Privacy

Please find below information on which data are collected in the context of your visit and/or use of our Internet presence https://www.healy.shop/de/, and on how said data are used, processed and/or disclosed.

The controller within the scope of data protection law is:

Healy World GmbH
Potsdamer Platz 1
10785 Berlin
Email: office@healy.de
Tel. 03391-4002211
(hereinafter: HEALY)

The Data Protection Officer of the controller is:

SBS Data Protect GmbH

represented by the managing director Mr. Thilo Noack

Hans-Henny-Jahnn Weg 49

22085 Hamburg

Email: noack@sbs-data.de

The customer shall contact the Data Protection Officer named above, in order to exercise the rights set forth in this Privacy Policy or in case of questions regarding the use, collection and processing of personal data.

As the controller pursuant to data protection law provisions, HEALY undertakes to protect the personal data and privacy of its customers and to treat such data as confidential. The collection, storage, alteration, transfer, locking, erasure and use of personal data are performed on the basis of applicable statutory provisions, in particular on the basis of the General Data Protection Regulation (GDPR).

At HEALY, technical and organizational protection measures protect the customer’s data against any unauthorized access, accidental or intentional manipulation, destruction or loss.

Definition of Terms

The legislator requires that personal data shall be processed lawfully, fairly and in a transparent manner in relation to the data subject (‘lawfulness, fairness and transparency’); In order to guarantee this, we inform you about the individual legal definitions of terms which are also used in this Privacy Policy:

  1. Personal data

‘Personal data’ means any information relating to an identified or identifiable natural person (hereinafter ‘Data Subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

  1. Processing

‘Processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

  1. Restriction of processing

‘Restriction of processing’ means the marking of stored personal data with the aim of limiting their processing in the future.

  1. Profiling

‘Profiling’ means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements.

  1. Pseudonymization

‘Pseudonymization’ means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

  1. File system

‘Filing system’ means any structured set of personal data which are accessible according to specific criteria, whether centralized, decentralized or dispersed on a functional or geographical basis.

  1. Controller

‘Controller’ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

  1. Processor

‘Processor’ means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

  1. Recipient

‘Recipient’ means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.

  1. Third party

‘Third party’ means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data.

  1. Consent

‘Consent’ of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

Lawfulness of processing

Processing shall be lawful only if a legal basis exists for the processing. Pursuant to Art. 6 (1) sentence 1 lit. a – f GDPR legal basis for the processing can be in particular:

  1. the data subject has given consent to the processing of his or her personal data for one or more specific purposes;
  2. processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
  3. processing is necessary for compliance with a legal obligation to which the controller is subject;
  4. processing is necessary in order to protect the vital interests of the data subject or of another natural person;
  5. processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
  6. processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.

Information on the collection of personal data

In the following we inform you about the collection of personal data when using our website. Personal data are, for example, name, address, e-mail addresses, user behavior.

Sec. 1 Collection of personal data when visiting our website

When the website is used for the purpose of obtaining information, HEALY only collects the personal data that the customer’s browser transmits to the server of HEALY. If the customer would like to view the HEALY website, HEALY will collect the following data that are needed for technical reasons in order to display the website to the customer and in order to ensure stability and security:

Place of inquiry

IP address

date and time of the request

time zone difference to Greenwich Mean Time (GMT)

content of the request (specific page)

access status/HTTP status code

data amount transmitted in each case

website from which the request is sent

browser

operating system and its interface

browser software language and version

 

After a technical evaluation these data will be deleted immediately. Pursuant to Art. 6 (1) sentence 1 lit. f GDPR, this data collection serves to safeguard our legitimate overriding interests in the correct presentation of our website offering as part of a weighing of interests, as well as compliance with the basic EU data protection regulation in terms of security and confidentiality.

 

Sec. 2 Use of cookies

In addition to the above-mentioned data, cookies or similar technologies such as pixels (hereinafter generally referred to as “Cookies”) are used on your computer when you use and visit our website. Cookies are small text files that are stored by your terminal device on your computer to store certain information, or image files, such as pixels. The next time you visit our website using the same terminal device, the information stored in Cookies is subsequently sent back either to our website (“First Party Cookie”) or to another website to which the cookie belongs (“Third Party Cookie”).

Through the stored and returned information, the respective website recognizes that you have already accessed and visited it with the browser of your terminal device. We use this information in order to optimally design and display the website for you according to your preferences. Only the cookie itself is identified on your terminal device. Personal data will only be stored beyond that with your explicit consent or if this is absolutely necessary in order to be able to use the service offered and called up by you accordingly.

This website uses the following types of cookies, the scope and functioning of which are explained below:

  • Absolutely necessary Cookies (type a)
  • Functional and performance Cookies (type b)
  • Cookies requiring consent (type c)

For each of the tools that we use, we will inform you which cookie types are set and used in each case.

  • Absolutely necessary Cookies (type a)

Cookies that are absolutely necessary guarantee functions without which you cannot use our web pages as intended. These Cookies are used exclusively by us and are therefore first party cookies. This means that all information stored in the Cookies is returned to our website.

Absolutely necessary Cookies serve, for example, to ensure that as a registered user you always remain logged in when accessing various sub-pages of our website and thus do not have to re-enter your login data each time a new page is called up.

The use of absolutely necessary Cookies on our website is possible without your consent. For this reason, Cookies that are absolutely necessary cannot be individually deactivated or activated. However, you can deactivate Cookies in your browser at any time (see below).

The legal basis for this data processing is Art. 6(1) sentence 1 lit. b GDPR.

  • Functional and performance Cookies (type b)

Functional Cookies make it possible for our website to store information that has already been entered (such as registered name or language selection) and to offer you improved and more personal functions based on this information. These Cookies collect and store only anonymous information so that they cannot track your movements on other websites.

Performance Cookies collect information about how our websites are used in order to improve their attractiveness, content and functionality. These Cookies help us, for example, to determine whether and which sub-pages of our website are visited and in which content users are particularly interested. In particular, we record the number of visits to a page, the number of sub-pages viewed, the time spent on our website, the order of pages visited, which search terms have led you to us, the country, region and, if applicable, city from which access is made, as well as the proportion of mobile devices that access our websites. We also record movements, “clicks” and scrolling with the computer mouse to understand which areas of our website are of particular interest to users. Subsequently, we can tailor the content of our website more specifically to the needs of our users and optimize our offerings. The IP address of your computer transmitted for technical reasons is automatically anonymized and does not allow us to draw any conclusions about the individual user.

You can object to the use of functional and performance Cookies at any time by adjusting your Cookie settings accordingly.

The legal basis for this data processing is Art. 6(1) sentence 1 lit. f GDPR.

  • Cookies requiring consent (type c)

Cookies that are neither absolutely necessary (type a) nor functional or performance Cookies (type b) are only used after your consent.

We reserve the right to also use information that we have obtained by means of Cookies from an anonymous analysis of the usage behavior of visitors to our websites to show you specific advertising for certain of our products on our own websites. We believe that you, the user, will benefit from this because we will display advertisements or content that based on your browsing habits, we consider to fit your interests and you will be shown less randomly scattered advertisements or certain content that may be of less interest to you.

Marketing Cookies originate from external advertising companies (third party cookies) and are used to collect information about the websites visited by the user in order to create target group-oriented advertising for the user.

Opt-out for Marketing Cookies

You can also manage Cookies used for online advertising through tools developed in many countries as part of self-regulatory programs, such as the US-based https://www.aboutads.info/choices/ or the EU-based http://www.youronlinechoices.com/uk/your-ad-choices.

You can withdraw this consent to Cookies at any time with effect for the future here.

The legal basis for this data processing is Art. 6(1) sentence 1 lit. a GDPR.

  • Administration and deletion of all cookies

In addition, you can set your Internet browser to generally prevent the storage of Cookies on your terminal device or you are asked each time whether you agree to the setting of Cookies. Once Cookies have been set, you can also delete them at any time. How all this works in detail can be found in the help function of your browser.

Please note that a general deactivation of Cookies may result in functional limitations of our website.

 

Sec. 3 Server Log Files

You can visit our website without providing any personal information. Each time you access our website, usage data is transmitted to us or our web host/IT service provider via your Internet browser and stored in log data (so-called server log files). These stored data include, for example, the name of the page accessed, the date and time of access, the IP address, the amount of data transferred and the requesting provider.

This processing is carried out based on Art. 6(1) sentence 1 lit. f GDPR in the legitimate interest of ensuring the trouble-free operation of our website and improving our services.

 

Sec. 4 Collection and use of personal data in case of contact requests

When you contact HEALY by email or via the contact form, HEALY stores the data provided by you (your email address, if appl. your first and last name), in order to answer your inquiry. HEALY will delete the data collected in this context, once storage is no longer necessary, e.g. once your concern has been addressed. Otherwise, processing will be restricted in case of statutory retention obligations.

This data processing is performed on the basis of Art. 6(1) sentence 1 lit a GDPR in connection with the consent given by the customers.

 

Sec. 5 Collection of personal data at conclusion of contract and payment

When customers order products, the following personal data are stored during registration required for an order:

  1. title,
  2. name,
  3. address,
  4. telephone number,
  5. email address,
  6. if applicable, deviating shipping address,
  7. credit card, bank and direct debit data.

 

HEALY uses these data exclusively for the performance of the contract and the communication with the customers necessary in this context. This includes the preparation, conclusion and processing of the contract, warranties and, if need be, the reversal of the contract. The data are stored until the performance of the contract has been completed. In case of commercial and statutory retention periods, the data may be stored up to 10 years.

This data processing is performed for the performance of a contract on the basis of Art. 6(1) sentence 1 lit. b GDPR. The legal basis for the further storage for tax and commercial law reasons is the necessity for compliance with a legal obligation pursuant to Art. 6(1) sentence 1 lit. c GDPR.

 

Sec. 6 Data transfer

HEALY only discloses personal data of customers to the extent necessary for the performance of the contract or for the purposes of the legitimate interests of HEALY. HEALY uses external service providers (processors) for the performance of the contract. In order to ensure the protection of personal data of customers, separate data processing agreements have been concluded with the service providers.

 

In order to fulfill the delivery, the first name, last name, address, email address and telephone number of the customer are provided to the shipping company. This data transfer takes place for the performance of the contract with you, the customer. The legal basis for this data processing is Art. 6(1) sentence 1 lit. b GDPR.

 

For the processing of the payment, the payment data of the customer, namely the first name, last name, address, email address, telephone number, are provided to the respective payment provider. This data processing is performed for the performance of the contract with you, the customer, and/or on the basis of the consent given by you. The legal basis for this data processing is Art. 6(1) sentence 1 lit. a or lit. b GDPR.

 

We use the CRM and merchandise management system of TimeWaver Home GmbH for contract processing as part of processing. For this purpose, your personal data collected within as part of the order will be transmitted to Zoho Corporation Pvt. Ltd. / Datacenter Europe. The legal basis for this data processing is Art. 6(1) sentence 1 lit. f GDPR.

 

 

Sec. 7 Use of the data for marketing purposes, newsletter


HEALY will only use personal customer data in order to send a newsletter to the customers if the customers have given their prior consent to this type of use.

 

The only information that is mandatorily required for the newsletter to be able to be sent is the email address. The provision of further, specifically marked data is voluntary; by means of said data, customers can be addressed personally. After the confirmation, HEALY stores the customer’s email address for the purpose of sending the newsletter.

The customer may revoke the consent to the delivery of the newsletter at any time and unsubscribe from the newsletter. The customer may declare the revocation of consent by clicking on the link provided in each newsletter email or via email to office@healy.de.

This data processing is performed on the basis of the consent given by the customer; the legal basis is Art.6(1) sentence 1 lit. a GDPR.

 

Sec. 8 Use of external tools

Various tools from different companies are integrated on our website which enable us to evaluate your user behavior or to establish links with other websites. In order to ensure the protection of your personal data, separate data processing agreements have been concluded with the companies named below.

We work jointly with the following service providers:

Use of Google Analytics

This website uses Google Analytics, a web analytics service provided by Google Inc. (“Google”). Google Analytics uses so-called “cookies”, which are text files that are placed on your computer and help to analyze your use of the website. The information on your use of the respective website generated by the cookie is usually transmitted to and stored by a Google server in the United States. However, if IP Anonymization is activated on the respective website, within Member States of the European Union or in other contracting states to the Agreement on the European Economic Area, Google will shorten your IP address prior to transmitting it. Only in exceptional cases will the full IP address be transferred to and shortened by a Google server in the United States. Google will use this information on behalf of the operator of this website in order to evaluate your use of the website, to generate reports on the website activities and to provide further services associated with the website use and web use to the operator of this website.

The IP address transmitted by your browser in the context of Google Analytics will not be merged with other Google data.

You may prevent the placement of the cookies via your corresponding browser software settings; however, we would like to point out that you might not be able to fully use all the features of this website in this case. Furthermore, you can prevent the collection of the data generated by the cookie and relating to your use of the website (including your IP address) by Google as well as the processing of said data by Google by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de.

This website uses Google Analytics with the extension “_anonymizeIp()”. Thus, the IP addresses are processed after being shortened, which means that they cannot be linked to specific persons. If your collected data is directly linked to you, such connection is immediately excluded, and the personal data is thus erased immediately.

We uses Google Analytics in order to be able to analyze and regularly improve the use of our website. The statistics obtained enable us to improve its offer and to make it more interesting for you as the user. For the exceptions in which personal data is transmitted to the United States, Google has subjected itself to the EU-U.S. Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

Information of the third-party provider: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001. Terms of service:

http://www.google.com/analytics/terms/de.html, privacy overview: http://www.google.com/intl/de/analytics/learn/privacy.html, and the privacy policy: http://www.google.de/intl/de/policies/privacy.

In addition, this website uses Google Analytics for a cross-device analysis of user flows; this analysis is performed via a user ID. You have the option to deactivate the analysis of the use across different devices in your account under “My Data”, “Personal Data”.

The use of Google Analytics is based on the legal basis of Art. 6(1) sentence 1 lit. a GDPR, your consent. Storage period of the cookies, which are placed on this web page, up to 12 months.

 

Google Analytics advertising function

If you consent to the use of Google Analytics advertising functions, this website will use the enhanced functions of Google Analytics in addition to the standard functions. The Google Analytics advertising functions implemented on this site include Google Analytics reports on performance by demographics and interests.

For this purpose, we use first-party cookies (e.g., Google Analytics cookies) and third-party cookies (e.g., DoubleClick cookies) together to help us analyze which demographic features and interests that visitors to our site typically have in an anonymous and aggregated manner. We use this information to improve our websites.

You can avoid participation in this tracking process in various ways: a) by setting your browser software accordingly; b) by deactivating the Google ad settings at https://www.google.com/ads/preferences/?hl=de c) by setting the appropriate cookie [link to cookie settings page]. We point out that in this case you may not be able to make full use of all the functions of this offer. The storage period is up to 26 months. The use of Google Analytics advertising functions is based on the legal basis of Art. 6(1) sentence 1 lit. a GDPR, your consent.

 

Use of Google Maps

On our website we use Google Maps to display our location and to create a route description. This service is provided by Google LLC, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter referred to as “Google”.

With its certification under the EU-US Privacy Shield https://www.privacyshield.gov/, Google guarantees that the EU’s data protection requirements will also be met when data is processed in the United States.

In order to enable the display of certain fonts on our website, a connection to the Google server in the USA is established when our website is called up.

If you call up the component Google Maps integrated in our Internet presence, Google stores a Cookie on your terminal device via your Internet browser. Your user settings and data are processed in order to display our location and create a route description. In this context, we cannot exclude that Google uses servers in the USA.

The legal basis is Art. 6(1) sentence 1 lit. f GDPR. Our legitimate interest is the optimization of the functionality of our Internet presence.

The connection to Google established in this manner enables Google to determine which website has sent your inquiry and to which IP address the route description is to be sent.

If you do not agree with this processing, you can avoid the installation of Cookies with the appropriate settings in your Internet browser. Details can be found above under “Cookies”.

In addition, the use of Google Maps and the information obtained via Google Maps is governed by the Google Terms of Use https://policies.google.com/terms?gl=DE&hl=de and the Google Maps Terms of Use https://www.google.com/intl/de_de/help/terms_maps.html.

Moreover, Google provides further information at https://adssettings.google.com/authenticated and https://policies.google.com/privacy.

In order to protect your rights and personal data, we have provided Google Maps with a so-called two-click solution, which only transmits data to Google after you have explicitly activated the map function.

 

Google Ads Conversion

We use the services of Google Ads Conversion to draw attention to our attractive offers assisted by advertising media (so-called Google Ads) on external websites. In regard to the data of the advertising campaigns, we can determine how successful the individual advertising measures are. We use this to pursue the interest to show you advertisement, which is of interest to you, to make our website more interesting to you and to achieve a fair calculation of advertising costs.

These advertising media are delivered by Google via so-called “Ad Servers”. We use Ad Server Cookies, which can measure certain parameters such as the display of ads or clicks by users to measure success. If you access our website via a Google advertisement, Google Ads stores a Cookie on your terminal device. These Cookies usually lose their validity after 30 days and are not intended to identify you personally. The unique cookie ID, number of ad impressions per placement (frequency), last impression (relevant for post-view conversions) and opt-out information (marking that the user no longer wishes to be addressed) are usually stored as analysis values for this Cookie.

These cookies enable Google to recognize your Internet browser. If a user visits certain pages on an ad customer’s website and the Cookie stored on his/her computer has not expired, Google and the customer may recognize that the user clicked on the ad and was directed to that page. Each ads customer is assigned a different Cookie. Cookies can therefore not be traced via the websites of ads customers. We do not collect and process any personal data in the aforementioned advertising measures ourselves. We only receive statistical evaluations from Google. Based on these evaluations, we can identify which of the used advertising measures are especially effective. We do not receive any further data from the use of the advertising media, we can, in particular, not identify the users based on this information.

Due to the marketing tools used, your browser automatically establishes a direct connection with the Google server. We have no influence on the extent and further use of the data collected by Google through the use of this tool and therefore inform you according to our state of knowledge: By integrating Ads Conversion, Google receives the information that you have called up the relevant part of our website or clicked on an advertisement from us. If you are registered with a Google service, Google can assign the visit to your account. Even if you are not registered with Google or have not logged in, it is possible that the provider may find out and store your IP address.

 

Facebook Custom Audiences – Facebook Pixel

The website uses the remarketing function “Custom Audiences” of Facebook Inc. (“Facebook”) to contact you again within 6 months. This allows users of the website to view interest-based advertisements (“Facebook Ads”) when visiting the Facebook social network or other sites that also use the process. We use this to pursue the interest to show you advertisement which is of interest to you, to make our website more interesting to you.

Due to the marketing tools used, your browser automatically establishes a direct connection with the Facebook server. We have no influence on the extent and further use of the data collected by Facebook through the use of this tool and therefore inform you according to our state of knowledge: By integrating Facebook Custom Audiences, Facebook receives the information that you have called up the relevant website of our Internet presence or clicked on an advertisement from us. If you are registered with a Facebook service, Facebook can assign the visit to your account. Even if you are not registered with Facebook or have not logged in, it is possible that the provider may find out and store your IP address and additional identification features.

You can deactivate the “Facebook Custom Audiences” function here and as a logged in user at https://www.facebook.com/settings/?tab=ads#_.

For more information about Facebook’s data processing practices, please visit https://www.facebook.com/about/privacy

Used Cookies: type c. You can find more information in the “Cookies” section.

The use of Facebook Custom Audiences is based on the legal basis of Art. 6(1) sentence 1 lit. a GDPR, your consent.

 

Sec. 9 Facebook fan page

For the information service offered on this page, HEALY uses the technical platform and the services of Facebook Ireland Ltd., 4 Grand Canal Square Grand Canal Harbour, Dublin 2, Ireland (“Facebook”).

In the opinion of the ECJ, Facebook and the operator of a Facebook fan page are joint controllers within the scope of Art. 26 GDPR with regard to the personal data that are processed via the Facebook fan page. For this reason, Facebook and HEALY have concluded an agreement on their joint responsibility, which is available here.

HEALY provides you with the following information on the data processing on our Facebook fan page:

(1) Controllers

The processing of your personal data on the Facebook fan page of HEALY is performed in joint responsibility with:

Facebook Ireland Ltd., 4 Grand Canal Square Grand Canal Harbour, Dublin 2, Ireland

(2) Data processing

When you visit a Facebook fan page, the IP address of your device is transmitted to Facebook. According to the information provided by Facebook, said IP address is anonymized and deleted after 90 days, at least if it is a German IP address. Facebook also stores additional information about the devices of its users, e.g. the Internet browser used. This might enable Facebook to link IP addresses to individual users. If you are logged into your Facebook account while visiting our fan page, a cookie with your Facebook ID will be on your device. Due to this cookie, Facebook is able to trace that you have visited our fan page and how you have used it. Facebook uses this information in order to display personalized content or advertising to you.

If you would like to avoid this, you should log out of your Facebook account and/or deactivate the “Keep me logged in” function. In addition, we recommend that you delete existing cookies from your device and close and re-start your browser. Through this measure, Facebook information via which Facebook can link data to you is deleted.

However, if you would like to use the interactive features of our fan page, you will have to once again log into Facebook with your Facebook log-in information. Thus, Facebook will once again be able to link data to you.

Neither does Facebook conclusively and clearly state nor do we know in what manner Facebook uses the data obtained from your visit to Facebook pages for its own purposes, to what extent activities on the Facebook page are linked to individual users, how long Facebook stores these data and whether data obtained from your visit to Facebook page is disclosed to third parties. We can only refer you, as users of our fan page, to Facebook’s statements regarding data protection.

The data concerning you collected in this context are processed by Facebook and might be transferred to countries outside the European Union.

Facebook describes in a general manner what information Facebook obtains and how it uses it in the data use policy. There, you can also find information on how to contact Facebook and on how to adjust the ads settings. The data use policy is available at: http://de-de.facebook.com/about/privacy

The full data use policy of Facebook is available at:

https://de-de.facebook.com/full_data_use_policy

Facebook’s data policy includes further information on data processing:

https://www.facebook.com/about/privacy/

Opt-out options are available here: https://www.facebook.com/settings?tab=ads and here http://www.youronlinechoices.com

Facebook Inc., the U.S. parent company of Facebook Ireland Ltd., is certified under the EU-U.S. Privacy-Shield and thus undertakes to comply with the provisions of European data protection law. Further information on the Privacy Shield status of Facebook is available at: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active.

As the operators of the Facebook fan page, we are not able to assess the transfer and further processing of personal data of the users in(to) third countries, such as the United States, and the associated potential risks for you, the user.

(3) Insights function

In addition, Facebook provides in the context of the so-called “Insights” function a number of statistical data to SBS-Legal as the fan page operator.  These statistics are generated and provided by Facebook. As the operators of the fan page, we do not have any influence on the generation of these statistics and are, in particular, not able to prevent this function.  In the context of the “Insights” function, the following information is respectively provided to us for the categories “fans”, “followers”, “people reached” and “interacting people” for a selectable period of time:

page activities, such as page visits, page previews, activities on the page, reach activities such as “Like” clicks, persons reached and recommendations, contribution activities such as contribution interactions, viewing of videos, comments, shares.

In addition, we are provided with statistical information on the Facebook groups that are linked to our fan page.  In accordance with Facebook’s terms of service, which every user has accepted in the context of the creation of a Facebook profile, we are also able to identify the subscribers and fans of the page and view their profiles and other information they share.

Further information is provided by Facebook under the following link:

http://de-de.facebook.com/help/pages/insights.

HEALY uses these data available in aggregated form, in order to make contributions and activities on the fan page more attractive to the users, for example in order to plan the content and timing of contributions. The legal basis for this data processing is Art. 6(1) sentence 1 lit f GDPR, namely our legitimate interest in the optimization of our offer.

(4) Storage period

We only store the information transmitted by Facebook for as long as our interests are not overridden by your interest in the erasure or anonymization of said information.

Please remove the link between your user profile and our fan page by using the “Unlike this Page” and/or “Unfollow this Page” functions, if you wish that the described data processing be not performed in the future.

(5) Your rights as a data subject

In case of requests for information or other questions regarding your rights, which are listed at the end of this Privacy Policy, we recommend that you contact Facebook directly, since only Facebook has full access to the user data. However, if you send your inquiry to us, we will of course process it and also forward it to Facebook.

 

Sec. 10 Children

Our offer is generally aimed at adults. Persons under the age of 18 should not transmit any personal data to us without the consent of their parents or legal guardians.

 

Sec. 11 Rights of the data subjects

Data subjects have the right to:

– obtain information or confirmation on the processing of their data

– rectification or erasure of their data

– restriction of processing

– object to the processing

– data portability

– withdraw their consent with future effect

– lodge a complaint with a supervisory authority

A list of all supervisory authorities responsible for Germany is available at https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html

 

We hope that this information helps you to exercise your rights. Please feel free to contact us if you would like to obtain further information on data protection provisions.

 

 

 

Privacy Policy last updated on: 16 September 2019

Scroll to Top