We are pleased about your use of our website. The protection of your personal data is important to us and we want you to feel safe when using our website. This privacy statement is issued in compliance with India’s Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (the “SPDI Rules”). Please read the privacy statement carefully.
- Information about the collection of personal data
- The following shall inform you about the collection, processing, and utilization of personal data on our website. personal data means all data relating to a living individual who can be identified.
- Controller as per the General Data Protection Regulation (“GDPR”) is:
Emma Sleep GmbHWilhelm-Leuschner-Street 7860329 Frankfurt am Main Germany
You can reach our Data Protection Officer (“DPO”) through the following details:Emma Sleep GmbH Datenschutzbeauftragter
Wilhelm-Leuschner-Street email@example.com Frankfurt am Main Germany
c. If we use contracted service providers for individual functions to present our services to you or to your data for advertising purposes, we will inform you in detail about the respective processes below.
2. Your rights as a data subject
a. You have the following rights against us with respect to the personal data concerning you:
You have the right to request information on the data we hold about you from us at any time. This information includes, but is not limited to, the categories of data we process, the purposes for which it is processed, the source of the data if not collected directly from you, and, if applicable, the recipients with whom we have shared your data.
You have the right to request that we rectify inaccurate data relating to you. We will take appropriate steps to keep the data we store and process on an ongoing basis accurate, complete and current, based on the most up-to-date information available.
a. You have the right to revoke your consent to us at any time. As a result, we are not allowed to continue the data processing that was based on this consent in the future.
b. If you have the feeling that we have not responded in an appropriate manner to your requests, or complaints, or you have further concerns, you additionally have the right to complain to a data protection authority such as the Ministry of Electronics and Information.
c. You can send your inquiries regarding your rights as a data subject to us by sending a data subject request to firstname.lastname@example.org.
3. Collection of personal data when you visit our website
When visiting our website, i.e. without registering or agreeing to our further processing or utilization of the data, only the personal data, which your browser transmits to our server is automatically saved. In order to fulfil these technical requirements for you to view our website and provide for the necessary security, the following data is saved:
- IP Address,
- Date and time of your visit,
- Time zone difference to Greenwich Mean Time (GMT),
- Content of the query (specific site visited),
- Access status/HTTP status code,
- Amount of transferred data,
- Website from which the initial request emanates,
- Operating system, device, and its user interface
- Language and version of browser software.
The personal data mentioned above do not fall under the definition of SPDI and gets processed for the following purposes and legitimate interests:
These information are temporarily stored in so-called log files. When you visit this website, this information is automatically recorded without your intervention and stored until it is automatically deleted. If you don’t want the above personal data to be collected, you should not access our website as we will be unable to allow you access to our website without such personal data.
4. Use of our webshop: orders and product returns
a. If you would like to order in our webshop, it is necessary for the conclusion of the contract that you provide your personal data, which we need to process your order and fulfill the contract of sale with you. The essential data for the conclusion of the contract is marked, further data is given on a voluntary basis. We use the personal data provided by you to process your order and returns. For charging purposes, we can pass on your payment data to our house bank or to the selected payment service provider. To manage the delivery of the goods to you, and due to the nature of the transaction, we will need to share your delivery address and contact details (email and phone number) with delivery companies. Only strictly necessary data will be shared for the purpose of coordination of delivery, protection against fraud and clarification of urgent issues. The legal basis for this is that this processing is objectively necessary for the performance of the contract of sale with you (Article 6 (1) (b) GDPR). This means that the sale of goods cannot, as a matter of fact, be fully performed if this specific processing of the personal data in question does not occur. Please note that failure to provide the mandatory personal data can lead to that that your order with us cannot be carried out.
If you want to do a product return, we will also need to share your personal data (delivery address and contact details) to the assigned non-governmental/charitable organization or delivery company for the pick-up and collection of the product. The legal basis is that the processing is necessary for the performance of a contract to which the data subject is party (Article 6 (1) (b) GDPR) and our legitimate interest in managing product returns.
Before submitting your order, you are required to tick a box to signify your consent to our terms & conditions, privacy statement, and cancellation policy after having read the same. If you do not agree with our terms & conditions, privacy statement, and cancellation policy, you should not tick the box but you will also be unable to continue checking out.
By ticking the box and proceeding to submit your order, you agree that we may collect from you and process the same inside or outside of India the following categories of personal data about you via the webshop for the following purposes:
Further, the above categories of personal data may also be used separately or jointly for marketing and/or advertising purposes using your consent as legal basis. If you do not wish receive marketing and/or advertising from us, you may let us now your objection by completing the DSR Request Form at the bottom left of this page or the one available by clicking this link.
b. Within the scope of our activities and services, it may become necessary for us to disclose the personal data stored about you to natural persons, legal entities or public authorities. We conclude data processing agreements with our private-entity data processors, which ensure that they may only process your personal data in a way that we have explicitly instructed them to do so and ensure that they take the necessary technical and organizational measures to process your data securely and store your personal data only for as long as necessary. With respect to private-entity data controllers, we have less control as to how they will use your personal data but we enter into data sharing agreements which mandate compliance of both parties with applicable laws. Finally, when sharing your personal data with public authorities, we will only do so when required and allowed by law.
Being an international business with a global footprint, we may outsource the processing of your personal data outside of India. We use Standard Contractual Clauses to ensure that your personal data is protected in accordance with India’s data protection level. In addition to us, the following categories of recipients from inside or outside of India may receive the following categories of personal data for the following purposes:
5. Newsletters and electronic notifications
a. We send newsletters, e-mails and other electronic notifications containing promotional information. Our newsletters contain information about our products, offers, promotions and our company. With the following notes we inform you about the contents of our newsletter as well as the registration, dispatch and statistical evaluation procedure and your right of objection.
For the subscription to our newsletter we use a logged Double-Opt-in procedure. This means that after subscription you will receive an e-mail asking you to confirm your registration. This confirmation is necessary so that nobody can register with foreign e-mail addresses. Newsletter subscriptions are logged in order to be able to prove the registration process in accordance with the legal requirements. This includes the storage of the registration and confirmation time as well as the IP address. Changes to your data stored by the service provider are also logged. The purpose of this procedure is to be able to prove your registration and, if necessary, to clarify any possible misuse of your personal data.
To subscribe to the newsletter, it is sufficient to enter your e-mail address. The provision of further data is voluntary and is used to address you personally. After your confirmation we will save your e-mail address for the purpose of sending the newsletter. The newsletter dispatch and the measurement of performance are based on your consent if you subscribed.
b. We may also send you a newsletter and/or marketing through the e-mail address or other contact details you provided to us during checkout based on your inferred consent if you made a purchase from us and you have not objected to receiving the same.
c. To prevent or stop receiving the newsletter and/or marketing, you may withdraw your consent or object to receiving such notifications at any time by clicking the unsubscribe link provided in every newsletter and/or marketing or by completing the DSR Request Form at the bottom left of this page or the one available by clicking thislink.
d. After unsubscribing, we will delete your e-mail address or relevant contact details, unless you have consented to other use of your data, or the use of the same is permitted or required by law per another legal basis.
7. Data retention
We keep your personal data for the period of the customer relationship with you or for the legally-required period after termination of such relationship or agreement in order to defend our legal claims, to protect and enforce our rights, or to comply with laws and regulations. In general, the legal retention period for documents important for taxation (such as accounting receipts) is ten (10) years while other documents that can be considered as commercial or business transaction documents is six (6) years.
b. This website uses the following types of cookies:
d. Cookies used in the website may include the following:
Google Analytics, a web analytics service provided by Google Inc., collects and stores data on this website, from which user profiles are created using pseudonyms. These user profiles are used to analyse visitor behaviour and are evaluated to improve and tailor our services.
Cookies might be used. These are small text files that are stored locally on the site visitor's computer, allowing them to be recognized when revisiting our website. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. However, if IP anonymisation is activated on this website, your IP address will be shortened by Google beforehand within member states of the European Union or other parties to the Agreement on the European Economic Area. Only in unique cases will the full IP address be sent to a Google server in the US and shortened there.
On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator.
The pseudonymised user profiles will not be merged with personal data about the bearer of the pseudonym without specifically expressed consent of the person concerned. You can object to the collection and storage of data for the purpose of web analysis at any time with effect for the future. See: https://tools.google.com/dlpage/gaoptout?hl=en.
You can prevent the collection of data by Google Analytics by clicking on the following link. An opt-out cookie will be set that will prevent the future collection of your data when you visit this website: disable Google Analytics.
Our website uses Google Optimize. Google Optimize analyses the use of different variations of our website and helps us to improve the usability according to the behaviour of our users on the website. Google Optimize is a tool integrated within Google Analytics.
Google AdWords Conversion Tracking
We use the Google AdWords online advertising program and conversion tracking as part of Google AdWords. Google Conversion Tracking is an analytics service provided by Google Inc. (1600 Amphitheater Parkway, Mountain View, CA 94043, USA). When you click on an ad served by Google, a conversion tracking cookie will be placed on your device. These cookies lose their validity after 30 days, contain no personal data and are thus not used for personal identification. If you visit certain web pages on our website and the cookie has not expired, Google as well as we might recognize that you clicked on the ad and were redirected to this page. Each Google AdWords customer receives a different cookie. Thus, there is no way that cookies can be tracked through the websites of advertisers. The information gathered using the conversion cookie is used to generate conversion statistics for AdWords-customers who have opted in for conversion tracking. It tells AdWords-customers the total number of users who clicked on their ad and were redirected to a conversion tracking tag page. However, they do not receive information that personally identifies users. If you do not consent to this, you can disable Google AdWords Conversion Tracking here: disable AdWords Conversion Tracking
In order to make our pages more user-friendly, we use the mouseflow service of Mouseflow ApS (Flaesketorvet 68, 1711 Copenhagen, Denmark / Mouseflow Germany: Neuer Wall 63, 20354 Hamburg, Germany) to randomly record the movement of your computer mouse and create heat maps on product and category pages. The records are anonymous and every website that contains any kind of personal data is not tracked (e.g. checkout page). Click on the following link to disable mouseflow for your browser by setting a cookie: disable Mouseflow
On our websites, anonymized information about the internet behaviour of the website‘s visitors is collected and stored for marketing purposes by a software provided to us by Criteo GmbH (Gewürzmühlstraße 11 80538 Munich Germany). These data are stored in cookies on the visitor's device. Based on an algorithm, Criteo GmbH analyses the anonymously recorded internet behaviour and can then display targeted product recommendations as personalized advertising banners on other websites. In no way can this data be used to personally identify you as a visitor of our websites. The collected data will only be used to improve the product recommendations. Any other use or disclosure of this information to third parties does not occur. If you do not consent to this, you can disable Criteo here: disable Criteo
If you were redirected to our website via an ad on Bing, Microsoft (Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA) will place a cookie on your browser that will tell us how many people clicked on a particular ad to access our website. No personal data will be saved or transmitted. You can deactivate this service by clicking on the following link: disable Bing .
Facebook Pixel / Facebook Retargeting
We use „Facebook Pixel“, a service offered by the social networking service Facebook (1 Hacker Way, Menlo Park, CA 94025, USA) to analyse and optimize our online offering. With its help, we can track users' actions after they've seen or clicked on a Facebook ad. This allows us to measure the effectiveness of Facebook advertising for statistical and market research purposes. The data collected is anonymous for us, i.e. we do not see the personal data of individual users. However, this data is stored and processed by Facebook, who, to the best of our knowledge, uses it in the following manner. Facebook may link this data to your Facebook account and also for its own promotional purposes, according to Facebook's Data Use Policy (https://www.facebook.com/about/privacy/). You can enable Facebook and its affiliates to display ads on and off Facebook. It may also be stored as a cookie on your computer for these purposes. When you visit our pages, the remarketing tags also create a direct connection between your browser and the Facebook server. Facebook receives the information that you have visited our site with your IP address. As a result, Facebook can connect the visit to our pages to your user account. We can use this information to display Facebook Ads. Please note that we, as the provider of the pages are not aware of the content of the data transmitted and their use by Facebook. If you do not consent to this, you can disable Facebook here: disable Facebook.
We use Spoteffects (webeffects GmbH, Knorrstraße 69, 80807 Munich) to gain a better understanding of the effect of our TV advertising. It anonymously measures whether a user has visited the site while a TV advert was broadcast. No personal data will be transmitted. If you do not consent to this, you can disable Spoteffects here: disable Spoteffects.
We use Realytics (Realytics, 73 rue d’Anjou, 75008 Paris), to gain a better understanding of the impact of our TV advertising. It anonymously measures whether a user has visited the site while a TV advert was broadcast. No personal data will be transmitted. If you do not consent to this, you can disable Realytics here: disable Realytics
We use the services of Rokt (2 Sheraton Street, Soho, London, W1F 8BH, United Kingdom) to show you advertisements on other sites. If you do not consent to this, you can disable Rokt here : disable Rokt.
Zopim Chat is a chat service provided by Zendesk Inc. (989 Market Street # 300, San Francisco, CA 94102), which allows us to communicate with our customers in real time. The main function is to assist users directly on the website and solve problems as quickly as possible. Zopim Chat installs three cookies on your computer that serve to provide a better service, as we can restore past conversations and save your preferences. Zopim stores the ID of the online chat to identify user information.
Sharing personal data
Only necessary data is passed on to the company that is delivers the products to your home. In order to process your payment, we have to pass your payment data on to the bank or institution that is responsible for your chosen payment method. We might pass on your data on to our holding partner (Bettzeit GmbH), to offer you the best and most comprehensive advice.
§6Processing of data by social networking sites
This website also contains components from the following social networking sites: Facebook, Google+ and Twitter. Facebook is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, United States. Twitter is operated by Twitter Inc., 795 Folsom St, Suite 600, San Francisco, CA 94107, United States. Google+ is operated by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, United States. The plugins are marked with a Facebook logo or the addition of "Social Plug-in of Facebook" or "Facebook Social Plugin".
If you access a page via a social media plugin from Facebook, Google+ or Twitter or activate one of the plugins with a click, a connection to the Facebook, Twitter or Google+ server is made, and data is transmitted to it. If you are logged in to your personal user account on one of these networks, during your visit to our website the operator of the network can connect this information to your account. In order to prevent this, you must log out of your account before clicking on the link and, if necessary, delete your cookies.
If you do not want Facebook to directly connect the data collected via our website to your Facebook profile, you must log out of Facebook before visiting our website. You can completely prevent the loading of Facebook plugins even with add-ons for your browser, e.g. with the "Facebook Blocker".