Data protection

Ovall in 3 Colors with Models

Data protection

The protection of your personal data is important to us. Of course, we guarantee their protection within the framework of the legal requirements and handle your personal data with care. With this declaration, we inform you about the types of personal data we collect, the purposes for which this data is collected, how it is processed and what rights you have in this regard.

1. responsible body

The responsible body within the meaning of the data protection laws is the

Zone Germany Gmbh

Gallmayerstr. 12

81669 Munich

E-mail: hell@ovallskincare.de

2. collection and storage of personal data and the nature and purpose of their use

We collect and store personal data in the following cases. We use this data exclusively in the manner and for the purposes described below.

a) Visiting our website

When you visit our website www.ovallskincare.de , the browser used on your end device automatically sends information to the server of our website, which is then temporarily stored in a so-called log file. The following information is collected without your intervention and stored until automatic deletion:

- the IP address of the requesting computer,

- the date and time of the access,

- the name and URL of the retrieved file,

- the website from which the access is made (referrer URL),

- the browser used and

- if applicable, the operating system of your computer as well as the name of your Internet access provider.

Log files are important sources of information to make the processes on a system traceable. They can be used, for example, to analyse problems or reconstruct lost data. We reuse the data stored with the log files in this context:

- to ensure the connection setup and the use of our website,

- to evaluate and permanently guarantee system security and stability,

- to ensure the technical administration of the network infrastructure,

- to optimise our Internet offering,

- to arrange for internal statistical surveys.

The legal basis for data processing is Art. 6 para. 1 p. 1 lit. f DSGVO. Our legitimate interest in data processing follows from the purposes listed at the beginning. In no case do we use the collected data for the purpose of drawing conclusions about your person. The IP address of the requesting computer is only evaluated in the event of attacks on the network infrastructure and for statistical purposes.

b) Use of contact form

You have the possibility to contact us via a form provided on our website. In doing so, you are required to provide your name, a valid e-mail address and the background to your contact. By providing us with your contact details, you consent to us using them to respond to your request.

We process the data you provide to us solely for the purpose of processing and responding to your request.

The legal basis for data processing is our legitimate interest in processing your request, Art. 6 para. 1 p. 1 lit. f DSGVO, and the consent you have given by using the contact form to the processing of the data you have entered the contact form, Art. 6 para. 1 p. 1 lit. a DSGVO.

We would like to point out that it is not necessary to use our contact form to get in touch with us. We are also available to answer your request via the other contact details provided on our website. The personal data we collect to process your contact will be automatically deleted after we have dealt with your request.

c) Registration online shop

If you wish to order our products via our website, this requires that you register with our online shop. During registration, we collect the following personal data:

- First name, last name,

- email address,

- password and

- date of account creation.

The collection and processing of this data takes place,

- for your registration in our online shop and your further access to it,

- for identification as our customer.

The processing of your personal data is necessary to manage your registration in our online shop, Art. 6 para. 1 p. 1 lit. b DSGVO.

d) Purchase via our online shop

When you order our products via our online shop, we collect the following personal data in addition to the data already stored during registration:

- if applicable, company,

- address, address suffix,

- telephone number,

- date of first purchase,

- if applicable, packing station or post office (packing station number or post office number and post office number)

The collection and processing of this data takes place,

- to process and handle the order placed by you via our online shop,

- to inform you about our product range, our product news and current promotions concerning our product range,

- for invoicing,

- to handle any liability claims,

- to enforce our contractual claims against you.

The processing of your personal data is necessary to manage your registration in our online shop and to fulfil your orders in accordance with the contract, Art. 6 para. 1 p. 1 lit. b DSGVO.

Insofar as we use the processed personal data to inform you about our product range, in particular our new products and/or special promotions in connection with our product range, this is in our legitimate interest, Art. 6 (1) sentence 1 lit. f DSGVO.

e) Newsletter registration

With our electronic newsletter, in addition to receiving information about Privise.io special offers, products, news and events, you will also receive regular surveys about our products, as well as occasional information about retail sales promotions and Privoo.io competitions, which may also feature products from partner companies.

You can register to receive our electronic newsletter via our website. When you register, we use the so-called double opt-in procedure, i.e. the registration is only completed when you confirm your wish to receive our electronic newsletter via a link that you receive with an e-mail that we send to you at your request. In this case, we collect the following personal data from you:

- Your e-mail address,

- your surname and first name,

- the IP address provided by your internet service provider when you confirm the link,

- the date and time of confirmation of the link.

The processing of the said data is carried out in order to

- to send you the newsletter,

- to be able to address you personally in our newsletter,

- the declaration of your consent to receive the electronic newsletter and

- to prove possible misuse of your e-mail address at a later date.

The legal basis for data processing is your consent to this, which you give when registering for our newsletter, Art. 6 para. 1 p. 1 lit. a DSGVO.

Unsubscribe from the newsletter

To unsubscribe from the newsletter, simply send an email to hello@ovallskincare.de with the subject "Unsubscribe Newsletter".

f) Cookies and analysis services

Finally, we use cookies and analysis services when you visit our website. You can find more detailed explanations on this under point 4 ff. of this data protection declaration.

3. disclosure of your data to third parties

Your personal data will not be transferred to third parties for purposes other than those listed below:

We will only share your personal information with third parties if:

- you have given your express consent to this in accordance with Art. 6 para. 1 sentence 1 lit. a DSGVO,

- the disclosure is necessary in accordance with Art. 6 para. 1 sentence 1 lit. f DSGVO for the assertion, exercise or defence of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in the non-disclosure of your data,

- in the event that there is a legal obligation for the disclosure in accordance with Art. 6 para. 1 sentence 1 lit. c DSGVO. 6 para. 1 sentence 1 lit. c DSGVO,

- this is legally permissible and necessary for the processing of contractual relationships with you according to Art. 6 para. 1 sentence 1 lit. b DSGVO.

3.1.

Credit assessment by third parties

When using Klarna Invoice/Instalment Purchase, a credit check is carried out by the third-party provider Klarna.

We have no influence on the data collection and final decision of the third-party provider.

4. cookies and tracking pixels

Like many other websites, we use so-called "cookies". Cookies are small text files that your web browser automatically stores on your computer's hard drive when you visit our website. This automatically provides us with certain data, such as your IP address and the browser you use, and allows us to analyse your usage behaviour when visiting our website in anonymised form. Cookies cannot cause any damage to your hard drive. In particular, they cannot be used to start programs and/or transmit viruses. We do not obtain any personal data about you through the cookies. It is not possible for us to assign the information stored in the cookies to an identified or identifiable natural person.

We also use so-called tracking pixels on our website. Tracking pixels are small scripts that are automatically loaded when you visit our website and enable the tracking of your user behaviour. This automatically provides us with certain data, such as your IP address and the browser you are using, and allows us to analyse your usage behaviour when visiting our website in anonymised form.

Cookies and tracking pixels help us in many ways to make your visit to our website easier, more pleasant and more meaningful. For example, by analysing the usage behaviour of visitors to our website, we are able to tailor our services to your needs. In some cases, cookies also serve to simplify the ordering process. For the specific purposes we pursue, we refer to the following explanations of the individual cookies and tracking pixels used by us.

If personal data is processed by individual cookies, this is necessary for the performance of the contract with you, Art. 6 para. 1 lit. b DSGVO, or due to our legitimate interest in being able to offer you optimum functionality of our website and to operate our website as efficiently and economically as possible, Art. 6 para. 1 sentence 1 lit. f DSGVO.

Of course, you can also view our website without cookies. Most internet browsers are configured to accept cookies automatically. However, you can deactivate this function at any time or configure your browser so that a message always appears when you receive a new cookie. You can delete cookies that have already been stored. However, we would like to point out that deactivating cookies may mean that you cannot use all the functions of our website.

The following programmes that set cookies and tracking pixels are used on our website:

a) Google Inc.

Various services of Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter "Google") are used on our website, which we explain to you below:

To optimise the offer on our website, we use Google Analytics, a web analysis service. Google Analytics uses cookies that enable an analysis of your use of the website. The information generated by the cookie about your use of the website, such as your IP address, telephone and fax numbers, is used to

- Browser type/version,

- operating system used,

- referrer URL (the previously visited page),

- host name of the accessing computer (IP address),

- time of the server request.

are usually transferred to a Google server in the USA and stored there. However, due to the activation of IP anonymisation on these websites, your IP address will be truncated beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator.

The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) by Google and the processing of this data by Google by downloading and installing the browser plugin available under the following link.

In addition or as an alternative to the browser add-on, you can prevent tracking by Google Analytics on our pages by clicking on this link. This will install an opt-out cookie on your device. This will prevent the collection by Google Analytics for this website and for this browser in the future, as long as the cookie remains installed in your browser.

We use Doubleclick by Google. Doubleclick by Google uses cookies to present you with advertisements that are relevant to you. In the process, a pseudonymous identification number (ID) is assigned to your browser in order to check which ads were displayed in your browser and which ads were called up. The cookies do not contain any personal information. The use of DoubleClick cookies enables Google and its partner websites to serve ads based on previous visits to our website or other websites on the Internet. The information generated by the cookies is transferred by Google to a server in the USA for analysis and stored there. Google observes the data protection provisions of the "US Safe Harbor" agreement and is registered with the "Safe Harbor" programme of the US Department of Commerce. Under no circumstances will Google combine your data with other data collected by Google.

By using our website, you consent to the processing of data about you by Google and to the manner and purpose of such processing as set out above. You can prevent the storage of cookies by setting your browser software accordingly. Furthermore, you can prevent the collection of the data generated by the cookies and related to your use of the websites to Google as well as the processing of this data by Google by downloading and installing the browser plugin available under the following link.

You can find more information about DoubleClick by Google and data protection here.

We use the remarketing or "similar target groups" function of Google Inc. This function serves the purpose of analysing visitor behaviour and visitor interests.

Google uses cookies to carry out the analysis of website usage, which forms the basis for the creation of interest-based advertisements. The cookies are used to record visits to the website as well as anonymised data on the use of the website. No personal data of visitors to the website is stored. If you subsequently visit another website in the Google Display Network, you will be shown advertisements that are highly likely to take into account previously accessed product and information areas.

Your data may also be transferred to the USA. An adequacy decision of the European Commission is available for data transfers to the USA.

The processing is carried out on the basis of Art. 6 (1) lit. f DSGVO from the legitimate interest in targeting visitors to the website with advertising by displaying personalised, interest-related advertising ads for visitors to the provider's website when they visit other websites in the Google Display Network.

You can permanently deactivate the use of cookies by Google by following the link below and downloading and installing the plug-in provided there: https://support.google.com/ads/answer/7395996?hl=de

Alternatively, you can disable the use of cookies by third parties by visiting the Network Advertising Initiative opt-out page at https://www.networkadvertising.org/choices/ and implementing the further opt-out information provided there.

You can find more information on Google Remarketing and the associated privacy policy at: https://www.google.com/privacy/ads/.

In order to statistically record the use of our website and to evaluate it for the purpose of optimising our website for you, we also use the Google Conversion Tracking. In this process, Google Adwords sets a cookie (see section 5) on your computer if you have accessed our website via a Google ad.

These cookies lose their validity after 30 days and are not used for personal identification. If the user visits certain pages of the Adwords client's website and the cookie has not yet expired, Google and the client can recognise that the user clicked on the ad and was redirected to this page.

Each Adwords customer receives a different cookie. Cookies can therefore not be tracked via the websites of Adwords customers. The information obtained using the conversion cookie is used to create conversion statistics for Adwords customers who have opted for conversion tracking. The Adwords customers learn the total number of users who clicked on their ad and were redirected to a page tagged with a conversion tracking tag. However, they do not receive any information that can be used to personally identify users.

If you do not wish to participate in the tracking procedure, you can also refuse the setting of a cookie required for this - for example, via a browser setting that generally deactivates the automatic setting of cookies. You can also deactivate cookies for conversion tracking by setting your browser so that cookies from the domain "www.googleadservices.com" are blocked.

Google's privacy policy on conversion tracking can be found here https://services.google.com/sitestats/de.html.

b) Facebook Inc.

If you have consented to this when visiting our website, we use the Facebook pixel, the tracking pixel of Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA. With the help of this pixel, the behaviour of users can be tracked after they have been redirected to our website by clicking on a Facebook ad. This allows us to track the effectiveness of Facebook ads for statistical and market research purposes. The data collected in this way is anonymous to us, which means we do not see the personal data of individual users. However, this data is stored and processed by Facebook, which we inform you about according to our level of knowledge. Facebook may link this data to your Facebook account and also use it for its own advertising purposes, in accordance with Facebook's data usage policy, which you can view here.

You also have the option to prohibit Facebook and its partners from displaying advertisements. You can edit the settings for Facebook's advertisements at the following link: https://www.facebook.com/ads/website_custom_audiences/.

c) Adform Conversion Tracking

This website uses the conversion tracking from Adform. The conversion tracking cookie is set when a user contacts an ad placed by Adform. These cookies do not contain any information that can be used to personally identify users. Users who do not wish to participate in tracking can deactivate Adform's cookie via their internet browser. Further information on Adform's privacy policy can be found at https://site.adform.com/privacy-policy-opt-out/. There you also have the option to prevent tracking by opting out.

d) Amazon Inc.

We use the functions of the two web analytics services Amazon Conversion Pixel and Amazon Remarketing Pixel on our website. The provider in each case is Amazon.com, Inc, 410 Terry Ave. North Seattle, WA, USA. The Amazon Conversion Pixel and the Amazon Remarketing Pixel also use cookies that are stored on your terminal device and that enable an analysis of your use of the website as well as personalised advertising.

Here too, you can prevent the storage of cookies by setting your browser software accordingly; however, we would like to point out once again that in this case you may not be able to use all the functions of this website to their full extent.

You can also prevent the collection of data generated by the cookie and related to your use of the website from Amazon and the processing of this data by Amazon by clicking on this link and selecting the setting "Do not personalise advertising shown by Amazon for this internet browser": https://www.amazon.de/adprefs.

Alternatively, you can make the appropriate settings at http://www.youronlinechoices.com/de . An opt-out cookie will then be set in your browser, which prevents the future collection of your data by the Amazon Pixel when you visit our website. This objection is valid as long as you do not delete the opt-out cookie.

e) Microsoft Inc. (Bing Ads)

We also use the Conversion Tracking from Microsoft. The provider is Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA). When you use Microsoft Bing Ads, a cookie is set on your computer if you have reached our website via a Microsoft Bing ad. In this way, Microsoft Bing and we can recognise that someone has clicked on an ad, been redirected to our website and reached a previously determined target page (conversion page). We only learn the total number of users who clicked on a Bing ad and were then redirected to the conversion page. No personal information about the user's identity is shared. If you do not wish to participate in the tracking procedure, you can also refuse the setting of a cookie required for this - for example, by means of a browser setting that generally deactivates the automatic setting of cookies. Further information on data protection and the cookies used by Microsoft Bing can be found on the Microsoft website: https://privacy.microsoft.com/de-de/privacystatement.

5. use of social media plugins

We use so-called plugins (buttons) of various social networks on our website so that you can also use the interactive options of the social networks you use on our website. These plugins provide various functions whose subject matter and scope are not determined by us but by the operators of the social networks.

Please note that we are not the provider of the social networks and have no influence on the data processing and content of the respective service providers. The legal basis for the use of the plugins is, Insofar as the linking via social media plugins involves the processing of personal data, this is based on our legitimate interest in enabling you to interact directly with social networks of which you are a member via the design of our website and on our legitimate interest in providing interaction options for the purpose of advertising, Article 6 (1) f EU-DSGVO.

We use the following social media plugins. We would like to inform you about how they work as follows:

a) Facebook

Plugins of the social network "Facebook", 1601 South California Avenue, Palo Alto, CA 94304, USA are integrated on our website. You can recognise the Facebook plugins by the Facebook logo or the "Like" button on our site. You can find an overview of the Facebook pluginshere .

If you activate the plugin, a direct connection between your browser and the Facebook server is established via the plugin. Facebook thereby receives the information that you have visited our website with your IP address. If you click on the Facebook "Like" button while you are logged into your Facebook account, you can refer to content on our pages in your Facebook profile.

We would like to point out that we have no knowledge of the content of the transmitted data or its use by Facebook and that we are not responsible for the data processing by Facebook. You can find more information on this in Facebook's privacy policy .

b) Instagram

Our website uses plugins from Instagram, which is operated by Instagram LLC., 1601 Willow Road, Menlo Park, CA 94025, USA ("Instagram"). The plugins are marked with an Instagram logo, for example in the form of an "Instagram camera". You can find an overview of the Instagram plugins and their appearancehere .

If you activate the plugin, a direct connection is established between your browser and the Instagram server via the plugin. Instagram thereby receives the information that you have visited our website with your IP address. In this case, this information (including your IP address) is transmitted by your browser directly to an Instagram server in the USA and stored there.

If you are logged in to Instagram, Instagram can directly assign your visit to our website to your Instagram account. If you interact with the plugins, for example by clicking the "Instagram" button, this information is also transmitted directly to an Instagram server and stored there. The information is also published on your Instagram account and displayed to your contacts there.

We would like to point out that we have no knowledge of the content of the transmitted data or its use by Instagram and that we are not responsible for Instagram's data processing. For more information, please see Instagram's privacy policy .

c) Pinterest

On our site, we use plugins of the social network Pinterest, which is operated by Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, USA ("Pinterest"). When you activate the plugin, your browser establishes a direct connection to the Pinterest servers. The plugin transmits log data to the Pinterest server in the USA. This log data may contain your IP address, the address of the websites visited that also contain Pinterest functions, the type and settings of the browser, the date and time of the request, how you use Pinterest and cookies.

Further information on the purpose, scope and further processing and use of the data by Pinterest, as well as your rights in this regard and options for protecting your privacy, can be found in Pinterest's privacy policy .

6. social networks

We maintain online presences within social networks and platforms in order to be able to communicate with the customers, interested parties and users active there and to inform them about our services there. When calling up the respective networks and platforms, the terms and conditions and data processing guidelines of their respective operators apply.

Unless otherwise stated in our privacy policy, we process the data of users if they communicate with us within the social networks and platforms, e.g. write posts on our online presences or send us messages.

When users leave comments or other contributions on our social media presences, their IP addresses are stored for 7 days on the basis of our legitimate interests as defined in Art. 6 (1) lit. f. DSGVO are stored for 7 days. This is done for our security in case someone leaves unlawful content in comments and posts (insults, prohibited political propaganda, etc.). In this case, we ourselves can be prosecuted for the comment or post and are therefore interested in the identity of the author.

7. data security

We use the widespread SSL procedure (Secure Socket Layer) in connection with the highest encryption level supported by your browser when visiting the website. As a rule, this is 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is transmitted in encrypted form by the closed display of the key or lock symbol in the lower status bar of your browser.

8. duration of the data storage

In accordance with the principles of data avoidance and economy, your information will not be processed by us for longer than is necessary for the purpose for which it was collected or as provided for by law. As soon as the purpose of the data processing has ceased to apply and/or legal storage periods have expired, the data stored by you will be deleted.

9. rights of the data subject

Insofar as you are affected by the processing of personal data, you have the following rights:

a) Right of access, Art. 15 GDPR

Pursuant to Art. 15 DSGVO, you have the right to request information about your personal data processed by us. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the origin of your data if it has not been collected by us, as well as the existence of automated decision-making, including profiling, and, if applicable, meaningful information about its details.

b) Correction and completion, Art. 16 DSGVO

Pursuant to Art. 16 DSGVO, you have the right to request the correction of inaccurate or incomplete personal data stored by us without delay.

c) Deletion, Art. 17 DSGVO

Pursuant to Art. 17 DSGVO, you have the right to request the erasure of your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims.

d) Restriction of processing, Art. 18 DSGVO

In accordance with Art. 18 DSGVO, you have the right to request the restriction of the processing of your personal data, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its deletion and we no longer require the data, but you need it for the assertion, exercise or defence of legal claims or you have objected to the processing in accordance with Art. 21 DSGVO.

e) Provision of stored data, Art. 20 DSGVO

In accordance with Art. 20 DSGVO, you have the right to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request that it be transferred to another controller.

f) Revocation of consent given, Art. 7 (3) DSGVO

According to Art. 7 (3) DSGVO, you have the right to revoke your consent at any time. This has the consequence that we may no longer continue the data processing based on this consent in the future.

g) Right of appeal, Art. 77 GDPR

In accordance with Art. 77 DSGVO, you have the right to complain to a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our company headquarters.

10. right of objection

If your personal data is processed on the basis of legitimate interests pursuant to Art. 6 (1) p. 1 lit. f DSGVO, you have the right to object to the processing of your personal data pursuant to Art. 21 DSGVO, insofar as there are grounds for doing so that arise from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right of objection, which is implemented by us without specifying a particular situation. If you would like to make use of your right of revocation or objection, it is sufficient to send an e-mail to hello@ovallskincare.de.

11. amendment of our data protection provisions

We reserve the right to adapt our data protection statement in order to ensure that it always complies with the applicable legal requirements, in particular in the event of changes to our services. Your visit to our website will always be governed by the data protection statement in the current version published on our website.

12. questions to the Data Protection Officer

If you have any questions about our privacy policy, please contact us directly at hello@ovallskincare.de or by mail at Zone Germany Gmbh, Gallmayerstr. 12 in 81669 Munich.

CartIcon

Help

Frequent Questions
Shop
Reviews
Shipping & Returns

Follow US

Become one of many satisfied Ovall customers and let Ovall become your most important skincare routine.

CartIcon
CartIcon
CartIcon
CartIcon

Company

About us
AGB
Right of withdrawl
Imprint
Data Protection
CartIcon
CartIcon
CartIcon
CartIcon
CartIcon
CartIcon
CartIcon
CartIcon