Privacy Policy of WALA Heilmittel GmbH 

 

Data Protection

We, WALA Heilmittel GmbH, are responsible for this online offer and as a teleservice provider we are obligated to inform you at the beginning of your visit to our online offer about the manner, scope and purpose of collecting and using personal data in a precise, transparent, understandable and easily accessible form in a clear and simple language. The contents of the notice shall be accessible to you at any moment. We shall therefore inform you which personal data are collected or used. Personal data are all the data that pertain to an identified or identifiable natural person.

We value greatly the security of your data and compliance with data protection regulations. The collection, processing and use of personal data are subject to provisions of the currently applicable European and national laws.

In the following privacy policy, we would like to demonstrate how we handle your personal data and how you may contact us:

 

WALA Heilmittel GmbH
Dorfstraße 1
D - 73087 Bad Boll/Eckwälden

Register number: HRB 530784

Telephone: +49 (0)7164 930-0;
Fax: +49 (0)7164 930-297

E-mail: info@wala.de
Web: www.wala.world

Management authorised for representation: Dr. Philip Lettmann (Vorsitzender), Dr. Armin Dörr, Dr. Markus Moßhammer, Prof. Dr. Florian Stintzing

 

Our Data Protection Officer

Our data protection officer may be reached for questions in the following manner:

Sven Lenz, Deutsche Datenschutzkanzlei – Datenschutzkanzlei Lenz GmbH & Co. KG
Bahnhofstraße 50, 87435 Kempten, Germany
E-mail: datenschutz@wala.de

General

In order to ensure better comprehensibility, our privacy policy does not differentiate between genders. For the purposes of equal treatment, relevant terms apply to all sexes.

The meaning of the terms being used, such as “personal data” or “processing” may be found in Article 4 of the EU General Data Protection Regulation (GDPR).

Personal data of the user processed within the scope of this online offer include inventory data (e.g. name and address of customers and end users), contract data (e.g. utilised services, names of officers, payment information), usage data (e.g. visited websites of our online offer, interest in our products) and contact data (e.g. contact form entries).

“User” hereby comprises all categories of persons whose data are processed. These include, for example, our business partners, customers, end users, interested parties and other visitors of our online offer.

Specific

 

A. General

In order to ensure better comprehensibility, our privacy policy does not differentiate between genders. For the purposes of equal treatment, relevant terms apply to all sexes.

The meaning of the terms being used, such as “personal data” or “processing” may be found in Article 4 of the EU General Data Protection Regulation (GDPR).

Personal data of the user processed within the scope of this online offer include inventory data (e.g. name and address of customers and end users), contract data (e.g. utilised services, names of officers, payment information), usage data (e.g. visited websites of our online offer, interest in our products) and contact data (e.g. contact form entries).

“User” hereby comprises all categories of persons whose data are processed. These include, for example, our business partners, customers, end users, interested parties and other visitors of our online offer.

 

B. Specific

Privacy Policy

We warrant that we shall only collect, process, store and use your existing data in relation to the handling of your requests, posts or messages, as well as for internal purposes and for the provisions of services you requested and to provide content.

 

Bases of Data Processing

We process the user’s personal data only in accordance with the relevant data protection provisions. User data are processed only in the event of the following legally permissible instances:

  • to provide our contractual services (e.g. processing of orders) as well as online services
  • the processing is required by law
  • on the basis of your consent
  • based on our legitimate interests (i.e. interest in the analysis, optimisation and cost-effective operation and security of our online offer within the meaning of Art. 6(1)(f) of the GDPR, particularly when measuring reach, profiling for advertising and marketing purposes, as well as the collection of access data and use of third-party services)

We would like to show you where the above legal bases are regulated in the GDPR: 

Consent

Art. 6(1)(a) and Art. 7 of the GDPR

Processing in order to provide our services and implement contractual measures Art. 6(1)(b) of the GDPR
Processing in order to fulfil our legal obligations Art. 6(1)(c) of the GDPR
Processing in order to protect our legitimate interests Art. 6(1)(f) of the GDPR
 
Transfer of Data to Third Parties

Transfer of data to third parties is carried out only in accordance with legal requirements. We forward user data to third parties only if this is required, for example, by contract or on the basis of legitimate interest in the cost-effective and efficient operation of our business activities.

If we employ subcontractors for the provision of our services, we shall take the required legal precautions as well as the corresponding technical and organisational measures to ensure the safety of personal data in accordance with the applicable legal regulations.

 

Data Transfer to Third Countries or International Organisations

Third countries are those countries in which the GDPR is not a directly applicable law. This basically covers all countries outside the EU or the European Economic Area.

Data are transferred to a third country or an international organisation. It must be noted that there are relevant/corresponding warranties available and that you may exercise enforceable rights and effective legal remedies.

 

Storage Duration of Your Personal Data

We adhere to the principles of data minimisation and data reduction. This means that we shall store the data you provided to us only so long as it takes to fulfil the above purposes or as required by various statutory storage periods. If the relevant purpose is not applicable, or the corresponding term expires, your data shall be routinely blocked or erased according to legal regulations.

 

Establishing Contact

You may contact us by phone at the number: +49 7164 9300 or by fax at the number: +49 7164 930297. If you contact us via our contact form or by e-mail, e.g. Datenschutz@wala.de, you agree to electronic communications. When you establish contact with us, personal data shall be collected. In the corresponding contact form, you may find which types of data are collected when using a contract form. Your data shall be sent using SSL encryption. The information you provide shall only be stored for the purpose of processing requests, posts or messages and for possible follow-up questions.

We would like to specify the relevant legal bases:

Processing in order to provide our services and implement contractual measures Art. 6(1)(b) of the GDPR
Processing in order to protect our legitimate interests Art. 6(1)(f) of the GDPR

 

We use a software to maintain customer data (CRM system) or a comparable software on the basis of our legitimate interests (efficient and fast processing of user requests). The system is operated by us in-house. Therefore, data are not transferred to third parties.

We would like to point out that any e-mails you send, including those you send to WALA, may be unknowingly read or modified without authorisation along the transmission path. We also emphasise that we use spam filter software. The spam filter may reject e-mails if some characteristics are mistakenly interpreted as spam.

 

What rights do you have?

a) Right of Access
You have the right to obtain free access to your stored data. Upon request, we shall inform you in writing, pursuant to the applicable law, on which personal data about you we have stored. This also includes the origin and the recipient of your data as well as the purpose of data processing.

b) Right to Rectification
You have the right to have inaccurate data concerning you, which is stored by us, rectified. You may also request the restriction of processing, e.g. when contesting the accuracy of your personal data.

c) Right of Blocking
Furthermore, you may have your data blocked. In order to consider the blocking of your data at any moment, the data must be kept in a locked file for control purposes.

d) Right to Erasure
You may also request the erasure of your personal data, provided there are no statutory retention periods. If such an obligation is applicable, we shall block your data upon request. If the required legal prerequisites are met, we shall erase your personal data even without your corresponding request.

e) Right to Data Portability
You have the right to receive the personal data concerning you, which you provided to us, in a format that enables transfer to another authority.

f) Right to Lodge a Complaint with a Supervisory Authority
You have the option to lodge a complaint with a supervisory data protection authority.


The state data protection and freedom of information officer of Baden-Wuerttemberg
Mailing address: Postfach 10 29 32, D-70025 Stuttgart
Home address: Königstraße 10a, D-70173 Stuttgart
Telephone: +49 711 615541–0
Fax: +49 711 615541–15
E-mail: poststelle@lfdi.bwl.de
Web: https://www.baden-wuerttemberg.datenschutz.de

You may access the complaint form via the following link:
https://www.baden-wuerttemberg.datenschutz.de/beschwerde/

 

g) Right to Object

You have the right at any time to object to the processing of your data, which is processed on the basis of the legitimate interest of the person responsible for data processing. To achieve this, you are only required to send an e-mail to datenschutz@wala.de. However, such an objection does not affect the lawfulness of the data processing carried out up to that moment by us. This does not affect data processing in relation to any other legal bases, e.g. contract initiation (see above).

 

h) Right of withdrawal in the case of consent given

You have the right to revoke your consent to data processing at any time. However, such a revoca-tion does not affect the legality of the processing operations that have taken place up to that point. Data processing with regard to all other legal bases remains unaffected by this.

 
Protection of Your Personal Data

We employ contractual, organisational and technical safety measures, with due regard to the state of the art, in order to ensure adherence to the provisions of data protection laws and for the protection of data that we process against accidental or intentional manipulation, loss, destruction and access by unauthorised persons.

These safety measures especially include the encrypted transfer of data between your browser and our server. For this purpose, we use 256-bit SSL encryption (AES 256). This includes your IP address.

 

Your personal data are thereby protected under the following items (excerpt):

a) Maintaining confidentiality of your personal data
In order to keep the confidentiality of your personal data stored with us, we have taken various measures to control access and entry.

b) Maintaining integrity of your personal data
In order to maintain the integrity of your personal data stored with us, we have taken various measures to control forwarding and input.

c) Maintaining availability of your personal data
In order to maintain the availability of your personal data stored with us, we have taken various measures to control orders and availability.

The safety measures being used are constantly improved in line with technological development. Despite these precautions and due to the insecure nature of the Internet, we cannot guarantee the safety of your data transfer to our online offer. Consequently, any data transfer you perform to our online offer is at your own risk.

 

Schutz Minderjähriger

Persönliche Informationen dürfen Personen, die das 18. Lebensjahr noch nicht vollendet haben, uns nur dann zur Verfügung stellen, wenn das ausdrückliche Einverständnis der Erziehungsberechtigten vorliegt. Diese Daten werden entsprechend dieser Datenschutzerklärung verarbeitet.

Data Processing when Opening a Customer Account and for Contract Performance

According to Art. 6 para. 1 item (b) of the GDPR, personal data shall be collected and processed if you provide them to us for the performance of a contract or the opening of a customer account. The respective entry forms may be inspected to determine which data are being collected. The deletion of your customer account is possible at any moment and may be carried out by sending a notification to the above-mentioned address of the responsible person. We store and use the data you provided for contract performance. After full performance of the contract or the deletion of your customer account, your data shall be blocked with regard to tax and commercial statutory retention periods and erased after the expiration of these periods, unless you have expressly consented to further use of your data or if we reserve the right to a legally permitted further use of data of which you shall be duly informed below.

Forwarding of Personal Data for Contract Performance

As part of contract performance, the personal data collected by us shall be forwarded to the transport company commissioned with the delivery, insofar this is necessary for the delivery of goods. To effect payments, we forward payment data to the commissioned credit institution.

If you have given us your express consent for this in the ordering process, we will give your e-mail address to our transport service provider in accordance with Art. 6 para. 1 item (a) of the GDPR before the delivery of the goods for the purpose of coordinating a delivery date or for delivery notification. In case of delivery of the goods by DHL to Deutsche Post AG, Charles-de-Gaulle-Straße 20, 53113 Bonn, in case of delivery by GLS to General Logistics Systems Germany GmbH & Co. OHG, GLS Germany-Straße 1-7, 36286 Neuenstein.Otherwise, we will only pass on the name of the recipient and the delivery address to our transport service provider for the purpose of delivery in accordance with Art. 6 para. 1 item (b) of the GDPR. The disclosure is made only to the extent necessary for the delivery of goods. In this case, prior coordination of the delivery date with the transport service provider or delivery notification is not possible. The consent can be revoked at any time with effect for the future to the person responsible named above or to the transport service provider.

Payment Methods

When paying via PayPal, by credit card via PayPal, by debit note via PayPal or, if offered, "Kauf auf Rechnung" (purchase on account) via PayPal, we shall forward the payment data, in order to effect payments, to PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal"). PayPal reserves the right to conduct a credit report with regard to the payment methods including credit card via PayPal, debit note via PayPal or, if offered, "Kauf auf Rechnung" (purchase on account) via PayPal. The result of the credit check with respect to the probability of default on payment is used by PayPal to decide on the provision of the respective payment method. The credit report may include probability values (so-called score value). If score values are included in the results of the credit report, they are based on a scientifically recognized mathematical and statistical procedure. The calculation of score values includes, among other things, mailing address data. For further legal data protection information, which may also include the credit agencies used, please refer to the privacy policy of PayPal: https://www.paypal.com/de/webapps/mpp/ua/privacy-full

If you decide to use the payment service provider Stripe for credit card payment, SOFORT Überweisung or giropay/paydirekt, the payment shall be effected by the payment service provider Stripe Payments Europe, 1 Grand Canal Street Lower, IRL Dublin, to whom we shall forward the information communicated during the ordering process along with the information about your order. Your data is forwarded exclusively for the purpose of effecting payments via the payment service provider Stripe.

Sofortüberweisung
When paying using SOFORT, we immediately receive the transfer credit note. For this purpose, you shall provide SOFORT GmbH (Sofort GmbH, Theresienhöhe 12, D-80339 München) with the bank account number, bank code, PIN and TAN via the secure payment form which we cannot access. SOFORT GmbH provides automated and real-time transfer to your online bank account. The due purchase amount shall be transferred immediately and directly to our bank account. If you choose the Sofortüberweisung payment method, a pre-filled form shall open at the end of the ordering process containing our bank details. The due transfer amount as well as the purpose of use shall also be entered. In the form you must specify the country in which the online banking account is located and the bank code. In order to execute the Sofortüberweisung transfer, you must enter the account number and PIN to log in to the online banking account and provide confirmation by entering the TAN. The transaction shall be confirmed immediately. In general, every user may choose Sofortüberweisung as their payment method, if they have an active online banking account with a PIN/TAN procedure. Take note that certain banks do not have the Sofortüberweisung option available. For further information, please refer to the provider's website: https://www.klarna.com/sofort

Credit card
A simple and fast processing of your order is guaranteed when paying with a credit card. All you have to do is enter your credit card number and the 3–4-digit control number on the back of the credit card and the date on which the credit card expires. If your credit card is protected by the MasterCard 3D-Secure or Verified by Visa systems, you will be redirected to a secure website of your credit card issuing bank where you will have to enter the protection code. As soon as the credit card is accepted, the payment shall be considered as effected. The shipping of your items will be activated as soon as the credit card is accepted.

Giropay/Paydirekt
Based on online banking with PIN and TAN numbers, it enables you simple, fast and secure payment using online money transfer. To use Giropay, you only need an online banking giro account at a participating bank or savings bank. Giropay allows you to conduct your online money transfers in the secure online banking environment of your credit institution. This guarantees that sensitive data (PIN/TAN) shall only be exchanged between you and the bank. No third person shall have insight in the personal account and turnover information.
Giropay operates in the following manner: If you decide to pay using Giropay, you will be safely directed to the online banking system of your bank or savings bank after entering your bank code. There you will log in as usual with your access data. Having successfully logged in, a pre-filled money transfer order shall automatically be displayed, already containing all the details of the purchase: invoice amount, reason for payment and bank code of the dealer. You authorize the money transfer by entering TAN. Directly after a successful money transfer, we shall receive a payment guarantee from your bank and be able to send the goods immediately, depending on availability.

Klarna (Purchase on invoice)
We offer the possibility for our customers to select the payment service provider Klarna for payment. In this case, the payment is processed via Klarna Bank AB, Sveavägen 46, 111 34 Stockholm, Sweden (hereinafter "Klarna"). The personal data (first name and surname, street, house number, postcode, town, gender, e-mail address, telephone number and IP address) of our customers, as well as data relating to the order (e.g. invoice amount, article, delivery type) are passed on to Klarna for the purpose of checking identity and creditworthiness, insofar as consent has been expressly given in accordance with Art. 6 Para. 1 lit. a) GDPR during the ordering process. The credit agencies to which personal data may be forwarded as part of the credit check can be viewed here:
https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/credit_rating_agencies.
The credit report may contain probability values (so-called score values). Insofar as score values are included in the result of the credit report, they have their basis in a scientifically recognised mathematical-statistical procedure. The calculation of the score values includes, but is not limited to, address data. Klarna uses the information received about the statistical probability of a payment default for a weighed decision about the establishment, implementation or termination of the contractual relationship.
The consent can be revoked at any time by sending a message to WALA Heilmittel GmbH or to Klarna. However, Klarna may still be entitled to process the personal data if this is necessary for the contractual processing of payments.
Further information on the processing of data by Klarna can be found at the following link: https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/privacy.

Data Processing during Rating of Dr. Hauschka Products in the Web Shop

You can rate our Dr. Hauschka products. For this purpose, you shall enter in the contact form your name, e-mail address and IP address, a summary of your topic and your rating in the form of stars (1-5) and your opinion, if necessary. 


All participants are required to give their surname, name and e-mail and IP address, so that serious forum posts may be posted on the forum. Your e-mail address will not be disclosed. By pressing the “Informed consent” button, the participant provides their consent for the collection and processing of data, which may be health data. The participant makes these willingly available to WALA for release. WALA Heilmittel GmbH collects, processes and uses your personal data expressly to operate the rating forum and stores them to document the forum posts. Ratings and posts are also occasionally published on this online offer, e.g. for product advertising. Personal data shall not be made available to third persons. 


Your rights as a participant in the ratings forum: You may request information regarding which data are stored about you. You may request the rectification, erasure and blocking of your personal data, provided this is legally permissible and possible under an existing contractual relationship. You may object to prevent (further) publication of your own posts. You may also withdraw your consent for the storage of your data at any moment. In these cases, you may send your objection to the following address: datenschutz@wala.de 

The ratings are occasionally published on our online offers and our social media presences, e.g. for product advertising. The personal data will not be made available to third parties.

Data processing when participating in the Dr.Hauschka Friends Programme

Purpose and legal basis of data processing

The Dr. Hauschka Friends Programme offers you the opportunity to network more closely with us and thereby receive benefits that are reserved exclusively for the Friends community. The benefits are tailored specifically to you. This means, for example, that you can reach various Friends levels based on your purchases in our online shop or receive other offers tailored to your person (e.g. birthday benefits). In order to participate in the Dr. Hauschka Friends Programme, we need to process your personal data. The data processing is carried out within the framework of the contract implementation of your participation in the Friends programme, thus on the legal basis of Art. 6 Para. 1 lit. b GDPR. As part of the implementation of the Friends programme, user behaviour analyses are carried out by assigning a tracking ID. We obtain your consent for this through our consent banner.

Data origin and types of data

We have obtained your data through your participation in the Friends programme. This data includes your name, address, date of birth, e-mail address, data on your web shop purchases and your user behaviour within the framework of the Friends programme (e.g. which rewards you have purchased or which "Friends" status you have).

Data storage and data transfer

The data will be stored for the duration of the existing contractual relationship. In addition, we will store your data for as long as necessary to comply with our legal storage obligations, e.g. tax and commercial law obligations.

The data will be processed exclusively by us and our contractually obligated processors for the above-mentioned purpose and will not be passed on to third parties. Data processing takes place exclusively within the EU.

Data protection when connecting the results of the online skin test with webshop account

As part of the online skin test on our website, we offer you the opportunity to determine your skin condition based on a few questions. After completing the skin test, your determined skin condition will be displayed and suitable Dr. Hauschka Skin Care products will then be shown. Your personal data will not be stored or evaluated.

Type and purpose of data processing:

However, we offer you the option of linking your online skin test result with your personal data in your customer account within the scope of two separate consents:

 1. consent to link the result of the online skin test with your user profile.

If you consent to further data processing by clicking the checkbox after completing the skin test, the skin test result data will be linked to your user profile data. The result of the online skin test will be stored in your user profile after you have given your consent and you will be able to view it there at any time. WALA Heilmittel GmbH will also use your data for marketing and statistical purposes, for example to show you individualized product recommendations.

2. consent to link your product purchase after recommendation of the product on the basis of the online skin test

If you give the corresponding consent in the shopping cart by clicking on the checkbox, WALA will record which products you have purchased on the basis of your online skin test and the product recommendation made on it. This data is statistically evaluated by WALA Heilmittel GmbH.

 Legal basis for processing:

By clicking the checkbox, you consent to the corresponding data processing. We thus use the data on the basis of your consent pursuant to Art. 6 (1) lit a) GDPR.

Data transfer to third parties and third countries:

There is no data transfer to third parties, nor to third countries.

 Duration of storage:

Processing within the framework of the link takes place until you revoke your consent or delete your customer account.

Data Processing during the Selection of One of Dr. Hauschka Brand Partners as Your Handler when Purchasing in the Web Shop

You may select a resident handler, with whom you can purchase you Dr. Hauschka products when you are not ordering from the Dr. Hauschka web shop. In doing so, your personal data and order data shall be transferred to WALA. This serves to provide your handler with a percentage commission from your purchase. There is no forwarding of your data to the handler or other third persons. 

Use of your data for postal mailings

This personal data is collected for the following purpose: 

For consumers, the first name, last name and address (Consisting of street, house number, postcode, place of residence and country) will be used to send the promotional letter to consumers.  

For companies, the first name and last name of the contact person, the company name, and the company address are used to deliver the promotional letter to the company's registered office.  

This is what happens to your personal data: 

WALA Heilmittel GmbH collects, processes and uses your personal data to send the postal mailing. 

We work with external service providers to deliver the postal mailing. Your personal data are forwarded only for the purpose of sending the postal mailing and processed solely in accordance with our instructions. 

 Legal basis of data processing:  

The data is processed on the basis of legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR. 

Data protection when participating in events

If you take part in a WALA event as a customer, e.g. as a brand partner, or end consumer, we process your data, which we directly collected from you, for the purpose of registering for and performing the event.  

The legal basis for the processing of the data for the purpose of registration and performance of the events results from Art. 6 para. 1 letter b) GDPR.  

WALA offers both online and offline events. If an event can be booked via the Dr. Hauschka web shop, data processing takes place in accordance with the section "Data protection when purchasing in the Dr. Hauschka web shop".  

The data processing of the other events varies depending on the design of the event, but the following data are collected as a minimum:  

  • Name  
  • Address (when sending products and as billing address) 
  • Contact details (telephone number, e-mail address) 
  • Customer number of the company (for customers) 
  • Payment details (for events not free of charge) 
  • Professional qualifications (for professional events) 
  • Technical data (when using online service providers for online events) 

Please note that in the case of online events, your name, your chat contributions or your oral contributions, e.g. in the context of a workshop, may be visible or audible to the other participants as well as to the organiser. The event organiser will inform you at the beginning of the event about the specific details of these possibilities.  

We only use your data and/or those of your employees internally and do not pass them on to third parties. The data is also processed for the technical implementation and analysis of the webinars by a video conferencing provider contractually bound under a order processing agreement.  

The data is only stored for as long as is necessary to fulfil the purpose of the respective processing. If relevant statutory retention periods apply, we are obliged to retain the data for the legally prescribed period even after the purpose has been fulfilled.  

Data protection when using the e-mail notification function

If a product is not available in our shop, we offer our customers the option of being notified by e-mail when the product is available again.
You can enter your e-mail address for this purpose in the "Notify me when the item is available" field. By entering the e-mail address and pressing the send button, this data is transmitted to us and stored. In the event of product availability, a corresponding notification will be sent to the specified e-mail address.

The legal basis for the data processing is Art. 6 para. 1 lit. f) GDPR for the purpose of notification of product availability.
The email address will be deleted as soon as it is no longer needed to achieve the purpose for which it was collected. In this case, this is the time of notification of product availability. If the product is still not available six months after you have entered your e-mail address in the notification function, your e-mail address will be automatically deleted from our system.

Data subjects have the right to information, deletion and correction of their data. In addition, it is possible at any time to object to the processing of data for the purpose of notification of product availability. In this case, email notification is no longer available. For this purpose, it is sufficient to send an e-mail to the following address: datenschutz@wala.de. The stored e-mail address will be deleted from our system immediately and no notification will be sent.

Data subjects also have the right to complain to the competent supervisory authority if they believe that their data is not being processed in a legally compliant manner.

Data Protection when registering and using the Mediacenter

Responsible for data collection:
The responsible party is WALA Heilmittel GmbH, Dorfstraße 1, D-73087 Bad Boll/Eckwälden, Germany.

Legal basis for the processing: 
By accepting the terms of use a contractual relationship is entered into, accordingly the data according to Art. 6 Para. 1 b) is collected and used for the fulfilment of the contract. In special cases your data also collected and used for the protection of legitimate interests according to Art. 6 para. 1 f).

Personal data are collected for the following purposes:
Digital provision of images, videos and texts for external use, evaluations to adapt the Media Center to user needs. In special cases, such as violation of the terms of use, to protect the legitimate interests.

This happens to your personal data:
Your data are being collected and processed by WALA. Data is only being passed on to service providers who support the operation of the platform with the legally required data protection measures and only within Germany.
When registering for the Media Center, the user's registration authorization is checked. If registration requests are received from abroad, for verification purposes the user data will be forwarded to one of our subsidiaries or distributors within the EU, depending on the country. However, the data will not be transferred to an insecure third country.

Your rights as the subject whose data is processed:
You may request information about which data about you is stored. You may request correction, deletion and blocking of your personal data. WALA will inform you if legal requirements or other reasons speak against the execution.

Deletion of data:
Users of the portal who have been activated can view and manage their data themselves at any time, as well as delete individual data and their entire user account. Blocked user accounts can be deleted by contacting mediacenter@wala.de.

Data Protection when Participating in the Esthetician Forum

Responsibility for data collection in this forum:
The responsible party is WALA Heilmittel GmbH, Dorfstraße 1, D-73087 Bad Boll/Eckwälden

Personal data are collected for the following purpose:
In order to be able to place serious forum posts, which shall be answered on behalf of the operator, all participants are required to provide a surname, name, e-mail address and IP address.

By pressing the “Informed consent” button, the participant provides their consent for the collection and processing of their health data, which they willingly provide to be published in the WALA forum.

This happens to your personal data:
WALA Heilmittel GmbH collects, processes and uses your personal data solely to operate the forum and stores them to keep a record of forum posts and for other consulting activities which also take place outside the forum. Posts are also published individually in anonymous form in this online offer, e.g. for product advertising.
Personal data are not provided to third parties.

Your rights as a participant in the forum:
You may request information regarding which data are stored about you. You may request the rectification, erasure and blocking of your personal data, provided this is legally permissible and possible under an existing contractual relationship.
You may object in order to prevent (further) publication of your own posts. You may also withdraw your consent for the storage of your data at any moment. In these cases, you may send your objection to the following address: datenschutz@wala.de.

Integration of the Trusted Shops trust badge / other widgets

Trusted Shops widgets are integrated on this website to display Trusted Shops services (e.g. seal of approval, collected ratings) and to offer Trusted Shops products to buyers after they have placed an order.

This serves to protect our legitimate interests in optimal marketing by enabling secure shopping, which prevail in the context of a balancing of interests pursuant to Art. 6 (1) p. 1 lit. f GDPR. The Trustbadge and the services advertised with it are an offer of Trusted Shops GmbH, Subbelrather Str. 15C, 50823 Cologne, Germany, with whom we are jointly responsible for data protection pursuant to Art. 26 GDPR. In the following, we inform you about the essential contractual contents according to Art. 26 (2) DSGVO within the framework of this data protection notice.

The trust badge is provided as part of a joint responsibility by a US CDN provider (content delivery network). An appropriate level of data protection is ensured by standard data protection clauses and other contractual measures. Further information on the data protection of Trusted Shops GmbH can be found in their privacy policy.

When the Trustbadge is called up, the web server automatically saves a so-called server log file, which also contains your IP address, the date and time of the call-up, the amount of data transferred and the requesting provider (access data) and documents the call-up. The IP address is anonymized immediately after collection so that the stored data cannot be assigned to your person. The anonymized data is used in particular for statistical purposes and for error analysis.

After order completion, your email address, which is hashed by cryptological one-way function, is transmitted to Trusted Shops GmbH. The legal basis is Art. 6 para. 1 p. 1 lit. f GDPR. This serves to check whether you are already registered for services with Trusted Shops GmbH and is therefore necessary for the fulfillment of our and Trusted Shops' overriding legitimate interests in the provision of the buyer protection linked to the specific order in each case and the transactional evaluation services pursuant to Art. 6 para. 1 p. 1 lit. f GDPR. If this is the case, further processing will be carried out in accordance with the contractual agreement between you and Trusted Shops. If you are not yet registered for the services, you will subsequently be given the opportunity to do so for the first time. Further processing after registration also depends on the contractual agreement with Trusted Shops GmbH. If you do not register, all transmitted data is automatically deleted by Trusted Shops GmbH and a personal reference is then no longer possible.

Trusted Shops uses service providers in the areas of hosting, monitoring and logging. The legal basis is Art. 6 para. 1 lit. f GDPR for the purpose of ensuring trouble-free operation. Processing may take place in third countries (USA and Israel). An adequate level of data protection is ensured in the case of the USA by standard data protection clauses and further contractual measures and in the case of Israel by an adequacy decision.

Within the framework of the joint responsibility existing between us and Trusted Shops GmbH, please prefer to contact Trusted Shops GmbH with data protection questions and to assert your rights using the contact options provided in the data protection information linked above. Irrespective of this, however, you can always contact the responsible person of your choice. Your request will then be forwarded to the further responsible party for response, if necessary.

Table of processing operations and responsibilities.

For more information on the division of responsibilities between us and Trusted Shops, please see the following table:

https://help.etrusted.com/hc/de/article_attachments/4422906705681/20220120_C2_Gemeinsam_Verantwortliche_Tabelle_EN_all_processing.pdf

Data Protection when Transferring Health Data

Responsibility for data collection in relation to reports on drug side effects, serious adverse effects of cosmetic products, and processing of other health data:
The responsible party is WALA Heilmittel GmbH, Dorfstraße 1, D-73087 Bad Boll/Eckwälden

Personal data are collected for the following purpose:
If personal data are entered in a contact form in this online offer, e.g. the “Drug Safety and Side Effects” contact form, they shall mostly include surname, name, age, gender, address, e-mail address, phone number, country and the corresponding drug, if necessary. The patient or consumer shall likewise provide notification on any adverse effects of a drug or cosmetic product. These data are necessary so that WALA, as the manufacturer of WALA drugs and Dr. Hauschka cosmetic products, may fulfil legal obligations, e.g. under Art. 63c of the Act on Drugs or Art. 23 of the Regulation (EC) no. 1223/2009 on Cosmetic Products, communicate notices to competent authorities, e.g. BfArM, and store data for official enquiries.

By pressing the “Informed consent” button, the data subject provides their consent for the collection and processing of their health data, which they willingly entered in the contact form.

If corresponding notices are forwarded to WALA using the e-mail address of the responsible party, e.g. arzneimittelsicherheit@wala.dekosmetiksicherheit@wala.de, data shall be processed for the above-mentioned purpose, provided the express consent of the data subject was obtained beforehand for the storage and forwarding to the corresponding authority.

If any other notices regarding health data are received by the responsible party via e-mail, the data shall be processed only to the extent necessary to best fulfil the request of the data subject, e.g. to answer a product-related question. Prior to the storage and forwarding of data, the express consent of the subject shall be requested.

If WALA receives notices on adverse effects or other health data via telephone, WALA shall obtain express consent for the processing and forwarding of data in the course of the conversation and shall document it, or they shall obtain it via the corresponding e-mail from the data subject.

This happens to your personal data:
WALA Heilmittel GmbH collects, processes and uses your personal data expressly to fulfil the previously specified purposes and stores them on internal servers. Forwarding to third parties is only done to fulfil the previously specified purposes to the relevant authorities and only with express consent, unless the forwarding is anonymous. Third parties may access data provided they are in an agency relationship for data processing (commissioned processing) with WALA, which is necessary for the maintenance and support of IT systems of the responsible parties. Information on the processing of data transferred to the relevant authorities may also be found here: https://verbraucher-uaw.pei.de/fmi/webd/verbraucher_uaw.

Your rights as the subject whose data are processed:
You may request information regarding which data are stored about you. You may request the rectification, erasure and blocking of your personal data, provided this is legally permissible. You may also withdraw your consent for the storage or transfer of your data at any moment. In these cases, you may send your objection to the following address: datenschutz@wala.de.

Data Protection in Prize Contests

Responsibility for data collection in this prize contest:
The responsible party is WALA Heilmittel GmbH, Dorfstraße 1, D-73087 Bad Boll/Eckwälden

Personal data are collected for the following purpose:
All participants shall mostly be required to provide their surname, name, address (comprising the street, number, postal code, city and country), date of birth and e-mail address, so the winner can be properly notified.

This happens to your personal data:
WALA Heilmittel GmbH collects, processes and uses your personal data expressly to perform this prize contest. After the prize contest is finished, along with the subsequent awarding of prizes, your data shall be promptly erased, provided this is not contrary to any legal or contractual regulations.

Your rights as a prize contest participant:
You may request information regarding which data are stored about you. You may request the rectification, erasure and blocking of your personal data, provided this is legally permissible and possible under an existing contractual relationship.

Data Protection of Job Applicants

Responsibility for data collection during job applications:
The responsible party is WALA Heilmittel GmbH, Dorfstraße 1, D-73087 Bad Boll/Eckwälden
The legal basis for the processing of personal data of applicants:

Personal data are collected for the following purpose:
With your application WALA Heilmittel GmbH receives data (in a paper format as well as in digital form), mostly name and surname, address, date of birth, place of birth, information on education and vocational education, advanced training and continuing education, certificates.
WALA Heilmittel GmbH collects, processes and uses your personal data solely for the purposes of job application (= initiation of employment). The processing of your data for purposes other than the one specified is performed only if permissible under Art. 6(4) of the GDPR and if it complies with the original purpose. We shall inform you of any such processing prior to any further processing of your data.

In order to make your electronic application as easy as possible, we offer you the option of filling out the application form in advance by uploading your CV from a medium drive of your choice. A so-called "parsing" then fills out our application form by reading the document. You can then process the prefilled fields in the application form yourself. The entries will only be saved at WALA Heilmittel GmbH as soon as you actively click on "Apply".
This is purely voluntary; you can also make all entries manually at any time, or apply to us by e-mail or post.

This happens to your personal data:
Applicant data shall be stored and processed in personal data processing systems. The technical installation is designed in such a way that only a very narrow group of specially authorised individuals has the right of access, and any other access or knowledge of the data is disabled using the best available technology. Your personal data shall only be stored as long as knowledge of the data is necessary for the purpose of employment or the purpose for which they were collected or if it is required by legal or contractual provisions regarding storage. Your data shall not be transferred to external authorities.
If no contractual relationship is concluded, we shall store your application data for a period of 6 months for the purposes of verification according to the General Non-Discrimination Act. If a contractual relationship is concluded (=employment), we shall transfer the required data to the staff files. In special cases we store data on the basis of legitimate interest or legal requirements (Art. 6 lit 1 c) and f).

Your Rights as an Applicant:
You are entitled to information about the personal data stored about you, the purpose of the processing, any transfers to other authorities and the duration of storage. You may exercise your right of access also by receiving an excerpt or a copy. If data are inaccurate or are no longer necessary for the purpose for which they were collected, you may request rectification, erasure or restriction of processing.
If you have reasons arising from your particular personal situation that oppose the processing of your personal data, you may object to the processing if it is based on a legitimate interest. In such an event we shall only process your data if there is a special vital interest in doing so.
In certain instances, we may request your consent for the processing or transfer of your data. This may occur if, for instance, your application must be stored for a longer period or your application is being considered for another position in our company. Your consent is voluntary in these instances and may be withdrawn by you at any moment with future effect.

Cookies

We use cookies. Cookies are small text files that are stored locally in the cache of your Internet browser. Cookies enable the recognition of the Internet browser. The files are used to assist the browser in navigating the online offer and to enable the full use of all functions.

Our online offer uses: Browser cookies

 

User Control of the Cookies

Browser cookies: You can set any browser to accept cookies only on request. A setting is also possible that allows the acceptance of cookies only on sites that are being currently visited. All browsers offer features that allow selective deletion of cookies. The acceptance of cookies may also be switched off in general, but the level of user-friendliness of this online offer may then be restricted.

 

Use of First Party Cookies (Google Analytics Cookie)

Google Analytics cookies record the following:

  • Unique user - Google Analytics cookies gather and group your data. All activities during a visit are summarized. The placement of Google Analytics cookies enables the distinction between users and unique users.
  • Activities of users - Google Analytics cookies also store data on the start and end time of a visit in the online offer and the number of pages you viewed. When the browser is closed or during longer inactivity of the user (usually 30 minutes), the user session is ended, and the cookie records the visit as finished. Furthermore, the date and time of the first visit are recorded. The total number of visits per unique user is also recorded. External link: http://www.google.com/analytics/terms/de.html

You may prevent Google’s collection and processing of data generated by the cookie and related to the use of the online offer (including your IP address) by downloading and installing a browser plug-in using the following link:
External link: http://tools.google.com/dlpage/gaoptout?hl=de.

More information is available under “Google Analytics / Universal Analytics web analytics service”.

 

Use of Third Party Cookies

In our online offer third party providers use [additional] cookies (third party cookies) during the import of editorial texts or advertisements. Third party providers are also subject to strict legal data protection requirements regarding the availability of personal data.

 

Lifespan of the Cookies Used

Cookies are managed by the web server of our online offer. This online offer uses:
Transient cookies / session cookies (single use)
Lifespan: Until the closing of this online offer

Persistent cookie (continuous browser recognition)
Lifespan: 2 years

 

Deactivation or Removal of Cookies (Opt-out)

Each web browser has options to restrict and delete cookies. For more information, please visit the following websites:

 

 
Google Analytics / GA4 Web Analytics Service

We use Google Analytics 4 on our website, a service of the company Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"), with which the use of websites can be analyzed.

In the version we use, so-called "cookies" are used. Cookies are text files that are stored on your terminal device and enable an analysis of your use of a website. The information collected by cookies about your use of the website is usually transmitted to a Google server and stored and processed there. A transmission of information to the servers of the company Google LLC, based in the USA, cannot be excluded. Google LLC processes the data for its own purposes and may use it to merge the information into a comprehensive profile about you.

The IP address transmitted by your terminal device is always collected and processed anonymously by default and automatically, so that a direct personal reference of the collected information is excluded. For this purpose, Google truncates the IP address within member states of the European Union (EU) or other contracting states of the Agreement on the European Economic Area (EEA) by the last digits.

Through the use of Google Analytics on our website, extensive information is used to evaluate user behavior on our website, to compile reports (reports) on your website activities or your usage behavior and to provide us with further services related to your website usage and internet usage. Furthermore, statistics with statements about age, gender and interests of website users are collected via the "demographic characteristics" function on the basis of an evaluation of interest-based advertising and with the involvement of third-party information. These serve the purpose that we can play out target group-oriented marketing measures. However, the data collected in this way cannot be assigned to a specific person and thus not to you personally.

We also use the "UserIDs" function as an extension of Google Analytics 4.

By assigning individual UserIDs, we can have Google create cross-device reports (so-called "cross-device tracking"). Thus, if you have set up a personal account by registering on this website and are logged into your personal account on different end devices with your related login data, your user behavior will also be analyzed across devices. The data collected in this way shows, among other things, on which end device you clicked on an ad for the first time and on which end device the relevant conversion took place.

We also use the Google Signals service as an extension of Google Analytics 4.

With Google Signals, we can also have Google create cross-device reports (so-called "cross-device tracking"). If you have activated "personalized ads" in your Google account and linked your Internet-enabled end devices with your Google account, Google can analyze usage behavior across devices and create database models based on this. The data shows, among other things, on which device you clicked on an ad for the first time and on which device the relevant conversion took place. We only receive statistics based on Google Signals in this regard. You have the option of deactivating the "personalized ads" function in the settings of your Google account and thus turning off the cross-device analysis in connection with Google Signals.

The data collected as part of the use of Google Analytics 4 will be kept for 2 months and then deleted.

All processing described above takes place exclusively on the basis of your express consent pursuant to Art. 6 (1) lit. a DSGVO in conjunction with. § 25 TTDSG. You can revoke your consent once given at any time with effect for the future. To exercise your revocation, please deactivate this service via the "Cookie Consent Tool" provided on the website.

Further information on Google Signals can be found at the following link: https://support.google.com/analytics/answer/7532985?hl=de

We have concluded a so-called order processing agreement with Google for our use of Google Analytics 4, by which Google is obliged to protect the data of our website users and not to pass it on to third parties.

To ensure compliance with the European level of data protection, even in the event of any transfer of data from the EU or EEA to the USA and possible further processing there, Google refers to the so-called standard contractual clauses of the European Commission, which we have contractually agreed with Google.

Further legal information on Google Analytics 4, including a copy of the aforementioned standard contractual clauses, can be found at https://policies.google.com/privacy?hl=de&gl=de and at https://policies.google.com/technologies/partner-sites.

Use of Google Ads conversion tracking

We, WALA Heilmittel GmbH, use the online advertising program "Google Ads" on our website and, within the framework of Google Ads, the conversion tracking of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google").

We want to draw attention to our attractive offers with the help of advertising media (so-called Google Adwords) on external websites.
In relation to the data of the advertising campaigns, we can determine how successful the individual advertising measures are. By this, we pursue the goal of showing you individualized advertising, making our website more interesting for you and achieving a fair calculation of the advertising costs incurred.

Cookies are small text files that are stored on your end device and usually lose their validity after 30 days. They are not used for personal identification.

The cookie for conversion tracking is set when you click on an ad placed by Google Ads. If you visit certain pages of this website and the cookie has not yet expired, Google and we can recognize that you clicked on the ad and were redirected to this page.

In doing so, we receive a different cookie than the other Google Ads customers. Cookies can therefore not be tracked beyond our website. The information obtained using the conversion cookie is used to create conversion statistics for us. We thus receive information about the total number of users who clicked on our ads and were redirected to a page tagged with a conversion tracking tag. However, we do not receive information that personally identifies users.

We use Google Ads on the basis of your consent pursuant to Art. 6 para. 1 lit. a) DSGVO.

The use of Google Ads may also result in the transmission of personal data to the servers of Google LLC. in the USA. You can obtain more information about Google's privacy policy at the following Internet address: https://www.google.de/policies/privacy/.

You can permanently object to the setting of cookies by Google Ads conversion tracking by downloading and installing the Google browser plug-in available at the following link: https://www.google.com/settings/ads/plugin?hl=de.
Please note that certain functions of this website may not be available or may be restricted if you have deactivated the use of cookies.

Insofar as legally required, we have obtained your consent pursuant to Art. 6 (1) a) DSGVO for the processing of your data as outlined above. You can revoke your consent at any time with effect for the future. To exercise your revocation, deactivate this service in the "Cookie Consent Tool" provided on the website or alternatively follow the option described above to make an objection.

 

Google Ads Remarketing

Our website also uses the functions of Google Ads Remarketing. This allows us to advertise this website in Google search results, as well as on third-party websites. The provider is Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google").

For this purpose, Google sets a cookie in the browser of your end device, which automatically enables interest-based advertising by means of a pseudonymous cookie ID and on the basis of the pages you visit. The processing is based on your consent in accordance with Art. 6 para. 1 lit. f) DSGVO.

If you have consented to Google linking your internet and app browsing history to your Google account and using information from your Google account to personalize ads you view on the web, and if you are logged into Google while visiting pages on our website, Google will use your data together with Google Analytics data to create and define target group lists for cross-device remarketing. For this purpose, your personal data is temporarily linked by Google with GoogleAnalytics data to form target groups.

In the context of the use of Google Ads Remarketing, personal data may also be transmitted to the servers of Google LLC. in the USA.

You can view further information and the privacy policy regarding advertising and Google here: https://www.google.com/policies/technologies/ads/.

For the transfer of your personal data to Google in the USA, your consent is obtained in accordance with Art. 6 para. 1 lit. a) DSGVO. You can revoke your consent at any time with effect for the future. To exercise your revocation, deactivate this service in the "Cookie Consent Tool" provided on the website.

 

Use of Google Ads conversion tracking

We, WALA Heilmittel GmbH, use the online advertising program "Google Ads" on our website and, within the framework of Google Ads, the conversion tracking of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google").

We want to draw attention to our attractive offers with the help of advertising media (so-called Google Adwords) on external websites.

In relation to the data of the advertising campaigns, we can determine how successful the individual advertising measures are. By this, we pursue the goal of showing you individualized advertising, making our website more interesting for you and achieving a fair calculation of the advertising costs incurred.

Cookies are small text files that are stored on your end device and usually lose their validity after 30 days. They are not used for personal identification.

The cookie for conversion tracking is set when you click on an ad placed by Google Ads. If you visit certain pages of this website and the cookie has not yet expired, Google and we can recognize that you clicked on the ad and were redirected to this page.

In doing so, we receive a different cookie than the other Google Ads customers. Cookies can therefore not be tracked beyond our website. The information obtained using the conversion cookie is used to create conversion statistics for us. We thus receive information about the total number of users who clicked on our ads and were redirected to a page tagged with a conversion tracking tag. However, we do not receive information that personally identifies users.

We use Google Ads on the basis of your consent pursuant to Art. 6 para. 1 lit. a) DSGVO.

The use of Google Ads may also result in the transmission of personal data to the servers of Google LLC. in the USA. You can obtain more information about Google's privacy policy at the following Internet address: https://www.google.de/policies/privacy/.

You can permanently object to the setting of cookies by Google Ads conversion tracking by downloading and installing the Google browser plug-in available at the following link: https://www.google.com/settings/ads/plugin?hl=de.

Please note that certain functions of this website may not be available or may be restricted if you have deactivated the use of cookies.

 Insofar as legally required, we have obtained your consent pursuant to Art. 6 (1) a) DSGVO for the processing of your data as outlined above. You can revoke your consent at any time with effect for the future. To exercise your revocation, deactivate this service in the "Cookie Consent Tool" provided on the website or alternatively follow the option described above to make an objection.

 

Google Ads Remarketing

Our website also uses the functions of Google Ads Remarketing. This allows us to advertise this website in Google search results, as well as on third-party websites. The provider is Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google").

For this purpose, Google sets a cookie in the browser of your end device, which automatically enables interest-based advertising by means of a pseudonymous cookie ID and on the basis of the pages you visit. The processing is based on your consent in accordance with Art. 6 para. 1 lit. f) DSGVO.

If you have consented to Google linking your internet and app browsing history to your Google account and using information from your Google account to personalize ads you view on the web, and if you are logged into Google while visiting pages on our website, Google will use your data together with Google Analytics data to create and define target group lists for cross-device remarketing. For this purpose, your personal data is temporarily linked by Google with GoogleAnalytics data to form target groups.

In the context of the use of Google Ads Remarketing, personal data may also be transmitted to the servers of Google LLC. in the USA.

You can view further information and the privacy policy regarding advertising and Google here: https://www.google.com/policies/technologies/ads/.

For the transfer of your personal data to Google in the USA, your consent is obtained in accordance with Art. 6 para. 1 lit. a) DSGVO. You can revoke your consent at any time with effect for the future. To exercise your revocation, deactivate this service in the "Cookie Consent Tool" provided on the website.

 

Microsoft Advertising

We use the conversion tracking technology "Microsoft Advertising" from Microsoft (Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA) on our website.

For this purpose, Microsoft sets a cookie on your terminal device if you have reached our website via a Microsoft Advertising ad displayed in Bing.

This cookie loses its validity after 180 days and is not intended to identify you personally. If you visit certain pages of this website and the cookie has not yet expired, Microsoft and we can recognize that you clicked on the ad and were redirected to this page (conversion page).

The information collected with the help of the conversion cookie is used to create conversion statistics, i.e. to record how many users reach a conversion page after clicking on an ad. This tells us the total number of users who clicked on our ad and were redirected to a page tagged with a conversion tracking tag. However, we do not receive any information with which users can be personally identified.

Collected information may be transmitted to Microsoft servers in the USA and stored there. We have concluded an order processing agreement (EU Standard Contractual Clause (SCC)) with Microsoft, which obliges Microsoft to protect our customers' data and not to pass it on to third parties. Nevertheless, there is a risk to your data, as the USA is considered an insecure third country in terms of data protection law and therefore the level of protection applicable in the EU can no longer be guaranteed. For this reason, we obtain an additional separate express consent for data transfer to the USA in accordance with Art. 49 (1) a) DSGVO via our consent banner.

All processing described above, in particular the setting of cookies for reading out information on the end device used, will only be carried out if you have given us your express consent to do so in accordance with Art. 6 (1) a) DSGVO. Without this consent, Microsoft Advertising will not be used during your visit to the site.

 You can revoke your consent at any time with effect for the future.

 To exercise your revocation, please deactivate this service in the "Cookie Consent Tool" provided on the website.

 At the following Internet address you can obtain further information about the

Microsoft privacy policy: https://privacy.microsoft.com/de-de/privacystatement.

 

Microsoft Clarity

On this website, we use the "Microsoft Clarity" service provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399 USA (hereinafter "Microsoft"). For statistical analysis of user behavior and for optimization and marketing purposes, various user information is collected and stored.

This information, for which a personal reference is always excluded, includes, among other things, time zone setting, operating system and platform, the geographical origin of the page call, in the case of forwarding to our site the forwarding origin, the duration of visits to certain pages and information about website interaction (e.g. scrolling, clicks and mouse-overs). This information collected does not allow to identify a person.

Pseudonymized usage profiles can be created and evaluated from this data for the same purpose.

Cookies are used for collection and analysis. Cookies are small text files that are stored locally in the cache of the site visitor's Internet browser. Among other things, the cookies enable the recognition of the Internet browser.

The data collected using Microsoft technologies will not be used to personally identify the visitor to this website without your separate consent, and they will not be merged with personal data about the bearer of the pseudonym.

Collected information may be transmitted to Microsoft servers in the USA and stored there. We have concluded an order processing agreement (EU Standard Contractual Clause (SCC)) with Microsoft, by which we oblige Microsoft to protect our customers' data and not to pass it on to third parties. Nevertheless, there is a risk to your data, as the USA is considered an insecure third country under data protection law and therefore the level of protection applicable in the EU can no longer be guaranteed. For this reason, we obtain your additional separate express consent for data transfer to the USA in accordance with Art. 49 (1) a) DSGVO via our Consent banner.

All processing described above, in particular the setting of cookies for reading out information on the end device used, will only be carried out if you have given us your express consent to do so in accordance with Art. 6 (1) a DSGVO. Without this consent, Microsoft Clarity will not be used during your visit to the site.

You can revoke your consent at any time with effect for the future.

To exercise your revocation, please deactivate this service in the "Cookie Consent Tool" provided on the website.

For more information about Microsoft Clarity's privacy policy, please visit https://clarity.microsoft.com/terms.

 

Kameleoon

We use the Kameleoon testing and web analytics service of Kameleoon SAS, 12 Rue de la Chaussée d'Antin, 75009 Paris on our websites for the purpose of improving user experience and personalising content.

The programme enables the analysis of user behaviour based on user segmentation and therefore an evaluation of how individual user segments visit the website and which landing pages are visited (so-called A/B testing). For the analyses, IP addresses are anonymised and an ID is generated from them. This ID is then linked to the browser's local storage data and any cookies used. Kameleoon uses cookies to identify a visitor's browser and analyse the use of this website.

The information generated by the setting of cookies about the use of our websites is transmitted to a Kameleoon server in Germany and stored there in aggregated and pseudonymised form. The IP address transmitted by your browser as part of the Kameleoon process is not merged with other data from Kameleoon. The evaluation of the collected anonymised data takes place over a maximum period of 365 days.

The legal basis for the analyses carried out by means of the Kameleoon tool and the associated storage of cookies on the end user's terminal equipment is the consent given in accordance with Art. 6 (1) (a) GDPR and § 25 (1) TTDSG (Telecommunications Telemedia Data Protection Act).

 

Use of Hotjar

We use the Hotjar analysis tool, from Hotjar Ltd. (Level 2, St Julians Business Cen-tre, 3, Elia Zammit Street, St Julians STJ 1000, Malta, Europe Tel: +1 855 464-6788) ("Hotjar") on our website. Hotjar Ltd. is a European company with its registered office in Malta.

We use Hotjar on the basis of your consent in accordance with Art. 6 para. 1 lit a) DSGVO. You may have given us this consent at the beginning of your visit to our website.

With Hotjar we analyse your behaviour within our website. This concerns the following information:

  • Clicks
  • Mouse movements
  • Hover
  • Scroll
  • Scroll heights
  • Leaving our website
  • Point at which you have cancelled your entries in the contact form

From this Hotjar creates so-called heat maps for us. With these we can determine which areas of our website are of greater interest to you.

The following information will continue to be processed by Hotjar:

  • IP address (collected and stored in anonymous form)
  • Your e-mail address including your first name and surname, if you have made this available to us via our website
  • Screen size of the end device
  • Device type and browser information
  • Geographical viewpoint (country only)
  • language preference
  • Log data
  • Referrer URL
  • Visited pages
  • Date and time of website access

Furthermore, we have the possibility to obtain your direct feedback with the help of Hotjar. This is possible by using the answers in the feedback tool.

In this way we gain valuable information to make our websites faster and more customer-friendly. This corresponds to our legitimate interest in optimisation and marketing purposes and the design of our website in line with our interests in accordance with Art. 6 para. 1 lit. f) DSGVO.

In order to fulfil this purpose, a corresponding cookie is set. These cookies can be used in particular to determine whether our website has been visited with a particular terminal device or whether the functions of Hotjar have been deactivated for the browser in question.

Areas of the websites in which personal data of you or third parties are displayed are automatically hidden by Hotjar and can therefore not be traced at any time. In order to exclude the possibility of direct personal references, IP addresses are only stored and processed anonymously.

Hotjar uses various services from so-called third party providers. These are for example Google Analytics. Because of this, these services may process data that is transmitted by your browser in the context of web page requests. These can be, for example:

  • Cookies
  • IP requests

In these exceptional cases, in accordance with Art. 6 para. 1 letter a) DSGVO, this processing is carried out on the basis of the consent you have given for the purpose of statistical analysis of user behaviour for optimisation and marketing purposes. For further information on how Google Analytics stores and uses data, please see their respective data protection declarations.

The cookies that Hotjar uses have a different "lifetime". Some last for up to 365 days, some only last for the current visit.

Hotjar offers each user the option of preventing the use of the Hotjar tool by means of a "Do Not Track" header, so that no data about the visit to the respective website is recorded. This is a setting that supports all common browsers in their respective current version. For this purpose, your browser sends a request to Hotjar with the note to deactivate the tracking of the respective user. If you visit our website with different end devices, you must set up the "Do Not Track Header" for each end device separately.

You can find detailed instructions with information about your browser at: https://www.hotjar.com/opt-out

Further information about Hotjar Ltd. and about the Hotjar tool can be obtained by clicking on the link below: https://www.hotjar.com

For further information on the data protection information, please click on the following link: https://www.hotjar.com/privacy

Insofar as legally required, we have obtained your consent for the processing of your data as described above in accordance with Art. 6 para. 1 lit. a) DSGVO. You can revoke your consent at any time with effect for the future. In order to exercise your revocation, please follow the above-mentioned option to make an objection.

 

Use of Nero Ads conversion tracking

We use the online advertising programme "Nero" on this website and thereby the conversion tracking of Mediaplus Media 1 GmbH & Co. KG, Brienner Str. 45ad, 80333 Munich, with whom we have concluded an order processing agreement. This enables us to draw attention to our offers with the help of advertising media on external websites and to determine how successful the individual advertising measures are in relation to the data of the advertising campaigns. Our aim is to show you advertising that is of interest to you, to make our website more interesting for you and to calculate the advertising costs incurred.

The conversion tracking cookie is set when a user clicks on an ad placed by Mediaplus. Cookies are small text files that are stored on your terminal device. The cookie enables us to recognize that the user clicked on the ad and was redirected to this page.

The information collected with the help of the conversion cookie is used to create conversion statistics for us. We learn whether you clicked on an ad and were redirected to our webshop and which products you bought at what value in the webshop.

We only use conversion tracking if you have given us your consent for this, Art. 6 para. 1 lit. a DSGVO in conjunction with. § 25 TTDSG.

You can revoke your consent at any time with effect for the future. To exercise your revocation, deactivate this service in the "Cookie Settings" provided on the website.

 

Use of AdForm

We, WALA Heilmittel GmbH, use the retargeting technology of Adform Germany GmbH, Großer Burstah 50-52, 20457 Hamburg ("Adform") on our website.

This enables us to target our website visitors with advertising that we personalize and adapt to their interests because we can see that they have already shown an interest in our shop and our products.

The retargeting technology used places a cookie on the user's device. Cookies are small text files that record pseudonymised interests and are used to analyse user behaviour and display personalized advertising material. For this purpose, information on the operating system, browser version and settings, anonymised IP addresses, geographical location and the number of clicks or views are stored in pseudonymised user profiles. In this way, you are shown advertising that is highly likely to correspond to your product and information interests.

We obtain your consent for these processing operations, in particular the setting of cookies for reading out information on the end device used, in accordance with Art. 6 Para. 1 lit. a DSGVO, § 25 Para. 1 TTDSG. You can revoke your consent at any time with effect for the future by deactivating this service in the "cookie settings" provided on the website.

The Adform cookie has a term of 180 days. Your data will be stored for this long.

In order to be able to use the advertising spaces from other websites, the cookies can be synchronised with further platforms. An up-to-date overview of the other platforms can be found at the following link: https://site.adform.com/privacy-center/adform-cookies/. The legal basis for this is Art. 6 para. 1 lit. a) DSGVO. Since data is transferred to platforms in third countries that are not members of the EU or the EEA or which, in the opinion of the EU Commission, do not have an adequate level of data protection within the meaning of the GDPR, consent is also obtained for this in accordance with Article 49 (1) (a) of the GDPR.

 

Use of etracker

On our website, we use the technologies of etracker GmbH, Erste Brunnenstraße 1, 20459 Hamburg (www.etracker.com), to collect and store the data of visitors to our website for analysis purposes and to create and evaluate pseudonymized usage profiles.

We use both cookieless tracking and tracking with cookies. Cookies are small text files that are stored locally in the cache of the site visitor's Internet browser. Among other things, the cookies enable the recognition of the Internet browser.

For tracking under the use of cookies for reading out information on your terminal device, we obtain your consent pursuant to Art. 6 para. 1 lit. a) DSGVO in conjunction with. § 25 para. 1 TTDSG. You have the right to revoke this consent at any time without giving reasons. To do so, simply use our cookies consent tool, which you can find in the footer area of our website under the "Cookie Settings" button.

However, we also use tracking without setting cookies on your terminal device. In this case, the data is collected and stored that is transmitted from your browser to our server during a page view (pseudonymous data). The pseudonymous information makes it possible to link individual page views to a coherent visitor session. In this way, all website interactions and conversions are technically recorded even without cookie activation. Only the recognition of a visitor is limited to 24 hours. The following data is collected without cookies:

  • Page views
  • End device type, operating system and browser
  • Geo-information up to city level
  • Referrer websites
  • Scroll events
  • Exiting the website (automatically & to the second)
  • Click events such as search terms entered, files downloaded, videos viewed, external link calls (automatically and via CSS selector)
  • Conversions such as signups, orders, etc.
  • conversion upload to Google Ads
  • the shortened IP address;
  • information on the end device, operating system and browser used;
  • the URL called up with associated page title and optional information about the page content;
  • the subsequent pages that were called up from the called-up web page within a single web page;
  • the time spent on the web page;
  • downloaded files, viewed videos, ordered items.

The legal basis for the data collection by means of the cookie-free tracking is Art. 6 para. 1 lit f) GDPR (legitimate interest). You have the option to object to the tracking without cookies at any time if you do not agree. You can contact us for this purpose by telephone, tel. no.: +49 7164 9300 or by fax, fax no.: +49 7164 930297. If you contact us via our contact form or via e-mail, e.g. datenschutz@wala.de, you agree to electronic communication.

We have concluded an order processing contract with eTracker in accordance with Art. 28 DSGVO. Your data will be evaluated and used exclusively within the framework of this contractual relationship. Data will not be passed on to third parties. Since eTracker is a German company that also operates its servers in Germany, there is also no data transfer to an unsafe third country.

You can obtain further information about etracker's data protection policy at the following Internet address: https://www.etracker.com/de/datenschutz.html.

 
Use of Facebook pixels

Within our online offer, so-called "Facebook pixels" of the social network Facebook, which is operated by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, or if you are resident in the EU, Face-book Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("Facebook"), are used. Using the Facebook pixel, Facebook is able to determine the visitors of our offer as a target group for the display of ads, so-called "Facebook ads". Accordingly, we use the Facebook pixel to present our Facebook ads only to Facebook users who have shown an interest in our website. This means that with the help of the Facebook pixel we want to ensure that our Facebook ads correspond to the potential interests of the users and do not appear annoying. The Facebook pixel also enables us to track the effectiveness of Facebook ads for statistical and market research purposes by show-ing us if users were directed to our website after clicking on a Facebook ad.

The Facebook pixel is integrated directly by Facebook when our web pages are accessed and can store a so-called cookie, i.e. a small file, on your electronic device. If you then log in to Facebook or visit Facebook when logged in, the visit to our offer is noted in your profile. The data collected about you is anonymous to us and does not give us any information about the identity of the user. Howev-er, the data is stored and processed by Facebook so that a connection to the respective user profile is possible. Facebook processes the data in accordance with Facebook's data policy. For more infor-mation about how the remarketing pixel works and how Facebook ads are displayed, see Facebook's Data Policy: https://www.facebook.com/policy.php.

DISABLE FACEBOOK PIXEL


You may opt out of Facebook pixel collection and use of your information to display Facebook ads. To do this, you can go to the page set up by Facebook and follow the instructions on the settings for usage-based advertising: https://www.facebook.com/settings?tab=ads or explain the objection about the US page http://www.aboutads.info/choices/ or the EU page http://www.youronlinechoices.com. The settings are platform-independent, i.e. they are applied to all electronic devices, such as desktop computers or mobile devices.

 

Facebook-Fanpage

Information on data protection when visiting our Dr. Hauchka Facebook fan page can be found here.

 

Use of Facebook plug-ins

We use plug-ins of the facebook.com social network website, which is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”). If you access our online offer via one of these plug-ins, a connection to the Facebook server is established. The content of the plug-in is then transmitted directly to your browser and displayed on the webpage. This tells the Facebook server that you have visited our online offer. If you are logged in as a Facebook member, Facebook assigns this information to your personal Facebook account.

When you use plug-in functions (e.g. clicking the “like” button or leaving a comment), this infor-mation is also assigned to your Facebook account, which can only be prevented by logging out before using a plug-in.
For more information on how Facebook collects and uses data, as well as on data rights and ways to protect your privacy, please refer to Facebook’s privacy policy.

 

Use of Instagram plug-ins

We use plug-ins of the Instagram social network website, which is operated by Instagram LLC., 1601 Willow Road, Menlo Park, CA 94025, USA (“Instagram”). These plug-ins are marked with an Instagram logo, e.g. in the form of an “Instagram camera”. An overview of the Instagram plug-ins and their appearance can be found at: http://blog.instagram.com/post/36222022872/introducing-instagram-badges.
When you access our online offer, which contains one of these plug-ins, your browser establishes a direct connection to Instagram's servers. Instagram sends the content of the plug-in directly to your browser and integrates it into the page. This informs Instagram that your browser has visited our corresponding webpage, even if you do not have an Instagram profile or are not currently logged in to Instagram. This information (including your IP address) is sent directly from your browser to an Instagram server in the USA and stored there. If you are logged in to Instagram, Instagram can immediately assign your visit to our online offer to your Instagram account. If you interact with the plug-ins, e.g. by pressing the “Instagram Camera” button, this information is also transmitted directly to an Instagram server and stored there. The information is also published on your Instagram ac-count and displayed to your contacts.
For information on the purpose and extent of Instagram’s data collection and how this data is further processed and used, as well as your data privacy rights and options for protecting your privacy, refer to Instagram’s data protection information: https://help.instagram.com/155833707900388/.
If you do not want Instagram to associate the data collected via our website directly with your Insta-gram account, you must log out of Instagram before visiting our website. You can also prevent the Instagram plug-ins from loading entirely by using add-ons for your browser, e.g. the “NoScript” script blocker (http://noscript.net).

 

Instagram-Fanpage

Information on data protection when visiting our Dr. Hauschka Instagram fan page can be found here.

  

Pinterest tag conversion tracking

We use the conversion tracking technology of the provider Pinterest Europe Ltd, Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland on our website.

If you have reached our website from an advertisement on Pinterest, the success of the advertisement can be tracked with the help of cookies and/or comparable technologies (tracking pixels, web beacons, pings or HTTP requests). For this purpose, certain end device and browser information, including your IP address if applicable, is read via the tracking technology in order to record and evaluate user actions predefined by us (e.g. completed transactions, leads, search queries on the website, calls to product pages). This allows us to compile statistics on user behavior on our website after forwarding from an advertisement, which we use to optimize our offer. In doing so, we can statistically evaluate information about the browser used, including settings, as well as age and gender.

 For this purpose, certain end device and browser information, including your IP address if applicable, is read via tracking technology in order to record and evaluate user actions predefined by us (e.g. completed transactions, leads, search queries on the website, calls to product pages).

This allows us to create statistics about user behavior on our website after forwarding from an advertisement, which we use to optimize our offer. In doing so, we can statistically evaluate information about the browser used, including settings, as well as age and gender. All processing described above, in particular the setting of cookies for reading out information on the end device used, will only be carried out if you have given us your consent in accordance with Art. 6 para. 1 lit. a) DSGVO in conjunction with. § 25 para. 2 TTDSG have given your express consent to this.You can revoke your consent at any time with effect for the future by deactivating this service in the "Cookie Consent Tool" provided on the website.

 We have concluded a joint responsibility agreement with the provider Pinterest pursuant to Art. 26 DSGVO (so-called Joint Controllership Agreement), as the latter not only provides us with the data, but also processes them for its own purposes. Such a JCA is necessary to determine the respective responsibilities for compliance with the obligations relating to joint processing. The information requirements pursuant to Article 13 (1a) and (b) of the GDPR for Pinterest are available at: https://policy.pinterest.com/de/privacy-policy#section-residents-of-the-eea.

There you can also access further information on how Pinterest Europe processes personal data, including the legal basis on which Pinterest Europe relies and the ways in which data subject rights can be exercised against Pinterest Europe. However, you can also assert your data subject rights against WALA Heilmittel GmbH.

Matterport

On our website, we use the service of Matterport Inc. to integrate 3D tours, 352 E. Java Dr., Sunnyvale, CA 94089, USA. The 3D tours are integrated into our website via iFrame. The integration is carried out by the agency GET VIZUEL, Wilhelmstraße 34, 71034 Böblingen, which has also concluded the contract with Matterport.

Tracking of the users who play the video takes place. For this purpose, cookies are set on the end devices of the Users and personal data (the IP address and browser meta data) are also transmitted to Matterport in the USA and used there by them for their own purposes.

All processing described above, in particular the setting of cookies for the reading of information on the end device used, will only be carried out if you have given us your explicit consent in accordance with Art. 6 para. 1 lit. a GDPR in conjunction with Section 25 (2) TTDSG. Since data is transferred to the USA and the USA is considered an unsafe third country, we also obtain your consent in accordance with Art. 49 (1) (a) GDPR.

You can revoke your consent at any time with effect for the future by deactivating this service in the "Cookie Consent Tool" provided on our website.

We have concluded a joint responsibility agreement with the service provider GET VIZUEL in accordance with Art. 26 DSGVO. Joint responsibility exists because GET VIZUEL provides us with the account to Matterport and thus also accesses the collected data. However, data subject inquiries concerning the collection of data via our website can be asserted by data subjects via the specified contact at WALA Heilmittel GmbH.

Use of YouTube

Our online offer uses services provided by YouTube for the viewing and playback of videos. The operator of this service is YouTube, LLC 901 Cherry Ave. San Bruno, CA 94066 USA. More infor-mation can be found in YouTube’s privacy policy.

According to the operator, these services operate in extended data protection mode, which means storage of user information is not initiated until the video(s) are played.
When embedded Youtube videos are played, YouTube uses cookies to collect information about user behaviour. According to Youtube, these serve, among other things, to collect video statistics, to improve user-friendliness and to prevent abusive practices. Irrespective of whether the embedded videos are played or not, a connection to the Google network “DoubleClick” is established each time a user accesses our online offer. This can trigger further data processing that is outside our influence.

You can find more details about the use of cookies on YouTube in YouTube’s data privacy policy, available at: http://www.youtube.com/t/privacy_at_youtube


For more information on embedding videos in compliance with data protection regulations, visit:
https://www.blogmojo.de/youtube-videos-datenschutzkonform-einbetten/

  

Newsletter

If you sign up for our e-mail newsletter we shall collect personal data. Such data are used for our promotional purposes in the form of your e-mail newsletter, provided that you give your express consent in the following manner:

“Yes, I would like to subscribe to the newsletter! I have read the Privacy Policy. “

You may cancel the newsletter at any moment using the corresponding link in the newsletter or by sending the appropriate notice to us at the e-mail newsletter-abbestellen@wala.de. Upon cancellation, your e-mail address shall be promptly erased from our newsletter recipient list and placed in a locked file in order to ensure the newsletter is sent no more.

Newsletter tracking: If you have previously given your express consent, newsletter tracking (a.k.a. web beacons or tracking pixels) shall be used. Upon the delivery of the newsletter, an external server may then collect certain data on the recipient, e.g. the time of retrieval, IP address or information on the used e-mail programme (client). The name of the image file is customised for each mail recipient by attaching a unique ID. The mail sender remembers which ID belongs to which e-mail address and is thus able to determine during image retrieval which newsletter recipient just opened an e-mail.

As part of newsletter tracking, user behaviour data are collected under a pseudonym. This comprises the following pseudonymised data: recipient, recipient minus bounces, recipient in queue, recipient is skipped over, unique cancellation rate, unique cancellations, bounce rate, bounces (namely hard and soft bounces), unique open rate, unique open, open rate, openings, unique click rate, unique clicks, click rate, clicks, effective unique click rate, clicks for the segmentation of target groups.

We cooperate with an external service provider, entergon GmbH &Co. KG, Wilhelmstr.14A, 61381 Friedrichsdorf in order to deliver the newsletter. Your personal data shall be forwarded to entergon GmbH for the purpose of sending the newsletter and they shall process them solely according to our instructions.

WALA World Info Mail

You have the opportunity to register for the free WALA World Subscription at www.wala.world. The WALA-World-subscription is sent out at irregular intervals and serves to provide information about new articles on the website https://www.wala.world.

If you register for our WALA-World-subscription, personal data is collected. This data is used by us for our own advertising purposes in the form of your WALA-World-subscription, provided that you give express consent in the following manner:

 "Yes, I would like to subscribe to the WALA-World-subscription! I have read the Privacy Policy".

You may cancel the WALA-World-subscription at any time by clicking on the corresponding link in the WALA-World-subscription E-mail or by sending us a message to this effect by e-mail to abo-abbestellen@wala.de. Upon cancellation, your e-mail address shall be promptly erased from our WALA-World-subscription distribution list and included in a blocking file to ensure revocation.

The WALA-World-subscription will be delivered by us, WALA Heilmittel GmbH. Your data will be transmitted to our order processor submedia fresh media solutions no tins GmbH, Augustenstraße 44, 70178 Stuttgart, Germany, in order to process the WALA-World-subscription registration on the WALA World website. Your data will be processed exclusively in accordance with our instructions.

Use of Google Maps

We use Google Maps for displaying maps and for creating travel routes. Google Maps is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. By using this online offer, you consent to the collection, processing and use of the automatically collected data and the data you entered (including the IP address) by Google or any of their representatives or third-party providers. The terms of use for Google Maps may be found at the following link:

https://www.google.de/intl/de/policies/terms/regional.html

More details on transparency and choice options as well as data protection provisions may be found in the Privacy Centre of google.de: https://www.google.de/intl/de/policies/privacy/?fg=1

Changes to our Data Protection Provisions

We reserve the right to occasionally adjust our privacy policy, so it can comply with the applicable legal requirements or to implement changes to our services in the privacy policy. For example, this may include the introduction of new services. Therefore, the new privacy policy shall apply to your return visit.

Trademarks

Each logo or trademark specified herein is the property of the respective company. Brands and names are provided for informational purposes only.