YOU LOOK PERFECT Owner Sandra Milacher

Abtsdorf 170

A-4864 Attersee

info@youlookperfect.at

Tel. +43-660-1464437


Declaration

For us it is of utmost importance to protect your personal data and to treat it confidentially. It is a matter of course for us to comply with the legal data protection regulations and to work DSGVO compliant.

Your data on our homepage https://www.youlookperfect.at are transmitted absolutely securely thanks to SSL (Secure Socket Layer) encryption and cannot be read by third parties. When you order as a customer in the online store, we need some personal information from you, such as: Your name, address and e-mail address. Only with this information we are able to deliver the goods ordered by you quickly and smoothly and to reach you if necessary in case of queries. We do not pass on your personal data to third parties.

You have a right to information, correction and deletion - see point 7.

1. legal basis

The EU General Data Protection Regulation, the Data Protection Act 2000 and the Data Protection Amendment Act 2018 serve the right to protection of personal data. We process your data exclusively on the basis of the legal provisions (DSGVO, DSG 2018, TKG 2003).

2. basic principles

The company/sole proprietor responsible is: Sandra Cornelia Milacher, Abtsdorf 170, 4864 Attersee, AUSTRIA, info@youlookperfect.at, Tel. +43-6601464437

3. data security

For security reasons, our website uses SSL encryption (Secure Sockets Layer). This protects your transmitted data and can not be read by third parties. You can recognize successful encryption by the fact that the protocol designation in the status bar of the browser changes from "http://" to "https://" and that a closed lock symbol is visible there.

We also use technical and organizational security measures to protect the stored personal data against accidental or intentional manipulation, loss or destruction and against access by unauthorized persons. Our security measures are continuously improved in accordance with technical progress.

4 Purpose, legal basis, storage period and data recipients

4.1 We need the collected personal data (if applicable name, address, telephone number, email address, purchased goods, purchase date, payment data) for the fulfillment of the contract and billing, assertion of contractual claims and for customer service purposes. The data is collected, stored, processed and used for this purpose.

4.2 The legal basis for the processing of your personal data are on the one hand contract performance of the online purchase, legitimate interests, the fulfillment of our legal or contractual obligations and on the other hand your consent in the contact form or newsletter. Failure to provide the data may have different consequences.

4.3. We process your personal data as necessary for the duration of the entire business relationship (from the initiation, processing to the termination of the contract) and beyond that in accordance with the statutory storage and documentation obligations, which arise, among other things, from the Unternehmensgesetzbuch (UGB), the Bundesabgabenordnung (BAO), as well as until the end of any legal dispute, ongoing warranty and guarantee periods, etc.

4.4. In the course of operating our websites and executing the purchase contract, we commission companies that may gain access to your personal data in the course of their activities, insofar as they require the data to perform their respective services. These companies have committed themselves to comply with the applicable data protection regulations.

4.5 Contact form

Your information including personal data from our contact form will be transmitted to us via the mail server for the purpose of processing the request, processed and stored by us. This data will not be collected or passed on without your declaration of consent. Without this data we cannot process the request. The storage period is 2 years.

A transmission of the data takes place to:

  • Our domain and email provider IONOS (IONOS SE, Elgendorfer Str. 57, 56410 Montabaur, Germany)for the purpose of managing the messages from the contact form. We have concluded a corresponding contract with the provider for order data processing. They have undertaken to comply with the applicable data protection regulations vis-à-vis us. You can find the data protection declaration of IONOS at https://www.ionos.de/terms-gtc/terms-privacy
  • Our homepage operator SHOPIFY (Shopify Intrenational Limited, 1-2 Victoria Buildings, Haddington Road, Dublin 4, D04 XN32, Ireland) for the purpose of managing the messages from the contact form. We have concluded a corresponding contract with the provider for commissioned data processing. They have undertaken to comply with the applicable data protection regulations vis-à-vis us. The Shopify privacy policy can be found at https://www.shopify.com/legal/privacy

4.6 Newsletter

If you register for our newsletter, we use the data required for this purpose or separately provided by you to regularly send you our email newsletter based on your consent pursuant to Art. 6 (1) p. 1 lit. a DSGVO.

Unsubscribing from the newsletter is possible at any time and can be done either by sending a message to the contact option described above or via a link provided for this purpose in the newsletter. After unsubscribing, we will delete your e-mail address unless you have expressly consented to further use of your data or we reserve the right to use data beyond this, which is permitted by law and about which we inform you in this statement. The newsletter is sent as part of a processing on our behalf by a service provider to whom we pass on your e-mail address for this purpose. A transfer of data takes place to:

  • Our homepage operator SHOPIFY (Shopify Intrenational Limited, 1-2 Victoria Buildings, Haddington Road, Dublin 4, D04 XN32, Ireland) for the purpose of managing the contacts and sending the newsletter. We have concluded a corresponding contract with the provider for commissioned data processing. They have undertaken to comply with the applicable data protection regulations vis-à-vis us. The Shopify privacy policy can be found at https://www.shopify.com/legal/privacy

4.7 Online purchase

For the purpose of contract processing, the following data will also be stored by us: Name, address, telephone number, email address, purchased goods, purchase date, payment data.

The data provided by you are necessary for the fulfillment of the contract or for the implementation of pre-contractual measures. Without this data we cannot conclude the contract with you.

The legal minimum storage period is 7 years.

In the case of a purchase, the data is transmitted to:

  • Our domain and email provider IONOS (IONOS SE, Elgendorfer Str. 57, 56410 Montabaur, Germany)for the purpose of receiving an email about the order. We have concluded a corresponding contract with the provider for order data processing. They have undertaken to comply with the applicable data protection regulations vis-à-vis us. You can find the privacy policy of IONOS SE at https://www.ionos.de/terms-gtc/terms-privacy
  • The responsible transport company DPD, DHL Express or POST and their partners for the purpose of delivery. These have undertaken to comply with all legal data protection guidelines. Your personal data will not be used for any other purpose than for the transport service.
  • Our shipping portal SENDCLOUD (Sendcloud GmbH, Fürstenrieder Str.70, 80686 Munich, Germany)for the purpose of parcel label creation. Here we prepare the deliveries, create parcel labels. You will receive the delivery info by email. You can find Sendcloud's privacy policy at https://www.sendcloud.de/datenschutz/
  • Our tax advisor and accounting department to fulfill our tax obligations.
  • Our order processing system via the service provider BILLBEE
    (Billbee GmbH, Arolser Str. 10, 34477 Twistetal, Germany) . Herewith we create the invoices. Name, address and, if applicable, other personal data will be passed on to Billbee in accordance with Art. 6 Para. 1 lit. b DSGVO exclusively for the purpose of processing the online order. Your data will only be passed on to the extent that this is actually necessary for the processing of the order. Details of Billbee's data protection and its privacy policy can be viewed here https://www.billbee.io/datenschutz/
  • Your banking institution for the purpose of debiting the purchase price. The data protection regulations of your selected banking institution apply here.
  • Our homepage operator SHOPIFY (Shopify Intrenational Limited, 1-2 Victoria Buildings, Haddington Road, Dublin 4, D04 XN32, Ireland) and apps controlled by Shopify for the purpose of managing customers and orders. We have concluded a corresponding contract for commissioned data processing with the provider. They have undertaken to comply with the applicable data protection regulations vis-à-vis us. The privacy policy of Shopify can be found here https://www.shopify.com/legal/privacy
  • The evaluation tool TRUSTED SHOPS ( TRUSTED SHOPS GmbH, Subbelrather Str. 15c, 50823 Cologne, Germany) . A few days after ordering, the customer automatically receives an email asking him to rate our store. This email is sent by our partner Trusted Shops. We have concluded a corresponding contract for order data processing. They have committed themselves to comply with the applicable data protection regulations towards us. The privacy policy of Trusted Shops can be found here https://legal.trustedshops.com/privacy

You can find more detailed information on the order processors and data recipients commissioned by us at info@youlookperfect.at request.

4.8 Opening a customer account

We collect personal data if you voluntarily provide it to us when opening a customer account. Mandatory fields are marked as such because in these cases we need the data to process the contract or to open the customer account and you cannot complete the account opening without providing it. Which data is collected can be seen from the respective input forms. We use the data provided by you in accordance with Art. 6 para. 1 p. 1 lit. b DSGVO for contract processing and processing your requests. After complete processing of the contract or deletion of your customer account, your data will be restricted for further processing and deleted after expiry of the retention periods under tax and commercial law, unless you have expressly consented to further use of your data or we reserve the right to use data beyond this, which is permitted by law and about which we inform you in this statement. The deletion of your customer account is possible at any time and can be done by sending a message to the contact option described below.

A transmission of the data takes place to:

  • Our homepage operator SHOPIFY (Shopify Intrenational Limited, 1-2 Victoria Buildings, Haddington Road, Dublin 4, D04 XN32, Ireland) and apps controlled by Shopify for the purpose of managing customers and orders. We have concluded a corresponding contract for commissioned data processing with the provider. They have undertaken to comply with the applicable data protection regulations vis-à-vis us. The privacy policy of Shopify can be found herehttps://www.shopify.com/legal/privacy

4.9. Data processing is carried out on the basis of the legal provisions of § 96 para 3 TKG and Art 6 DSGVO (in particular consent and/or the need to fulfill the contract).

5. cookies and web analysis

5.1 Cookies in general

In order to make visiting our website attractive and to enable the use of certain functions, we use so-called cookies. These are small text files that are stored on your terminal device and store certain information for exchange with our system. The legal basis for the processing of this data is Art. 6 (1) sentence 1 lit. f DSGVO. Some of the cookies we use are deleted again after the end of the browser session, i.e. after closing the browser (transient cookies). These include, in particular, session cookies. These store a unique identifier (session ID). This session ID can be used to assign various requests from your browser to a common session. This means that your end device can be recognized when you return to our website during a session. Session cookies are also deleted when you log out. Other cookies remain on your end device for a specified period of time and allow us to recognize your browser or end device the next time you visit (persistent cookies).

Please note that certain cookies are already set as soon as you enter our website. You can set your browser in such a way that you are informed about the setting of cookies and can decide individually about their acceptance or exclude the acceptance of cookies for certain cases, in particular cookies from third parties (third party cookies) or in general. If you do not accept cookies, the functionality of our website may be limited.

You have the option of preventing cookies from being stored on your computer by making the appropriate browser settings. Each browser differs in the way it manages cookie settings. This is described in the help menu of each browser, which explains how you can change your cookie settings.

You can find the browser settings for each browser at the following links:

Internet Explorer: http://windows.microsoft.com/de-DE/windows-vista/Block-or-allow-cookies

Safari: https://support.apple.com/de-at/guide/safari/sfri11471/mac

Chrome: http://support.google.com/chrome/bin/answer.py?hl=de&hlrm=en&answer=95647

Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen

5.2 Google Analytics

This website uses the web analytics service GOOGLE ANALYTICS (Google Ireland Limited, Gordon House , Barrow Street, Dublin 4 , Ireland).

We use Google Analytics with the extension "_anonymizeIp()". This means that IP addresses are processed in a shortened form, which, according to Google, should virtually rule out the possibility of personal references. Insofar as the data collected about you has a personal reference, this should be excluded immediately and the personal data deleted immediately. The data sent by us and linked to cookies, user recognition or advertising IDs are automatically deleted after 14 months. The deletion of data whose retention period has been reached takes place automatically once a month.

Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of this website will be transmitted to and stored by Google on servers in the United States. However, by activating IP anonymization on this website, your IP address will be truncated beforehand by Google within Member States of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports and statistics on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google.

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.

In addition, you can prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plug-in available here http://tools.google.com/dlpage/gaoptout?hl=de.

This website uses the "demographic characteristics" function of Google Analytics. This allows reports to be generated that contain statements about the age, gender and interests of site visitors. This data comes from interest-based advertising from Google as well as visitor data from third-party providers. This data cannot be assigned to a specific person. You can deactivate this function at any time via the ad settings in your Google account or generally prohibit the collection of your data by Google Analytics as shown in the item "Objection to data collection".

We use Google Analytics to analyze and regularly improve the use of our website. The statistics obtained enable us to improve our offer and make it more interesting for you as a user.

To protect your personal data, we have concluded an order processing agreement with Google in accordance with Art. 28 DSGVO. The provider is certified in accordance with the EU-U.S. Data Privacy Framework and therefore offers an appropriate level of data protection. You can find more information about Google here:

User Terms: http://www.google.com/analytics/terms/de.html

Privacy Policy: https://policies.google.com/privacy

5.3 Google Fonts

We use GOOGLE FONTS (Google Ireland Limited, Gordon House , Barrow Street, Dublin 4 , Ireland). Google Fonts is used without authentication and no cookies are sent to the Google Fonts API. If you have an account with Google, none of your Google account information will be transmitted to Google while using Google Fonts. Google only records the usage of CSS and the fonts used and stores this data securely. Google Fonts is certified with the "Data Privacy Framework" and thus guarantees a legally secure transfer of data. You can find out more about these and other issues at https://developers.google.com/fonts/faq

What data is collected by Google and what it is used for can be read here https://policies.google.com/privacy

5.4 Google reCaptcha

We use the reCAPTCHA function of GOOGLE (Google Ireland Limited, Gordon House , Barrow Street, Dublin 4 , Ireland) on our website. We use this function on pages with (contact) forms to protect them from automated access (e.g. by so-called "bots"). By integrating reCAPTCHA, personal data (e.g. IP address) can be collected by Google to find out whether the request really comes from a human. The data processing is based on our legitimate interests, namely our interest in the security of our website as well as the defense against automated access within the meaning of Art. 6 para. 1 lit. f) DSGVO. The provider is certified in accordance with the EU-U.S. Data Privacy Framework and therefore provides an adequate level of data protection. Detailed information on data protection in connection with the use of Google reCAPTCHA can be found here https://policies.google.com/privacy

5.5 Google Adwords Remarketing / Google Tag Manager.

We use Google remarketing tags. These are services provided by GOOGLE (Google Ireland Limited, Gordon House , Barrow Street, Dublin 4 , Ireland). Google uses cookies that are stored on your computer and that enable an analysis of your use of the website. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. The IP address is then shortened by Google by the last three digits, a clear assignment of the IP address is therefore no longer possible. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. Third-party vendors, including Google, serve ads on websites on the Internet. Third-party vendors, including Google, use stored cookies to serve ads based on a user's previous visits to this website. Google will not associate your IP address with any other data held by Google. You can object to the collection and storage of data at any time with effect for the future. You can deactivate the use of cookies by Google by visiting the Google advertising deactivation page. However, we would like to point out that in this case you may not be able to use all functions of this website to their full extent.

By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above. You may object to the collection and storage of data at any time with effect for the future. You can find further information on Google's terms and conditions here https://policies.google.com/privacy

Our website uses Google Tag Manager for the purpose of personalized, interest and location-based online advertising. The option to anonymize IP addresses is controlled by Google Tag Manager via an internal setting that is not visible in the source of this page. This internal setting is set to achieve the required anonymization of IP addresses. The provider is certified in accordance with the EU-U.S. Data Privacy Framework and therefore offers an appropriate level of data protection.

5.6 Google Adwords Conversion Tracking

This website uses Google Conversion Tracking from GOOGLE (Google Ireland Limited, Gordon House , Barrow Street, Dublin 4 , Ireland). Google Adwords sets a cookie on your computer if you have reached our website via a Google ad. These cookies lose their validity after 30 days and are not used for personal identification. If the user visits certain pages of the Adwords customer's website and the cookie has not yet expired, Google and the customer can recognize that the user clicked on the ad and was redirected to this page. Each Adwords customer receives a different cookie. Cookies can therefore not be tracked across Adwords customers' websites. The information obtained using the conversion cookie is used to create conversion statistics for Adwords customers who have opted in to conversion tracking.

The Adwords customers learn the total number of users who clicked on their ad and were redirected to a page tagged with a conversion tracking tag. However, they do not receive any information that can be used to personally identify users. If you do not wish to participate in the tracking process, you can also refuse the setting of a cookie required for this - for example, via a browser setting that generally deactivates the automatic setting of cookies. You can also disable cookies for conversion tracking by setting your browser to block cookies from the domain "www.googleadservices.com". The provider is certified in accordance with the EU-U.S. Data Privacy Framework and therefore offers an adequate level of data protection.

Google's privacy policy on conversion tracking can be found at https://policies.google.com/privacy

5.7 Facebook/Meta Pixel

We use the "conversion pixel" or visitor action pixel from Facebook (Meta Platform Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Dublin, D02x525, Ireland). By calling this pixel from your browser, Facebook can subsequently recognize whether a Facebook ad was successful, e.g. led to an online purchase. We only receive statistical data from Facebook for this purpose without any reference to a specific person. This allows us to record the effectiveness of the Facebook ads for statistical and market research purposes. The provider is certified in accordance with the EU-U.S. Data Privacy Framework and therefore offers an appropriate level of data protection. In particular, if you are registered with Facebook, we also refer you to their privacy information, which can be viewed at https://de-de.facebook.com/policy.php

5.8 Facebook/Meta Website Customer Audiences

We use the "Website Custom Audiences" pixel from Facebook (Meta Platform Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Dublin, D02x525, Ireland) within our website. So-called tracking pixels are integrated on our pages. When you visit our pages, a direct connection between your browser and the Facebook server is established via the tracking pixel. Facebook thereby receives, among other things, the information from your browser that our page was called up from your end device. If you are a Facebook user, Facebook can thereby assign the visit to our pages to your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Facebook. We can only select which segments of Facebook users (such as age, interests) should be displayed our advertising. In doing so, we use one of two ways of working of Custom Audiences, in which no data sets, in particular no email addresses of our users - neither encrypted nor unencrypted - are transmitted to Facebook. The provider is certified in accordance with the EU-U.S. Data Privacy Framework and therefore offers an appropriate level of data protection. Further information on this can be found in Facebook's privacy policy, which can be viewed here https://de-de.facebook.com/policy.php

5.9 Shopify Analytics

Our homepage operator SHOPIFY (Shopify Intrenational Limited, 1-2 Victoria Buildings, Haddington Road, Dublin 4, D04 XN32, Ireland) uses its own analytics tool for the purpose of analyzing visitor flows and purchases. We have concluded a corresponding contract for commissioned data processing with the provider. They have undertaken to comply with the applicable data protection regulations vis-à-vis us. The privacy policy of Shopify can be found here https://www.shopify.com/legal/privacy

5.10 Affiliate

We work together with affiliate networks. An affiliate network is a service provider in online advertising and an intermediary between advertisers and publishers (website operators). Publishers can enter into a partnership via the affiliate network and thus participate in special promotions. For this purpose, publishers integrate an advertising material/promotion code/hyperlink in the content on their website and thus direct the customer to our online store through, for example, an editorial text.

As soon as the user makes a purchase on our website, the publisher receives a corresponding commission. Only purchase completion information such as order ID, product ID and the price of the purchased products is transmitted to the networks. No personal data is collected or transmitted.

5.11 Hyros

We use the analysis tool HYROS (Hyros, Inc.,13359 N Highway 183 Ste 406 # 2008, Austin, TX 78750 USA)to see if our ads were successful. We receive statistical data to optimize the effectiveness of our advertisements. Through its use, data may also be transmitted to the USA. The provider is certified in accordance with the EU-U.S. Data Privacy Framework and therefore offers an adequate level of data protection. Further information can be found in the provider's privacy information at the following URL: https://www.hyros.com/privacy.html.

5.12 Bing Ads (Microsoft Corporation)
The website uses the remarketing function "Bing Ads" of Microsoft Corporation One Microsoft Way, Redmond, WA 98052-6399, USA. ("Microsoft Advertising"). Microsoft Bing Ads stores a cookie on your computer if you have reached our website via a Microsoft Bing ad. In this way, Microsoft Bing and we can recognize that someone has clicked on an ad, has been redirected to our website and has reached a predetermined target page (conversion page). We only learn the total number of users who clicked on a Bing ad and were then forwarded to the conversion page. No personal information about the identity of the user is disclosed.If you do not want information about your behavior to be used by Microsoft as explained above, you can refuse the setting of a cookie required for this - for example, by using a browser setting that generally deactivates the automatic setting of cookies. You can also prevent the collection of data generated by the cookie and related to your use of the website and the processing of this data by Microsoft by clicking on the following link: http://choice.microsoft.com/de-DE/opt-out to declare your objection. Further information on data protection and the cookies used by Microsoft and Bing Ads can be found on the Microsoft website at https://privacy.microsoft.com/de-de/privacystatement


6. consent and right of revocation

6.1. If your consent is required for the processing of your data, we will only process it after your express consent.

6.2. In principle, we do not process data of minors and are not authorized to do so. By giving your consent, you confirm that you have reached the age of 14 or that you have the consent of your legal representative.

6.3. You can revoke your consent at any time at the following e-mail address: info@youlookperfect.at

In such a case, the data previously stored about you will be anonymized and subsequently used only for statistical purposes without reference to persons. By means of the revocation of consent, the lawfulness of the processing carried out on the basis of the consent until the revocation is not affected.

7. your rights

7.1. You have the right to obtain information at any time from the person responsible (Sandra Cornelia Milacher, info@youlookperfect.at ) about the personal data concerned. Insofar as there is no legal obligation to retain the data, you have the right to have this data deleted and to object to the processing. Furthermore, you have the right to correct the data as well as to restrict processing, to data portability as well as to lodge a complaint with the Austrian Data Protection Authority (Wickenburggasse 8-10, 1080 Vienna, e-mail: dsb@dsb.gv.at).

7.2. Please contact us regarding your rights :

YOU LOOK PERFECT Owner Sandra Milacher

Abtsdorf 170

4864 Attersee, AUSTRIA

info@youlookperfect.at

8. change of the privacy policy

The data protection measures are always subject to technical renewal. For this reason, we ask you to inform yourself about our data protection measures at regular intervals by consulting our data protection declaration.

We therefore reserve the right to update this data protection information from time to time.

If you have any questions about our products, you look perfect will of course be happy to answer them at any time. We hope you enjoy using our products.

Status January 27, 2024