This data protection declaration collects historical and future personal data. It applies to the processing of data by LK officiel SA and the following website: www.aarons-room.com. This data protection declaration not only records the personal data collected from you in the future in accordance with this data protection declaration, but also your personal data already stored by us.
This data protection declaration is based on the EU General Data Protection Regulation (GDPR). Although GDPR is a regulation of the European Union, it matters to us. Swiss Data Protection Law (DSG) is heavily influenced by EU law, and businesses outside of the European Union or the EEA must comply with DSGVO in certain circumstances.
The EU General Data Protection Regulation and Swiss Data Protection Law protect the fundamental rights and freedoms of individuals and in particular their right to the protection of personal data. By personal data, we mean all information relating to a specific or identifiable person. When we talk about the processing of your personal data in this data protection statement, we mean any processing of your personal data. These include, for example:
The collection, storage space, administration, use, transmission, announcement, deletion of your personal data.
We collect the personal data needed for specific purchases and to provide our customers with better services. These data are used exclusively within LK officiel SA and are not passed on to third parties.
2. How do we protect your personal data?
We have put in place technical and organisational security procedures to maintain the security of your personal data and to protect your session data and your personal data against unauthorised or unlawful processing and/or against loss, modification, disclosure or unintentional access. Our online store is encrypted via SSL (Secure Socket Layer), which means that all data relating to the offer as well as your payment and customer data are transmitted securely. However, you should always be aware that the transmission of information via the Internet and other electronic means involves certain security risks and that we cannot guarantee the security of information transmitted in this way.
3. How long do we keep the data and where do we keep it?
We process and store your personal data for as long as this is necessary for the fulfilment of our contractual and legal obligations or otherwise for the purposes pursued with the processing, that is to say for example for the duration of the commercial relationship (from the initiation and processing to the termination of a contract) as well as in accordance with the legal storage and documentation obligations. It is possible that personal data will be stored for the time during which claims can be made against our company and to the extent that we are legally obliged to do so or as legitimate business interests require it, for example for the purposes of proof and documentation. As soon as your personal data is no longer needed for the aforementioned purposes, it will be deleted or anonymised to the extent possible. For operational data (for example system protocols, logs), generally shorter retention periods of twelve months or less apply. Inactive customer accounts are systematically deleted after one year of inactivity and without a response to the 30-day reactivation period. The personal data we collect is stored exclusively on servers in Switzerland.
4. What rights do you have over your data?
Within the framework of the data protection law applicable to you and as provided for therein (as in the case of the GDPR), you have the right to information, correction, deletion, the right to restrict data processing and otherwise to object to our data processing and to return certain personal data for the purpose of transfer to another location (so-called data portability). Please note, however, that we reserve the right to apply any restrictions legally stipulated on our part, for example if we are obliged to store or process certain data, if we have an overriding interest in it (to the extent that we can refer to it) or if we are required to assert the need to claim. If you incur costs, we will let you know in advance. You always have the right to withdraw your consent. Please note that the exercise of these rights may conflict with contractual agreements and this may have consequences such as premature termination of the contract or financial consequences. In this case, we will inform you in advance if this is not already contractually regulated.
Exercising these rights generally requires that you clearly prove your identity (for example by means of a copy of your identity document, when your identity is unclear or cannot be verified). To assert your rights, you can contact us at the address given in section 16.
Each person concerned also has the right to assert their rights in court or to lodge a complaint with the competent data protection authority. The competent data protection authority in Switzerland is the Federal Commissioner for Data Protection and Information (http://www.edoeb.admin.ch).
5. How can you contact us?
If you wish to assert your rights regarding your personal data or if you have any questions or concerns regarding the processing of personal data, you can contact us at firstname.lastname@example.org. Your message will be passed internally to the data protection office and we will do our best to resolve your issue. Please respond to questions or concerns as soon as they are received.
6. Who is the owner of the data collection?
We are legally required to notify you of the data collection owner with your personal data. The owner of the data collection and responsible for data processing is LK officiel SA, chemin du Pré d´Orsat 10, 1245 Collonge-Bellerive, Switzerland.
7. When do we collect personal data?
We primarily process the personal data that we receive from them and others involved in our business relationship with our customers and other business partners or that we collect from their users while operating our websites, applications and other applications.
Insofar as permitted, we also take certain data from publicly available sources (for example debt collection registers, land registers, trade register, press, Internet) or receive this data from branches of LK officiel SA, authorities and other third parties (such as credit bureaus, address sellers).
In addition to the data that concerns you that you communicate to us directly, the categories of personal data that we receive about you from third parties are in particular information from public registers.
- Information from public registers
- Information we learn in official and legal proceedings
- Information relating to your professional duties and activities (so that, for example, with your help, we can conclude and transact business with your employer)
- Information about you in correspondence and discussions with third parties, credit reports (as far as we are dealing with you personally)
- Information about you that people in your environment (family, consultants, legal representatives, etc.) communicate to us so that we can conclude or process contracts with you or with your involvement (for example references, your address for deliveries, proxies)
- Information on compliance with legal requirements such as anti-money laundering and export restrictions
- Information from banks, insurance companies, sales and other contractual partners regarding the use or provision of services by you (for example, payments made, purchases made)
- Information from the media and the internet about yourself (if indicated in a particular case, for example in the context of an application, press review, marketing/sales, etc.)
- Your addresses and, where applicable, your centres of interest and other socio-demographic data (for marketing purposes)
- Data relating to the use of the website (for example, IP address, MAC address of the smartphone or computer, information about your device and settings, cookies, date and time of visit, pages and content consulted, functions used, referring website, location information)
8. What personal data do we collect?
We need the personal data collected to manage the sales process. On the one hand, we collect the personal data that you give us. On the other hand, we collect personal data which is automatically or manually recorded when you contact us, such as:
8.1 Personal data
- Surname and first name
- Delivery address
- Billing address
- Language preferences (thereafter)
- Telephone numbers
- E-mail address
- Client number
- Information on subscribed newsletters or other advertisements
- Consent to receive advertising
- Online customer account information (including date opened, username)
8.2 Customer activity data
- Contract data (including date of contract, type of contract, content of contract; contractual partner; duration of contract; contract value; claims arising from the contract)
- Purchase information (including date of purchase, type, quantity and value of goods and services purchased; shopping basket; abandoned shopping basket; payment methods used; purchase history)
- Customer service information (including returns of goods, complaints, warranty cases, delivery information)
- Session data relating to visits to our website.
- Communications by phone, fax, e-mail, voice message, text message (SMS), picture message (MMS), video message or instant messaging
9. Why do we process personal data?
We process your personal data for different purposes. These objectives can be summarised in different groups. In particular, we may process your personal data in whole or in part for one or more of the following purposes in which we have a legitimate interest corresponding to the purpose:
9.1 Purposes of processing in relation to our products and services
- Provide and sell our products and services
- Order and contract processing, including sending order and shipping confirmations, delivery confirmations, delivery and invoicing
- Organisation and implementation of customer service
- Organisation and implementation of customer card or loyalty card programmes
- Organisation and realisation of market studies and opinion polls
9.2 Purposes of processing as part of customer communication
- Provision, administration and implementation of customer communication by post and electronic means of communication
- Professional communication by post and telephone, fax, e-mail, voice messages, text messages (SMS), picture messages (MMS), video messages or instant messaging
9.3 Purposes of processing in the context of direct marketing
- Simplification of processes – such as purchasing or reservations – and use of knowledge from analysis of customer behaviour for the continuous improvement of all goods and services
- Avoiding unnecessary advertisements through knowledge of customer behaviour analysis for individualised and personalised direct marketing
- Sending individualised and personalised advertisements by post or telephone, fax, e-mail, voice messages, text messages (SMS), picture messages (MMS), video messages or instant messaging
- Individualised and personalised adaptation of offers and advertisements on our website, applications for mobile devices or on our channels on Internet platforms, multimedia portals or social networks.
To the extent that you have given us your consent to process your personal data for certain purposes (for example when you sign up to receive newsletters), we will process your persons in the context and on the basis of this consent, unless we have another legal basis and that we need it. The consent given can be revoked at any time, but this has no effect on the data processing which has already taken place.
As part of our business relationship, you must provide the personal data necessary for the establishment and implementation of a business relationship and the fulfilment of related contractual obligations (you are not usually legally required to provide us with data). Without these data, we generally will not be able to conclude or deal with a contract with you (or office or person you represent). The website cannot be used if certain information to secure data traffic (such as an IP address) is not disclosed.
10. Who do we share your personal data with?
Within the framework of our commercial activities and for the purposes stated in point 3, insofar as we are permitted and deemed appropriate, also known from third parties, either because they process them for us or because they want to use them for their own purposes. In particular, it concerns the following positions:
- Service providers on our part (at LK officiel SA as well as externally, for example banks, insurance companies) including order processors (for example information technology providers)
- Dealers, suppliers, subcontractors and other business partners
- Authorities, official bodies or national and foreign courts
- The public, including website and social media visitors
- Competitors, industrial organisations, associations, organisations and other bodies
- Acquirers or parties interested in acquiring business sectors, branches or other parts of LK officiel SA
- Other parties in possible or actual legal proceedings
Some of these recipients are in Germany, but they can be anywhere in the world. In particular, you should expect your data to be transmitted to all countries where the service providers we use (such as Facebook) are located.
11.2 Which cookies do we use?
Most of the cookies we use are automatically deleted from your computer or mobile device at the end of the browser session (session cookies). For example, we use session cookies to save your country and language preferences and your shopping basket on different pages of an Internet session.
We also use temporary or permanent cookies. These remain stored on your computer or mobile device after the browser session ends. When you visit one of our websites again, the entries and settings you prefer are automatically recognised. Depending on the type of cookie, these temporary or permanent cookies remain stored on your computer or mobile device for one month to ten years and are automatically deactivated once the programmed time has elapsed. They serve to make our website more user-friendly, more efficient and more secure.
11.3 What data is stored in cookies?
No personal data is stored in the cookies we use. The cookies we use cannot be assigned to a specific person. When a cookie is activated, an identification number is assigned to it.
11.4 How can you prevent the storage of cookies?
Most Internet browsers automatically accept cookies. However, you can instruct your browser not to accept cookies or to ask you before a cookie is accepted on a website you visit. You can also delete cookies on your computer or mobile device using the corresponding function of your browser. If you decide not to accept our cookies or cookies from our partner companies, you will not see certain information on our website and you will not be able to use certain functions to enhance your visit.
12. How do we use the log files?
Each time you access our website, your internet browser transmits certain usage data to us for technical reasons and stores it in files, called log files. Here is the following usage data:
- IP address of the contact device
- date and time
- URL of the page viewed
- browser and other device information
The evaluation of the log files helps us to further improve our Internet offerings and make them more user-friendly, to find and correct errors more quickly and to monitor the capacities of the server. On the basis of the log files, we can, for example, determine when the use of our Internet offers is particularly popular and provide the corresponding amount of data in order to guarantee you the best possible use.
13. How do we use web analytic tools?
You can prevent Google from collecting the data generated by the cookies and relating to your use of the site (including your IP address) and from processing this data by Google by clicking on the following link: http://tools.google.com/dlpage/gaoptout. Download and install the available browser plug-in. You can find more information about Google Analytics and Data Protection at http://tools.google.com/dlpage/gaoptout or http://www.google.com/intl/de/analytics/privacyoverview.html.
14. How do we use social plug-ins?
Our website uses social plug-ins, for example from Facebook, Twitter or Google+, to raise awareness of our company. The underlying advertising purpose is a legitimate interest within the meaning of Art.6 para. 1 lit. f GDPR. Responsibility for the data protection-compliant operation must be guaranteed by the respective provider. Data processing in relation to these plug-ins takes place when you use these plug-ins with your consent. The plug-ins are marked with the logo of the provider and can be, for example, Like buttons or a Twitter or Google+ button.
When you visit our website containing such a plug-in, your browser establishes a direct connection with the provider's computers. The content of the plug-in is transmitted directly to your browser by the offer side, which integrates it into the website. By integrating the plug-ins, the provider receives the information that you have accessed our website. If you are logged in to the provider at the same time, the provider can assign the visit to your profile. If you interact with the plug-ins – for example, press the Like button or leave a comment – the relevant information is sent directly from your browser to the provider and saved there.
If you do not want the provider to collect data about you through our website, you must log out of the provider before visiting our website. Even when you are logged out, the providers collect anonymised data through social plug-ins and set a cookie. If you subsequently log in to the provider, this data can be assigned to your profile.
If a connection is offered via a social connection service – for example Facebook Connect – data is exchanged between the provider and our website. With Facebook Connect, for example, this can be data from your public Facebook profile. By using these connection services, you consent to the transfer of data.
The purpose and scope of data collection and further processing of your data by the provider, as well as your related rights and setting options to protect your privacy, can be found in the provider's data protection information.
- Facebook Ireland Ltd. bzw. Facebook Inc.: http://de-de.facebook.com/policy.php
- Google Inc.: http://www.google.de/intl/de/privacy/plusone/
- Twitter Inc.: http://twitter.com/privacy
If you do not want providers to collect data about you through these cookies, you can select the Block third-party cookies function in your browser settings. Then the browser will not send any cookies to the server for embedded content from other providers. With this setting, other functions of our website may no longer work.
We process your personal data, in part automatically, for the purpose of evaluating certain personal aspects (profiling). In particular, we use profiling to provide you with targeted product information and advice. We use assessment tools that allow us to communicate and advertise based on our needs, including market and opinion research.
In principle, we do not use fully automated decision-making (as regulated in Article 22 of the GDPR) to establish and implement the business or other relationship. If we use such procedures in individual cases, we will notify you separately, provided this is required by law, and inform you of the associated rights.
15. Payment security
The data exchanged between you and us is encrypted by a 256-bit SSL certificate. This corresponds to the standard used by banks for their online transactions. You can recognise it by the URL of the LK officiel SA website, which begins with https://, where ‘s’stands for secure. A closed-padlock icon appears. Postfinance e-payment is the secure electronic payment solution for processing online payments on the Internet. The certified payment platform guarantees simple and secure payment transactions for credit and debit cards, both for the store operator and the cardholder.
16. Contact address for questions
LK officiel SA, chemin du Pré d’Orsat 10, 1245 Collonge-Bellerive
Swiss supervisory authority:
Délégué fédéral à l'information et à la protection des données,
FDPIC Feldeggweg 1
17. Updates and changes to this data protection declaration
We can change or adapt this data protection declaration at any time. The current version published on our website applies. If the data protection declaration is part of an agreement with you, we will notify you of the change in the event of an update by e-mail or in another suitable way.