top of page

PRIVACY POLICY

Introduction
We ("we," "us," "our") take the protection of data of the users ("users" or "you") of our website and/or our mobile app (the "Website" and/or the "Mobile App") very seriously and commit to protecting the information users provide to us in connection with the use of our Website and/or Mobile App (together: "digital assets"). Furthermore, we commit to protecting and using your data in accordance with applicable law.

This privacy policy explains our practices regarding the collection, use, and disclosure of your data when you access the services through your devices via our digital assets (the "Services").

Please read this privacy policy carefully and ensure that you fully understand our practices concerning your data before using our Services. If you have read, fully understood, and do not agree with our approach, you must stop using our digital assets and Services. By using our Services, you acknowledge the terms of this privacy policy. Continued use of the Services constitutes your consent to this privacy policy and any changes thereto.

This privacy policy informs you about:

  • How we collect data

  • What data we collect

  • Why we collect this data

  • To whom we disclose the data

  • Where the data is stored

  • How long the data is retained

  • How we protect the data

  • How we handle minors

  • Updates or changes to the privacy policy

What Data Do We Collect?
Below is an overview of the data we may collect:

Non-identifiable and non-personal information that you provide during the registration process or that is collected through the use of our Services ("non-personal data"). Non-personal data does not allow conclusions about who provided it. The non-personal data we collect mainly consists of technical and aggregated usage information.

Individually identifiable information, i.e., any information that can identify you or could identify you with reasonable effort ("personal data"). Personal data we collect through our Services may include information requested from time to time such as names, email addresses, mailing addresses, phone numbers, IP addresses, and more. When we combine personal data with non-personal data, as long as they are combined, we treat them as personal data.

How Do We Collect Data?
Below are the main methods we use to collect data:

  • We collect data when you use our Services. So when you visit our digital assets and use the Services, we may collect, record, and store usage, sessions, and related information.

  • We collect data that you provide to us directly, for example when you contact us through a communication channel (e.g., an email with a comment or feedback).

  • We may collect data from third-party sources as described below.

  • We collect data you provide to us when you log in to our Services via a third-party provider like Facebook or Google.

Why Do We Collect This Data?
We may use your data for the following purposes:

  • To provide and operate our Services;

  • To develop, customize, and improve our Services;

  • To respond to your feedback, requests, and inquiries and to offer assistance;

  • To analyze demand and usage patterns;

  • For other internal, statistical, and research purposes;

  • To improve our data security and fraud prevention capabilities;

  • To investigate violations and enforce our terms and policies as well as comply with applicable laws, regulations, or official orders;

  • To send you updates, news, promotional materials, and other information related to our Services. For promotional emails, you can choose whether to continue receiving them. If not, simply click the unsubscribe link in those emails.

To Whom Do We Disclose This Data?
We may share your data with our service providers to operate our Services (e.g., data storage via third-party hosting services, provision of technical support, etc.).

We may also disclose your data under the following circumstances:
(i) to investigate, detect, prevent, or take action regarding illegal activities or other misconduct;
(ii) to establish or exercise our legal rights or defend against claims;
(iii) to protect our rights, property, personal safety, or the safety of our users or the public;
(iv) in the event of a change of control of our company or one of our affiliates (through a merger, acquisition, or purchase of substantially all assets, etc.);
(v) to collect, store, and/or manage your data through authorized third-party providers (e.g., cloud service providers), as appropriate for business purposes;
(vi) to collaborate with third parties to improve your user experience.

To avoid misunderstandings, we clarify that we may share or use non-personal data with third parties at our discretion.

Please note that our Services enable social interactions (e.g., publicly posting content, information, and comments and chatting with other users). We inform you that any content or data you provide in these areas can be read, collected, and used by others. We advise against posting or sharing information you do not want to make public. If you upload or otherwise provide content on our digital assets or through our Services, you do so at your own risk. We cannot control the actions of other users or members of the public with access to your data or content. You acknowledge and agree that copies of your data may remain accessible even after deletion on cached or archived pages or after third parties create copies/store your content.

When you visit or access our Services, we authorize third parties to use web beacons, cookies, pixel tags, scripts, and other technologies and analytics services ("tracking technologies"). These tracking technologies may enable third parties to automatically collect your data to improve navigation on our digital assets, optimize their performance, provide a tailored user experience, as well as for security and fraud prevention purposes.

For more information, please read our Cookie Policy.

We may provide advertising through our services and our digital assets (including websites and applications that use our services) that may be tailored to you, such as ads based on your recent browsing behavior on websites, devices, or browsers.

To deliver these advertisements to you, we may use cookies and/or JavaScript and/or web beacons (including transparent GIFs) and/or HTML5 local storage and/or other technologies. We may also engage third parties, such as ad networks (i.e., third parties who display ads based on your website visits), to serve targeted ads. External providers of ad networks, advertisers, sponsors, and/or website traffic measurement services may also use cookies and/or JavaScript and/or web beacons (including transparent GIFs) and/or flash cookies and/or other technologies to measure the effectiveness of their ads and tailor advertising content to you. These third-party cookies and other technologies are subject to the specific privacy policies of the respective third parties, not this one.

Where Do We Store the Data?

Non-personal Data
Please note that our company as well as our trusted partners and service providers are located worldwide. For the purposes described in this privacy policy, we store and process all non-personal data we collect in various jurisdictions.

Personal Data
Personal data may be maintained, processed, and stored in the United States, Ireland, South Korea, Taiwan, Israel, and, where necessary for proper provision of our services and/or legally required (as further explained below), in other jurisdictions.

How Long Do We Retain the Data?
Please note that we retain the collected data as long as necessary to provide our services, to comply with our legal and contractual obligations to you, to resolve disputes, and to enforce our agreements.

We may correct, supplement, or delete incorrect or incomplete data at any time at our discretion.

How Do We Protect the Data?
The hosting service for our digital assets provides us with the online platform through which we offer you our services. Your data may be stored via the data storage, databases, and general applications of our hosting provider. They store your data on secure servers behind a firewall and provide secure HTTPS access to most areas of their services.

All payment options offered by us and our hosting provider for our digital assets comply with PCI-DSS (Payment Card Industry Data Security Standard) of the PCI Security Standards Council. This council includes collaboration of brands such as Visa, MasterCard, American Express, and Discover. PCI-DSS requirements help ensure the secure handling of credit card data (including physical, electronic, and procedural safeguards) by our shop and service providers.

Despite the measures and efforts taken by us and our hosting provider, we cannot and do not guarantee absolute protection and absolute security of the data you upload, publish, or otherwise provide to us or others.

For this reason, we kindly ask you to set secure passwords and to avoid transmitting confidential information to us or others that you believe could cause you significant or lasting harm if disclosed. Since email and instant messaging are not considered secure forms of communication, we also ask you not to share confidential information via these communication channels.

How do we handle minors?
Children may use our services. However, if they wish to access certain features, they may need to provide certain information. The collection of some data (including data collected via cookies, web beacons, and other similar technologies) may happen automatically. If we knowingly collect, use, or disclose data from a child, we will notify and obtain parental consent in accordance with applicable law. We do not make a child’s participation in an online activity dependent on providing more contact information than reasonably necessary for that activity. We use the data we collect only in connection with the services the child requested.

We may also use a parent’s contact information to communicate about the child’s activities in the services. Parents can view the data we have collected from their child, prohibit us from collecting further data about their child, and request that all collected data about their child be deleted from our records.

Please contact us to view, update, or delete your child’s data. To protect your child, we may ask you to verify your identity. We may deny access to the data if we believe your identity is questionable. Please note that some data may not be deleted due to other legal obligations.

We use your personal data only for the purposes set forth in the privacy policy and only when we are convinced that:

  • the use of your personal data is necessary to perform or enter into a contract (e.g., to provide you with the services themselves or customer service/technical support);

  • the use of your personal data is necessary to comply with relevant legal or regulatory obligations; or

  • the use of your personal data is necessary to support our legitimate business interests (provided this is done in a manner that is proportionate and respects your privacy rights).

As an EU resident, you may:

  • request confirmation of whether personal data concerning you is being processed or not, and request access to your stored personal data as well as certain additional information;

  • request to receive personal data you have provided to us in a structured, commonly used, and machine-readable format;

  • request correction of your personal data stored with us;

  • request deletion of your personal data;

  • object to the processing of your personal data by us;

  • request restriction of the processing of your personal data; or

  • file a complaint with a supervisory authority.

Please note, however, that these rights are not absolute and may be subject to our own legitimate interests and regulatory requirements. If you have general questions about the personal data we collect and how we use it, please contact us as indicated below.

In providing the services, we may transfer data cross-border to affiliated companies or other third parties and from your country/jurisdiction to other countries/jurisdictions worldwide. By using the services, you consent to the transfer of your data outside the EEA.

If you are located in the EEA, your personal data will only be transferred to locations outside the EEA if we are satisfied that an adequate or comparable level of data protection exists. We will take appropriate steps to ensure that we have adequate contractual agreements with our third parties to ensure appropriate safeguards are in place so that the risk of unlawful use, alteration, deletion, loss, or theft of your personal data is minimized and that these third parties act in compliance with applicable laws at all times.

We do not sell users’ personal data for the purposes and intents of the CCPA.

Updates or changes to the privacy policy
We may revise this privacy policy at our discretion from time to time. The version posted on the website is always current (see the “effective date” stated). We encourage you to review this privacy policy regularly for changes. For significant changes, we will post a notice on our website. If you continue to use the services on our website after being notified of changes, this constitutes your confirmation and consent to the changes and your agreement to be bound by the terms of these changes.

Contact
If you have general questions about the services or the data we collect about you and its use, please contact us at:

 

Name: Sarah Magdalena Rüenholl

Address: Erkrather Str. 206, 40233 Düsseldorf

Email: info@makeup-by-sarahlena.de

Disclaimer
The information contained herein does not constitute legal advice and you should not rely on it exclusively. Specific requirements regarding legal terms and policies may vary from state to state and/or from one legal system to another. As set forth in our Terms of Use, you are responsible for ensuring that your services comply with the laws applicable to you and that you adhere to them.

To ensure full compliance with your legal obligations, we strongly recommend that you seek professional advice to better understand which requirements specifically apply to you.

bottom of page