Privacy Policy

This Privacy Policy clarifies the nature, scope and purpose of the processing of personal data (hereinafter referred to as “Data”) within our online offering and the related websites, features and content, as well as external online presence, e.g. our social media profiles on. (collectively referred to as “online offer”). With regard to the terminology used, e.g. “Personal data” or their “processing”, we refer to the definitions in Article 4 of the General Data Protection Regulation (GDPR).

Styla GmbH
Schwedter Str. 36A
10435 Berlin, Germany
Commercial Register / No. : HRB 142689 B
Managing Director: Philipp Rogge, Franz Riedl
Telephone number: +49 30 91578751
E-mail address: contact@styla.com

E-mail address for privacy policy matters: dpo@styla.com

1. Types of processed data

  • Inventory data (e.g., names, addresses).
  • Contact information (e.g., e-mail, phone numbers).
  • Usage data (e.g., visited web pages, interest in content, access times).
  • Meta/communication data (e.g., device information, IP addresses).

2. Processing of special categories of data (Article 9 (1) GDPR)

No special categories of data are processed.

 

3. Categories of data subjects

Visitors and users of the online offer.

 

In the following, we also refer to the concerned person as “users”.

 

4. Purpose of processing

  • Providing the online offer, its contents and functions.
  • Provision of contractual services, service and customer care.
  • Answering contact requests and communicating with users.
  • Marketing, advertising and market research.

 

5. Changes and updates to the privacy policy

We ask you to inform yourself regularly about the content of our privacy policy. We will adjust the privacy policy as soon as the changes to the data processing we make requires it. We will notify you as soon as the changes requires your participation (eg consent) or other individual notifications.

 

6. Safety measures

We take appropriate technical measures in accordance with Art. 32 GDPR, taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the processing as well as the different likelihood and severity of the risk to the rights and freedoms of natural persons and organizational measures to ensure a level of protection appropriate to the risk; Measures include, in particular, ensuring the confidentiality, integrity and availability of data by controlling physical access to the data, as well as their access, input, disclosure, availability and separation.

Furthermore, we take into account the protection of personal data already during development, in accordance with the principle of data protection by means of privacy-friendly default settings (Art. 25 GDPR).
One of the security measure is the encrypted transfer of data between your browser and our server.

 

7. Collaboration with processors and third parties

If, in the context of our processing, we disclose data to other persons and companies (contract processors or third parties), forward them or otherwise grant access to the data, this will only be done on the basis of a legal permission (eg if a transmission of the data to third parties, as required by payment service providers, pursuant to Art. 6 (1) (b) GDPR to fulfill the contract), you have consented to a legal obligation or based on our legitimate interests (eg the use of agents, webhosters, etc.).

If we commission third parties to process data on the basis of a so-called “contract processing contract”, this is done on the basis of Art. 28 GDPR.

 

8. Transfers to third countries

If we process data in a third country (ie outside the European Union (EU) or the European Economic Area (EEA)) or in the context of the use of third party services or disclosure or transmission of data to third parties, this will only be done if it is to fulfill our (pre) contractual obligations, on the basis of your consent, on the basis of a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual permissions, we process or have the data processed in a third country only in the presence of the special conditions of Art. 44 et seq. GDPR. That the processing is e.g. on the basis of specific guarantees, such as the officially recognized level of data protection (eg for the US through the Privacy Shield) or compliance with officially recognized special contractual obligations (so-called “standard contractual clauses”).

 

9. Rights of data subjects

You have the right to ask for confirmation as to whether the data in question is being processed and for information about this data as well as for further information and a copy of the data in accordance with Art. 15 GDPR.

You have according to. Art. 16 GDPR the right to demand the completion of the data concerning you or the correction of the incorrect data concerning you.

In accordance with Art. 17 GDPR, you have the right to demand that the relevant data be deleted immediately or, alternatively, to require a restriction of the processing of data in accordance with Art. 18 GDPR.

You have the right to demand that the data relating to you, which you have provided to us, be obtained in accordance with Art. 20 GDPR and request their transmission to other persons responsible.

You have the right to file a complaint with the competent supervisory authority (Art. 77 GDPR).

 

10. Withdrawal

You have the right to withdraw previously given consent in accordance with. Art. 7 para. 3 GDPR.

 

11. Contradictory Legal

You can object to the future processing of your data in accordance with Art. 21 GDPR at any time. The objection may be made against the process to direct marketing purposes.

 

12. Cookies and right to object in direct mail

We set temporary and persistent cookies, i. small files that are stored on users’ devices (Explanation of the term and function, see Cookie Policy). This may be for security purposes or to operate our online offer (for example, for the presentation of the website) or to save the user’s decision when confirming the cookie banner. In addition, we or our technology partners use cookies for measuring reach and for marketing purposes, which users are informed about in our Cookie Policy.

A general objection to the use of cookies used for online marketing purposes can be found in a variety of services, especially in the case of tracking. via the US website http://www.aboutads.info/choices/ or the EU page http://www.youronlinechoices.com/. Furthermore, the storage of cookies can be achieved by switching them off in the settings of the browser. Please note that it may not be possible to use all the features of this online offer.

 

13. Deletion of data

The data processed by us will be deleted or restricted in accordance with Art. 17 and 18 GDPR. Unless the data is deleted because it is required for other and legitimate purposes, its process will be restricted. That means the data is blocked and not processed for other purposes. This applies, for example for data that must be retained for commercial or tax reasons.

 

14. Contact forms

When contacting us (via contact form or e-mail) the information of the user’s data from the contact request and its processing, can be stored in our Customer Relationship Management System (“CRM System”) or comparable request organization: Art. 6 para. 1 lit. b) GDPR

We use the CRM system “Close.io”, the provider Elastic Inc., PO Box 1145, Jackson, WY 83001 USA, + 1-855-256-7346) based on our legitimate interests (efficient and fast processing of user requests) on. For this purpose, we have concluded a contract with Close.io with so-called standard contractual clauses, in which Close.io commits itself to processing user data only in accordance with our instructions and compliance with the EU data protection standard.

By filling out and submitting one of the contact forms on this website, the user authorizes this application. The following data are collected: first and last name, e-mail address, company name and telephone number.

 

15. Comments and contributions

Content comment services allow users to create and publish comments about the content of this site (for example, on our blog). Depending on the selected settings, users may also leave anonymous comments. If there is an e-mail address below the personal information provided by the user, it may be used to send notifications of comments about the same content. Users are responsible for the content of their comments. We reserve the right not to publish inappropriate comments. When a third-party-provided such service is installed, it may continue to collect data about web traffic for the pages that include the commenting service, even if users do not use the content commenting service.

Disqus

Disqus is a content commenting service provided by Big Heads Labs Inc. Personal information collected: cookies, usage of data and various types of data in accordance with the privacy policy of the service. Place of processing: United States – Privacy Policy – Opt-out.

 

16. Collection of access data and log files

Based on our legitimate interests within the meaning of Art. 6 para. 1 lit. f. GDPR Data on every access to the server on which this service is located (so-called server log files). The access data includes name of the retrieved web page, file, date and time of retrieval, amount of data transferred, message about successful retrieval, browser type and version, the user’s operating system, referrer URL (the previously visited page), IP address and the requesting provider.

Logfile information is stored for security purposes (for example, to investigate abusive or fraudulent activities) for a maximum of seven days and then deleted. Data whose further retention is required for evidence purposes shall be exempted from the cancellation until final clarification of the incident.

 

17. Online presence in social media

Based on our legitimate interests within the meaning of Art. 6 para. 1 lit. f. GDPR online presence within social networks and platforms in order to communicate with the active customers, prospects and users and to inform them about our services. When calling the respective networks and platforms, the terms and conditions and the data processing guidelines apply to their respective operators.

Unless otherwise stated in our Privacy Policy, we process users’ data as long as they communicate with us on social networks and platforms, e.g. Write posts on our online presence or send us messages.

Facebook

Based on our legitimate interests (ie interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 (1) f. GDPR) we use social plugins (“plugins”) of the social network facebook.com, which operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland (“Facebook”). The plugins can represent interaction elements or content (eg videos, graphics or text contributions) and can be recognized by one of the Facebook logos (white “f” on blue tile, the terms “Like”, “Like” or a “thumbs up” sign) or are marked with the addition “Facebook Social Plugin”. The list and appearance of Facebook Social Plugins can be viewed here: https://developers.facebook.com/docs/plugins/.

Facebook is certified under the Privacy Shield Agreement, which provides a guarantee to comply with European privacy legislation (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).

When a user invokes a feature of this online offering that includes such a plugin, their device establishes a direct connection to the Facebook servers. The content of the plugin is transmitted by Facebook directly to the device of the user and incorporated by him into the online offer. In the process, user profiles can be created from the processed data. We, therefore, have no influence on the amount of data that Facebook collects with the help of this plugin and therefore informs the users according to our knowledge.

By