Data Privacy Policy

I’m glad you are here. Thank you very much for visiting this website. The protection of your personal data is very important. All data is treated following the EU General Data Protection Regulation (GDPR).

This data policy applies to the services provided when visiting this website when you take several actions. In this data policy, you will find the information about which type of personal data is collected according to each service, the purpose of its collection, and the legal basis for it. You will also find who is responsible for the processing of data and how the data is stored and kept safe, as well as your rights regarding the collection of your personal data.

At the end of this policy, you will find some important definitions regarding personal data and a link to the GDPR Info website.

Who is responsible for processing data on this website?

Beatriz Herrera

Contact: hello@beatrizherrera.de

Which type of data, and when is it collected?

Your personal data are collected, processed, and used only when it is necessary to establish or modify legal relationships, such as when:

  • You visit the website

Type of data: The type of data logged in this way is browser type and browser version, operating system used, referrer URL, the date and time of access, language preference, amount of data sent in bytes, the hostname of the accessing computer, time of the server request and IP Address. Server logs typically do not collect user-specific information.

How is this data collected? the website provider automatically collects and stores information that your browser automatically transmits in “server log files”.

Purpose of the processing: To display this website and to record the interactions between a user and the system.

Legal basis of the processing: This is done based on Art. 6 (1) (b) GDPR.

Legitimate interests: this data is collected based on the legitimate interests (Article 6 (1) (f) GDPR).

Duration of the data storage: Information is retained for approximately 30 days, to investigate and resolve issues regarding the functioning of the website.

  • You make contact through the contact form.

Type of data: your name and email address as provided by you.

How is this data collected? The use of this communication form is voluntary and is initiated by you. The personal data provided is used exclusively for the purpose for which it was provided when making the contact.

Purpose of the processing: This information will be used to contact you following your request.

Legal basis of the processing: The legal basis for processing these data is Article 6 (1) (b and/or f) GDPR

Duration of the data storage: Your data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected, i.e., your request has been fully processed and no further communication with you is required or requested.

Possibility to object: You can contact me any time at hello@beatrizherrera.de regarding the deletion of data.

  • You subscribe to the newsletter

Type of data: the email address where you would like to receive the newsletter and your name, to have the possibility to address you personally.

How is this data collected? The subscription to the newsletter is completely voluntary. The information collected is provided by you. After entering your email, you will receive a confirmation email at the email address provided. The newsletter will only be sent after explicit confirmation by clicking on a link in the confirmation email (so-called double opt-in).

Purpose of the processing: The collection and storage of your e-mail address and name makes it possible to send you the newsletter. The newsletter will only be sent with your express consent.

Legal basis of the processing. The legal basis for the processing of data after subscribing to the newsletter is Article 6 (1) 1 (a) GDPR.

Duration of the data storage: After subscribing to the newsletter, your email address will be stored in the mailing list. After unsubscribing from the newsletter, your email address will be deleted from the mailing list and placed on a blacklist. This list is deleted every 6 months.

Possibility to withdraw: you have the right to withdraw your consent at any time with effect for the future and unsubscribe from the newsletter. To do this, please click on the corresponding button in the newsletter sent to you. Your email address will be deleted from the mailing list and will be placed on a blacklist. This list is deleted every 6 months.

  • You acquired any of the services and products provided.

Type of data: Data collected are surname and last name, address, e-mail, phone number, and bank account (if the payment is done via bank transfer).

How is this data collected? The data is provided by you.

Purpose of the processing: To fulfill a contract or for measures preliminary to a contract, in order to deliver the goods or items you have purchased from this website and to handle your payments.

Legal basis of the processing: Art. 6 (1) (b) GDPR.

Duration of the data storage: data will be deleted after the fulfillment of our agreement (including customer service and warranty) in case you do not have a customer account. If you have a customer account, these data would be stored for the time your account is active. You might terminate your account at any point.

  • Data is also collected to protect this website.

Type of data: The stored data is the IP address, date and time, browser user agent, and the reason for the suspicious activity.

How is this data collected? The system uses security plugins to protect this website from attacks and misuse. If there is a suspicion of an attack on the system, data about the visitor’s computer system is automatically logged for forensic purposes and stored in firewall logs. Normal, non-malicious website accesses are generally not logged by the plugins.

Purpose of the processing: The purpose of the collection of the log files is to log malicious website access, the processing ensures forensic activities and the security and stability of this website.

Legal basis of the processing: the legal basis is Article 6 (1) (f) GDPR.

Legitimate interests: This purpose constitutes the legitimate interest in data processing within the meaning of Article 6 (1) (f) GDPR

Duration of the data storage: The data is deleted as soon it is no longer required to achieve the purpose for which it was collected. This is usually about 30 days.

Possibility to object: The collection of the data, in the way described, is strictly necessary for securing and operating the website. Therefore, there is no possibility to object

Cookies

This website uses cookies to ensure functionality and provide you with a better user experience, efficiency, and security. Cookies are small text files (consisting of letters and numbers) stored on your device (phone, tablet, computer) and saved by your browser. Cookies do not harm your device and do not contain any viruses.

Where any of the cookies implemented in this website process personal data, the processing is carried out following Art. 6 (1) (f) of the General Data Protection Regulation (GDPR). To safeguard the legitimate interest in the optimum functionality of the website and ensure that this website is customer-friendly and effective, or it is done based on your consent following Art. 6 (1) (a) GDPR. For more information about individual cookies, why they collect personal data, and their legal basis, see “Types of cookies”.

You can configure your browser to inform you about the use of cookies so that you can decide on a case-by-case basis whether to accept or reject a cookie. Alternatively, your browser can be configured to automatically accept cookies under certain conditions or to always reject them, or to automatically delete cookies when closing your browser. Disabling cookies may limit the functionality of this website.

Types of cookies:

·        Strictly necessary cookies

These cookies are required for the operation of the website and are essential to allow you to navigate through it These are first-party cookies.

·        Analytical and performance cookies

Performance cookies monitor how this website performs when you are visiting it. Moreover, these cookies collect information about how you interact with this website, i.e. number of visits, average time spent, pages accessed, most accessed pages, error messages, etc. Performance cookies help to understand how this website is being used and how it can be improved.

All data collected by performance cookies is anonymous, and its main objective is to evaluate the performance of the site.

This website uses Google Analytics services. Google Analytics is a web analytics service offered by Google Inc (1600 Amphitheatre Parkway Mountain View, CA 94043, USA).

Google LLC complies with European data protection law and is certified under the Privacy Shield agreement

Google Analytics gathers, collects, and analyses data to understand how the services are used. The service (Google Analytics) uses “cookies” – text files that are stored on your terminal device. The information collected by the cookies is sent to a Google server in the USA and stored there. Google Analytics collects Internet Protocol (IP) addresses to provide and protect the security of the service. Moreover, it provides website owners knowledge about which country, state, or city in the world their users come from (also known as “IP geolocation”).

The data collected by Google on my behalf is used to evaluate the use of the online offering by individual users, e.g., to create reports on website activity to improve the online services.

This website uses IP anonymization. The IP address of the user is shortened within the member states of the EU and the European Economic Area and in the other contracting states of the agreement. Only in individual cases is the IP address initially transmitted unabbreviated to a Google server in the USA and shortened there. This shortening eliminates the personal reference of your IP address. The user’s IP address transmitted by the browser is not combined with other data stored by Google.

You have the option of preventing cookies from being stored on your device by making the appropriate settings in your browser. However, when your browser does not allow cookies, you might not be able to access all functions of this website.

If you don’t want Google Analytics to be used in your browser, you can install the Google Analytics browser add-on. By clicking on this link, you will download an “opt-out cookie”. Your browser must therefore generally allow the storage of cookies for this purpose. If you delete your cookies regularly, you will need to click on the link again each time you visit this website.

To learn more about it visit: https://support.google.com/analytics/answer/

You can find more information about the use of data by Google Inc in the following links:

Data collected by Google partners

Settings about advertisements displayed to you

Use of cookies in ads

·        Functional

These cookies record information about choices you have made on the website, i.e., language. They are designed to provide you with a more personalized experience. These are first-party cookies and are not deleted when you close your browser.

·        Targeting Cookies

This website does not use targeting cookies. These are third parties cookies that may be set by advertising partners. They may be used by such partners to build a profile of your interest and show you relevant adverts on their websites. These cookies may also be used to limit the number of times you see an advert and to measure the effectiveness of an advertising campaign. These cookies work by identifying your browser and internet device, but they do not store personal information directly. If you do not allow these cookies, you will experience less targeted advertising.

·        Social media Cookies

Social media cookies allow users to interact more easily with social media. These cookies will be set when you take an action, such as using the ‘like’ and ‘share’ buttons on this website. Data will be passed back to the third-party provider, allowing the social media platform to record how you use their service on the site and show you relevant content, including advertising, when you pass it onto their website. I do not control social media cookies, and they do not allow me to gain access to your social media accounts. Please refer to the relevant social media platform’s privacy policies (linked below) for information about their cookies.

Instagram: Data Policy | Instagram Help Center

Youtube: How YouTube Protects Data Privacy – How YouTube Works and Privacy Policy – Privacy & Terms – Google

Who has access to your data?

Your personally identifiable data are not shared with third parties, except when it is required to fulfill the terms of your contract, for example, to companies entrusted to deliver goods to your location or banks entrusted to process your payments. Your data will not be transmitted for any other purpose unless you have given your express permission to do so. Your data will not be disclosed to third parties for advertising purposes without your express consent.

The basis for data processing is Art. 6 (1) (b) GDPR, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.

SSL or TLS encryption

This site uses SSL/TLS encryption for security reasons. This can be recognized by the “https://” in addition to a “lock” displayed in your browser’s address bar.

Payment service providers

Your rights

YOU ALWAYS HAVE THE RIGHT TO REQUEST AND VIEW YOUR STORED DATA. FURTHERMORE, YOU CAN ASK FOR THE STORED INFORMATION TO BE CORRECTED, DELETED, OR TRANSFER TO A THIRD PARTY AT ANY MOMENT AND WITHOUT CHARGE. PLEASE CONTACT ME AT hello(at)beatrizherrera.de FOR ANY QUESTIONS OR REQUEST REGARDING YOUR DATA (YOUR REQUEST WILL BE PROCESSED AS SOON AS POSSIBLE WITHIN THE NEXT 4 WEEKS). IF YOU CONSIDER IT IS NECESSARY, YOU MIGHT ALSO ADDRESS A COMPLAINT WITH THE COMPETENT REGULATORY AUTHORITIES.

Disclaimer

This privacy policy might be updated at any time. Check this page for any changes.

This document was last updated on 23.05 2022.

Definitions:

Personal data are any information that could be used to personally identify you, directly or indirectly. In other words, it is any information that describes an identified or identifiable person, like contact information and information that, if combined with other data, can lead to the identification of a particular individual.

‘Processing’ means any operation or set of operations that are performed on personal data or sets of personal data, whether, by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.

A server log file is a computer-generated file that records information about activities, processes, usage patterns, communications, and operations between a user and an operating system. Log files hold a record of activity on a web server. The information recorded may include:

IP address and identity of the device making a request, name, location, and size of the requested file, time, and date of the request, the request method, the referred webpage, and the HTTP status code.

More info

If you would like to know more about the General Data Protection Regulation (GDPR) visit the website https://gdpr-info.eu/