We, MYKITA GmbH, Ritterstrasse 9, 10969 Berlin, Germany (“MYKITA” or “we”), hereby inform you, by the present Privacy Statement, about all aspects under data protection law of the offering available on the MYKITA.com website (the “Website”).
We will collect, process, and use your personal data exclusively in compliance with the following Privacy Statement. The term “personal data” is defined in this context as any item of individual information concerning the personal or material circumstances of an identified or identifiable person, e.g. your name, your telephone number, your address as well as other information you provide to us when registering with us, when using our services, or when communicating with us (“Personal Data”).
MYKITA will function as the “controller” within the meaning of Article 4 number 7 of Regulation (EU) 2016/679, also known as the “General Data Protection Regulation” (“GDPR”).
Whenever you access our Website through your browser, respectively via your mobile device, we will collect only the Personal Data that your browser, respectively your mobile device, automatically transmits to us so as to allow you to visit the Website and to ensure system stability and security. This may include, in particular:
Your IP address;
Your device’s identifier, i.e. the unique ID number of your digital device;
The content, date, and time of the access request;
The time zone of the requesting computer, respectively of the mobile device;
The website from which the access request is being referred;
The web page for which access is being requested;
The http status code;
The data volume transmitted;
Your browser ID;
Your operating system;
The language and version of your browser software; as well as
The Advertising Identifier (IDFA).
Processing this data will serve the following purposes:
To establish a trouble-free connection to the Website;
To display our goods and services;
To ensure the usability of our Website;
To analyze system stability and security; and
To fulfill additional administrative objectives.
The legal basis for this processing of your Personal Data is Article 6 paragraph 1 sentence 1 lit. f) of the GDPR. Our legitimate interest in this context results from the aforementioned data processing purposes.
We give you the option of contacting us by means of the “Contact” form provided on the Website. To use this form, you must fill in your name, a valid email address as well as your postal address. Processing this data serves our legitimate interest in providing proper answers to your contact inquiries and is therefore performed on the basis of Article 6 paragraph 1 sentence 1 lit. f) of the GDPR.
If you wish to purchase our goods and use our services, you may be asked at various times to provide us with Personal Data such as the following:
Your date of birth;
Your postal address;
Your email address,
Your telephone number or mobile phone number; and
Your credit card information.
We will process your Personal Data for the following purposes, and said Personal Data are required for these purposes:
To fulfill contractual obligations, respectively to perform pre-contractual measures, in accordance with Article 6 paragraph 1 sentence 1 lit. b) of the GDPR, i.e. so as to be able to transact your purchases, process your payments, provide you with customer service, correspond with you, handle claims asserted by you or us, assure the technical administration of our Website, and manage our customer data;
To fulfill statutory requirements in accordance with Art 6 paragraph 1 sentence 1 lit. c) of the GDPR, e.g. to comply with statutory record keeping obligations;
To protect our legitimate interests according to Art 6 paragraph 1 sentence 1 lit. f) of the GDPR: In the event of litigation or to protect both you and us (including our affiliates) from fraud
In order to process the data concerning you, we will make use of specialized external service providers, such as online-marketing providers, providers of automated marketing solutions, providers of web-analysis tools as well as IT-service providers. We carefully select these service providers and instruct them duly, they are bound by our instructions and are regularly monitored and checked.
In addition, we may transfer your Personal Data to third parties (couriers, freight forwarders, shipping companies, the credit institutions we have contracted for payment settlement, other payment service providers, collection agencies or our authorized optician customers) insofar as this is required for our contractual performance pursuant to Article 6 paragraph 1 sentence 1 lit. b) of the GDPR, respectively in order to pursue our legitimate interests pursuant to Article 6 paragraph 1 sentence 1 lit. f) of the GDPR.
Finally, we may also transfer your data to our affiliated enterprises, including MYKITA Holding GmbH, MYKITA Studio GmbH, MYKITA North America LLC., MYKITA Shop NYC LLC., MYKITA Asia Pacific Ltd., MYKITA Japan K.K., MYKITA Retail Switzerland AG, MYKITA Sarl., Elliot Paul s.r.o., insofar as this is necessary to pursue the above mentioned purposes of data processing.
In all other respects, your Personal Data will not be transferred to third parties unless you have first granted your consent pursuant to Article 6 paragraph 1 sentence 1 lit. a) of the GDPR or if doing so is legally permissible within the meaning of Article 6 paragraph 1 sentence 1 lit. c) of the GDPR.
Insofar as we transmit Personal Data to countries located outside of the European Economic Area (EEA), we will ensure that the data recipient guarantees an adequate level of data protection within the meaning of Article 45 of the GDPR. If no adequacy decision of the EU commission is available, MYKITA will strive to ensure that the data recipient has put in place appropriate safeguards within the meaning of Article 46 of the GDPR and specifically utilizes the standard contractual clauses of the European Union for the transfer of data into non-EU third countries in their respectively current version. If these appropriate safeguards are not sufficient to ensure an adequate level of protection for the transferred data in individual cases, MYKITA will require supplementary protective measures from the recipients of the data. In case of questions about the measures implemented by MYKITA to protect your data outside the EU, please feel free to contact firstname.lastname@example.org
MYKITA utilizes so-called “cookies” on its Website, i.e. small files containing text information that are placed on your hard drive (“Cookies”) whenever you call up the Website. The Cookie will be used to store certain information about the specific terminal device you are using. This does not mean, however, that we will obtain direct knowledge of your identity in the process.
In addition, we utilize Cookies that will remain on your hard drive for a certain period also after the browser session is over (“Persistent Cookies”). These Cookies make it easier for you to use our Website and our services and to purchase our goods, e.g. by storing certain inputs and settings so that you will not have to constantly repeat them. Cookies also allow us to collect statistics on the usage of our Website while helping us to optimize our offering and to personalize our web pages and our goods and services for your benefit (also see Section VI of the present Privacy Statement). Persistent Cookies are stored on your hard drive and then erased by the browser after a predefined time, which may vary from Cookie to Cookie. The Cookies we use may also be sourced from third-party providers (Third-Party Cookies), given that we rely on a number of advertising partners to help us make our online offers and web pages more appealing to you (also see Section VI of the present Privacy Statement).
Unless the above mentioned cookies are directly necessary to enable the use of requested functions or services, we will ask you for your express consent before storing the cookie on your device (Art. 6 paragraph 1 sentence 1 lit. a) of the GDPR).
We use the analytics and tracking technologies, respectively technologies offered by third-party-provider, described below; we do so on the basis of your consent for the following purposes:
Google will use this information on our behalf in order to analyze your usage of our Website, to compile reports on Website activities for us, and to provide us with other services relating to Website and internet usage. In certain cases, this information may also be transferred to third parties, insofar as this is mandated by the law or insofar as third parties have been commissioned with processing the data. Google will not merge your IP address with other data held by Google.
Via Google Optimize, we can try out different display formats of our website, and after evaluation by Google Analytics, we are informed which display format is preferred by the users of the website.
You can block the storage of the relevant Cookie in your browser by configuring your browser settings accordingly. Please be advised, however, that this may prevent you from using all the functions of our Website to their full extent.
In addition, you can prevent Google from recording the data generated by the Cookie regarding your usage of the Website (including your IP address) and from processing such data by downloading and installing the browser plugin available under the following link: http://tools.google.com/dlpage/gaoptout?hl=en.
For further information on data protection in connection with Google Analytics, please navigate to the “Help” section of Google Analytics via the following link: http://google.com/intl/de/analytics/privacyoverview.html.
In order to collect statistics on the use of our Website and in order to optimize our Website for your benefit, we also use Google Conversion Tracking. This is a service offered by Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA (“Google”). To this end, Google places a Cookie (see Section V of the present Privacy Statement) on your computer whenever you reach our Website by way of a Google Ad. These Cookies become invalid after 90 days and cannot be used to identify you personally. If you visit one of our web pages and assuming the Cookie has not yet expired, both we and Google will be able to see that you clicked on the ad and that it referred you to our site. Each AdWords customer receives a different Cookie, so that the Cookies cannot be tracked across the websites of multiple AdWords customers.
Google will use this information on our behalf to generate visitor statistics for our Website. We will use these visitor statistics to determine the total number of users referred to us by AdWords advertisements and to optimize our AdWords advertising efforts accordingly. This information may also be transferred to third parties insofar as this is mandated by law or insofar as third parties process these data on a commissioned basis. Neither we nor any other advertising customers of Google AdWords will receive information from Google that allows you to be personally identified.
Moreover, our Website uses Google Remarketing Tracking as part of the Google AdWords service. This, too, is a service offered by Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA (“Google”). The remarketing function allows advertising based on your personal interests to be displayed to you, as the user of our Website, on other websites within Google’s content network (on Google itself, so-called “Google Ads” or on other websites). To this end, your interaction with our Website will be analyzed, such as the offers that you took an interest in, so as to allow us to display targeted advertisements to you on other websites after you have terminated your visit to our website.
In the process, Google will place a Cookie on your computer (see Section V of the present Privacy Statement) insofar as you use certain Google services or visit certain websites forming part of the Google content network. These Cookies cannot be used to identify you personally.
The information generated by the Cookie so placed on your computer concerning your usage of our Website (including your IP address) will be transferred to a Google server located in the United States and stored there. However, your IP address will first be shortened on our Website by Google within Member States of the European Union or in other states signatory to the Agreement on the European Economic Area (EEA). Only in exceptional cases will the full IP address be transferred to a Google server in the United States and shortened there.
You can prevent the storage of these Cookies in your browser by configuring your browser settings accordingly. Please be advised, however, that this may prevent you from using all the functions of our Website to their full extent.
Furthermore, you can object against interest-based advertising from Google. To do this, you must call up www.google.de/settings/ads from each of the internet browsers you use and then make the desired setting changes.
We also use Google Tag Manager. This service allows website tags to be managed by way of a user interface. Tags are small code elements the purpose of which includes measuring traffic and visitor behavior. Google Tag Manager merely implements such tags. This does not cause any Cookies to be placed, meaning that no Personal Data will be recorded. Google Tag Manager triggers other tags which may themselves record data under certain circumstances. Google Tag Manager does not access these data, however. Once the deactivation function has been selected at the domain or Cookie level, it will remain in effect for all tracking tags implemented by Google Tag Manager.
We use the Customer Match function of Google. Here, we transmit data of our customers to Google and Google checks whethery they have a Google account. If this is the case, the individually tailored advertising is displayed to them on our behalf via Google channels as part of the GoogleAds program. The data is not transmitted to Google as a clear date, but as a unique hash value with which Google can carry out a comparison with their customers, but without being able to read out your identity or your concrete data from this hash value. You can find more information about Google’s customer matching here: https://support.google.com/google-ads/answer/6334160?hl=de.
If you no langer wish to contacted by the customer match function, you may revoke your consent at any time by sending an e-mail to [insert contact details] with effect for the future.
To ensure compliance with the scope of consent granted by the user, we use Google Consent Mode. This informs Google directly whether and with what scope a user has given consent and takes these decisions into account when evaluating data with Google Analytics and other Google services.
Furthermore, we also utilize the “Custom Audiences” remarketing function offered by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA (“Facebook”). This allows interest-based advertising to be displayed to users of our Website when they visit the social network Facebook or other websites that likewise employ this function (“Facebook-Ads”).
For this marketing function, we use the “Facebook Pixel” feature on our web pages, i.e. so-called “tracking pixels” are integrated onto our web pages. Whenever you visit our web pages, these tracking pixels serve to establish a direct connection between your browser and the Facebook server.
In the process, Facebook will receive, inter alia, the information from your browser that our Website was accessed by your terminal device. The integration of Facebook Pixel causes Facebook to be informed that you have called up a given web page of our internet presence or that you have clicked on one of our ads. If you are registered with a Facebook service, Facebook will be able to match up the visit with your user account. Even if you are not registered with Facebook, or have not logged onto Facebook, it is still possible that the provider may learn your IP address and other identifiers that relate to you and may store them. This information is used to show you behavioral advertising after you have visited our website (remarketing). Furthermore, Facebook may show you ads for our newsletter.
You can at any time object to the usage of Facebook website Custom Audiences with effect for the future by using the following link: https://www.facebook.com/settings/?tab=ads and http://www.youronlinechoices.com/de/praferenzmanagement/
We use the remarketing function offered by Twitter Inc., 1355 Market St., San Francisco, California 94103, USA (“Twitter”). With the aid of the Twitter remarketing function, we can present you with advertising that matches your interests via the Twitter platform. To this end, so-called “tags” are deployed by Twitter. These tags serve to record visits to the Website as well as data on the Website’s usage in pseudonymous, non-personalized form. If you subsequently visit Twitter, you will be shown advertising that relates to your interests.
Moreover, Twitter uses so-called visitor action pixels, which we use to track the actions of users after they have seen a Twitter advertisement or clicked on it. This allows us to assess the effectiveness of advertisements placed on Twitter for statistical and market research purposes. The data so captured are anonymous for us, which means that we do not see the personal data concerning individual users.
In the process, Twitter receives certain information from your browser, inter alia the fact that our Website was accessed by your terminal device.As a result of the integration of tags and pixels, Twitter will be informed that you have called up a given Website forming part of our online presence. If you are registered with a Twitter service, Twitter will be able to match up the visit to your user account. Even if you are not registered with Twitter, or even if you have not logged in, it is still possible that the provider may learn your IP address and other identifiers that relate to you and may store them.
The information generated by tags and pixels about your usage of our Website will be transferred to a Twitter server located in the United States and stored there.
We use the online advertising program “Microsoft Bing Ads” offered by Microsoft Online Inc., 6100 Neil Road, Reno, NV 89511 USA (“Microsoft”). This technology allows users who have already visited our web pages to be presented with follow-up ads on the websites of the Microsoft Partner Network and in conjunction with Microsoft search results. These ads are displayed using Cookies (see Section V of the present Privacy Statement), which serve to analyze the user’s behavior when visiting the Website and to subsequently present the user with targeted, interest-based advertising.
The information thus recorded will be transferred to a Microsoft server located in the USA.
In addition, Microsoft may in certain cases track your user behavior across your various electronic devices by means of so-called “cross-device tracking.” This enables Microsoft to display personalized advertisement on, respectively in, Microsoft websites and Microsoft apps. You can deactivate these functions under http://choice.microsoft.com/de-de/opt-out.
You can prevent the Cookie-generated data on your usage of the Website from being captured and processed by deactivating the placement of Cookies. Note that this may impair the functionality of the Website, however.
You can prevent the storage of these cookies in your browser by configuring your browser settings accordingly. Please note, however, that you may then not be able to use all the functions of our website in full. In addition, you have the option to object to the collection of data generated by Microsoft and related to the use of this website, as well as to the processing of this data by Microsoft and to exclude this.
Microsoft is compliant with the GDPR as a data controller. In addition, Microsoft Clarity processes data in compliance with the California Consumer Privacy Act (CCPA). For more information on data protection and your configuration options in this regard, please visit https://privacy.microsoft.com/en-GB/privacystatement.
As a rule, the information generated by the Cookie concerning your use of our Website will be transferred to a Nosto server in the European Union and will be stored there. According to the information provided by Nosto, the data may also be transferred to recipients in countries outside of the European Union. In this context, Nosto guarantees that an adequate level of data protection is in place by using EU Standard Contractual Clauses.
Nosto will use these data, acting on our behalf, in order to assess your usage of the Website, in order to display personalized recommendations to you, in order to compile reports about the Website activities, and/or in order to provide us with further services connected to the use of the Website and the internet.
You can prevent the Cookie-generated data on your usage of the Website from being captured and processed by deactivating the placement of Cookies. Please be advised, however, that this may impair the functionality of the Website.
For further information on data protection in place at Nosto, please navigate to http://www.nosto.com/privacy-policy/.
Our website optionally offers the use of the chat software TidioChat of the provider Tidio Ltd. 220C Blythe Road, W14 0HH, London, United Kingdom. The function is integrated directly into the source code of the website. With active use of the chat function, data is automatically collected by TidioChat. The collected data includes: Chat history, IP address at the time of the chat and country of origin of the user. To prevent TidioChat cookies from being stored, you can set your Internet browser to prevent cookies from being placed on your computer in the future or to delete cookies that have already been placed. However, turning off all cookies may result in the inability to use the chat functions on our website.
Subject to your consent, which you may give as part of your registration on our website, we will email you our newsletter regarding our goods and services or goods and services of our affiliated companies (including MYKITA Holding GmbH, MYKITA Studio GmbH, MYKITA North America LLC, MYKITA Shop NYC LLC, MYKITA Asia Pacific Ltd, MYKITA Japan K.K., MYKITA Retail Switzerland AG, MYKITA Sarl, Elliot Paul s.r.o.) which we believe may be of interest to you. This includes in particular new products, promotions, price advantages, services, events or other interesting news from MYKITA GmbH and its affiliated companies.
You can object at any time against having your data used for direct advertising purposes in future, and you can unsubscribe from the newsletter by clicking the corresponding link included in each newsletter email, or by emailing a corresponding declaration to: email@example.com.
We reserve the right to email you offers for goods and services also without your express consent insofar as they are similar to ones you have already purchased. You have the right to object at any time against having your data processed for advertising purposes by emailing us a corresponding declaration at firstname.lastname@example.org, or by clicking on the corresponding link in our newsletter. This will not give rise to any costs other than the base rate of transmission costs.
The legal basis for processing your data for purposes of sending out newsletters is Article 6 paragraph 1 sentence 1 lit. a), respectively lit. f), of the GDPR.
For the purpose of sending you emails and our newsletter, we use the product LianaMailer offered by Liana Technologies Oy, Kansankatu 53, 90100 Oul u, Finland (“Liana Technologies”). To this end, the personal data concerning you are transmitted to Liana Technologies and will be stored there. Liana Technologies offers comprehensive opportunities to analyze how newsletters are opened and used. In order to evaluate user behavior, the emails sent out include so-called web beacons, respectively tracking pixels, which are one-pixel image files that are stored on our Website. In order to perform analyses, we and/or Liana Technologies will merge the data collected from you and the web beacons with your email address and an individual ID. The links sent in the newsletter also include this ID. We will use the data obtained in this way to create a user profile to allow us to customize the newsletter to your personal interests. In the process, we will capture the time at which you read our newsletters, on which links you click in the newsletters, and will deduce your personal interests from this conduct. We will merge these data with the actions you have taken on our Website.
Furthermore, Liana Technologies may use this data, according to the information it has provided to us, in pseudonymized form, i.e. without assigning them to your person, in order to optimize or improve its own services, e.g. in order to make technical optimizations to the mailing process and the display of the newsletters, or for statistical purposes, for example in order to determine which countries the recipients are from. Liana Technologies does not use the data of the recipients of our newsletter, however, in order to itself contact these recipients or in order to disclose their data to third parties.
If you do not wish us to evaluate your user behavior in connection with the receipt of our newsletter, you can object to this at any time with effect for the future by sending an e-mail to email@example.com.
For further information on the data protection in place at Liana Technologies, please navigate to https://www.lianatech.de/datenschutzrichtlinien.html.
We will store your Personal Data for as long as required to fulfill the respective storage purpose. Once this is no longer the case, we will erase your data unless we are bound to observe a longer retention period in accordance with Article 6 paragraph 1 sentence 1 lit. c) of the GDPR, namely on the basis of tax laws, commercial laws, or other statutory archiving/documentation obligations, or unless you have consented to an extended storage period in accordance with Article 6 paragraph 1 sentence 1 lit. a) of the GDPR.
In accordance with Article 15 of the GDPR, you are entitled to obtain access at any time to any Personal Data of yours that is being stored by us. In particular, you may request information about any of following matters: the processing purposes involved; the categories of data regarding you being stored; the categories of recipients of such data; the planned storage period; the existence of a right to demand rectification, erasure, restriction of processing or a right to object; the existence of a right to lodge a complaint with a supervisory authority; the origin of your data, insofar as they were not obtained from you; as well as the existence of an automated decision-making process, including profiling; you also have the right to request explanatory details.
In addition, you can demand the rectification of incorrect data pursuant to Article 16 of the GDPR, as well as the erasure of Personal Data pursuant to Article 17 of the GDPR insofar as their processing is not required to exercise the right of freedom of expression and information, to fulfill a statutory obligation, to serve the public interest, or to assert, enforce or defend legal claims.
You furthermore have the right, pursuant to Article 18 of the GDPR, to demand that a block or restriction be placed on the processing of your Personal Data insofar as: its accuracy is disputed by you; the processing is unlawful but you object to the erasure of the data; we no longer require the data but you still require it in order to assert, enforce or defend legal claims; or you have expressly objected against the data being processed pursuant to Article 21 of the GDPR.
Furthermore, you are entitled pursuant to Article 20 of the GDPR to obtain the Personal Data you have provided to us in a structured, commonly used, and machine-readable format, or to demand that such data be transmitted to some other authorized party.
Finally, insofar as your Personal Data is being processed on the basis of legitimate interests pursuant to Article 6 paragraph 1 sentence 1 lit. f) of the GDPR, you have the right, pursuant to Article 21 of the GDPR, to at any time object to having your Personal Data processed, on grounds relating to your particular situation or insofar as your objection specifically refers to processing for purposes of direct advertising. In the latter case, you have a fundamental right to object that will be honored by MYKITA without your having to state grounds in connection with a particular personal situation.
If you believe that our processing of your Personal Data is not consistent with applicable law, you may lodge a complaint with a competent supervisory authority pursuant to Article 77 of the GDPR.
If the processing of your data is based on a declaration of consent you have granted pursuant to Article 6 paragraph 1 lit. a) of the GDPR, you have the right to any time withdraw said consent with effect for the future.
In the course of visits to our Website, we employ the widely-used SSL process in conjunction with the respectively highest level of encryption supported by your browser.
In all other respects, we take appropriate technical and organizational security measures in order to protect your data against manipulation, loss, destruction, and unauthorized access by third parties. Our security measures are kept consistently up-to-date based on the latest state of the technical art.
If you have questions about how your Personal Data is collected, processed or used, if you wish to obtain information regarding your data or to have them rectified, blocked or erased, or if you wish to withdraw your consent, please contact our Data Protection Officer at: Datenschutz@mykita.com.