Protection of personal data

Wellzia sa is the operator of the website www.https://skinfiz.ch/gb/ and the services offered on the site and is therefore responsible for the collection, processing and use of your personal data and the compatibility of data processing with applicable data protection law.

Your trust is important to us, and we take data protection very seriously, making sure that we offer the security you expect. Naturally, we comply with the legal provisions of the Federal Data Protection Act (DPA), the Ordinance on the Federal Data Protection Act (FDPA), the Telecommunications Act (TCA) and other applicable data protection provisions of Swiss or European legislation, in particular the General Data Protection Regulation (GDPR).

So that you know what personal data we collect and for what purposes we use it, please read the following.

1. Visiting our website

When you visit our website, our server temporarily records each of your visits in a file. We record the following technical data, as we do every time you connect to a web server, without any action on your part, and store it until it is automatically deleted after 12 months at the latest:

  • The IP address of the computer accessing the site
  • The name of the owner of the IP address range (usually your ISP)
  • The date and time of access The website from which you accessed our site (referring URL) and any search terms
  • The name and URL of the file accessed The status code (e.g. error message)
  • Your computer's operating system
  • The browser you use (type, version and language)
  • The transmission protocol used (e.g. HTTP/1.1)
  • The purpose of collecting and processing this data is to enable the use of our website (establishment of a connection), to ensure the long-term security and stability of the system and to enable the optimisation of our online offering as well as the compilation of internal statistics. This processing is based on our legitimate interests pursuant to Art. 6 para. 1 let. f RGPD.

2. Creating a customer account

To place an order in our online shop, you can either place an order as a visitor or create a customer account. When you register for a customer account, we collect the following data:

  • First name and surname
  • Postal address
  • E-mail address
  • Password
  • Telephone number (optional)

This data is collected in order to provide you with direct, password-protected access to your basic data stored in our system. Customers can consult their previous and current orders or manage or modify their personal data.

Your consent in accordance with Art. 6(1)(a) GDPR is the legal basis for the processing of data for this purpose.

3. Shopping in the online shop

If you place an order in our online shop, we need the following data to fulfil the contract:

  • First name and surname
  • Invoice address (and delivery address if different)
  • Payment details (depending on the payment method you choose)
  • Your login details, i.e. your e-mail address and password (for customers with an account)

Unless otherwise specified in this privacy policy or you have given your separate consent, we use the above-mentioned data solely for the purpose of fulfilling the contract, i.e. processing your order, delivering the products ordered and ensuring that payment is made correctly. The legal basis for the processing of data for this purpose is the performance of a contract in accordance with Article 6(1)(b) GDPR.

4. Contact via online form or e-mail

Online form and e-mail

Personal data is collected if you authorise us to do so when you contact us using the online form or by e-mail. We only use your data to provide you with the information or services you require, which means that only the information and data absolutely necessary to respond to your request or to fulfil the contract are recorded and processed.

If you contact us but do not place an order, your details will be deleted from our customer database if you so wish.

5. Transmission of data to third parties

We will only pass on your personal data if you have expressly consented to it, if we are under a legal obligation to do so or if it is necessary to assert our rights, in particular to assert our rights arising from the contractual relationship.

We also pass on your data to third parties insofar as this is necessary for the use of the website and the performance of the contract (including outside the website), in particular for processing your bookings. These third parties include, in particular, the transport companies responsible for dispatching the goods ordered.

6. Integration of TRUSTPILOT

The TRUSTPILOT is integrated on this website to display our Trusted shops quality label and all the reviews collected or to offer buyers TRUSTPILOT products after an order.

These operations serve to protect our overriding legitimate interests in relation to the optimal marketing of our products within the framework of a balancing of the various interests, in accordance with Art. 6 para. 1, first sentence, letter f RGPD.

7. Information about your credit card

Finally, we transmit your credit card information to your credit card issuer and acquirer when you pay by credit card on our website. If you choose to pay by credit card, you must enter all the necessary information. The legal basis for the transfer of data is the performance of a contract in accordance with Article 6(1)(b) GDPR. With regard to the processing of your credit card information by these third parties, please also read the general terms and conditions and the privacy policy of your credit card issuer.

8. Data transmission abroad

We may transfer your personal data to third-party companies (contracted service providers) abroad for the data processing purposes specified in this privacy policy. These companies are subject to the same level of data protection as we are. If the level of data protection in a given country does not correspond to the Swiss or European level, we will ensure by contractual means that the protection of your personal data corresponds to that of Switzerland or the EU.

9. Cookies

Cookies help us in many ways to make your visit to our website easier, more pleasant and more practical. Cookies are files containing information that your web browser automatically saves on your computer's hard drive when you visit our website.

For example, we use cookies to display your shopping basket on all the pages you visit and to temporarily store the information you enter when you fill in a form on our website so that you do not have to enter it again when you visit a sub-page. Cookies may also be used to identify you as a registered user following your registration on our website so that you do not have to log in again when you visit another sub-page.

Most Internet browsers automatically accept cookies. However, you can configure your browser so that it does not store any cookies on your computer or so that a message appears each time you receive a new cookie. The following pages explain how to configure cookie handling for the most commonly used browsers:

  • Microsofts Windows Internet Explorer
  • Microsofts Windows Internet Explorer Mobile
  • Mozilla Firefox
  • Google Chrome for desktop
  • Google Chrome for mobile
  • Apple Safari for desktop
  • Apple Safari for mobile

Deactivating cookies may prevent you from using all the functions of our site.

Google tag manager

We also use Google's tag management service to manage our interest-based advertising services. The tag management service itself is an area that does not use cookies and does not record any personal data. The beacon manager is primarily intended to generate other beacons which record certain data (see above for what purpose). If you deactivate the domain or the cookies, this deactivation will apply to all tracking tags implemented by the Google tag manager.

10. Monitoring tools

General

We use the Google Analytics audience analysis service to ensure that our website is properly presented and continually optimised. In doing so, we create pseudonymised usage profiles and use small text files stored on your computer ("cookies"). The information generated by the cookie about your use of this website is transmitted to the servers of the provider of these services, then stored and processed for us. In addition to the data specified in section 1, we may receive the following information:

  • Navigation path taken by a visitor on the website
  • Length of visit to the site or a sub-page
  • The page from which the visitor leaves the website
  • The country, region or city from which access is gained
  • The device used (type, version, colour depth, resolution, width and height of the browser window) and
  • Recurring or new visitor.

The information is used to analyse the use of the website, to compile reports on website activities and to provide other services in connection with the use of the website and the Internet for the purposes of market research and the appropriate presentation of this website. This information may also be passed on to third parties insofar as this is required by law or if third parties are commissioned to process this data.

Google Analytics

The Google Analytics provider is Google Inc, an Alphabet Inc. holding company based in the USA. Before the data is forwarded to the provider, the IP address is abbreviated by activating IP anonymization ("anonymizeIP") on this website within the Member States of the European Union or in other signatory states of the Agreement on the European Economic Area. Google will not associate the anonymised IP address transmitted by your browser within the framework of Google Analytics with any other data. In exceptional cases, the full IP address will be transmitted to a Google server in the USA and then abbreviated. In this case, we provide contractual guarantees that Google Inc. complies with an adequate level of data protection. Google Inc. does not associate the IP address with any other data relating to the user.

Further information on the web analytics service used can be found on the Google Analytics website. To find out how to prevent your data being processed by the web analytics service, please visit the following address: https://tools.google.com/dlpage/gaoptout?hl=fr . .

Our website also uses Google Optimize. Google Optimize analyses the use of different variants of our website and helps us to improve usability on the basis of the behaviour of our users on the website. Google Optimize is an integrated tool within Google Analytics.

Google Ads conversion tracking

We also use Google Ads conversion tracking. To do this, Google Ads places a cookie on your computer, provided that you have arrived at our website by clicking on a Google ad. These cookies are no longer valid after 30 days and are not used for personal identification. If you visit certain pages of our site during the period of validity of the cookie, Google and we can see that someone has clicked on an ad and has therefore been redirected to our site. A different cookie is allocated to each AdWords client. Cookies cannot therefore be tracked on the websites of AdWords clients. The information gathered using conversion cookies is used to produce conversion statistics for customers who have opted for conversion tracking. AdWords customers obtain the total number of users who clicked on their ad and were redirected to a site equipped with a conversion tracking tag. However, they do not receive any personally identifiable information. If you do not wish to take part in tracking, you can refuse the placement of the cookie required for this tracking in your browser settings, which disable the automatic placement of cookies. You can also deactivate conversion tracking cookies by blocking cookies for the "googleadservices.com"in your browser.

11. Details of data transmissions to the United States

For the sake of completeness, we inform users whose domicile or registered office is in Switzerland that the United States are subject to surveillance measures by the US authorities. These measures generally allow the recording of all the personal data of persons whose data has been transferred from Switzerland to the United States. This is done without any differentiation, limitation or exception based on the aim pursued and without any objective criterion making it possible to limit the access of the American authorities to the data and their subsequent use to very precise and strictly limited purposes likely to justify the harm involved in accessing and using this data. Furthermore, we would like to inform you that in the United States, there is no legal remedy available to data subjects from Switzerland that would allow you to access data concerning you and obtain its rectification or deletion, nor is there any effective legal protection against general access rights of the US authorities. We explicitly draw the attention of the data subject to this legal and factual situation so that he or she can make a decision based on information regarding consent to the use of his or her data.

Users domiciled in an EU Member State are advised that, in the EU's view, the USA does not provide an adequate level of data protection, particularly in view of the issues raised in this section. Insofar as we have explained in this privacy policy that certain data recipients (e.g. Google) are based in the USA, we will ensure, either by means of contractual arrangements with these companies or by means of their certification under the EU-US or Swiss-US Data Protection Shield, that your data is afforded a reasonable level of protection by our partners.

12. Advertising on marketing networks

Remarketing with Google Ads

Our website uses Google Ads Remarketing to serve ads for this website in Google search results or on third-party websites. To do this, Google uses a remarketing cookie which is placed on the browser of your device and which, thanks to an anonymous cookie identifier and on the basis of your previous searches, will be able to offer targeted advertisements. The data is processed in accordance with the provisions of article 6 al. 1, first sentence, letter f in our legitimate interest in the optimal marketing of our website. Once the purpose has been removed and we no longer use Google Ads remarketing, the data collected in this context will be deleted

This data may be further processed only if you have agreed with Google that your web browsing history and history in Google applications can be linked to your Google Account and that your Google Account information can be used to personalise the ads you see on the web. In this case, if you are logged in to Google when you visit our website, Google will use your data together with Google Analytics data to create and define a list of targets for cross-marketing. Google will thus temporarily cross-reference your personal data with Google Analytics data in order to form target groups.

Google AdWords Remarketing is provided by Google LLC (www.google.de). Google LLC is headquartered in the USA and is certified under the EU-US Data Protection Shield. You can view the current certificate here. As a result of this agreement between the United States and the European Commission, the latter has defined a sufficient level of data protection for companies certified under the Data Protection Shield.

You can deactivate the remarketing cookie by clicking on this link. You can also find out more about the creation of cookies at Digital Advertising Alliance and make your settings there.

Facebook Remarketing

Via Facebook (Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA), we advertise this website on the Facebook platform. To do this, Facebook sets a cookie which, thanks to an anonymous cookie identifier and on the basis of your previous searches, will be able to offer targeted advertising. As a Facebook member, you can deactivate the retargeting cookie via this link. You can also set your browser to inform you when cookies are used and decide whether to accept them in certain cases or to refuse them in general. Deactivating cookies may prevent you from using all the functions of our website.

13. Right to information, rectification, erasure and restriction of data; right to data portability

You have the right to obtain, on request, information about your personal data stored by us. In addition, you have the right to rectification of incorrect data and deletion of your personal data, provided there is no legal obligation to retain the data or any legal basis for us to process the data.

You also have the right to demand the return of the data you have sent us (right to data portability). On request, we will also forward the data to a third party of your choice. You have the right to obtain the data in a standard format.

If you have any questions about the collection, processing or use of your personal data, or if you would like information, to rectify, block or delete data or revoke authorisation or object to certain uses of data, please contact us directly using the contact details given in the imprint.

14. Data security

We use appropriate technical and organisational security measures to protect your personal data stored by us against manipulation, partial or total loss and against unauthorised access by third parties. Our security measures are constantly improved in line with technological developments.

You must always keep your access data confidential and close the browser window when you have finished communicating with us, especially if you are not the only person using the computer.

We also take data protection very seriously within our company. Our employees and the service providers we use are bound by confidentiality and data protection legislation.

15. Data retention

We store personal data only for as long as is necessary for the use of the above-mentioned monitoring and analysis services and for further processing based on our legitimate interests. We retain contractual data for a longer period if this is required by legal retention obligations. The retention obligations which require us to retain data arise from the provisions relating to the right to notify the authorities, financial accounting and tax law. In accordance with these provisions, commercial communications, contracts concluded and accounting documents must be kept for up to 10 years. As soon as we no longer need this data to perform our services to you, it will be blocked. This means that the data may only be used for accounting and tax purposes.

16. Right to lodge a complaint with a supervisory authority responsible for monitoring data protection

You have the right to lodge a complaint with a data protection supervisory authority.