1. General

The protection of your privacy when using our Website and our Bianka Koben-Online Store is very important to Bianka Koben (hereinafter referred to as “we“, “us” or “Bianka Koben”). We have therefore drafted the following Privacy Policy und would thus like to explain what information is acquired, stored and in what manner it may be further used by Bianka Koben. In this document, we explain how we use cookies and analytical tools on our website, as well as in our products and services.

By accepting the following privacy statement, you consent to the collection, processing and use of your data in accordance with the applicable data protection laws and the provisions specified in the following. Please note that persons under the age of 16 may not transfer personal information to us without the consent of their legal guardian and may not declare consent on their own behalf. All changes to our privacy statement will be published on this website and, if necessary, users will be notified via email.

Owner of the data collection and the data controller for this data protection declaration is Bianka Koben, L’Essert 8, CH-1473 Fribourg, company number CHE-344.918.790, Director: Saloua Bendaoud. Bianka Koben operates this website and the online shop.

2. Contact us 

Do you have questions or comments concerning data protection at Bianka Koben? If so, please contact our privacy officer. The easiest and fastest way to contact us is via email: info@biankakoben.com
 

Bianka Koben 

Privacy, Legal Service

L’Essert 8,

CH-1473 Fribourg,

Tel: + 41 (0) 766990204

3. Your rights

You can assert your privacy rights against us at any time and free of charge.

  • You have the right to request confirmation regarding whether data pertaining to you is processed by us. If this is the case, you have a right to request information concerning the affected data, as well as additional information, under Art. 15 of the General Data Protection Regulation (“GDPR”).
  • Under Art. 16 GDPR you have the right to request immediate correction of inaccurate personal data.
  • Under Art. 17 GDPR you have the right to request that data pertaining to you be deleted immediately or, alternatively, that its processing be restricted under Art. 18 GDPR.
  • Under Art. 19 GDPR you have the right to receive confirmation that all recipients that have received data from us have been informed of every correction, deletion or restriction on processing of that data.
  • Under Art. 20 GDPR you have the right to receive the data provided to us in a structured, commonly used and machine-readable format, and to request its transmission to other responsible entities.
  • You have the right to withdraw consent granted under Art. 7(3) GDPR in full or in part at any time. Moreover, under Art. 21 GDPR you have the right to object to the processing of your personal information if we process the data in the legitimate interests of Bianka Koben. You have the right to object to the use of your data for direct marketing at any time.
  • Under Art. 77 GDPR you have the right to lodge a complaint with a regulatory authority, particularly in the Member State of your residence or the location of the alleged infringement.

4. Where your data is located

Your data will be stored in the European Economic Area (EEA). To the extent permitted by law, data processing also takes place outside of Europe. Subject to legal or contractual permissions, we process data in a third country only if the special conditions of Art. 44 ff. of the General Data Protection Regulation (GDPR) are fulfilled, i.e. processing is carried out only on the basis of particular guarantees, such as the officially recognised fulfilment of a privacy level conforming to the EU standard (e.g. the “Privacy Shield” in the USA) or compliance with officially recognised special contractual obligations (“standard contractual clauses”). For further information, see: http://eur-lex.europa.eu/legal-content/en/TXT/?uri=CELEX%3A32010D0087 and https://eur-lex.europa.eu/legal-content/DE/TXT/?uri=CELEX:32000D0520

5. Transmission of data

Your personal data will be handled in strictest confidence. Data will not be sold or passed on to third parties for commercial purposes. However, Bianka Koben can make your personal data accessible to third parties (contract processors) if this is necessary for the preparation and provision of our service. Categories of such third parties are listed in the specific processes under item 9. These service providers are subject to strict confidentiality and may only process the transferred data for the purpose of performing the service they are commissioned to provide. Where possible, data is anonymised or pseudonymised in advance. Your data can be transferred within the Bianka Koben Group. Transmission of your personal data to recipients not listed in this privacy statement occurs only if required by law (e.g. to authorities).

6. Deletion of data

If not expressly specified in this privacy statement, the data stored by us will be automatically deleted in accordance with Art. 17 and Art. 18 GDPR as soon as it is no longer required for the purposes specified in this privacy statement and the deletion would not violate legal retention requirements. If the data is not deleted because it is required for other legally permissible purposes, its processing is restricted, i.e. the data is locked and not processed for other purposes. This applies, for example, to data that must be retained for reasons of commercial or tax law.

7. Data security

Bianka Koben is committed to handling your personal information securely and has undertaken suitable technical and organisational security measures. We protect your data against loss, destruction, modification, publication and unauthorised access. We always keep pace with technical developments in order to guarantee an up-to-date security level. Where possible, data is encrypted and anonymised to prevent abuse by third parties. Data processing and transmission is done using the SSL (Secure Socket Layer) protocol. We have logical and physical access restrictions, and checks, firewalls and recovery systems in place, as well as an integrity test. Our employees (if any) will receive regular training in the proper handling of personal information and are required to ensure compliance with privacy requirements in accordance with applicable law.

8. Legal basis of data processing

If the legal basis is not expressly specified in the privacy statement, the following applies: The legal basis for the collection and processing of data with your consent is Art. 6(1)(a) and Art. 7 GDPR. The legal basis for processing data for the fulfilment of our services and the performance of (pre-)contractual measures, as well as replying to enquiries, is Art. 6(1)(b) GDPR. The legal basis for processing data for the fulfilment of our legal obligations is Art. 6(1)(c) GDPR. If processing the data is necessary to protect a legitimate interest of our company or a third party, Art. 6(1)(f) GDPR serves as the legal basis for the processing. If we commission third parties to conduct the processing of data based on a “contract processing contract”, this is done on the basis of Art. 28 GDPR.

9. When and how do we process personal data?

We process your personal data to ensure the smooth use and continuous improvement of our services. We also use your data to adapt our product range to customer requirements and provide you with personalised product information tailored to your needs. Reasons for processing can be categorised as follows:

9.1 Delivery of the website
 

Purpose and scope of data processing

When a visitor visits our website, we do not store any personal data. Using server log files, our web servers merely store access data without personalised information, such as the IP address (shortened), version of your web browser and operating system, the previously visited page (the referrer URL), the page viewed and the time of the access. This data is collected and processed for the purpose of enabling the use of our website (establishing a connection) and ensuring system security and stability, as well as technical administration of the network infrastructure. This data does not allow us to identify you.

Retention period and access to data

Log file information is stored for a maximum of 7 days for security reasons (e.g. investigation of acts of abuse or fraud) and then automatically deleted.

This data is not transferred to third parties unless this is necessary for the performance of our service (e.g. hosting providers, web analysis companies, in order to analyse the online behaviour of our visitors in general).

Legal basis and possibility of objection

The storage of every access of our server (server log files) is based on Art. 6(1)(f) GDPR, as well as our legitimate interests, such as optimising our services or protection from abuse through unauthorised use.

The collection of data for the delivery of the website and storage of the data in log files is essential for the operation of the website. There is consequently no possibility for the user to object.

9.2 Provision of services and processing orders

Purpose and scope of the processing

We process personal data in order to provide you with our products or services, or when you contact us. We also use personal information to process purchases and the associated ordering procedures (incl. warranty and services, returns, notification of delivery status and payment processing).

To fulfil our contractual obligations and perform our services, we process stored data (contact information such as name, address, email, telephone number and birth date) and contract data (e.g. services purchased, names of contact persons, payment information, order information). If you shop as a guest without setting up a customer account, Bianka Koben only collects and processes the personal data necessary for the particular purchase (a purchase history is not created). If contact is established with us (e.g. via email, telephone or social media), the user’s information is processed to handle the contact enquiry and its resolution. The user’s information may be stored in a Customer Relationship Management system (CRM system).

Retention period and access to data
 

The deletion of order data occurs after the elapse of the legal warranty period and similar obligations. Information in the respective customer account is retained until deleted. Information collected if contact is established is deleted as soon as it is no longer required. In the case of legal archiving obligations, deletion is carried out after the elapse of the period.

This information is not transferred to third parties unless this is necessary for the provision of the aforementioned services (e.g. payment service provider, goods storage, courier services, website managers) or for the pursuit of our claims (e.g. credit agencies, collection agencies, debt enforcement offices, civil courts, criminal investigation agencies and anti-fraud institutions).

Legal basis and possibility of objection

Processing for contractual fulfilment is based on Art. 6(1)(b) GDPR. Storage is done on the basis of legitimate interests in protecting against misuse and other unauthorised use under Art. 6(1)(f) GDPR.

9.3 Bianka Koben customer account

Purpose and scope of the processing

On our website we offer users the opportunity to register for a more convenient shopping experience by entering personal data. With a customer account, you can perform such actions as creating a wishlist or saving articles in the shopping cart. You can update your personal data in the customer account at any time and create personalised settings. We use the data to provide an individualised shopping experience based on personal interests and offer you relevant product suggestions. If you accept direct marketing, we use your personal data to send you suitable offers, invitations to events, promotions, etc. via email, text message, telephone and post.

The following information is collected as part of the registration process: first name, surname, email address, country, IP address and the time of the registration. You can also give us additional information voluntarily (e.g. address, telephone number, date of birth, encrypted payment-card data). In the event of a purchase, we process the data relating to your order, such as delivery information and payment information. For marketing purposes and the sending of relevant product suggestions, we also process your usage data (e.g. viewed pages on our website, interest in our products, previous purchases, click and navigation history, and the data contained in the user profile).

Retention period and third-party access

Information remains in the customer account for as long as it is active. An account is automatically regarded as inactive if it has not been used for more than two years. After deletion of your customer account, your data is locked against further use and deleted upon expiry of the retention periods under tax and commercial law at the latest.

This data is not transferred to third parties unless this is necessary for the performance of our services (e.g. website operators and managers, advertising partners, communication and marketing agencies).

Legal basis and possibility of withdrawal

As part of the registration process, the user is requested to give consent for data processing under Art. 6(1)(a) GDPR. Processing for contractual fulfilment is based on Art. 6(1)(b) GDPR. Processing for the purpose of product suggestions is based on our legitimate interests. Storage is done on the basis of legitimate interests in protecting against misuse and other unauthorised use under Art. 6(1)(f) GDPR.

As a user, you can delete your customer account at any time. You can do this directly through your account or by emailing info@biankakoben.com. You have the right to refuse direct marketing and analyses designed to create a profile.

9.4 Newsletter direct marketing

Purpose and scope of data processing

We want to offer you an individualised shopping experience based on your personal interests. For this purpose, we offer the option on our website of subscribing to a free newsletter. In direct marketing, we use your personal data to send you suitable offers, invitations to events, promotions, etc. via email, text message, telephone and post.

The following data is collected upon registration for the newsletter: name, email address, IP address and registration notification with a double opt-in procedure. The newsletters include a “web beacon”, i.e. a pixel-sized file, which is retrieved by our server or the server of a marketing service provider, if one was used, when the newsletter is opened. This results in the collection of technical information concerning, for example, the browser and your system, as well as your IP address and the time of the retrieval. To suggest the most relevant products, we process your usage data (e.g. viewed pages on our website, interest in our products, previous purchases, click and navigation history, and the content data in the user profile).

Retention period and recipients of the data

The name and email address of the user is stored for as long as the subscription to the newsletter is active. A subscription is automatically regarded as inactive if no message has been opened for more than two years. In exceptional cases we may retain the data for a longer period if and for as long as we are subject to legal retention or documentation requirements.

The data is not transferred to third parties in connection with the sending of the newsletter unless this is necessary for the performance of our service (e.g. marketing agencies, advertising partners, website operators and managers, marketing service providers). The newsletter is sent using “MailChimp”. The email addresses of our newsletter recipients, as well as their other data described in the context of these notes, are stored on the servers of MailChimp in the USA. MailChimp uses this information to send the newsletter and analyse the response to it on our behalf. According to its own information, MailChimp can also use this data to optimise or improve its own services, e.g. for technical optimisation of transmission and display of the newsletters or for commercial purposes, to determine the countries from which the recipients come. However, MailChimp does not use the data from our newsletter recipients to contact them itself or transfer the data to third parties. MailChimp's privacy policy can be found here: https://mailchimp.com/legal/privacy/. MailChimp is certified under the Privacy Shield agreement and thereby offers a guarantee of compliance with European data protection law https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

Legal basis and possibility of withdrawal

As part of the registration process for the newsletter, the subscriber is requested to give consent for data processing under Art. 6(1)(a) GDPR in a double opt-in procedure. Email addresses or telephone numbers are collected for the purpose of transmitting the newsletter. The collection of other personal data in the context of the registration process is based on Art. 6(1)(f) GDPR and serves to prevent misuse of the services or the email address used. Performance measurement via “web beacons” is based on Art. 6(1)(f) GDPR and helps us make technical enhancements to our service, as well as adapt them to the interests and reading habits of our users.

You can cancel receipt of the newsletter at any time, i.e. withdraw your consent. This simultaneously cancels your consent for transmission by MailChimp and your consent for statistical analyses. There is a link for this in each newsletter.

9.5. Competitions

Purpose and scope of data processing

We process the personal data of participants in our competitions. We collect the following data during registration for our competitions: age, name and email address or telephone number. Email addresses or telephone numbers are collected for the purposes of identifying and notifying the winner. You can voluntarily offer additional information or give consent for marketing. You can still participate without consenting to marketing.

Retention period and recipients

Personal data is deleted no later than 90 days after the end of the competition. The data is not transferred to third parties in connection with competitions unless this is necessary for the performance of our service (e.g. media and marketing agencies, marketing service providers).

Legal basis and withdrawal
 

The submission of your data is done on the basis of consent provided in accordance with Art. 6(1)(a) GDPR. You have the right to withdraw consent for processing your personal data at any time. However, please note that this will result in your exclusion from the competition.

10. Cookies, analytical tools and social media applications

10.1 Cookies

Purpose and scope of data processing

Cookies are small files that make it possible to store certain device-specific information on the device used to access the content (PC, smartphone, etc.) and for the website to retrieve that information if the same website is accessed again. Cookies help us improve your online experience with us by enabling us to make the website more user-friendly, faster and more secure. They also serve advertising and market-research purposes by enabling anonymised analysis of the use of our website. We use cookies in accordance with Art. 6(1)(f) GDPR on the basis of our legitimate interest in the analysis, optimisation and effective operation of our online shop.

“Third-party” cookies are cookies offered by providers other than the one that operates the website. Cookies are described as “permanent” or “persistent” if they are retained even after closing the browser. Most of the cookies used by us are “session cookies”, which are automatically deleted after your visit. There are also the following categories of cookies, grouped according to the purpose for which they are used:

  • Technical/required cookies: These cookies are function-related, i.e. absolutely necessary in order to enable the basic functions of the website. They make it possible to navigate the site, for example. They can therefore not be deactivated.

  • Performance/analytics cookies: These cookies are performance-related and make it possible to improve the functions of the website. For example, they can increase speed or save your site settings or wishlists. Analytical cookies are also used for statistical evaluation of the use of the website and for its improvement. If the use of these cookies is rejected, the site may react more slowly or certain functions may be limited.

  • Advertising/tracking cookies: These cookies are designed to create user profiles and are used to send the user advertising based on their browsing behaviour. We use tracking cookies to analyse user preferences (e.g. which pages of our online store were visited, which products were viewed). This enables us to personalise your shopping experience and improve marketing messages. If you refuse the use of these cookies, product suggestions may not conform to your preferences.

The following information can be collected by cookies: IP address, unique device ID (UDID) and the device type, domain, browser type and language used, operating system and system settings, country- and time zone-specific cookie identifier, cookie information as well as information concerning whether your device has the correct software to use particular functions, previously viewed websites, referring URLs and information about the use of our pages, such as access times, click behaviour, preferences and purchases.

The following cookies are used by Bianka Koben (ROLLOUT LIST):

10.2 Deactivation of Cookies

You can control the use of cookies yourself, as most browsers have the option of limiting or completely preventing their storage. However, we would like to remind you that you will not be able to use all the functions of the website to their full extent in that case.

You may opt-out of the use of cookies to measure reach and for advertising purposes vie the opt-out page of the Network Advertising Initiative (http://optout.networkadvertising.org/) moreover many online ad cookies can be managed via the US site http://www.aboutads.info/choices/ or the EU sitehttp://www.youronlinechoices.com/uk/your-ad-choices/.

10.3 Google Analytics

On the basis of our legitimate interests, i.e. interests in the analysis, optimisation and effective operation of our website in accordance with Art. 6(1)(f) GDPR, we use the web-analysis service Google Analytics. Google Analytics uses so-called ‘cookies’, which are text files placed on your computer for the purpose of analysing your use of the website. Google uses this information to analyse website usage on our behalf to compile reports about website activities and to provide us with further services relating to website and internet use. The processed data can be used to create usage profiles under pseudonyms. The information generated by the cookie about your use of the website is usually transmitted to a Google server in the United States and stored on that server. IP anonymisation is activated on this website for the use of Google Analytics. This means that the IP address transmitted for technical reasons by the browser will be anonymised by Google by truncating the IP address (by omitting the final octet of the IP address). The entire IP address is sent to a Google server in the US and truncated there only in exceptional cases. The IP address transmitted by your browser in the context of Google Analytics is not consolidated with other data from Google. Google is certified under the Privacy Shield agreement and thereby offers a guarantee of compliance with European data protection law https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

You can find more information here: https://support.google.com/analytics/answer/6004245

You can deactivate Google Analytics via the following link: https://support.google.com/analytics/answer/181881?hl

10.3 Hotjar

On the basis of our legitimate interests, i.e. interests in the analysis, optimisation and effective operation of our website in accordance with Art. 6(1)(f) GDPR), we use the web-analysis service Hotjar. We use Hotjar in order to better understand our users’ needs and to optimise this service and experience. Hotjar is a technology service that helps us better understand our users' experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc.) and this enables us to build and maintain our service with user feedback. Hotjar uses cookies and other technologies to collect data on our users’ behaviour and their devices. Among other information, the Hotjar tracking code is used to gather the following information: (in particular the device's IP address (captured and stored only in anonymised form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), preferred language used to display our website). No personal data is collected or transferred. Hotjar exclusively records anonymous mouse clicks, mouse movements, scrolling activities and text data from input fields. Hotjar stores this information in a pseudonymised user profile. Neither Hotjar nor we will ever use this information to identify individual users or to match it with further data on an individual user. The data is transferred to Hotjar servers, which are located in Ireland. Hotjar uses various services hosted by third parties, such as Google Analytics. . For further details, please see Hotjar’s privacy policy by clicking on this link.https://www.hotjar.com/legal/policies/privacy .

You can opt out of the creation of a user profile, Hotjar’s storage of data about your usage of our site and Hotjar’s use of tracking cookies on other websites by following this opt-out link. https://www.hotjar.com/legal/compliance/opt-out

10.4 Use of Facebook, Instagram, Youtube, Twitter, Pinterest and Snapchat plug-ins

Facebook, Instagram, Youtube, Twitter, Pinterest and Snapchat plug-ins (hereinafter referred to "Social Media Platforms") are used on our Internet pages. You can easily recognise the plug-ins by their respective company logos. When you use such plug-in, a connection to the Social Media Platform's server is established and you will be displayed the Social Media Platform. This will result in the transmission to the Social Media Platform server of those Internet pages of ours you accessed and the IP Address. If, at the same time, you are logged on to the Social media Platform as a member, the Social Media Platform will assign this information to your personal user account. The social media service is able to determine your user name and even your real name based on the transmitted data and associate the information with your personal user account with the social media service. You can avoid this by logging out of your personal user account before you use the plug-in. More information on data acquisition and use of data by Facebook, Twitter and Instagram and your rights and options in this respect for the protection of your privacy can be found in the data protection notice of the Social Media Platform.