Privacy Policy

The protection of your personal data is our top priority, which is why we only use your data in strict compliance with the applicable data protection principles. As of May 25, 2018, the provisions of the EU General Data Protection Regulation (hereinafter referred to as GDPR) will apply throughout Europe. From today, we would like to inform you in detail about how NinaperfectSkin processes personal data in accordance with this new Regulation (see Article 13 and following of the GDPR). Please read our Privacy Policy carefully. If you have any questions or comments about our Privacy Policy, you can contact us at any time at the email address below.

 

  1. Overview

The following provisions regarding data protection inform you about the type and extent of the processing of personal data by NinaperfectSkin, owned by MG DIGITAL GROUP LLC, 120 Madeira Drive Northeast STE 220, Albuquerque, NM 87108, UNITED STATES, registered in ALBUQUERQUE, NEW Mexico, under the EIN number: 35-2719181.

 (hereinafter “NinaperfectSkin”, “we”, “us” or “our”). Personal data is information that can identify you directly or indirectly. Use of our applications, products, services, technologies or features and any associated pages, applications and services (collectively referred to as “Offering”) is subject to this Privacy Policy.

 

In the context of a new registration and/or via an appropriate explanation to existing customers, you confirm your agreement to this Privacy Policy and you expressly accept the processing, use and disclosure of your personal data of the manner described here.

 

Data processing by NinaperfectSkin can bedivided into two categories:

All data necessary for theexecution of a contractwith NinaperfectSkin will be processed for the purpose of execution of the contract and/or preparation of the contract. If external service providers are also involved in the processing of the contract, for example payment service providers, optimization services, hosting providers, etc., your data will be transmitted to them to the extent required.

  • When you use our Offer, various information is exchanged between your terminal and our server or the server of the services we use. This may also include personal data. The information thus collected is used in particular to further optimize our offer.

Depending on the requirements of the GDPR, you havedifferent rightsthat you can assert with us. This includes the right towithdraw your consentat any time regarding the processing of selected data, in particular the processing of data for advertising purposes. The possibility ofwithdrawing your consentis always typographically highlighted. Further information on your rights can be found below in an additional paragraph and in the individual descriptions of the respective data processing.

 

Our offer is only accessible to people who have reached the age of 16. If you have not yet reached said minimum age, you may use our Offers only if and to the extent that your parents have expressly consented to this and if you have provided us with sufficient proof of such consent.

 

If you have any questions regarding our Privacy Policy, you can contact at any time: hello@ninaperfectskin.com.

  1. Name and contact details of the data controller and the data protection officer of the company

This Privacy Policy applies to the processing of data by the Company, as responsible under the GDPR for the following offers: www.ninaperfectskin.eu. The company has been designated responsible within the EU in accordance with Articles 3 Para.2 and 27 Para. 1, 3 of the GDPR.

  1. Purposes of data processing, legal bases and legitimate interests pursued by us or by a third party and categories of recipients.

3.1. USE OF OUR OFFER

When you use our Offer, in particular our website or our application, the information is automatically sent to our servers by the application or browser used on your terminal and temporarily stored in a log file. The following informationis recorded without your intervention and stored in the log file until it is automatically or manually deleted:

  • the IP address of the device used,
  • the date and time of access,
  • the name and URL of the file accessed, the website/application from which the access took place (referring URL),
  • the exclusive identifier of the browser you are using,
  • the name of your Internet service provider.

The processing of the aforementioned data is carried out in accordance with Article 6, paragraph 1 point f) of the GDPR. Our legitimate interest arises from the purposes of data collection listed below. At this point, we would like to point out that the data collected does not allow us to identify you personally or to make any inference about this. We use the IP address of your device and the other data listed above for the following purposes:

  • guarantee the correct establishment of a connection,
  • ensure a comfortable use of our Offer,
  • evaluate the security and stability of the system and,
  • carry out other administrative tasks.

The data is stored in accordance with the retention periods provided for by law and is then deleted automatically. In addition, as part of our Offer, we use cookies, tracking tools, targeting procedures and interfaces to other services, for example to social media platforms, payment services or payment providers. app store. The exact procedures and how your data is used for such purposes are explained in more detail in section 4 below.

3.2. CONCLUSION, EXECUTION OR TERMINATION OF A CONTRACT

Data processing upon conclusion of the contract

 

We define our services as personalized health tracking technology: our technology provides a range of information about your health and well-being based on your metrics and data.

 

 In such a context, we process the data necessary for the conclusion, execution or termination of a contract. Said data includes in particular:

  • the email address,
  • first and last name, if applicable,
  • billing and payment data,
  • data entered by you and generated by the use of our Offer, such as gender, age and height, weight, etc.

The legal basis used is Art. 6 Para. 1 point a), point b) of the GDPR and Article 9 paragraph 2 point a) of the GDPR. To the extent that we do not use your contact details for customer support (see section 3.3. in detail), we retain the data collected for contract processing until the end of said contract or until expiration of any contractual warranty and guarantee rights. After the expiration of this period, we will retain the personal data required by law for the legally prescribed period. During such a period (generally six to ten years from the conclusion of the contract), the data will only be reprocessed in the event of an audit by the tax administration.

3.3. DATA PROCESSING FOR CUSTOMER SUPPORT OR CUSTOMER SERVICE

3.3.1. Informative purposes

 

To the extent that you have registered for our Offer, we are guiding you as an existing customer. In such a case, we process your contact details in order to send you information, for example about new, expanded or improved functions, products and services.

3.3.2. TARGETED ADVERTISING

So that you only receive information that we believe will be of interest to you, we categorize and complete your customer profile with other information. We use statistical information as well as information about you (e.g. reference data or basic data from your customer profile). The objective is to optimize our Offer according to your real or supposed interests and/or personal needs and to provide you with appropriate recommendations so as not to bore you with unnecessary promotions.

 

The legal basis for the aforementioned processing operations is Article 6, paragraph 1, point b) and point f) of the GDPR as well as Article 9, paragraph 2, point a) of the GDPR. The processing of existing customer data for advertising purposes is considered a legitimate interest recognized in accordance with recital 47 of the GDPR.

 

3.3.3. Customer Support

 

Gorgias

 

We use the ticketing system of Gorgias, 768 Harrison St, San Francisco, CA 94107, United States (“Gorgias”) for processing service, support and other user requests based on Article 6, paragraph 1, point b) of the GDPR. If you submit a support request through one of our channels (e.g. our contact form, live chat, email, etc.), the following data (depending on the content and the selected contact channel ) will be processed via Gorgias servers:

  • the data you entered,
  • your name,
  • Your email address,
  • information about your browser,
  • your IP address.

You will find more information on data processing by Gorgias in the Gorgias confidentiality charter available on: https://www.gorgias.io/privacy/gdpr. If you have any questions, you can also contact the Gorgias data protection officers directly at the following address: support@gorgias.io.

 

3.3.4. Sending the Newsletter

 

We offer interested customers the opportunity to subscribe to our Newsletter. To ensure that the email address entered is actually associated with the interested customer, we use the double opt-in procedure: once you have entered your email address in the registration field, we will send you a confirmation link. Only when you click on this confirmation link will your email address be added to our mailing list. We retain the data collected through this process only for documentation and verification purposes. Said data includes in particular:

  • the transmitted email address,
  • the IP address of the device used,
  • the date and time of recording,
  • the way of addressing,
  • the date, the content, and the time of the confirmation email,
  • the IP address of the device used for confirmation,
  • and the date and time of your confirmation.

The legal basis used is Article 6, paragraph 1, point a) of the GDPR. We keep said data until the end of the contractual relationship because we can thus prove the legality of sending the Newsletter. After the expiration of this period, we will retain the personal data required by law for the legally prescribed period. During such a period (generally ten years from the conclusion of the contract), the data will only be processed again in the event of an audit by the tax authorities. You canwithdraw your consentat any time with effect for the future. To do this, simply click on the unsubscribe button in the corresponding email or send a short email notification. To do this, please use the contact information of our Data Protection Officer.

 

3.3.5. Right to contest

 

You can withdraw your consent free of charge at any time regarding the processing of data for the aforementioned purposes, separately for the respective communication channel and with effect for the future. Simply send an e-mail or postal letter to the contact details indicated in point 1.

 

In the event of a dispute, we will block the contact address concerned for further processing of promotional data. We will process your objection as quickly as possible and implement corresponding blocking measures immediately after verification. We draw your attention to the fact that, in exceptional cases, information or product recommendations may still be sent even after receipt of your objection. This is done for technical reasons only and does not mean that we will not implement your challenge. Thank you for your understanding.

  1. Data processing for the provision of our services

In the following, we would like to inform you about the processing of data necessary to provide our Offer:

4.1. ONLINE PRESENCE AND WEBSITE OPTIMIZATION

We do not sell or rent your data to third parties for marketing purposes without your express consent. In order to offer our customers the best possible product, to improve the quality of our Offering from time to time and to protect the interests of our customers, we will, in certain circumstances, disclose certain data to third parties; however, such disclosure will always be subject to strict restrictions, which are described in more detail below:

 

4.1.1. Cookies – General information

 

We use cookies on our website on the basis of Article 6 (1) (f) GDPR. Our interest in optimizing our Offers must be considered justified within the meaning of the aforementioned regulation. Cookies are small files that your browser automatically creates and which are stored on your device (laptop, tablet, smartphone, etc.) when you use our Offers. Cookies do not damage your device, do not contain viruses, Trojan horses or other malware. Cookies allow information to be recorded which is in each case specific to the terminal used. However, this does not mean that we can immediately identify you. The use of cookies serves in particular to make the use of our Offer more pleasant for you. We use session cookies to detect that you have previously visited certain pages of our website. If you use our Offer again later, the cookie automatically recognizes you. In addition, we also use temporary cookies for user-friendliness purposes, which are stored on your device for a certain defined period of time. These are automatically cleared when you exit.

 

On the other hand, we use cookies to statistically record the use of our Offers and evaluate them with the aim of optimizing them for you and displaying information specially tailored to your needs. These cookies allow us to automatically recognize you when you return to our site. These cookies are automatically deleted after a defined period of time. Most browsers automatically accept cookies. However, you can configure your browser so that no cookies are stored on your computer or that a message always appears before a new cookie is created. However, completely deactivating cookies prevents you from accessing all the functions of our Offers. The duration of storage of cookies depends on their intended use and is not the same for everyone.

 

4.1.3. Pixels Facebook

 

In order to use, further optimize, and evaluate the conversion of our Facebook campaigns according to needs, we use an individual behavior pixel from Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("Facebook") in accordance with Article 6, paragraph 1, point f of the GDPR. This pixel is integrated into the code of our website. This allows us to ensure that the Facebook ads we initiate are displayed only on the page of users who have shown interest in our services. In doing so, we ensure that our Facebook ads generate potential user interest and do not disturb them. We also track the actions of Facebook users after they have seen or clicked on one of our Facebook ads. This allows us to evaluate the conversion of the respective campaign for statistical purposes, market research, and billing. The following information is processed:

  • timestamp,
  • the URL,
  • the information related to the campaign (notably print specification, form field, activated button).

The data thus collected is anonymous and does not allow us to draw conclusions as to the identity of the user. Processing for the purposes of behavioral and interest-based advertising is considered a legitimate interest recognized in accordance with recital 47 of the GDPR. The data is stored in accordance with the retention periods provided for by law and is then deleted automatically.

 

If you log into your Facebook account after placing the pixel or if you visit our website while logged in, it is possible that this data may be stored and processed by Facebook, of which we hereby inform you. Facebook may link this data to your Facebook account and use it for advertising purposes, in accordance with Facebook's Data Use Policy: https://www.facebook.com/about/privacy/. You can find more information about the Facebook pixel here. You can allow Facebook and its partners to display ads on Facebook and on other sites. You can withdraw your consent at any time regarding the special processing of data by changing your Facebook settings or simply informing us that you no longer wish for such processing in the future. To do this, please use the contact information of our data protection officer. Please note that the stated objection only applies to the device used. For more information, please refer to Facebook's Privacy Policy and privacy information here.

 

4.1.4. Facebook Lookalike Audiences Campaigns

 

In order to use, further optimize, and evaluate the conversion of our Facebook campaigns according to needs, we use an individual behavior pixel from Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("Facebook") in accordance with Article 6, paragraph 1, point f of the GDPR. You can find more information about Facebook's Lookalike Audiences campaigns at: https://www.facebook.com/business/help/365463786964246

 

The said processing for advertising purposes based on behaviors and interests is considered a legitimate interest recognized in accordance with Recital 47 of the GDPR. If you are part of Facebook's lookalike audiences, we will share your email address and device ID with Facebook. You can withdraw your consent at any time regarding the special processing of data by changing your Facebook settings: https://www.facebook.com/settings/?tab=ads or simply by informing us that you no longer wish for such processing in the future. To do this, please use the contact information of our data protection officer.

 

4.1.5. Tag Pinterest

 

In order to use, further optimize and evaluate the conversion of our Pinterest campaigns as needed, we use a Pinterest tag, an individual snippet, from Pinterest Inc., 635 High Street, Palo Alto, CA, States -Unis, (“Pinterest”) which is integrated into the content of our website, in accordance with Article 6, paragraph 1, point f of the GDPR. This allows us to verify that the Pinterest ads we initiate are only displayed on the page of users who have expressed an interest in our services. In doing so, we ensure that our Pinterest ads arouse the user's potential interest and do not disturb them. We also track Pinterest users' actions after they view or click on one of our Pinterest ads. This allows us to evaluate the conversion of the respective campaign for statistical, market research and billing purposes. The following information is processed:

  • device information (e.g. type, brand),
  • the operating system used (for example, iOS 11),
  • the IP address of the device used,
  • the time of use of our Offer,
  • The type and content of the campaign and
  • the reaction to the respective campaign (click on a button for example).

The data thus collected is anonymous and does not allow us to draw conclusions as to the identity of the user. Said processing for the purposes of advertising based on behavior and interests is considered a legitimate interest recognized in accordance with recital 47 of the GDPR. The data is stored in accordance with the retention periods provided for by law and is then deleted automatically.

 

If you log into your Pinterest account after visiting our website or if you visit our website while logged in, it is possible that this data may be stored and processed by Pinterest, of which we hereby inform you. Pinterest may be able to link this data to your account and also use it for advertising purposes. You can find more information in Pinterest's Privacy Policy: https://policy.pinterest.com/de/privacy-policy. You can withdraw your consent at any time regarding the special processing of data by disabling all relevant settings under the "Personalization" section in your Pinterest account https://help.pinterest.com/de/articles/edit-your-settings#Web or by enabling the "Do Not Track" setting in your browser.

 

4.1.6. Google Analytics

 

To design our Offer according to needs and continuously optimize it, we use the Google Analytics service from Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States, ("Google") in accordance with Article 6, paragraph 1, point f of the GDPR. Through the use of cookies, Google creates pseudonymized usage profiles. The information generated by the cookie regarding your use of this website such as

  • browser type/version,
  • the operating system used,
  • the reference URL (the page visited previously),
  • the host name of the accessing computer (IP address),
  • the time of the server request.

are transmitted to a Google server in the USA and stored there. The information is used to evaluate the use of the Offerings, compile reports on activities and provide other services related to the use of the Offering for the purposes of market research and needs-based design. This information may also be passed on to third parties if required by law or if third parties are commissioned to process this data. Your IP address will under no circumstances be merged with other Google data. IP addresses are anonymized, so that attribution is not possible (so-called IP masking).

 

You can prevent the use of cookies upstream by modifying the settings of your browsing software or withdraw your consent regarding the further processing via the cookie by clicking on this link and choosing not to participate; please note, however, that in such a case, not all functions of our offers can be used fully. Furthermore, you can prevent any creation of data generated by a cookie and related to your use of our Offer (including your IP address) as well as the processing of said data by Google by downloading and installing the browser add-on. We recommend using Private mode on mobile devices. You will find more information on data protection related to Google Analytics on the Google Analytics webpage.

 

4.1.7. Google Tag Manager

 

Google Tag Manager allows us to manage our website's tags (website code). These facilitate the management and development of our Offer and reduce loading time. Google Tag Manager only implements website code. Google Tag Manager does not set cookies or collect any personal information. The tool only integrates website code that we have stored elsewhere and which can be used to collect data. The tool only serves to facilitate the modulation of the code but does not access the data processed by the code. We will notify you of any tags included in this Privacy Policy. You will find more information about Google Tag Manager as well as the terms of use on the Google pages.

 

4.1.8. Stripe payment processing service

 

"For the purposes of contract execution and especially payment processing, we transmit your name and email address to our payment service Stripe Payments Europe Ltd., block 4, Harcourt Center, Harcourt Road, Dublin 2, Ireland (“Stripe”) in accordance with Article 6, paragraph 1, points a) and b) of the GDPR. By using the Stripe library, we will not process the information entered during the ordering process (address, account number, bank code, possibly credit card number, invoice amount, currency, and transaction number) but will transmit it directly to Stripe from your browser. The data is used exclusively by Stripe for the execution and completion of the payment process and transmitted securely via the "SSL" encryption method. Stripe is certified PCI DSS. Stripe may transfer, process, and store personal information outside of the European Union. You can find more information about Stripe's Privacy Policy by clicking on this link."

 

We use a text messaging platform, which is subject to the following terms and conditions. By opting into our text marketing and notifications, you agree to these terms and conditions.
By entering your phone number at checkout and initiating a purchase, subscribing via our subscription form or keyword, you agree that we may send you SMS notifications (for your order, including reminders abandoned cart) and SMS marketing offers. You acknowledge that consent is not a condition of any purchase.
Your phone number, name and purchase information will be shared with our SMS platform "SMSBump Inc, a European Union company with an office in Sofia, Bulgaria, EU. This data will be used to send you messages targeted marketing messages and notifications When sending text messages, your phone number will be passed to a text messaging carrier to complete their delivery.
If you would like to unsubscribe from receiving text messages and notifications, reply STOP to any mobile message we have sent you or use the unsubscribe link we have provided to you in any of our messages. You understand and agree that other opt-out methods, such as using alternative words or requests, will not be considered a reasonable means to opt-out. Message and data rates may apply.
If you have any questions, send “HELP” to the number from which you received the messages. You can also contact us for more information. If you wish to unsubscribe, please follow the procedures above.

  

 

  1. Recipients outside the EU

As indicated in points 3.4 and 3.5 above, data may also be transmitted to recipients located outside the European Union or the European Economic Area. This is particularly true for the processing of the mentioned analytics and targeting technologies, which may result in the transmission of data to the servers of service providers. Affiliated service providers that we need to provide our services, such as hosting providers, CRM tools, or analytics service providers, may be other recipients. These servers may be located outside the European Union, notably in the United States. We ensure that these service providers guarantee data protection standards equivalent to those of the GDPR and that applicable guidelines are followed. Thus, we only work with certified service providers. For said certification, the European Commission has established the adequacy of the level of data protection under number C(2016) 4176) in accordance with Article 45 of the GDPR. The use of these certified service providers thus meets the European standard for data processing in compliance with the law. Furthermore, service providers based outside the European Union have granted us the appropriate contractual guarantees ensuring compliance with these European standards and the adoption of the rights of the data subjects, for example, by relying on the standard contractual clauses of the European Commission.

  1. Your rights

6.1. OVERVIEW

In addition to the right to contest the consents you have given us, you can exercise the following rights if the respective legal conditions are met:

  • The right to information concerning your personal data stored with us according to Article 15 of the GDPR,
  • In the case of transmissions in accordance with Articles 46, 47 or 49, paragraph 1, point 2 of the GDPR, the right to information or reference to suitable or adequate guarantees and the possibility of obtaining a copy of said guarantees or if said guarantees are available,
  • Your personal data stored with us in accordance with Article 15 of the GDPR,
  • The right to correct inaccurate data or to complete accurate data in accordance with Article 16 of the GDPR,
  • The right to delete your data stored with us in accordance with Article 17 of the GDPR,
  • The right to limit the processing of your data in accordance with Article 18 of the GDPR,
  • The right to data portability in accordance with Article 20 of the GDPR.

6.2. RIGHT OF CONTEST

Under the conditions provided for in Article 21, paragraph 1 of the GDPR, it is possible to withdraw your consent regarding the processing of data for reasons linked to the particular situation of the person concerned.

 

The aforementioned general right to object applies to all processing purposes described in this Privacy Policy based on Article 6(1)(f) GDPR. Apart from the special right of objection regarding data processing for advertising purposes (see point 3.3 above), the GDPR requires us to implement a general right of objection only if you provide us with reasons of vital importance (e.g. danger to life or health). In addition, you can also contact our competent supervisory authority: Commissioner for Data Protection and Freedom of Information Berlin, Friedrichstraße 219, 10969 Berlin, Germany.

  1. Data security

We use the highest standards of information security for our infrastructure and the processing of your data. For example, we use computer protection mechanisms, such as firewalls and data encryption. Our buildings and data are subject to physical access controls. Only employees who need access to our customers' personal data to carry out their activities can access it.

 

All data that you personally transmit to us, including your payment information, is transmitted via the general and secure SSL (Secure Socket Layer) standard. SSL is a secure and proven standard, which is used in particular for online banking transactions. You will recognize an SSL connection in particular by noticing the s after http (https://…) in the address bar of your browser or by the lock symbol at the bottom of the browser.

 

Otherwise, we use appropriate technical and organizational security measures to protect your personal data stored with us against manipulation, partial or total loss and unauthorized access by third parties. Our security measures are constantly monitored in relation to technological progress, regularly adapted to the respective risks and, if necessary, improved.

  1. Children's Privacy Policy.

Protecting the privacy of young children is particularly important. For this reason, we do not knowingly collect or solicit personal information from anyone under the age of 16 or knowingly allow them to register. If you are under 16, please do not send us any information about yourself, including your name, address, telephone number or email address. No one under the age of 16 is authorized to provide personal information to the Services. If we learn that we have collected personal information about a child under 

 

16 years without verification of parental consent, we will delete this information as quickly as possible. If you think we might have any information from or about a child under 16, please contact us at hello@ninaperfectskin.com

 

 

  1. Changes to our privacy policy.

If we change our privacy policy and procedures, we will post those changes on our website to inform you of what information we collect, how we use it, and under what circumstances we may disclose it. Changes to this Privacy Policy are effective when posted on our website.

 

 

 

Last updated 07/19/2022