Data Protection
The responsible body within the meaning of data protection laws, in particular the EU General Data Protection Regulation (GDPR), is:
- lovelyapple.ch
- Jelena Zoric
- Theaterstrasse 20
- 4051 Basel
- Telephone: 0768030856
- Email: info@lovelyapple.ch
- Website: https://lovelyapple.ch/
General Remark
Based on Article 13 of the Swiss Federal Constitution and the federal data protection regulations (Data Protection Act, DSG), every person has the right to protection of their privacy and protection against misuse of their personal data. The operators of these sites take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration.
In collaboration with our hosting providers, we strive to protect the databases as best as possible against unauthorized access, loss, misuse, or forgery.
We would like to point out that data transmission over the Internet (e.g. when communicating via email) can have security gaps. Complete protection of data from access by third parties is not possible.
By using this website, you agree to the collection, processing, and use of data as described below. This website can generally be visited without registration. Data such as pages accessed or the name of the file accessed, date and time are stored on the server for statistical purposes without this data being directly related to you personally. Personal data, in particular name, address, or email address, is collected on a voluntary basis wherever possible. Your data will not be passed on to third parties without your consent.
Processing of Personal Data
Personal data is all information that relates to a specific or identifiable person. A data subject is a person about whom personal data is processed. Processing includes any handling of personal data, regardless of the means and procedures used, in particular the storage, disclosure, procurement, deletion, storage, modification, destruction, and use of personal data.
We process personal data in accordance with Swiss data protection law. Furthermore, to the extent and to the extent that the EU GDPR is applicable, we process personal data in accordance with the following legal bases in connection with Art. 6 Para. 1 GDPR:
- Consent (Art. 6 Para. 1 S. 1 lit. a. GDPR) – The data subject has given his or her consent to the processing of personal data concerning him or her for a specific purpose or several specific purposes.
- Fulfillment of a contract and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b. GDPR) – Processing is necessary for the performance of a contract to which the data subject is a party or to carry out pre-contractual measures at the request of the data subject take place.
- Legal obligation (Art. 6 Para. 1 S. 1 lit. c. GDPR) – Processing is necessary to fulfill a legal obligation to which the controller is subject.
- Protection of vital interests (Art. 6 para. 1 sentence 1 lit. GDPR) – Processing is necessary to protect the vital interests of the data subject or another natural person.
- Legitimate interests (Art. 6 Para. 1 S. 1 lit. f. GDPR) – Processing is necessary to safeguard the legitimate interests of the controller or a third party, unless the interests or fundamental rights and freedoms of the data subject are infringing on the protection of personal data Data requirements predominate.
- Application process as a pre-contractual or contractual relationship (Art. 9 Para. 2 lit. b GDPR) – Insofar as special categories of personal data within the meaning of Art. 9 Para. 1 GDPR (e.g. health data, such as severely disabled status or ethnic origin) are included in the application process. are requested from applicants so that the person responsible or the data subject can exercise his or her rights under labor law and social security and social protection law and fulfill his or her obligations in this regard, the processing takes place in accordance with Article 9 para 2 lit. b. GDPR, in the case of protecting the vital interests of applicants or other persons in accordance with Art. 9 Para. 2 lit. c. GDPR or for the purposes of health care or occupational medicine, for assessing the employee’s ability to work, for medical diagnostics, care, or treatment in the health or social sector or for the administration of systems and services in the health or social sector in accordance with Article 9 Paragraph 2 lit. h. GDPR. In the case of a communication of special categories of data based on voluntary consent, this will be verified.
We process personal data for the period necessary for the respective purpose or purposes. If retention obligations last longer due to legal and other obligations to which we are subject, we will restrict processing accordingly.
Relevant Legal Bases
In accordance with Article 13 GDPR, we will inform you of the legal basis for our data processing. If the legal basis is not stated in the data protection declaration, the following applies: The legal basis for obtaining consent is Article 6 Paragraph 1 Letter a and Article 7 GDPR, the legal basis for processing to fulfill our services and implement contractual measures as well Answering inquiries is Art. 6 Para. 1 lit. b GDPR, the legal basis for processing to fulfill our legal obligations is Art. 6 Para. 1 lit. c GDPR, and the legal basis for processing to protect our legitimate interests is Art 6 Paragraph 1 Letter f GDPR. In the event that the vital interests of the data subject or another natural person require the processing of personal data, Article 6 (1) (d) GDPR serves as the legal basis.
Safety Measures
We take appropriate technical and organizational measures in accordance with the legal requirements, taking into account the state of the art, the implementation costs, and the type, scope, circumstances, and purposes of the processing as well as the different probabilities of occurrence and the extent of the threat to the rights and freedoms of natural persons to ensure a level of protection appropriate to the risk.
The measures include, in particular, ensuring the confidentiality, integrity, and availability of data by controlling physical and electronic access to the data as well as the access, input, transfer, securing availability, and their separation. We have also set up procedures to ensure that the rights of those affected are exercised, data are deleted, and responses are made to data threats. We also take the protection of personal data into account when developing or selecting hardware, software, and procedures in accordance with the principle of data protection, through technology design and through data protection-friendly default settings.
Transfer of Personal Data
As part of our processing of personal data, the data may be transmitted to or disclosed to other bodies, companies, legally independent organizational units, or persons. The recipients of this data may include, for example, service providers commissioned with IT tasks or providers of services and content that are integrated into a website. In such cases, we observe the legal requirements and, in particular, conclude appropriate contracts or agreements with the recipients of your data that serve to protect your data.
Data Processing in Third Countries
If we process data in a third country (i.e. outside the European Union (EU), the European Economic Area (EEA)) or the processing occurs in the context of using third-party services or disclosing or transmitting data to other people, bodies, or companies takes place, this only takes place in accordance with the legal requirements.
Subject to express consent or contractually or legally required transfer, we only process the data in third countries with a recognized level of data protection, contractual obligations through so-called standard protection clauses of the EU Commission, if certifications or binding internal data protection regulations exist (Articles 44 to 49 GDPR, information page of the EU Commission: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection_de.
Privacy Policy for Cookies
This site uses cookies. Cookies are text files that contain data from visited websites or domains and are stored by a browser on the user’s computer. A cookie is primarily used to store information about a user during or after their visit to an online offering. The information stored can include, for example, the language settings on a website, the login status, a shopping cart, or the location where a video was watched. The term “cookies” also includes other technologies that fulfill the same functions as cookies (e.g. when user information is stored using pseudonymous online identifiers, also referred to as “user IDs”).
The following cookie types and functions are distinguished:
- Temporary cookies (also: session or session cookies): Temporary cookies are deleted at the latest after a user has left an online offer and closed their browser.
- Permanent cookies: Permanent cookies remain stored even after the browser is closed. For example, the login status can be saved, or preferred content can be displayed directly when the user visits a website again. The interests of users, which are used to measure reach or for marketing purposes, can also be stored in such a cookie.
- First-party cookies: First-party cookies are set by us.
- Third-party cookies (also: third-party cookies): Third-party cookies are mainly used by advertisers (so-called third parties) to process user information.
- Necessary (also: essential or absolutely necessary) cookies: Cookies can be absolutely necessary for the operation of a website (e.g. to save logins or other user input or for security reasons).
- Statistics, marketing, and personalization cookies: Cookies are also usually used as part of reach measurement and when the interests of a user or their behavior (e.g. viewing certain content, using functions, etc.) on individual websites are reflected in a user profile get saved. Such profiles are used, for example, to show users content that corresponds to their potential interests. This process is also known as “tracking,” i.e. tracking the potential interests of users. If we use cookies or “tracking” technologies, we will inform you separately in our data protection declaration or when obtaining consent.
Notes on Legal Bases: The legal basis on which we process your personal data using cookies depends on whether we ask you for consent. If this is the case and you agree to the use of cookies, the legal basis for processing your data is the declared consent. Otherwise, the data processed using cookies will be processed on the basis of our legitimate interests (e.g. in the commercial operation of our online offering and its improvement) or if the use of cookies is necessary to fulfill our contractual obligations.
Storage Period: Unless we provide you with explicit information about the storage period of permanent cookies (e.g. as part of a so-called cookie opt-in), please assume that the storage period can be up to two years.
General Information on Revocation and Objection (Opt-Out): Depending on whether the processing is based on consent or legal permission, you have the option at any time to revoke your consent or to object to the processing of your data using cookie technologies (collectively referred to as “opt-out”). You can first declare your objection using your browser settings, for example by deactivating the use of cookies (which may also limit the functionality of our online offering). An objection to the use of cookies for online marketing purposes can also be declared using a variety of services, especially in the case of tracking, via the websites https://optout.aboutads.info and https://www.youronlinechoices.com become. You can also receive further objection information as part of the information about the service providers and cookies used.
Processing of Cookie Data on the Basis of Consent: We use a cookie consent management process, in which users consent to the use of cookies or the processing mentioned within the cookie consent management process and providers can be obtained and managed and revoked by users. The declaration of consent is saved so that it does not have to be asked again and to be able to prove consent in accordance with the legal obligation. The storage can take place on the server side and/or in a cookie (so-called opt-in cookie, or using comparable technologies) in order to be able to assign the consent to a user or their device. Subject to individual information about the providers of cookie management services, the following information applies: The duration of the storage of consent can be up to two years. Here, a pseudonymous user identifier is created and stored with the time of consent, information about the scope of the consent (e.g. which categories of cookies and/or service providers) as well as the browser, system, and device used.
Types of Data Processed: Usage data (e.g. websites visited, Interest in content, access times), meta/communication data (e.g. device information, IP addresses).
Data Subjects: Users (e.g. website visitors, users of online services).
Legal Basis: Consent (Art. 6 Para. 1 S. 1 lit. a. GDPR), legitimate interests (Art. 6 Para. 1 S. 1 lit. f. GDPR).
Privacy Policy for SSL/TLS Encryption
This website uses SSL/TLS encryption for security reasons and to protect the transmission of confidential content, such as the requests that you send to us as the site operator. You can recognize an encrypted connection by the browser’s address line changing from “http://” to “https://” and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
Data Protection Declaration for Server Log Files
The provider of this website automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
- Browser type and browser version
- Operating system used
- Referrer URL
- Host name of the accessing computer
- Time of server request
This data cannot be assigned to specific persons. This data will not be merged with other data sources. We reserve the right to subsequently check this data if we become aware of concrete indications of illegal use.
Data Protection Declaration for Contact Form
If you send us inquiries using the contact form, your details from the inquiry form, including the contact details you provided there, will be stored by us to process the inquiry and in case of follow-up questions. We will not pass on this data without your consent.
Data Protection Declaration for Objection to Advertising Emails
The use of contact details published as part of the imprint obligation to send unsolicited advertising and information materials is hereby objected to. The operators of the pages expressly reserve the right to take legal action in the event of unsolicited advertising information being sent, such as spam emails.
Paid Services
In order to provide paid services, we request additional data, such as payment details, in order to process your order or to be able to carry out your order. We store this data in our systems until the statutory retention periods have expired.
External Payment Service Providers
This website uses external payment service providers through whose platforms users and we can carry out payment transactions. For example, about:
- PostFinance (https://www.postfinance.ch/de/detail/legal-barrier-freedom.html)
- Visa (https://www.visa.de/USE%20Conditions/visa-privacy-center.html)
- Mastercard (https://www.mastercard.ch/de-ch/datenschutz.html)
- American Express (https://www.americanexpress.com/de/legal/online-datenschutzerklarung.html)
- Paypal (https://www.paypal.com/de/webapps/mpp/ua/privacy-full)
- Bexio AG (https://www.bexio.com/de-CH/datenschutz)
- Payrexx AG (https://www.payrexx.ch/site/assets/files/2592/datenschutzerklaerung.pdf)
- Apple Pay (https://support.apple.com/de-ch/ht203027)
- Stripe (https://stripe.com/ch/privacy)
- Klarna (https://www.klarna.com/de/datenschutz/)
- Skrill (https://www.skrill.com/de/fusszeile/datenpolitik/)
- Giropay (https://www.giropay.de/rechts/datenschutzerklaerung) etc.
As part of the fulfillment of contracts, we use payment service providers on the basis of the Swiss Data Protection Regulation and, if necessary, Article 6 Paragraph 1 Letter b. EU GDPR. Furthermore, we use external payment service providers based on our legitimate interests in accordance with the Swiss Data Protection Regulation and, where necessary, in accordance with Article 6 Paragraph 1 Letter f of the EU GDPR in order to offer our users effective and secure payment options.
The data processed by the payment service providers includes inventory data, such as name and address, bank details, such as account numbers or credit card numbers, passwords, TANs, and checksums, as well as contract details, amounts, and recipient-related information. The information is required to carry out the transactions. However, the data entered will only be processed and stored by the payment service providers. As operators, we do not receive any information about (bank) accounts or credit cards, but only information about confirmation (acceptance) or rejection of the payment. Under certain circumstances, the data may be transmitted by the payment service provider to credit reporting agencies. The purpose of this transmission is to check identity and creditworthiness. For this purpose, we refer to the general terms and conditions and data protection information of the payment service providers.
The terms and conditions and data protection information apply to payment transactions of the respective payment service providers, which can be accessed within the respective website or transaction applications. We also refer to these for further information and to assert cancellation, information, and other rights of those affected.
YouTube Privacy Policy
Functions of the “YouTube” service are integrated into this website. “YouTube” is owned by Google Ireland Limited, a company registered and operated under Irish law with its registered office at Gordon House, Barrow Street, Dublin 4, Ireland, which operates the services in the European Economic Area and Switzerland.
Your legal agreement with “YouTube” consists of the terms and conditions that can be found at the following link: https://www.youtube.com/static?gl=de&template=terms&hl=de. These Terms constitute a legally binding agreement between you and YouTube regarding the use of the Services. Google’s privacy policy explains how YouTube handles your personal data and protects your data when you use the service.
Order Processing in the Online Shop with Customer Account
We process our customers’ data in accordance with the federal data protection regulations (Data Protection Act, DSG) and the EU GDPR, as part of the ordering processes in our online shop, to enable them to select and order the selected products and services, as well as their payment and delivery, or to enable execution.
The data processed includes master data (inventory data), communication data, contract data, payment data, and the persons affected by the processing include our customers, interested parties, and other business partners. The processing takes place for the purpose of providing contractual services as part of the operation of an online shop, billing, delivery, and customer services. We use session cookies, e.g., to store the contents of the shopping cart, and permanent cookies, e.g., to store the login status.
Processing is carried out on the basis of Article 6 Paragraph 1 Letter b (Execution of ordering processes) and c (Lawfully required archiving) GDPR. The information marked as necessary is required to establish and fulfill the contract. We only disclose the data to third parties as part of delivery, payment, or within the scope of legal permissions and obligations. The data will only be processed in third countries if this is necessary to fulfill the contract (e.g., at the customer’s request for delivery or payment).
Users can optionally create a user account, in particular by being able to view their orders. As part of registration, the required mandatory information is provided to users. The user accounts are not public and cannot be indexed by search engines, e.g., Google. If users have terminated their user account, their data will be deleted with regard to the user account unless their retention is necessary for commercial or tax law reasons in accordance with Article 6 (1) (c) GDPR. Information in the customer account remains until it is deleted and then archived in the event of a legal obligation. It is the users’ responsibility to back up their data before the end of the contract if the contract is terminated.
As part of the registration and re-registration process as well as the use of our online services, we store the IP address and the time of the respective user action. The storage is based on our legitimate interests, as well as the user’s protection against misuse and other unauthorized use. In principle, this data will not be passed on to third parties unless it is necessary to pursue our claims or there is a legal obligation to do so in accordance with Article 6 (1) (c) GDPR.
Deletion
Deletion takes place after statutory warranty and comparable obligations have expired; the necessity of storing the data is checked at irregular intervals. In the case of legal archiving obligations, deletion takes place after they have expired.
Copyrights
The copyright and all other rights to content, images, photos, or other files on the website belong exclusively to the operator of this website or the specifically named rights holders. For the reproduction of all files, the written consent of the copyright holder must be obtained in advance.
Anyone who commits a copyright infringement without the consent of the respective rights holder may be liable to prosecution and possibly be liable for damages.
General Disclaimer
All information on this website has been carefully checked. We strive to keep our information up to date, accurate, and complete. Nevertheless, the occurrence of errors cannot be completely ruled out, which means we cannot guarantee completeness. The integrity, accuracy, and topicality of information can also be taken care of in a journalistic and editorial manner. Liability claims for material or immaterial damage caused by the use of the information provided are excluded unless there is evidence of intentional or grossly negligent fault.
The publisher may change or delete texts at its own discretion and without notice and is not obliged to update the content of this website. Use of or access to this website is at the visitor’s own risk. The publisher, its clients, or partners are not responsible for damages, such as direct, indirect, accidental, predetermined, or consequential damages, which are allegedly caused by visiting this website and therefore assume no liability for them.
The publisher also assumes no responsibility or liability for the content and availability of third-party websites that can be reached via external links on this website. The operators are solely responsible for the content of the linked pages. The publisher thereby expressly distances itself from all third-party content that may be relevant to criminal or liability law or that violate common decency.
Changes
We may amend this privacy policy at any time without prior notice. The current version published on our website applies. To the extent that the Privacy Policy is part of an agreement with you, in the event of an update, we will inform you of the change by email or other appropriate means.
Questions for the Data Protection Officer
If you have any questions about data protection, please write us an email or contact the person responsible for data protection in our organization listed at the beginning of the data protection declaration directly.