1. DATA PROTECTION AND DATA SECURITY
Eyenex attaches the utmost importance to the processing of your personal data and the protection of your privacy. Below you will find the most important information on this subject.
- what information we collect and for what reason.
- how we use this information.
- what choices we offer, including how information can be accessed and updated.
1.1 Storage of the data
1.2 Third-party companies and partners
Pixlstudio, our hosting partner, stores all hosting and website data that we use. This means that all data on the site is stored on a pixlstudio server and is subject to the pixlstudio data protection guidelines.
1.3 Data protection in general
The personal data you provide us with will be processed in accordance with Swiss federal legislation on data protection. If the data is processed abroad, an equivalent level of data protection is guaranteed.
1.4 Intended use
Eyenex uses the data and information they collect to analyse website visitors, as well as for market research.
Eyenex may commission third parties to process the data on its behalf. In doing so, these third parties are obliged to comply with these data protection provisions.
Your data will not be used for other purposes or passed on or sold to third parties without your express consent.
1.5 Means of analysing behaviour on websites
1.5.1 Google Analytics
Google is certified under the Privacy Shield agreement and thereby offers a guarantee of compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
Google will use this information on our behalf for the purpose of evaluating your use of our website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. In doing so, pseudonymous user profiles of the users can be created from the processed data.
We only use Google Analytics with IP anonymisation activated. This means that the IP address of the user is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.
The IP address transmitted by the user’s browser will not be merged with other data from Google. Users can prevent the storage of cookies by setting their browser software accordingly; users can also prevent the collection of the data generated by the cookie and related to their use of the online offer to Google as well as the processing of this data by Google by downloading and installing the browser plugin available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
The users› personal data is deleted or anonymised after 14 months.
1.5.2 Akismet Anti-Spam Checking
Our online offer uses the service «Akismet», which is offered by Automattic Inc., 60 29th Street #343, San Francisco, CA 94110, USA. The use is based on our legitimate interests within the meaning of Art. 6 (1) f) DSGVO. With the help of this service, comments from real people are distinguished from spam comments. For this purpose, all comment details are sent to a server in the USA, where they are analysed and stored for four days for comparison purposes. If a comment has been classified as spam, the data is stored beyond this time. This information includes the name entered, the email address, the IP address, the comment content, the referrer, information on the browser used as well as the computer system and the time of the entry.
Users are welcome to use pseudonyms or to refrain from entering their name or email address. You can prevent the transmission of data completely by not using our comment system. That would be a shame, but unfortunately we don’t see any other alternatives that work just as effectively.
1.5.3 Google Fonts
1.5.5 Online presence in social media
We maintain online presences within social networks and platforms in order to be able to communicate with the customers, interested parties and users active there and to inform them about our services there.
We would like to point out that user data may be processed outside the European Union. This may result in risks for the users, because it could, for example, make it more difficult to enforce the rights of the users. With regard to US providers certified under the Privacy Shield, we point out that they thereby undertake to comply with the data protection standards of the EU.
Furthermore, user data is usually processed for market research and advertising purposes. For example, usage profiles can be created from the usage behaviour and resulting interests of the users. The usage profiles can in turn be used, for example, to place advertisements within and outside the platforms that presumably correspond to the interests of the users. For these purposes, cookies are usually stored on the users› computers, in which the usage behaviour and the interests of the users are stored. Furthermore, data may also be stored in the usage profiles irrespective of the devices used by the users (especially if the users are members of the respective platforms and are logged in to them).
The processing of users› personal data is based on our legitimate interests in effectively informing users and communicating with users pursuant to Art. 6 para. 1 lit. f. DSGVO. If the users are asked by the respective providers for consent to data processing (i.e. declare their consent e.g. by ticking a checkbox or confirming a button), the legal basis of the processing is Art. 6 para. 1 lit. a., Art. 7 DSGVO.
For a detailed description of the respective processing and the opt-out options, please refer to the information of the providers linked below.
In the case of requests for information and the assertion of user rights, we would also like to point out that these can be asserted most effectively with the providers. Only the providers have access to the users› data and can take appropriate measures and provide information directly. If you still need help, you can contact us.
The controller has integrated components of the company Facebook on this website. Facebook is a social network.
The operating company of Facebook is Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA. The controller of personal data where a data subject lives outside the USA or Canada is Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
Each time one of the individual pages of this website operated by the data controller is called up and on which a Facebook component (Facebook plug-in) has been integrated, the internet browser on the information technology system of the data subject is automatically caused by the respective Facebook component to download a representation of the corresponding Facebook component from Facebook. A complete overview of all Facebook plug-ins can be found at https://developers.facebook.com/docs/plugins/?locale=de_DE. Within the scope of this technical procedure, Facebook receives information about which specific sub-page of our website is visited by the data subject.
If the data subject is logged in to Facebook at the same time, Facebook recognises which specific sub-page of our website the data subject is visiting each time the data subject calls up our website and for the entire duration of the respective stay on our website. This information is collected by the Facebook component and assigned by Facebook to the respective Facebook account of the data subject. If the data subject activates one of the Facebook buttons integrated on our website, for example the «Like» button, or if the data subject posts a comment, Facebook assigns this information to the personal Facebook user account of the data subject and stores this personal data.
Facebook always receives information via the Facebook component that the data subject has visited our website if the data subject is logged into Facebook at the same time as calling up our website; this takes place regardless of whether the data subject clicks on the Facebook component or not. If the data subject does not want this information to be transmitted to Facebook, he or she can prevent the transmission by logging out of his or her Facebook account before accessing our website.
The data policy published by Facebook, which can be accessed at https://de-de.facebook.com/about/privacy/, provides information on the collection, processing and use of personal data by Facebook. It also explains which setting options Facebook offers to protect the privacy of the data subject. In addition, various applications are available that make it possible to suppress data transmission to Facebook. Such applications can be used by the data subject to suppress data transmission to Facebook.
Our website uses functions from Twitter, Inc., 1355 Market St, Suite 900, San Francisco, CA 94103, USA. When you call up our pages with Twitter plug-ins, a connection is established between your browser and the Twitter servers. In the process, data is already transferred to Twitter. If you have a Twitter account, this data can be linked to it. If you do not wish this data to be associated with your Twitter account, please log out of Twitter before visiting our site. Interactions, in particular the clicking of a «Re-Tweet» button, are also passed on to Twitter. You can find out more at https://twitter.com/privacy.
1.6 Contact form
When contacting us via the contact form, the information provided by the user will be used for processing the contact request and its handling in accordance with Art. 6 Para. 1 lit. b. (in the context of contractual/pre-contractual relations), Art. 6 para. 1 lit. f. (other enquiries) DSGVO. The user’s details may be stored in a customer relationship management system («CRM system») or a comparable enquiry organisation.
1.7 Order processing in the online shop and customer account
We process the data of our customers in the context of the ordering processes in our online shop in order to enable them to select and order the selected products and services, as well as their payment and delivery, or execution.
The data processed includes inventory data, communication data, contract data, payment data and the persons affected by the processing include our customers, interested parties and other business partners. The processing is carried out for the purpose of providing contractual services within the scope of operating an online shop, billing, delivery and customer services. We use session cookies to store the contents of the shopping cart and permanent cookies to store the login status.
The processing is carried out on the basis of Art. 6 Para. 1 lit. b (execution of order transactions) and c (legally required archiving) DSGVO. In this context, the information marked as required is necessary for the justification and fulfillment of the contract. We disclose the data to third parties only within the scope of delivery, payment or within the scope of legal permissions and obligations towards legal advisors and authorities. The data is only processed in third countries if this is necessary for the fulfillment of the contract (e.g. at the customer’s request for delivery or payment).
Users can optionally create a user account, in which they can view their orders in particular. During the registration process, users are provided with the required mandatory information. The user accounts are not public and cannot be indexed by search engines. If users have cancelled their user account, their data with regard to the user account will be deleted, subject to their retention being necessary for reasons of commercial or tax law in accordance with Art. 6 Para. 1 lit. c DSGVO. Information in the customer account shall remain until its deletion with subsequent archiving in the event of a legal obligation. It is the responsibility of the users to save their data in the event of termination before the end of the contract.
Within the scope of registration and renewed logins as well as the use of our online services, we store the IP address and the time of the respective user action. The storage is based on our legitimate interests as well as those of the users in protection against misuse and other unauthorized use. In principle, this data is not passed on to third parties unless it is necessary to pursue our claims or there is a legal obligation to do so in accordance with Art. 6 Para. 1 lit. c DSGVO.
The deletion takes place after the expiry of legal warranty and comparable obligations, the necessity of keeping the data is reviewed every three years; in the case of legal archiving obligations, the deletion takes place after their expiry (end of commercial law (6 years) and tax law (10 years) retention obligation). We delete requests if they are no longer necessary. We review the necessity every two years; furthermore, the legal archiving obligations apply.
1.8 Data security
Please note that the Internet is a worldwide network accessible to all. Sending or transmitting personal data with your computer is at your own risk.
Despite the technical measures taken by Eyenex, it is always possible for data to be lost, intercepted or manipulated by unauthorised third parties. By the way, your computer is outside the security zone controlled by Eyenex. As the user, it is up to you to take the appropriate security measures.
1.9 Right of access and rectification
You can contact us at any time to clarify questions regarding data processing and data storage.
1.9.1 Contact details
EYENEX Martina Strul, Email: firstname.lastname@example.org
2. DISCLAIMER YOGA
The following applies with regard to the yoga classes offered by Eyenex or the information published on the Kavalya Dhyan blog: If you have an injury or illness and are in doubt as to whether yoga is suitable for you, please consult your doctor/health practitioner. The instructions and advice given in my classes are not a substitute for professional medical or psychological treatment of ailments. The information and advice in this course has been carefully considered and reviewed, however its application is at your own discretion and responsibility.
By accepting the data declaration you confirm that you have taken note of the information and that you participate in the course at your own risk. There is no liability of any kind towards the course leader or the yoga location where the course takes place. If you are under 18 years old, you need the signature of a parent or guardian.
3.VERSION AND AMENDMENTS
These legal terms are valid as of March 2023. Eyenex reserves the right to change them at any time without notice and with immediate effect. Eyenex – March 2023