top of page

Privacy Policy

We (“we”, “us”, “our”) take the protection of the data of users (“users” or “you”) of our website and/or our mobile app (the “Website” and the “Mobile App”) very seriously and are committed to protecting the information that users provide to us in connection with their use of our website and/or our mobile app (together: “digital assets”). We are also committed to protecting and using your data in accordance with applicable law.

This Privacy Policy explains our practices regarding the collection, use and disclosure of your data through your use of our digital assets (the “Services”) when you access the Services via your devices.

Please read this Privacy Policy carefully and ensure that you fully understand our practices regarding your data before using our Services. If you have read and fully understood this policy and do not agree with our practices, you must cease using our digital assets and Services. By using our Services, you acknowledge the terms of this Privacy Policy. Continued use of the Services constitutes your acceptance of this Privacy Policy and any amendments thereto.

In this Privacy Policy you will learn:

  • How we collect data

  • What data we collect

  • Why we collect this data

  • To whom we disclose the data

  • Where the data is stored

  • How long the data is retained

  • How we protect the data

  • How we handle minors

  • Updates or changes to this Privacy Policy

What data do we collect?

Below is an overview of the data we may collect:

Non-personally identifiable information

Non-identified and non-identifiable information that you provide during the registration process or that is collected through the use of our Services (“Non-Personal Data”). Non-Personal Data does not allow conclusions to be drawn about the individual from whom it was collected. Non-Personal Data consists primarily of technical and aggregated usage information.

Personally identifiable information

Personally identifiable information—i.e., any information that can be used to identify you or that could reasonably be used to identify you (“Personal Data”). Personal Data that we collect through our Services may include information requested from time to time, such as names, email addresses, addresses, phone numbers, IP addresses, and more. If we combine personal data with non-personal data, the combined information will be treated as Personal Data for as long as it remains combined.

How do we collect data?

Below are the main methods we use to collect data:

  • Through your use of our Services: When you visit our digital assets and use our Services, we may collect, record and store usage sessions and related information.

  • Data you provide to us directly: For example, when you contact us via a communication channel (e.g. by email with a comment or feedback).

  • Data collected from third-party sources, as described below.

  • Data provided when logging in via a third-party provider such as Facebook or Google.

Why do we collect this data?

We may use your data for the following purposes:

  • To provide and operate our Services

  • To further develop, customise and improve our Services

  • To respond to your feedback, inquiries and requests and to provide assistance

  • To analyse request and usage patterns

  • For internal, statistical and research purposes

  • To enhance our data security and fraud prevention capabilities

  • To investigate violations and enforce our terms and policies and to comply with applicable law, regulations or governmental orders

  • To send you updates, news, promotional materials and other information related to our Services. For promotional emails, you may choose whether to continue receiving them. If not, simply click the unsubscribe link in those emails.

To whom do we disclose this data?

We may share your data with our service providers to operate our Services (e.g. storing data via third-party hosting services, providing technical support, etc.).

We may also disclose your data in the following circumstances:
(i) to investigate, detect, prevent or address unlawful activities or other misconduct;
(ii) to establish or exercise our rights of defense;
(iii) to protect our rights, property or personal safety as well as the safety of our users or the public;
(iv) in the event of a change of control in our company or one of our affiliates (e.g. through merger, acquisition or purchase of all or substantially all assets);
(v) to collect, hold and/or manage your data through authorized third-party providers (e.g. cloud service providers) as reasonably necessary for business purposes;
(vi) to work jointly with third-party providers to improve your user experience.

For the avoidance of doubt, we may transfer or otherwise use non-personal data at our sole discretion.

Cookies and Similar Technologies

When you visit or access our Services, we authorize third parties to use web beacons, cookies, pixel tags, scripts and other technologies and analytics services (“Tracking Technologies”). These technologies may enable third parties to automatically collect your data to enhance your navigation experience, optimize the performance of our digital assets, ensure a personalized user experience, and for security and fraud prevention purposes.

For more information, please read our Cookie Policy.

We may serve advertisements through our Services and digital assets that may also be tailored to you, e.g. ads based on your recent browsing behaviour.
We may use various technologies to provide such tailored ads, including cookies, JavaScript, web beacons, HTML5 local storage and others.
Third-party ad networks, advertisers and traffic measurement services may also use such technologies to measure effectiveness and customize content.
These third-party technologies are governed by the respective provider’s privacy policy.

Where do we store the data?

Non-personal data

Please note that our company as well as our trusted partners and service providers are located worldwide. For the purposes described in this Privacy Policy, we store and process all non-personal data in various jurisdictions.

Personal data

Personal Data may be maintained, processed and stored in the United States, Ireland, South Korea, Taiwan, Israel and in other jurisdictions to the extent necessary for the proper provision of our Services and/or as legally required.

How long do we retain the data?

We retain collected data for as long as necessary to provide our Services, to comply with our legal and contractual obligations, to resolve disputes, and to enforce our agreements.
We may correct, complete or delete inaccurate or incomplete data at our discretion.

How do we protect the data?

The hosting provider for our digital assets provides us with the online platform through which we can offer our Services to you. Your data may be stored through the data storage, databases and general applications of our hosting provider. It stores your data on secure servers behind a firewall and provides secure HTTPS access to most areas of its services.

All payment options offered by us and our hosting provider for our digital assets comply with the PCI-DSS (Payment Card Industry Data Security Standard).
PCI-DSS requirements help ensure the secure handling of credit card data by our shop and its service providers.

Despite the measures taken by us and our hosting provider, we cannot guarantee absolute protection and security of the data you provide or transmit.

Please set secure passwords and avoid transmitting confidential information through insecure channels such as email or instant messaging.

How do we handle minors?

The Services are not intended for users who have not reached the age of majority. We do not knowingly collect data from children.
If you are not of legal age, you must not download or use the Services or provide us with any information.

We reserve the right to request proof of age at any time.
If we become aware that a minor is using our Services, we may deny access, block the user, and delete all stored data.
If you believe that a minor has provided data to us, please contact us as described below.

Use of personal data (legal basis)

We use your Personal Data only for the purposes outlined in this Privacy Policy and only when we believe that:

  • Use of your Personal Data is necessary to perform or enter into a contract (e.g. to provide the Services, customer support or technical support);

  • Use of your Personal Data is necessary to comply with legal or regulatory obligations;

  • Use of your Personal Data is necessary to support our legitimate business interests (while always respecting your rights and ensuring proportionality).

Your rights as an EU resident

If you are a resident of the EU, you may:

  • Request confirmation as to whether Personal Data concerning you is being processed

  • Request access to your stored Personal Data

  • Request that the Personal Data you provided be delivered in a structured, commonly used and machine-readable format

  • Request correction of your Personal Data

  • Request deletion of your Personal Data

  • Object to the processing of your Personal Data

  • Request restriction of the processing

  • File a complaint with a supervisory authority

Please note that these rights may be subject to limitations based on our legitimate interests and legal requirements.

Cross-border data transfers may occur. By using the Services, you consent to such transfers outside the EEA. We only transfer Personal Data outside the EEA where adequate protection is ensured, and where appropriate contractual safeguards are in place.

California Consumer Privacy Act (CCPA)

If you use the Services as a California resident, you may be entitled to request access to and deletion of your data.

We do not sell users’ Personal Data for the purposes and intentions of the CCPA.

Updates or changes to this Privacy Policy

We may revise this Privacy Policy at our discretion. The version posted on the Website is always the current version (see “Last Updated”).
We encourage you to review this policy regularly.
Significant changes will be announced on our website. Continued use of the Services after notification constitutes your acceptance of the updated Privacy Policy.

Contact

If you have general questions about the Services or the data we collect and how we use it, please contact us at:

​

Buchöd – Parfüm und Duftmanufaktur GbR
Th. Höß, S. Rost, B. Kram, M. Flemming
Marktplatz 16a
93453 Neukirchen beim Heiligen Blut
Email: service@buchoed.de

 

Disclaimer

The information contained herein does not constitute legal advice and should not be relied upon as such. Specific legal requirements may vary by state and/or legal system. As stated in our Terms of Use, you are responsible for ensuring that your Services comply with the law applicable to you.
To fully ensure compliance with your legal obligations, we strongly recommend seeking professional legal counsel.

bottom of page