Privacy Policy

Date of last update: 22 July 2021

Welcome to https://www.susannekaufmann.com (the "Site"), a website operated in Austria by Susanne Kaufmann Kosmetik GmbH, a company incorporated in Austria with company registration number FN514360M, VAT number ATU74851804 and whose registered office is located at Brugg 35, 6870 Bezau, Österreich ("SK", "we", "us" or "our"). For the purposes of applicable laws, the “data controller” is Susanne Kaufmann Kosmetik GmbH.

SK values its customers and respects their privacy. Any information we collect about you is held with the utmost care and security. Your visit to our Site and your use of any of the services or features we provide is subject to our terms and conditions of which this Privacy Policy forms part. This Privacy Policy (together with our Website Terms of Use https://susannekaufmann.com/pages/terms-conditions, Cookie Policy https://susannekaufmann.com/pages/cookie-policy and any other documents referred to in it) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. The use of your personal data when (i) visiting and using our Site or our social media channels (being Facebook, Instagram, Pinterest and Vimeo), as well as (ii) visiting our stores or events is described in this Privacy Policy).

We operate the following social media channels:

This Privacy Policy does not cover information that you submit on other websites, even if we communicate with you on those websites. For example, if you post something on Facebook, Twitter, Instagram or YouTube, that information is governed by the privacy policies on those websites and is not governed by this Privacy Policy.

1. Information we collect from you

1.1 Information you give to us. You may give us information about you by filling in forms on our Site, on our social media channels, at events or by corresponding with us by live chat, telephone, e-mail, post; by giving us your personal details in-store at a Susanne Kaufmann store, concession or pop-up or otherwise. This includes information you provide when you register to use our Site (which you must do if you would like to use some of the services and features we offer), subscribe to our services, or place an order on our Site. This information may include: your name, age, date of birth and gender your contact details (e.g. address, telephone number, e-mail address); debit or credit card information (if you wish to place an order on our Site); your communication and shopping preferences and interests; feedback and survey responses; correspondence with us. We may also processes other personal information (such as enquiries, feedback, reviews, suggestions, ideas, photographs, messages or other information) that you may post, share, reproduce or otherwise make available to us (“User Content”). Upon prior information in the specific case and with your consent we may record or monitor calls that you receive from us or make to us. We do this for security and training purposes, and to improve the services we provide to you. When you register with us you can view your personal information in 'My Account'. You can access 'My Account' directly to amend any personal details, for example if you change your address. If you forget your password, simply click on the 'forgotten password' link on the register or login page and an e-mail will be sent to the e-mail address that you originally provided containing a link enabling you to change your password.

1.2 Information we collect about you. With regard to each of your visits to our Site, we may automatically collect the following information:

  • information about your device: technical information including the Internet Protocol (IP) address used to connect your computer to the internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform; location and
  • your browsing and shopping activities: information about your visit including the full Uniform Resource Locators (URL) clickstream to, through and from our Site (including date and time), products you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, and any telephone number used to call our customer service number.

1.3 Information we receive from other sources. We may receive information about you if you use any of the other websites we (or any member or brand within our Group (as defined below)) operate or other services we provide. In this case we will have informed you when we collected that data that it may be shared internally and combined with data collected on this Site. We are also working closely with third parties (including, for example sub-contractors in technical, payment and delivery services, advertising networks, marketing services, analytics providers, search information providers, and credit reference agencies) and may receive information about you from them.

2. Cookies

Our Site uses cookies to distinguish you from other users of our Site. A cookie is a small piece of information which a website stores via your web browser and which can later be retrieved. The main objective is to identify users and personalise your visit by customising web pages for you. This helps us to provide you with a good experience when you browse our Site and also allows us to improve our Site. For detailed information on the cookies we use and the purposes for which we use them, please see our Cookie Policy https://susannekaufmann.com/pages/cookie-policy.

3. Use made of the information

We use information held about you in the following ways:

3.1 Information you give to us. We will use this information in relation to:

(a) Performance of our contract with you: The information you give to us is necessary to enable us to (i) fulfil your order (including acknowledging your order and communicating with you if there is any issue regarding the fulfilment of your order); (ii) to make sure your order is delivered correctly; (iii) to maintain your account; (iv) accounting, billing, reporting and audit; (v) credit checking or screening based on our legitimate interests to review contract parties prior to concluding a contract(vi) authentication and identity checks (vii) credit, debit or other payment card verification and screening; (viii) debt collection; (ix) safety, security, health, legal and administrative purposes.

(b) Providing customer service: We ask for your contact details such as your e-mail address and telephone number and order details to enable us (i) to answer any questions you have about using our Site or products; (ii) to notify you about the status of your order, and (iii) other customer care services such as identifying your requirements and shopping preferences; in each case as necessary in order to take steps at your request in regards to your order. To provide those customer care services we may use your data for our legitimate interest in statistical and market analysis; studies, research and development by us, or a third party we appoint as a data processor but in doing so your personal data will be pseudonymised for the use of it by these parties. They will not receive your name, address, email address or telephone number;

(c) User Content: We may use this on our Site, social media channels and marketing communications to promote our products, provided in each case that we have your permission (e.g. when we ask you to leave a review);

(d) Direct Marketing (e.g. newsletters): In order to improve your shopping experience with us and to promote our products, we want to keep you up-to-date on our latest products, promotional offers and events. If you are an existing customer (ie you have purchased products from SK) and you have not Opted-Out (see next point), we may contact you by electronic means (email) about goods and services similar to those which were the subject of a previous sale or negotiations for a sale. We may contact you as an existing customer by direct postal mail as it is in our legitimate interests to do so as a retailer seeking to market similar products or products we think you may be interested in. If you are a new customer (ie you have not purchased products from SK), we, will contact you by electronic means only if you have expressly consented to this or we are otherwise permitted to do so in accordance with applicable laws.

(e) Opt-out of Direct Marketing: You can at any time tell us not to send you marketing communications (i) by e-mail by clicking on the unsubscribe link within the marketing e-mails you receive from us; or (ii) by postal mail by following the instructions that may be included in a particular promotion. If you have registered with us, you may also opt out of receiving postal mail from us by logging into your account and amending your preferences.

(f) We may use the information you provide and the information we collect about you (e.g. shopping history, product interests) based on our legitimate interests to build a picture of your interests so that we may tailor our communications to you to ensure they are relevant and of interest to you and so that when you visit our Site we can tailor your experience so that it is easier to shop with us.

(g) Our services: To notify you about changes to our services e.g. where we are in a contractual relationship with you.

(h) Our Site: To ensure that content from our Site is presented in the most effective manner for you and for your device, and so that we can enhance your experience of using our Site. We process your personal data based on our legitimate interests in providing an appealing and up-to-date website while implementing adequate security measures (e.g. to prevent hacking attacks).

3.2 Information we collect about you. We will use this information based on our legitimate interests in relation to:

(a) Administration of our Site: To administer our Site and for internal operations including troubleshooting, data analysis, testing, research, statistical and survey purposes. We may collect information from visitors to our Site and analyse it to build up a picture of how people use our Site. This helps us to improve the service we offer you.

(b) Site improvement: To improve our Site to ensure that content is presented in the most effective manner for you and your computer.

(c) Our legitimate interest as a retailer: Where it is necessary for us to understand our customers, promote our services and operate effectively as a luxury manufacturer and retailer of branded natural skincare, bath and body, and related cosmetic and home products and accessories provided in each case that this is done in a legitimate way which does not unduly affect your privacy and other rights. For example (i) to allow you to participate in interactive features of our service when you choose to do so; (ii) allow us to measure or understand the effectiveness of advertising we serve to you and others; (iii) allow us to make suggestions and recommendations to you and other users of our Site about goods or services that may be of interest to you; (vi) to operate an automated abandon cart email programme that will contact you via email if you decide to exit your shopping basket without making a purchase (this email is sent shortly after you have abandoned your cart and contains information only related to the product(s) left in the cart); and (vi) to conduct certain market analysis to understand our customers in sufficient detail so we can create new services and improve the profile of our brand.

(d) Security of our Site: As part of our efforts to keep our Site safe and secure.

3.3 Information we receive from other sources. We may combine the information we collect from you and the information you provide to us with information we receive from other sources, in each case while providing you with proper information on the processing. We may use this combined information for the purposes set out above (depending on the types of information we receive).

4. Disclosure of your information

4.1 We may share your personal information with members or brands within our Group where (i) we have a legitimate interest to do so , or (ii) you have consented to such disclosure , or (iii) such Group company is processing your data on our behalf as a data processor. In each case we will provide you with proper information on any data transmission(s). Please visit https://www.manzanitacapital.com for more information about which members and brands constitute our Group. They may use the information in accordance with their privacy policies for purposes such as: management, analysis, planning and decision making; financial reporting and analysis; strategic planning; the development of customer segmentation and metrics to provide a consistent view of our customer base; the creation of inspiring content and editorial features, and the development and sale of new products and collaborations to enhance your experience as a customer of SK or other brands in the Group.

4.2 From time to time we retain the services of other carefully selected and monitored companies and individuals to perform functions on our behalf in connection with the successful operation and continuous improvement of this Site. These companies and individuals are appointed as data processors or as joint controllers. We may share your information with such third parties including:

(a) Partners, Suppliers and sub-contractors (such as advertising and marketing agencies, social media agencies and platforms, software providers, and service providers such as couriers, customer services and payment services providers) for purposes set out in this Privacy Policy (e.g. in order to process your order and maintain your account, including the authorisation and validation of credit or debit card transactions, the provision of delivery services; to facilitate your experience of our Site, enable offers and services to be provided to you; to operate recognition or reward programmes; respond to your queries and/or to provide you with certain services such as aftercare services; the analysis of data). These companies or individuals may be provided with access to your personal details in order to fulfil their function but may not use such information for any other purpose.

(b) Advertisers and advertising networks we appoint to assist us and who require the data to select and serve relevant adverts to you on our behalf including our third-party advertising partners and their service providers in order to deliver to you banner advertisements and other advertising tailored to your interests when you visit certain websites. Our advertising partner will make the data we provide it pseudonymous. To learn more about this information or to make choices about receiving personalised advertising provided by third parties, please visit the European Digital Interactive Advertising Alliance by clicking here: http://www.youronlinechoices.eu. We may also work with third parties (such as Facebook and Instagram) to serve ads to you as part of a customized campaign on their platforms. If you prefer not to see customized ads from us, you can opt out by changing your account settings or preferences on such platforms.

(c) Analytics and search engine providers that assist us in the improvement and optimisation of our Site.

4.3 We do not provide your personal details to other companies or individuals for their marketing purposes unless you have indicated when you registered that you wish to receive information about other companies' products, offers and services.

4.4 We may disclose your personal information to other third parties:

(a) In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets based on our legitimate interests.

(b) If SK (or its ultimate holding company and its subsidiaries, as defined in section 244 of The Austrian Commercial Code) or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets based on our legitimate interests.

(c) If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to pursue or legitimate interests to enforce or apply our Terms of Use or terms and conditions of supply and other agreements; or to protect our rights, property, or safety (or the rights, property, safety of our customers, or others). This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

4.5 Data recipients

For the purposes mentioned above we may, inter alia, transmit your data to the following recipients:

  • Shopify International Limited, 2nd Floor Victoria Buildings, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland
    Types of data: Contact details, order details, payment details, pages visited, products purchased
    Processing purpose: Order process and shipping, processing all data collected from the website (website hosting)
  • BMD Systemhaus GesmbH, Sierninger Straße 190, A - 4400 Steyr, Austria
    Types of data: Contact details, order details, products purchased
    Processing purpose: Order process and shipping
  • PayPal (Europe), 22-24 Boulevard Royal, 2449 Luxembourg, Luxembourg
    Types of data: Contact details, order details, payment details, products purchased
    Processing purpose: Payment processing
  • Google Ireland Limited, register number: 368047, Gordon House, Barrow Street, Dublin 4, Ireland
    Types of data: Tracker, usage data, IP address, device brand/name/model, operating system version, browser version, ISP, pages visited, products purchased
    Processing purpose: Google Tag Manager and Google Analytics to improve performance
  • Google Ireland Limited, register number: 368047, Gordon House, Barrow Street, Dublin 4, Ireland
    Types of data: Tracker, usage data
    Google Maps widget for store locator
  • Google Ireland Limited, register number: 368047, Gordon House, Barrow Street, Dublin 4, Ireland
    Types of data: Tracker, usage data, Contact details, order details, products purchased
    Processing purpose: Google Ads Manager for advertising and remarketing
  • Klaviyo, 49 Southwark Bridge Rd, London, SE1 9HH, UK
    Types of data: Contact details, order details, products purchased, pages visited, shopping history
    Processing purpose: Email marketing, CRM and abandoned basket emails

    Transmission to a third country based on the EU-UK Trade and Cooperation Agreement
  • Hotjar, Dragonara Business Centre, 5th Floor, Dragonara Road, Paceville St Julian's STJ 3141, Malta
    Types of data: Tracker, usage data, device resolution, pages visited, operating system, browser, source
    Processing purpose: Heat maps, recordings and analytics to improve performance
  • Facebook Ireland Ltd. 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland
    Types of data: Tracker, usage data, contact details, order details, products purchased
    Processing purpose: Advertising, remarketing, lookalike audience and custom audience
  • Pandectes, Gounari 65, 26223, Patra, Greece
    Types of data: Cookie consent details
    Processing purpose: Record and amend consent to cookies
  • Cloudflare Ltd, County Hall/The Riverside Building, Belvedere Road, London, SE1 7PB
    Types of data: Tracker; various types of Data as specified in the privacy policy of the service
    Processing purpose: Traffic optimization and distribution

    Transmission to a third country based on the EU-UK Trade and Cooperation Agreement.

5. Where we store and process your personal data

5.1 The personal information that we collect from you may be transferred to and stored at a destination outside of the country in which it was originally collected including countries, which have less strict, or no data protection laws, when compared to those of Europe. This may include transfers outside of the European Economic Area ("EEA"). The reason for this transfer is that some of the operations we need managed in order to complete our contract with you or to enhance your experience with us are located outside of the EEA, for instance it may be processed by staff working outside of the EEA who work for us or for one of our suppliers or service providers. Such staff may be engaged in, amongst other things, the fulfilment of your order, the processing of your payment details and the provision of support services including marketing and analytics. We may also transfer your data outside of the EEA when we transfer your data to any service provider or brand within our Group specified in Section 4.1, 4.2 and 4.4. of this Privacy Policy which may be required to exercise our legitimate interests as a retailer or to conclude our contract with you. You should be aware that personal information stored outside the country where it was collected may be available to government authorities of the countries where it is stored, under applicable data disclosure laws of those countries. Whenever we transfer your personal information we will take steps which are necessary to ensure adequate safeguards are in place to protect your personal information and to make sure it is treated securely and in accordance with this Privacy Policy and applicable laws. In these cases, we rely on approved data transfer mechanisms (for example the EU Standard Contractual Clauses) to ensure your information is subject to adequate safeguards in the recipient country.

6. How we safeguard your data

We have put in place safeguards to check that our internal procedures meet our high policy standards. We use the latest strong encryption technology to ensure that all transactional information (e.g. credit or debit card details, personal contact information together with any other names and addresses you provide when you place an order for delivery to another address, and your purchasing history) is protected to the highest standard. We also use reasonable efforts to ensure that our service providers agree to protect your personal information. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our Site and/or social media channels; any transmission is at your own risk. Our Site is not intended for children under the age of 14 and we do not knowingly collect personal information online from visitors of this age group.

7. Third party websites

Our Site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

8. Data Retention and Destruction

We store data for as long as it is necessary for the purpose for which it was collected and so long as we are legally required to do so. Information associated with your account will be kept until your account is deleted, unless we no longer need the data to provide products and services, or until any legal requirement to keep it no longer exists. Data linked to orders will be retained for at least 7 years based on the legal retention obligations due to commercial and tax law (§ 132 BAO, §§ 190, 212 UGB). When we no longer need personal data, we securely delete and destroy it.

9. Rights of Data Subjects

You have certain rights in relation to your personal data. These include: the right to object to the processing of your data for certain purposes, the right to access your personal data, the right to correct any inaccurate data, and the ability to erase, restrict or receive a machine-readable copy of your personal data. We will handle any request to exercise your rights in accordance with applicable law and any relevant legal exemptions. If you wish to exercise any of these rights, please contact us using the contact details in Section 11 below. You may also have the right to complain to a data protection authority if you think we have processed your personal data in a manner which is unlawful or breaches your rights. If you have such concerns, we request that you initially contact us (using the contact details in Section 11 below) so that we can investigate, and hopefully resolve, your concerns.

We do not process your personal data for the purpose of making decisions that are based solely on automated processing, including profiling, which produce legal effects on you or may similarly significantly affect you.

10. Changes to our Privacy Policy

Any changes we may make to our Privacy Policy in the future will be posted on this page. Please check back frequently to see any updates or changes to our Privacy Policy. The date this Privacy Policy was last updated appears at the top.

11. Contact

Questions, comments or requests regarding this Privacy Policy are welcomed and should be addressed by email to office@susannekaufmann.com or by post to:
Customer Service,
Susanne Kaufmann,
Brugg 35,
6870 Bezau,
Österreich

12. Non-waiver

No failure to exercise and no delay on the part of SK in exercising any right, remedy, power or privilege of SK under this Privacy Policy and no course of dealing between us shall be construed or operate as a waiver, nor shall any single or partial exercise of any right, remedy, power or privilege preclude any other or further exercise thereof or the exercise of any other right, remedy, power or privilege on the part of SK.

13. Law, jurisdiction and language

This Site, any content contained herein, and any contracts entered into as a result of usage of this Site are governed by Austrian law. The parties to any such contract agree to submit to the exclusive jurisdiction of the courts of Austria. All contracts are concluded in English.

14. UK Data Protection Representative

Representative of controllers or processors not established in the United Kingdom (Article 27 UK GDPR):
FAO: CFO
Susanne Kaufmann Limited
57 Southwark Street
London
SE1 1RU

Latest Stories

Breaking Barriers: Founder Susanne Kaufmann and CEO Kerry Evans Share Their Journey
in conversation with
3 minute read

Breaking Barriers: Founder Susanne Kaufmann and CEO Kerry Evans Share Their Journey

To mark this year’s International Women’s Day, founder Susanne Kaufmann and CEO Kerry Evans sat down to discuss what it means to lead...

The Powerful Benefits of Using Face Oils in Your Everyday Skincare Routine
beauty advice
3 minute read

The Powerful Benefits of Using Face Oils in Your Everyday Skincare Routine

Reparative, nourishing, softening – there is so much to love about face oils. With their unique properties and undeniable benefits for all skin...

Susanne's Go-to Autumn Soup Recipe
wellbeing & lifestyle
1 minute read

Susanne's Go-to Autumn Soup Recipe

This season, find warmth and comfort in a bowl of nourishing, pumpkin soup. When days get colder, there’s nothing like a hearty, nutritious...

@SusanneKaufmann_