Womanizer.com is an offer from WOW Tech Europe GmbH (hereinafter referred to as WOW Tech Europe). This privacy protection statement is intended to inform you about the processing of personal data when using our website.
“Personal data” means any information relating to an identified or identifiable natural person. In particular, this includes information that enables us to identify you, such as by your name, phone number, address, or email address. Statistical data that we collect when you visit our website, for example, and that cannot be linked to your person, does not fall under “personal data.”
1. Contents of this Privacy Protection Statement
2. Contact person
The contact person and person responsible for the processing of your personal data when you visit this website in accordance with the General Data Protection Regulation (GDPR) is
WOW Tech Europe GmbH
Am Kupfergraben 6A
10117 Berlin, Germany
Telephone +49 (0)30 95 999 3810
You can also contact our Data Protection Officer at any time if you have any questions regarding data protection in connection with our products or the use of our website. This person can be contacted at the above postal address and at the above-mentioned email address (keyword: “Attn: Data Protection Officer”).
3. Data processing on our website
3.1. Accessing our website/access data
Every time you use our website, we collect the access data that your browser automatically transmits to enable you to visit the website. The access data includes in particular:
- IP address of the requesting device;
- Time and date of the request;
- Address of the accessed website and the requesting website;
- Information about the browser and operating system used;
- Online IDs (device IDs, session IDs, etc.).
The data processing of this access data is necessary to enable users to visit the website and to guarantee the ongoing functionality and security of our systems. The access data is also temporarily stored in internal log files for the purposes described above in order to generate statistical data on the usage of our website, to further develop our website with regard to the usage habits of our visitors (for example, if the rate at which mobile devices are accessing our website increases), and in general to maintain/manage our website. The legal basis is Art. 6(1)1 point (b) of the GDPR.
The information stored in the log files does not allow any direct conclusion to your person; in particular, we only store the IP addresses in an abridged, anonymized form. Log files are stored for 30 days and archived after subsequent anonymization.
3.2. Contact us
You can use the contact form to get in touch with us. In this context, we process the data you transmit exclusively for the purpose of communication with you. The legal basis is Art. 6(1) point (b) of the GDPR. The data we collect through the contact form will be automatically deleted after complete processing of your request, unless we still need your request to fulfill contractual or legal obligations (see “Storage time”).
You have the possibility of registering for our login area in order to use the full functional range of our website. The data you are required to provide is indicated by mandatory fields (in particular, your name and email address). It is not possible to register without this data. The legal basis for processing is Art. 6(1) point (b) of the GDPR.
When we process orders, we collect mandatory information necessary for the execution of the contract:
- First name, last name;
- Email address;
- Billing and shipping address.
It is possible to provide optional information such as a phone number so we can also contact you in case of further questions. The legal basis for processing is Art. 6(1)1 point (b) of the GDPR.
You have the option of receiving our newsletter in which we inform you about new products and promotions on a regular basis.
We use the double opt-in procedure for subscribing to our newsletters, i.e., we will only send you newsletters by email if you click a link in our notification email confirming that you are the owner of the email address provided. Once you have confirmed your email address, we store your email address, the time of registration, and the IP address used for registration until you unsubscribe from the newsletter. The sole purpose of storing this information is to send you our newsletters and to be able to prove your registration. You can unsubscribe from the newsletter at any time. A corresponding unsubscribe link can be found in every newsletter. You can also simply send a message to the contact person indicated above or in the newsletter (by email or letter), as well. The legal basis for processing is your consent pursuant to Art. 6(1) point (a) of the GDPR.
We use standard technologies in our newsletters in order to measure interactions with the newsletters (opening the email, links clicked, etc.). We use this data in a pseudonymous form for general statistical analyses as well as for optimization and further development of our content and customer communication. This occurs using small graphics embedded in the newsletter (“pixels”). The data is collected in a purely pseudonymous form and is not linked to your other personal data. The legal basis for this is our above-mentioned legitimate interest pursuant to Art. 6(1)1 point (f) of the GDPR. We use our newsletter to share content that we believe is as relevant as possible for our customers and to better understand what readers are actually interested in. If you do not wish your usage behavior to be analyzed, you can unsubscribe from the newsletter or deactivate graphics in your email program by default. The data relating to your interaction with our newsletters is stored in a pseudonymous form for 30 days and subsequently completely anonymized.
3.6. Surveys and sweepstakes
We use your data for market research and opinion polling when you participate in one of our surveys. We always evaluate the data anonymously for internal purposes. If for some exceptional reason, a survey is not evaluated anonymously, the data will only be collected with your consent. In the case of anonymous surveys, the GDPR is not applicable and in the case of exceptional person-related evaluations, the legal basis is the aforementioned consent pursuant to Art. 6(1)1 point (a) of the GDPR.
In the context of sweepstakes, we use your data for the purpose of conducting the sweepstakes and notifying you if you are a winner. You can find detailed information in the respective sweepstakes rules of participation. The legal basis for processing is the sweepstakes fulfillment contract pursuant to Art. 6(1)1 point (b) of the GDPR.
3.7. Use of our own cookies
It is necessary for us to use “cookies” for some of our services. A cookie is a small text file placed by your browser on your computer and stored there. Cookies are not used to run programs or download viruses onto your computer. The main purpose of our cookies is to provide an offer tailored to your needs and to make the use of our services as time-saving as possible.
Most browsers are set to accept cookies by default. However, you can adjust your browser settings so your computer will reject cookies or only save them after prior consent. If you choose to reject cookies, you may find that parts of our services will not work properly.
- for login authentication;
- for load distribution;
- as an indicator of specific information on our website that has been displayed to you before so that it will not be displayed again the next time you visit the website.
We want to enable you to use our website more comfortably and individually. These services are based on our aforementioned legitimate interests; the legal basis is Art. 6(1)1 point (f) of the GDPR.
The legal basis for the data processing described in the following section is Art. 6(1)1 point (f) of the GDPR based on our legitimate interest in the needs-oriented design and continuous optimization of our website.
You will also find information in the following list of technologies we use on your possibilities to object with regard to our analysis measures using an opt-out cookie. Please note that an opt-out cookie must be set again if you delete all cookies in your browser or if you use a different browser and/or profile later.
We want to explain these technologies and the providers used for them in more detail in the following section.
The following data can be collected:
- the IP address of the device;
- the time and date of access;
- the identifier of a cookie;
- the device ID of mobile devices;
- Technical information about the browser and operating system used.
However, the data collected is stored in a purely pseudonymous form, making it impossible to draw conclusions about a person’s identity.
You will also find information in the following descriptions of technologies we use on your possibilities to object with regard to our analysis and advertising measures using an opt-out cookie. Alternatively, you can exercise your objection by making the appropriate settings on the TRUSTe or Your Online Choices websites, which provide bundled possibilities for objections from many advertisers. Both websites enable users to deactivate all advertisements of the listed providers at once by means of opt-out cookies or alternatively to make the settings for each provider individually. Please note that an opt-out cookie must be set again if you delete all cookies in your browser or if you use a different browser and/or profile later.
3.8.1. Google AdWords conversion tracking
If you use a Google account, depending on the settings in your Google account, Google can link your website and app browsing history to your Google account and use information from your Google account to personalize ads. If you do not want this association with your Google account, you need to log out of Google before you access our contact page.
3.8.2. Google Analytics
Google will process the information obtained by cookies for the purpose of evaluating your use of the website, compiling reports on website activity for the website operators, and providing further services relating to website activity and Internet usage.
3.9. Integration of videos
3.9.1. Integration of YouTube videos
We have integrated videos that are stored on YouTube into our online offering and they can be viewed directly on our website. YouTube is a video-sharing website from YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, U.S. (“YouTube”), which is a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, U.S. (“Google”). In the event that personal data is transferred to the U.S., Google and the subsidiary YouTube both abide by the EU–U.S. Privacy Shield. The legal basis is Art. 6(1)1 point (f) of the GDPR, which is based on our legitimate interest in integrating video and picture contents.
By visiting the website, YouTube and Google receive information that you have accessed the corresponding subpage of our website. This happens regardless of whether you are signed in to your account on YouTube or Google. YouTube and Google use this data for the purposes of advertising, market research, and/or needs-oriented design of their websites. If you are signed in to your YouTube or Google account and you access YouTube on our website, YouTube and Google can link this event to your respective profile(s). If you do not want this association with your account, you need to log out of Google before you access our website.
As indicated above, you can configure your browser to reject cookies or you can prevent the collection of data generated by cookies and related to your use of this website and the processing of this data by Google by deactivating the Ad personalization toggle in the Google ads settings. In this case, Google will only display ads that are not selected based on the information collected about you.
3.10 Commenting on blog posts
You can make public comments in our blog that will be published with the user name you entered. The user name does not have to be your actual name. It is possible to use pseudonyms and abbreviations. A user name and e-mail address are mandatory, but all other information is voluntary. By submitting your blog post, you consent to us saving your e-mail address and IP address as long as the post is available online. This information is stored with a view to taking possible responsibility for illegal content. Your data will only be used to a) contact you if a third party asserts to us that his rights have been infringed and b) in the event of such accusations, to prevent that you commit similar infringements in the future. In the latter case we store your data permanently. We may be legally obliged to hand over your stored data to the allegedly infringed party or the (law enforcement) authorities if a third party claims that their rights have been violated. This data is not merged with other data. The legal basis is Art. 6(1)1 point (a) of the GDPR. Comments are not moderated before publication. We reserve the right to delete comments if objections are raised by third parties regarding their unlawfulness.
3.11 Social media plug-ins
We use the following social media plug-ins on our blog:
- Instagram; and
We offer you the possibility of communicating directly with the provider of the plug-in via the button. We use a two-click solution, which means that when you visit our website, no personal data is initially passed on to the providers of the plug-ins. You can recognize the provider of the plug-in by the indication on the box above its initial letter or the logo. The plug-in provider only receives the information that you have accessed the corresponding website of our online offering if you click the selected field, thereby activating it. It means that by activating the plug-in, personal data is transferred from you to the respective plug-in provider and stored there (for U.S. providers, this means in the United States).
We neither have influence on the data collected and the processes involved in data processing, nor are we aware of the extent of data collection, the purposes of processing, the storage periods, or the deletion of data collected. The plug-in provider stores this data they collect on you as user profiles and uses it for the purposes of advertising, market research, and/or needs-oriented design of their website. Such an analysis takes place regardless of whether the user is signed in to the respective social media network, in particular for displaying needs-oriented advertisement and in order to inform other users of the social media network about your activities on our website. You can object to this processing of your data by the plug-in providers. To exercise your right to objection, you must contact the respective plug-in provider.
We implement the plug-ins to offer you the possibility of interacting with the social media networks and other users, in an attempt to improve our offering and make it more interesting to you as a user. The legal basis for the use of plug-ins is Art. 6(1)1 point (f) of the GDPR.
The data is passed on regardless of whether you have an account with the plug-in provider and are signed in there. If you are logged in to the plug-in provider, the data we collected will be directly associated with your existing account with the plug-in provider. If you click the activated button and, for example, link the page, the plug-in provider also stores this information in your user account and shares it publicly with your contacts.
You can obtain further information on the purpose and scope of data collection and processing by the plug-in provider as well as further information on your rights and possible configuration options to protect your privacy from the linked privacy policies of the respective plug-in providers in the following:
Facebook, Inc., 1601 S. California Ave, Palo Alto, California 94304, U.S. (http://www.facebook.com/policy.php). For more information on data collection: http://www.facebook.com/help/186325668085084, http://www.facebook.com/about/privacy/your-info-on-other#applications, and http://www.facebook.com/about/privacy/your-info#everyoneinfo. Facebook has submitted to the EU–U.S. Privacy Shield (https://www.privacyshield.gov/EU-US-Framework).
Twitter, Inc., 1355 Market St, Suite 900, San Francisco, California 94103, U.S.; https://twitter.com/privacy. Twitter has submitted to the EU–U.S. Privacy Shield (https://www.privacyshield.gov/EU-US-Framework).
Instagram LLC. 1601 Willow Road, Menlo Park, CA, 94025, U.S.; https://help.instagram.com/519522125107875, https://instagram-basics.de/datenschutzerklaerung/.
Pinterest, Inc., 651 Brannan Street, San Francisco, 94107, U.S.
4. Forwarding data
The data we collect will only be forwarded if:
- you have given your express consent pursuant to Art. 6(1)1 point (a) of the GDPR;
- the disclosure pursuant to Art. 6(1)1 point (f) of the GDPR is necessary to assert, exercise, or defend legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data;
- we are legally obliged pursuant to Art. 6(1)1 point (c) of the GDPR to forward it; or
- it is legally permissible and is required pursuant to Art. 6(1)1 point (b) of the GDPR for the processing of contractual relationships with you or for the implementation of pre-contractual measures that take place upon your request.
Part of the data processing may be carried out by our service providers. In particular, data centers that host our website and store our databases, IT service providers that maintain our systems, and consulting firms may also be included here, in addition to the service providers mentioned in this privacy protection statement. If we pass data on to our service providers, they may use the data exclusively for the fulfillment of their tasks. The service providers have been carefully selected and commissioned by us. They are contractually bound by our instructions, have appropriate technical and organizational safeguards in place to protect the rights of the persons concerned, and are monitored by us on a regular basis.
In addition, data may be disclosed in connection with inquiries from the authorities, court orders, and legal proceedings if it is necessary for legal prosecution or enforcement.
4.1. Google Tag Manager
In the event that personal data is transferred to the U.S., Google abides by the EU–U.S. Privacy Shield. The legal basis is Art. 6(1)1 point (f) of the GDPR based on our legitimate interest in integrating and managing several tags on our website in an uncomplicated manner. You can find more information on the Google Tag Manager overview here.
4.2. Credit check
We have a legitimate interest in carrying out the credit checks described below to protect against bad debts and misuse by third parties. If we commit to service in advance, we may, for the purpose of safeguarding our legitimate interests, request a credit check based on a mathematical-statistical method from SCHUFA Holding AG, Kormoranweg 5, 65201 Wiesbaden, Germany.
If the result of a credit check does not meet our requirements, we reserve the right to demand a secure method of payment (for example, a credit card) or to refuse to conclude the contract.
4.3. Payment service providers
We use external payment service providers. We pass on the data collected for processing payments (for example, bank details or credit card data) to the credit institution commissioned with the payment or to payment service providers commissioned by us, depending on which payment method you choose in the order process. In some cases, the payment service providers also collect this data on their own responsibility. The privacy protection statement of the respective payment service provider applies in this respect. In particular, we have commissioned the following service providers to process payments:
- for payment via PayPal: PayPal (Europe) S.à r.l. et Cie, S.C.A, 22–24 Boulevard Royal, 2449 Luxembourg;
- when paying by Amazon Pay: Amazon Pay: Amazon Payments Europe S.C.A. 5, Rue Plaetis, 2338 Luxembourg;
- for payment via Klarna: Klarna Bank AB (publ). Sveavägen 46, 111 34 Stockholm, Sweden
- for payment via Giropay, GIROPAY GMBH, An der Welle 4, 60322 Frankfurt am Main, Germany
In the case of payment by credit card, you enter the required payment information (credit card details) directly on our website.
5. Storage time
We only ever store personal data for as long as necessary in order to fulfill contractual or statutory obligations for which we have collected the data. Afterward we delete the data immediately, unless we still need the data until the expiry of the statutory limitation period for purposes of proof for civil law claims or due to statutory retention obligations.
We are required to keep contract data for another three years from the end of the year in which the business relationship with you ends for evidence purposes. Any claims fall under the statute of limitations after the statutory period of limitation at the earliest at this point in time.
We still have to store some of your data for accounting reasons even after that period. We are obliged to do so on the basis of statutory documentation obligations that may arise from the German Commercial Code, the Tax Code, the Banking Act, the Money Laundering Act, and the Securities Trading Act. The periods specified there for retaining documents are two to ten years.
6. Your rights
You have the right to request information about how we process your personal data at any time. We will explain the data processing and provide you with an overview of the data stored about you as part of the provision of information.
You have the right to have this data corrected if the data we have stored is incorrect or no longer up-to-date.
You may also request that your data be deleted (“right to be forgotten”). If in exceptional cases, deletion is not possible due to other legal provisions, the data will be blocked so that it is only available for this legal purpose. You may also restrict the processing of your data, for example, if you believe that the data we have stored is incorrect.
You also have the right to data portability, i.e., on request, we will send you a digital copy of the personal data you have provided.
You can contact us at any time using the contact details above to exercise your rights as described here. This also applies if you wish to receive copies of guarantees to prove a reasonable level of data protection.
In addition, you have the right to object to data processing pursuant to Art. 6(1) point (e) or (f) of the GDPR. Finally, you have the right to complain to the supervisory authority for data protection responsible for us. The right of appeal may be exercised in particular before a supervisory authority in the member state where you currently live or work, or in the place where you suspect the infringement is occurring. The responsible supervisory authority is in Berlin, where we have our headquarters: Berlin Commissioner for Data Protection and Freedom of Information, Friedrichstr. 219, 10969 Berlin, Germany.
7. Right to revocation and objection
You have the right to revoke your consent that you granted us at any time pursuant to Art. 7(2) of the GDPR. As a result, we will not continue the data processing based on this consent in the future. The revocation of consent shall not affect the legality of the processing carried out on the basis of the consent until revocation.
If we process your data on the basis of legitimate interests pursuant to Art. 6(1) point (f) of the GDPR, you have the right pursuant to Art. 21 of the GDPR to object to the processing of your data and to supply us with reasons that arise from your particular situation and that in your opinion indicate that your interests are worthy of protection. If you object to data processing for purposes of direct marketing, you have a genuine right to objection, which we will also implement without needing to supply reasons.
A simple message to the above-mentioned contact person is sufficient if you would like to make use of your right to revocation or objection.
8. Data security
We implement modern technical measures to guarantee data protection, in particular to protect your personal data from the dangers of data transmission and access by third parties. These are adapted to the current state-of-the-art in each case. To safeguard the personal data you provide on our website, we use Transport Layer Security (TLS), which encrypts the information you enter.
9. Changes to the privacy protection statement
We may update this privacy protection statement from time to time, for example, when we revise our website or when there are changes in legal or regulatory requirements.
Version: 1.0 / Release: August 2018