E-commerce Data Privacy Policy

Data Protection Policy of bugatti GmbH and bugatti Retail GmbH (May 2018)

We are delighted about your interest in our website.
Bugatti GmbH, bugatti Retail GmbH, its subsidiaries and partner companies (hereafter referred to as “bugatti”) place great importance on the protection of your personal data and your right to informational self-determination.

You can find detailed information about how we handle your data below.

Contents

  • I. Name and address of the controller
  • II. Name and address of the data protection officer
  • III. General information about the collection, processing and use of personal data
  • IV. Hosting services by a third-party provider
  • V. Personal data in the order process
  • VI. Forwarding data to process orders
  • VII. Credit checks
  • VIII. Newsletter and targeted advertising
  • IX. Use of cookies
  • X. Use of social media plugins as well as “user action pixels” Social media plugins
  • XI. Use of website analysis and online marketing services
  • XII. Right to information
  • XIII. Consent

I. Name and address of the controller

The data controller in accordance with the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is:


bugatti GmbH
Hansastraße 55
32049 Herford
Germany
Tel.: 05221-884-0
E-Mail: info@bugatti.de
Website: www.bugatti-fashion.com

II. Name and address of the data protection officer

In the case of questions regarding the collection, processing or use of your personal information, or for information about, corrections, blocking or deletion of data, as well as to retract any consent given, please contact the data protection officer:

bugatti GmbH
Waldemar Stor, Data Protection Officer
Hansastraße 55
32049 Herford
Germany
Tel.: 05221-884-0
E-Mail: datenschutz@bugatti.de
Website: www.bugatti-fashion.com

III. General information about the collection, processing and use of personal data

You can visit our websites without providing information about yourself. Each time you load our website, the web server only automatically stores a server log file, which e.g. contains the name of the file requested, your IP address, date and time of access, volume of data transferred and the querying provider (access data) and documents the access.

What do we collect this data for?

This access data is evaluated exclusively for the purposes of ensuring the seamless operation of the website as well as an improvement to our website. This helps to guarantee our preponderant legitimate interests in presenting our website correctly when we weigh up our interests.

For how long is the data saved?

All access data for your visit to the website is stored for at least one month.

IV. Hosting services by a third-party provider

As part of processing on our behalf, a third-party provider provides the services required for hosting and to present the website. All data that is collected as part of use of this website or in specific forms in the online forms as described below is processed on its servers. Processing on other servers only takes place to the extent explained here. This service provider is located within a country in the European Union or the European Economic Area.

V. Personal data in the order process

We collect personal data if you share it with us when placing an order or contacting us (e.g. via a contact form or email). Mandatory fields are marked as such, as in these cases we absolutely require this data to process orders or your communication with us, and without which we would not be able to place your order or send communication to you. It is clear in each input form which data is collected.

What do we collect this data for?

We use the data you share with us to process orders and your queries as well as to carry out customer loyalty measures or for targeted advertising.

For how long is the data saved?

After the contract has been processed, your data is restricted for further processing and deleted after the expiry of any tax and trade law-specific storage deadlines, insofar as you have not consented to the further use of your data, or we are bound to use data beyond this extent in a way that is permitted by law and is specified in this declaration.

VI. Forwarding data to process orders

To fulfil contracts, we will pass on your data to the delivery company carrying out the delivery to the extent that is required for the delivery of the goods. Depending on which payment service provider you choose in the order process, we will pass on your payment details to the banking institute or payment service provider commissioned to handle the payment in order for them to be able to process the payment.

The payment service provider selected also collects some data itself so that it can create an account for you. In this case, you must register with the payment service provider with your access data in the order process. The data privacy policy of the relevant payment service provider applies:
https://www.paypal.com
https://www.adyen.com

VII. Credit checks

Unser Unternehmen prüft regelmäßig bei Vertragsabschlüssen und in bestimmten Fällen, in denen ein berechtigtes Interesse vorliegt auch bei Bestandskunden Ihre Bonität. Dazu arbeiten wir mit der Creditreform Boniversum GmbH, Hellersbergstraße 11, 41460 Neuss zusammen, von der wir die dazu benötigten Daten erhalten. Im Auftrage von Creditreform Boniversum teilen wir Ihnen bereits vorab dazu folgende Informationen gem. Art. 14 EU-DSGVO mit:

Creditreform Boniversum GmbH is a consumer credit agency. It operates a database, in which the credit informations of private persons are stored.

Creditreform Boniversum shares credit informations with its customers on this basis. Its customers include for example credit institutes, leasing companies, insurance companies, telecommunications companies, accounts receivable companies, shipment, wholesale and retail companies as well as other companies that supply or provide goods or services. In line with statutory provisions, part of the data available in the information database is also used to supply other company databases, including the use for address trading purposes.

The database of Creditreform Boniversum stores, in particular, information about people’s name, address, date of birth potentially the email address, payment behaviour and shareholdings. The purpose of processing the data stored is to provide information about the creditworthiness of the person queried. The legal basis for processing is Art. 6 (1) (f) GDPR. Information about this data can only be granted if a customer has a justifiable, legitimate interest in gaining knowledge of this information. Insofar as data is transmitted to states outside of the EU, this takes place on the basis of “standard contractual clauses, which you can see at the following link:
http://eur-lex.europa.eu/legal-content/DE/TXT/PDF/?uri=CELEX:32001D0497&from=DE
or even send it to yourself.

The data is stored for as long as it is needed to fulfil the purpose of the storage. In general, this knowledge is necessary for a storage duration of initially four years. After this period expires, it will be checked whether storage is still necessary, otherwise the data will be deleted immediately. Once a matter has been settled, the data will be deleted three days later to the day. Entries in the debtors’ list are deleted after three years from the date of entry in accordance with Section 882e Code of Civil Procedure (ZPO). You can find further details in the code of conduct for the testing and deletion deadlines for personal data by German credit agencies issued by the association “Die Wirtschaftsauskunfteien e.V.”.

Legitimate interests in accordance with Art. 6(1)(f) GDPR may include: Credit decision, initiation of business transactions, shareholdings, claims, credit checks, insurance policies, disclosure of enforcement.

You have a right to demand that Creditreform Boniversum GmbH informs you of all data they have stored that concerns you. If any of the data stored about you is incorrect, you are entitled to correction or deletion. If it cannot be determined immediately whether the data is incorrect or accurate, you are entitled to demand that the data be blocked until the matter has been resolved. If your data is incomplete, you can request that it will be completed.

If you have given your consent to the processing of the data stored at Creditreform Boniversum GmbH, you have the right to revoke this consent at any time. The lawfulness of any processing of your data that takes place on the basis of your consent prior to the withdrawal will not be affected by such revocation.

If you have any objections, desires or complaints with regard to data protection officer, you can contact the data protection officer at Creditreform Boniversum at any time. They will help you quickly and confidently with all data protection issues. You can object to the processing of data by Boniversum to the regional data protection officer responsible for your state.

The data that Creditreform Boniversum has stored about you comes from publicly accessible sources, collection agencies and their customers.

To describe your creditworthiness, Creditreform Boniversum creates a score based on your data. Your score is based on data including your age and sex, address details and some payment experience information. Different types of data have different weighting in the score calculation. Creditreform Boniversum customers use the score value as an aid when making a credit decision.

Right to object:

The processing of the data stored at Creditreform Boniversum takes place based on mandatory privileged reasons of credit and creditor protection, which regularly outweigh your interests, rights and freedoms or are used to assert, exercise or defend against legal claims. You can only object to the processing of your data by Creditreform Boniversum in the event of reasons that arise from your own particular situation, and evidence must be able to be provided. Should such special reasons clearly exist, the data will no longer be processed.

The controller in accordance with Art. 4(7) EU GDPR is Creditreform Boniversum GmbH, Hellersbergstr. 11, 41460 Neuss. Your contact person in our company is Consumer Service, tel.: 02131 36845560, Fax: 02131 36845570, email: selbstauskunft@boniversum.de.

You can reach our data protection officer via the following contact details: Creditreform Boniversum GmbH, data protection officer, Hellersbergstr. 11, 41460 Neuss, email: datenschutz@boniversum.de.

VIII. Newsletter and targeted advertising

Newsletter

On our website and also in our stores and outlets, there is the option to subscribe to a free newsletter. When you subscribe to the newsletter, the data you enter into the sign-up form, or will be sent to us. Where necessary, we will ask for voluntary information in order to personalise the newsletter following confirmation (link in confirmation email, known as the double opt-in procedure). When you sign up for the membercard in our stores and outlets, your "cross" in the checkbox and your signature confirms that you want to receive the newsletter.

Targeted advertising

The personal data collected as part of the order process is used to provide customers with targeted advertising, e.g. product recommendations on the basis of relevant usage behaviour on the website, or the order history. This takes place in the form of postal advertising.

What do we collect this data for?

The user’s email address is collected in order to send the newsletter. Other data (e.g. first name and surname, date of birth and your interests) can be used to adjust the newsletter to your requirements.

For how long is the data saved?

The data is deleted once it is no longer required to achieve the purpose of its collection. The user’s email address will therefore be stored for as long as the newsletter subscription is active.

How can I unsubscribe from the newsletter or object to targeted advertising?

The newsletter subscription can be cancelled at any time by the user. For this purpose, each newsletter contains a relevant link. Users can object to targeted advertising at any time by voicing their objection to the customer service department or the data protection officer or by doing so themselves in their customer account, if they have one

IX. Use of cookies

Our websites use cookies. Cookies are small text files that are stored automatically on your device. This cookie contains a characteristic series of characters, which makes the browser uniquely identifiable when the website is visited again.

What do we collect this data for?

We use cookies on different pages in order to be able to design our website in an attractive way and to enable the use of certain functions to display suitable products or for market research. This helps to guarantee our preponderant legitimate interests in presenting our website as well as possible when we weigh up our interests.

How long are cookies stored for?

Some of the cookies we use are deleted at the end of the browsing session, i.e. when you close your browser (“session cookies”). Other cookies remain on your device, enabling us to recognise your browser upon your next visit (“persistent cookies”) You can see the duration of your storage in the overview of the cookie settings in your web browser.

How can I turn off cookies?

You can configure your browser to notify you when any cookies are placed so that you can decide on a case-by-case basis whether or not you wish to accept them. Alternatively, you can reject cookies for specific cases or in general. This function is described in the help menu of each browser, which explains to you how you can change your cookie settings. Please note, however, that the functionality of our website may be limited if cookies are not accepted.

You can find these settings for the browser in question via the following links:

  • Internet Explorer™: https://support.microsoft.com/en-us/help/17442/windows-internet-explorer-delete-manage-cookies
  • Safari™: https://support.apple.com/kb/ph21411?locale=en_US
  • Chrome™: http://support.google.com/chrome/bin/answer.py?hl=en&hlrm=en&answer=95647
  • Firefox™: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
  • Opera™ : http://help.opera.com/Windows/10.20/en/cookies.html

X. Use of social media plugins as well as “user action pixels”

Social media plugins

Our website uses what are known as social media plugins (“plugins”), which are used in the companies listed below. These services are offered by the respective company (“service providers”).

  • - Facebook™, operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”). The Facebook “like” button is labelled with the Facebook logo, an “F” or the note “Facebook social plugin”. An overview of Facebook plugins and their appearance can be found at: http://developers.facebook.com/docs/plugins.

If you visit a page on our website that features a Facebook plugin, your browser will connect directly to the provider's servers. The content of the plugin is sent directly to your browser by the provider and embedded in the page. The embedding process informs the provider that your browser has accessed the page of our website in question, even if you do not have a profile or are not currently logged in. This information (including your IP address) is sent by your browser directly to one of the provider’s servers in the USA, where it is stored. If you are logged in to one of the servers, the providers can assign the visit to our website to your profile at the relevant provider (e.g. Instagram, Facebook). If you interact with the plugins, e.g. by pressing the “Like”, the “+1”, the “Tweet” or “Instagram” button, the corresponding information is also sent directly to one of the provider’s servers, where it is stored. In addition to this, the information is published on the social network, on your Twitter or Instagram account, where it is visible to your contacts.

What do we collect this data for?

This data is only collected with consent for the purpose of direct marketing. For more information about this, please refer to the provider’s data protection information.

For how long is the data saved?

For information about this, please refer to the provider’s data protection information.

How can I disable the social media plugin?

If you do not want the provider to match the data collected via our website directly to your profile, you must log out of the relevant service before visiting our website. You can also completely prevent plugins from loading via browser add-ons, for example by using the “NoScript” script blocker. You can find details about this here: http://noscript.net/.

Visitor action pixel

On our website, we place the “visitor action pixel”, also known the “custom audience pixel”, made by

Facebook Inc. („Facebook“)
1601 S. California Ave.
Palo Alto, CA 94304, USA

The placement of this pixel will collect information about how you use the website (e.g. information about items/products viewed) in pseudonymised form. The information collected can be used to give you personalised advertising, e.g. on your Facebook account. You can object to the collection of information here.

XI. Use of website analysis and online marketing services

Website analysis services

Google Analytics

This website uses Google Analytics, a web analysis service provided by Google Inc. (www.google.de). Google (Universal) Analytics uses methods to analyse of your use of the website, such as cookies. The information collected automatically about your use of this website is generally transmitted to and stored by Google on servers in the United States. Through the activation of IP anonymisation on this website, your IP address is not previously shortened before transfer within the member states of the European Union or in other co-contracting countries of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the USA and abbreviated there. The anonymised IP address transmitted by your browser as part of the Google Analytics service will generally not be associated with any other Google data.

Google LLC has its headquarters in the USA and is certified under the EU-US Privacy Shield. An up-to-date certificate can be viewed via the following link: https://www.privacyshield.gov/list. Based on this treaty between the USA and the European Commission, the latter has defined a suitable level of data protection for companies certified by the Privacy Shield.

In addition, this website uses the “Visual Website Optimizer” tool, a web analytics service provided by Wingify, to collect and store data, from which usage profiles are created using pseudonyms. In addition, the analysis and feedback tool “Hotjar”, a web analysis service by the providerHotjar Ltd., is used to optimise the website via headmap analyses. “Cookies” may be used for this purpose.

Online marketing services

Google Adwords

We use Google’s conversion tracking process to measure the success of our Google AdWords campaigns. If you access our website via a Google advert, Google will place a cookie on your computer to record the process for statistical purposes.

Google Remarketing

This website uses Google Remarketing to provide customers with website content that is as interesting as possible. Using this technology, it is possible to present customers with further offers within Google’s partner network. Advertising on our partners' sites occurs by placing a cookie and analysing user behaviour. No personal data is stored.

Bing Ads

We use Google’s conversion tracking process to measure the success of our Bing AdWords campaigns. If customers access our website via a Bing advert, a cookie is placed by Microsoft to record the process for statistical purposes.
Microsoft has its headquarters in the USA and is certified under the EU-US Privacy Shield. An up-to-date certificate can be viewed via the following link: https://www.privacyshield.gov/list. Based on this treaty between the USA and the European Commission, the latter has defined a suitable level of data protection for companies certified by the Privacy Shield.

Retargeting

On the website, retargeting technology, e.g. as provided by Criteo, collects and stores anonymised information about the surfing behaviour of website visitors for marketing purposes. Using an algorithm, the technology analyses surfing behaviour and can subsequently display targeted product recommendations as interest-related advertising banners on other websites (“publishers”). In no event this data can be used to personally identify website visitors. No other use or transfer to third parties shall occur.

What do we collect this data for?

The data is collected for the purpose of website and marketing analysis as well as for the improvement and needs-based design of our website.

For how long is the data saved?

In principle, data is deleted as soon as the purpose for its collection has been fulfilled. For more details, please refer to the following providers’ data protection information.
Google: https://policies.google.com/privacy?hl=en Wingify: https://vwo.com/privacy-policy/ Hotjar: https://www.hotjar.com/privacy Microsoft: https://privacy.microsoft.com/en-us/privacystatement Criteo: https://www.criteo.com/en/privacy/

How can I disable website analysis and online marketing services?

You can prevent the installation of cookies by the service providers below by adjusting settings in your browser software. This will place an opt-out cookie on your device. If you delete your cookies, you will have to click the link again. Please note that, in this case, you may potentially be unable to use all the features of our website.

You can object to the collection and storage of data by the following service providers with future effect at any time by using a browser plugin. You can find details about this:
Google: https://tools.google.com/dlpage/gaoptout?hl=en Wingify: https://vwo.com/opt-out/ Hotjar: https://www.hotjar.com/opt-out Google Remarketing: https://adssettings.google.com/authenticated?hl=en Microsoft: https://account.microsoft.com/privacy/ad-settings/signedout?ru=https:%2F%2Faccount.microsoft.com%2Fprivacy%2Fad-settings Criteo: https://www.criteo.com/en/privacy/

XII. Right to information

You have the right to access information about data we have saved about you, as well as a right to rectification, restriction of processing, data portability or deletion of this data.

In the case of questions regarding the collection, processing or use of your personal data, or for information about, corrections, blocking or deletion of data, as well as to retract any consent given or to object to certain use of data, please contact us directly via the contact details listed above. In addition, you have the right to submit a complaint to the data protection authority responsible.

XIII. Consent

You have explicitly granted us the following consent(s) and we have logged your consent. In accordance with the Telemedia Act, we are obligated to keep the content of consent accessible at all times.

Consent to email advertising

  • Tick box in checkout with text: “Subscribe to newsletter (you can unsubscribe at any time)”.
  • Login screen on various pages of the website with text and input field for email address: “Subscribe to our newsletter and we will give you €10. You can unsubscribe any time”.
  • Login screen on newsletter page with text and input field for email address: “Exclusive advantages. You’ll always be the first in the know! Exclusive discounts and offers, non-binding membership free of charge, €10 welcome voucher, invitation to private sales, inspiration for current trends. You can unsubscribe any time”.
  • When you sign up for the membercard in our stores and outlets, your "cross" in the checkbox and your signature confirms that you want to receive the newsletter.

Permission for targeted advertising

  • Tick box in checkout with text: “I have read the Terms and Conditions, Data Privacy Policy and Cancellation Policy and agree that they apply”.

Registration/customer account

  • Tick box in first checkout step – “Go to checkout as guest or become a new customer – If you set up a user account in our shop, you will be guided through the order process more quickly, can save multiple delivery addresses, see your previous orders and much more”.
  • Registration under “My account” – “Become a new customer – If you set up a user account in our shop, you will be guided through the order process more quickly, can save multiple delivery addresses, see your previous orders and much more”.

Credit checks

Tick box in the second checkout step: “Yes, I agree to a credit check in order to be offered a better choice of payment methods (optional)”.

Can I withdraw my consent?

You can revoke your consent at any time with future effect.

Email advertising:

  • Unsubscribe from the newsletter on this page https://www.bugatti-fashion.com/en/Newsletter-Unsubscription/ and each newsletter also includes a link to this page
  • Contact us via email (service.de@bugatti.de or datenschutz@bugatti.de) or telephone (0800 – 2223346 – free of charge from a German landline) to our customer service department, and our employees will take care of the deregistration for you.
  • Membercard owners can unsubscribe from the newsletter via the following link, also at the end of each newsletter there is a link to unsubscribe too.

Targeted advertising:

  • As a customer account holder, you can revoke your consent at any time by logging into your customer account and informing us of your consent under “user account information” via checkout.
  • Alternatively, contact us via email (service.de@bugatti.de or datenschutz@bugatti.de) or telephone (0800 – 2223346 – free of charge from a German landline) to our customer service department, and our employees will take care of the withdrawal for you.

Customer account:

  • Contact us via email (service.de@bugatti.de or datenschutz@bugatti.de) or telephone (0800 – 2223346 – free of charge from a German landline) to our customer service department, and our employees will take care of the deletion for you.

Credit checks:

  • In the event of a guest order, your consent is only valid once for the order process in question.
  • As a customer account holder, you can revoke your consent at any time. Contact us via email (service.de@bugatti.de or datenschutz@bugatti.de) or telephone (0800 – 2223346 – free of charge from a German landline) to our customer service department, and our employees will take care of the withdrawal for you.