Table of contents
- Introduction and naming of responsible entity
- Hosting
- Revocation of your consent to data processing
- Right to complain to the competent supervisory authority
- Right to data portability
- Right to information, correction, blocking, deletion
- Content Delivery Network (CDN)
- SSL encryption
- Server log files
- Personal data collection
- Storage period
- Origin of data
- Transfer of personal data
- Registration
- Contact form
- Cookies
- Order processing
- Demographic characteristics
- Children’s Information
- Online privacy policy
- Consent
- Contact
Introduction and naming of responsible entity
At Baturina GmbH (referred thorough this policy as “We”, “Baturina Homewear”) accessible from www.baturina-homewear.com (the “Website”), one of our main priorities is the privacy of our visitors. This Privacy Policy document contains types of information that is collected and recorded by Baturina Homewear and how we use it.
If you have additional questions or require more information about our Privacy Policy, do not hesitate to contact us.
General notice and mandatory information
Designation of the responsible entity
The responsible entity for data processing on this website is:
Baturina GmbH
represented by Anna Tishchenko
Jürgen-Töpfer-Straße 48, Haus 17
22763 Hamburg
Germany
info [at] baturina-homewear.com
The responsible body decides alone or jointly with others on the purposes and means of the processing of personal data (e.g. names, contact details or similar).
Hosting
We use the following host for providing our website.
onRocket.com, LLC
126 Bayberry Cir
Jupiter, FL 33458
USA
This is the recipient of your personal data and acts as a processor for us. This corresponds to our legitimate interest within the meaning of Art. 6 (1) p. 1 lit. f DSGVO not to have to maintain a server on our premises ourselves. The server location is Germany.
Processing of orders
We have concluded an order processing agreement (AVV) with the above-mentioned provider. This is a contract required by data protection law, which ensures that the provider only processes the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.
Revocation of your consent to data processing
Some data processing operations are only possible with your express consent. A revocation of your already given consent is possible at any time. An informal communication by e-mail is sufficient for the revocation. The legality of the data processing carried out until the revocation remains unaffected by the revocation.
Right to complain to the competent supervisory authority
As a data subject, you have the right to complain to the competent supervisory authority in the event of a data protection violation. The competent supervisory authority with regard to data protection issues is the state data protection commissioner of the federal state in which the registered office of our company is located.
Right to data portability
You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to third parties. The data will be provided in a machine-readable format. If you request the direct transfer of the data to another responsible party, this will only be done insofar as it is technically feasible.
Right to information, correction, blocking, deletion
Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, the origin of the data, their recipients and the purpose of the data processing and, if applicable, a right to correction, blocking or deletion of this data. In this regard, and also for further questions on the subject of personal data, you can contact us at any time via the contact options listed in the imprint.
SSL encryption
For security reasons and to protect the transmission of confidential content that you send to us as site operator, our website uses SSL encryption. This means that data you transmit via this website cannot be read by third parties. You can recognize an encrypted connection by the “https://” address line of your browser and the lock symbol in the browser line.
Server log files
In server log files, the provider of the website automatically collects and stores information that your browser automatically transmits to us. These are:
Visited page on our domain
Date and time of the server request
Browser type and browser version
Operating system used
Referrer URL
Host name of the accessing computer
IP address
There is no merging of this data with other data sources. The data processing is based on Art. 6 (1) lit. b DSGVO, which permits the processing of data for the fulfillment of a contract or pre-contractual measures.
Content Delivery Network (CDN)
We use the Content Delivery Network (CDN) of Cloudflare Germany GmbH, Rosental 7, c/o Mindspace, 80331 Munich Germany (Cloudflare) to increase the security and delivery speed of our website. This corresponds to our legitimate interest (Art. 6 para. 1 lit. f DSGVO). A CDN is a network of [globally] distributed servers that is able to deliver optimized content to the website user. For this purpose, personal data may be processed in server log files by Cloudflare. Please compare the explanations under “Hosting”.
Cloudflare is a recipient of your personal data and acts as a processor for us. This corresponds to our legitimate interest within the meaning of Art. 6 (1) p. 1 lit. f DSGVO not to operate a content delivery network ourselves.
You have the right to object to the processing. Whether the objection is successful is to be determined as part of a balancing of interests.
The processing of the data provided under this section is not required by law or contract. The functionality of the website is not guaranteed without the processing.
Your personal data will be stored by Cloudflare for as long as necessary for the purposes described.
For more information on objection and removal options vis-à-vis Cloudflare, please visit: Cloudflare DPA
Cloudflare has implemented compliance measures for international data transfers. These apply to all global activities where Cloudflare processes personal data of individuals in the EU. These measures are based on the EU Standard Contractual Clauses (SCCs). For more information, please visit: https://www.cloudflare.com/cloudflare_customer_SCCs-German.pdf
For more information on opt-out and removal options vis-à-vis Cloudflare, please visit: Cloudflare DPA
Cloudflare has implemented compliance measures for international data transfers. These apply to all global activities where Cloudflare processes personal data of individuals in the EU. These measures are based on the EU Standard Contractual Clauses (SCCs). For more information, please visit: https://www.cloudflare.com/cloudflare_customer_SCCs-German.pdf
Personal data collection upon conclusion of a contract for the purchase and shipment of goods
Personal data is collected, processed or used to fulfill the business purpose such as pre-contractual measures (preparation of offers, processing of inquiries), to fulfill contractual obligations (order, order payment processing, invoicing) and to deliver goods and services. Furthermore, there is a legal obligation to process (tax law requirements).
Categories of personal data:
Name
address data
communication data
Order and contract data
Billing and payment data
Recipients of personal data:
Internal departments: management, administration, accounting, controlling, production, documentation, sales, shipping, technology
External bodies (in accordance with Art. 28 DSGVO): cloud infrastructure providers, payment service providers, shipping service providers, tax consultants, legal counsel
Public bodies: Financial authorities
The basis for data processing is Art. 6 (1) lit. b DSGVO, which permits the processing of data for the fulfillment of a contract or pre-contractual measures.
Storage period
The collected data will be deleted by us without delay if it is determined that it is no longer needed for the purposes for which it was collected, or if you revoke your consent on which processing was based, or if personal data was processed unlawfully.
However, data will not be deleted if it is necessary to store the data for the purpose of fulfilling retention obligations under commercial and tax law. The specified legal retention periods are six to ten years. If data is only stored for this purpose, access to this data is restricted and it is no longer available for processing. The data can no longer be changed and is used exclusively for storage purposes.
Origin of the data
The stored data was collected within the framework of our contractual relationship and for the initiation of contracts as well as individual orders, or it arose within the framework of the business relationship and initiation of business.
Transfer of personal data to third parties or to an international organization outside the EEA
Personal data is transferred to international cloud hosting providers and payment service providers. Standard data protection clauses approved by the European Commission for the transfer of data to other EU countries are applied (in accordance with Art. 46 DSGVO).
Registration on this website
To use certain functions, you can register on our website. The transmitted data is used exclusively for the purpose of using the respective offer or service. Mandatory information requested during registration must be provided in full. Otherwise, we will reject the registration.
In the event of important changes, for example for technical reasons, we will inform you by e-mail. The e-mail will be sent to the address given during registration.
The processing of the data entered during registration is based on your consent (Art. 6 para. 1 lit. a DSGVO). A revocation of your already given consent is possible at any time. An informal communication by e-mail is sufficient for the revocation. The legality of the data processing already carried out remains unaffected by the revocation.
We store the data collected during registration for the period that you are registered on our website. Your data will be deleted if you cancel your registration. Legal retention periods remain unaffected.
Contact form
Data transmitted via the contact form, including your contact details, will be stored in order to process your inquiry or to be available for follow-up questions. This data will not be passed on without your consent.
The processing of the data entered in the contact form is based exclusively on your consent (Art. 6 para. 1 lit. a DSGVO). A revocation of your already given consent is possible at any time. An informal communication by e-mail is sufficient for the revocation. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.
Data transmitted via the contact form will remain with us until you request us to delete it, revoke your consent to store it or there is no longer any need to store it. Mandatory legal provisions – in particular retention periods – remain unaffected.
Cookies
Our website uses cookies. These are small text files that your web browser stores on your terminal device. Cookies help us to make our offer more user-friendly, effective and secure.
Some cookies are “session cookies.” Such cookies are deleted by themselves after the end of your browser session. In contrast, other cookies remain on your terminal device until you delete them yourself. Such cookies help us to recognize you when you return to our website.
With a modern web browser, you can monitor, restrict or prevent the setting of cookies. Many web browsers can be configured to automatically delete cookies when you close the program. Disabling cookies may result in limited functionality of our website.
The setting of cookies, which are necessary for the exercise of electronic communication processes or the provision of certain functions desired by you (e.g. shopping cart), is based on Art. 6 (1) lit. f DSGVO. As the operator of this website, we have a legitimate interest in storing cookies for the technically error-free and smooth provision of our services. Insofar as the setting of other cookies (e.g. for analysis functions) takes place, these are treated separately in this data protection declaration.
We have dedicated a seperate detailed page about the use of of cookie technologies on our website, where you also have the ability of opting out of cookies. Please view the cookie policy here.
Children’s Information
Another part of our priority is adding protection for children while using the internet. We encourage parents and guardians to observe, participate in, and/or monitor and guide their online activity.
Baturina Homewear does not knowingly collect any Personal Identifiable Information from children under the age of 13. If you think that your child provided this kind of information on our website, we strongly encourage you to contact us immediately and we will do our best efforts to promptly remove such information from our records.
Online Privacy Policy Only
Our Privacy Policy applies only to our online activities and is valid for visitors to our website with regards to the information that they shared and/or collect. This policy is not applicable to any information collected offline or via channels other than this website.
Changes to this Privacy Policy
We may change this Privacy Policy from time to time. Any changes to this Privacy Policy will become effective upon posting of the revised Privacy Policy via the Website. If we make changes which we believe are significant, we will inform the Data Subject through the Website to the extent possible and seek for the Data Subject’s consent where applicable.
Consent
By using our website, you hereby consent to our Privacy Policy and agree to its terms.
Contact
Any questions regarding this Privacy Policy may be sent to info [at] baturina-homewear.com