Privacy Policy

Valid as of May 23, 2018

This Privacy Policy applies to the online service provided at www.labest.online.
If you would like to read the whole document in context or would like to print it, please click
here.

1. Controller

“Controller” for this website is LABESTonline GmbH, Altensteinstr. 36D, 14195 Berlin, Germany
Phone: +49 173 36 11 22 1 Email: info(at)labest.online, hereafter: “labest”, “we” or “us”. Exceptions will be explained in this Privacy Policy.

2. Collection, processing and use of personal data

General
Personal data means any information relating to an identified or identifiable natural person (such as name, address, phone number, date of birth, or email address).
It is possible, in principle, to use our website without providing any personal data. However, if you wish to use specific services provided on our website, it may be necessary to collect and process personal data; this includes registration or entering a competition. Required fields are marked with an *.

Registration
If you request services that involve a contract, we will ask you to register. Your registration provides us with the data we need to enter into and perform the contract with you (e.g. full name, date of birth, email address, preferred payment method and account holder details, if any) and any other data you may voluntarily provide. Required fields are marked with an *.

Purposes of processing
We use your personal data for the following purposes:
• Provision of this online service (legal basis: performance of contract)
• Marketing by us or a third party as well as market research and measurement of audience reach and engagement, to the extent permitted by law and based on consent (legal basis: the GDPR expressly states that processing of personal data for direct marketing purposes within existing customer relationships may be regarded as carried out for a legitimate interest, so long as it complies

with the requirements of data processing and competition laws)
• Processing of contact requests via chat tool or contact form (legal basis: performance of contract)

Data transfer to third parties; service providers
Data transfer to third parties
We will not disclose or otherwise make available your personal data to third parties unless this is necessary for the performance of our contract with you, we or a third party have a legitimate interest in the transfer, or you have previously given consent. If data is transferred to third parties based on legitimate interests, this will be explained herein.
In addition, data may be transferred to third parties as far as we are obligated to do so under statutory provisions or an enforceable decision made by an authority or a court.

Service providers
We may use third-party service providers to collect or process data on our behalf. When we use third-party service providers, we disclose only the personal information that is absolutely necessary in order to deliver the service. For example, if you subscribe to our newsletter service, we may pass on your email address to a service provider who specializes in email newsletter services. We may also use service providers to provide server capacity as needed. Generally, service providers process personal data only as processors in accordance with our instructions.

Duration of storage; retention periods
Your personal data will be stored strictly to the extent necessary for the provision of our online service and related facilities or as long as we have a legitimate interest in its continued storage. Otherwise, we will delete your personal data, except for information that we are required to retain to comply with contractual or statutory (e.g. tax or commercial law) retention periods (such as invoices). Contractual retention periods may also be stipulated by contracts with third parties (e.g. owners of copyrights and related rights).
Data that is subject to a retention period will be blocked for other uses and will be deleted once the retention period has expired.

3. Log files

Every time you browse a webpage, data about this process is automatically saved in log files stored on our servers. We save such log files for the purposes of determining disruptions and for security reasons (such as to investigate attack attempts) for a period of 7 to 10 days and delete them thereafter. Log files which need to remain stored for evidence purposes are excluded from deletion until the respective incident has been finally resolved, and may be forwarded to investigating authorities on a case-by-case basis.
In particular, log files contain the following information:
• IP address (internet protocol address) of the device from which the online service is accessed;
• Internet address of the website from which the access was gained (source or referrer URL);
• name of the service provider used to access the online service;
• name of the retrieved files or information;
• date and time of access;
• amount of data transferred;
• operating system and information about the Internet browser used, including installed add-ons (e.g. for the Flash Player);
• http status code (e.g. “request successful” or “requested file not found”)

4. Cookies

What are cookies?
A cookie is a small text file generated by a website and saved by your web browser. Cookies are used to recognize users when they revisit that website and can only send back the information stored in them. Some cookies are automatically deleted as soon as you close your browser (‘session cookies’); others are stored on your computer until they expire or you remove them (‘temporary’ or ‘permanent’ cookies).

What data is stored in the cookies?
The cookies we use do not collect information that identifies you as a person (personal data), but is linked to a unique online identifier.

How can you reject or delete cookies?
You can set your browsers at any time to reject cookies and to delete cookies when closing your browser (see Technical Notes). Doing this, however, may limit the functionality of this website.

You may also have the option to object to the creation of user profiles by setting “opt-out cookies”. Please note though that if you delete all cookies, the opt-out cookie will also be deleted and you will need to opt out again.

What cookies do we use?
Essential cookies
These are cookies that are required for the website to operate properly. This category includes
• cookies that identify or authenticate our users;
• cookies that temporarily store certain user entries (e.g. contents of a shopping cart or an online form);
• cookies that store certain user preferences (e.g. search or language settings);
• cookies that store data to ensure trouble-free playback of video or audio content

 Analytics cookies
We use analytics cookies to help us track user activity (e.g. clicked advertising banners, visited sub-pages, made search queries) so we can better understand how our site is being accessed and used.

5. Web analysis

We need aggregate data about the use of our online platform to develop a better user experience, to track information, such as how many individual users we have and how often they visit, and to do market research. We use the following web analytics tools for this. The browsing profiles created by these tools using analytics cookies or by evaluating the log files are not brought together with personal data. The suppliers of the web analytics tools only process data on our behalf, in accordance with our instructions, and not for their own purposes. The tools either do not use users’ IP addresses at all or anonymize these upon collection. For each web analytics tool you will find below its supplier and how you can stop the tool from collecting and processing your data. Please note that for tools that use opt-out cookies, the opt-out settings will only apply to the device and browser on which you change them and will not apply across all your devices. If you want to opt out of cookies on all your devices, you will need to change the settings on all your devices individually. You can also completely prevent browsing profiles from being created by deactivating the use of any cookies.

Google Analytics

Google Analytics is a service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). We use Google Analytics with Google’s “anonymize IP” feature. This means that Google truncates the IP address, normally within the EU, and in some exceptional cases, when the data reaches the US. In any case, it only ever stores IP addresses in truncated form. You can opt out of Google Analytics tracking by installing the browser plugin which is available here: http://tools.google.com/dlpage/gaoptout?hl=de.

You can set an opt-out cookie to prevent collection by Google Analytics across devices. Opt-out cookies prevent the future collection of your data when you visit this website. You need to opt out on all systems and devices in use for this to work comprehensively. If you click here, the opt-out cookie will be set: Google Analytics deaktivieren.

6. User rights

Rights of the data subject
You have a right to information and, meeting certain conditions, to rectification, erasure, restriction of processing, objection to processing of your personal data, and to data portability. You also have the right to object at any time to processing of your personal data for direct marketing purposes (“objection to marketing”). Please take into account that, for logistical reasons, there might be an overlap between your objection and the usage of your data within the scope of a campaign which is already running.
You have the right to withdraw your consent to the processing of your personal data at any time, effective as of the date of withdrawal, without affecting the lawfulness of our processing based on consent before its withdrawal.
To enforce your rights, please use the details provided in the Contact section. When doing so, please ensure that it is possible to clearly and unambiguously identify you.
Please note that your data may initially be blocked and deleted only upon expiration of any retention period.

 Right to lodge a complaint with a supervisory authority
You have the right to lodge a complaint with a data protection authority. You can appeal to the competent data protection authority for your place of residence or your state, or to the data protection authority which is competent for us. This is:
Berliner Beauftragte für Datenschutz und Informationsfreiheit
Friedrichstr. 219
10969 Berlin, Germany

7. Contact

For information and suggestions on data privacy, please email us at: info(a)labest.online

You can also contact us at:
LABESTonline GmbH, Altensteinstr. 36D, 14195 Berlin
Phone: +49 173 36 11 22 1 Email: info(at)labest.online

8. Annex: Technical information

Internet Explorer: Instructions at https://windows.microsoft.com/de-de/internet-explorer/delete-manage-cookies#ie=ie-11-win-7
Mozilla Firefox: Instructions at https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen
Google Chrome: Instructions at https://support.google.com/chrome/answer/95647
Safari: Instructions at https://help.apple.com/safari/mac/8.0/#/sfri11471