The protection of your personal data is our highest priority, which is why we only use your data in strict compliance with the applicable data protection principles. From 25 May 2018, the provisions of the EU General Data Protection Regulation (hereinafter referred to as GDPR) will apply throughout Europe. As of today, we would like to inform you in detail about how Marialivestockfarm processes personal data in accordance with the new Regulation (see Article 13 et seq. of the GDPR). Please read our Privacy Policy carefully. If you have any questions or comments about our Privacy Policy, you can contact us at any time at the email address below.

1. OVERVIEW

The following data protection provisions inform you about the type and extent of processing of personal data by Marialivestockfarm. Personal data is information that can directly or indirectly identify you. The use of our applications, products, services, technologies or features and all associated pages, applications and services (collectively referred to as the “Offer”) is subject to this Privacy Policy.

By registering for a new account and/or providing an appropriate explanation to existing customers, you confirm your agreement to this Privacy Policy and expressly consent to the processing, use and disclosure of your personal data in the manner described here.

The processing of data by Marialivestockfarm can be divided into two categories:

  • All data necessary for the execution of a contract with Marialivestockfarm will be processed for the purpose of contract execution and/or contract preparation. If external service providers are also involved in the processing of the contract, e.g. payment service providers, optimisation services, hosting companies, etc., your data will be passed on to them to the extent required.
  • When you make use of our Offer, various information is exchanged between your terminal and our server or the server of the services we use. This may also include personal data. The information collected in this way is used, among other things, to further optimise our offer.

According to the requirements of the GDPR, you have various rights that you can assert with us. This includes the right to withdraw your consent at any time regarding the processing of selected data, in particular the processing of data for advertising purposes. The possibility of withdrawing your consent is always highlighted in a typographical manner. You will find further information on your rights below in an additional paragraph and in the individual descriptions of the respective data processing.
Our offer is only available to persons who have reached the age of 16. If you have not yet reached the aforementioned minimum age, you may use our Offers only if and insofar as your parents have expressly consented to this and you have provided us with sufficient proof of such consent.
If you have any questions about our Privacy Policy, you can contact us at any time at hello@Marialivestockfarm.com.

2. Name and Contact Details of the Company’s Data Controller and Data Protection Officer

This Privacy Policy applies to the processing of data by Marialivestockfarm as a controller under the GDPR for the following offerings: www.marialivestockfarm.com . Marialivestockfarm has been appointed as the data controller in the USA in accordance with Articles 3 Para.2 and 27 Para. 1, 3 of the GDPR.

3. Purposes of the Data Processing, Legal Basis and Legitimate Interests Pursued by Us or a Third Party and Categories of Recipients.

3.1 Use of our Offer

When you use our Offer, in particular our website, information is automatically sent to our servers by the application or browser used on your terminal and temporarily stored in a log file. The following information is recorded without your intervention and stored in the log file until it is automatically or manually deleted:

  • The IP address of the device used,
  • The date and time of access,
  • The name and URL of the file accessed, the website/application from which the access was made (referring URL),
  • The unique identifier of the browser you are using,
  • The name of your Internet service provider.

The processing of the above-mentioned data is carried out in accordance with Article 6(1)(f) of the GDPR. Our legitimate interest derives from the purposes of data collection listed below. At this point, we would like to point out that the data collected does not allow us to identify you personally or to make any inferences about you. We use the IP address of your terminal and the other data listed above for the following purposes:

  • To ensure the correct establishment of a connection,
  •  To ensure a comfortable use of our Offer,
  •  Evaluate the security and stability of the system and,
  •  Performing other administrative tasks.

The data is stored in accordance with the statutory retention periods and is then automatically deleted. In addition, we use cookies, tracking tools, targeting procedures and interfaces to other services, e.g. to social media platforms, payment services or app store providers, as part of our Offer. The exact procedures and how your data is used for such purposes are explained in more detail in section 4 below.

3.2 Conclusion, Performance or Termination of a Contract

Processing of data upon conclusion of the contract

We process the data necessary for the conclusion, performance or termination of a contract. This data includes in particular :

  • – E-mail address,
  •  First name and surname, if applicable,
  • Billing and payment data,
  • Data entered by you and generated by the use of our Offer, such as gender, age and height, weight, etc.

The legal basis used is Art. 6 Para. 1 point a), point b) GDPR and Article 9 paragraph 2 point a) GDPR. Insofar as we do not use your contact details for customer support (see Section 3.3. in detail), we retain the data collected for the processing of the contract until the end of the contract or until the expiry of any contractual guarantee and warranty claims. After the expiry of the said period, we shall retain the personal data required by law for the prescribed legal period. During this period (usually six to ten years from the conclusion of the contract), the data will only be processed in the event of an audit by the tax authorities.

3.3. Processing of Data for Customer Support or Customer Service

3.3.1. Informative purposes

Insofar as you have registered for our Offer, we guide you as an existing customer. In this case, we process your details in order to send you information, for example about new, extended or improved features, products and services.

3.3.2. Targeted advertising

In order to ensure that you only receive the information that is intended to be of interest to you, we categorise and supplement your customer profile with other information. We use statistical information as well as information about you (e.g. reference data or basic data from your customer profile). The aim is to optimise our Offer according to your real or perceived personal interests and/or needs and to provide you with appropriate recommendations so that you are not bored with unnecessary promotions.

The legal basis for the above-mentioned processing operations is Article 6(1)(b) and (f) of the GDPR and Article 9(2)(a) of the GDPR. The processing of existing customer data for advertising purposes is considered a recognised legitimate interest in accordance with Recital 47 of the GDPR.

3.3.3. Customer Support

Freshworks

We use the Fresworks ticketing system, 2950 S. Delaware Street, Suite 201, San Mateo CA 94403 (“Freshworks”) for processing service, support and other user requests on the basis of Article 6(1)(b) of the GDPR. If you submit a support request via one of our channels (e.g. our contact form, live chat, e-mail, etc.), the following data (depending on the content and the selected contact channel) will be processed via Gorgias servers:

  • The data you have entered,
  •  Your name,
  • Your e-mail address,
  • Your browser information,
  • Your IP address.

You can find more information about the processing of data by Gorgias in the Gorgias Privacy Policy available at: https://freshdesk.com/gdpr . If you have any questions, you can also contact the Freshworks data protection officers directly at support@freshdesk.com.

3.3.4. Sending the Newsletter

We offer interested customers the opportunity to subscribe to our newsletter. In order to ensure that the e-mail address entered is actually associated with the interested customer, we use the double opt-in procedure: once you have entered your e-mail address in the registration field, we will send you a confirmation link. Only when you click on this confirmation link will your e-mail address be added to our mailing list. We store the data collected in this process solely for documentation and verification purposes. This data includes in particular :

  • – The e-mail address transmitted,
  • The IP address of the device used,
  • The date and time of the recording,
  •  The way of addressing,
  •  The date, content and time of the confirmation email,
  • The ip address of the device used for confirmation,
  • And the date and time of your confirmation.

The legal basis used is Article 6, paragraph 1, point a) of the GDPR. We store this data until the end of the contractual relationship, as this allows us to prove the legality of sending the newsletter. After the expiry of this period, we will retain the personal data required by law for the prescribed legal period. During this period (usually ten years from the conclusion of the contract), the data will only be processed again in the event of an audit by the tax authorities. You can withdraw your consent at any time with effect for the future. To do so, simply click on the unsubscribe button in the relevant e-mail or send a short e-mail notification. To do this, please use the contact details of our data protection officer.

3.3.5. Right of objection

You can withdraw your consent to the processing of data for the above-mentioned purposes at any time, free of charge, separately for the respective communication channel and with effect for the future. This can be done by sending an e-mail or a letter to the contact details given in point 1.

In the event of an objection, we will block the contact address concerned for further processing of the promotional data. We will process your objection as soon as possible and implement the corresponding blocking measures immediately after verification. We would like to point out that, in exceptional cases, information or product recommendations may still be sent even after your objection has been received. This is only for technical reasons and does not mean that we will not implement your complaint. Thank you for your understanding.

4. Processing of Data for the Provision of Our Services

In the following, we would like to inform you about the processing of data necessary for the provision of our Offer:

4.1. Online Presence and Website Optimisation

We do not sell or rent your data to third parties for marketing purposes without your express consent. In order to provide our customers with the best possible product, to improve the quality of our Offer from time to time and to protect the interests of our customers, we will, in certain circumstances, disclose certain data to third parties; however, such disclosure will always be subject to strict restrictions, which are described in more detail below:

4.1.1. Cookies – General Information

We use cookies on our website on the basis of Article 6, paragraph 1, point f) of the GDPR. Our interest in optimising our Offers is to be considered justified within the meaning of the aforementioned regulation. Cookies are small files that your browser automatically creates and which are stored on your terminal (laptop, tablet, smartphone, etc.) when you use our Offers. Cookies do not damage your terminal, do not contain viruses, Trojan horses or other malicious software. Cookies enable us to store information that is in each case specific to the terminal used. However, this does not mean that we can immediately identify you. The use of cookies serves, among other things, to make the use of our Offer more pleasant for you. We use session cookies to detect that you have already visited certain pages on our website. If you use our Offer again later, the cookie automatically recognises you. In addition, we also use temporary cookies for user-friendliness purposes, which are stored on your terminal for a certain defined period of time. These are automatically deleted when you leave.

In addition, we use cookies to statistically record the use of our Offers and to evaluate them in order to optimise them for you and to display information specifically tailored to your needs. These cookies enable us to recognise you automatically when you return to our site. These cookies are automatically deleted after a defined period of time. Most browsers automatically accept cookies. However, you can configure your browser so that no cookies are stored on your computer or so that a message always appears before a new cookie is created. However, deactivating cookies completely will prevent you from accessing the full functionality of our Offers. The length of time cookies are stored depends on their intended use and is not the same for everyone.

4.1.2. Klaviyo

To design and continuously improve our customer engagement efforts in accordance with Art. 6(1)(a) of the GDPR, we use an email marketing platform Klaviyo, 225 Franklin St, Floor 10, Boston, MA 02110, USA (hereinafter “Klaviyo”). We use Klaviyo for our e-mail marketing campaigns and to contact our registered users. To this end, when you sign up for the Dermalights email list twice, we send the following information to Klaviyo:

  • Your name,
  • Your e-mail address,
  • Your time zone,
  •  Information about your device (screen resolution, browser information and operating system),
  •  Your IP address,
  •  Your location
  • The language used.

You can withdraw your consent to the processing of data at any time by clicking on the “Unsubscribe” button in each newsletter or by simply informing us that you no longer wish to have this type of processing carried out in the future. To do so, please use the contact details of our data protection officer.

4.1.3. Pixels Facebook

In order to use, further optimise and evaluate the conversion of our Facebook campaigns as required, we use an individual behavioural pixel from Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”) in accordance with Article 6(1)(f) GDPR. This pixel is embedded in the code of our website. This allows us to ensure that the Facebook ads we initiate are only displayed on the page of users who have expressed an interest in our services. In doing so, we ensure that our Facebook ads engage the potential interest of the user and do not annoy them. We also track the actions of Facebook users after they have seen or clicked on one of our Facebook ads. This allows us to evaluate the conversion of the respective campaign for statistical, market research and billing purposes. The following information is processed:

  • timestamp,
  • the URL,
  • campaign information (e.g. print specification, form field, activated button).

The data collected in this way is anonymous and does not allow us to draw any conclusions about the identity of the user. Processing for the purpose of behavioural and interest-based advertising is considered a recognised legitimate interest in accordance with Recital 47 of the GDPR. The data is stored in accordance with the retention periods stipulated by law and is then automatically deleted.

If you log in to your Facebook account after placing the pixel or if you visit our website while logged in, this data may be stored and processed by Facebook, and we hereby inform you of this. Facebook may connect this data to your Facebook account and use it for advertising purposes in accordance with Facebook’s Data Usage Policy: https://www.facebook.com/about/privacy/. You can find more information about the Facebook pixel here. You may give Facebook and its partners permission to serve ads on Facebook and other sites. You can withdraw your consent to special data processing at any time by changing your Facebook settings or by simply informing us that you no longer wish to have this type of processing in the future. To do so, please use the contact information of our data protection officer. Please note that the declared objection only applies to the device used. For more information, please refer to Facebook’s Privacy Policy and Privacy Information.

4.1.4. Facebook Similar Audiences Campaigns

In order to use, further optimise and evaluate the conversion of our Facebook campaigns as appropriate, we use an individual behavioural pixel from Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”) in accordance with Article 6(1)(f) of the GDPR. You can find more information about Facebook’s Similar Audiences campaigns at:  https://www.facebook.com/business/help/365463786964246 

Such processing for the purpose of behavioural and interest-based advertising is considered a recognised legitimate interest in accordance with Recital 47 of the GDPR. If you are part of Facebook’s similar audiences, we will transmit your email address and device ID to Facebook. You can withdraw your consent to special data processing at any time by changing your Facebook settings: https://www.facebook.com/settings/?tab=ads or by simply informing us that you no longer wish to have this type of processing in the future. To do so, please use the contact information of our data protection officer.

4.1.5. Tag Pinterest 

In order to use, further optimise and evaluate the conversion of our Pinterest campaigns as required, we use a Pinterest tag, an individual code snippet, from Pinterest Inc, 635 High Street, Palo Alto, CA, USA, (“Pinterest”) which is embedded in the content of our website in accordance with Article 6(1)(f) GDPR. This allows us to verify that the Pinterest ads we initiate are only displayed on the page of users who have expressed an interest in our services. In doing so, we ensure that our Pinterest ads engage the potential interest of the user and do not disturb them. We also track the actions of Pinterest users after they view or click on one of our Pinterest ads. This allows us to evaluate the conversion of the respective campaign for statistical, market research and billing purposes. The following information is processed:

  • Information about the device (e.g. type, brand),
  • the operating system used (e.g. iOS 11),
  •  the IP address of the device used,
  •  the time of use of our Offer,
  •  the type and content of the campaign and
  •  the reaction to the respective campaign (e.g. click on a button).

The data collected in this way is anonymous and does not allow us to draw any conclusions about the identity of the user. The said processing for the purpose of behavioural and interest-based advertising is considered to be a recognised legitimate interest in accordance with Recital 47 of the GDPR. The data is stored in accordance with the statutory retention periods and is then automatically deleted.

If you log in to your Pinterest account after visiting our website or if you visit our website while logged in, it is possible that this data will be stored and processed by Pinterest, of which we hereby inform you. It is possible that Pinterest may connect this data to your account and also use it for advertising purposes. You can find more information in the Pinterest Privacy Policy: https://policy.pinterest.com/de/privacy-policy. You can withdraw your consent to special data processing at any time by deactivating all relevant settings under “Personalization” in your Pinterest account https://help.pinterest.com/de/articles/edit-your-settings#Web or by activating the “Do Not Track” setting in your browser.

4.1.6. Google Analytics

In order to design our Offer as required and to continuously optimise it, we use the Google Analytics service of Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, (“Google”) in accordance with Article 6(1)(f) GDPR. Through the use of cookies, Google creates pseudonymised user profiles. The information generated by the cookie about your use of this website such as

  • -Browser type/version,
  •  the operating system used,
  • the referring URL (the page previously visited),
  •  the host name of the accessing computer (IP address),
  •  the time of the server request.

Are transmitted to a Google server in the USA and stored there. The information is used to evaluate the use of the Offerings, compile reports on activities and provide other services related to the use of the Offering for market research and needs-based design purposes. This information may also be passed on to third parties if required by law or if third parties are commissioned to process this data. Your IP address will not be merged with any other data held by Google. IP addresses are anonymised so that they cannot be attributed (so-called IP masking).

You can prevent the use of cookies in advance by changing the settings of your browser software or withdraw your consent to further processing via the cookie by clicking on this link and choosing to no longer participate; please note, however, that in such a case, not all functions of our offers can be fully used. In addition, you can prevent the creation of cookie-generated data related to your use of our Offer (including your IP address) and the processing of such data by Google by downloading and installing the browser add-on. We recommend the use of private mode on mobile devices. You can find more information on data protection in connection with Google Analytics on the Google Analytics website.

4.1.7. Google Gestionnaire de balises

Google Beacon Manager allows us to manage the beacons on our website (website code). These make it easier to manage and develop our Offer and reduce loading time. Google Tag Manager only implements the website code. Google Beacon Manager does not create cookies or collect any personal information. The tool only integrates website code that we have stored elsewhere and that can be used to collect data. The tool only serves to facilitate the modulation of the code but does not access the data processed by the code. We will inform you of all tags embedded in this Privacy Policy. You can find more information about Google Tag Manager and the terms of use on the Google pages.

4.1.8. Stripe Payment Processing Service

For the purpose of contract execution and especially for payment processing, we pass on your name and e-mail address to our payment service Stripe Payments Europe Ltd, Block 4, Harcourt Center, Harcourt Road, Dublin 2, Ireland (“Stripe”) in accordance with Article 6(1)(a) and (b) GDPR. Through the use of Stripe’s library, we will not process the information entered during the ordering process (address, account number, bank code, possibly credit card number, invoice amount, currency and transaction number) but will transmit it directly to Stripe from your browser. The data is used exclusively by Stripe for the execution and completion of the payment process and is transmitted securely via the “SSL” encryption method. Stripe is PCI DSS certified. Stripe may transfer, process and store personal information outside the European Union. More information on Stripe’s Privacy Policy can be found at this link.

4.1.10 SMSBump 

We use SMSBump to send an alert when a customer abandons their shopping cart before checking out. Neither SMSBump nor this information will ever be used to identify individual users or to match them with additional data about an individual user. SMSBump only collects:

  • Name
  •  Phone number
  •  Message delivery status
  • Link Interactions

If you would like to see the SMSBump privacy policy, please click on the following link https://smsbump.com/page/privacy-policy. If you wish to unsubscribe from SMS message alerts, we provide a way to unsubscribe from each SMS sent.

If you have any further questions, please contact: hello@Marialivestockfarm.com

5. Recipients Outside the EU

As stated in points 3.4 and 3.5 above, data may also be transmitted to recipients outside the European Union or the European Economic Area. This applies in particular to the processing of the analysis and targeting technologies mentioned, which may involve the transmission of data to the servers of service providers. Other recipients may be affiliated service providers that we need to provide our services, such as hosting providers, CRM tools or analysis service providers. These servers may be located outside the European Union, including in the United States. We ensure that these service providers guarantee data protection standards equivalent to those of the GDPR and that the applicable directives are complied with. We therefore only work with certified service providers. For the said certification, the European Commission has established the adequacy of the level of data protection under number C(2016) 4176) in accordance with Article 45 of the GDPR. The use of the said certified service providers thus meets the European standard of data processing in accordance with the law. In addition, service providers based outside the European Union have granted us adequate contractual guarantees ensuring compliance with these European standards and the adoption of data subjects’ rights, for example based on the European Commission’s standard contractual clauses https://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2010:039:0005:0018:FR:PDF.

6. Your Rights

6.1. Overview

In addition to the right to contest the consents you have given us, you may exercise the following rights if the respective legal requirements are met:

  • The right to information about your personal data held by us in accordance with Article 15 of the GDPR,
  • In the case of transmissions in accordance with Articles 46, 47 or 49(1)(2) of the GDPR, the right to information or reference to suitable or adequate safeguards and the possibility of obtaining a copy of such safeguards or whether such safeguards are available,
  • Your personal data stored with us in accordance with Article 15 of the GDPR,
  • The right to correct inaccurate data or complete accurate data in accordance with Article 16 of the GDPR,
  • The right to delete your data held with us in accordance with Article 17 of the GDPR,
  • The right to restrict the processing of your data in accordance with Article 18 of the GDPR,
  • The right to data portability in accordance with Article 20 of the GDPR.

6.2. Right of Challenge

Under the conditions of Article 21, paragraph 1 of the GDPR, it is possible to withdraw your consent to the processing of data for reasons related to the particular situation of the data subject.

The aforementioned general right of objection applies to all processing purposes described in this Privacy Policy based on Article 6(1)(f) of the GDPR. Apart from the special right of objection regarding the processing of data for advertising purposes (see point 3.3 above), the GDPR requires us to implement a general right of objection only if you provide us with reasons of major importance (e.g. danger to life or health). In addition, you can also contact our competent supervisory authority: Data Protection and Freedom of Information Commissioner of Berlin, Friedrichstraße 219, 10969 Berlin, Germany.

7. Data Security

We use the highest standards of information security for our infrastructure and the processing of your data. For example, we use IT safeguards such as firewalls and data encryption. Our buildings and data are subject to physical access controls. Only those employees who need access to our customers’ personal data in order to conduct their business are granted access.

All data that you have personally transmitted to us, including your payment information, is transmitted via the general and secure SSL (Secure Socket Layer) standard. SSL is a proven, secure standard that is used for online banking transactions, among other things. You can recognise an SSL connection by the s after http (https://…) in the address bar of your browser or by the lock symbol in the lower part of the browser.
We also use appropriate technical and organisational security measures to protect your personal data stored with us against manipulation, partial or total loss and unauthorised access by third parties. Our security measures are constantly monitored in relation to technological progress, regularly adapted to the respective risks and, if necessary, improved.

8. Children’s Privacy Policy.

Protecting the privacy of young children is particularly important. For this reason, we do not knowingly collect or solicit personal information from anyone under the age of 16 or knowingly allow them to register. If you are under 16, please do not send us any information about yourself, including your name, address, telephone number or e-mail address. No one under the age of 16 is allowed to provide personal information to the Services. If we become aware that we have collected personal information from a child under the age of 16 without verification of parental consent, we will notify the child.
If we learn that we have collected personal information from a child under the age of 16 without verification of parental consent, we will delete that information as quickly as possible. If you believe that we may have information about or relating to a child under 16, please contact us at hello@Marialivestockfarm.com.

9. Changes to Our Privacy Policy.

If we change our privacy policy and procedures, we will post those changes on our website to inform you of what information we collect, how we use it and under what circumstances we may disclose it. Changes to this privacy policy are effective when posted on our website.