Privacy Policy


PRIVACY POLICY

As of May 25th, 2018

This Privacy Policy aims to give you information on how we collect and process your personal data. The SANTA LUPITA website, mobile app and any other means of collecting personal data are controlled by SANTA LUPITA GmbH, referred to as “we”, “us” or “our” throughout this Privacy Policy. We are the primary data controller for the purposes of this website and our registered office is Max-Dingler Str. 15, 82131 München-Stockdorf, GERMANY. It is important that you read this Privacy Policy together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This Privacy Policy supplements the other notices and is not intended to override them. We may amend this Privacy Policy at any time by posting the amended terms herein. All amended terms automatically take effect 30 days after they are posted. We will announce any material changes and their rationale to this Privacy Policy through email.

 

SCOPE

This Privacy Policy describes our collection, use, disclosure, retention and protection of your personal data. It applies to any SANTA LUPITA web or mobile view where this Privacy Policy appears. By navigating to a SANTA LUPITA website or mobile view, by transacting and by registering an account, you are agreeing to the terms of this Privacy Policy. SANTA LUPITA GmbH is the data controller of your personal data and is responsible for the collection, use, disclosure, retention and protection of your personal information in accordance with the General Data Protection Regulation. SANTA LUPITA may transfer your personal information outside of the European Economic Area to our group companies and authorised third parties. Where we use third party service providers based outside of the European Economic Area, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe. Where we use third party service providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US.

USE

In the case of data processing, concerns relating to the Customer’s data protection will be taken into consideration in accordance with the legal regulations. In principle, all personal data will be treated confidentially. We use the personal information we collect to: provide and improve our services, provide you with a personalised experience on our sites, contact you about your account, provide you customer service, provide you with personalized advertising and marketing, and detect, prevent, mitigate and investigate fraudulent or illegal activities. We process personal data for purchases, payments, customer support and fulfilment to enable us to perform our contract with you; where your contact details and transactional information are processed. The data requirements for handling transactions will be stored for the purpose of examining a Customer's credit worthiness and solvency control during the term of the contractual relations, the address and solvency data may, if appropriate, be delivered to Schufa, 65203 Wiesbaden, Germany, and other business information services. We process personal data relating to your interaction (transactions, site visits) with SANTA LUPITA to enable us to personalise your experience with our websites. This processing constitutes profiling under the GDPR and we process your personal data in this way as it is in our legitimate interest to offer you a personalised experience on our sites and to provide you with personalised advertising and marketing. We retain your personal information as long as it is necessary and relevant for our operations. In addition, we may retain personal information from closed accounts to comply with legal requirements, prevent fraud and resolve disputes. Where a legal requirement obliges the retention of personal data for a specific minimum period, we will retain data for at least that period. When we determine the maximum retention duration of any personal data we hold we do so with regard to our legitimate interests to retain data, our obligation under GDPR to minimise data we hold with what we do hold as personal data being kept proportionate; the nature, and sensitivity of the personal data and the potential risk of harm from unauthorised use or disclosure of your personal data. We use and retain your personal information to provide, improve and personalise our service to:

  • Offer you site content that includes items and services that you may like and to keep track of your basket
  • Customize, measure and improve our services
  • Hold views between web and mobile sites, deep linking and device linking
  • Provide other services requested by you as described when we collect the information
Where we have the right to do so, we shall use and retain your personal information to personalise communications, to contact you, either via email, telephone, social media, text messages or postal mail in order to inform you of account activity, delivery fulfilment and marketing related activity. We use and retain your personal information to prevent, detect, mitigate and investigate fraudulent or illegal activities. This will involve the machine learning based statistical analysis which permits the identification of buying patterns which allow us to further personalise your experience. We retain your personal information as long as it is necessary and relevant for our operations. In addition, we may retain personal information from closed accounts to comply with legal requirements, prevent fraud and resolve disputes. After it is no longer necessary for us to retain your personal information, we dispose of it securely according to our data retention and deletion policies.

 

YOUR RIGHTS AS USER/CUSTOMER

The Customer may oppose and/or revoke said use, processing and/or transmission of its data for marketing purposes at any time by notifying us. Upon receipt of an opposition and/or the revocation, SANTA LUPITA will no longer use and process the data in question for marketing purposes and/or immediately discontinue the further sending of advertising material and/or no longer disseminate the data for marketing purposes. The General Data Protection Regulation provides for rights of access, modification and deletion of your personal information. The GDPR provides you with the following rights:

The right of access

Your right to obtain confirmation as to whether or not personal data are being processed, and, where that is the case, access to the personal data along with details regarding the nature of processing.

The right of rectification

Your right to obtain the rectification of inaccurate personal data.

The right of portability

Your right to receive the personal data concerning provided to us, in a structured, commonly used and machine-readable format.

The right to be forgotten

Your right to erase your personal data.

The right to restrict processing

Your right for your data to be effectively ‘frozen’; stored and not further processed.

The right to object

Your right to object to how your personal data is processed including your right to object to our profiling of you as outlined in this privacy policy.

To submit your rights, please send us an email: mail@santalupita.com

MANAGING PREFERENCES

You can control how we send personalized marketing, by channel and by frequency, from the Manage Preferences section of a registered account. Accessing Manage Preferences allows you to control how we communicate with you. If you do not wish to receive marketing communications from us, you can unsubscribe from the link in the email you received, or by changing your Marketing Preferences. Recipients who no longer wish to receive our newsletter or our promotional e-mails click a link called "UNSUBSCRIBE", which is included in all emails sent from SANTA LUPITA.

DISCLOSURE AND SECURITY

We may disclose your personal information to legal entities representing SANTA LUPITA, and to third authorised third parties. We do not disclose your personal information to third parties for marketing purposes. We protect your information using measures that reduce the risks of loss, misuse, unauthorised access, disclosure and alteration. We minimise the amount of personal information we disclose to what is directly relevant and necessary to accomplish the specified purpose. In so doing we may disclose your personal information to authorised third party service providers who help us to provide our services such as:
  • Payment providers to facilitate purchases
  • Fulfilment providers to facilitate order management, packaging and delivery
Where legally compelling grounds exist, we may also disclose your personal information to governmental and law enforcement agencies, and otherwise in the defence of legal claims. We protect your information using measures that reduce the risks of loss, misuse, unauthorised access, disclosure and alteration. We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions. If we were to be acquired by another company, we may share information with them and we will require that company to agree follow this Privacy Policy with respect to your personal information.

COOKIE POLICY - USE OF COOKIES

This site uses Google Analytics, a web analysis service of Google Inc. (“Google”). Google Analytics uses “cookies,” text files that are saved on your computer and that allow your use of the website to be analyzed. As a rule, information generated by the cookie about your use of this website is transferred to a server in the United States and saved there.
However, if IP anonymization is activated on this website, within the member states of the European Union or in other contracting states to the Agreement on the European Economic Area Google will abbreviate your IP address prior to transfer or saving. Only in exceptional cases will the full IP address be transferred to a Google server in the United States and abbreviated there.
Google will use this information on behalf of the user of this website to analyze your use of the website, to compile reports about the website activities and to provide the website operator additional services connected with website use and internet use. Google will not join the IP address transmitted from your browser within the scope of Google Analytics with other data. You can prevent cookies from being saved by using the corresponding setting in your browser software; however, please note that in this case you may not be able to make full use of all this website’s functions. Additionally, you can prevent Google from acquiring the data generated by the cookie and related to your use of this website (including your IP address) as well as Google’s processing of this data by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de On our website we use Social Plugins („Plugins“) of the Social Network Facebook.com, operated by Facebook Inc., 1601 S. California Ave. Palo Alto, CA 94304, USA („Facebook“). When our website, which is provided with a plugin, is visited, a server connection is provided by the browser and the plugin will be displayed on the website. The content of the plugin is transfered by Facebook directly to your browser. We have no influence on the scope or data which is transfered to Facebook and therefore can only pass on what we currently know: By integrating the plugin, Facebook is informed that the corresponding page of our website has been visited. If you are logged in as a member on Facebook, Facebook assigns this information to the personal Facebook user account. If the plug-in functions ("like"- button or leaving a comment) are used, the corresponding information is transmitted by the browser directly to Facebook. This can be avoided by logging out on Facebook before using the plugin. Even if you are not a member of Facebook, there is the possibility that Facebook tracks the IP address. For more detailed information on privacy and the use of data by Facebook, we may refer to the privacy policy of Facebook, which can be found at http://www.facebook.com/policy.php. To prevent Facebook from collecting data you need to be logged out before visiting our website. If you have signed up for the SANTA LUPITA newsletter, SANTA LUPITA uses your registration data for the purpose of sending the SANTA LUPITA newsletter. There is no transfer of your data to third parties. The only exceptions are partners who are responsible for the technical operation of the newsletter sending. In these cases the amount of transferred data is limited to the neccessary minimum. Our data protection rules are in compliance with the Federal Data Protection Act (BDSG) and the Telemedia Act (TMG).

QUESTIONS

If you have a question about this Privacy Policy, please contact: mail@santalupita.com or SANTA LUPITA GmbH, Max-Dingler Str. 15, 82131 Stockdorf, GERMANY. It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.