Thank you for your visit to our website. Compliance with data protection regulations is a particularly important issue for our company. The purpose of this data protection policy is to inform you as a user about the nature, scope and purposes of processing personal data and your rights if you are considered a person. Article 4, point 1) of the General Data Protection Regulations (GDPR). The data protection policy presented here already takes into account new developments related to the General Data Protection Regulation (GDPR), which entered into force on May 25, 2018. This policy also meets the requirements until then provisions of article 13 of the German Federal Telecommunications Media Law (TMG).
Our website has been designed to collect as little data as possible about you. It is in principle possible to visit our website without entering any personal data. Processing personal data is only necessary if you decide to use certain services (for example, if you use the contact form). This ensures that we process your personal data in accordance with a legal basis or consent you have given at all times. We comply with the provisions of the General Data Protection Regulation (GDPR), applicable from 25/05/2018, as well as national regulations such as the German Federal Data Protection Act (GFDPA), the German Federal Telecommunications Media Act (TMG) and other specific data protection legal provisions.
In accordance with the GDPR, the terms used in this data protection policy are defined as : « personal data » : any information relating to an identified or identifiable individual (hereinafter referred to as “concerned person”); is deemed to be an “identifiable natural person” a natural person who can be identified, directly or indirectly, including by reference to an identifier, such as a name, identification number, location data, online identifier, or one or more specific elements specific to their physical, physiological, genetic, psychic, economic, cultural or social identity ; « processing » : any operation or set of operations performed or not using automated processes and applied to personal data or data sets, such as collection, recording, organization, structuring, conservation, adaptation or modification, extraction, consultation, use, communication by transmission, dissemination or any other form of provision, interconnection, interconnection or other form of provision, interconnection or interconnection, erasure or destruction ; « Processing limitation » : marking retained personal data to limit future processing ; « pseudonymization » : the processing of personal data in such a way that it can no longer be attributed to a specific person concerned without recourse to additional information, provided that this additional information is kept separately and subjected to technical and organizational measures to ensure that personal data is not attributed to an identified or identifiable individual ; « responsible for processing » : the natural or legal person, public authority, service or other body that, alone or in conjunction with others, determines the purposes and means of treatment; where the purposes and means of such treatment are determined by EU law or the law of a Member State, the person responsible for the treatment may be appointed or the specific criteria applicable to its designation may be provided for by EU law or by the law of a Member State ; « subcontractor » : the individual or corporation, the public authority, the service or another body that processes personal data on behalf of the person responsible for the processing ; « recipient » : the natural or legal person, the public authority, the service or any other organization that receives personal data, whether or not it is a third party. However, public authorities that are likely to receive disclosure of personal data in the context of a particular fact-finding mission in accordance with EU law or the law of a Member State are not considered to be recipients; The processing of this data by the public authorities in question complies with applicable data protection rules according to the purposes of the processing; « third party » : a natural or legal person, a public authority, a service or an organization other than the person concerned, the person in charge of the treatment, the subcontractor and persons who, under the direct authority of the person in charge of the treatment or subcontractor, are authorized to process personal data ; « consent » of the person concerned: any expression of will, free, specific, informed and unequivocal by which the person concerned accepts, by a clear statement or by a clear positive act, that personal data concerning him or her be treated ;
When you visit our website, we sometimes collect certain personal data about you. To do so, we seek your consent. The request for consent takes place at the first opportunity in the dialogue and service space of our site, especially when contacting by contact form, a request to receive a newsletter, a booking request or a request for a reservation use of our services (e.g. pregnancy schedule or subscription service). Declaration of consent Using the forms we provide, you consent to us collecting the personal data you provide and treating it as outlined in this data protection policy. You can withdraw your consent at any time without retroactive effect by sending us an appropriate return. However, please note that the use of our service is no longer possible without your consent. To withdraw your consent, please use the above contact methods (in this case, please include your name, email address and postal address).
Purpose and legal basis for the processing of personal data
We process the requested personal data in order to legitimize, execute or process our service offering, with the legal basis of Article 6, paragraph 1, point b) of the GDPR. If we use external service providers as part of a data processing delegation, the legal basis for data processing is Article 28 of the GDPR. Our collection, processing and use of personal data are exclusively limited to the following purposes :
Personal data collected and processed
We only collect and process your personal data when it is freely provided by you, e.g. when you fill out forms or send emails. The data concerned is first and foremost the data the following data in the forms provided : General information : • Title • Civility* • First name* • Name* • Phone number • E-mail* • Address 1* • Address 2 • Zip code* • City* • Country • Request* • Message* CORELL satisfaction notice : • Title • Civility* • First name • Name • Age • E-mail* • Date of birth • Country • Zip code* • Reviews/Impressions CORELL user account : • Title • Civility* • First name* • Name* • Phone number • E-mail* • Address 1* • Address 2 • Zip code* • City* • Country Guest account : • Title • Civility* • First name* • Name* • E-mail* • Country The personal data you provide and its contents are backed up in Switzerland to our account by the Swiss-based hosting company Infomaniak. We store and process your data only for the purposes set out in item 5. Any use outside the scope of the stated purposes requires your explicit consent, as well as the transfer and disclosure of your data to third parties.
The computer login data that made the query (IP address), the pages you visit on our site, the date and duration of your visit, the browser identification data and the type of operating system used, the web page from which comes from your visit and the indication of a successful access are temporarily recorded by the web server in history files. The technical management of web pages and the anonymous collection of statistics allow an assessment of access to the CORELL service as well as an evaluation aimed at improving data protection and security within our company, in order to guarantee a optimal level of protection for the personal data we process. Server history data is kept for analysis separately from all personal data entered by you, for a period of 12 months, before being deleted.
On this web page, you have the option to leave a review of the products. The notice appears with your full first name and the first letter of your name. Therefore, you must use your first name, name and email address to create a user account and/or identify yourself. The pseudonym consisting of your full first name and the first letter of your name is indicated as the author of the notice, and the associated identification details are only known to the administrator.
CORELL product testers
If you have been selected as a CORELL product tester, we will keep your mailing address, email, first and last name. We use your postal address only to send you the product to be tested and, if necessary, the winning prize.
- If one of the provisions of these TCs were to prove or become totally or partially ineffective, the validity of the other provisions would not be affected. Ineffective provisions will be replaced by a corresponding provision as much as possible for the original intent of the parties.
- The contract between CORELL, the customer, and these TCs is exclusively subject to Swiss material law, excluding the rules of conflict of laws. The applicability of the United Nations Convention on Sales Contracts (UNCSC) is expressly excluded.
- Any dispute arising from or in connection with the contract between CORELL, the client, and these TCs (including their valid acceptance) will be submitted exclusively to the court at CORELL’s head office.
Competition on Facebook
Personal data is kept for the duration of the competition in order to distribute any prizes. The data is deleted once the contest is over. In some specific cases, when the number of lots distributed is large, the data is forwarded to an external service provider mandated to ship the prizes to the winners. The participant can withdraw his consent to the retention of the data at any time by contacting firstname.lastname@example.org and thus withdrawing his participation. The participant also agrees, for the contests concerned, that the photo or notice that he communicates with his full first name and the first letter of his name can be published in connection with the contest and the obtaining of any prize, after our agreement, on the web page CORELL or on the Facebook or Instagram accounts of CORELL. The participant is himself responsible for the legality of the uploaded photos, especially from the point of view of the right to the image. CORELL reserves the right not to approve photos or texts with clearly illegal content (these photos are not publicly displayed and are excluded from the contest).
Integration of third-party content and services
We cannot guarantee the security of computer equipment for visitors, such as PCs, tablets, smartphones, Wi-Fi connections, etc., used to access CORELL websites. We remind you that it is the responsibility of users to ensure the safety of its own computer equipment. We take technical and organizational measures to protect our website from the loss, destruction, modification or dissemination of your data by unauthorized persons, as well as access to those same persons. Data. In particular, we transfer your personal data in encrypted form. Our security measures are constantly being improved as technology advances are implemented.
If you are considered to be a concerned person as defined in Article 4, point 1 of the GDPR, you have the following rights under the GDPR to process your personal data. The legal document corresponding to the rights presented below is available at http://data.consilium.europa.eu/doc/document/ST-5419-2016-INIT/fr/pdf Right to confirmation and access In accordance with the provisions of Article 15 of the GDPR, you have the right to request confirmation that your personal data is or is not being processed, and you have the right that the processing officer will give you access to the personal data stored about you, at any time and free of charge, and to receive a copy of it. Right to rectification In accordance with the provisions of Article 16 of the GDPR, you have the right to request that inaccurate personal data about you be corrected as soon as possible. Given the purposes of the treatment, you also have the right to have incomplete personal data completed, including by providing a supplementary statement. Right to erasure In accordance with the provisions of Article 17 of the GDPR, you have the right to ask CORELL to delete, as soon as possible, personal data about you, provided that one of the reasons for section 17 of the GDPR applies and that processing is not necessary. Right to limit treatment In accordance with the provisions of Article 18 of the GDPR, you have the right to request a limitation of treatment when one of the conditions under section 18 of the GDPR applies. Right to data portability In accordance with the provisions of Article 20 of the GDPR, you have the right to receive the personal data that concerns you and which you have provided to us, in a structured, commonly used and machine-readable format, and you have the right to pass that data on to another processing officer without us obstructing it, provided that the additional conditions of Article 20 of the GDPR apply. Right to withdraw consent You have the right to withdraw the consent you have given us regarding the processing of your personal data at any time and without retroactive effect. Please communicate the withdrawal of your consent using the contact information listed above. Right of opposition In accordance with the provisions of Article 21 of the GDPR, you have the right to object at any time to the processing of personal data about you. If the conditions for effective opposition are met, we are no longer allowed to process the data. Right to file a claim with a supervisory authority Irrespective of any other appeal within the framework of an administrative or judicial procedure, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, your place of work or in which the alleged breach occurred, if you believe that the processing of personal data concerning you constitutes a breach of the provisions of the GDPR.
Transmission of your personal data
How long personal data is stored
With regard to shelf life, we remove personal data as soon as it is no longer necessary to achieve the original purpose and regulatory shelf life has ceased to apply. The final shelf life of personal data is ultimately determined by the regulatory shelf life. After this period expires, the relevant data is regularly deleted. If retention times are to be respected, processing is restricted by data blocking.
Note on the entry of personal data by the person concerned
References and links
When you access web pages from our website, you may be asked to re-enter information such as your name, address, email address, browser references, etc. This data protection policy does not govern the collection, communication or management of personal data by third parties. Third-party suppliers may have different provisions of their own for the collection, processing and use of personal data. That’s why when you visit third-party web pages, we advise you to learn about their personal data management practices before entering this type of data.
Changes to data protection policy
We are constantly evolving our website so that we can provide you with better quality services. We regularly update this data protection policy and adapt it if and when necessary. Of course, we will notify you in due course of any changes to this data protection policy, including by sending an email to the address you have provided. If it is necessary to obtain additional consent for our management of your data, we will of course obtain your consent before such a change applies. At any time, you can access the latest version of our data protection provisions online at https://corellnatural.ch/politique-de-protection-des-donnees/
CORELL.ch online store
In order to place an order on our service, each customer must identify himself by providing the following personal information :
- Name, first name
- Billing address
- Delivery address (if different)
- E-mail address
- Mobile phone number
- Password (optional and only if you create an account)
Your customer account contains a summary of past and outstanding orders. This order history is only available if you decide to create a CORELL account, and is not accessible through our website if you place an order as a simple visitor. The above data and any other data you can provide as part of the order are processed (preserved, collected) for the purpose of completing the contract. The data needed to deliver the goods or process the order are transmitted to third-party service providers in the following categories, including : A) Transportation Provider (Swiss Post or another), for delivery address and mobile phone number B) Payment Solution (Mutual Credit) for anonymous order ID, total amount and date of purchase If your data is no longer required or legally required to retain your data, it will be deleted. The legal basis for the processing of the personal data mentioned here and for the purposes mentioned here is Article 6, paragraph 1, point b) of the GDPR.
- Keep information about your favorite activities on the site, and adapt our site to your personal interests,
- Speed up the processing of your queries.