1. Name and contact details of the controller
TAUTROPFEN Naturkosmetik GmbH
D-60311 Frankfurt am Main
Tel.: +49 69 247 480 510
Fax: +49 69 247 480 520
2. Collection and storage of personal data & nature and purpose of the use of personal data
We will only collect your personal data to the extent permitted by law. We will not collect any “special categories of personal data”, as defined in Art. 9 GDPR.
a) When you visit our website
When you visit our website (www.tautropfen.com), information will be sent automatically from your browser to our website server. This information will be temporarily stored in a “server log file”. This server log file will not be stored for longer than seven days. The following data will be logged:
· The IP address of the requesting computer;
· The date, time and frequency of page access;
· The date and time of access;
· The name and URL of the accessed file;
· The volume of data transmitted;
· The website from which the site is accessed (referrer URL);
· The browser used and, if applicable, the operating system of your computer and the name of your access provider.
We will process this data for the following purposes:
· To ensure a smooth connection to our website;
· To ensure the comfortable use of our website;
· To evaluate the security and stability of our system; and
· To perform other administrative tasks and improve our services.
b) When you subscribe to our newsletter
If you give your explicit consent in accordance with point (a) of Art. 6 (1) GDPR, we will use your email address to send you our regular newsletter. If you would like to receive our newsletter, you only have to provide your email address. You can unsubscribe at any time (e.g. by clicking on the link at the bottom of each newsletter). Alternatively, you can always submit a subscription cancellation request to email@example.com.
c) When you contact us or place an order
If you have any questions, we offer you the opportunity to get in touch with us by filling out the contact form on our website. You will have to enter a valid email address, so that we know who has sent the enquiry and can respond accordingly. Further information may be provided voluntarily. We will process your data for the purpose of communicating with you on the basis of your optional consent provided in accordance with point (a) of Art. 6 (1) GDPR. The personal data collected via the contact form will be automatically deleted once we have dealt with your enquiry. We will comply with the statutory deletion requirements. If you submit an enquiry or place an order, we will process the following types of personal data when necessary:
· Your basic data (e.g. name, address, date of birth);
· Your account details;
· Your email address;
· Your order details; and
· Your previous orders
d) When you submit an application
We generally collect personal data over the course of our application processes. You can send your application to firstname.lastname@example.org. If you do this, all personal data collected from you will be immediately deleted after we have checked your documents.
In accordance with Art. 13 (1) and (2) GDPR, our employees will immediately inform you in writing that your documents have been received and explain how and why your data is being collected and how long it will be kept prior to deletion.
Your data will generally be stored for the duration of the application process and, when the vacancy is filled, for a further 3 months thereafter. We will take the appropriate technical and organisational measures to prevent the necessary data collected over the course of the application process from being accessed and manipulated by unauthorised third parties. As this cannot currently be ensured if you submit your application data via email, however, we would advise you to send us confidential information by post.
If you still wish to submit your application via email, we recommend attaching all documents as an encrypted .zip folder. You can share the password needed to open the compressed files by phone. We will not collect any “special categories of personal data”, as defined in Art. 9 GDPR.
3. Disclosure of data
We will not disclose your personal data to third parties for any purposes other than those listed below. We will only disclose your personal data to third parties if…
· … you have given your explicit consent (point (a) of Art. 6 (1) GDPR);
· … the disclosure of such information is necessary for the establishment, exercise or defence of legal claims and we have no reason to believe that you have an overriding legitimate interest in the non-disclosure of your data (point (f) of Art. 6 (1) GDPR);
· … we are legally obliged to disclose the information (point (c) of Art. 6 (1) GDPR); and
· … this is legally permissible and necessary for the performance of a contract with you (point (b) of Art. 6 (1) GDPR).
We assure that your data will only ever be disclosed in accordance with the legal requirements and will only be passed on to third parties for the purposes mentioned above. In addition, we will take appropriate measures and carry out regular checks to ensure that the data we collect cannot be accessed or intercepted by external third parties.
4. Links from our partners
Our website contains links to external websites operated by our partners and other third parties; we have no control over the content of such websites. Clicking on the logo of a third-party provider will take you to their website. We cannot assume liability for any third-party content. The respective provider or operator of the linked pages is responsible for their content. We checked the pages for legal violations when creating the links and did not find any unlawful content. If we become aware of any legal violations, we will immediately remove the offending link.
Cookies are automatically enabled by most browsers. However, you can configure your browser to prevent cookies from being saved on your computer or to notify you whenever a new cookie is about to be created. If you fully disable cookies, however, you may not be able to use all the features of our website.
6. Third-party tools
We use the analysis and tracking measures listed below on the basis of point (f) of Art. 6 (1) GDPR. We use these tools to constantly optimise our website and make sure it meets our users’ needs. On the other hand, we use the tools to statistically record and evaluate the use of our website, so that we can optimise it for our users. This constitutes our “legitimate interest”, as defined in the GDPR. In accordance with Art. 28 GDPR, we have concluded a data processing agreement with every third-party provider who processes personal data for us.
a) Google reCAPTCHA
This website uses Google reCaptcha (“reCAPTCHA”), a web analysis tool provided by Google (https://about.google/intl/de/): Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043).
The purpose of reCAPTCHA is to check whether data has been entered on our website by a person or an automated programme. To do this, reCaptcha will analyse your behaviour based on various characteristics. This analysis will begin automatically as soon as you access our website. The data evaluated by reCAPTCHA will include:
· Your IP address;
· The amount of time you spend on our website;
· Your mouse movements on our website
The data collected will be sent to Google. The legal basis for data processing is point (f) of Art. 6 (1) GDPR. For more information on data protection in relation to reCAPTCHA, please refer to the following website: https://policies.google.com/privacy.
This website uses Hotjar, a web analysis tool provided by Hotjar Ltd. (https://www.hotjar.com/about-us/): Dragonara Business Centre, 5th Floor, Dragonara Road, Paceville St Julian’s STJ 3141, Malta. If you visit our website, Hotjar will use a combination of various analysis and feedback tools to evaluate your behaviour and feedback. Hotjar will send us reports and visual representations to show us how you have used our website. Your personal data will be analysed by automated means and will not be stored on Hotjar’s servers at any time.
The data processed by Hotjar will include:
· Your IP address;
· Information about your device;
· Your screen resolution;
· Your operating system;
· Your clicks;
· Your mouse movements;
· Your geographical data;
· The length of your stay
For more information on data protection in relation to Hotjar, please refer to the following website: https://www.hotjar.com/legal/policies/privacy/.
c) Google Analytics
In the interest of constantly optimising our website and tailoring it to users’ needs, we use Google Analytics, a web analysis service provided by Google (https://about.google/intl/de/): Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043).
The reports generated by this service enable us to see how our website is being used and adapt our website to our users’ needs.
If you visit our website, the following data will be generated and collected:
· Your browser (incl. version);
· Your operating system;
· The time you spend on our website;
· The referrer URL;
· Your IP address
As IP anonymisation has been enabled for this service on our website, your IP address will first be truncated within member states of the European Union and the European Economic Area. Only in exceptional cases will your IP address first be transferred to a server in the USA and then truncated there.
The data collected in this way will not be merged with any other data collected by Google services. You can find more information on how the programme works here:
Google Analytics will save its own cookies on your device, and these cookies will usually transfer the collected data to a server in the USA and save it there.
If you would like to disable such cookies, you can install the relevant browser plug-in here: https://tools.google.com/dlpage/gaoptout?hl=de (or insert relevant hyperlink).
If you do not want your data to be collected by Google Analytics in any way, you can install an opt-out cookie via the following link to prevent your information from being collected in the future.
7. Social media plug-ins
Our website features external links that allow you to share content on social media or by email. We do this using social bookmarks. These are buttons that can be recognised by the logo of the social network in question. The plug-in will establish a connection between your browser and the servers of the respective provider. If you use these social bookmarks, you will usually be redirected to the provider’s website and the relevant user information will be disclosed.
If you would like to share our content and you are logged in to your account with one of these social networks while using our website, this information will be matched to your account. Your IP address may also be collected. As the operator of this website, we have no control over the data that may be sent to social network servers by such plug-ins.
8. Other features
Our website also features Google Maps and YouTube, a video streaming service provided by Google (https://about.google/intl/de/): Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043).
Some of the data processed by Google Maps may include IP addresses and location data; however, this data will not be collected without your consent (usually based on your device settings).
9. Your rights / rights of data subjects
Needless to say, you have rights with regard to the collection of your data. In accordance with the applicable laws, we are obliged to inform you about your rights. You can exercise and enforce your rights free of charge.
You have the right…
· … to request access to the personal data we are processing on you (Art. 15 GDPR). You may particularly request information on: the purposes of the processing; the categories of personal data concerned; the categories of recipient to whom your personal data has or will be disclosed; the envisaged storage period; whether you have the right to request the rectification or erasure of your personal data or the restriction of processing or to object to such processing; whether you have the right to lodge a complaint; the source of any data not provided by yourself, and whether we carry out automated decision-making, including profiling, and meaningful information about any such processes;
· … to request the immediate rectification of any incorrect data or the immediate supplementation of any incomplete data we hold on you (Art. 16 GDPR);
· … to request the deletion of any personal data we hold on you (Art. 17 GDPR), unless our processing is necessary to exercise freedom of expression and information, to comply with a legal obligation, for reasons of public interest, or for the establishment, exercise or defence of legal claims;
· … to request the restriction of the processing of your personal data (Art. 18 GDPR) if you contest its accuracy, if the processing is unlawful but you oppose the deletion of your data, if we no longer need your data but you require it for the establishment, exercise or defence of legal claims, or if you have objected to processing in accordance with Art. 21 GDPR;
· … to receive any personal data you have provided to us in a structured, commonly used and machine-readable format, or to have this data transferred to another controller (Art. 20 GDPR);
· … to withdraw any consent you have previously given us (Art. 7 (3) GDPR); we will then be prohibited from continuing any data processing performed on the basis of your consent; and
· … to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR). You can usually do this by contacting the supervisory authority in your habitual place of residence or at our place of business.
If your personal data is being processed on the basis of our legitimate interests pursuant to point (f) of Art. 6 (1) GDPR, you are entitled to object to the processing of your personal data, provided your reasons for doing so relate to your particular situation or your objection concerns direct marketing (Art. 21 GDPR). If the latter is the case, you have a general right to object, and we will honour your right without you having to name a specific situation. If you would like to exercise your right to object or withdraw your consent, you just have to send an email to email@example.com.
10. Data security
Whenever you visit our website, we will use the widespread SSL / TSL protocol (Secure Sockets Layer / Transport Layer Security) and the highest level of encryption supported by your browser. This is usually 256-bit encryption. If your browser does not support 256-bit encryption, we will use 128-bit v3 technology instead. You can tell whether a page on our website is transmitted in an encrypted form by the closed key or padlock symbol in the lower status bar of your browser. We will also take the appropriate technical and organisational security measures to prevent your data from being accidentally or deliberately manipulated, fully or partially lost, destroyed or accessed by unauthorised third parties. Our safety measures are constantly being improved in line with technical developments.
Subscribe to the TAUTROPFEN Newsletter!
Back to the shop
+ rich and can help be reconstructive
+ Cupuaçu butter, wild rose oil, almond oil and jojoba oil can help to retain moisture in the skin
+ recommended as day and night care, especially for the cooler season
+ absorbs quickly
Gentle facial cream for sensitive and easily irritated skin
SUMMER SALE / ROSE SOOTHING SOLUTIONS
+ refreshes and helps regenerate
+ awakens "tired eyes"
+ Vegan botanical hyaluronic acid from tremella fuciformis sporocarp extract helps protect the skin. It remains firm and supple and thus helps work against wrinkle formation.
Reviving anti-wrinkle eye firming fluid for tired eyes
SUMMER SALE / HYALURON PRO YOUTH SOLUTIONS