Privacy policy

PRIVACY STATEMENT

1) Information on the Collection of Personal Data and Contact Details of the Controller

1.1 We are pleased that you have visited our website and thank you for your interest. Below we inform you about how your personal data is processed when using our website. Personal data means any data with which you can be personally identified.

1.2 The controller responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is Palmer's Boutique New York.
A controller is the natural or legal person who alone or jointly with others determines the purposes and means of processing personal data.

1.3 For security reasons and to protect the transmission of personal data and other confidential content (e.g., orders or inquiries sent to the controller), this website uses SSL or TLS encryption. You can recognize an encrypted connection by the “https://” string and the lock symbol in your browser bar.

2) Data Collection When Visiting Our Website

When you use our website for informational purposes only (i.e., without registering or otherwise providing information), we collect only the data that your browser transmits to our server (“server log files”). When you access our website, we collect the following data, which is technically necessary to display the website to you:

  • The page visited

  • Date and time of access

  • Amount of data transferred (in bytes)

  • Source/referrer from which you reached the page

  • Browser used

  • Operating system used

  • IP address used (if applicable, anonymized)

Processing is carried out in accordance with Art. 6(1)(f) GDPR on the basis of our legitimate interest in improving the stability and functionality of our website. The data is not passed on or used in any other way. However, we reserve the right to review server log files retrospectively if there are concrete indications of unlawful use.

3) Cookies

To make your visit to our website more attractive and to enable the use of certain functions, we use cookies on various pages. Cookies are small text files that are stored on your device.

Some cookies are deleted after the end of the browser session (session cookies). Other cookies remain on your device and enable us or our partner companies (third-party cookies) to recognize your browser during your next visit (persistent cookies).

If cookies are set, they collect and process certain user information to an individual extent, such as browser and location data as well as IP address values.

Persistent cookies are automatically deleted after a specified period, which may vary depending on the cookie. Cookies are used in part to simplify the ordering process by storing settings (e.g., remembering the contents of a virtual shopping cart for a later visit).

If cookies implemented by us also process personal data, processing is carried out:

  • under Art. 6(1)(b) GDPR for the performance of a contract, or

  • under Art. 6(1)(f) GDPR to safeguard our legitimate interests in the best possible functionality and a user-friendly and effective website experience.

In certain cases we work with advertising partners to make our online offer more attractive. For this purpose, cookies from partner companies (third-party cookies) may also be stored on your device when you visit our website. If this applies, you will be informed individually and separately in the relevant sections below about the use of these cookies and the scope of the information collected.

Managing Cookies

You can configure your browser to inform you about the setting of cookies so that you can decide individually whether to accept them, or to exclude acceptance of cookies in certain cases or generally. Please note that if you do not accept cookies, the functionality of our website may be limited.

4) Contact

When contacting us (e.g., via contact form or email), personal data is collected. The data collected via a contact form can be seen from the respective form. This data is stored and used exclusively for the purpose of responding to your request or contacting you and the associated technical administration.

The legal basis for processing is our legitimate interest in responding to your request under Art. 6(1)(f) GDPR. If your contact aims at concluding a contract, the additional legal basis is Art. 6(1)(b) GDPR.

Your data will be deleted after final processing of your request, provided that no statutory retention obligations prevent deletion.

5) Data Processing When Creating a Customer Account and for Contract Fulfilment

In accordance with Art. 6(1)(b) GDPR, personal data is also collected and processed if you provide it to us for contract fulfilment or when opening a customer account. The data collected can be seen from the respective input forms.

You may delete your customer account at any time by sending a message to the controller’s address mentioned above. We store and use the data you provide to fulfil the contract.

After full contract fulfilment or deletion of your customer account, your data will be blocked in consideration of tax and commercial retention periods and deleted after these periods have expired, unless:

  • you have expressly consented to further use of your data, or

  • we reserve the right to use your data beyond this as permitted by law (as described in this statement).

6) Use of Your Data for Direct Advertising

6.1 Newsletter Subscription

If you subscribe to our email newsletter, we will send you regular information about our offers. Only your email address is required for sending the newsletter. Providing additional data is voluntary and used to address you personally.

We use the double opt-in procedure. This means we will only send you the newsletter after you have expressly confirmed that you agree to receive it. We then send you a confirmation email asking you to confirm your subscription by clicking a link.

By activating the confirmation link, you give us your consent to use your personal data under Art. 6(1)(a) GDPR.

When registering, we store your IP address recorded by your Internet Service Provider (ISP) and the date and time of registration so that any misuse of your email address can be traced.

You can unsubscribe at any time via the link provided in the newsletter or by sending a message to the controller. After unsubscribing, your email address will be deleted immediately from our distribution list unless:

  • you have expressly consented to further use, or

  • we reserve the right to use data beyond this as permitted by law.

6.2 Newsletter to Existing Customers

If you provided your email address when purchasing goods or services, we reserve the right to send you offers for similar goods or services by email. We do not need separate consent for this. Processing is based solely on our legitimate interest in personalized direct advertising under Art. 6(1)(f) GDPR.

You may object to the use of your email address for advertising purposes at any time with effect for the future by sending a message to the controller. You will only incur transmission costs according to basic rates. After receiving your objection, the use of your email address for advertising purposes will be stopped.

7) Data Processing for Order Handling

7.1 Disclosure to Shipping Providers and Payment Institutions

For contract fulfilment, we pass your personal data to the shipping company commissioned with delivery insofar as this is necessary to deliver the goods.

For payment processing, we pass your payment data to the commissioned credit institution insofar as this is necessary for payment processing.

Where payment service providers are used, we explicitly inform you below. The legal basis is Art. 6(1)(b) GDPR.

7.2 Use of Payment Service Providers

PayPal
If you pay via PayPal, credit card via PayPal, direct debit via PayPal, or (if offered) “purchase on account” or “installments” via PayPal, we transmit your payment data to PayPal (Europe) S.à r.l. et Cie, S.C.A., Luxembourg, as necessary for payment processing under Art. 6(1)(b) GDPR.

PayPal reserves the right to perform credit checks for certain payment methods. For this purpose, your payment data may be passed to credit agencies under Art. 6(1)(f) GDPR based on PayPal’s legitimate interest in verifying your ability to pay.

You may object to this processing at any time by contacting PayPal. However, PayPal may remain entitled to process your personal data where necessary for contractual payment processing.

SOFORT
If you select the payment method “SOFORT”, payment is processed by SOFORT GmbH (part of Klarna), Germany. We transfer the information provided during the ordering process and information about your order to SOFORT under Art. 6(1)(b) GDPR, solely for payment processing and only to the extent necessary.

8) Review Reminder Contact

If you have expressly consented under Art. 6(1)(a) GDPR, we may use your email address once to remind you to rate your order within the rating system we use. You may withdraw your consent at any time by contacting the controller.

9) Use of Social Media: Social Plugins (Shariff Solution)

To improve data protection when visiting our website, social buttons are not integrated without restriction as plugins. They are included as HTML links. This ensures that when you access a page containing such buttons, no connection is established to the servers of the respective provider.

Only when you click the button will a new browser window open and the provider’s page be called up, where you can interact with the plugins (if applicable after entering your login data).

This website may use social plugins from:

  • Facebook

  • Google+

  • Instagram

Additional customs fees and/or import duties are not included in the price and are borne by the customer.

10) Online Marketing

This website may use online marketing tools such as:

  • DoubleClick by Google

  • Google Ads conversion tracking

These tools use cookies to display relevant ads, improve campaign performance reporting, and avoid showing the same ads multiple times. Processing is carried out under Art. 6(1)(f) GDPR based on our legitimate interest in optimal marketing.

You can deactivate cookies for advertising preferences via your browser settings and/or provider opt-out tools. If you disable cookies, some functions of this website may be limited.

11) Web Analytics Services – Google Analytics (Universal Analytics)

This website uses Google Analytics, a web analytics service by Google. Google Analytics uses cookies to analyze your use of the website.

This website uses Google Analytics exclusively with the “_anonymizeIp()” extension, which ensures anonymization of the IP address by shortening it and excludes a direct personal reference.

Processing is carried out under Art. 6(1)(f) GDPR based on our legitimate interest in statistically analyzing user behavior for optimization and marketing purposes.

You can prevent the storage of cookies by configuring your browser accordingly. You can also prevent the collection of data generated by the cookie and related to your website use (including IP address) and processing by Google by using a browser add-on provided by Google.

12) Retargeting / Remarketing / Advertising Recommendations

This website may use:

  • Facebook Custom Audiences via the Facebook Pixel

  • Google Ads Remarketing

These tools can track user behavior after viewing or clicking ads, provided you have given explicit consent under Art. 6(1)(a) GDPR (where applicable). Collected data may be processed by the respective provider and linked to their user profile.

You can disable third-party cookies via your browser settings and/or industry opt-out tools. Disabling all cookies may limit the functionality of the website.

13) Rights of the Data Subject

Under applicable data protection law, you have extensive rights with respect to the processing of your personal data, including:

  • Right of access (Art. 15 GDPR)

  • Right to rectification (Art. 16 GDPR)

  • Right to erasure (Art. 17 GDPR)

  • Right to restriction of processing (Art. 18 GDPR)

  • Right to information (Art. 19 GDPR)

  • Right to data portability (Art. 20 GDPR)

  • Right to withdraw consent (Art. 7(3) GDPR)

  • Right to lodge a complaint (Art. 77 GDPR) with a supervisory authority

Right to Object

If we process your personal data on the basis of legitimate interests under Art. 6(1)(f) GDPR, you have the right to object at any time on grounds relating to your particular situation.

If you object, we will cease processing the data unless we can demonstrate compelling legitimate grounds that override your interests, rights and freedoms, or the processing serves the establishment, exercise or defense of legal claims.

If we process your personal data for direct marketing, you have the right to object at any time. If you object, we will stop processing your data for direct marketing purposes.

14) Storage Duration of Personal Data

The storage duration of personal data is determined by statutory retention periods (e.g., commercial and tax retention periods). After expiration of these periods, the relevant data is routinely deleted unless it is still required for contract fulfilment or contract initiation and/or there is no legitimate interest in continued storage.

Contact

For privacy-related questions, please contact us at:
support@palmers-boutique-newyork.com