Privacy Policy

Privacy Policy

  1. INFORMATION ABOUT THE COLLECTION OF PERSONAL DATA AND CONTACT DETAILS OF THE CONTROLLER

1.1 We are pleased that you are visiting our website and thank you for your interest. Below, we inform you about how your personal data is handled when using our website. Personal data includes all data with which you can be personally identified.

1.2 The controller for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is Harper’s Boutique Charleston. The controller is the natural or legal person who alone or jointly with others determines the purposes and means of processing personal data.

1.3 This website uses SSL or TLS encryption for security reasons and to protect the transmission of personal data and other confidential content (e.g., orders or inquiries to the controller). You can recognize an encrypted connection by the string "https://" and the lock symbol in your browser line.

  1. DATA COLLECTION WHEN VISITING OUR WEBSITE

When you use our website for information purposes only, i.e., if you do not register or otherwise provide us with information, we collect only the data that your browser transmits to our server (so-called "server log files"). When you access our website, we collect the following data, which is technically necessary for us to display the website:

  • Our visited website

  • Date and time at the moment of access

  • Amount of data sent in bytes

  • Source/reference from which you came to the page

  • Browser used

  • Operating system used

  • IP address used (if applicable, in anonymized form)

Processing is carried out in accordance with Art. 6 para. 1 lit. f GDPR based on our legitimate interest in improving the stability and functionality of our website. Data will not be passed on or otherwise used. However, we reserve the right to check the server log files retrospectively if there are concrete indications of unlawful use.

  1. COOKIES

In order to make visiting our website attractive and to enable the use of certain functions, we use cookies on various pages. These are small text files that are stored on your device. Some of the cookies we use are deleted after the browser session ends (so-called session cookies). Other cookies remain on your device and allow us or our partner companies (third-party cookies) to recognize your browser on your next visit (persistent cookies).

If cookies are set, they collect and process certain user information to an individual extent, such as browser and location data and IP address values. Persistent cookies are automatically deleted after a specified period, which may vary depending on the cookie.

Some cookies serve to simplify the ordering process by storing settings (e.g., remembering the contents of a virtual shopping cart for a later visit). If personal data is also processed by individual cookies implemented by us, the processing is carried out either in accordance with Art. 6 para. 1 lit. b GDPR for the execution of the contract or in accordance with Art. 6 para. 1 lit. f GDPR to safeguard our legitimate interest in the best possible functionality of the website and a customer-friendly and effective design of the site visit.

We may cooperate with advertising partners who help us make our online offer more interesting for you. For this purpose, cookies from partner companies may also be stored on your hard drive when you visit our website (third-party cookies).

You can set your browser to inform you about the setting of cookies and decide individually about their acceptance or exclude the acceptance of cookies for certain cases or in general. Each browser differs in the way it manages cookie settings. This is described in the help menu of each browser, which explains how you can change your cookie settings.

Please note that if cookies are not accepted, the functionality of our website may be limited.

  1. CONTACTING US

When you contact us (e.g., via contact form or email), personal data is collected. The data collected in the case of a contact form can be seen from the respective contact form. This data is used exclusively to respond to your inquiry or for contacting you and the associated technical administration.

The legal basis for processing the data is our legitimate interest in responding to your request in accordance with Art. 6 para. 1 lit. f GDPR. If your contact aims at concluding a contract, the additional legal basis for processing is Art. 6 para. 1 lit. b GDPR. Your data will be deleted after the final processing of your inquiry if it can be inferred from the circumstances that the matter in question has been conclusively clarified and provided that there are no legal storage obligations to the contrary.

  1. DATA PROCESSING WHEN OPENING A CUSTOMER ACCOUNT AND FOR CONTRACT PROCESSING

In accordance with Art. 6 para. 1 lit. b GDPR, personal data is also collected and processed if you provide it to us for the execution of a contract or when opening a customer account. The data collected can be seen from the respective input forms. Deleting your customer account is possible at any time and can be done by sending a message to the controller's address mentioned above. We store and use the data you provide for contract processing. After the contract has been fully processed or your customer account has been deleted, your data will be blocked with regard to tax and commercial law retention periods and deleted after these periods have expired, unless you have expressly consented to further use of your data or we have reserved the right to use your data further as permitted by law, about which we inform you below.

  1. USE OF YOUR DATA FOR DIRECT MARKETING

6.1 Subscription to our Email Newsletter

If you subscribe to our email newsletter, we will regularly send you information about our offers. The only mandatory information required for sending the newsletter is your email address. The provision of any additional data is voluntary and will be used to address you personally. We use the so-called double opt-in procedure for sending newsletters. This means that we will only send you an email newsletter once you have explicitly confirmed that you consent to the receipt of newsletters. We will then send you a confirmation email asking you to confirm your wish to receive future newsletters by clicking on a corresponding link.

By activating the confirmation link, you give us your consent to use your personal data in accordance with Art. 6 para. 1 lit. a GDPR. When registering for the newsletter, we store your IP address as entered by your Internet service provider (ISP), as well as the date and time of registration, in order to detect possible misuse of your email address at a later date. The data collected by us when you register for the newsletter will be used exclusively for promotional purposes via the newsletter.

You can unsubscribe from the newsletter at any time via the link provided in the newsletter or by sending a message to the controller named at the beginning. After unsubscribing, your email address will be immediately deleted from our newsletter distribution list, unless you have expressly consented to further use of your data or we reserve the right to use your data in any other way that is legally permitted and about which we inform you in this policy.

6.2 Newsletter for Existing Customers

If you have provided us with your email address when purchasing goods or services, we reserve the right to regularly send you offers for similar goods or services from our store by email. For this, we do not need to obtain separate consent from you. The data processing takes place solely on the basis of our legitimate interest in personalized direct advertising according to Art. 6 para. 1 lit. f GDPR.

If you initially objected to the use of your email address for this purpose, we will not send any emails. You are entitled to object to the use of your email address for the aforementioned advertising purpose at any time with effect for the future by notifying the controller named above. The only costs incurred for this are the transmission costs according to the basic rates. After receiving your objection, the use of your email address for advertising purposes will be discontinued immediately.

  1. DATA PROCESSING FOR ORDER HANDLING

7.1 Personal data collected by us will be passed on to the transport company commissioned with the delivery as part of contract processing, to the extent that this is necessary for the delivery of the goods. We pass on your payment data to the commissioned credit institution as part of the payment processing, provided this is necessary for the payment process. If we use payment service providers, you will be explicitly informed below. The legal basis for the disclosure of the data is Art. 6 para. 1 lit. b GDPR.

7.2 Use of Payment Service Providers (Payment Services)

  • PayPal: When paying via PayPal, credit card via PayPal, direct debit via PayPal, or – if offered – "purchase on account" or "installment payment" via PayPal, we forward your payment data to PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg. The transmission takes place in accordance with Art. 6 para. 1 lit. b GDPR and only insofar as it is necessary for payment processing.

PayPal reserves the right to carry out a credit check for the payment methods credit card via PayPal, direct debit via PayPal, or – if offered – "purchase on account" or "installment payment" via PayPal. For this purpose, your payment data may be transmitted to credit agencies based on PayPal's legitimate interest in determining your solvency pursuant to Art. 6 para. 1 lit. f GDPR. PayPal uses the result of the credit check with regard to the statistical probability of default for the purpose of deciding on the provision of the respective payment method. The credit report may contain probability values (so-called score values). Insofar as score values are included in the result of the credit report, they are based on a scientifically recognized mathematical-statistical procedure. Among other things, address data is included in the calculation of the score values.

Further information on data protection, including the credit agencies used, can be found in PayPal’s privacy policy: https://www.paypal.com/de/webapps/mpp/ua/privacy-full

You can object to this processing of your data at any time by sending a message to PayPal. However, PayPal may still be entitled to process your personal data if this is necessary for contractual payment processing.

  • SOFORT (Klarna): If you choose the "SOFORT" payment method, payment will be processed by SOFORT GmbH, Theresienhöhe 12, 80339 Munich, Germany ("SOFORT"), part of the Klarna Group (Klarna Bank AB (publ), Sveavägen 46, 11134 Stockholm, Sweden). We pass on the information you provided during the order process along with information about your order to SOFORT in accordance with Art. 6 para. 1 lit. b GDPR. Your data will only be forwarded for the purpose of payment processing with SOFORT and only to the extent necessary.

Further information on SOFORT’s privacy policy: https://www.klarna.com/sofort/datenschutz

  1. CONTACTING FOR REVIEW REMINDERS

If you have given us your express consent in accordance with Art. 6 para. 1 lit. a GDPR, we will use your email address to send you a one-time reminder to submit a review of your order via the rating system used by us.

You may revoke your consent at any time by sending a message to the data controller.

  1. USE OF SOCIAL MEDIA PLUGINS

To increase the protection of your data when you visit our website, the plugins are not unrestrictedly integrated as direct links but only using an HTML link (known as the "Shariff solution"). This ensures that no connection is established with the servers of the respective plugin provider when a page of our website containing such plugins is accessed.

If you click on a social media button, a new window of your browser opens and calls up the page of the respective service provider where you can (possibly after entering your login data) click Like or Share, for example.

  1. ONLINE MARKETING

10.1 DoubleClick by Google

This website uses DoubleClick by Google, a service of Google LLC, to place ads that are relevant to users, to improve campaign performance reports, or to prevent a user from seeing the same ads multiple times. Further info: https://www.google.de/policies/privacy/

10.2 Google AdWords Conversion Tracking

This website uses Google AdWords conversion tracking to measure the success of advertisements. If you click on a Google ad, a cookie is set that expires after 30 days and is not used for personal identification. Further info: https://www.google.com/policies/privacy/

  1. WEB ANALYSIS SERVICES

Google Analytics

This website uses Google Analytics with the extension "_anonymizeIp()" to ensure anonymized collection of IP addresses. You can opt-out by downloading the browser plugin: https://tools.google.com/dlpage/gaoptout?hl=en

  1. RETARGETING/REMARKETING/REFERRAL ADVERTISING

This website uses Facebook Pixel and Google Remarketing for targeted advertising. Further details and opt-out options are available at:

  1. RIGHTS OF THE DATA SUBJECT

You have the right to:

  • Access (Art. 15 GDPR)

  • Rectification (Art. 16 GDPR)

  • Erasure (Art. 17 GDPR)

  • Restriction of processing (Art. 18 GDPR)

  • Notification obligation (Art. 19 GDPR)

  • Data portability (Art. 20 GDPR)

  • Withdraw consent (Art. 7 para. 3 GDPR)

  • Lodge a complaint with a supervisory authority (Art. 77 GDPR)

You may object at any time to processing of your personal data on the basis of legitimate interests under Art. 6 para. 1 lit. f GDPR (Art. 21 GDPR).

  1. DURATION OF STORAGE OF PERSONAL DATA

The duration of storage of personal data is based on the respective statutory retention period. After expiry of this period, the corresponding data will be routinely deleted if it is no longer required for the fulfillment or initiation of a contract and/or there is no further legitimate interest on our part in continuing to store it.