Privacy Policy

Privacy Policy
This site uses cookies, both ours and those from third parties, to provide you with a quality user experience, measure the audience, and show you personalized ads. By using curadelight.com, you consent to our use of this technology. To learn more about cookies and how to manage them, please refer to our privacy policy.

Definitions

• Personal Data: Any information relating to an identified or identifiable natural person, directly or indirectly.
• Processing of Personal Data: Any operation, or set of operations, performed on such data, regardless of the method used (collection, recording, organization, storage, adaptation, modification, extraction, consultation, use, communication by transmission, dissemination, or any other form of availability, reconciliation, or interconnection, locking, erasure, or destruction, etc.).
• Cookie: A cookie is a small computer file, a tracker, placed and read when visiting a website, reading an email, or using software or a mobile application, regardless of the type of device used (computer, smartphone, e-reader, video game console connected to the internet, etc.).

Our Privacy Policy
In this data protection policy, we inform you about the processing of your personal data when using our website.
Personal data refers to information that can identify a person. These data include, for example, details that help identify you, such as your name, phone number, postal or email address.
Statistical data we collect, such as when you visit our site and cannot be linked to your identity, are not considered personal data.
You can print or save (e.g., as a PDF file) this personal data protection policy using your browser’s usual functionality.

What Data is Collected?
When you use our website, we collect the data that your browser automatically transmits to allow your visit. This includes:

• The IP address of the device accessing the site,
• The date and time of the visit,
• The address of the website being visited and the user,
• Technical information about the browser and the operating system of the device.

The processing of this data is necessary to allow you to visit the site and ensure the security of our systems. The mentioned data is saved as described above, and temporarily in internal log files for statistical purposes regarding the use of our website and for further development based on visitor usage habits (e.g., when visits are increasingly made from mobile devices), as well as for the general administration of our website. The legal basis for this data processing is Article 6(1) b) f) DSGVO.
The information stored in log files does not allow us to make immediate conclusions about you. Specifically, we only store IP addresses in abbreviated form. The log files are retained for 30 days and then deleted.

What Types of Cookies Are Used?

• Session Cookies (as described above)
• Persistent Cookies: These allow websites to store your preferences for future visits. For example, if you choose to view the content in French during your first visit, the site will automatically display in French during your next visit. Not having to set your language preferences on each visit makes browsing more convenient, efficient, and intuitive.
• Advertising Cookies: These cookies may be used to understand your interests based on websites you visit or products you purchase. They also help us learn about your age, marital status, or number of children. This data allows us to send ads related to products or services that suit your preferences or needs and limit the frequency of these ads.
• Analytical Cookies: These cookies provide insights into how our sites are functioning. We mostly use Google Analytics cookies to assess the performance of our sites. Our ability to use and share information collected by Google Analytics regarding your visits is governed by Google Analytics' Terms of Service and Google's Privacy Policy.

What Other Technologies Are Used?

• Pixels: Also known as "tags," "web bugs," or "pixel gifs," pixels are small, invisible objects embedded in a webpage. We use pixels to send cookies to your computer, monitor our sites' activity, facilitate site logins, and manage our online marketing activities. Our promotional emails and newsletters also include pixels that tell us if the message was opened and how you interacted with it.

Why Are Cookies Used in Subscription Plans?
You have the option to register on our online store to access all features of our site and purchase products. You acknowledge that the mandatory data provided during registration or order processes (name, email address, password, payment information, and billing and shipping addresses) is essential to the execution of the contract. Therefore, we use cookies. The legal basis for this data processing is Article 6(1) b) DSGVO.

Are Cookies Used During Payment?
For orders in our online store, we offer payment by credit card. We collaborate with payment service providers, and we either receive or transmit your payment details to them. Without this payment information and payment service providers, processing payments and contracts would be impossible. The legal basis for this data processing is Article 6(1) b) DSGVO.
Our subcontractors to whom your personal data may be transmitted, if necessary, include:
– PAYPAL, online payment services company
– STRIPE, online payment services company
– MOLLIE, online payment services company

Throughout your browsing experience on the site, we use session cookies to remember your products when you visit. Websites don’t have memory, but session cookies help you navigate from page to page without having to re-enter information. These cookies are particularly useful when you add products to your cart—without them, your cart would be empty when you move to the checkout. These cookies are deleted once you leave the site or close your browser.

How Are Contact or Customer Service Data Used?

You have various ways to contact us (e.g., by email, chat). In this context, we use your contact details exclusively to communicate with you. We cannot communicate with you without this information. The legal basis for this data processing is Article 6 paragraph 1 S. 1 lit. b DSGVO.

Who else, apart from Curadelight, can access your data?

We use third-party providers. These providers will collect, use, and disclose your information only when necessary to properly use the services they enable us to operate. It is important to note that some of our providers have their own privacy policies (e.g., payment gateways). We encourage you to review their terms of use if you have additional questions.

Which third parties do we work with?

In addition to payment service providers, we primarily work with subcontractors:

• Shopify Inc. - Privacy Policy - Terms of Use
• Google - Privacy Policy - Terms of Use
• Meta - Privacy Policy - Terms of Use
• Pinterest - Privacy Policy - Terms of Use
• Logistics and Transportation

We use third-party applications very sparingly and make sure that non-essential elements for order processing are never disclosed.

Shopify Inc.

Curadelight's site is hosted on Shopify Inc. This platform allows us to sell our products and services online. Your personal data is stored in Shopify’s databases and on the Shopify application. This server is secure and protected by a firewall.

My personal data for payments on Shopify

When you purchase products on our Curadelight site and use a direct payment gateway, Shopify stores your credit card information. This information is encrypted according to the payment card industry's security standards (PCI-DSS). Information regarding your transaction is kept throughout the order process, until it is completed. Once your order is finalized, the transaction details are deleted.

What is the PCI-DSS standard?

This is a standard that protects all direct payment gateways. It is managed by the PCI Security Standards Council, which includes payment companies like Visa, MasterCard, American Express, and Discover. The PCI-DSS standard ensures the secure processing of credit card data used on our shop and other service providers. To learn more about Shopify, we recommend reviewing Shopify’s Terms of Use.

Google

How does Google use the information collected through websites or applications using their services?

Like many website and app owners, we use Google services to improve our content. Since we are integrated with their services, we share information with them.

How does it work?

For example, when you visit a website that uses advertising services like AdSense (including analytics tools like Google Analytics) or integrates video content from YouTube, your web browser automatically sends certain information to Google. This includes, for example, the URL of the page you are viewing and your IP address. Google may also place cookies in your browser or read those that are already present. Apps that use our advertising services also share information with us, such as the app’s name and a unique advertising identifier.

The information shared by websites and apps helps Google provide, manage, and improve our services, develop new ones, assess the effectiveness of advertising, protect against fraud and abuse, and personalize the content and ads displayed on Google and on the websites and apps of our partners. To learn more about how Google processes data in these situations, refer to their Privacy Policy. Visit the Advertising page to learn more about Google ads, how your information is used for advertising, and how long Google retains it.

Google’s Privacy Policy outlines the legal basis on which Google processes your information. For example, Google may process your data with your consent or on the basis of legitimate interests (typically, to provide, maintain, and improve our services to meet our users’ needs). Since our website provides information to Google about you, we ask for your consent before allowing Google to process this data. For instance, a banner may appear on our site asking for your consent to allow Google to process the information collected by this site. In this case, Google will follow the objectives described in the permission you have given to our site rather than the legal bases outlined in its Privacy Policy. If you wish to modify or revoke your consent, visit the personal data page on our site.

Ad Personalization

When ad personalization is enabled, Google uses your information to show you more relevant ads. For example, a website selling hairbrushes may use Google’s advertising services. So, if you visit our site and then go to another site displaying ads from Google, you might see an ad for hairbrushes. When ad personalization is disabled, Google does not collect or use any of your information to create an advertising profile or personalize the ads it shows you. You will still see ads, but they may not be as relevant. They may still be based on the theme of the website or app you are browsing, the search terms you used, or your geographic location. However, they will not take into account your interests, search history, or browsing history.

Google Analytics

Google Analytics, a service by Google LLC, uses cookies and similar technologies to analyze and improve our site based on your behavior as a user. Information collected may be sent to a Google server in the USA and stored there. In the case that personal data is transferred to the U.S., Google has submitted to the EU-U.S. Privacy Shield. Your IP address is shortened within Google Analytics, so it is impossible to identify you.

Google AdWords Conversion Tracking

Google Remarketing. These Google services (Google AdWords Conversion Tracking and Google Remarketing) also use cookies and similar technologies to measure the performance of ads (known as AdWords campaigns) and display personalized advertising messages on websites that work with Google.

To learn more about Google services, we recommend reviewing Google’s Terms of Use.

YouTube

It may happen that our site contains third-party content, such as videos from YouTube. This always means that the content providers know your IP address. Without an IP address, you would not be able to send the content to your browser. The IP address is essential for their delivery. The legal basis for this data processing is Article 6, paragraph 1 lit. b) f DSGVO.

We strive to use only content where the providers ensure that they use your IP address exclusively for delivering the content. However, we have no control if third-party providers store the IP address, for example, for statistical purposes.

We have embedded YouTube videos on our site, which can be viewed directly from our website. YouTube is a multimedia service by YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA, a company of the Google LLC group, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. If personal data is transferred to the U.S., Google and YouTube are subject to the EU-U.S. Privacy Shield. The legal basis is Article 6, paragraph 1 S. 1 lit. f DSGVO, based on our legitimate interest in integrating videos and images.

When you visit our website, YouTube and Google receive information that you have viewed the corresponding subpage on our site. This happens whether you are logged in to YouTube or Google or not. YouTube and Google use this data for advertising purposes, market research, and to adjust the design of websites if needed.

Meta

Meta uses the information they collect to provide you with a personalized experience, including ads, and for other purposes explained in detail below. For some of these purposes, they use information about their products and your device. The information they use for these purposes is processed automatically by their systems. In some cases, they also use manual review to access your information and examine it. To use less individual user-related information, they may de-identify or aggregate data. They may also anonymize it so that it no longer identifies you.

Does Curadelight share data with other agents?

The data we collect is only transmitted when necessary for the fulfillment of the contract or to provide the technical functionalities of the website or online shop, or if an external legal basis applies for data transmission (e.g., if we are legally required to disclose data, such as informing judicial authorities and courts, public services obtaining data under legal provisions, e.g., social security agencies, tax authorities, etc.) or when we must use third parties bound by confidentiality to assert our claims.

Part of the data processing is carried out by service providers. These include data centers that store our website and databases, IT service providers who maintain our system, logistics and shipping providers, and consulting firms. When we share data with service providers, they can use it exclusively for performing their functions. We select and hire service providers with the utmost care. They are contractually bound to our instructions, obligated to confidentiality, and we regularly inspect them.

How long does Curadelight retain your data?