Privacy Policy
We appreciate your visit to our website and your interest in our company. The protection of your data is of utmost importance to us. With the following privacy policy, we would like to inform you about the purposes and extent to which we collect and process your personal data when you use our website, and how we protect your privacy when you provide us with your data.
Responsibility
Dermaroller GmbH (Wilhelm-Mast-Straße 8, 38304 Wolfenbüttel, Tel.: +49 (0)5331 7108480, Fax: +49 (0)5331 710 8489, E-Mail: [email protected]) is the operator of this website and, as the responsible body within the meaning of Art. 4 (7) GDPR, is responsible for compliance with the applicable data protection regulations.
We store and process our users’ personal data in compliance with the relevant regulations, in particular the General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG), and the Act on Data Protection and the Protection of Privacy in Telecommunications and Telemedia (TTDSG), as amended from time to time. All personal data is collected only for specified, explicit, and legitimate purposes and is retained no longer than necessary.
We store and process our users’ personal data in compliance with the relevant regulations, in particular the General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG), and the Act on Data Protection and the Protection of Privacy in Telecommunications and Telemedia (TTDSG), as amended from time to time. All personal data is collected only for specified, explicit, and legitimate purposes and is retained no longer than necessary.
Personal data
Personal data are individual details about the personal or factual circumstances of an identified or identifiable natural person (e.g. name, date of birth and contact details).
Websites
As soon as you visit our website, our web servers temporarily save each access in a log file. The following data may be recorded and stored until automatically deleted: IP address, date and time of access, data volumes transferred, notifications about the success of the website retrieval, identification data of the browser and operating system used, the website from which access is made, and the IP address of your internet access provider. This data is processed for the purpose of enabling the use of the website, system security, the technical administration of the network infrastructure, and the optimization of the internet offering. This is to be regarded as a legitimate interest pursuant to Art. 6 (1) ( f) GDPR.
Other data collection
We collect, store and process your personal data (e.g. first name, last name, address, email address, telephone number) if a business relationship exists or is to be established, e.g. within the framework of a subscription or an order, as well as for the content and modification of the business relationship. We also use your personal data if you have provided it to us for registration on our website and have consented to the processing of your personal data. We also collect, store and process your personal data if you contact us via contact form, customer portal, job portal, blog function, telephone, fax or by sending an email, insofar as this is necessary to process your inquiries and correspondence. The personal data we collect will be deleted immediately as soon as it is no longer required for this purpose, unless there are statutory retention periods.
Webshop
If you intend to place an order in our online shop, you will be required to provide some personal data in order to conclude the contract or process your order. If you order as a guest, we will only request the data required for this purpose . Accordingly, we process your provided personal data in accordance with Art. 6 (1) ( b) GDPR to process your order. For this purpose, your payment details may be passed on to our bank. Furthermore, we may process the data you provide to send you an order confirmation or technical information by email.
You also have the option of voluntarily creating a customer account. This means that your personal data will be stored long-term for future purchases with us. For the corresponding data storage in a customer account, we obtain your consent as part of the registration process. The legal basis for data processing is therefore Art. 6 (1) ( a ) GDPR. The personal data will not be used for other purposes. You have the option of deleting the customer account yourself at any time via user management or revoking your consent by sending an email to [email protected]. In both cases, your customer account will be deleted with effect for the future. The deletion does not affect the personal data for which statutory retention periods apply due to the processing of placed orders.
To prevent unauthorized access by third parties, the ordering process is TLS encrypted.
Due to commercial and tax law requirements, we are obliged to store your address, payment and order data for a period of ten years.
You also have the option of voluntarily creating a customer account. This means that your personal data will be stored long-term for future purchases with us. For the corresponding data storage in a customer account, we obtain your consent as part of the registration process. The legal basis for data processing is therefore Art. 6 (1) ( a ) GDPR. The personal data will not be used for other purposes. You have the option of deleting the customer account yourself at any time via user management or revoking your consent by sending an email to [email protected]. In both cases, your customer account will be deleted with effect for the future. The deletion does not affect the personal data for which statutory retention periods apply due to the processing of placed orders.
To prevent unauthorized access by third parties, the ordering process is TLS encrypted.
Due to commercial and tax law requirements, we are obliged to store your address, payment and order data for a period of ten years.
Customer portal
If you wish to use our customer portal (e.g. to store your payment details), you must register with your email address, a password of your choice, and a user name. You can use your real name or a pseudonym for the user name. There is therefore no obligation to use your real name. We use the double opt -in process for registration. This means that your registration will only be complete once you have confirmed your registration via a confirmation email sent to you for this purpose and by clicking on the link contained therein. If we do not receive this confirmation within 24 hours, your registration will be automatically deleted from our database. When registering, the fields marked with an asterisk are mandatory (name, address, email, telephone number). All further information is voluntary.
When you use the portal, we store the data required to fulfill the contract until you permanently delete your access. In addition, we store the personal data you voluntarily provide for the duration of your use of the portal, unless you have previously deleted it. You can manage and edit all personal data you provide in the secure customer area. The legal basis for data processing is Art. 6 (1) ( f) GDPR.
To ensure data security and prevent unauthorized access to your personal data by third parties, the connection is encrypted using https.
When you use the portal, we store the data required to fulfill the contract until you permanently delete your access. In addition, we store the personal data you voluntarily provide for the duration of your use of the portal, unless you have previously deleted it. You can manage and edit all personal data you provide in the secure customer area. The legal basis for data processing is Art. 6 (1) ( f) GDPR.
To ensure data security and prevent unauthorized access to your personal data by third parties, the connection is encrypted using https.
Blog
Our blog contains various articles on topics related to our activities. As a visitor, you have the opportunity to post public comments. When published, the comment will be displayed with the name you provided. We recommend using a pseudonym for this. Your username and email address are required for our blog function. Any further information is voluntary. Providing your email address is necessary because we need to contact you if a third party objects to your comments as being unlawful. The legality of this data processing is based on Article 6 (1) ( b) and (f) GDPR.
Contact form
If you use our contact form and send us an inquiry, the information you provide, as well as the contact details you provide, will be stored by us for the purpose of processing your inquiry and for any follow-up questions. This data will not be shared without your consent.
The legal basis for processing the data provided in the contact form is your consent (Art. 6 (1 ) (a) GDPR), which you gave by checking the box in the contact form. You can revoke this consent at any time without giving reasons by sending a message to the above address or electronically (e.g., by email). The legality of the data processing carried out up to the time of revocation remains unaffected by the revocation.
The data provided in the contact form will be retained by us until you request deletion, until we receive your revocation, or until the purpose for storing the data no longer applies (e.g., once your inquiry has been processed). This is without prejudice to statutory provisions, including retention periods.
The legal basis for processing the data provided in the contact form is your consent (Art. 6 (1 ) (a) GDPR), which you gave by checking the box in the contact form. You can revoke this consent at any time without giving reasons by sending a message to the above address or electronically (e.g., by email). The legality of the data processing carried out up to the time of revocation remains unaffected by the revocation.
The data provided in the contact form will be retained by us until you request deletion, until we receive your revocation, or until the purpose for storing the data no longer applies (e.g., once your inquiry has been processed). This is without prejudice to statutory provisions, including retention periods.
Job portal
When applying, the following information is required (first name, last name, email address, telephone number, address, date of birth, desired salary, and earliest possible start date). Any additional information is voluntary.
By applying via our applicant portal, you provide us with your above-mentioned personal data as well as all other data disclosed by you during the application process for the purpose of conducting the application process. The legal basis for data processing for the purpose of the employment relationship is generally Art. 6 (1 ) (b) GDPR, Art. 88 GDPR in conjunction with Section 26 BDSG (German Federal Data Protection Act). We may also process your personal data if you have given your express consent. This applies, for example, to the longer storage of your application documents and to contact you about interesting job offers, as well as, if necessary, to the processing of special categories of personal data.
If you have applied but received a rejection, your information will be stored for 6 months after the application process has been completed and then anonymized (profile and application). You can withdraw your application/documents and have them deleted at any time. If you have applied but we are unable to offer you a suitable position at this time, your application will be assigned to a talent pool, provided you have given us your consent to do so.
The data may be processed for statistical purposes (e.g., reporting). However, this does not allow any conclusions to be drawn about individual persons.
It is also possible that your data will be made available to authorized Dermaroller GmbH employees on the portal as part of the application process. Within our company, only authorized employees from the human resources department of Dermaroller GmbH and relevant managers from the relevant departments have access to your application data. Access is limited to use within the scope of the personnel selection process. Your data will only be shared with authorized employees of our affiliated companies if you have applied for a position at the relevant company. Your data will not be used for other purposes without your express consent.
To ensure data security and prevent unauthorized access to your personal data by third parties, the connection is encrypted using https.
By applying via our applicant portal, you provide us with your above-mentioned personal data as well as all other data disclosed by you during the application process for the purpose of conducting the application process. The legal basis for data processing for the purpose of the employment relationship is generally Art. 6 (1 ) (b) GDPR, Art. 88 GDPR in conjunction with Section 26 BDSG (German Federal Data Protection Act). We may also process your personal data if you have given your express consent. This applies, for example, to the longer storage of your application documents and to contact you about interesting job offers, as well as, if necessary, to the processing of special categories of personal data.
If you have applied but received a rejection, your information will be stored for 6 months after the application process has been completed and then anonymized (profile and application). You can withdraw your application/documents and have them deleted at any time. If you have applied but we are unable to offer you a suitable position at this time, your application will be assigned to a talent pool, provided you have given us your consent to do so.
The data may be processed for statistical purposes (e.g., reporting). However, this does not allow any conclusions to be drawn about individual persons.
It is also possible that your data will be made available to authorized Dermaroller GmbH employees on the portal as part of the application process. Within our company, only authorized employees from the human resources department of Dermaroller GmbH and relevant managers from the relevant departments have access to your application data. Access is limited to use within the scope of the personnel selection process. Your data will only be shared with authorized employees of our affiliated companies if you have applied for a position at the relevant company. Your data will not be used for other purposes without your express consent.
To ensure data security and prevent unauthorized access to your personal data by third parties, the connection is encrypted using https.
Transfer of data
We use your personal data within Dermaroller GmbH and our affiliated companies, mi.to.pharm GmbH and i-mi.to.service GmbH. These companies, as well as our external service providers who process data on our behalf, are contractually obligated, as defined in Art. 28 GDPR, to treat your personal data in accordance with applicable regulations. To the extent that these companies come into contact with your personal data, we have implemented legal, technical, and organizational measures, as well as regular checks, to ensure that they comply with the provisions of data protection laws.
If you find links from other responsible parties on our website (e.g. to the websites of our affiliated companies) and click on the link, you are using the website directly with the respective responsible party, so our data protection provisions do not apply to this website.
As a general rule, we do not transfer your personal data to a third country or to an international organization outside the European Economic Area (EEA). Should we do so in individual cases, this will only occur to third countries for which an adequacy decision has been issued by the European Commission or for which an adequate level of data protection has been ensured through suitable or appropriate safeguards (e.g., Binding Corporate Rules or EU standard contractual clauses).
We reserve the right to transmit your personal data to authorized bodies if we are required to do so by law or by court order.
As a general rule, your personal data will not be passed on to any other third parties.
If you find links from other responsible parties on our website (e.g. to the websites of our affiliated companies) and click on the link, you are using the website directly with the respective responsible party, so our data protection provisions do not apply to this website.
As a general rule, we do not transfer your personal data to a third country or to an international organization outside the European Economic Area (EEA). Should we do so in individual cases, this will only occur to third countries for which an adequacy decision has been issued by the European Commission or for which an adequate level of data protection has been ensured through suitable or appropriate safeguards (e.g., Binding Corporate Rules or EU standard contractual clauses).
We reserve the right to transmit your personal data to authorized bodies if we are required to do so by law or by court order.
As a general rule, your personal data will not be passed on to any other third parties.
Cookies
On our websites, various information is stored in so-called cookies. These serve to make the application more user-friendly and the internet more effective overall. Furthermore, the data stored in a cookie eliminates the need to repeatedly fill out forms. The cookies we use are temporary and are deleted regularly.
You can independently manage the acceptance of cookies from our websites in your browser and block them if necessary. You can also delete cookies that have already been set at any time. You can also find out about the option to deactivate cookies in the settings of your selected browser. If you do not accept cookies, this may lead to restrictions in the use of our websites in individual cases. Please note that after deleting your cookies, you may also have to reactivate any opt -out cookies that have been set.
We recommend that you manually delete cookies and browser history regularly.
We differentiate between technically necessary cookies and static and marketing cookies. Technically necessary cookies are those that technically enable website use. Non-technically necessary cookies are all cookies used for marketing and statistical purposes. Dermaroller GmbH uses Cookiebot for this purpose.
Consent to data processing using cookies is voluntary and can be revoked or modified at any time on the homepage under the " Cookies " button at the bottom of the page. Within the framework of the cookie layer, you provide your consent in a bundled manner in accordance with Art. 6 (1) (a ) GDPR and Section 25 (1) TTDSG.
Your consent applies to the following domains:
www.dermaroller.com
https://jobs.mi-to-pharm.com
Necessary cookies:
You can independently manage the acceptance of cookies from our websites in your browser and block them if necessary. You can also delete cookies that have already been set at any time. You can also find out about the option to deactivate cookies in the settings of your selected browser. If you do not accept cookies, this may lead to restrictions in the use of our websites in individual cases. Please note that after deleting your cookies, you may also have to reactivate any opt -out cookies that have been set.
We recommend that you manually delete cookies and browser history regularly.
We differentiate between technically necessary cookies and static and marketing cookies. Technically necessary cookies are those that technically enable website use. Non-technically necessary cookies are all cookies used for marketing and statistical purposes. Dermaroller GmbH uses Cookiebot for this purpose.
Consent to data processing using cookies is voluntary and can be revoked or modified at any time on the homepage under the " Cookies " button at the bottom of the page. Within the framework of the cookie layer, you provide your consent in a bundled manner in accordance with Art. 6 (1) (a ) GDPR and Section 25 (1) TTDSG.
Your consent applies to the following domains:
www.dermaroller.com
https://jobs.mi-to-pharm.com
Necessary cookies:
Google Web Fonts
Our website uses so-called web fonts provided by Google to ensure consistent font display. We use the so-called "offline mode" for this. The required fonts were previously downloaded from Google’s servers and stored locally on the web server. Therefore, the IP address is not transmitted to Google.
We use Google Web Fonts in the interest of ensuring a consistent and appealing presentation of our online offerings. This is a legitimate interest within the meaning of Art. 6 (1) ( f) GDPR.
If your browser does not support web fonts, a standard font from your computer will be used.
Further information about Google Web Fonts can be found at https://developers.google.com/fonts/faq and in Google’s privacy policy: https://www.google.com/policies/privacy/.
We use Google Web Fonts in the interest of ensuring a consistent and appealing presentation of our online offerings. This is a legitimate interest within the meaning of Art. 6 (1) ( f) GDPR.
If your browser does not support web fonts, a standard font from your computer will be used.
Further information about Google Web Fonts can be found at https://developers.google.com/fonts/faq and in Google’s privacy policy: https://www.google.com/policies/privacy/.
Analysis of the websites
To optimize the content and offerings of our websites and to collect statistical evaluations, various technical programs are used that record data on website user behavior, even in an anonymized form. For this purpose, data on click behavior, visit duration, system settings, and user origin are collected using analysis software cookies in the form of text files. Cookies are stored on your computer for these evaluations. This collected data may be stored on the servers of the operators of the analysis tools. The collected data is not used to personally identify the user and is not merged with other personal data of the user.
You can prevent the installation of cookies by selecting the appropriate settings in your browser. However, please note that if you do this, you may not be able to use all the functions of this website to their full extent. In the following section, we will outline the analysis tools we use in detail.
The following analysis tools are used on our websites for this purpose:
You can prevent the installation of cookies by selecting the appropriate settings in your browser. However, please note that if you do this, you may not be able to use all the functions of this website to their full extent. In the following section, we will outline the analysis tools we use in detail.
The following analysis tools are used on our websites for this purpose:
Google Analytics
If you have given your consent in the cookie notice, GA4 is used on our website. This is a web analytics service provided by Google Inc. The legal basis for the use of GA4 is therefore your consent in accordance with Art. 6 (1) ( a ) GDPR and Section 25 (1) TTDSG.
GA4 uses cookies, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of the website is typically transferred to a Google server in the United States and stored there.
The Universal Analytics GA4 operating mode is used. This makes it possible to assign data, sessions, and interactions across multiple devices to a pseudonymous user ID, thus analyzing a user’s activities across devices. You can deactivate cross-device analysis of your usage in your customer account under "My Data," "Personal Data."
We also use Google’s remarketing feature. This creates so-called remarketing audiences based on user behavior on our website and then uses them as the basis for remarketing campaigns in other accounts, such as Google Ads and Display & Video 360. If your behavior matches the criteria we previously defined, the corresponding cookie or your device’s advertising ID is added to the corresponding audience. When you later visit other websites in the Google Display Network or use Google Search, you may be presented with one of our remarketing ads.
Our website uses GA4 with the extension "_ anonymizeIp ". This means that IP addresses are processed in a shortened form, thus preventing any personal reference. If the data collected about you is personally identifiable, this is immediately excluded and the personal data is deleted immediately. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
On our behalf, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide us with other services relating to website activity and internet usage.
The data described above will be automatically deleted after 14 months. Data whose retention period has been reached will be automatically deleted once a month.
If you do not wish to be tracked by GA4, you can configure this in the cookie layer. You can also prevent Google Analytics from collecting your data by clicking the following link. This will set an opt -out cookie that prevents the collection of your data on future visits to our website: Deactivate GA4.
Further information about this web analysis tool can be found at: https://www.google.de/policies/privacy/partners/ and in Google’s privacy policy at http://www.google.de/intl/de/policies/privacy
GA4 uses cookies, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of the website is typically transferred to a Google server in the United States and stored there.
The Universal Analytics GA4 operating mode is used. This makes it possible to assign data, sessions, and interactions across multiple devices to a pseudonymous user ID, thus analyzing a user’s activities across devices. You can deactivate cross-device analysis of your usage in your customer account under "My Data," "Personal Data."
We also use Google’s remarketing feature. This creates so-called remarketing audiences based on user behavior on our website and then uses them as the basis for remarketing campaigns in other accounts, such as Google Ads and Display & Video 360. If your behavior matches the criteria we previously defined, the corresponding cookie or your device’s advertising ID is added to the corresponding audience. When you later visit other websites in the Google Display Network or use Google Search, you may be presented with one of our remarketing ads.
Our website uses GA4 with the extension "_ anonymizeIp ". This means that IP addresses are processed in a shortened form, thus preventing any personal reference. If the data collected about you is personally identifiable, this is immediately excluded and the personal data is deleted immediately. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
On our behalf, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide us with other services relating to website activity and internet usage.
The data described above will be automatically deleted after 14 months. Data whose retention period has been reached will be automatically deleted once a month.
If you do not wish to be tracked by GA4, you can configure this in the cookie layer. You can also prevent Google Analytics from collecting your data by clicking the following link. This will set an opt -out cookie that prevents the collection of your data on future visits to our website: Deactivate GA4.
Further information about this web analysis tool can be found at: https://www.google.de/policies/privacy/partners/ and in Google’s privacy policy at http://www.google.de/intl/de/policies/privacy
OptiMonk
If you have given your consent for this within the framework of the cookie notice, we use OptiMonk on our website . The legal basis for data processing is therefore Art. 6 (1 ) (a) GDPR and Section 25 (1) TTDSG. OptiMonk is a service provided by OptiMonk International Zrt ., 4028 Debrecen, Kassai út 129, Hungary. We use OptiMonk for marketing purposes on our website, e.g. for displaying pop-ups with user-oriented content and analyzing user behavior on our website. For this purpose, OptiMonk reads various personal data, such as the IP address, location data, length of stay as well as device and system information. If you do not wish this data processing, you can refuse your consent or revoke it at any time via the cookie notice.
Google Tag Manager
If you have given your consent for this as part of the cookie notice, we use Google Tag Manager on our website. The legal basis for data processing is therefore Art. 6 (1) ( a) GDPR and Section 25 (1) TTDSG (German Telemedia Act). With Google Tag Manager, marketers can manage website tags via an interface. The Tag Manager tool does not use cookies itself. However, the tool triggers other tags, which in turn may collect data. Google Tag Manager does not access this data. However, when you call up Google Tag Manager, the IP address and browser fingerprint are transmitted to Google. This means that data is transmitted to the USA.
If you have deactivated cookies, this setting will also remain in effect for all tracking tags within Google Tag Manager. Further information on the terms of use for Google Tag Manager can be found in Googles privacy policy: https://policies.google.com/.
If you have deactivated cookies, this setting will also remain in effect for all tracking tags within Google Tag Manager. Further information on the terms of use for Google Tag Manager can be found in Googles privacy policy: https://policies.google.com/.
Meta pixel
If you have given us your consent via a cookie notice, we use meta pixels on our website. This is a meta Platforms , Inc., 1601 Willow Road, Menlo Park, California 94025, United States. Further general information about meta pixels can be found at the following link: https://www.facebook.com/business/learn/facebook-ads-pixel. Cookies are set when meta pixels are used on our website. The legal basis for data processing is your consent in accordance with Art. 6 (1 ) (a) GDPR and Section 25 (1) TTDSG.
During the analysis, the behavior of visitors to our website who came to our website via a Facebook ad is analyzed using an implemented code. This process is used by us and Meta to improve advertisements, as well as to compile statistics and for market research purposes. In addition to the personal data collected by Meta pixels, the personal data and order information you entered when creating your account are also collected and stored in an anonymized form by Meta.
If you have a Facebook account and are logged in while visiting our website, your visit to our page will be associated with your Facebook account. Your visit to our website will be forwarded to Meta through the use of meta pixels in order to deliver relevant ads to you on and off Facebook.
If you do not wish this data processing, you can refuse your consent or revoke it at any time via the cookie notice.
If you are logged in to Facebook, you can change your ad settings in Facebook at the following link: https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. More information about Meta’s data processing can be found at the following link: https://www.facebook.com/policy.php.
During the analysis, the behavior of visitors to our website who came to our website via a Facebook ad is analyzed using an implemented code. This process is used by us and Meta to improve advertisements, as well as to compile statistics and for market research purposes. In addition to the personal data collected by Meta pixels, the personal data and order information you entered when creating your account are also collected and stored in an anonymized form by Meta.
If you have a Facebook account and are logged in while visiting our website, your visit to our page will be associated with your Facebook account. Your visit to our website will be forwarded to Meta through the use of meta pixels in order to deliver relevant ads to you on and off Facebook.
If you do not wish this data processing, you can refuse your consent or revoke it at any time via the cookie notice.
If you are logged in to Facebook, you can change your ad settings in Facebook at the following link: https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. More information about Meta’s data processing can be found at the following link: https://www.facebook.com/policy.php.
TikTok Pixel
If you have given us your consent to do so within the framework of the cookie layer, we use TikTok Pixel on our website. TikTok Pixel is a conversion tracking tool for advertisers. Cookies are set when TikTok Pixel is used on our website. The legal basis for data processing in this case is Art. 6 (1 ) (a) GDPR and Section 25 (1) TTDSG.
TikTok Pixel is operated by TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland. Further general information about TikTok Pixel can be found under the following link: https://ads.tiktok.com/help/article/tiktok-pixel?lang=en. TikTok is a video portal operated by the Chinese company ByteDance . As part of ByteDance’s corporate structure , personal data may be transferred to and stored in third countries such as the USA or China. The use of the TikTok Pixel enables the evaluation of details about ad clicks or events on TikTok, the identification of the time of actions on the website, the determination of the geographic location, the collection of information about the user’s device and browser, the collection of page metadata, microdata, page performance data and details about button clicks. For these purposes, we receive access to the following data: ad/event information, timestamp, IP address, user agent, metadata & button clicks. The purpose and scope of data collection as well as the further processing and use of data by TikTok can be found in TikTok’s data policy: https://www.tiktok.com/legal/page/eea/privacy-policy/en-US.
TikTok Pixel is operated by TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland. Further general information about TikTok Pixel can be found under the following link: https://ads.tiktok.com/help/article/tiktok-pixel?lang=en. TikTok is a video portal operated by the Chinese company ByteDance . As part of ByteDance’s corporate structure , personal data may be transferred to and stored in third countries such as the USA or China. The use of the TikTok Pixel enables the evaluation of details about ad clicks or events on TikTok, the identification of the time of actions on the website, the determination of the geographic location, the collection of information about the user’s device and browser, the collection of page metadata, microdata, page performance data and details about button clicks. For these purposes, we receive access to the following data: ad/event information, timestamp, IP address, user agent, metadata & button clicks. The purpose and scope of data collection as well as the further processing and use of data by TikTok can be found in TikTok’s data policy: https://www.tiktok.com/legal/page/eea/privacy-policy/en-US.
YouTube
If you have given your consent in the cookie notice, YouTube will be used on our website. The legal basis for the use of YouTube and the associated data processing is therefore your consent in accordance with Art. 6 (1 ) (a) GDPR and Section 25 (1) TTDSG.
The YouTube plug-ins on our websites are operated by YouTube, LLC., 901 Cherry Ave., San Bruno, CA 94066 USA. The YouTube plug-ins are identified by the YouTube logo. Different data protection regulations apply in the USA, so that US authorities, for example, have more access to personal data. As soon as you use such a plug-in, your browser establishes direct contact with YouTube, so that your information is transmitted directly to a YouTube server. If you are logged in to YouTube at the same time as visiting our websites, YouTube can directly associate your visit with your account. When you submit a comment or click the “YouTube button,” this information is also transmitted to a YouTube server and stored there in the USA. In addition, your YouTube interactions are published directly on YouTube and may therefore be visible to third parties. If you do not wish to have such interaction, you must log out of YouTube before visiting our website and also prevent the YouTube plug-in from loading on our site by using a script blocker. Furthermore, you can refuse or subsequently revoke your consent to data processing within the framework of the cookie layer.
The purpose and scope of data collection as well as the further processing and use of the data can be found in YouTube’s data policy: https://www.google.de/intl/de/policies/privacy/.
The YouTube plug-ins on our websites are operated by YouTube, LLC., 901 Cherry Ave., San Bruno, CA 94066 USA. The YouTube plug-ins are identified by the YouTube logo. Different data protection regulations apply in the USA, so that US authorities, for example, have more access to personal data. As soon as you use such a plug-in, your browser establishes direct contact with YouTube, so that your information is transmitted directly to a YouTube server. If you are logged in to YouTube at the same time as visiting our websites, YouTube can directly associate your visit with your account. When you submit a comment or click the “YouTube button,” this information is also transmitted to a YouTube server and stored there in the USA. In addition, your YouTube interactions are published directly on YouTube and may therefore be visible to third parties. If you do not wish to have such interaction, you must log out of YouTube before visiting our website and also prevent the YouTube plug-in from loading on our site by using a script blocker. Furthermore, you can refuse or subsequently revoke your consent to data processing within the framework of the cookie layer.
The purpose and scope of data collection as well as the further processing and use of the data can be found in YouTube’s data policy: https://www.google.de/intl/de/policies/privacy/.
Google Maps
If you have given your consent in the cookie notice, we use Google Maps API, a service of Google Inc., for the visual display of geographical information. The legal basis for data processing within the framework of Google Maps API is therefore your consent in accordance with Art. 6 (1) ( a) GDPR and Section 25 (1) TTDSG.
The information generated by the Google Maps API is generally transferred to a Google server in the USA and stored there. Google may transfer the data obtained through the use of Google Maps to third parties if such third parties process the data on Google’s behalf or if this is permitted or required by law. The IP address transmitted by your browser when you use Google Maps will not be merged with other Google data. Nevertheless, it would be technically possible for Google to process the data received for other purposes or to identify individual users without Dermaroller GmbH having or being able to influence this. For these reasons, the use of Google Maps is to be considered problematic under data protection law.
However, you have the option to prevent data transfer to Google by deactivating the Google Maps service by disabling JavaScript in your browser. You can also refuse your consent at any time within the cookie layer or revoke your previously given consent. In these cases, however, you will not be able to use the map display.
Company : GOOGLE INC.,1600 Amphitheater Parkway, Mountain View, CA 94043, USA
For more information about the terms of use for Google Maps, please visit: http://www.google.com/intl/de_de/help/terms_maps.html and Google’s privacy policy: http://www.google.de/intl/de/privacy/
The information generated by the Google Maps API is generally transferred to a Google server in the USA and stored there. Google may transfer the data obtained through the use of Google Maps to third parties if such third parties process the data on Google’s behalf or if this is permitted or required by law. The IP address transmitted by your browser when you use Google Maps will not be merged with other Google data. Nevertheless, it would be technically possible for Google to process the data received for other purposes or to identify individual users without Dermaroller GmbH having or being able to influence this. For these reasons, the use of Google Maps is to be considered problematic under data protection law.
However, you have the option to prevent data transfer to Google by deactivating the Google Maps service by disabling JavaScript in your browser. You can also refuse your consent at any time within the cookie layer or revoke your previously given consent. In these cases, however, you will not be able to use the map display.
Company : GOOGLE INC.,1600 Amphitheater Parkway, Mountain View, CA 94043, USA
For more information about the terms of use for Google Maps, please visit: http://www.google.com/intl/de_de/help/terms_maps.html and Google’s privacy policy: http://www.google.de/intl/de/privacy/
PayPal
We work with PayPal to process orders. Within this partnership, your personal data will be transferred to PayPal.
PayPal (Europe) S.à rl . et Cie , SCA is located at 22-24 Boulevard Royal, L-2449 Luxembourg. Your personal data will be shared with PayPal solely for the purpose of processing your online order. Further information on PayPal’s privacy policy can be found at: https://www.paypal.com/de/cgi-bin/marketingweb?cmd=p/gen/ua/policy_privacy-outside.
PayPal (Europe) S.à rl . et Cie , SCA is located at 22-24 Boulevard Royal, L-2449 Luxembourg. Your personal data will be shared with PayPal solely for the purpose of processing your online order. Further information on PayPal’s privacy policy can be found at: https://www.paypal.com/de/cgi-bin/marketingweb?cmd=p/gen/ua/policy_privacy-outside.
Stripe
We work with Stripe to process orders. Within this partnership, your personal data will be transferred to Stripe, Inc.
Stripe, Inc. is located at 510 Townsend St., San Francisco, CA 94103. Your personal data will be shared with Stripe solely for the purpose of processing your online order. Since the provider is based in the USA, your personal data may be transferred to the USA. We therefore recommend using an alternative payment method. Further information on Stripe’s privacy policy can be found at: https://stripe.com/de/privacy?allow-unsupported-browser=true
Stripe, Inc. is located at 510 Townsend St., San Francisco, CA 94103. Your personal data will be shared with Stripe solely for the purpose of processing your online order. Since the provider is based in the USA, your personal data may be transferred to the USA. We therefore recommend using an alternative payment method. Further information on Stripe’s privacy policy can be found at: https://stripe.com/de/privacy?allow-unsupported-browser=true
Data security
To protect the data you transmit from unauthorized access and misuse by third parties, we have implemented extensive technical and organizational security measures. These measures meet the stringent legal requirements of national regulations and are continually updated to reflect the latest state of the art.
Rights of those affected
To protect the data you transmit from unauthorized access and misuse by third parties, we have implemented extensive technical and organizational security measures. These measures meet the stringent legal requirements of national regulations and are continually updated to reflect the latest state of the art.
• Right to information,
• Right to rectification or erasure,
• Right to restriction of processing,
• Right to object to processing pursuant to Art. 21 GDPR,
• Right to data portability.
If you have given us your consent to use your personal data, you can revoke this consent at any time. Please contact us by email at [email protected]. Alternatively, please let us know your request by mail or fax.
Furthermore, you have the right to lodge a complaint about our processing of your personal data with a data protection supervisory authority. The data protection supervisory authority responsible for us is the "State Commissioner for Data Protection of Lower Saxony, Prinzenstraße 5, 30159 Hanover."
• Right to information,
• Right to rectification or erasure,
• Right to restriction of processing,
• Right to object to processing pursuant to Art. 21 GDPR,
• Right to data portability.
If you have given us your consent to use your personal data, you can revoke this consent at any time. Please contact us by email at [email protected]. Alternatively, please let us know your request by mail or fax.
Furthermore, you have the right to lodge a complaint about our processing of your personal data with a data protection supervisory authority. The data protection supervisory authority responsible for us is the "State Commissioner for Data Protection of Lower Saxony, Prinzenstraße 5, 30159 Hanover."
Currentness and changes to the privacy policy
This privacy policy is dated April 2, 2024, and is currently valid. Due to the continuous development of our website or the implementation of new technologies, it may become necessary to update this privacy policy. Dermaroller GmbH therefore reserves the right to change this privacy policy at any time with future effect. Therefore, you should visit this website regularly to stay informed about the current status of our privacy policy.
Contact details of the data protection officer of Dermaroller GmbH:
Anna Bauer
c/o LINET Services GmbH
Hinter dem Turme 12a
38114 Braunschweig
Phone: 0531-180508-122
Email: [email protected]
Or to: [email protected]
c/o LINET Services GmbH
Hinter dem Turme 12a
38114 Braunschweig
Phone: 0531-180508-122
Email: [email protected]
Or to: [email protected]