Who we are
Our website address is: https://paolinatural.com.
The protection of your personal data is very important to us. We therefore process your data exclusively on the basis of the statutory provisions (DSGVO, TKG 2003). In this data protection information, we inform you about the most important aspects of data processing on our website.
Contact us
If you contact us using the form on the website or by email (contact@paolinatural.com, shop@paolinatural.com), the data you provide will be stored by us for six months in order to process the request and in the event of follow-up questions. We do not pass on this data without your consent.
What personal data we collect and why we collect it
Data storage
We would like to point out that for the purpose of simplifying the shopping process and for later contract processing, the web shop operator stores the IP data of the subscriber as part of cookies, as well as the buyer’s name, address, email-address and credit card number.
The data you provide are required to fulfill the contract or to carry out pre-contractual measures. Without this data we cannot conclude the contract with you. There is no data transfer to third parties, with the exception of the transfer of the credit card data to the processing bank / payment service provider for the purpose of debiting the purchase price, to the transport company / shipping company commissioned by us to deliver the goods and to our tax advisor to fulfill our tax obligations.
After canceling the shopping process, the data stored by us will be deleted. If a contract is concluded, all data from the contractual relationship will be stored until the expiry of the tax retention period (7 years). The data name, address, purchased goods and date of purchase are also stored until the product liability expires (10 years). The data processing takes place on the basis of the legal provisions of § 96 Abs 3 TKG as well as Art 6 Abs 1 lit a (consent) and / or lit b (necessary to fulfill the contract) of the GDPR.
Comments
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.
Media
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
Instagram plug-in
We have integrated functions of the public media platform Instagram into this website. These functions are being offered by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
If you are logged into your Instagram account, you may click the Instagram button to link contents from this website to your Instagram profile. This enables Instagram to allocate your visit to this website to your user account. We have to point out that we as the provider of the website and its pages do not have any knowledge of the content of the data transferred and its use by Instagram.
Data are stored and analyzed on the basis of Art. 6 Sect. 1 lit. f GDPR. The website operator has a legitimate interest in the highest possible visibility on social media. If a respective declaration of consent has been obtained, the data will be processed exclusively on the basis of Art. 6 Sect. 1 lit. a DGDPR. Any such consent may be revoked at any time.
Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum, https://help.instagram.com/519522125107875 and https://de-de.facebook.com/help/566994660333381.
For more information on this subject, please consult Instagram’s Data Privacy Declaration at: https://instagram.com/about/legal/privacy/.
Cookies
Our website uses so-called cookies. These are small text files that are stored on your device with the help of the browser. They do no harm.
We use cookies to make our offer user-friendly. Some cookies remain stored on your device until you delete them. They enable us to recognize your browser the next time you visit.
If you do not want this, you can set up your browser so that it informs you about the setting of cookies and you only allow this in individual cases.
Deactivating cookies may restrict the functionality of our website.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
You have the right to information, correction, deletion, restriction, data portability, revocation and objection with regard to your data stored by us. If you believe that the processing of your data violates data protection law or your data protection claims have been violated in any other way, you can complain to us [contact@paolinatural.com] or the data protection authority.
Where we send your data
Visitor comments may be checked through an automated spam detection service.
Your contact information
Paoli Natural
Widholzgasse 4/39, 1110 Wien
00436764779966
contact@paolinatural.com
Google Analytics E-Commerce-Tracking
This website uses the “E-Commerce Tracking” function of Google Analytics. With the assistance of E-Commerce Tracking, the website operator is in a position to analyze the purchasing patterns of website visitors with the aim of improving the operator’s online marketing campaigns. In this context, information, such as the orders placed, the average order values, shipping costs and the time from viewing the product to making the purchasing decision are tracked. These data may be consolidated by Google under a transaction ID, which is allocated to the respective user or the user’s device.
We collect, process, and use personal data only to the extent necessary for the establishment, content organization or change of the legal relationship (data inventory). These actions are taken on the basis of Art. 6 Sect. 1 lit. b GDPR, which permits the processing of data for the fulfilment of a contract or pre-contractual actions. We collect, process and use personal data concerning the use of this website (usage data) only to the extent that this is necessary to make it possible for users to utilize the services and to bill for them.
The collected customer data shall be eradicated upon completion of the order or the termination of the business relationship. This shall be without prejudice to any statutory retention mandates.
Data transfer upon closing of contracts for online stores, retailers, and the shipment of merchandise
We share personal data with third parties only if this is necessary in conjunction with the handling of the contract; for instance, with companies entrusted with the shipment of goods or the financial institution tasked with the processing of payments. Any further transfer of data shall not occur or shall only occur if you have expressly consented to the transfer. Any sharing of your data with third parties in the absence of your express consent, for instance for advertising purposes, shall not occur.
The basis for the processing of data is Art. 6 Sect. 1 lit. b GDPR, which permits the processing of data for the fulfilment of a contract or for pre-contractual actions.Processing of data (customer and contract data)
We collect, process, and use personal data only to the extent necessary for the establishment, content organization or change of the legal relationship (data inventory). These actions are taken on the basis of Art. 6 Sect. 1 lit. b GDPR, which permits the processing of data for the fulfilment of a contract or pre-contractual actions. We collect, process and use personal data concerning the use of this website (usage data) only to the extent that this is necessary to make it possible for users to utilize the services and to bill for them.
The collected customer data shall be eradicated upon completion of the order or the termination of the business relationship. This shall be without prejudice to any statutory retention mandates.
Payment services
We integrate payment services of third-party companies on our website. When you make a purchase from us, your payment data (e.g. name, payment amount, bank account details, credit card number) are processed by the payment service provider for the purpose of payment processing. For these transactions, the respective contractual and data protection provisions of the respective providers apply. The use of the payment service providers is based on Art. 6(1)(b) GDPR (contract processing) and in the interest of a smooth, convenient, and secure payment transaction (Art. 6(1)(f) GDPR). Insofar as your consent is requested for certain actions, Art. 6(1)(a) GDPR is the legal basis for data processing; consent may be revoked at any time for the future.
PayPal
We use the following payment services / payment service providers within the scope of this website:
The provider of this payment service is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter “PayPal”).
Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.paypal.com/de/webapps/mpp/ua/pocpsa-full.
Details can be found in PayPal’s privacy policy: https://www.paypal.com/de/webapps/mpp/ua/privacy-full.