Privacy Policy of WALA Heilmittel GmbH 

 

Data Protection

We, WALA Heilmittel GmbH, are responsible for this online offer and as a teleservice provider we are obligated to inform you at the beginning of your visit to our online offer about the manner, scope and purpose of collecting and using personal data in a precise, transparent, understandable and easily accessible form in a clear and simple language. The contents of the notice shall be accessible to you at any moment. We shall therefore inform you which personal data are collected or used. Personal data are all the data that pertain to an identified or identifiable natural person.

We value greatly the security of your data and compliance with data protection regulations. The collection, processing and use of personal data are subject to provisions of the currently applicable European and national laws.

In the following privacy policy, we would like to demonstrate how we handle your personal data and how you may contact us:

 

WALA Heilmittel GmbH
Dorfstraße 1
D - 73087 Bad Boll/Eckwälden

Register number: HRB 530784

Telephone: +49 (0)7164 930-0;
Fax: +49 (0)7164 930-297

E-mail: info@wala.de
Web: www.wala.de

Management authorised for representation: Dr. Johannes Stellmann (Chairman), Dr. Armin Dörr, Dr. Philip Lettmann, Prof. Dr. Florian Stintzing

 

Our Data Protection Officer

Our data protection officer may be reached for questions in the following manner:

Sven Lenz, Deutsche Datenschutzkanzlei – Datenschutzkanzlei Lenz GmbH & Co. KG
Bahnhofstraße 50, 87435 Kempten, Germany
E-mail: datenschutz@wala.de

 

A. General

In order to ensure better comprehensibility, our privacy policy does not differentiate between genders. For the purposes of equal treatment, relevant terms apply to both sexes.

The meaning of the terms being used, such as “personal data” or “processing” may be found in Article 4 of the EU General Data Protection Regulation (GDPR).

Personal data of the user processed within the scope of this online offer include inventory data (e.g. name and address of customers and end users), contract data (e.g. utilised services, names of officers, payment information), usage data (e.g. visited websites of our online offer, interest in our products) and contact data (e.g. contact form entries).

“User” hereby comprises all categories of persons whose data are processed. These include, for example, our business partners, customers, end users, interested parties and other visitors of our online offer.

 

B. Specific

Privacy Policy

We warrant that we shall only collect, process, store and use your existing data in relation to the handling of your requests, posts or messages, as well as for internal purposes and for the provisions of services you requested and to provide content.

 

Bases of Data Processing

We process the user’s personal data only in accordance with the relevant data protection provisions. User data are processed only in the event of the following legally permissible instances:

  • to provide our contractual services (e.g. processing of orders) as well as online services
  • the processing is required by law
  • on the basis of your consent
  • based on our legitimate interests (i.e. interest in the analysis, optimisation and cost-effective operation and security of our online offer within the meaning of Art. 6(1)(f) of the GDPR, particularly when measuring reach, profiling for advertising and marketing purposes, as well as the collection of access data and use of third-party services)

We would like to show you where the above legal bases are regulated in the GDPR: 

Consent

Art. 6(1)(a) and Art. 7 of the GDPR

Processing in order to provide our services and implement contractual measures Art. 6(1)(b) of the GDPR
Processing in order to fulfil our legal obligations Art. 6(1)(c) of the GDPR
Processing in order to protect our legitimate interests Art. 6(1)(f) of the GDPR
 
Transfer of Data to Third Parties

Transfer of data to third parties is carried out only in accordance with legal requirements. We forward user data to third parties only if this is required, for example, by contract or on the basis of legitimate interest in the cost-effective and efficient operation of our business activities.

If we employ subcontractors for the provision of our services, we shall take the required legal precautions as well as the corresponding technical and organisational measures to ensure the safety of personal data in accordance with the applicable legal regulations.

 

Data Transfer to Third Countries or International Organisations

Third countries are those countries in which the GDPR is not a directly applicable law. This basically covers all countries outside the EU or the European Economic Area.

Data are transferred to a third country or an international organisation. It must be noted that there are relevant/corresponding warranties available and that you may exercise enforceable rights and effective legal remedies.

A copy of the corresponding warranties may be found at the following links:

 

Storage Duration of Your Personal Data

We adhere to the principles of data minimisation and data reduction. This means that we shall store the data you provided to us only so long as it takes to fulfil the above purposes or as required by various statutory storage periods. If the relevant purpose is not applicable, or the corresponding term expires, your data shall be routinely blocked or erased according to legal regulations.

 

Establishing Contact

You may contact us by phone at the number: +49 7164 9300 or by fax at the number: +49 7164 930297. If you contact us via our contact form or by e-mail, e.g. Datenschutz@wala.de, you agree to electronic communications. When you establish contact with us, personal data shall be collected. In the corresponding contact form, you may find which types of data are collected when using a contract form. Your data shall be sent using SSL encryption. The information you provide shall only be stored for the purpose of processing requests, posts or messages and for possible follow-up questions.

We would like to specify the relevant legal bases:

Processing in order to provide our services and implement contractual measures Art. 6(1)(b) of the GDPR
Processing in order to protect our legitimate interests Art. 6(1)(f) of the GDPR

 

We use a software to maintain customer data (CRM system) or a comparable software on the basis of our legitimate interests (efficient and fast processing of user requests). The system is operated by us in-house. Therefore, data are not transferred to third parties.

We would like to point out that any e-mails you send, including those you send to WALA, may be unknowingly read or modified without authorisation along the transmission path. We also emphasise that we use spam filter software. The spam filter may reject e-mails if some characteristics are mistakenly interpreted as spam.

 

What rights do you have?

a) Right of Access
You have the right to obtain free access to your stored data. Upon request, we shall inform you in writing, pursuant to the applicable law, on which personal data about you we have stored. This also includes the origin and the recipient of your data as well as the purpose of data processing.

b) Right to Rectification
You have the right to have inaccurate data concerning you, which is stored by us, rectified. You may also request the restriction of processing, e.g. when contesting the accuracy of your personal data.

c) Right of Blocking
Furthermore, you may have your data blocked. In order to consider the blocking of your data at any moment, the data must be kept in a locked file for control purposes.

d) Right to Erasure
You may also request the erasure of your personal data, provided there are no statutory retention periods. If such an obligation is applicable, we shall block your data upon request. If the required legal prerequisites are met, we shall erase your personal data even without your corresponding request.

e) Right to Data Portability
You have the right to receive the personal data concerning you, which you provided to us, in a format that enables transfer to another authority.

f) Right to Lodge a Complaint with a Supervisory Authority
You have the option to lodge a complaint with a supervisory data protection authority.


The state data protection and freedom of information officer of Baden-Wuerttemberg
Mailing address: Postfach 10 29 32, D-70025 Stuttgart
Home address: Königstraße 10a, D-70173 Stuttgart
Telephone: +49 711 615541–0
Fax: +49 711 615541–15
E-mail: poststelle@lfdi.bwl.de
Web: https://www.baden-wuerttemberg.datenschutz.de

You may access the complaint form via the following link:
https://www.baden-wuerttemberg.datenschutz.de/online-beschwerde

 

g) Right to Object

At any moment, you have the option to cancel the use of your data for internal purposes with future effect. To achieve this, you are only required to send an e-mail to datenschutz@wala.de. However, such a cancellation does not affect the lawfulness of the processing carried out up to that moment by us. This does not affect data processing in relation to any other legal bases, e.g. contract initiation (see above).

 
Protection of Your Personal Data

We employ contractual, organisational and technical safety measures, with due regard to the state of the art, in order to ensure adherence to the provisions of data protection laws and for the protection of data that we process against accidental or intentional manipulation, loss, destruction and access by unauthorised persons.

These safety measures especially include the encrypted transfer of data between your browser and our server. For this purpose, we use 256-bit SSL encryption (AES 256). This includes your IP address.

 

Your personal data are thereby protected under the following items (excerpt):

a) Maintaining confidentiality of your personal data
In order to keep the confidentiality of your personal data stored with us, we have taken various measures to control access and entry.

b) Maintaining integrity of your personal data
In order to maintain the integrity of your personal data stored with us, we have taken various measures to control forwarding and input.

c) Maintaining availability of your personal data
In order to maintain the availability of your personal data stored with us, we have taken various measures to control orders and availability.

The safety measures being used are constantly improved in line with technological development. Despite these precautions and due to the insecure nature of the Internet, we cannot guarantee the safety of your data transfer to our online offer. Consequently, any data transfer you perform to our online offer is at your own risk.

 

Protection of Minors

Persons who are under the age of 18 may provide us with their personal data only if they have the express consent of a legal guardian. Such data shall be processed in accordance with this privacy policy.

 

Data Protection when Participating in the Esthetician Forum

Responsibility for data collection in this forum:
The responsible party is WALA Heilmittel GmbH, Dorfstraße 1, D-73087 Bad Boll/Eckwälden

Personal data are collected for the following purpose:
In order to be able to place serious forum posts, which shall be answered on behalf of the operator, all participants are required to provide a surname, name, e-mail address and IP address.

By pressing the “Informed consent” button, the participant provides their consent for the collection and processing of their health data, which they willingly provide to be published in the WALA forum.

This happens to your personal data:
WALA Heilmittel GmbH collects, processes and uses your personal data solely to operate the forum and stores them to keep a record of forum posts and for other consulting activities which also take place outside the forum. Posts are also published individually in anonymous form in this online offer, e.g. for product advertising.
Personal data are not provided to third parties.

Your rights as a participant in the forum:
You may request information regarding which data are stored about you. You may request the rectification, erasure and blocking of your personal data, provided this is legally permissible and possible under an existing contractual relationship.
You may object in order to prevent (further) publication of your own posts. You may also withdraw your consent for the storage of your data at any moment. In these cases, you may send your objection to the following address: datenschutz@wala.de

 

Data Protection when Transferring Health Data

Responsibility for data collection in relation to reports on drug side effects, serious adverse effects of cosmetic products, and processing of other health data:
The responsible party is WALA Heilmittel GmbH, Dorfstraße 1, D-73087 Bad Boll/Eckwälden

Personal data are collected for the following purpose:
If personal data are entered in a contact form in this online offer, e.g. the “Drug Safety and Side Effects” contact form, they shall mostly include surname, name, age, gender, address, e-mail address, phone number, country and the corresponding drug, if necessary. The patient or consumer shall likewise provide notification on any adverse effects of a drug or cosmetic product. These data are necessary so that WALA, as the manufacturer of WALA drugs and Dr. Hauschka cosmetic products, may fulfil legal obligations, e.g. under Art. 63c of the Act on Drugs or Art. 23 of the Regulation (EC) no. 1223/2009 on Cosmetic Products, communicate notices to competent authorities, e.g. BfArM, and store data for official enquiries.

By pressing the “Informed consent” button, the data subject provides their consent for the collection and processing of their health data, which they willingly entered in the contact form.

If corresponding notices are forwarded to WALA using the e-mail address of the responsible party, e.g. arzneimittelsicherheit@wala.de, kosmetiksicherheit@wala.de, data shall be processed for the above-mentioned purpose, provided the express consent of the data subject was obtained beforehand for the storage and forwarding to the corresponding authority.

If any other notices regarding health data are received by the responsible party via e-mail, the data shall be processed only to the extent necessary to best fulfil the request of the data subject, e.g. to answer a product-related question. Prior to the storage and forwarding of data, the express consent of the subject shall be requested.

If WALA receives notices on adverse effects or other health data via telephone, WALA shall obtain express consent for the processing and forwarding of data in the course of the conversation and shall document it, or they shall obtain it via the corresponding e-mail from the data subject.

This happens to your personal data:
WALA Heilmittel GmbH collects, processes and uses your personal data expressly to fulfil the previously specified purposes and stores them on internal servers. Forwarding to third parties is only done to fulfil the previously specified purposes to the relevant authorities and only with express consent, unless the forwarding is anonymous. Third parties may access data provided they are in an agency relationship for data processing (commissioned processing) with WALA, which is necessary for the maintenance and support of IT systems of the responsible parties. Information on the processing of data transferred to the relevant authorities may also be found here: https://verbraucher-uaw.pei.de/fmi/webd/verbraucher_uaw.

Your rights as the subject whose data are processed:
You may request information regarding which data are stored about you. You may request the rectification, erasure and blocking of your personal data, provided this is legally permissible. You may also withdraw your consent for the storage or transfer of your data at any moment. In these cases, you may send your objection to the following address: datenschutz@wala.de

 

Data Protection in Prize Contests

Responsibility for data collection in this prize contest:
The responsible party is WALA Heilmittel GmbH, Dorfstraße 1, D-73087 Bad Boll/Eckwälden

Personal data are collected for the following purpose:
All participants shall mostly be required to provide their surname, name, address (comprising the street, number, postal code, city and country), date of birth and e-mail address, so the winner can be properly notified.

This happens to your personal data:
WALA Heilmittel GmbH collects, processes and uses your personal data expressly to perform this prize contest. After the prize contest is finished, along with the subsequent awarding of prizes, your data shall be promptly erased, provided this is not contrary to any legal or contractual regulations.

Your rights as a prize contest participant:
You may request information regarding which data are stored about you. You may request the rectification, erasure and blocking of your personal data, provided this is legally permissible and possible under an existing contractual relationship.

 

Data Protection of Job Applicants

Responsibility for data collection during job applications:
The responsible party is WALA Heilmittel GmbH, Dorfstraße 1, D-73087 Bad Boll/Eckwälden
The legal basis for the processing of personal data of applicants:

Personal data are collected for the following purpose:
With your application WALA Heilmittel GmbH receives data (in a paper format as well as in digital form), mostly name and surname, address, date of birth, place of birth, information on education and vocational education, advanced training and continuing education, certificates.
WALA Heilmittel GmbH collects, processes and uses your personal data solely for the purposes of job application (= initiation of employment). The processing of your data for purposes other than the one specified is performed only if permissible under Art. 6(4) of the GDPR and if it complies with the original purpose. We shall inform you of any such processing prior to any further processing of your data.


This happens to your personal data:
Applicant data shall be stored and processed in personal data processing systems. The technical installation is designed in such a way that only a very narrow group of specially authorised individuals has the right of access, and any other access or knowledge of the data is disabled using the best available technology. Your personal data shall only be stored as long as knowledge of the data is necessary for the purpose of employment or the purpose for which they were collected or if it is required by legal or contractual provisions regarding storage. Your data shall not be transferred to external authorities.
If no contractual relationship is concluded, we shall store your application data for a period of 6 months for the purposes of verification according to the General Non-Discrimination Act. If a contractual relationship is concluded (=employment), we shall transfer the required data to the staff files.


Your Rights as an Applicant:
You are entitled to information about the personal data stored about you, the purpose of the processing, any transfers to other authorities and the duration of storage. You may exercise your right of access also by receiving an excerpt or a copy. If data are inaccurate or are no longer necessary for the purpose for which they were collected, you may request rectification, erasure or restriction of processing.
If you have reasons arising from your particular personal situation that oppose the processing of your personal data, you may object to the processing if it is based on a legitimate interest. In such an event we shall only process your data if there is a special vital interest in doing so.
In certain instances, we may request your consent for the processing or transfer of your data. This may occur if, for instance, your application must be stored for a longer period or your application is being considered for another position in our company. Your consent is voluntary in these instances and may be withdrawn by you at any moment with future effect.

 
Cookies

We use cookies. Cookies are small text files that are stored locally in the cache of your Internet browser. Cookies enable the recognition of the Internet browser. The files are used to assist the browser in navigating the online offer and to enable the full use of all functions.

Our online offer uses: Browser cookies

 

User Control of the Cookies

Browser cookies: You can set any browser to accept cookies only on request. A setting is also possible that allows the acceptance of cookies only on sites that are being currently visited. All browsers offer features that allow selective deletion of cookies. The acceptance of cookies may also be switched off in general, but the level of user-friendliness of this online offer may then be restricted.

 

Use of First Party Cookies (Google Analytics Cookie)

Google Analytics cookies record the following:

  • Unique user - Google Analytics cookies gather and group your data. All activities during a visit are summarized. The placement of Google Analytics cookies enables the distinction between users and unique users.
  • Activities of users - Google Analytics cookies also store data on the start and end time of a visit in the online offer and the number of pages you viewed. When the browser is closed or during longer inactivity of the user (usually 30 minutes), the user session is ended, and the cookie records the visit as finished. Furthermore, the date and time of the first visit are recorded. The total number of visits per unique user is also recorded. External link: http://www.google.com/analytics/terms/de.html

You may prevent Google’s collection and processing of data generated by the cookie and related to the use of the online offer (including your IP address) by downloading and installing a browser plug-in using the following link:
External link: http://tools.google.com/dlpage/gaoptout?hl=de.

More information is available under “Google Analytics / Universal Analytics web analytics service”.

 

Use of Third Party Cookies

In our online offer third party providers use [additional] cookies (third party cookies) during the import of editorial texts or advertisements. Third party providers are also subject to strict legal data protection requirements regarding the availability of personal data.

 

Lifespan of the Cookies Used

Cookies are managed by the web server of our online offer. This online offer uses:
Transient cookies / session cookies (single use)
Lifespan: Until the closing of this online offer

Persistent cookie (continuous browser recognition)
Lifespan: 2 years

 

Deactivation or Removal of Cookies (Opt-out)

Each web browser has options to restrict and delete cookies. For more information, please visit the following websites:

 

Google Analytics / Universal Analytics Web Analytics Service

We use Google Analytics, a web analytics service provided by Google Inc. (“Google”). Google Analytics uses “cookies”, text files that are stored on your computer and enable the analysis of the use of the online offer. The information generated by the cookie about the use of this online offer is usually transferred to a Google server in the USA and stored there. Thus, data are transferred to a third country. It must be noted that there are relevant/corresponding warranties available and that you may exercise enforceable rights and effective legal remedies.

A copy of the corresponding warranties may be found at the following links:

By anonymising the IP address in our online offer, Google shortens your IP address beforehand in the member states of the European Union or in other signatories of the Agreement on the European Economic Area.

Only in exceptional cases shall the full IP address be transmitted to a Google server in the USA and shortened there. At our request, Google shall use this information to evaluate the use of the online offer, to compile reports on the activities of the online offer and to provide us with other services related to the use of the online offer and the Internet. The IP address transmitted by your browser as part of the Google Analytics service shall not be linked to other Google data. You may prevent the storage of cookies using the appropriate setting in your browser software. However, we would like to stress that in such circumstances it shall not be possible to fully use all the functionalities of this online offer, as the case may be.

We would like to emphasise that Google Analytics is used in this online offer with the extension “_anonymizeIp()” and IP addresses are thus processed further only in shortened form to prevent direct relation to a specific person.

We also use Google Analytics reports to collect demographic characteristics and interests.

Data sent by us and related to the cookies, user identification (e.g. user ID) or advertising IDs are automatically erased after 24 months. The erasure of data whose retention period has expired is done automatically once a month. You may find more information on the terms of use and data protection at https://www.google.com/analytics/terms/de.html or at https://policies.google.com/?hl=de

Furthermore, you may prevent Google’s collection and processing of data generated by the cookie and related to the use of the online offer (including your IP address) by downloading and installing a browser plug-in using the following link: http://tools.google.com/dlpage/gaoptout?hl=de.

As an alternative to the browser plug-in or within the browser on mobile devices, you may use the following link to set an opt-out cookie that prevents future collection of data with the Google Analytics service in this online offer (this opt-out cookie functions only in this browser and only for this domain, and it is necessary to again click on the link if you delete the cookies in that browser):

Google Analytics deactivation

 

Newsletter

We shall collect personal data if you sign up for our e-mail newsletter. Such data are used for our promotional purposes in the form of your e-mail newsletter, provided that you give your express consent in the following manner:

“Yes, I would like to subscribe to the newsletter! I have read the Privacy Policy. “

You may cancel the newsletter at any moment using the corresponding link in the newsletter or by sending the appropriate notice to us at the e-mail newsletter-abbestellen@wala.de. Upon cancellation, your e-mail address shall be promptly erased from our newsletter recipient list and placed in a locked file in order to ensure the newsletter is sent no more.

Newsletter tracking: If you have previously given your express consent, newsletter tracking (a.k.a. web beacons or tracking pixels) shall be used. Upon the delivery of the newsletter, an external server may then collect certain data on the recipient, e.g. the time of retrieval, IP address or information on the used e-mail programme (client). The name of the image file is customised for each mail recipient by attaching a unique ID. The mail sender remembers which ID belongs to which e-mail address and is thus able to determine during image retrieval which newsletter recipient just opened an e-mail.

As part of newsletter tracking, user behaviour data are collected under a pseudonym. This comprises the following pseudonymised data: recipient, recipient minus bounces, recipient in queue, recipient is skipped over, unique cancellation rate, unique cancellations, bounce rate, bounces (namely hard and soft bounces), unique open rate, unique open, open rate, openings, unique click rate, unique clicks, click rate, clicks, effective unique click rate, clicks for the segmentation of target groups.

We cooperate with an external service provider, no tins GmbH, Römerstraße 1, D-70178 Stuttgart, in order to deliver the newsletter. Your personal data shall be forwarded to no tins GmbH for the purpose of sending the newsletter and they shall process them solely according to our instructions.

 
Use of Google Maps

We use Google Maps for displaying maps and for creating travel routes. Google Maps is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. By using this online offer, you consent to the collection, processing and use of the automatically collected data and the data you entered (including the IP address) by Google or any of their representatives or third-party providers. The terms of use for Google Maps may be found at the following link:
https://www.google.de/intl/de/policies/terms/regional.html

More details on transparency and choice options as well as data protection provisions may be found in the Privacy Centre of google.de: https://www.google.de/intl/de/policies/privacy/?fg=1

 

Changes to our Data Protection Provisions

We reserve the right to occasionally adjust our privacy policy, so it can comply with the applicable legal requirements or to implement changes to our services in the privacy policy. For example, this may include the introduction of new services. Therefore, the new privacy policy shall apply to your return visit.

 

Trademarks

Each logo or trademark specified herein is the property of the respective company. Brands and names are provided for informational purposes only.

 

C. Russia-specific Provisions

The following applies to users who are residents of the Russian Federation:

The above services of our online offer are not intended for citizens of the Russian Federation who are residing in Russia.

If you are a Russian citizen residing in Russia, we hereby expressly inform you that any personal data you provide via this online offer shall be exclusively at your own risk and on your own responsibility. You further agree not to hold us responsible for any failure to comply with the laws of the Russian Federation.

 

This Privacy Policy (version: DSGVO 1.0 of 14 May 2018) was prepared by:

German Data Protection Administration - Munich Branch - www.deutsche-datenschutzkanzlei.de

 

 

Data Processing when Opening a Customer Account and for Contract Performance

According to Art. 6 para. 1 item (b) of the GDPR, personal data shall be collected and processed if you provide them to us for the performance of a contract or the opening of a customer account. The respective entry forms may be inspected to determine which data are being collected. The deletion of your customer account is possible at any moment and may be carried out by sending a notification to the above-mentioned address of the responsible person. We store and use the data you provided for contract performance. After full performance of the contract or the deletion of your customer account, your data shall be blocked with regard to tax and commercial statutory retention periods and erased after the expiration of these periods, unless you have expressly consented to further use of your data or if we reserve the right to a legally permitted further use of data of which you shall be duly informed below.

Forwarding of Personal Data for Contract Performance

As part of contract performance, the personal data collected by us shall be forwarded to the transport company commissioned with the delivery, insofar this is necessary for the delivery of goods. To effect payments, we forward payment data to the commissioned credit institution.

If the goods are delivered by the transport service provider DHL (Deutsche Post AG, Charles-de-Gaulle-Strasse 20, 53113 Bonn), we shall forward your e-mail address, in accordance with Art. 6 para. 1 item (a) of the GDPR, for the delivery of goods to DHL to coordinate a delivery date or a delivery notice, provided you have given the relevant express consent during the ordering process. Otherwise, we shall forward to DHL only the name of the recipient and the delivery address for delivery in accordance with Art. 6 para. 1 item (b) of the GDPR. Forwarding shall only take place if it is required for the delivery of goods. In such an event, previous coordination of the delivery date or the delivery notice with DHL is not possible. The consent, in relation to the above specified responsible person or the transport service provider DHL, may be withdrawn at any moment with future effect.

Payment Methods

When paying via PayPal, by credit card via PayPal, by debit note via PayPal or, if offered, "Kauf auf Rechnung" (purchase on account) via PayPal, we shall forward the payment data, in order to effect payments, to PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal"). PayPal reserves the right to conduct a credit report with regard to the payment methods including credit card via PayPal, debit note via PayPal or, if offered, "Kauf auf Rechnung" (purchase on account) via PayPal. The result of the credit check with respect to the probability of default on payment is used by PayPal to decide on the provision of the respective payment method. The credit report may include probability values (so-called score value). If score values are included in the results of the credit report, they are based on a scientifically recognized mathematical and statistical procedure. The calculation of score values includes, among other things, mailing address data. For further legal data protection information, which may also include the credit agencies used, please refer to the privacy policy of PayPal: https://www.paypal.com/de/webapps/mpp/ua/privacy-full

If you decide to use the payment service provider PAYONE for credit card payment, the payment shall be effected by the payment service provider PAYONE GmbH, Fraunhoferstraße 2-4, D-24118 Kiel, to whom we shall forward the information communicated during the ordering process along with the information about your order. Your data is forwarded exclusively for the purpose of effecting payments via the payment service provider PAYONE.

Sofortüberweisung
When paying using SOFORT, we immediately receive the transfer credit note. For this purpose, you shall provide SOFORT GmbH (Sofort GmbH, Theresienhöhe 12, D-80339 München) with the bank account number, bank code, PIN and TAN via the secure payment form which we cannot access. SOFORT GmbH provides automated and real-time transfer to your online bank account. The due purchase amount shall be transferred immediately and directly to our bank account. If you choose the Sofortüberweisung payment method, a pre-filled form shall open at the end of the ordering process containing our bank details. The due transfer amount as well as the purpose of use shall also be entered. In the form you must specify the country in which the online banking account is located and the bank code. In order to execute the Sofortüberweisung transfer, you must enter the account number and PIN to log in to the online banking account and provide confirmation by entering the TAN. The transaction shall be confirmed immediately. In general, every user may choose Sofortüberweisung as their payment method, if they have an active online banking account with a PIN/TAN procedure. Take note that certain banks do not have the Sofortüberweisung option available. For further information, please refer to the provider's website: https://www.klarna.com/sofort
paydirekt
paydirekt is very simple.
1. Register to paydirekt for free in your online banking service.
2. From now on you can pay directly. Conveniently with only a username and a password.

Credit card
A simple and fast processing of your order is guaranteed when paying with a credit card. All you have to do is enter your credit card number and the 3–4-digit control number on the back of the credit card and the date on which the credit card expires. If your credit card is protected by the MasterCard 3D-Secure or Verified by Visa systems, you will be redirected to a secure website of your credit card issuing bank where you will have to enter the protection code. As soon as the credit card is accepted, the payment shall be considered as effected. The shipping of your items will be activated as soon as the credit card is accepted.

Advance Payment
Advance payment is a contract condition wherein the purchaser must first pay the purchase price before the seller begins delivering the agreed upon goods. Namely, the customer shall make an advance payment, meaning they shall pay in advance and we will subsequently ship the goods.

SEPA Direct Debit System
Customers with a bank account in a country that is a participant of the SEPA Direct Debit system may pay in EUR using direct debit. The following countries are currently qualified for the SEPA Direct Debit system (note: payment is only possible in EUR).
Germany, Austria, Switzerland, Belgium, Bulgaria, Denmark, Estonia, Finland, France, Greece, Ireland, Iceland, Italy, Croatia, Latvia, Liechtenstein, Lithuania, Luxembourg, Malta, Monaco, Netherlands, Norway, Poland, Portugal, Romania, San Marino, Sweden, Slovakia, Slovenia, Spain, Czech Republic, Hungary, United Kingdom, Cyprus.
Your bank account will of course be charged only after the ordered items have been sent. If your order is being sent through several partial deliveries, you will see the corresponding individual entries in the bank statement. Please note: it is not possible to change your bank details automatically (e.g. via your bank's account transfer service). Due to data protection we must ask you to make the changes yourself using the Payment Methods button in My Account.
Note:
Your bank account will of course be charged only after the ordered items have been sent. If your order is being sent through several partial deliveries, you will see the corresponding individual entries in the bank statement. Please note: it is not possible to change your bank details automatically (e.g. via your bank's account transfer service). Due to data protection we must ask you to make the changes yourself using the Payment Methods button in My Account.

Giropay
Based on online banking with PIN and TAN numbers, it enables you simple, fast and secure payment using online money transfer. To use Giropay, you only need an online banking giro account at a participating bank or savings bank. Giropay allows you to conduct your online money transfers in the secure online banking environment of your credit institution. This guarantees that sensitive data (PIN/TAN) shall only be exchanged between you and the bank. No third person shall have insight in the personal account and turnover information.
Giropay operates in the following manner: If you decide to pay using Giropay, you will be safely directed to the online banking system of your bank or savings bank after entering your bank code. There you will log in as usual with your access data. Having successfully logged in, a pre-filled money transfer order shall automatically be displayed, already containing all the details of the purchase: invoice amount, reason for payment and bank code of the dealer. You authorize the money transfer by entering TAN. Directly after a successful money transfer, we shall receive a payment guarantee from your bank and be able to send the goods immediately, depending on availability.

Data Processing during Rating of Dr. Hauschka Products in the Web Shop
You can rate our Dr. Hauschka products. For this purpose, you shall enter in the contact form your name, e-mail address and IP address, a summary of your topic and your rating in the form of stars (1-5) and your opinion, if necessary.
All participants are required to give their surname, name and e-mail and IP address, so that serious forum posts may be posted on the forum. Your e-mail address will not be disclosed. By pressing the “Informed consent” button, the participant provides their consent for the collection and processing of data, which may be health data. The participant makes these willingly available to WALA for release. WALA Heilmittel GmbH collects, processes and uses your personal data expressly to operate the rating forum and stores them to document the forum posts. Ratings and posts are also occasionally published on this online offer, e.g. for product advertising. Personal data shall not be made available to third persons.
Your rights as a participant in the ratings forum: You may request information regarding which data are stored about you. You may request the rectification, erasure and blocking of your personal data, provided this is legally permissible and possible under an existing contractual relationship. You may object to prevent (further) publication of your own posts. You may also withdraw your consent for the storage of your data at any moment. In these cases, you may send your objection to the following address: datenschutz@wala.de

Data Processing during the Selection of One of Dr. Hauschka Brand Partners as Your Handler when Purchasing in the Web Shop
You may select a resident handler, with whom you can purchase you Dr. Hauschka products when you are not ordering from the Dr. Hauschka web shop. In doing so, your personal data and order data shall be transferred to WALA. This serves to provide your handler with a percentage commission from your purchase. There is no forwarding of your data to the handler or other third persons.

Use of Google reCaptcha

On this website we also use the reCAPTCHA function of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). This function serves primarily to differentiate whether the entry was made by a natural person or was there abuse due to machine and automated processing. The service includes the sending of the IP address and possibly other data required by Google for the reCAPTCHA service to Google and is carried out in accordance with Art. 6 para. 1 item (f) of the GDPR based on our legitimate interest in determining individual intent of actions and preventing abuse and spam.

With their registered office in the USA, Google LLC is certified for the EU-US Privacy Shield data protection agreement that ensures compliance with the data protection level applicable in the EU. For further information on Google reCAPTCHA and the Google’s Privacy Policy please refer to: https://www.google.com/intl/de/policies/privacy/

Information on online dispute resolution according to Art. 14 para. 1 of the ODR Regulation:
The EU Commission provides a platform for online dispute resolution (ODR) available at https://ec.europa.eu/consumers/odr. The ODR platform serves as a starting point for out-of-court settlement of disputes regarding contractual obligations arising from online purchase contracts.

Information regarding Art. 36 of the Consumer Dispute Settlement Act (VSBG)
We are neither obligated nor willing to participate in a dispute settlement procedure before a consumer arbitration board.