Privacy policy

We hereby inform you about the processing of your personal data and the rights to which you are entitled under data protection law.

§ 1 Who is responsible for data processing and how can I reach the data protection officer?
Responsible for data processing is:
BCG Baden-Baden Cosmetics Group GmbH
Data protection officer
Im Rosengarten 7
76532 Baden-Baden

Phone: +49-(0)7221-688-100
Fax: +49-(0)7221-688-369
represented by the Chairman of the Management Board / CEO: Hermann Crux

You can reach our data protection officer at the above contact details or at: datenschutz@bcg-cosmetics.de.

§ 2 For what purposes and on what legal basis is my data processed?
We process your personal data in compliance with the provisions of the Basic Data Protection Regulation (DSGVO), the Federal Data Protection Act (BDSG) and all other applicable laws, to the extent necessary to provide the information on this website.
In the case of merely informational use of the website, for example, if you do not log in to use the website, register or otherwise transmit information to us, we do not collect any personal data, with the exception of the data that your browser transmits to enable you to visit the website. These are:

a) IP address
b) date and time of the request
c) Time zone difference to Greenwich Mean Time (GMT)
d) Content of the request (specific page)
e) access status/HTTP status code
f) amount of data transferred in each case
g) Website from which the request comes
h) browser
i) Operating system and its interface
j) language and version of the browser software.

In order to ensure that the website functions properly, the above data is stored in log files. This data is also used to ensure the security of our information technology systems and for website optimization.

Art. 6 para.1 p.1 lit.f DSGVO forms the legal basis for the temporary storage of data and log files.

§ 3 Data security
We maintain current technical measures to ensure data security, in particular to protect your personal data from dangers during data transmissions and from third parties gaining knowledge. These are adapted to the current state of the art in each case.

§ 4 COOKIES
Furthermore, cookies will be stored on your computer. Cookies are small text files that are stored on your hard drive, assigned to your browser, and through which certain information passes to the body responsible for setting the cookies (us, in this case). Cookies cannot execute programs or transfer viruses to your computer. They are used to make our Internet services overall more user-friendly and effective. As soon as our website is called up by a user, the respective user is notified of the use of cookies for analysis purposes. To process the personal data used in this context, the user’s consent is obtained. This website uses cookies to the following extent: transient cookies (temporary use), persistent cookies (used for a specific period of time), third-party cookies (from third-party providers), flash cookies (permanent use) You may configure your browser settings as required and, for example, refuse to accept third-party cookies or all cookies. However, we would like to point out that if you do so, you may not be able to use all of the functions of this website. Transient cookies are automatically deleted once you close the browser. This includes in particular session cookies. These store a session ID with which various queries from your browser can be assigned to the same session. This enables your computer to be identified on a return visit to the website. The session cookies are deleted once you log out or close the browser. Persistent cookies are automatically deleted after a specific period of time, which may vary from cookie to cookie. You may delete the cookies at any time in the security settings of your browser. Analysis cookies. We use analysis cookies to improve the content and quality of our website. Analysis cookies enable us to understand how our website is being used, which allows us to optimize our services on an ongoing basis

Essenziell

Essenzielle Cookies ermöglichen grundlegende Funktionen und sind für die einwandfreie Funktion der Website erforderlich.

WPML

NameWPML
ProviderOwner of this website
PurposeStores the current language.
Cookie Namewp-wpml_current_language
Cookie lifetime1 Day

Statistiken

Statistik Cookies erfassen Informationen anonym. Diese Informationen helfen uns zu verstehen, wie unsere Besucher unsere Website nutzen.

Externe Medien

Content from map providers, video platforms, and social media platforms are blocked by default. If cookies from external media are accepted, access to this content no longer requires manual consent.

Juicer

NameJuicer
ProviderClick the button below to load the content of %%name%%.
PurposeDisplay social media posts
Data protectionhttps://www.juicer.io/eu-privacy
Cookie Namejuicer

Storepoint

NameStorepoint
ProviderStorepoint Inc.
PurposeRepresentation of points of sale

Google Maps

NameGoogle Maps
ProviderGoogle Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
PurposeUsed to unblock Google Maps content.
Data protectionhttps://policies.google.com/privacy
Host(s).google.com
Cookie NameNID
Cookie lifetime6 Monate

Instagram

NameInstagram
ProviderMeta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland
PurposeUsed to unblock Instagram content.
Data protectionhttps://www.instagram.com/legal/privacy/
Host(s).instagram.com
Cookie Namepigeon_state
Cookie lifetimeSitzung

Vimeo

NameVimeo
ProviderVimeo Inc., 555 West 18th Street, New York, New York 10011, USA
PurposeUsed to unblock Vimeo content.
Data protectionhttps://vimeo.com/privacy
Host(s)player.vimeo.com
Cookie Namevuid
Cookie lifetime2 Jahre

YouTube

NameYouTube
ProviderGoogle Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
PurposeUsed to unblock YouTube content.
Data protectionhttps://policies.google.com/privacy
Host(s)google.com
Cookie NameNID
Cookie lifetime6 Monate

You want to disable cookies? Change cookie settings

This stored information is stored separately from other data that may be provided to us. In particular, the data of the cookies are not linked with your other data. You can delete the currently stored cookies at any time. The deletion is also possible automatically. The processing of personal data through the use of technically necessary cookies is based on the legal basis of Art. 6 para.1 p.1 lit.f DSGVO. If you consent to the processing of personal data through the use of cookies for analysis and or other purposes, the consent forms the legal basis under Art. 6 para.1 p.1 lit.a DSGVO. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can revoke your consent to the processing of your data by cookies at any time. Use the following link for this purpose. After revocation of consent, restrictions on use of the website are possible. The legality of the data processing operations already carried out remains unaffected by the revocation.

§ 5 Contact form
We collect your personal data when you provide it to us by filling out the contact form. The data provided will be processed exclusively to provide you with the requested information. The processing of further personal data during the sending process is based on the prevention of any misuse of the contact form, as well as ensuring the security of our information technology systems. Any further processing of your data for advertising purposes or market research will only take place with your express consent.

The following data is processed at the time of sending the message:

a) IP address of the user
b) Name, first name, e-mail address
c) registration time (date and time)
d) Reason for the request
e) Content of the request

The legal basis for the processing of the data is Art. 6 para.1 p.1 lit.a DSGVO if the user has given his consent. If the purpose of the contact is to conclude a contract, the legal basis is Art. 6 para. 1 sentence 1 lit. b DSGVO. Otherwise, the processing of personal data corresponds to the legitimate interests of both us and you. We may be able to answer any factual questions you may have or respond to any suggestions you may have. Thus, the data processing is also justified according to Art. 6 para. 1 p.1 lit.f DSGVO; this also applies to the processing of data in the context of the sending process.

As soon as the data is no longer necessary to achieve the original purpose for which it was collected, it will be deleted. Personal data collected by means of the input mask of the contact form on the website is no longer required if there is no longer any communication with you. This is the case when it becomes clear upon consideration that the matter has ended for the future and no further communication will take place.

Additional personal data that we collect during the sending process will be deleted within a maximum period of 8 weeks.

You can revoke your consent to the processing of your personal data at any time. You can declare the revocation by sending a message to the contact details above. However, further communication can then no longer take place, as all personal data stored in the context of contacting you will be deleted in this case. The legality of the data processing procedures already carried out remains unaffected by the revocation. You can declare your objection at any time by sending a message to the above contact details. However, further communication can then no longer take place, as all personal data stored in the context of contacting us will be deleted in this case.

§ 6 Contacting us

You have the possibility to contact us by mail, telephone, fax or e-mail.

If you contact us by mail, we can process your address data, date and time of receipt of the mail as well as the data resulting from your letter. If you contact us by telephone, we will process in particular your telephone number and, if necessary, your name, your e-mail address, the time of the call and details of your request during the conversation. If you contact us by fax, in particular the fax number or the sender ID as well as the data resulting from the fax will be processed. If you contact us by e-mail, your e-mail address, the time of the e-mail and the data resulting from the message text (including attachments, if applicable) will be processed.

The purpose of processing the above-mentioned data is to process your contact request and to be able to contact you in order to respond to your request.

The legal basis for the processing of personal data described here is Art. 6 para.1 p.1 lit.f DSGVO. Our legitimate interest is to offer you the opportunity to contact us at any time and to be able to answer your inquiries. The personal data will only be processed as long as it is necessary for the processing of the contact request.

You can declare your objection at any time by sending a message to the contact details given above. However, further communication can then no longer take place, as all personal data that was stored in the context of the contact will be deleted in this case.

§ 7 Use of social media
We maintain publicly accessible profiles on social networks. Social networks, such as Instagram, are generally able to comprehensively analyze your user behavior when you visit their website or a website with integrated social media content (e.g. like buttons or advertising banners). By visiting our social media presences, numerous data protection-relevant processing operations are triggered.

If you are logged into your social media account and visit our social media presence, the operator of the social media portal can assign this visit to your user account. Under certain circumstances, however, your personal data may also be collected if you are not logged in or do not have an account with the respective social media portal. In this case, data is collected, for example, by recording your IP address via cookies that are stored on your terminal device.

Operators of the social media portals can use the data collected in this way to create user profiles in which your preferences and interests are stored. If you have an account with the respective social network, interest-based advertising can be displayed on all devices on which you are or were logged in. Depending on the provider, further processing operations may therefore be carried out by the operators of the social media portals. You can find details on this in the terms of use and data protection provisions of the respective social media portals.

a) Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland; further information on data collection: https://help.instagram.com/519522125107875/?helpref=hc_fnav

We operate our social media sites in order to achieve the most comprehensive presence possible on the Internet. This is a legitimate interest within the meaning of Art. 6 (1) sentence 1 lit. f DSGVO. If necessary, the analysis processes initiated by the social networks are based on different legal grounds, which must be specified by the operators of the social networks (e.g. consent within the meaning of Art. 6 (1) sentence 1 lit. a DSGVO). The data collected directly by us will be deleted from our systems as soon as the purpose for storing it no longer applies, you request us to delete it or assert your objection or revocation of consent. Stored cookies remain on your terminal device until you delete them. Legal provisions, in particular retention periods, remain unaffected.

We have no influence on the storage period of your data, which is stored by the operators of social networks for their own purposes. To find out details about this, please contact the operators of the social networks directly (e.g. in their privacy policy, see above).

If you visit one of our presences in the social media (e.g. Meta Platforms), you trigger a processing of your personal data during such a visit. In this case, we are jointly responsible with the operator of the respective social network for these data processing operations within the meaning of Art. 26 DSG-VO. In principle, you can assert your rights (right to information pursuant to Art. 15 DSGVO, right to rectification pursuant to Art. 16 DSGVO, right to erasure pursuant to Art. 17 DSGVO, right to restriction of processing pursuant to Art.18 DSGVO, right to data portability pursuant to Art. 20 DSGVO and right to lodge a complaint pursuant to Art. 77 DSGVO) both against us and against the operator of the respective social network (e.g. Meta Platforms).

Please note that despite the joint responsibility according to Art. 26 DSGVO with the operators of social networks, we have no full influence on the data processing and the assertion of data subject rights of the individual social networks.

You can declare your objection at any time by sending a message to the above contact details. You may then no longer be able to fully use the functions of the website.

§ 8 Use of social media plug-ins
We currently use the following social media plug-ins: Instagram via juicer.io. We use the so-called 2-click solution. This means that when you visit our site, no personal data is initially passed on to the providers of these plug-ins. You can recognize the provider of the plug-in by the marking on the box above its initial letter or logo. We open up the possibility for you to communicate directly with the provider of the plug-in via the button. Only if you click on the marked box and thereby activate it, the plug-in provider receives the information that you have called up the corresponding website of our online offer. In addition, the data mentioned under § 2 of this declaration will be transmitted. In the case of Meta, according to the respective providers in Germany, the IP address is anonymized immediately after collection. By activating the plug-in, your personal data is transmitted to the respective plug-in provider and stored there (in the case of US providers such as Meta in the USA). Since the plug-in provider collects the data in particular via cookies, we recommend that you delete all cookies via your browser’s security settings before clicking on the grayed-out box.

We have no control over the data collected and data processing operations, nor are we aware of the full extent of the data collection, the purposes of the processing, the storage periods. We also have no information on the deletion of the collected data by the plug-in provider.

The plug-in provider stores this data as usage profiles and uses it for purposes of advertising, market research and/or demand-oriented design of its website. Such an evaluation is carried out in particular (also for non-logged-in users) for the display of needs-based advertising and to inform other users of the social network about your activities on our website. Through plug-ins, we offer you the opportunity to interact with the social networks and other users, so that we can improve our offer and make it more interesting for you as a user. The legal basis for the use of the plug-ins is Art. 6 para.1 p.1 lit.a DSGVO.

The data transfer takes place regardless of whether you have an account with the plug-in provider and are logged in there. If you are logged in to the plug-in provider, your data collected by us will be directly assigned to your account with the plug-in provider. If you activate the button and, for example, link to the page, the plug-in provider also saves this information in your user account and shares it publicly with your contacts. We recommend that you log out regularly after using a social network, but especially before activating the button, as this allows you to avoid an assignment to your profile with the plug-in provider.

For more information on the purpose and scope of data collection and processing by the plug-in provider, please refer to the data protection declarations of these providers provided below. There you will also receive further information about your rights in this regard and setting options for protecting your privacy.

Addresses of the respective plug-in providers and URL with their privacy notices:

a) Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland; further information on data collection: https://help.instagram.com/519522125107875/?helpref=hc_fnav
b) Juicer, saas.group LLC, 304 S. Jones Blvd #1205, Las Vegas NV 89107, USA; https://www.juicer.io/eu-privacy

You can declare your revocation at any time by sending a message to the contact details given above. You may then no longer be able to use the full functionality of the website. The legality of the data processing operations already carried out remains unaffected by the revocation.

§ 9 Children
We do not collect personal information from minors. In case of unknowing collection, we will delete it immediately.

§ 10 Recipients of personal data
We also disclose personal data to our order processors. These are:

a) data centers
b) IT service providers

Personal data may be passed on to our IT service providers for the provision of this website. As a rule, the information listed under § 2 is passed on in this context.

In the context of remote maintenance of standard IT components, it cannot be ruled out that an IT service provider from a third country (e.g. USA) may in rare cases be given controlled and limited access to personal data in order to rectify errors in individual cases. Personal data is only transferred to service providers outside the European Economic Area (EEA) if the third country has been confirmed by the EU Commission to have an adequate level of data protection or if other adequate data protection guarantees (e.g. binding internal company data protection regulations or EU standard contractual clauses) are in place.

If the requirements are met, we will disclose personal data to law enforcement authorities.

§ 11 How long will my personal data be stored?
Your personal data will be processed for the duration of the fulfillment of the above-mentioned purposes. Your log files in the context of the informational use of our website are deleted on a daily basis, due to the amount of data after a maximum of 8 weeks. If we have processed the inquiries you have made via the contact inquiry, your data will no longer be processed and will subsequently be deleted.

If, on the other hand, you revoke the consent you have given or have executed a revocation in accordance with Art. 21 DSGVO, your data will also no longer be processed and subsequently deleted. After the purpose has been fulfilled, the aforementioned data will either be deleted, if possible by the system, or the personal reference will be removed by anonymization and access to your data will be blocked.

§ 12 Does automated decision-making or profiling take place?
Neither automated decision-making nor profiling takes place in the context of data processing when using our website. We have no influence on automated decision-making or profiling by external service providers.

§ 12 Am I obliged to provide my personal data?
When using our website and the applications contained therein, you are neither contractually nor legally obligated to provide us with your personal data. You use our Internet presence and the services offered therein on a voluntary basis, therefore the non-provision of your data has no adverse legal consequences for you.

If you use our website for informational purposes only, you do, however, provide us with the data described in § 2, which your browser makes available to us.

If you contact us via the contact form, e-mail, letter, fax or telephone within the scope of the above-mentioned contact options, we will process your personal data in order to assign you and to be able to process your request. If you are unable to provide us with this data, we will not be able to process your request.

§ 13 What data protection rights can I assert as a data subject?
You have the right:

(a) in accordance with Art. 7 para.3 DSGVO, to revoke your consent once given to us at any time. This has the consequence that we may no longer continue the data processing based on this consent for the future. The legality of the data processing operations already carried out remains unaffected by the revocation.
b) in accordance with Art. 15 DSGVO, to request information about your personal data processed by us at any time. In particular, you can request information about the processing purposes, the category of personal data and its origin, the categories of recipients to whom your data has been or will be disclosed, as well as the purpose and the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the origin of your data, if it was not collected by us, as well as the existence of automated decision-making, including profiling and, if necessary, meaningful information about its details;
c) in accordance with Art. 16 DSGVO, to demand the immediate correction of incorrect or completion of your personal data stored by us;
d) pursuant to Art. 17 DSGVO, to request the erasure of your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the assertion, exercise or defense of legal claims;
e) pursuant to Art. 18 DSGVO, to request the restriction of the processing of your personal data, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure and we no longer need the data, but you need it for the assertion, exercise or defense of legal claims or you have objected to the processing pursuant to Art. 21 DSGVO;
f) pursuant to Art. 20 DSGVO, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request that it be transferred to another controller.

Please address all requests for information, requests for information or revocations regarding data processing to the contact details above.

§ 14 Do I have the possibility to object to the processing?
Pursuant to Art. 21 (1) DSGVO, you have the right to object at any time to the processing of personal data concerning you that is carried out on the basis of Art. 6 (1) sentence 1 lit. f DSGVO for reasons arising from your particular situation. We will then no longer process the personal data, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or the processing serves our assertion, exercise or defense of legal claims.

You can declare your objection at any time by sending a message to the contact details above.

§ 15 Do I have the possibility to lodge a complaint?
If you are of the opinion that the processing of your personal data by us is unlawful or, if applicable, violates data protection law for other reasons, you can complain to a supervisory authority. You can contact a supervisory authority in the member state of your place of residence, your place of work or the place of the alleged infringement.