Privacy policy

This privacy policy is based on the legal provisions for the regulations for the protection of your data, which can be found in the General Data Protection Regulation (GDPR – REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of April 27, 2016). In addition, the statutory provisions of the german Federal Data Protection Act (BDSG) and the german Telecommunications Digital Services Data Protection Act (TDDDG) are applied.

1. Controller

The controller within the meaning of Art. 24 GDPR is

Silke Ahlden/SilkeStyles
c/o IP-Management #37964
Ludwig-Erhard-Str. 18
20459 Hamburg
Germany

Phone: +49 (0) 152 54180890
Email: hellosilkestyles@gmail.com

2. Subject of the declaration

This privacy policy provides you with information about which personal data is stored, processed and passed on when you visit our website, in what way and for what purpose.

Personal data according to Art. 4 No. 1 GDPR is any information relating to an identified or identifiable natural person (hereinafter “data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

3. Information about the transfer to third-party countries in accordance with Art. 13 para. 1 lit. f) GDPR

Data may be transferred to third countries, such as the USA, via subcontractors or companies affiliated with them when accessing and using our website and associated offers. The processing is carried out on the basis of the adequacy decision between the USA and the EU of 10 July 2023 (EU-US Data Framework). In addition, we minimize the risk as far as possible by concluding order processing contracts, if a contractual relationship exists, and by concluding standard data protection clauses including effective supplements required by the supervisory authorities.

4. Data that we collect on the basis of legitimate interests in accordance with Art. 6 Para. 1 lit. f) GDPR, § 25 Para. 2 TDDDG:

Server data

When you visit our website, various server statistics are automatically saved, which your browser transmits to our provider’s server. Every access to our website and every retrieval of a file stored on the website is logged. The storage serves internal system-related and statistical purposes. The following are logged Name of the retrieved file, date and time of retrieval, amount of data transferred, notification of successful retrieval, web browser and requesting domain. In addition, the IP addresses of the requesting computers are logged in anonymized form.

This data is used for the statistical evaluation of visits to our website and cannot be assigned to specific persons. This data is not merged with other data sources. We can use the data to optimize our offer for users, e.g. by preventing access from malicious pages or optimizing access via certain browsers, and by logging the IP address to enable delivery of the page to the visitor. The data is automatically deleted for the above-mentioned purposes after 14 days.

To transfer your data, we use a secure server with TLS (Transport Layer Security) technology using 256-bit encryption. This ensures that your data is transmitted to us securely and cannot be read by unauthorized persons.

GoDaddy (hosting)

We use the web service “GoDaddy” from GoDaddy.com LLC, Headquarters, 2155 E. GoDaddy Way, Tempe, AZ 85284 USA (hereinafter “GoDaddy”). GoDaddy allows us to operate a domain under which we can publish our website. When you visit our website, GoDaddy collects so-called log files and your IP address in an anonymized way.

We have signed a data processing agreement with GoDaddy that fulfills the requirements of Art. 28 GDPR. In addition, GoDaddy has submitted to the EU-US Data Framework and thus ensures the standardized European level of data protection. You can find more details in GoDaddy’s privacy policy at https://www.godaddy.com/de-de/legal/agreements/privacy-policy

Our legitimate interest is the ability to publish a website and then display it as reliably and stably as possible.  

Email request

If you send us an inquiry by email, we will collect and store the email address and the data contained in the email in order to respond to your inquiry. Our legitimate interest lies in communicating and responding to your inquiry.

If a contractual relationship develops from the request by way of contract initiation or if the request relates to an existing contractual relationship, the legal basis is Art. 6 para. 1 lit. b) GDPR, as the storage of the data is necessary for the fulfillment of a pre-contractual or contractual obligation. The data will be deleted when the purpose for which it was stored no longer applies, i.e. after your email inquiry has been answered or when the matter relating to the inquiry has been conclusively clarified. In the case of an already established contractual relationship or a contractual relationship resulting from the inquiry, the data will be deleted after the statutory retention periods have expired.

Use of own cookies for functional purposes

Our website uses so-called cookies in some places. A cookie is text information that our website places on your end device via the web browser. They serve to make our website more user-friendly, effective and secure. Most of the cookies we use are so-called session cookies. They are automatically deleted at the end of your visit. You can exclude the acceptance of cookies in your web browser. However, this may lead to impaired functionality.

Borlabs Cookie (cookie consent tool)

We use the cookie consent tool Borlabs Cookie to gather your consent. The tool is operated by Borlabs GmbH, Rübenkamp 32, 22305 Hamburg, Germany. The tool stores in a cookie whether you have given your consent to the storage of other cookies or whether you have refused consent. Depending on your preferences, third-party cookies may or may not be set. If you have given your consent, Borlabs automatically logs the following data:

  • The IP number of the end user in anonymized form (the last three digits are set to 0)
  • Date and time of consent
  • User agent of the end user’s browser
  • The URL from which the consent was sent
  • An anonymous, random and encrypted key
  • The consent status of the end user, which serves as proof of consent

The key and consent status are also stored in the end user’s browser in the “BorlabsCookie” cookie so that the website can automatically read and follow the end user’s consent on all subsequent page requests and future end user sessions for up to 24 months. Further information can be found in Borlabs’ privacy policy at https://de.borlabs.io/datenschutz/. Our legitimate interest arises from the fact that this is the only way we can obtain the necessary consent and provide the required proof in the event of a review.

Instagram (social media)

We operate a page on the “Instagram” platform for the purpose of communicating with our customers, advertising new products or services and providing general information about our company and its employees. This service is offered on the technical platform and by means of the services of Meta Platforms, Inc 1 Hacker Way, Menlo Park, California 94025 USA (hereinafter “Instagram”). Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland, is responsible for the data processing of persons living outside the United States. If you access the page on our website via the Instagram icon and are logged into your Instagram account at the same time, Instagram can directly associate your visit to our website with your Instagram account. If you do not want Instagram to associate your data with your account, you must log out of Instagram before visiting our website. If you access interactive functions on the site (liking, commenting, sharing, messages, etc.), an Instagram login screen will appear. After logging in, you will once again be recognizable to Instagram as a specific user. For information on how you can manage or delete existing information about you, please refer to Instagram’s data policy at https://help.instagram.com/519522125107875/?maybe_redirect_pol=0. The data transfer takes place on the basis of the EU-US Data Privacy Framework. By joining this framework, Meta demonstrates that it complies with appropriate and suitable technical and organizational measures to protect your personal data. In addition, we have concluded EU standard data protection clauses with Meta. Further information on whether and what data is collected by Meta through the use of these services can be found in Meta’s privacy policy at https://www.facebook.com/about/privacy

Our legitimate interest in operating an Instagram account lies in presenting ourselves on social networks to attract customers. By maintaining an Instagram account and, if applicable, submitting an interaction, you consent to the storage and use of your data by Instagram. You can revoke your consent at any time by deleting all cookies set in your browser. You can also prevent the collection of information by generally deactivating the automatic setting of cookies in your browser settings. 

Facebook (social media)

We operate an account on the social network “Facebook” for the purpose of exchanging information with our customers, advertising new products or services and providing general information about our company and its employees. To operate our Facebook page, we use the technical platform and services of Meta Platforms, Inc 1 Hacker Way, Menlo Park, California 94025 USA. Customers and interested parties can join our page by clicking the “Like” button and thus receive regular information from our company in their news feed on Facebook. Furthermore, Facebook collects and stores information to provide analytics services, so-called “Page Insights”, for page operators so that they can gain insights into how people interact with their pages and the content associated with them. This information is used to provide us, as the operator of the Facebook pages, with statistical information about the use of the Facebook page. When you access interactive functions on the page (like, comment, share, message, etc.), a Facebook login screen appears. Once you have logged in, you will once again be recognizable to Facebook as a specific user. 

This data can be used to tailor content or advertising to you.

If you want to avoid this, you should log out of Facebook or deactivate the “stay logged in” function, delete the cookies on your device and close and restart your browser. This will delete Facebook information that can be used to identify you directly. This allows you to use our Facebook fan page without revealing your Facebook ID, but your IP address will also be recorded here and cookies will be set again.

We are jointly responsible with Meta Platforms, Inc for the collection or receipt in the context of a transmission (but not the further processing) of “event data” that Facebook collects by means of the Facebook social plugins that are executed on our online offer or receives in the context of a transmission for the following purposes: 

  • Advertising information that corresponds to the presumed interests of users as well as the display of content;
  • Delivery of commercial and transactional information; 
  • Improving ad delivery and personalization of features and content. 

The data collected about you in this context is processed by Meta Platforms, Inc. and may be transferred to countries outside the European Union. Facebook describes in general terms what information Facebook receives and how it is used in its data policy. There you will also find information on how to contact Facebook and on the settings options for advertisements. The data policy is available at the following link: https://www.facebook.com/privacy/explanation 

If Facebook provides us with measurements, analyses and reports that do not contain any information about individual users and are anonymous to us, then this processing does not take place within the framework of joint responsibility, but on the basis of a data processing agreement (“Data Processing Terms”, https://www.facebook.com/legal/terms/dataprocessing) and the “Data Security Terms” (https://www.facebook.com/legal/terms/data_security_terms). The data transfer is based on the EU-US Data Privacy Framework. By joining, Meta proves that we comply with appropriate and suitable technical and organizational measures to protect your personal data. In addition, we have concluded EU standard data protection clauses with Meta. Further information on whether and what data is collected by Meta through the use of these services can be found in Meta’s privacy policy at https://www.facebook.com/about/privacy

Our legitimate interest in operating a Facebook account lies in our own presentation in social networks for customer acquisition. By maintaining a Facebook account and, if applicable, submitting an interaction, you consent to the storage and use of your data by Facebook. You can revoke your consent at any time by deleting all cookies set in your browser. You can also prevent the collection of information by generally deactivating the automatic setting of cookies in your browser settings. 

Wordfence (security)

We have activated the “Wordfence” tool for the protection and stability of our website. The provider is Defiant Inc, Defiant, Inc, 800 5th Ave Ste 4100, Seattle, WA 98104, USA (hereinafter “Wordfence”). With the help of Wordfence, we can protect our website from unwanted access or cyberattacks. For this purpose, our website establishes a permanent connection to Wordfence’s servers so that Wordfence can compare its databases with the accesses made on our website and block them if necessary. The data transfer is carried out on the basis of the EU-US Data Privacy Framework. By joining, the provider proves to us that it has taken appropriate and suitable technical and organizational measures to protect your personal data. Nevertheless, Wordfence has concluded EU standard data protection clauses with Wordfence, with which Wordfence proves compliance with appropriate and suitable technical and organizational measures to protect your personal data. You can find these here https://www.wordfence.com/standard-contractual-clauses/. Further information on whether and what data is collected by Wordfence through the use of these services can be found in the privacy policy at https://www.wordfence.com/privacy-policy/

5. Data that we collect for the performance of a contract in accordance with Art. 6 para. 1 lit. b) GDPR:

Processing of contracts

For the purpose of contract processing and invoicing, we collect and store the personal data you provide, such as your name, address and e-mail address. If you have already provided us with this data as part of your registration, we will use it for the purposes specified there for contract processing. The data will be passed on to tax consultants and banks as part of the billing process. In addition, the billing data will be transferred to the tax office within the framework of the tax law requirements in accordance with Art. 6 para. 1 lit. c) GDPR. This data will be deleted after expiry of the applicable statutory retention obligations. If we are not subject to any statutory retention obligations, the data will be deleted when the purpose no longer applies. 

6. Rights of data subjects to which you are entitled at any time:

a. Right to object, Art. 21 GDPR

If we process your data to protect legitimate interests (Art. 6 para. 1 lit. f) GDPR), you can object to this processing on grounds relating to your particular situation. We will then no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or the processing serves the establishment, exercise or defense of legal claims. In the event of an objection to data processing for the purpose of direct advertising, processing for this purpose will no longer take place.

b. Right to information, Art. 15 GDPR

You have the right to request confirmation from us as to whether we process personal data concerning you and, if so, a right to information about the personal data and related information (Art. 15 para. 1 lit. a – h GDPR)

c. Right to rectification, Art. 16 GDPR

You have the right to obtain from us without undue delay the rectification of inaccurate personal data concerning you. Taking into account the purposes of the processing, you also have the right to have incomplete personal data completed, including by means of providing a supplementary statement.

d. Right to erasure, Art. 17 GDPR

You have the right to obtain from us the erasure of personal data concerning you without undue delay and we are obliged to erase such data without undue delay if one of the grounds specified in Art. 17 GDPR applies.

e. Right to restriction of processing, Art. 18 GDPR

You have the right to obtain from us the restriction of processing of personal data concerning you if one of the conditions set out in Art. 18 GDPR is met.

f. Right to portability of data, Art. 20 GDPR

You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller, where the processing is based on consent pursuant to Art. 6 para. 1 a) GDPR or Art. 9 para. 2 lit. a) GDPR or on a contract pursuant to Art. 6 para. 1 lit. b) GDPR and the processing is carried out by automated means.

g. Right to complain, Art. 77 GDPR

If you believe that the processing of your personal data violates the Data Protection Regulation, you can lodge a complaint with a competent supervisory authority. 

The Hamburg Commissioner for Data Protection and Freedom of Information of the Free and Hanseatic City of Hamburg
Ludwig-Erhard-Str 22, 7th floor 
20459 Hamburg 
Germany

Phone: 040 / 428 54 – 4040 
Fax: 040 / 428 54 – 4000 
Email: mailbox@datenschutz.hamburg.de