Thank you for your interest in our online shop. The protection of your privacy is very important to us. Below you will find detailed information on how we handle your data.

You can visit our website without providing any personal data. Each time a website is accessed, the web server merely automatically saves a so-called server log file, which contains, for example, the name of the requested file, your IP address, the date and time of access, the amount of data transferred and the requesting provider (access data) and documents the access.

This access data is analysed exclusively for the purpose of ensuring trouble-free operation of the site and improving our offer. In accordance with Art. 6 para. 1 sentence 1 lit. f GDPR, this serves to safeguard our legitimate interests in the correct presentation of our website, which are overriding in the context of a balancing of interests. All access data will be deleted no later than seven days after the end of your visit to the site.

Hosting services by a third-party provider
As part of processing on our behalf, a third-party provider provides us with the services for hosting and displaying the website. This serves to safeguard our legitimate interests in the correct presentation of our website, which are overriding in the context of a balancing of interests. All data that is collected as part of the use of this website or in the forms provided for this purpose in the online shop as described below is processed on its servers. Processing on other servers only takes place within the scope described here.

This service provider is located within a country of the European Union or the European Economic Area.

We collect personal data if you voluntarily provide it to us as part of your order or when contacting us (e.g. via contact form or e-mail). Mandatory fields are labelled as such, as in these cases we require the data to process the contract or to process your contact and you cannot send the order or make contact without providing it. Which data is collected can be seen from the respective input forms. We use the data provided by you in accordance with Art. 6 para. 1 sentence 1 lit. b GDPR for contract processing and processing your enquiries. If you have given your consent to this in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR by deciding to open a customer account, we will use your data for the purpose of opening a customer account. After completion of the contract or deletion of your customer account, your data will be restricted for further processing and deleted after expiry of the retention periods under tax and commercial law, unless you have expressly consented to further use of your data or we reserve the right to use data beyond this, which is permitted by law and about which we inform you in this declaration. Deletion of your customer account is possible at any time and can be done either by sending a message to the contact option described below or via a function provided for this purpose in the customer account.

In order to fulfil the contract in accordance with Art. 6 para. 1 sentence 1 lit. b GDPR, we pass on your data to the shipping company commissioned with the delivery, insofar as this is necessary for the delivery of ordered goods. Depending on which payment service provider you select in the ordering process, we will pass on the payment data collected for the processing of payments to the credit institution commissioned with the payment and, if applicable, to the payment service provider commissioned by us or to the selected payment service. In some cases, the selected payment service providers also collect this data themselves if you create an account with them. In this case, you must log in to the payment service provider with your access data during the ordering process. In this respect, the privacy policy of the respective payment service provider applies.

We also use an external merchandise management system to process orders and contracts. The data transfer or processing that takes place in this respect is based on order processing.

Data transfer to shipping service providers
If you have given us your express consent to this during or after your order, we will pass on your e-mail address to the selected shipping service provider in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR so that they can contact you before delivery for the purpose of delivery notification or coordination.

Consent can be revoked at any time by sending a message to the contact option described below or directly to the shipping service provider at the contact address listed below. After revocation, we will delete your data provided for this purpose, unless you have expressly consented to further use of your data or we reserve the right to use data beyond this, which is permitted by law and about which we inform you in this declaration.

DHL Paket GmbH
Sträßchensweg 10
53113
Bonn

E-mail advertising with newsletter registration

We offer you a newsletter service for which you can register. If you register for our newsletter, we will use the data required for this or separately provided by you to regularly send you our e-mail newsletter on the basis of your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.

We use the so-called double opt-in procedure for sending our newsletters that require registration, i.e. we will only send you a newsletter if you have previously expressly consented to us activating the newsletter service. For this purpose, we will send you a notification e-mail and ask you to confirm that you are the owner of the e-mail address provided by clicking on a link contained in this e-mail. If you no longer wish to receive newsletters from us at a later date, you can object to this at any time. A message in text form (e.g. e-mail, fax, letter) to info@dermida.eu is sufficient for this. Of course, you will also find an unsubscribe link in every newsletter.

The newsletter is processed by our email marketing service provider with data centres based in Germany and Belgium, which we have commissioned to create and send newsletters. When you register for a newsletter, we automatically save your IP address and the times of registration and confirmation. This enables us to prove that you have actually subscribed and to recognise any misuse of your email address.

We record device and access data that is generated when you interact with a newsletter. For this analysis, the newsletters contain links to image files that are stored on our web server. When you open a newsletter, your email programme loads these image files from our web server. We record the resulting device and access data in pseudonymised form.

Email advertising without subscribing to the newsletter and your right to object
If we receive your email address in connection with the sale of a product or service and you have not objected to this, we reserve the right to regularly send you offers for similar products to those you have already purchased from our range by email on the basis of Section 7 (3) UWG. This serves to safeguard our legitimate interests, which predominate in the context of a weighing up of interests, in a promotional approach to our customers.
You can object to this use of your e-mail address at any time by sending a message to the contact option described below or via a link provided for this purpose in the advertising e-mail, without incurring any costs other than the transmission costs according to the basic tariffs.

The newsletter is sent as part of processing on our behalf by a service provider to whom we pass on your e-mail address for this purpose.

Postal advertising and your right to object
We also reserve the right to use your first name, surname and postal address for our own advertising purposes, e.g. to send you interesting offers and information about our products by post. This serves to safeguard our legitimate interests, which predominate in the context of a balancing of interests, in a promotional approach to our customers in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR.

We use cookies on various pages to make visiting our website attractive and to enable the use of certain functions, to display suitable products or for market research. This serves to safeguard our legitimate interests, which predominate in the context of a weighing up of interests, in an optimised presentation of our offer in accordance with Art. 6 Para. 1 S. 1 lit. f GDPR. Cookies are small text files that are automatically stored on your end device. Some of the cookies we use are deleted again at the end of the browser session, i.e. after you close your browser (so-called session cookies). Other cookies remain on your end device and enable us to recognise your browser on your next visit (persistent cookies). The duration of storage can be found in the overview in the cookie settings of your web browser. You can set your browser so that you are informed about the setting of cookies and decide individually whether to accept them or to exclude the acceptance of cookies for certain cases or in general. Each browser differs in the way it manages cookie settings. This is described in the help menu of each browser, which explains how you can change your cookie settings. These can be found for the respective browsers under the following links:
Internet Explorer™: https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies
Safari™: https://support.apple.com/de-de/guide/safari/sfri11471/12.0/mac/10.14
Chrome™: https://support.google.com/chrome/answer/95647?hl=de&hlrm=en
Firefox™ https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen
Opera™ : https://help.opera.com/de/latest/web-preferences/#cookies

If cookies are not accepted, the functionality of our website may be limited.

Use of Google (Universal) Analytics for web analysis
This website uses Google (Universal) Analytics to analyse web pages. The web analytics service is provided by Google Ireland Limited, a company incorporated and operated under Irish law with its registered office at Gordon House, Barrow Street, Dublin 4, Ireland (www.google.de). This serves to safeguard our legitimate interests, which predominate in the context of a balancing of interests, in an optimised presentation of our offer in accordance with Art. 6 Para. 1 S. 1 lit. f GDPR. Google (Universal) Analytics uses methods that enable your use of the website to be analysed, such as cookies. The automatically collected information about your use of this website is usually transmitted to a Google server in the USA and stored there. By activating IP anonymisation on this website, the IP address is shortened before transmission within the member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. The anonymised IP address transmitted by your browser as part of Google Analytics is not merged with other Google data. Once the purpose and use of Google Analytics by us has ceased, the data collected in this context will be deleted.

Insofar as information is transferred to Google servers in the USA and stored there, the American company Google LLC is certified under the EU-US Privacy Shield. A current certificate can be viewed here. Based on this agreement between the USA and the European Commission, the latter has established an adequate level of data protection for companies certified under the Privacy Shield.

You can prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en

As an alternative to the browser plugin, you can click this link to prevent Google Analytics from collecting data on this website in the future. An opt-out cookie will be stored on your end device. If you delete your cookies, you must click the link again.

Google Ads Remarketing
We use Google Ads to advertise this website in Google search results and on third-party websites. For this purpose, the so-called remarketing cookie is set by Google when you visit our website, which automatically enables interest-based advertising by means of a pseudonymous cookie ID and on the basis of the pages you visit. This serves to safeguard our legitimate interests, which predominate in the context of a balancing of interests, in the optimal marketing of our website in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR. After the end of the purpose and the end of the use of Google Ads Remarketing by us, the data collected in this context will be deleted.

Any further data processing will only take place if you have consented to Google linking your web and app browsing history to your Google account and using information from your Google account to personalise ads that you see on the web. In this case, if you are logged in to Google while visiting our website, Google will use your data together with Google Analytics data to create and define target group lists for cross-device remarketing. For this purpose, Google temporarily links your personal data with Google Analytics data to create target groups.

Google Ads is a service provided by Google Ireland Limited, a company incorporated and operated under Irish law with its registered office at Gordon House, Barrow Street, Dublin 4, Ireland (www.google.de).
Insofar as information is transferred to Google servers in the USA and stored there, the American company Google LLC is certified under the EU-US Privacy Shield.
A current certificate can be viewed here. Based on this agreement between the USA and the European Commission, the latter has established an adequate level of data protection for companies certified under the Privacy Shield.

You can deactivate the remarketing cookie via this link. You can also obtain information from the Digital Advertising Alliance about the setting of cookies and make settings for this.

As a data subject, you have the following rights:

• in accordance with Art. 15 GDPR, the right to request information about your personal data processed by us to the extent specified therein
• in accordance with Art. 16 GDPR, the right to demand the immediate rectification of incorrect or incomplete personal data stored by us
• in accordance with Art. 17 GDPR, the right to request the erasure of your personal data stored by us, unless further processing is necessary
  - for exercising the right of freedom of expression and information;
  - for compliance with a legal obligation;
  - for reasons of public interest or
  - for the establishment, exercise or defence of legal claims
  
• pursuant to Art. 18 GDPR, the right to obtain restriction of processing of your personal data where
  - the accuracy of the data is contested by you;
  - the processing is unlawful, but you oppose the erasure of the data;
  - we no longer need the data, but you require it for the establishment, exercise or defence of legal claims; or
  - you have objected to processing pursuant to Art. 21 GDPR
• in accordance with Art. 20 GDPR, the right to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request transmission to another controller
• in accordance with Art. 77 GDPR, the right to lodge a complaint with a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our company headquarters.

If you have any questions regarding the collection, processing or use of your personal data, information, correction, restriction or deletion of data as well as revocation of consents granted or objection to a specific use of data, please contact us directly using the contact details in our legal notice.