Free shipping on orders over €85 in Germany
There are two options to get recommendations for your individual skin care and a personalized set of products selected for your specific needs
Fill in Skin Test (20 carefully selected questions) and provide 3-4 photos of your skin and get your recommendations free.
If you feel the need for an in-depth professional dialogue, you can opt for an online individual consultation with our expert cosmetologist.
Thank you for visiting our website www.yourskinscientist.com and for your interest in our company.
The protection of your personal data, such as date of birth, name, telephone number, address, etc., is important to us.
The purpose of this data protection declaration is to inform you about the processing of your personal data that we collect from you when you visit our website. Our data protection practice is in accordance with the statutory provisions of the EU General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG). The following data protection declaration serves to fulfill the information obligations resulting from the GDPR. These can be found, for example, in Art. 13 and Art. 14 ff. GDPR.
The person responsible within the meaning of Art. 4 No. 7 GDPR is the person who, alone or jointly with others, decides on the purposes and means of processing personal data.
With regard to our website, the person responsible is:
Madina The Science of Skin
Maximilianstrasse 2
80539 Munich
Germany
E-Mail: info@yourskinscientist.com
Tel .: 089205008345
Every time our website is accessed, our system automatically collects data and information from the respective device (e.g. computer, mobile phone, tablet, etc.).
Which personal data are collected and to what extent are they processed?
(1) Information about the browser type and version used;
(2) The operating system of the access device;
(3) host name of the accessing computer;
(4) The IP address of the retrieval device;
(5) date and time of access;
(6) Websites and resources (images, files, other page content) that were accessed on our website;
(7) Websites from which the user’s system reached our website (referrer tracking);
(8) Notification of whether the request was successful;
(9) Amount of data transferred
This data is stored in the log files of our system. This data is not stored together with the personal data of a specific user, so that individual site visitors are not identified.
Art. 6 para. 1 lit.f GDPR (legitimate interest). Our legitimate interest is to ensure that the purpose described below is achieved.
The temporary (automated) storage of the data is necessary for the course of a website visit in order to enable the website to be delivered. The storage and processing of personal data is also carried out to maintain the compatibility of our website for as many visitors as possible and to combat abuse and eliminate faults. For this it is necessary to log the technical data of the accessing computer in order to be able to react as early as possible to display errors, attacks on our IT systems and / or errors in the functionality of our website. In addition, we use the data to optimize the website and to generally ensure the security of our information technology systems.
The aforementioned technical data are deleted as soon as they are no longer required to ensure the compatibility of the website for all visitors, but no later than 3 months after our website has been accessed.
You can object to the processing at any time in accordance with Art. 21 GDPR and request the deletion of data in accordance with Art. 17 GDPR. You can find out which rights you are entitled to and how you can exercise them in the lower section of this data protection declaration.
Our site offers you various functions, which we collect, process and save personal data when you use them. In the following we explain what happens to this data:
• Which personal data are collected and to what extent are they processed? The data you have entered in our contact form, which you have entered in the input mask of the contact form.
• Legal basis for the processing of personal data. 6 para. 1 lit. a GDPR (consent through clear confirmatory action or behavior)
• Purpose of data processing we will only use the data recorded via our contact form or via our contact forms to process the specific contact request received via the contact form. Please note that we may also be able to send you e-mails to the address given in order to fulfill your contact request. The purpose of this is so that you can receive confirmation from us that your request has been correctly forwarded to us. Sending this confirmation email is not mandatory for us and is for your information only.
• Duration of storage after your request has been processed, the data collected will be deleted immediately, provided there are no statutory retention periods.
• Revocation and deletion options revocation and deletion options are based on the general provisions on the right of revocation and deletion under data protection law described below in this data protection declaration.
• The requirement to provide personal dataThe use of the contact forms is on a voluntary basis and is neither contractually nor legally required. You are not obliged to contact us via the contact form but can also use the other contact options listed on our website. If you would like to use our contact form, you must fill in the fields marked as mandatory. If you do not fill in the necessary information on the contact form, you will either not be able to send the request or we will unfortunately not be able to process your request.
• Scope of the processing of personal data and collected personal dataThe registration and login data you have entered or communicated to us.
• Legal basis for the processing of personal data Art. 6 para. 1 lit. b GDPR (implementation of (pre) contractual measures)
• Purpose of data processing you have the option of using a separate login area on our website. So that we can check your authorization to use the protected area or the protected documents, you must enter your login data (email or username and password) in the corresponding form. If required, we can send you your login data or the option to reset your password by email on request.
• Duration of storage The data collected will be stored for as long as you have a user account with us.
• Opposition and cancellation option you can object to the processing at any time in accordance with Art. 21 GDPR and request the deletion of data in accordance with Art. 17 GDPR. You can find out which rights you are entitled to and how you can exercise them in the lower section of this data protection declaration.
• Requirement to provide personal dataThe use of the login area on our site is contractually stipulated in order to use the protected area. It is not possible to use the content protected by the login area without entering personal data. If you want to use our login area, you have to fill in the fields marked as mandatory (username and password). The entry of the data requires the existence of a user account. Registration is not possible if the data you have entered is incorrect. If you enter the data incorrectly or not at all, the protected area cannot be used. The rest of the page can still be used without a login.
If you would like to conclude a contract with us, we reserve the right to exclusively process your personal data in an automated manner in order to check your creditworthiness. We are also entitled to such an automated decision in accordance with Art. 22 Paragraph 2 a GDPR. Whether the contract can be concluded or not depends on the result of the automated credit check. A credit check calculates the statistical probabilities of a payment default. The credit report can contain probability values (score values) that are calculated on the basis of scientifically recognized mathematical-statistical methods. Using a variety of characteristics, such as income, address data, occupation, marital status and previous payment history, closed on the future risk of default by the customer. The result is expressed in the form of a payment value (so-called score). The information obtained in this way is the basis of our decision on the establishment, implementation or termination of a contractual relationship. If you believe that you have been wrongly excluded from the conclusion of the contract due to the credit check, you are welcome to explain your point of view to us by email. We will then review the automated decision in accordance with Art. 22 Paragraph 3 GDPR in each specific case. In order to be able to carry out the credit check, we are allowed to save and process your personal data in accordance with Article 6 (1) (b) GDPR. The information obtained in this way is the basis of our decision on the establishment, implementation or termination of a contractual relationship. If you believe that you have been wrongly excluded from the conclusion of the contract due to the credit check, you are welcome to explain your point of view to us by email. We will then review the automated decision in accordance with Art. 22 Paragraph 3 GDPR in each specific case. In order to be able to carry out the credit check, we are allowed to save and process your personal data in accordance with Article 6 (1) (b) GDPR. The information obtained in this way is the basis of our decision on the establishment, implementation or termination of a contractual relationship. If you believe that you have been wrongly excluded from the conclusion of the contract due to the credit check, you are welcome to explain your point of view to us by email. We will then review the automated decision in accordance with Art. 22 Paragraph 3 GDPR in each specific case. In order to be able to carry out the credit check, we are allowed to save and process your personal data in accordance with Article 6 (1) (b) GDPR. you are welcome to explain your point of view to us by email. We will then review the automated decision in accordance with Art. 22 Paragraph 3 GDPR in each specific case. In order to be able to carry out the credit check, we are allowed to save and process your personal data in accordance with Article 6 (1) (b) GDPR. you are welcome to explain your point of view to us by email. We will then review the automated decision in accordance with Art. 22 Paragraph 3 GDPR in each specific case. In order to be able to carry out the credit check, we are allowed to save and process your personal data in accordance with Article 6 (1) (b) GDPR.
Due to the upcoming contract, we will transmit your data to the following provider (s) in the following cases:
• Automatic identity and credit check when choosing the payment method “PayPal”
o Which personal data are collected and to what extent are they processed?If you have selected “PayPal” as the payment method, we will forward your personal customer data collected during the order process to PayPal (Europe) S.à rl et Cie, SCA, 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter “PayPal”), continue. If you give your consent, the following data is affected by the data transfer: first and last name, street, house number, postcode, place, date of birth, telephone number and the data related to your order.
o Legal basis for the processing of personal dataArt. 6 para. 1 lit. b GDPR (implementation of (pre) contractual measures)
o Purpose of data processingPayPal carries out a credit check if the payment method “PayPal” is selected. Mathematical-statistical methods are used to calculate a rating with regard to the probability of default (so-called calculation of a scoring value). PayPal bases its decision on the provision of the respective payment methods on the calculated scoring value. The calculation of a scoring value is based on recognized scientific procedures. Reference is also made to PayPal’s privacy policy: https://www.paypal.com/de/webapps/mpp/ua/privacy-full
o Duration of storageWe will store the relevant data for processing the payment for as long as it is necessary to carry out the transaction. If the data are subject to statutory retention requirements, they will be deleted after the retention requirements have expired. The duration of the storage of the data by PayPal results from the privacy policy of PayPal: https://www.paypal.com/de/webapps/mpp/ua/privacy-full
o Opposition and cancellation optionYou can object to the processing at any time in accordance with Art. 21 GDPR and request the deletion of the data in accordance with Art. 17 GDPR. You can find out which rights you are entitled to and how you can exercise them in the lower section of this data protection declaration.
When you access this website or individual files on the website, we collect, process and save the following data: IP address, website from which the file was accessed, name of the file, date and time of access, amount of data transferred and notification of success the retrieval (so-called web log). We use this access data exclusively in a non-personalized form for the continuous improvement of our website and for statistical purposes. We also use the following web trackers to evaluate visits to this website:
• SitelockA web tracker from SiteLock, LLC, 8701 East Hartford Drive, Suite 200, AZ 85255 Scottsdale, United States of America (hereinafter: Sitelock) is loaded onto our website. If you have activated JavaScript in your browser and have not installed a JavaScript blocker, your browser may transmit personal data to Sitelock. The legal basis for data processing is Article 6 (1) (a) GDPR, namely through explicit consent when opening our site. Further information on the handling of the transferred data can be found in Sitelock’s data protection declaration: https://www.sitelock.com/privacy-policyYou can prevent the collection and processing of your data by Sitelock by deactivating the execution of script code in your browser or installing a script blocker in your browser (you can find this at www.noscript.net or www.ghostery, for example. com ).
Integration of external web services and processing of data outside the EU
We use active content from external providers on our website, so-called web services. When you visit our website, these external providers may receive personal information about your visit to our website. Processing of data outside the EU may be possible. You can prevent this by installing a corresponding browser plug-in or by deactivating the execution of scripts in your browser. This can lead to functional restrictions on the websites that you visit.
We use the following external web services:
• Google Fonts/ A web service from Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland (hereinafter: Google Fonts) is loaded onto our website. We use this data to ensure the full functionality of our website. In this context, your browser may transmit personal data to Google Fonts. The legal basis for data processing is Art. 6 Para. 1 lit. f GDPR. The legitimate interest consists in the correct functioning of the website. The data will be deleted as soon as the purpose for which it was collected has been fulfilled. Further information on the handling of the transferred data can be found in the Google Fonts data protection declaration: https://policies.google.com/privacyYou can prevent the collection and processing of your data by Google Fonts by deactivating the execution of script code in your browser or by installing a script blocker in your browser.
• Google APIS. A web service from Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland (hereinafter: Google APIS) is loaded onto our website. We use this data to ensure the full functionality of our website. In this context, your browser may transmit personal data to Google APIS. The legal basis for data processing is Art. 6 Para. 1 lit. f GDPR. The legitimate interest consists in the correct functioning of the website. The data will be deleted as soon as the purpose for which it was collected has been fulfilled. Further information on the handling of the transferred data can be found in the Google APIS data protection declaration: https://policies.google.com/privacyYou can prevent the collection and processing of your data by Google APIS by deactivating the execution of script code in your browser or by installing a script blocker in your browser.
• Gstatic. A web service from Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland (hereinafter: Gstatic) is loaded onto our website. We use this data to ensure the full functionality of our website. In this context, your browser may transmit personal data to Gstatic. The legal basis for data processing is Art. 6 Para. 1 lit. f GDPR. The legitimate interest consists in the correct functioning of the website. The data will be deleted as soon as the purpose for which it was collected has been fulfilled. Further information on the handling of the transferred data can be found in Gstatic’s data protection declaration: https://policies.google.com/privacyYou can prevent Gstatic from collecting and processing your data by deactivating the execution of script code in your browser or installing a script blocker in your browser.
We integrate and use cookies on various pages to enable certain functions of our website and to integrate external web services. So-called “cookies” are small text files that your browser can save on your access device. These text files contain a characteristic string that uniquely identifies the browser when you return to our website. The process of storing a cookie file is also known as “setting a cookie”. Cookies can be set by the website itself as well as by external web services.
Article 6 (1) (f) GDPR (legitimate interest) or Article 6 (1) (a) or Article 9 (2) (a) GDPR (consent).
The relevant legal basis can be found in the cookie table listed later in this point.
In general, with cookies that are collected on the basis of a legitimate interest, our legitimate interest is to ensure the functionality of our website and the services integrated on it (technically necessary cookies). It may also be that the cookies increase your user-friendliness and enable a more individual approach. Here we have weighed up your interests and ours.
With the help of cookie technology, we can only identify, analyze and track individual website visitors if the website visitor has consented to the use of the cookie in accordance with Article 6 (1) (a) GDPR.
The cookies are set by our website or the external web services in order to maintain the full functionality of our website, to improve user-friendliness or to pursue the purpose specified with your consent. Cookie technology also enables us to recognize individual visitors using pseudonyms, e.g. individual or random IDs, so that we can offer more individual services. Details are given in the table below.
The cookies are stored in your browser until they are deleted or, in the case of a session cookie, until the session has expired.
You can set your browser according to your wishes so that cookies are generally prevented from being set. You can then decide whether to accept cookies on a case-by-case basis or generally accept cookies. Cookies can be used for various purposes, e.g. to recognize that your access device is already connected to our website (permanent cookies) or to save recently viewed offers (session cookies). If you have given us express permission to process your personal data, you can revoke this consent at any time. Please note that this does not affect the legality of the processing carried out on the basis of the consent up to the point of revocation.
Your personal data are protected by technical and organizational measures during collection, storage and processing so that they are not accessible to third parties. In the case of unencrypted communication by e-mail, we cannot guarantee complete data security on the transmission path to our IT systems, so we recommend encrypted communication or post for information with a high level of confidentiality.
You have the right to request confirmation as to whether we are processing your personal data. If this is the case, you have a right to information about the information named in Art. 15 Paragraph 1 GDPR, provided that the rights and freedoms of other persons are not impaired (see Art. 15 Paragraph 4 GDPR). We would be happy to provide you with a copy of the data.
According to Article 16 GDPR, you have the right to have incorrectly stored personal data (such as address, name, etc.) corrected by us at any time. You can also request that the data stored by us be completed at any time. A corresponding adjustment will be made immediately.
According to Art. 17 Para. 1 GDPR, you have the right to have us delete the personal data collected about you if
• the data is either no longer required;
• due to the revocation of your consent, the legal basis for the processing no longer applies;
• You have objected to the processing and there are no legitimate reasons for the processing;
• Your data is being processed unlawfully;
• a legal obligation requires this or a survey according to Art. 8 Para. 1 GDPR has taken place.
According to Art. 17 Paragraph 3 GDPR, the right does not exist if
• the processing is necessary to exercise the right to freedom of expression and information;
• Your data has been collected on the basis of a legal obligation;
• the processing is necessary for reasons of public interest;
• the data is required to assert, exercise or defend legal claims.
According to Art. 18 Para. 1 GDPR, you have the right in individual cases to request that the processing of your personal data be restricted.
This is the case when
• you dispute the accuracy of the personal data;
• the processing is unlawful and you do not consent to deletion;
• the data is no longer required for the processing purpose, but the data collected are used to assert, exercise or defend legal claims;
• an objection to the processing according to Art. 21 Para. 1 GDPR has been lodged and it is still unclear which interests prevail.
If you have given us your express consent to the processing of your personal data (Article 6 (1) (a) GDPR or Article 9 (2) (a) GDPR), you can revoke this at any time. Please note that this does not affect the legality of the processing carried out on the basis of the consent up to the point of revocation.
In accordance with Art. 21 GDPR, you have the right to object at any time to the processing of personal data relating to you that has been collected on the basis of Art. 6 Paragraph 1 lit.f (in the context of a legitimate interest). You only have the right if special circumstances speak against the storage and processing.
How do you exercise your rights?
You can exercise your rights at any time by using the contact details below:
Madina The Science of Skin
Maximilianstrasse 2
80539 Munich
Germany
E-Mail: info@yourskinscientist.com
Tel .: 089205008345
According to Art. 20 GDPR, you have the right to have your personal data transmitted. We provide the data in a structured, common and machine-readable format. The data can either be sent to you or to a person in charge named by you.
On request, we will provide you with the following data in accordance with Art. 20 Paragraph 1 GDPR:
• Data that has been collected on the basis of an express consent in accordance with Article 6 (1) (a) GDPR or Article 9 (2) (a) GDPR;
• Data that we have received from you in accordance with Article 6 (1) (b) GDPR within the framework of existing contracts;
• Data that has been processed as part of an automated procedure.
We will transfer the personal data directly to a person in charge of your choice, insofar as this is technically feasible. Please note that we are not allowed to transfer data that encroach on the freedoms and rights of other persons in accordance with Art. 20 Paragraph 4 GDPR.
Right to lodge a complaint with the supervisory authority in accordance with Art. 77 Paragraph 1 GDPR
If you suspect that your data is being processed unlawfully on our site, you can of course bring about a judicial clarification of the problem at any time. In addition, every other legal option is open to you. Regardless of this, you have the option of contacting a supervisory authority in accordance with Art. 77 (1) GDPR. You have the right to lodge a complaint in accordance with Art. 77 GDPR in the EU member state of your place of residence, your place of work and / or the place of the alleged infringement, i.e. you can choose the supervisory authority to which you apply from the above-mentioned locations. The supervisory authority to which the complaint was submitted will then inform you of the status and results of your submission, including the possibility of a judicial remedy in accordance with.