Privacy Policy of Hess Natur-Textilien GmbH & Co. KG, Germany/Hess Natur-Textilien AG, Switzerland (hessnatur)

With our Privacy Policy, we want to inform you about how personal data is processed at hessnatur in compliance with the EU General Data Protection Regulation. In Austria, hessnatur also complies with the Austrian Data Protection Act (DSG); in Switzerland, it complies with the Federal Law on Data Protection (DSG).

Personal data is information that can be assigned to your person directly or indirectly.

Please read our Privacy Policy carefully.

Table of Contents:

• Overview
• Data Controller and Data Privacy Officer
  • Germany & Austria
  • Switzerland
• Purposes of Data Processing
  • Data Processing upon Conclusion of a Contract
  • Identity, Creditworthiness and Transmission to Credit Agencies
• Accessing Our Website/Application
• Customer Account
• Data Processing for Advertising Purposes
  • Advertising Purposes of Hess Natur-Textilien GmbH & Co. KG and Third Parties
  • Interest-Based Advertising
  • Newsletter Dispatch
  • Right to Object
• Cookies – Online Presence & Website Optimisation
  • Google Analytics
  • Google AdWords
  • Google Tag Manager
  • Dynatrace
  • Exactag
  • Econda
  • Podigee
  • Screensense
• Targeting
  • Iridion Optimization Suite
  • converify
  • Groupify
  • Sociomantic
  • Facebook
• On-Site Targeting
  • Sovendus
  • Fit Analytics
  • Web Fonts
  • Retargeting
  • Affiliates
  • Objection/Opt-Out Option
• Online Presences on Social Media
• Comments
  • Comments from Users
  • Google reCAPTCHA
• Sweepstakes and Contests
  • Freie Digitale
• Recipients Outside the EU
• Your Rights
• Data Security
  • EHI
  • Trusted Shops

• Privacy Policy for Applicants
  • Data Controller
  • Personal Data
  • Purposes of Data Processing
  • Storage for Future Vacancies

Overview

The following Privacy Policy provides information on the nature and extent of the processing of personal data by Hess Natur-Textilien GmbH & Co. KG. Personal data is information that can be assigned to your person directly or indirectly.

Data processing by Hess Natur-Textilien GmbH & Co. KG can basically be divided into two categories:

• All data required for the performance of a contract with Hess Natur-Textilien GmbH & Co. KG will be processed for the purpose of contract execution. If external service providers, e.g. logistics companies or payment service providers, are also involved in the execution of the contract, your data will be passed on to them to the extent required in each case.
• When you access the website/application of Hess Natur-Textilien GmbH & Co. KG, various pieces of information are exchanged between your device and our server. This may also include personal data. The information collected in this way is used, among other things, to optimise our website or to display advertising in your device's browser.

In accordance with the provisions of the GDPR, you have various rights that you can assert against us. These include the right to object to selected types of data processing, in particular data processing for advertising purposes. The right to object is highlighted typographically.

Should you have any questions regarding our Privacy Policy, please feel free to contact our data privacy officer at any time. You will find the contact details below.

Data Controller and Data Privacy Officer

Germany & Austria

The data controller for the processing of personal data can be contacted at:
Hess Natur-Textilien GmbH & Co. KG, Marie-Curie-Str. 7, 35510 Butzbach, Germany, E-Mail: dialog@hess-natur.de

The data privacy officer can be contacted at:
AGOR AG
Niddastraße 74
D-60329 Frankfurt am Main
Germany
Phone: +49 69 949432410
E-Mail: info@agor-ag.com
Website: www.agor-ag.com

Switzerland

The data controller for the processing of personal data can be contacted at:
Hess Natur-Textilien AG, Bützbergstr. 2, 4912 Aarwangen, Switzerland, E-Mail: dialog@hess-natur.ch

The data privacy officer can be contacted at:
AGOR AG
Niddastraße 74
D-60329 Frankfurt am Main
Germany
Phone: +49 69 949432410
E-Mail: info@agor-ag.com
Website: www.agor-ag.com

This Privacy Policy applies to data processing by the following websites and applications:
www.hessnatur.com; adventskalender.hessnatur.com; www.hessnatur.io; instagram.com/hessnatur; facebook.com/hessnatur; twitter.com/hessnatur. The data privacy officer of hessnatur can be contacted at the above address.

Purposes of Data Processing

Legal bases and legitimate interests pursued by Hess Natur-Textilien GmbH & Co. KG or a third party as well as categories of recipients

Data Processing upon Conclusion, Performance or Termination of a Contract

The scope of Hess Natur-Textilien GmbH & Co. KG's business is the distance selling of goods and services, retail trade within the framework of permits issued by the relevant authorities and the serial production of goods to be offered. In this context, we process the data required for the conclusion, performance or termination of a contract with you. This includes:

• First name, last name
• Billing and delivery address
• E-mail address
• Billing and payment information
• Date of birth
• Phone number

You provide us with the data for the order, the performance and the termination of the contractual relationship between you and us. We store the data collected for executing the contract until the expiry of possible contractual or statutory warranty and guarantee rights. After these periods have expired, we retain the information on the contractual relationship required under commercial and tax law for the periods specified by law. For this period, the data will only be processed again in the event of an audit by tax authorities.

We will only disclose data to third parties if it is necessary for processing contracts, if you have expressly consented, after weighing up interests or if Hess Natur is obliged to do so by law or by court order.

Prior to the conclusion of a purchase contract with you and in order to execute it, the following data processing operations by third parties with whom Hess Natur has concluded corresponding contractual agreements (order processing operations) are required. These are the following data processing operations:

If you order goods and services by phone, we will make use of a call centre to take your order, which will record the data for us and pass it on to us.

If you have selected any payment method other than advance payment, we will pass on the necessary payment data to a payment service provider commissioned by us. In the case of direct debit, the direct debit from your bank account is processed by us via our house bank using your account details.

We pass on information about your delivery address to a service provider or logistics company commissioned by us or to the company producing the goods for the purpose of executing the purchase contract. In order to ensure that the goods are delivered according to your wishes, we transmit your e-mail address and, if applicable, your phone number to the company commissioned by us, which will contact you prior to the delivery to discuss delivery details with you. The data will only be transmitted for this purpose and will be deleted after delivery.

Identity, Creditworthiness and Transmission to Credit Agencies

We check your identity and creditworthiness internally and by using information from service providers. The authorisation to do arises from the protection of your identity and the avoidance of fraud attempts at our expense. The circumstance and the result of our enquiry will be added to your customer account or your guest account for the duration of the contractual relationship.

Companies like us, which generally also offer their customers insecure payment methods, have a legitimate interest in protecting themselves against the occurrence of payment defaults and against fraud attempts as much as possible by carrying out creditworthiness checks before accepting insecure payment methods. When you place your order, we show you the payment methods that you can use.

Germany
We pass on your data (name, address, date of birth) to the credit agency Infoscore Consumer Data GmbH, Rheinstr. 99, 76532 Baden-Baden, Germany, which cooperates with us, in order to check your creditworthiness and to assess the risk of non-payment on the basis of mathematical-statistical methods.

Detailed information on Infoscore Consumer Data GmbH, how they handle your personal data and your rights can be found here: https://finance.arvato.com/icdinfoblatt

If you do not want us to check your creditworthiness, please let us know before you complete your purchase or order as a guest. In this case, we can offer you payment methods that do not pose a credit risk to Hess Natur-Textilien GmbH & Co. KG.

Österreich & Schweiz
We pass on your data (name, address and, if applicable, date of birth) to CRIF Bürgel GmbH, Radlkoferstr. 2, 81373 München, Germany in order to check your creditworthiness and to obtain information for assessing the risk of non-payment on the basis of mathematical-statistical methods using address data.

Detailed information on CRIF Bürgel GmbH, how they handle your personal data and your rights can be found here: http://www.crifbuergel.de/de/datenschutz

If you have already made a purchase with us, the data we have stored about you can be supplemented with score values. Scoring is the process of making a forecast about future events based on information collected and past experiences. Based on the data stored about your person, you will be assigned to statistical groups of people with similar entries in the past. The underlying method used is a well-founded mathematical-statistical method for predicting risk probabilities that has been tried and tested in practice for a long time.

In the event of a delay in payment, we will pass on the necessary data to a company commissioned with asserting the claim. The assertion of a contractual claim is a legitimate interest for us.

Accessing Our Website/Application

When you access our website/application, the browser used on your device automatically sends information to the server of our website and temporarily stores it in a log file. The following information is collected:

• The IP address of the requesting Internet-enabled device,

• The date and time of access,

• The name and URL of the file accessed,

• The website/application from which access was made (referrer URL),

• The browser you are using and, if applicable, the operating system of your Internet-enabled computer as well as the name of your access provider.

Our legitimate interest arises from the purposes of ensuring a smooth connection setup as well as comfortable use of our website/application and evaluating system security and stability. We would like to point out that we cannot and will not draw any direct conclusions about your identity from the data collected.

The data is stored for a period of 6 months and then automatically deleted. We also use cookies, tracking tools, targeting methods and social media plug-ins for our website/application. The exact methods involved and how your data is used for this purpose are explained in more detail in the Online Presence & Website Optimisation section below.

Customer Account

In order to make your shopping experience as convenient as possible, we offer you the possibility to permanently store your personal data in a password-protected customer account. After setting up a customer account, no additional data entry is required. In your customer account, you can also view and change the data stored about you at any time.

In addition to the data requested when placing an order, you must enter a password of your choice to set up a customer account. Together with your e-mail address, this password is used to access your customer account. Please treat your personal access data confidentially and, in particular, do not make it accessible to unauthorised third parties. We cannot accept any liability for misused passwords unless we are responsible for the misuse. Please bear in mind that you automatically remain logged in even after leaving our website unless you actively log out.

Data Processing for Advertising Purposes

Advertising Purposes of Hess Natur-Textilien GmbH & Co. KG and Third Parties

If you have concluded a contract with us, we list you as an existing customer. In order to send you information about similar and new products and services, we process your postal contact details and your e-mail address. From time to time, we pass on your postal contact details to carefully selected contractual partners from the mail order and address trading sectors so that they can also inform you about their products. The processing of existing customer data for our own advertising purposes or for the advertising purposes of third parties is to be regarded as a legitimate interest.

Interest-Based Advertising

We categorise and supplement your customer profile with further information so that you only receive information that is of supposed interest to you. Both statistical information and information about you (e.g. basic details from your customer profile) are used for this purpose. The aim is to only provide you with advertising that is tailored to your actual or supposed needs and accordingly not to bother you with useless advertising.

Newsletter Dispatch

On our website we offer you the possibility to subscribe to our newsletter. In order to make sure that no errors were made when entering the e-mail address, we use the double opt-in process: after you have entered your e-mail address in the registration field, we will send you a confirmation link. Your e-mail address will be added to our mailing list only after you click on this confirmation link. You may revoke your consent at any time with effect for the future. All you need to do is send an e-mail to the above e-mail address.

Right to Object

You can object to your data being processed for the aforementioned purposes at any time free of charge, separately for the respective communication channel and with effect for the future. All you need to do is send an e-mail or a postal letter to the above contact details. If you file an objection, your data will no longer be processed for advertising purposes. We would like to point out that advertising material may still be sent temporarily in exceptional cases, even after receipt of your objection. This is technically due to the necessary lead time for advertisements and does not mean that we will not implement your objection. Thank you for your understanding.

Cookies – Online Presence & Website Optimisation

We use cookies on our website. Our interest in optimising our website is to be regarded as legitimate in the sense of the aforementioned regulation. Cookies are small files that are automatically created by your browser and stored on your device (laptop, tablet, smartphone, etc.) when you visit our website. Cookies do not cause damage to your device and do not contain viruses, Trojans or other malware. Information that is gathered in connection with the specific device used is stored in the cookie and helps us to analyse your surfing behaviour in anonymised form. We do not gain any knowledge of your identity as a result. On the one hand, the use of cookies serves to make the use of our offer more pleasant for you. For this purpose, we use session cookies to recognise that you have already visited certain pages of our website or that you have already logged into your customer account. These are automatically deleted when you leave our website. In addition, we also use temporary cookies to make our website more user-friendly. These cookies are stored on your device for a fixed period of 1 month, and 2 months for the wishlist. If you visit our website again to use our services, it is automatically recognised that you have already visited our website and which data you entered and settings you selected so that you do not have to enter them again.

If you have a customer account with Hess Natur-Textilien GmbH & Co. KG and are logged in or activate the „Stay logged in“ function, the information stored in cookies will be added to your customer account.

On the other hand, we use cookies to statistically record the use of our website, to evaluate it for the purpose of optimising our offer for you and to display information tailored specifically to you. These cookies allow us to automatically recognise that you have already been with us when you visit our website again. They are stored until they are deleted locally. Most browsers accept cookies automatically, but you can configure your browser in such a way that no cookies are stored on your computer or that a message always appears before a new cookie is created. However, if you disable cookies completely, you may not be able to use all the features of our website. The storage period of cookies depends on their purpose of use and is not the same for all cookies.

Google Analytics

We use Google Analytics, a web analytics service provided by Google Inc. („Google“), in order to tailor our website to your needs and to continuously optimise it on the basis of Article 6, paragraph 1, letter f of the GDPR. In this context, pseudonymised user profiles are created and cookies are used. The information generated by the cookie concerning your use of this website, such as

• browser-type/-version,
• used operating system,
• referrer-URL (last site visited),
• host name of accessing computer (IP address),
• timestamp of server request,

are sent to and saved on a Google server in the United States. The information is used to evaluate the usage of the website, compile reports about website activity, and deliver additional services related to using the website and the internet for marketing purposes and in order to create an appropriate design of our websites. This information is also transferred to third parties if demanded by law or said third parties use these data on our behalf. Your IP address will never be connected to other data from Google. The IP address is anonymised, matching it is therefore not possible (so-called IP masking).

You can prevent the installation of cookies by using the appropriate setting in your browser. However, we would like to point out that in this case some of the website's functionalities may not be available. You can also download and install this Browser add-on to prevent the cookie’s collected data (incl. IP address) and how you use the website to be further analysed by Google Alternatively, you can click on this link to prevent collection of data by Google Analytics on mobile devices. This will set an opt-out cookie preventing further collection of your data when visiting this website. This opt-out cookie is valid only in this browser and only for our website and will be stored in your device. If you delete this cookie in your browser you need to set the opt-out cookie again. Further information related to privacy in connection with Google Analytics can be found on Google‘s Analytics Website. A contract on data processing exists.

Google AdWords

We use the online advertising program „Google AdWords“ and related to it conversion tracking, an analysis service by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; „Google“). If you click on any advertisement by Google a cookie will be installed on your device for conversion tracking purposes. This cookie will lose its validity after 30 days and does not contain any personal data and can therefore not be used to identify you in any way.
If you visit certain sections of our website and the cookie is still valid, Google and hessnatur will recognize that you clicked the advertisement and got redirected to our website. Every Google-AdWords customer receives another cookie so that there is not way to track cookies via websites of AdWords customers.
Any information collected by this conversion cookie helps to create conversion statistics for AdWords customers who decided to make use of conversion tracking. The customers learn how many users clicked their advertisement and got redirected to a site with conversion tracking tag. However, they don’t get any information to identify the user.
If you don’t want to use tracking you can prevent the cookie from being installed by making the necessary adjustments in your browser. You will then not be included in the tracking statistics. Further information as well as Google’s privacy statement can be found here http://www.google.com/policies/technologies/ads/, http://www.google.de/policies/privacy/

Google Tag Manager

For the sake of transparency we would like to inform you that we use Google Tag Manager. This Tag Manager is Google’s solution to manage website-tags via an interface. It is a cookie-free domain that doesn‘t collect any personal data. The Tag Manager facilitates incorporating and managing our tags. Tags are code snippets used to measure traffic and customer bahavior to evaluate the effect of our online advertisement and social media, and test and optimize websites. Google Tag Manager does not have access to this data. If deactivated on a domain or cookie level, all tracking tags implemented with Google Tag Manager will be deactivated.
See :  https://www.google.com/intl/de/tagmanager/use-policy.html for further information.
If you want to opt out of personalized advertisements by Google Marketing Services you can use the settings and opt out options provided by Google: https://www.google.com/ads/preferences

Dynatrace

Privacy notice

We use Dynatrace to gain insights into the performance of our web application and to understand how our users navigate through it. Dynatrace captures data like W3C timings, button clicks, link clicks, JavaScript errors, browser types, and geographic regions. This data helps us to continuously improve the performance of our offering and to identify and fix functional problems. For this to work correctly and effectively, Dynatrace requires use of a set of cookies.

Capture performance data opt-in

Allow Dynatrace to capture performance data related to button clicks, page loads and web requests that are triggered along my journey through this web application. This enables Dynatrace to analyze application usage, improve performance, and address any troubles that may arise. Accepting this setting also enables Dynatrace cookies.

Anonymize personal data

You can enable your browser's built-in do-not-track feature to ensure that no personal data is captured.

Exactag

The company Exactag collects and stores data for marketing and optimization purposes on this website and its sub-websites. This data can be used to create anonymous user profiles. In addition tot hat cookies and a technology called Fingerprint may be used. Cookies are small blocks of text that are stored locally in the user’s browser cache. The Fingerprint technology stores environment variables of the browser in a database. Both cookies and/or Fingerprint help recognize the browser. Any data collected with Exactag technologies will not be used to identify visitors of this website without prior consent. Personalized data will never be collected.

You can object to your anonymously collected data being stored at any time fort he future. In order to be exempt from data storage a cookie will be set in your browser. This cookie is called "exactag_new_ccoptout" and is set by "exactag.com". It may not be deleted as long as you object to your data being stored. If you want to object to your anonymously collected data being stored please click this link: Opt out of data storage.

Econda

In order to provide an appropriate design and for optimization purposes we use solutions and technologies of the econda GmbH to collect and store anonymized data as well as create user profiles using pseudonyms. To this end we use cookies to enable recognition of a browser. User profiles will not be combined with a visitor’s personal data without prior express consent of the visitor associated with the pseudonym. IP addresses in particular are made unrecognizable, making an association of user profiles and IP addresses impossible. Analysis of this data is based on Art. 6 Abs. 1 lit. f DSGVO. The website operator has a legitimate interest in anonymized analysis of user behavior in order to optimize their advertising. Visitors of this website can opt out of data collection and data storage at any time for the future:
https://www.econda.de/widerruf-zur-datenspeicherung/

Opting out is only valid for the device and the browser where it was set. Please repeat this process for all devices. If you delete the opt out cookie, your data will again be delivered to econda.

Podigee

We use the podcast hosting service Podigee from the provider Podigee GmbH, Schlesische Straße 20, 10997 Berlin, Germany. The podcasts are loaded by Podigee or transmitted via Podigee.

The use is based on our legitimate interests, i.e. interest in a secure and efficient provision, analysis and optimization of our podcast offer in accordance with Art. 6 Para. 1 lit. f. GDPR.

Podigee processes IP addresses and device information to enable podcast downloads / playbacks and to determine statistical data, such as access numbers. These data are anonymized or pseudonymized by Podigee before they are stored in the database, unless they are required for the provision of the podcasts.

Further information and options to object can be found in Podigee's data protection declaration.

Screensense

We use SCREENSENSE for our websites, a service to create user-centric analysis by Screensense GmbH, Kennedydamm 1, 40476 Düsseldorf (SCREENSENSE). SCREENSENSE uses so-called cookies stored on your device to enable us to anlyse your behavior on our websites. SCREENSENSE will use this data on our behalf to analyse the behavior of users, create reports on website activity and origin, and to provide additional services related to website and internet usage for us. You can prevent cookies being stored by making the appropriate adjustments in you browser. You can restrict or deactivate the saving of cookies altogether in your browser. You may not be able to use all functions of our website properly after doing so. Since SCREENSENSE saves no third party cookies on the domain screensense.com oder s9e.io but on our website please see the following list of cookies saved by Screensense:

__s9e_u - Cookie zur User Identifizierung
__s9e_s - Cookie zur Session Identifizierung

SCREENSENSE collects the IP address as a user-centric date. The IP address will by saved in an anonymized state and can’t be use to create user profiles. SCREENSENSE uses IP addresses to recognize attacks on the system (DoS, DDoS) and to recognize any fraudulent behavior.

Targeting

By using the following targeting measures we want to make sure that only content relevant to your real or presumed interests is shown as targeted advertising on your device. These notifications of advertisements take place during retargeting based on analysis of your previous user behavior. It is both in your interest and in ours not to bother you with any irrelevant advertisements. Of course, only pseudonomized and no personal data will be stored.

Iridion Optimization Suite

Our website uses the software „Iridion Optimization Suite” by Web Arts AG, Seifgrundstraße 2, 61348 Bad Homburg, Germany, in order to provide user-centric design and optimize our website.

This software helps to create statistical analysis of user behavior which are the basis for changes to content and design of the website. By using this website you consent to your data being processed in the way and for the purpose stated.

No personal data will be collected, only pseudonymized data. If you don’t consent to your collected data being processed in the way and for the purpose stated you can object to it fort he future. The opt-out will be set in the current browser by a cookie. If you delete the cookie or change the browser or device the opt-out link must be activated again.

You can object to your data being collected and stored by opt-out link. Please use the following link fort he opt-out: https://www.hessnatur.com/de/?iridion=notrack

converify.com in in connection with adnet.de as technical service providers

This site uses functions by converify.com (converify GmbH, Hofmannstr. 25- 27, D-81379 Munich, Germany) which enable us to provide you with the right offer at the right time. We do this to be able to continuously improve your shopping experience and make it more customer friendly and individualized. To this end converify.com and adnet.de use cookies. These serve to automatically collect data regarding device and access that are transferred by your browser as you interact with our website. The collected data is used for so-called onsite optimization in order to provide you with relevant recommendations and content when visiting our website.

This data does not serve to identify you personally but to allow for a pseudonymized analysis of how you use the website (scrolling, clicking, mouse-over) or leave the site. This data will at no point be permanently combined with other stored data related to your person. converify.com and adnet.de use so-valled session-cookies which are deleted automatically when you close your browser, as well as permanent cookies which remain on you device until deleted.

Data collected and analysed include the IP address your device uses to connect to the internet, logins, information regarding your device and connection to the internet, e.g. type, version and add-ons of your browser, time zone settings, operating system and platform, including date and time, cookie or flash cookie number, and products you looked at or searched for. We may also collect technical information to facilitate identification of your device in order to avoid misuse or fault diagnosis. You can deactivate the cookies used by converify.com and adnet.de at any time by clicking the following link:

https://www.hessnatur.com/de/?ConvCaOptOut=50697
und
https://www.hessnatur.com/de/?ConvCaOptOut=51643

Groupify

The company responsible for processing integrated components by Groupify Shopping on this website. Groupify Shopping is a brand of Groupify and predominantly offers social shopping solutions for operators and customers of online shops.

Operating Company of Groupify Shopping is Groupify GmbH, Urbanstraße 116, 10967 Berlin, Germany. Groupify Shopping transfers data with every impression, click, or other activity to the Groupify server. Every transfer of data is a cookie request to the browser made by you as user. If the browser accepts the request Groupify sets a cookie on your device.
The purpose of this data transfer is to ensure the functionalities of social shopping in the course of an order process, as well as matching you as user on returning to the website at a later time. The cookie is used for example to assign a user to a specific group. The cookie also serves as a means of security for you as a user by limiting the possibilities of misuse.

In the course of this technical procedure Groupify gains knowledge about data also used to show members of a groupd order to a) show the other participants, b) determine and show name, description, and price of the collectively ordered products. As user you can prevent the placement of cookies by our website by making the necessary adjustments in your browser and thereby prevent cookies being set permanently. Making this adjustment in your browser would also prevent Groupify from setting a cookie on your device. Cookies already set by Groupify can also be deleted at any time in your browser or other software.

For further information and the current data protection regulations please see https://bookings.groupify.de/static/datenschutz.html

Sociomantic

We use Sociomantic on our websites, a Display Advertising Service by dunnhumby Germany GmbH, Berlin, Germany ("Sociomantic"). Sociomantic provides hessnatur with tags to track visitors in order to provide targeted advertising in so-called targeting campaigns. With this technology based on cookies users of our website interested in specific products will be targeted with these products again on other websites. Showing these respective interest-related advertisements is possible by tracking and analysing the usage of this website. The data collected by using this website (like time stamp, visited sites, or technical data about your browser) will stored exclusively in an anonymized state. The data will not be used to optimize campaigns of third parties. For further information regarding data protection at Sociomantic please see https://www.sociomantic.com/privacy/de/. On this page you can also object to Sociomantic collecting user data if you don’t want to receive any more advertisements based on your usage.

Facebook

Due to a legitimate interest in analysis, optimization and economic operation of our online offer we use "Facebook-Pixel" from social network provider Facebook, run by der Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, or, if you are in the European Union, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. Facebook is certified under the Privacy Shield Agreement und thereby guarantees that European data protection law is adhered to (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active). Using Facebook-Pixel, Facebook is able to identify visitors of our online offer as target group for advertisements (so-called "Facebook-Ads"). We use Facebook-Pixel accordingly to show our Facebook-Ads only to those Facebook users that have shown an interest in our online offer or users that show certain characteristics (e.g. interest in specific topics or products determined by which sites were visited) that we transfer to Facebook (so-called „Custom Audiences“). Using Facebook-Pixel we also want to make sure that our Facebook-Ads are of potential interest to users and not annoying. With the help of Facebook-Pixel we can also evaluate the effectiveness of our Facebook-Ads for statistical and market research purposes by tracking if users click on a Facebook-Ad referring to our website (so-called „Conversion“). The data processing by Facebook follows Facebook‘s data usage policy. For information regarding the presentation of Facebook-Ads see the Facebook‘s data usage policy: https://www.facebook.com/policy. For specific information and details regarding Facebook-Pixel and how it works pleas see Facebook’s help section: https://www.facebook.com/business/help/651294705016616. You can object to the collection your data by Facebook-Pixel and usage of your data for Facebook-Ads. To determine which kind of ads you want to be shown in Facebook you can navigate to Facebook’s page and follow the documentation on options for use-based advertisement: https://www.facebook.com/settings?tab=ads. The adjustments are independent of device so that they are valid for all devices like computer oder mobile devices. You can also object to the use of cookies used for range measurement and advertisement purposes by navigating to the deactivation page of the network advertising campaign (http://optout.networkadvertising.org/) and also the US-american website (http://www.aboutads.info/choices) or the European website (http://www.youronlinechoices.com/uk/your-ad-choices/).

Onsite-Targeting

Our website uses cookies to collect and analyze information in order to optimize advertisements. This information includes, among others, data about which of our products you are interested in. Collection and processing of this data is done exclusively in a pseudonymized manner and doesn’t allow us to identify you. This information will not be combined with any data related to you as user. Using this information we are able to show you advertisements specifically targeted to meet your interests resulting from your previous user behavior.

Sovendus

Coupons offered by Sovendus GmbH: In order to provide you with a selection of interesting coupons we transmit a pseudonymised and encrypted hash value of your e-mail address and IP address to Sovendus GmbH, Hermann-Veit-Str. 6, 76135 Karlsruhe, Germany (Sovendus) according to Art. 6 Abs.1 f DSGVO. The pseudonymised hash value of the e-mail address is by Sovendus used under consideration of a possible objection to advertisements (Art. 21 Abs.3, Art. 6 Abs.1 c DSGVO). The IP address is solely used by Sovendus for data protection purposes and is as a rule anonymised after seven days (Art. 6 Abs.1 f DSGVO). We also tranfer a pseudonymised order number, order value including currency, session ID, coupon code and time stamp to Sovendus for billing purposes (Art. 6 Abs.1 f DSGVO). If you are interested in a coupon offered by Sovendus, there is no objection to advertisement connected to your e-mail address, and you click on the coupon banner only shown in this specific case we transfer salutation, name, zip code, country and your e-mail address in an encrypted state to Sovendus in order to prepare the coupon (Art. 6 Abs.1 b, f DSGVO). For further information on how Sovendus processes your data please see the online data protection information: www.sovendus.de/datenschutz.

Fit-Analytics

To assist you in finding the right size we offer you an online sizing guide you can use while you are shopping. The sizing guide can be opened by clicking the button „[Größenberater]“. It is provided by Fit Analytics GmbH Sanderstraße 28, 12047 Berlin, Germany www.fitanalytics.com. When using the sizing guide you are free to send the data below to Fit Analytics to get a size recommendation:

• height
• weight
• figure type (chest/belly)
• preferences (e.g. „tighter“ or „looser“)
• age (optional)
• reference brand and article (optional)
• bra size (optional)

Any data will be collected anonymised by Fit Analytics and only for the purpose of calculating the individual size for every customer and to continuously optimize the process of recommendations. A „Session-Cookie“ is used to store the following data:

• recommended size
• session-ID (randomisied sequence of digits)
• date and time stamp
• browser-ype
• anonymised IP address (via IP masking)

Storing the IP address is done only in a shortened (anonymised) state and further encrypted by means of a hashtag. It is solely used to identify sessions as well as countering cyber attacks (e.g. DoS attacks). The session cookie is valid 10 days to automatically identify returning customers within this time frame so that you don’t have to enter your data for the sizing guide again. In this case, the recommended size can directly be shown on a product detail page without opening the sizing guide again.

• time and date stamp of the order
• order number
• item number
• selected size
• price (possibly currency)

You can prevent the cookie being saved by the necessary configuration in your browser. For further information and contact details please see Datenschutzerklärung von Fit Analytics.

Web Fonts

This site uses so-called Web Fonts provided by Google, Hoefler & Co und Font Awesome for a consistent presentation of fonts. On accessing a page the necessary fonts are downloaded in your browser cache in order to correctly display fonts.
For this purpose your browser needs to be connected to servers of Google, Font Awesome (bootstrapcdn.com) and Hoefler & Co (typography.com). The font hoster thereby gains knowledge about our website being accessed via your IP address. The use of Web Fonts serves the purpose of a consistent and appealing presentation. This is a legitimate interest.

If your browser doesn’t support Web Fonts the standard font of your computer will be used.

For further information on the font providers please see the following sites
Google Web Fonts: https://developers.google.com/fonts/faq bzw. https://www.google.com/policies/privacy/
Hoefler & Co: https://www.typography.com/home/privacy.php
Font Awesome: https://fontawesome.com/privacy

Re-Targeting

We also use re-targeting technologies from the providers listed below. This enables us to tailor our online offers to your needs and make them more interesting. To do that we set a cookie to collect data of your interests using pseudonyms. By means of this information we show you interest-based advertisements of our products on the websites of our partners. No personal data will be stored and no user profiles will be combined with personal data. To prevent targeting please click the "Opt-Out" link of the resprective provider.

Overview of providers re-targeting:

Criteo GmbH Lehel Carré, Gewürzmühlstraße 11, 80538 Munich, Germany / Opt-Out
emetriq GmbH, Vorsetzen 35, 20459 Hamburg, Germany / Opt-Out
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland / Opt-Out

RTB House GmbH

For the purposes of conducting personalized advertising campaigns, Hess Natur-Textilien GmbH & Co. KG processes certain data regarding users' online activity on this website. This data includes online identifiers (e.g. cookie ID / mobile advertising ID), information regarding specific pages entered, products viewed or added to shopping cart and purchased along with timestamps as well as technical device and browser details. Hess Natur-Textilien GmbH & Co. KG engages RTB House GmbH, Kurfürstendamm 226, 10719 Berlin, an ad tech company, as a third-party subcontractor, to conduct advertising campaigns and display personalized ads to users, based on this data. Insofar as this data constitutes “personal data” under the GDPR, Hess Natur-Textilien GmbH & Co. KG acts as a data controller and RTB House GmbH acts as a data processor. For more information on RTB House retargeting technology please visit: https://www.rtbhouse.com/privacy-center/services-privacy-policy/.

The legal basis for the processing of your data is your consent in accordance with Art. 6 Abs. 1 S. 1 lit. a DSGVO.

Affiliates

We work with advertising partners to make our online offer more interesting for you. To this end cookies are also placed by our advertising partners when visiting our site (so-called third-party-cookies). The cookies of our advertising partner also collect information of your use behavior and interests by means of pseudonyms when visiting our site. Information may also be collected from the pages you visited before visiting our site. No personal data will be stored and no user profiles will be combined with your personal data.

The cookie is set for a time span defined by the provider and automatically deleted afterwards. You can object to interest-based advertisements of our advertising partners by making the necessary adjustments in your browser. For further information please see the sites of our providers listed below.

Overview of providers:

Germany:

AWIN AG, Eichhornstr. 3, 10785 Berlin, Germany, https://www.awin.com/de/rechtliches/privacy-policy-DACH

affilinet GmbH, Sapporobogen 6-8, 80637 Munich, Germany

Austria:

AWIN AG, Eichhornstr. 3, 10785 Berlin, Germany, https://www.awin.com/de/rechtliches/privacy-policy-DACH

affilinet Austria GmbH,  Opernring 23, 1010 Wien, Austria

Switzerland:

AWIN AG, Eichhornstr. 3, 10785 Berlin, Germany, https://www.awin.com/de/rechtliches/privacy-policy-DACH

affilinet Schweiz GmbH, Uraniastrasse 32, 8001 Zürich, Switzerland

Connects GmbH, Theilerstrasse 7, 6300 Zug, Switzerland, https://cct.connects.ch/dataprotection

Possibilities to object-/Opt-Out

You can prevent the targeting technologies mentioned by making the appropriate cookie-configurations in your browser. You can configure your browser so that no cookies are saved on your computer by choosing "block cookies by third parties" or cookies being saved only when you agree to save a new cookie. Disabling cookies altogether can result in you not being able to use some functions of our website.
You can also deactivate advertisements with the help of the preference manager found here http://www.youronlinechoices.com/de/praferenzmanagement/ or http://www.networkadvertising.org/choices/ zu deaktivieren.

Online presence in social media

We entertain online presences in social networks and platforms to communicate with customers, interested parties and users there and inform them about our services.
We point out that your data as user may be processed outside the European Union. This could entail risks for you as user because the rights of user may be harder to enforce. Service providers in the US certified under the Privacy-Shield are thereby obligated to meet European data protection standards.
Your data will furthermore as a rule be processed for marketing and advertising purposes. User behavior and the resulting interests may for example be used to create user profiles. These user profiles can be used to display advertisements within and outside of platforms to meet your presumed interests. For this purpose, cookies are in most cases set on your computer storing your user behavior and interests. User profiles may also be used to store data independently from your device (especially if you are a member of the respective platforms and are logged in).
Processing of your personal data happens based on our legitimate interest in effective advertising and communication with you. If you are asked to consent to your data being processed by the respective providers (e.g. you consented by checking the checkbox or confirming a button) this consent will then be the legal basis.
For a detailed account of the respective processinf and possibilities to object (opt-out) we refer you tot he linked statements by the providers.
In case of requests for information and assertion of user rights we point out that these can best be asserted at the providers. Only the providers have access to the user data and can take appropriate measures, and provide information. Should you still need help feel free to contact us.

- Facebook (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) - Privacy policy statement: https://www.facebook.com/about/privacy/, Opt-Out: https://www.facebook.com/settings?tab=ads and http://www.youronlinechoices.com, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active.
- Google/ YouTube (Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) – Privacy policy statement:  https://policies.google.com/privacy, Opt-Out: https://adssettings.google.com/authenticated, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.
- Instagram (Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA) – Privacy policy statement/ Opt-Out: http://instagram.com/about/legal/privacy/.
- Twitter (Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA) - Privacy policy statement: https://twitter.com/de/privacy, Opt-Out: https://twitter.com/personalization, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active.
- Pinterest (Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, USA) – Privacy policy statement/ Opt-Out: https://about.pinterest.com/de/privacy-policy.
- LinkedIn (LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland) - Privacy policy statement https://www.linkedin.com/legal/privacy-policy, Opt-Out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active.
- Xing (XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany) - Privacy policy statement/ Opt-Out: https://privacy.xing.com/de/datenschutzerklaerung.
- Youtube (YouTube LLC, 901 Cherry Avenue, San Bruno, CA 94066, USA) - Privacy policy statement: https://policies.google.com/privacy?hl=de Opt/Out: https://policies.google.com/faq?hl=de&gl=de

Comments-Functions

Contributions by Users

For the comments function on this site will, in addition to your comment, also save information to the time when the comment was created, you e-mail address, and, if you are not posting anonymously, your selected user name.

Our comments function saves the IP address of the user writing the comment. Since we don’t check comments on our side before showing them we need this data in case of violations against the law like insults or propaganda against the author. As user of our site you may subscribe to comments after logging in. You will then get an e-mail to verify that you are the person linked to the e-mail address. You can unsubscribe from this function at any time via a link in the info-mails. The data entered while subscribed will then be deleted. However, if you sent us the data for other purposes and in another context the data will remain with us. The comments and data related to them (e.g. IP address) are stored and remain on our website until the content is completely deleted or the comments must be deleted for legal reasons (e.g. insulting comments). Storing the comments is based on your consent. You may revoke your consent at any time. An informal communication by e-mail to us suffices. The legality of the data processing already made is unaffected by the revocation.

Google ReCaptcha

We use “Google reCAPTCHA” (hereafter “reCAPTCHA”) on our websites. Provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). reCAPTCHA serves to evaluate whether the data entered on our websites (e.g. in a contact form) is done by a human being or an automated program. reCAPTCHA analyses the behavior of website visitors by means of several features. The analysis beginns automatically as soon as the visitor enters the website. For analytical purposes reCAPTCHA processes several types of information (IP address, how long the customer stays on the page or mouse movements). The data collected during analysis is transferred to Google. Any reCAPTCHA analysis happens completely in the background. Visitors tot he website will not be informed about an analysis. Data processing happens based on Art. 6 Abs. 1 lit. f DSGVO. The website operator has a legitimate interest in securing his web offers against fraudulent automated spying and spam. For further information on Google reCAPTCHA an Google’s privacy polica statement please see the following links: https://www.google.com/intl/de/policies/privacy/ and https://www.google.com/recaptcha/intro/android.html. Opt-Out: https://adssettings.google.com/authenticated.

Contests

We use contests on our website. You enter these contests exclusively with you express consent and by checking a checkbox. The purpose of these contests for advertisement and market analysis, mailing prizes, and disclosure of winners is a legitimate interest in laid down in the DSGVO. Responsibility for data protection compliance of the contest lies with the respective provider.

Freie Digitale

For our Advent calendar contest we collaborate with Freie Digitale Gesellschaft für interaktive Medien, Jahnstr. 45, 80469 Munich, Germany. In the course of participating we collect and transfer data like name, address, age, and e-mail address.

The data is stored on servers of Freie Digitale GmbH for the sole purpose of conducting the contest until the winners have been determined. The data will be deleted afterwards. You can also consent to receiving another hessnatur newsletter.

Participating in the contest is voluntary and not linked to an order or agreeing to advertisement. You can revoke your consent to Freie Digitale. Please send an e-mail to datenschutz@hess-natur.de or by mail to Hess Natur-Textilien GmbH & Co. KG, Marie-Curie-Str. 7, 35510 Butzbach, Germany

Recipients outside of the EU

We never store data outside ofSwitzerland or the EU. That is why with the exception of Google Analytics we don’t transfer your data to recipients outside of Switzerland, the European Union, or the European Econmic Area.

Your Rights

-----------------------------------------------------------------------

In addition to the right to revoke the consent you have given to us, you have the following additional rights if the respective legal requirements are met:

.

• Right to disclosure of your personal data stored by us. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the origin of your data, unless it has been collected directly from you.
• Right to correction of inaccurate data or to completion of correct data.
• .
• Right to delete your data stored by us as far as no legal or contractual retention periods or other legal obligations or rights to further storage are to be adhered to.
• Right to restrict the processing of your data, insofar as the accuracy of the data is disputed by you; insofar as the processing is unlawful, but you object to its deletion; insofar as the responsible party no longer requires the data, but you need it for the enforcement, exercise or defense of legal claims or insofar as you have filed an objection against the processing.
• Right to data portability, i.e. the right to have selected data stored by us about you transferred in a common, machine-readable format or to request the transfer to another responsible party.
• .
• Right to objection in principle to the processing of your data, which must be taken into account if your interest worthy of protection due to a special personal situation outweighs the interest in processing at Hess ( e.g. a possible danger to life or health). This does not apply if a legal obligation requires the processing to be carried out.
• .
• Right to file a complaint, i.e. you can file a complaint with a supervisory authority at any time. Responsible for us is:
  Germany: The Hessian Data Protection Commissioner, P.O. Box 3163, 65021 Wiesbaden
  . Austria: Austrian Data Protection Authority, Wickenburggasse 8, 1080 Vienna, www.dsb.gv.at
  Switzerland: Federal Data Protection and Information Commissioner (FDPIC), Feldeggweg 1, CH - 3003 Bern, www.edoeb.admin.ch
   

Data security

.

All data transmitted by you personally, including your payment data, will be transmitted using the generally accepted and secure standard SSL (Secure Socket Layer). SSL is a secure and proven standard that is also used, for example, in online banking. You can recognize a secure SSL connection, among other things, by the appended s at the http (i.e. https://...) in the address bar of your browser or by the lock symbol in the lower area of your browser.

.

Your personal data is stored by us on specially protected servers. Access to these is only possible for a few specially authorized and trained employees who are involved with the technical, commercial or editorial support of the servers and the implementation of the contracts.

.

EHI

The hessnatur online store is audited by the EHI Retail Institute GmbH and receives the EHI/BEVH seal (German E-Commerce and Mail Order Association)
. By integrating the seal graphic, no data is transmitted to third parties.

.

Trusted Shops

.

Trusted Shops offers us as online shop operators the opportunity to adapt our online functionalities to a high consumer standard. Trusted Shops regularly checks all order functions for consumer-friendly behavior.
. In addition, you have the option at the end of the ordering process to complete the Trusted Shops Buyer Protection. This service is offered by Trusted Shops and is not provided on behalf of hessnatur. Should you take advantage of the Trusted Shops Buyer Protection, your e-mail address will be transmitted to Trusted Shops if you have selected this on the order confirmation page.

.

To display the Trusted Shops seal of approval and any collected reviews, as well as to offer Trusted Shops products to buyers after an order, the Trusted Shops Trustbadge is integrated on this website.

.

This serves to protect our legitimate interests in an optimal marketing of our offer, which prevail in the balancing of interests. The Trustbadge and the services advertised with it are an offer of Trusted Shops GmbH, Subbelrather Str. 15C, 50823 Cologne, Germany.

When the Trustbadge is opened, the web server automatically saves a so-called server log file, which contains, for example, your IP address, the date and time of the call, the amount of data transferred and the requesting provider (access data) and documents the access. This access data is not evaluated and is automatically overwritten no later than seven days after the end of your visit to the site.

.

Further personal data will only be transferred to Trusted Shops if you decide to use Trusted Shops products after completing an order or have already registered to use them. In this case, the contractual agreement between you and Trusted Shops applies.

.

 

Data protection information for applicants

.

At Hess Natur, you can apply directly online electronically by e-mail for available jobs. The protection and legally compliant use of your personal data in applicant management is an important concern for us. To ensure that you feel secure when filling out and submitting an online application, we adhere to the data protection requirements of the Federal Data Protection Act (BDSG new version) and the General Data Protection Regulation (DSGVO) when processing your application. By sending your application data, you give your consent for your data to be stored by us.

.

In the following, we would like to inform you about our applicant management data protection in detail. Please read this carefully.

Responsible party

.

The responsible party for the processing of personal data can be contacted at:
. Hess Natur-Textilien GmbH & Co. KG, Marie-Curie-Str. 7, 35510 Butzbach, e-mail: dialog@hess-natur.de
The data protection officer can be reached at:
. Hess Natur-Textilien GmbH & Co. KG, Data Protection Department, Marie-Curie-Str. 7, 35510 Butzbach, e-mail: datenschutz@hess-natur.de

Personal Data

.

Personal data are information that are or can be directly or indirectly assigned to your person. This includes, for example, your name, telephone number, address and all application data that you provide to us as part of your application.

.

Purposes of data processing, legal basis and legitimate interests pursued by Hess Natur-Textilien GmbH & Co. KG

.

We collect, process and use your personal data of your online application in connection with the decision on the establishment of an employment relationship, which you have communicated to us via by e-mail to the address bewerbung@hess-natur.de, which are therefore required for us exclusively in the context of applicant management to fill vacancies.
. Your data will be transmitted directly to our human resources department and used exclusively for the purpose of the application process. This also includes the use for
. contacting you. A transfer of data to third parties will not take place without your express consent. We will forward your application within our company to the specialist managers or also to other specialist managers of departments with vacancies for which your applicant profile fits. Please inform us if you do not agree to this.

If we enter into an employment contract with you, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with the legal provisions. If we do not enter into an employment contract with you, the application documents will be automatically deleted three months after notification of the rejection decision, provided that no other legitimate interests of ours oppose deletion. Other legitimate interests in this sense include, for example, a duty to provide evidence in proceedings under the General Equal Treatment Act (AGG).
In addition, you can request us to delete your data at any time by sending an e-mail to: bewerbung@hess-natur.de. Please note that in this case you will also withdraw from all current application procedures.

Storing data for future jobs

-----------------------------------------------------------------

In case you agreed to saving your personal data we will add you to our pool of applicants. The data will be deleted after 2 years.