Privacy Policy
Trust us with your data
Concept Store Rose takes the protection of your personal data seriously and only uses your personal data within the framework of the applicable legal provisions.
Categories of data subjects
Visitors and users of the online offer (in the following we refer to the persons concerned collectively as "users"). This Privacy Policy describes our data collection practices and your rights in relation to your personal information, including access, correction and restriction of our use.
Data processing within the online concept store Rose:
If you register on our website or social media channel and thus conclude a contract with us, we process the data required for the conclusion, implementation or termination of a contract with you.
These include:
First name Last Name
Date of birth
delivery and invoice address
e-mail address
billing and payment data
phone number
Information about orders etc.
Your personal data will always be treated confidentially and will never be passed on to third parties. The legal basis for this is Article 6 Paragraph 1 Letter b) GDPR, Article 6 Paragraph 1 Letter c) GDPR. Your data will be processed as part of the credit check on the basis of Article 6 Paragraph 1 Letter a) GDPR (consent). Information on data protection at First Debit GmbH can be found at: https://firstdebit.de/datenschutz/
data storage
Personal data communicated by you via the website will only be stored until the purpose of the transmission has been fulfilled. Insofar as commercial and tax law retention periods have to be observed, the duration of the storage of certain data (in this case the data on the invoice) can be up to 10 years; here the legal requirements apply.
You can delete your account at any time
If you delete your account, all data will be deactivated, removed and deleted by us. Please note that there may be legal reasons for us to keep your data, e.g. B. if we are requested by law enforcement authorities to store data (see data storage).
data copies
All content on this website are copyrighted. Texts, images and graphics are protected by copyright and other protective laws.
cookies
Cookies are used on this website. We use them to present you with personalized ads and experiences, to analyze traffic on our website and to record log data. Cookies are small text files that your browser creates automatically and that are stored on your end device (laptop, tablet, smartphone, etc.). Information is stored in the cookie that arises in connection with the specific end device used. However, this does not mean that we are immediately informed of your identity. For example, we use cookies to save your language or other preferences so you don't have to set them every time you log in to Concept Store Rose.
Account/Choice
You always have a variety of choices regarding the information we hold about you. You can access this via your account settings .
Policy Changes
We may need to make changes to the Policy from time to time. In such cases, we will post any changes on this page. If you visit the Concept Store Rose If you continue to use after the changes, you automatically agree to the new policy.
If you have any questions, you can contact us at any time contact service@conceptstorerose.com or perceive the points described above.
Relevant legal bases
In accordance with Art. 13 GDPR, we will inform you of the legal basis for our data processing. If the legal basis is not mentioned in the data protection declaration, the following applies: The legal basis for obtaining consent is Art. 6 (1) lit. a and Art Answering inquiries is Article 6(1)(b) GDPR, the legal basis for processing to fulfill our legal obligations is Article 6(1)(c) GDPR, and the legal basis for processing to safeguard our legitimate interests is Article 6(1)(c) GDPR 6 Paragraph 1 lit. f GDPR. In the event that vital interests of the data subject or another natural person require the processing of personal data, Article 6 Paragraph 1 Letter d GDPR serves as the legal basis.
Safety measures
In accordance with Art. 32 GDPR, we take appropriate technical measures, taking into account the state of the art, the implementation costs and the type, scope, circumstances and purposes of the processing as well as the different probability of occurrence and severity of the risk for the rights and freedoms of natural persons and organizational measures to ensure a level of protection appropriate to the risk.
The measures include, in particular, securing the confidentiality, integrity and availability of data by controlling physical access to the data, as well as access, input, transfer, securing availability and their separation. Furthermore, we have set up procedures that ensure that the rights of those affected are exercised, that data is deleted and that data is reacted to when it is at risk. Furthermore, we already take the protection of personal data into account during the development or selection of hardware, software and processes, in accordance with the principle of data protection through technology design and through data protection-friendly default settings (Article 25 GDPR).
Transfers to third countries
If we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or this happens as part of the use of third-party services or disclosure or transmission of data to third parties, this only takes place if it is to fulfill our (pre)contractual obligations, on the basis of your consent, on the basis of a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual permissions, we only process or have the data processed in a third country if the special requirements of Art. 44 et seq. GDPR are met. This means that the processing takes place, for example, on the basis of special guarantees, such as the officially recognized determination of a data protection level corresponding to that of the EU (e.g. for the USA through the "Privacy Shield") or compliance with officially recognized special contractual obligations (so-called "standard contractual clauses").
External payment service providers
We use external payment service providers, via whose platforms the users and we can carry out payment transactions (e.g., each with a link to the data protection declaration, PayPal ( https://www.paypal.com/de/webapps/mpp/ua/privacy-full ), Klarna ( https://www.klarna.com/de/datenschutz/ ), Skrill ( https://www.skrill.com/de/fusszeile/datenschutzanleitung/ ), Giropay ( https://www.giropay.de/ legal/data-protection-agb/ ), Visa ( https://www.visa.de/datenschutz ), Mastercard ( https://www.mastercard.de/de-de/datenschutz.html ), American Express ( https:/ /www.americanexpress.com/de/content/privacy-policy-statement.html )
As part of the fulfillment of contracts, we use the payment service providers on the basis of Article 6 Paragraph 1 lit. b. GDPR a. In addition, we use external payment service providers on the basis of our legitimate interests in accordance with Article 6 (1) (f) GDPR in order to offer our users effective and secure payment options.
The data processed by the payment service provider includes inventory data such as name and address, bank details such as account numbers or credit card numbers, passwords, TANs and checksums, as well as contract, total and recipient-related information. The information is required to carry out the transactions. However, the data entered will only be processed and stored by the payment service providers. This means that we do not receive any account or credit card-related information, only information with confirmation or negative information about the payment. Under certain circumstances, the payment service provider may transmit the data to credit agencies. The purpose of this transmission is to check identity and creditworthiness. We refer to the terms and conditions and data protection notices of the payment service providers.
The terms and conditions and data protection notices of the respective payment service providers apply to the payment transactions, which can be accessed within the respective websites or transaction applications. We also refer to this for the purpose of further information and the assertion of revocation, information and other data subject rights.
Online presence in social media
We maintain online presences within social networks and platforms in order to be able to communicate with the customers, interested parties and users active there and to be able to inform them about our services there. When calling up the respective networks and platforms, the terms and conditions and data processing guidelines of their respective operators apply.
Unless otherwise stated in our data protection declaration, we process user data if they communicate with us within social networks and platforms, e.g. write posts on our online presence or send us messages.
Facebook pixel, custom audiences and Facebook conversion
Due to our legitimate interests in the analysis, optimization and economic operation of our online offer and for these purposes, the so-called "Facebook pixel" of the social network Facebook, which is operated by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025 , USA, or if you are based in the EU, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("Facebook").
Facebook is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law ( https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active ).
With the help of the Facebook pixel, Facebook is able to determine the visitors of our online offer as a target group for the display of advertisements (so-called "Facebook Ads"). Accordingly, we use the Facebook pixel to only display the Facebook ads we have placed to those Facebook users who have also shown an interest in our online offering or who have certain characteristics (e.g. interests in certain topics or products, which are based on the visited website). websites are determined), which we transmit to Facebook (so-called “Custom Audiences”). With the help of the Facebook pixel, we also want to ensure that our Facebook ads correspond to the potential interests of users and are not annoying. With the help of the Facebook pixel, we can also understand the effectiveness of Facebook ads for statistical and market research purposes by seeing whether users were redirected to our website after clicking on a Facebook ad (so-called "conversion").
The processing of the data by Facebook takes place within the framework of Facebook's data usage guidelines. Accordingly, general information on the display of Facebook ads in Facebook's data usage guidelines: https://www.facebook.com/policy.php . You can find specific information and details about the Facebook pixel and how it works in the Facebook help area: https://www.facebook.com/business/help/651294705016616 .
You can object to the collection by the Facebook pixel and the use of your data to display Facebook ads. In order to set which types of advertisements are displayed to you within Facebook, you can visit the page set up by Facebook and follow the instructions for setting usage-based advertising there: https://www.facebook.com/settings?tab=ads . The settings are platform-independent, ie they are adopted for all devices, such as desktop computers or mobile devices.
You can also opt out of the use of cookies, which are used to measure reach and for advertising purposes, via the deactivation page of the network advertising initiative ( http://optout.networkadvertising.org/ ) and also the US website ( http://www.aboutads.info/ choices ) or the European website ( http://www.youronlinechoices.com/uk/your-ad-choices/ ).
Google Maps
We integrate the maps of the “Google Maps” service provided by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. The processed data may include, in particular, IP addresses and location data of the users, which, however, are not collected without their consent (usually as part of the settings on their mobile devices). The data can be processed in the USA. Privacy Policy: https://www.google.com/policies/privacy/ , Opt-Out: https://adssettings.google.com/authenticated .
Use of Facebook Social Plugins
On the basis of our legitimate interests (ie interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 Para. 1 lit. f. DSGVO) we use social plugins ("plugins") of the social network facebook.com, which operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("Facebook"). The plugins can display interaction elements or content (e.g. videos, graphics or text contributions) and can be recognized by one of the Facebook logos (white "f" on a blue tile, the terms "Like", "I like" or a "thumbs up" sign ) or are marked with the addition “Facebook Social Plugin”. The list and appearance of the Facebook Social Plugins can be viewed here: https://developers.facebook.com/docs/plugins/ .
Facebook is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law ( https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active ).
If a user calls up a function of this online offer that contains such a plugin, his device establishes a direct connection with the Facebook servers. The content of the plugin is transmitted directly from Facebook to the user's device, which integrates it into the online offer. User profiles can be created from the processed data. We therefore have no influence on the amount of data that Facebook collects with the help of this plugin and therefore inform users according to our level of knowledge.
By integrating the plugin, Facebook receives the information that a user has accessed the corresponding page of the online offer. If the user is logged into Facebook, Facebook can assign the visit to his Facebook account. If users interact with the plugins, for example by pressing the Like button or making a comment, the corresponding information is transmitted directly from your device to Facebook and stored there. If a user is not a member of Facebook, there is still the possibility that Facebook will find out and save their IP address. According to Facebook, only an anonymous IP address is stored in Germany.
The purpose and scope of the data collection and the further processing and use of the data by Facebook as well as the relevant rights and setting options for protecting the privacy of the users can be found in Facebook's data protection information: https://www.facebook.com/about/privacy/ .
If a user is a Facebook member and does not want Facebook to collect data about him via this online offer and link it to his member data stored on Facebook, he must log out of Facebook before using our online offer and delete his cookies. Further settings and objections to the use of data for advertising purposes are possible within the Facebook profile settings: https://www.facebook.com/settings?tab=ads or via the US website http://www.aboutads.info/choices/ or the EU site http://www.youronlinechoices.com/ . The settings are platform-independent, ie they are adopted for all devices, such as desktop computers or mobile devices.
Functions and content of the Instagram service offered by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA, can be integrated within our online offer. This can include, for example, content such as images, videos or text and buttons with which users can share content from this online offer within Instagram. If the users are members of the Instagram platform, Instagram can assign the above-mentioned content and functions to the user profiles there. Instagram privacy policy: http://instagram.com/about/legal/privacy/ .