Privacy Policy

Data privacy policy of Bella&Bona GmbH

Thank you for your interest in our company. We take data protection seriously.

In principle, you can use our website without providing any personal data. If a person concerned wishes to use the services of our company via our website, it may be necessary to process personal data. If it is necessary to process personal data and there is no legal basis for such processing, we always obtain the consent of the person concerned.

The processing of personal data (e.g. name, address, e-mail address or telephone number of a data subject) is always carried out in accordance with the Basic Data Protection Regulation (DSGVO) and in compliance with the country-specific data protection regulations applicable to us.

With the following data protection declaration we would like to inform the public about the type, scope and purpose of the personal data collected, used and processed by us. This data protection declaration also informs affected persons about their rights.

As data controllers, we have implemented numerous technical and organisational measures to ensure that the personal data processed via our website is protected as completely as possible. However, data transmissions via the Internet can generally contain security gaps. Therefore, a 100 % protection cannot be guaranteed. For this reason, every person concerned can, of course, alternatively provide us with personal data, e.g. by telephone.

1. Definitions

This data protection declaration is based on the definitions used by the European legislator when the DSGVO was adopted (Article 4 DSGVO). This data protection declaration should be both easy to read and easy to understand for every person. To ensure this, we would first like to explain the terms used. These definitions are used in this data protection declaration, among others:

personal data shall mean any information relating to an identified or identifiable natural person (hereinafter referred to as "data        subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, on-line identification, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person

data subject shall mean any identified or identifiable natural person whose personal data are processed by the controller

processing shall mean any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organisation, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;

limitation of processing means the marking of stored personal data with a view to limiting their processing in the future;

profiling means any automated processing of personal data consisting in the use of such personal data to evaluate certain personal aspects relating to a natural person, in particular with a view to analysing or predicting aspects relating to the performance of work, economic situation, health, personal preferences, interests, reliability, conduct, location or movement of that natural person

responsible person shall mean the natural or legal person, public authority, agency or any other body which alone or jointly with others determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or national law, provision may be made for the controller or the specific criteria for his or her designation in accordance with Union or national law

recipient shall mean any natural or legal person, public authority, agency or any other body to whom personal data are disclosed, whether or not a third party. However, authorities which may receive personal data in the context of a specific investigation task under Union or national law shall not be considered as recipients; the processing of such data by those authorities shall be carried out in accordance with the applicable data protection rules and in accordance with the purposes of the processing;

third party means any natural or legal person, public authority, agency or any other body other than the data subject, the controller, the processor and the persons who, under the direct authority of the controller or the processor, are authorized to process the personal data

consent of the data subject means any freely given specific, informed and unequivocal expression of his or her wishes in the form of a statement or any other unequivocal affirmative act by which the data subject signifies his or her agreement to the processing of personal data relating to him or her.

2. Name and contact details of the person

This privacy policy applies to data processing by:

Responsible: Bella&Bona GmbH, represented by the managing director Mr Matteo Cricco and Niccolò Lapini, Kapellenstraße 12, 85622 Feldkirchen, Email: tech@bellabona.com, Tel: +49 151-54079664

  1. Collection and storage of personal data and the nature and purpose of their use

a) When visiting the website

You can use our website without disclosing your identity. When you call up our website, information is automatically sent to the server of our website by the browser used on your terminal device. This information is temporarily stored in a so-called log file. The following information is recorded without your intervention and stored until it is automatically deleted:

  • IP address of the requesting computer,
  • Date and time of access,
  • Name and URL of the retrieved file,
  • Website from which the access takes place (referrer URL),
  • the browser used and, if applicable, the operating system of your computer and the name of your access provider.

The above-mentioned data will be processed by us for the following purposes:

  • To ensure a smooth connection of the website,
  • Guarantee a comfortable use of our website,
  • Evaluation of system security and stability and
  • for other administrative purposes.

The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f DSGVO. Our legitimate interest follows from the above-mentioned purposes for data collection. Under no circumstances do we use the data collected for the purpose of drawing conclusions about your person.

Furthermore, we use cookies and analysis services when you visit my website. You will find more detailed explanations on this under points 5 and 7 of this data protection declaration.

b) When using our contact form

For questions of any kind, we offer you the possibility to contact us via a form provided on our website. In order to do so, it is necessary to enter a valid e-mail address so that we know who the enquiry comes from and can answer it. Further information can be given voluntarily.

It is your free decision whether you wish to enter this data in the contact form.

The data processing for the purpose of contacting us is carried out in accordance with Art. 6 Para. 1 S. 1 lit. a DSGVO on the basis of your voluntarily given consent.

The personal data collected by us for the use of the contact form will be automatically deleted after completion of your request.

c) For orders via our website

You can either place orders via our website as a guest without registering, or register in our shop as a customer for future orders. Registration has the advantage for you that you can log in to our shop directly with your e-mail address and password in the event of a future order without having to enter your contact details again.

Your personal data will be entered into an input mask and transmitted to us and stored. If you place an order via our website, we collect the following data both in the case of a guest order and in the case of a registration in the shop:

  • Salutation, first name, last name
  • a valid e-mail address
  • Address
  • Telephone number (fixed network and/or mobile)

The collection of this data is carried out,

  • to be able to identify you as our customer
  • to be able to process, fulfil and handle your order
  • to correspond with you
  • for billing purposes
  • to process any liability claims that may exist and to assert any claims against you
  • to ensure the technical administration of our website
  • to manage our customer data

During the ordering process, your consent to the processing of this data is obtained.

The data processing is carried out upon your order and/or registration and is required in accordance with Art. 6 Para. 1 S. 1 lit. b DSGVO for the aforementioned purposes for the appropriate processing of your order and for the mutual fulfilment of obligations arising from the purchase contract.

The personal data collected by us for the processing of your order will be stored until the expiry of the statutory storage obligation and deleted thereafter, unless we are obliged to store the data for a longer period of time in accordance with Article 6 Paragraph 1 S. 1 lit. c DSGVO due to tax and commercial law storage and documentation obligations (from HGB, StGB or AO) or you have consented to storage beyond this in accordance with Article 6 Paragraph 1 S. 1 lit. a DSGVO.

3. Transfer of data

Your personal data will be passed on by us to third parties exclusively to the service partners involved in the execution of the contract, such as the logistics company commissioned with the delivery and the credit institute commissioned with payment matters. In cases where your personal data is passed on to third parties, the amount of data transmitted is limited to the necessary minimum.

In the case of payment via PayPal, credit card via PayPal, direct debit via PayPal or "purchase on account" via PayPal, we will pass on your payment data to PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter referred to as "PayPal") within the scope of payment processing. PayPal reserves the right to carry out a credit check for the payment methods credit card via PayPal, direct debit via PayPal or "purchase on account" via PayPal. The result of the credit assessment with regard to the statistical probability of non-payment shall be used by PayPal for the purpose of deciding whether to provide the respective payment method. The credit report may contain probability values (so-called score values). If score values are included in the result of the credit report, they are based on a scientifically recognized mathematical-statistical procedure. Among other things, address data is included in the calculation of the score values. You can find further information on data protection law in the PayPal data protection principles: https://www.paypal.com/de/webapps/mpp/ua/privacy-full

Your personal data will not be transferred to third parties for purposes other than those mentioned above.

We will also only pass on your personal data to third parties if:

you have given your express consent in accordance with Art. 6 para. 1 sentence 1 lit. a DSGVO,the disclosure pursuant to Art. 6 para. 1 sentence 1 lit. f DSGVO is necessary for the assertion, exercise or defence of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data,in the event that there is a legal obligation to pass on the data in accordance with Art. 6 para. 1 sentence 1 lit. c DSGVO, andthis is legally permissible and required for the processing of contractual relationships with you in accordance with Art. 6 Para. 1 S. 1 lit. b DSGVO.

During the ordering process, your consent to the transfer of your data to third parties will be obtained.

4. Use of cookies

We use cookies on our website. These are small files that are automatically created by your browser and stored on your end device (laptop, tablet, smartphone or similar) when you visit our website. Cookies do not cause any damage to your terminal device, do not contain viruses, Trojans or other malware.

Information is stored in the cookie that is related to the specific terminal device used. This does not mean, however, that we are immediately informed of your identity.

The use of cookies serves on the one hand to make the use of our offer more pleasant for you. For example, we use so-called session cookies to recognize that you have already visited individual pages of our website. These are automatically deleted when you leave our site.

In addition, we also use temporary cookies to optimise user-friendliness, which are stored on your end device for a certain defined period of time. If you visit our site again to make use of our services, it is automatically recognised that you have already been with us and which entries and settings you have made so that you do not have to enter them again.

On the other hand, we use cookies in order to statistically record the use of our website and to evaluate it for the purpose of optimising our offer for you (see item 7). These cookies enable us to automatically recognize that you have already been with us when you visit our site again. These cookies are automatically deleted after a defined period of time.

The data processed by cookies is required for the above-mentioned purposes to protect our legitimate interests and those of third parties in accordance with Art. 6 Para. 1 S. 1 lit. f DSGVO.

Most browsers automatically accept cookies. However, you can configure your browser so that no cookies are stored on your computer or so that a message always appears before a new cookie is created. However, completely deactivating cookies may mean that you cannot use all the functions of our website.

5. Links to websites of third parties

The links published on our website are researched and compiled by us with the greatest possible care. However, we have no influence on the current and future design and content of the linked pages. We are not responsible for the content of the linked pages and expressly do not adopt the content of these pages as our own. For illegal, incorrect or incomplete contents as well as for damages resulting from the use or non-use of the information, only the provider of the linked website is liable. The liability of the person who merely refers to the publication by a link is excluded. We are only responsible for external references if we have positive knowledge of them, i.e. also of possible illegal or criminal content, and if it is technically possible and reasonable for us to prevent their use.

6. Analysis and tracking tools

The tracking measures listed below and used by us are carried out on the basis of Art. 6 para. 1 sentence 1 lit. f DSGVO. With the tracking measures used, we want to ensure that our website is designed to meet the needs of our customers and is continuously optimised. On the other hand, we use the tracking measures to record the use of our website statistically and evaluate it for the purpose of optimising our offer for you. These interests are to be regarded as justified in the sense of the aforementioned regulation.

The respective data processing purposes and data categories can be taken from the corresponding tracking tools.

a) Google Analytics

For the purpose of designing and continuously optimizing our pages according to your needs, we use Google Analytics, a web analysis service of Google Inc. (https://www.google.de/intl/de/about/) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter "Google"). In this context, pseudonymised user profiles are created and cookies (see section 5) are used. The information generated by the cookie about your use of this website such as

  • Browser type/version
  • the operating system used
  • Referrer URL (the previously visited page)
  • Host name of the accessing computer (IP address)
  • Time of the server request

are transmitted to a Google server in the USA and stored there. The information is used to evaluate the use of the website, to compile reports on the website activities and to provide further services associated with the use of the website and the Internet for the purposes of market research and demand-oriented design of these Internet pages. This information may also be transferred to third parties where required by law or where third parties process this data on our behalf. Under no circumstances will your IP address be merged with other data from Google. The IP addresses are made anonymous, so that an assignment is not possible (IP masking).

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of our website.

You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=de).

As an alternative to the browser add-on, especially for browsers on mobile devices, you can also prevent Google Analytics from collecting the data by clicking on the above link. An opt-out cookie will be set to prevent the future collection of your data when you visit our website. The opt-out cookie is only valid in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you will have to set the opt-out cookie again.

Further information on data protection in connection with Google Analytics can be found under the following link in the Google Analytics help: https://support.google.com/analytics/answer/6004245?hl=de

b) Google Adwords Conversion Tracking

In order to statistically record the use of our website and evaluate it for the purpose of optimizing our website for you, we also use Google Conversion Tracking. Google Adwords sets a cookie (see point 5) on your computer if you have reached our website via a Google ad.

These cookies lose their validity after 30 days and are not used for personal identification. If the user visits certain pages of the Adwords client's website and the cookie has not yet expired, Google and the client can recognize that the user clicked on the ad and was redirected to that page.

Each Adwords client receives a different cookie. As a result, cookies cannot be tracked on the websites of Adwords customers. The information collected using the conversion cookie is used to generate conversion statistics for Adwords customers who have opted for conversion tracking. Adwords advertisers know the total number of users who have clicked on their ad and been redirected to a page with a conversion tracking tag. However, they do not receive any information that can be used to personally identify users.

If you do not wish to participate in the tracking process, you may refuse to accept cookies, for example, by changing your browser setting to disable automatic cookies. You can also disable cookies for conversion tracking by setting your browser to block cookies from the domain "www.googleadservices.com". Google's privacy policy on conversion tracking can be found under the following link: https://services.google.com/sitestats/de.html

7. Social media plugins

We use social plugins of social networks (e.g. Facebook, Twitter, Google+) on our website on the basis of Art. 6 Para. 1 S. 1 lit. f DSGVO in order to make our company better known. The advertising purpose behind this is to be regarded as a legitimate interest within the meaning of the DSGVO. The responsibility for data protection compliant operation is to be guaranteed by their respective providers. The integration of these plugins by us is done by the so-called two-click method to protect visitors of our website in the best possible way.

a) Facebook

On our website, social media plugins from Facebook are used to make their use more personal. For this we use the "LIKE" or "SHARE" button. This is an offer from Facebook.

If you call up a page of our website that contains such a plugin, your browser establishes a direct connection with the Facebook servers. The content of the plugin is transmitted by Facebook directly to your browser and integrated into the website by it.

Through the integration of the plugin, Facebook receives the information that your browser has called up the corresponding page of our website, even if you do not have a Facebook account or are not currently logged in to Facebook. This information (including your IP address) is transmitted by your browser directly to a Facebook server in the USA and stored there.

If you are logged in to Facebook, Facebook can assign your visit to our website directly to your Facebook account. If you interact with the plugins, for example by clicking the "LIKE" or "SHARE" button, the corresponding information is also transmitted directly to a Facebook server and stored there. The information is also published on Facebook for everyone to see.

Facebook may use this information for the purposes of advertising, market research and the design of Facebook pages to meet the needs of the user. For this purpose, Facebook creates usage, interest and relationship profiles, e.g. to evaluate your use of our website with regard to the advertisements shown to you on Facebook, to inform other Facebook users about your activities on our website and to provide other services associated with the use of Facebook.

If you do not want Facebook to assign the data collected via our website to your Facebook account, you must log out of Facebook before visiting my website.

For the purpose and scope of data collection and the further processing and use of data by Facebook, as well as your rights in this regard and setting options for protecting your privacy, please refer to the data protection information, in particular the Facebook data policy, which you can view under the following link: https://www.facebook.com/about/privacy/

b) Twitter

On our website you will find plugins of the short message network of Twitter Inc. (Twitter) are integrated on our website. You can recognize the Twitter plugins (tweet button) by the Twitter logo on our site. An overview of tweet buttons can be found under this link on Twitter: https://dev.twitter.com/web/tweet-button

If you call up a page on our website that contains such a plugin, a direct connection is established between your browser and the Twitter server. Twitter thereby receives the information that you have visited our site with your IP address. If you click the Twitter "tweet button" while you are logged in to your Twitter account, you can link the contents of our pages on your Twitter profile. This allows Twitter to associate your visit to our pages with your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Twitter.

If you do not want Twitter to be able to link your visit to our pages, please log out of your Twitter user account.

Further information on this can be found in the Twitter privacy policy, which can be viewed here: https://twitter.com/de/privacy

c) Google "+1" button

Our website uses the "+1" button of the social network Google, which is operated by Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043-1351, USA. The button is marked with a "+1".

The "+1" button is an abbreviation for "this is pretty cool" or "check it out". The button is not used to record your visits to the web.

If a web page on our site contains the "+1" button, your web browser will load and display this button from the Google server. The website of our internet presence that you visit is automatically reported to the Google server. When displaying a +1 button, Google does not permanently log your browsing history, but only for a period of up to two weeks.

Google stores this data about your visit for this period for system maintenance and troubleshooting purposes. However, this data is not structured by individual profiles, usernames or URLs. Nor is this information available to website publishers or advertisers. This information is used only for maintenance and troubleshooting purposes in Google's internal systems. Your visit to a page with a +1 button is not evaluated in any other way by Google.

There will be no further evaluation of your visit to a page of our website with a "+1" button.

The assignment of +1 itself is a public process, i.e. anyone who performs a Google search or calls up content on the web to which you give +1 can potentially see that you have given the content in question a +1. So only give +1 if you're sure you want to share this recommendation with the world.

A click on this +1 button will serve as a recommendation to other users in Google's search results. You can publicly say that you like our website, that you approve of our website or that you can recommend our website. If you have registered for Google+ and are logged in, the +1 button turns blue when you click it. The +1 will also be added to the +1 tab in your Google profile. On this tab you can manage your +1 and decide if you want to make the +1 tab public.

In order to store and make your +1 recommendation public, Google collects information from your profile about the URL you recommend, your IP address and other browser-related information. If you opt out of your +1, this information is deleted. All of your +1 referrals are listed on the +1 tab in your profile.

For more information and Google's applicable privacy policy, please visit https://www.google.de/intl/de/policies/privacy/. For more Google's advice on the Google+1 button, please visit https://developers.google.com/+/web/buttons-policy

d) Facebook pixel privacy policy

We use the Facebook pixel of Facebook on our website. We have implemented a code for this on our website. The Facebook pixel is an excerpt from JavaScript code that loads a collection of functions that Facebook can use to track your user actions, provided you came to our website via Facebook ads. For example, when you purchase a product on our website, the Facebook pixel is triggered and stores your actions on our website in one or more cookies. These cookies enable Facebook to compare your user data (customer data such as IP address, user ID) with the data of your Facebook account. Then Facebook deletes this data again. The collected data is anonymous and not visible to us and can only be used for advertising purposes. If you yourself are a Facebook user and are logged in, your visit to our website is automatically assigned to your Facebook user account.

We only want to show our services or products to people who are really interested in them. With the help of Facebook pixels, our advertising measures can be better tailored to your wishes and interests. This way, Facebook users (if they have allowed personalized advertising) get to see suitable advertisements. Furthermore, Facebook uses the collected data for analysis purposes and its own advertisements.

In the following, we show you those cookies that were set by integrating Facebook pixels on a test page. Please note that these are only sample cookies. Different cookies are set depending on the interaction on our website.

Note: The cookies mentioned above refer to individual user behavior. Especially when using cookies, changes in Facebook can never be excluded.

If you are logged in to Facebook, you can change your settings for advertisements at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen yourself. If you are not a Facebook user, you can basically manage your usage-based online advertising at http://www.youronlinechoices.com/de/praferenzmanagement/. There you have the possibility to deactivate or activate providers.

If you would like to learn more about Facebook's privacy policy, we recommend that you review the company's own data policies at https://www.facebook.com/policy.php.

e) Google Tag Manager Privacy Policy

For our website we use the Google Tag Manager of the company Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA). This Tag Manager is one of many helpful marketing products from Google. The Google Tag Manager allows us to centrally install and manage code sections of various tracking tools that we use on our website.

The Google Tag Manager itself does not set any cookies, but manages tags of different tracking websites. In our privacy policy for each tracking tool, you will find detailed information on how to delete or manage your data.

Google is an active participant in the EU-U.S. Privacy Shield Framework, which regulates the correct and secure transfer of personal data. You can find more information about this at https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&tid=311141658. If you want to learn more about the Google Tag Manager, we recommend the FAQs at https://www.google.com/intl/de/tagmanager/faq.html.

f) Newsletter Privacy Policy

When you register for our newsletter, you provide us with the personal data mentioned above and give us the right to contact you by e-mail. We use the data stored during the registration for the newsletter exclusively for our newsletter and do not pass them on.

If you unsubscribe from our newsletter - you will find the link for this at the bottom of every newsletter - we will delete all data stored with the registration for the newsletter.

g) MailChimp privacy policy

Like many other websites we use the services of the newsletter company MailChimp on our site. The operator of MailChimp is The Rocket Science Group, LLC, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308 USA. Thanks to MailChimp, we can send you interesting news very easily via newsletter. With MailChimp we do not need to install anything and can still draw from a pool of really useful functions. The newsletter is then displayed on a MailChimp website. MailChimp also uses cookies (small text files that store data on your browser) on your own web pages. Personal data can be processed by MailChimp and its partners (e.g. Google Analytics). This data collection is the responsibility of MailChimp and we have no influence on it. In the "Cookie Statement" of MailChimp (under: https://mailchimp.com/legal/cookies/) you can read exactly how and why the company uses cookies.

h) Cloudflare privacy policy

We use on this website Cloudflare of the company Cloudflare, Inc. (101 Townsend St., San Francisco, CA 94107, USA) to make our website faster and more secure. Cloudflare uses cookies and processes user data. Cloudflare, Inc. is an American company that provides a content delivery network and various security services. These services are located between the user and our hosting provider and act as a reverse proxy for websites. Cloudflare is an active participant in the EU-U.S. Privacy Shield Framework which regulates the correct and secure transfer of personal data. You can find more information about this on https://www.privacyshield.gov/participant?id=a2zt0000000GnZKAA0.

More information about data protection at Cloudflare can be found on https://www.cloudflare.com/de-de/privacypolicy/.

i) LinkedIn Privacy Policy

On our website we use social plug-ins from the social media network LinkedIn, from the company LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. The social plug-ins may be feeds, content sharing or linking to our LinkedIn site. The social plug-ins are clearly marked with the well-known LinkedIn logo and allow, for example, to share interesting content directly through our website. For the European Economic Area and Switzerland, LinkedIn Ireland Unlimited Company Wilton Place in Dublin is responsible for data processing.

j) Google reCAPTCHA Privacy Policy

Our primary goal is to ensure that our website is as safe and secure as possible for you and for us. To ensure this, we use Google reCAPTCHA from Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA). With reCAPTCHA we can determine whether you are really a flesh and blood human being and not a robot or other spam software. By spam, we mean any unsolicited information sent to us electronically. With the classic CAPTCHAS, you usually had to solve text or image puzzles to check it. With Google's reCAPTCHA we usually do not have to bother you with such puzzles.

If you do not want any data about you or your behaviour to be transmitted to Google, you must log out completely from Google and delete all Google cookies before you visit our website or use the reCAPTCHA software. In principle, the data is automatically transmitted to Google as soon as you visit our website. To delete this data again, you must contact Google support at https://support.google.com/?hl=de&tid=311141658.

So when you use our website, you agree that Google LLC and its representatives automatically collect, process and use data.

You can find out more about reCAPTCHA on Google's web development page at https://developers.google.com/recaptcha/. Google will go into more detail about the technical development of reCAPTCHA, but you will not find detailed information about data storage and data protection issues there. A good overview of the basic use of data at Google can be found in the company's own privacy policy at https://www.google.com/intl/de/policies/privacy/.

8. Rights of data subjects

You have the right:

to request information about your personal data processed by us in accordance with Art. 15 DSGVO. In particular, you may request information on the purposes of the processing, the category of personal data, the categories of recipients to whom your data have been or will be disclosed, the planned duration of storage, the existence of a right of rectification, cancellation, restriction of processing or opposition, the existence of a right of appeal, the origin of your data, if not collected from me, as well as the existence of automated decision making including profiling and, if applicable, meaningful information on the details thereof;

in accordance with Art. 16 DSGVO, to demand without delay the correction of incorrect or incomplete personal data stored by us;pursuant to Art. 17 DSGVO to demand the deletion of your personal data stored with us, unless processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;

pursuant to Art. 18 DSGVO, to demand the restriction of the processing of your personal data, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you refuse to delete it and we no longer require the data, but you require it for the assertion, exercise or defence of legal claims or you have lodged an objection to the processing pursuant to Art. 21 DSGVO;in accordance with Art. 20 DSGVO, to receive your personal data that you have provided us with in a structured, common and machine-readable format or to request that it be transferred to another responsible party;

in accordance with Art. 7 para. 3 DSGVO, to revoke your consent to us at any time. As a result, we may no longer continue data processing based on this consent in the future andto complain to a supervisory authority in accordance with Art. 77 DSGVO As a rule, you can turn to the supervisory authority of your usual place of residence or workplace or to our head office.

9. Right of objection

If your personal data are processed on the basis of legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f DSGVO, you have the right to object to the processing of your personal data pursuant to Art. 21 DSGVO, if there are reasons for doing so that arise from your particular situation or if the objection is directed against direct advertising. In the latter case, you have a general right of objection, which will be implemented by us without indicating a special situation.

If you wish to exercise your right of revocation or objection, simply send an e-mail to: tech@bellabona.com

10. Data security

We use the common SSL (Secure Socket Layer) method in connection with the highest encryption level supported by your browser. As a rule, this is a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is being transmitted in encrypted form by the closed display of the key or lock symbol in the lower status bar of your browser.

We also use suitable technical and organisational security measures to protect your data against accidental or deliberate manipulation, partial or complete loss, destruction or unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.

11. Topicality and amendment of this data protection declaration

This privacy policy is currently valid and has the status Jan. 2020.It may become necessary to amend this data protection declaration as a result of the further development of our website and offers above or due to changes in legal or official requirements. The current data protection declaration can be viewed at any time on our website.