Privacy policy

Privacy Policy

With the following privacy policy, we aim to inform you about the types of your personal data (hereinafter also referred to as "data"), the purposes for which it is processed, and the extent to which it is processed. This privacy policy applies to all processing of personal data carried out by us, both within the scope of providing our services and in particular on our websites, in mobile applications, and within external online presences, such as our social media profiles (collectively referred to as "online offer"). The terms used are not gender-specific.

Controller

801 Studios DE
Alexander Rausch
Starenweg 50
40468 Düsseldorf, Germany
Email: info@maisonamora.com
Phone: +491622717944

 

Overview of Processing The following overview summarizes the types of data processed and the purposes of their processing, referring to the affected individuals. Types of Processed Data:

• Inventory data
• Payment data
• Contact data
• Content data
• Contract data
• Usage data
• Meta, communication, and procedural data

Categories of Affected Individuals

• Customers
• Interested parties
• Communication partners
• Users
• Business and contractual partners

Purposes of Processing

• Provision of contractual services and fulfillment of contractual obligations
• Contact requests and communication
• Security measures
• Direct marketing
• Reach measurement
• Office and organizational procedures
• Administration and response to inquiries
• Feedback
• Marketing
• Profiles with user-related information
• Provision of our online offer and user-friendliness
• Information technology infrastructure

Relevant Legal Bases Relevant legal bases under the GDPR: The following provides an overview of the legal bases under the GDPR on which we process personal data. Please note that national data protection regulations in your or our country of residence or domicile may apply in addition to the provisions of the GDPR. If more specific legal bases apply in individual cases, we will inform you in the privacy policy.

• Consent (Art. 6(1)(a) GDPR) - The data subject has given their consent to the processing of their personal data for one or more specific purposes.
• Contract performance and pre-contractual inquiries (Art. 6(1)(b) GDPR) - The processing is necessary for the performance of a contract to which the data subject is a party or to take steps at the request of the data subject prior to entering into a contract.
• Legal obligation (Art. 6(1)(c) GDPR) - The processing is necessary for compliance with a legal obligation to which the controller is subject.
• Legitimate interests (Art. 6(1)(f) GDPR) - The processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data.

National data protection regulations in Germany: In addition to the GDPR's data protection regulations, national data protection regulations apply in Germany. This includes, in particular, the Federal Data Protection Act (BDSG). The BDSG contains special provisions regarding the right to access, the right to deletion, the right to object, the processing of special categories of personal data, processing for other purposes, and transmission and automated decision-making in individual cases, including profiling. Additionally, the data protection laws of individual federal states may apply.

Note on GDPR and Swiss Data Protection Act: These data protection notices are intended to inform both under the Swiss Federal Data Protection Act (Swiss DPA) and the General Data Protection Regulation (GDPR). Therefore, we use the terms of the GDPR due to their broader scope and comprehensibility. However, the legal meaning of the terms will still be determined by the Swiss DPA within its scope of application.

Security Measures We take appropriate technical and organizational measures, considering the state of the art, implementation costs, and the nature, scope, circumstances, and purposes of the processing, as well as the varying probabilities of occurrence and severity of the risk to the rights and freedoms of natural persons, to ensure a level of security appropriate to the risk.

The measures include, in particular, securing the confidentiality, integrity, and availability of data by controlling physical and electronic access to the data, as well as access to, input, transfer, ensuring availability, and separation of data. Furthermore, we have set up procedures to ensure the exercise of data subject rights, data deletion, and responses to data threats. Additionally, we consider the protection of personal data during the development or selection of hardware, software, and procedures according to the principle of data protection through technology design and through privacy-friendly default settings.

Transmission of Personal Data In the course of our processing of personal data, it may happen that the data is transmitted to other bodies, companies, legally independent organizational units, or persons or disclosed to them. Recipients of this data may include IT service providers or providers of services and content that are integrated into a website. In such cases, we comply with the legal requirements and conclude corresponding contracts or agreements to protect your data with the recipients of your data.

Data transfer within the organization: We may transfer personal data to other entities within our organization or grant them access to this data. If this transfer is for administrative purposes, it is based on our legitimate business and business interests or is necessary to fulfill our contractual obligations or if consent is given by the data subjects or legal permission is present.

Rights of Data Subjects Data subject rights under the GDPR: As a data subject, you have various rights under the GDPR, which arise, in particular, from Articles 15 to 21 GDPR:

• Right to object: You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you, which is based on Article 6(1)(e) or (f) GDPR, including profiling based on those provisions. If your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for such marketing, including profiling to the extent that it is related to such direct marketing.
• Right to withdraw consent: You have the right to withdraw your consent at any time.
• Right of access: You have the right to obtain confirmation as to whether personal data concerning you is being processed and, if so, access to the personal data and additional information and a copy of the data in accordance with the legal requirements.
• Right to rectification: You have the right to request the completion or correction of inaccurate personal data concerning you, in accordance with the legal requirements.
• Right to erasure and restriction of processing: You have the right to request that personal data concerning you be erased without undue delay, or alternatively, in accordance with the legal requirements, to request a restriction of the processing of the data.
• Right to data portability: You have the right to receive personal data concerning you, which you have provided to us, in a structured, commonly used, and machine-readable format, or to request its transmission to another controller, in accordance with the legal requirements.
• Right to lodge a complaint with a supervisory authority: You have the right to lodge a complaint with a supervisory authority, in particular in the member state of your habitual residence, place of work, or place of the alleged infringement, if you consider that the processing of personal data concerning you violates the GDPR.

Use of Cookies Cookies are small text files or other storage notes that store information on end devices and read information from the end devices. For example, to save the login status in a user account, a shopping cart content in an e-shop, the called-up content, or used functions of an online offer. Cookies can also be used for various purposes, such as the functionality, security, and comfort of online offers, as well as the creation of analyses of visitor flows.

Notes on consent: We use cookies in accordance with legal requirements. Therefore, we obtain prior consent from users, except when it is not legally required. Consent is not necessary in particular if the storage and reading of the information, thus also cookies, is absolutely necessary to provide the users with a telemedia service (i.e., our online offer) expressly requested by them. The absolutely necessary cookies usually include cookies with functions related to the display and operability of the online offer, load balancing, security, storage of user preferences and choices, or similar purposes related to providing the main and ancillary functions of the online offer requested by the users. The revocable consent is clearly communicated to the users and contains information on the respective cookie usage.

Notes on legal bases: The legal basis on which we process personal data of users using cookies depends on whether we ask users for consent. If users consent, the legal basis for processing their data is the declared consent. Otherwise, the data processed using cookies is based on our legitimate interests (e.g., in the business operation of our online offer and its improvement) or if it is necessary to fulfill our contractual obligations if the use of cookies is required for this purpose. We clarify the purposes for which the cookies are processed as part of this privacy policy or within our consent and processing procedures.

Storage duration: Regarding the storage duration, the following types of cookies are distinguished:

• Temporary cookies (also: session or session cookies): Temporary cookies are deleted at the latest after a user has left an online offer and closed their end device (e.g., browser or mobile application).
• Permanent cookies: Permanent cookies remain stored even after the end device is closed. For example, the login status can be saved, or preferred content can be displayed directly when the user visits a website again. Similarly, the data collected with the help of cookies from users can be used for reach measurement. Unless we provide users with explicit information on the type and storage duration of cookies (e.g., as part of obtaining consent), users should assume that cookies are permanent and that the storage duration can be up to two years.