certified under the Privacy Shields Agreement. For the purpose and scope of data collection and further processing and use of the data by Instagram, as well as your rights and privacy preferences, please refer to Instagram’s Privacy Notice: https://help.instagram.com/155833707900388/.

If you do not want Instagram to associate the information collected through our website directly with your Instagram account, you must log out of Instagram before visiting our website. You can also completely prevent Instagram plugins from loading with add-ons for your browser, e.g. with the script blocker “NoScript” (http://noscript.net/).

Integration of Pinterest Plugins

Our website also uses Pinterest’s social plugins, which are operated by Pinterest Inc.,808 Brannan Street, San Francisco, CA 94103, USA. (“Pinterest”). The plugins are marked with a Pinterest logo, for example in the form of the Pinterest-P.

If you are logged in at Pinterest, Pinterest can directly assign the visit of our website to your Pinterest account. When you interact with the plugins, for example by clicking the “Pinterest” button to pin, this information is also sent directly to a Pinterest server and stored there. The information is also published on your Pinterest wall and displayed to your contacts.

Pinterest is certified under the Privacy Shields Agreement. For the purpose and scope of data collection and the further processing and use of the data by Pinterest, as well as your rights and options to protect your privacy, please refer to Pinterest’s Privacy Policy: https://policy.pinterest.com/de/privacy-policy.

Newsletter

You can subscribe to our newsletter via our website and Facebook. We require your email address, name and confirmation that you agree to receive our newsletter. We will not be able to send you a newsletter without this information.

We use a double opt-in process: once you have subscribed to the newsletter, you will receive a confirmation email with a link to verify your subscription. With this you can confirm your consent to the newsletter again. You can also unsubscribe from the newsletter at any time. At the bottom of each newsletter you will find a link (“unsubscribe” or “unsubscribe”) where you can unsubscribe from the newsletter.

To send e-mails to the e-mail address you provide and to use for verifiable communication with you, we use software from The Rocket Science Group, LLC, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308 USA (hereinafter “MAILCHIMP”). MAILCHIMP is located in the USA and is obliged to comply with the Privacy Shield Agreement.

The e-mail addresses transmitted to MAILCHIMP will only be used for the contractually agreed purposes; no further data from you, including data which could connect an e-mail address with you as a customer, will be transmitted to MAILCHIMP. We have convinced ourselves of the reliability of MAILCHIMP before signing the contract.

Legal basis for the storage of your data for the newsletter is your consent (Art 6Abs 1 lit a (consent) of the DSGVO). The following link leads you to the privacy policy of MAILCHIMP where it is explained how they handle your data: https://mailchimp.com/legal/data-processing-addendum/.

Until you withdraw your consent to the newsletter (unsubscribe from the newsletter), your data will be stored for the purpose of sending newsletters (for direct marketing via email). As soon as you unsubscribe from the newsletter, your data will be completely deleted for this purpose within two weeks.

Data security

Your personal data will be protected by appropriate organisational and technical precautions. These precautions relate in particular to protection against unauthorised, illegal or accidental access, processing, loss, use and manipulation.

Irrespective of our efforts to maintain a reasonably high level of due diligence at all times, it cannot be ruled out that information that you disclose to us via the Internet may be viewed and used by other persons.

Please note that we therefore accept no liability whatsoever for the disclosure of information due to errors in data transmission not caused by us and/or unauthorised access by third parties (e.g. hacking of email accounts or telephone, interception of faxes).

Retention of data

We will not store data for longer than is necessary to fulfil our contractual or legal obligations and to ward off any liability claims.

Here is a small note: Please always keep your computer safe from unauthorized access by third parties; use passwords that meet a high security standard; do not leave your computer to third parties and do not pass on passwords. Use an up-to-date firewall and virus protection program and only visit websites from authentic and reputable providers. Pay attention to the authenticity and seriousness of (pishing) e-mails addressed to you and never pass on passwords or access data to third parties.

Deletion of customer data

We delete customer data, which are stored with us within the legally prescribed period. If there is a legal obligation to retain data, the data will only be deleted after this period has expired. This data is blocked internally for further use.

If you no longer wish your customer data to be stored, you can also request the deletion of the customer data stored with us at any time by writing to the above (email) address. We will then delete all customer data stored by us, unless we are obliged to continue storing customer data due to legal regulations. In such a case we will inform you that your customer data will continue to be stored by us. We cannot accept responsibility for the deletion of your customer data by third parties to whom we have passed on data for the fulfilment of the contract.

Right of Information

On request, we will provide you with comprehensive information on all data we have stored about you within the legally standardised period. This information includes, among other things, the purpose of processing, the categories of personal data and the recipients or categories of recipients.

Right of data transfer

You have the right, as far as this is technically possible, to have all data stored by us about you transferred to another company.

Right to Objection

You have the right to object to the processing of your data if the processing serves direct marketing purposes. If we process your data for legitimate purposes, dz also has the right to object if reasons arise from your particular situation.

Correction

If you find that we use customer and/or user data without your consent, or if we violate any law or in the event that customer or user data is incorrect, you can contact us at any time at the above contact addresses and request the correction of the data. We will comply with this request in due time and correct the data, provided that there are no legitimate interests on our part or legal obligations to the contrary.

Declaration of consent and authorisation

Users of our website and our web shop agree with the beginning of the use that your user data will be processed within the scope of this privacy policy.

By giving your consent within the registration process, you give your express consent to the processing, storage and forwarding of your customer data for the purposes and to the extent stated. You hereby give your express consent to the economic use of your customer and/or user data and waive any claim to monetary compensation or settlement for this use. You acknowledge that a technical distinction between users among themselves and between users and customers is not possible. If you, as a user or customer, do not agree to the use of data as explained in this privacy policy, you can neither use our website nor our web shop. If you wish to avoid the use of data, you may no longer call up the website or order via our web shop.

Right of revocation

You have the possibility to revoke the given consent at any time in writing by e-mail to the above-mentioned address.

Possibility of complaint

If you wish to file and assert claims and rights and do not wish to contact us directly, you can also submit your concerns or complaint to the ombudsman of the data protection authority. A form can be found on the Data Protection Authority’s website at the following link: https://www.dsb.gv.at.