Privacy Policy
Effective: July 9, 2020
This Privacy Policy is incorporated into, and is subject to, the General Terms and Conditions – Online Shop and the General Terms and Conditions – Classes
The website www.josefinayoga.com is provided by:
Josefina Eliggi
Genossenschaftsstrasse 7
8050 Zurich
Switzerland
Phone: +41 78 944 57 06
E-mail: hola at josefinayoga dot com
Your Rights
You can exercise your rights at any time using the contact details at the bottom of this privacy policy:
Obtaining information about your data stored with us and their processing, correction of incorrect personal data, deletion of your data stored with us, restriction of data processing in case we are not yet allowed to delete your data due to legal obligations, objection to the processing of your data with us and data transferability if you have consented to the data processing or have concluded a contract with us.
If you have given us your consent, you can revoke it at any time with effect for the future.
You can use this tool on our website to query the data assigned to your e-mail address and make it anonymous.
You can always contact your local supervisory authority with a complaint. Your supervisory authority is determined by the state or region in which you live, work or suspected injury.
Purposes of Data Processing by Us and Third Parties
We process your personal data only for the purposes stated in this privacy policy. Your personal data will not be passed on to third parties for purposes other than those mentioned. We will only pass on your personal data to third parties if:
You have explicitly given us your consent, the processing is necessary to handle a contract with you, the processing is necessary to fulfill a legal obligation, the processing is necessary to safeguard legitimate interests and there is no reason to assume that you have an overriding interest worthy of protection in the non-disclosure of your data.
Deletion or Blocking of Data
We adhere to the principles of data avoidance and data economy. We therefore only store your personal data for as long as is necessary to achieve the purposes stated here or as provided for in the various storage periods provided for by law. After the respective purpose or expiry of these periods, the corresponding data will be blocked or deleted as a matter of routine and in accordance with the statutory provisions.
Collection of General Information when you visit our website
When you access our website, information of a general nature is automatically collected with a cookie. This information (server log files) includes the type of web browser, the operating system used, the domain name of your internet service provider and similar information. This is exclusively information which does not allow any conclusions to be drawn about you as a person.
This information is technically necessary in order to correctly deliver the contents of websites requested by you and is mandatory when using the Internet. They are processed in particular for the following purposes:
Ensuring a trouble-free connection of the website, ensuring a smooth use of our website, evaluation of system security and stability as well as for other administrative purposes.
The processing of your personal data is based on our legitimate interest from the aforementioned purposes for data collection. We do not use your data to draw conclusions about your person. The recipients of the data are only the responsible body and, if applicable, the contract processor.
Anonymous information of this kind may be statistically evaluated by us in order to optimize our Internet presence and the technology behind it.
Cookies
Like many other websites, we also use so-called “cookies”. Cookies are small text files that are transferred from a website server to your hard drive. This automatically provides us with certain data such as IP address, browser used, operating system and your connection to the Internet.
Cookies cannot be used to start applications or to transmit viruses to a computer. Based on the information contained in cookies, we can make navigation easier for you and enable the correct display of our web pages.
Under no circumstances will the data collected by us be passed on to third parties or a link to personal data established without your consent.
Of course, you can also view our website without cookies. Internet browsers are usually pre-set to accept cookies. In general, you can disable cookies entirely at any time via your browser settings (please use the help functions of your internet browser to learn how you can adjust these settings) or via your privacy settings. Please note that some features of our website may not work if you have previously disabled the use of cookies.
Facebook, Custom Audiences and Facebook marketing services
Within our online offer, the so-called “Facebook Pixel” of the social network Facebook, which is operated by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, or if you are a resident of the EU, Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”), is used due to our legitimate interests in the analysis, optimisation and economic operation of our online offer and for these purposes.
Facebook is certified under the Privacy Shield agreement and thus offers a guarantee of compliance with European data protection law.
With the help of the Facebook pixel, it is possible for Facebook to determine the visitors to our online offer as a target group for the display of advertisements (so-called “Facebook ads”). Accordingly, we use the Facebook pixel to display the Facebook ads placed by us only to those Facebook users who have also shown an interest in our online offer or who have certain characteristics (e.g. interests in certain topics or products determined on the basis of the websites visited) that we transmit to Facebook (so-called “Custom Audiences”). With the help of the Facebook pixel, we also want to ensure that our Facebook ads correspond to the potential interest of the users and do not have a harassing effect. With the help of the Facebook pixel, we can also track the effectiveness of the Facebook ads for statistical and market research purposes by seeing whether users were redirected to our website after clicking on a Facebook ad (so-called “conversion”).
The Facebook pixel is integrated directly by Facebook when our website is called up and can save a so-called cookie (see section “Cookies”), i.e. a small file, on your device. If you subsequently log in to Facebook or visit Facebook while logged in, your visit to our online offering will be noted in your profile. The data collected about you is anonymous for us, so it does not allow us to draw any conclusions about the identity of the user. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible and can be used by Facebook and for its own market research and advertising purposes. If we should transmit data to Facebook for matching purposes, this data is encrypted locally in the browser and only then sent to Facebook via a secure https connection. This is done solely for the purpose of matching the data with the data encrypted in the same way by Facebook.
Furthermore, when using the Facebook Pixel, we use the additional function “extended matching” (data such as telephone numbers, e-mail addresses or Facebook IDs of the users) to create target groups (“Custom Audiences” or “Look Alike Audiences”) which are transmitted to Facebook (encrypted). Further information on “advanced matching”: https://en-gb.facebook.com/business/help/611774685654668.
Also based on our legitimate interests, we use the “Custom Audiences from File” procedure of the social network Facebook, Inc. In this case, the email addresses of the newsletter recipients are uploaded to Facebook. The upload process is encrypted. The upload is used solely to determine recipients of our Facebook ads. In this way, we want to ensure that the ads are only displayed to users who are interested in our information and services.
The processing of the data by Facebook takes place within the framework of Facebook’s data usage policy. Accordingly, general guidance on the display of Facebook ads, in Facebook’s Data Use Policy: https://www.facebook.com/policy.php. For specific information and details about the Facebook Pixel and how it works, please visit Facebook’s help section: https://en-gb.facebook.com/business/help/651294705016616.
You can opt out of the Facebook Pixel’s collection and use of your data to serve Facebook ads. To control what types of ads are displayed to you within Facebook, you can visit the page set up by Facebook and follow the instructions for usage-based advertising settings: https://www.facebook.com/settings?tab=ads. The settings are platform independent, i.e. they are applied to all devices, such as desktop computers or mobile devices.
If you have already agreed to the use of the Facebook pixel in the cookie settings and now wish to revoke this, you can click on the following button and deactivate the cookies in the “Advertising” category:
You can also opt-out of the use of cookies for reach measurement and advertising purposes via the Network Advertising Initiative opt-out page (http://optout.networkadvertising.org/) and additionally the US website (http://www.aboutads.info/choices) or the European website (http://www.youronlinechoices.com/uk/your-ad-choices/) object.
Registration on Our Website
When registering to use our personalised services, some personal data is collected, such as name, address, contact and communication data such as telephone number and e-mail address as well as automatically your IP address. If you are registered with us, you can access content and services that we only offer to registered users. Registered users also have the option of changing or deleting the data provided during registration at any time if required. Of course, we will also provide you with information about the personal data we have stored about you at any time. We will be happy to correct or delete them at your request, provided that there are no legal storage obligations to the contrary. To contact us in this context, please use the contact details given at the end of this data protection declaration.
Provision of Paid Services
For the provision of paid services, we ask for additional data, such as payment details, in order to be able to process and execute your order or booking. We store this data in our systems until the legal retention periods (10 years) have expired.
Your data provided when ordering or booking will be stored on the website server, transmitted to us and you in encrypted form by e-mail and stored as a printout for tax purposes. The accounting office appointed by us, Leisa Fügli Treuhand Aarau, Kasinostrasse 25, 5000 Aarau, Switzerland, receives full access to the printed data for the purpose of recording all transactions. Furthermore, the data may be viewed by the responsible authorities and courts for tax and legal purposes.
We use Paypal as one of our payment processors. During the ordering process, the customer provides login information and credit card information. This information is processed directly within the framework of this gateway payment at Paypal and is never stored on our pages. The Paypal privacy policy applies.
Online Shop – Data Collection for Managing and Processing Product Orders
The data entered/collected when placing an order consists of: first name, surname, address, e-mail address, telephone number, automatically the IP address, the type of browser and device used, details of order, shipping and payment. It is also recorded whether the order was placed on the German or the English version of our website. During checkout customers can also register voluntary for a user account and store their personal data in order to speed up future orders.
In order to facilitate order processing, refunds or cancellations, we only delete the following data automatically after the specified period of time:
Inactive user account: 1 year
Pending order: 60 days
Failed order: 7 days
Canceled orders: 7 days
Completed orders: 10 years (legal obligation to keep records in Switzerland)
Booking System – Data Collection for the Administration of Classes Bookings
The booking process is handled by a third party (Momoyoga). The Privacy Policy of Momoyoga applies.
Content-Management-System
The website www.josefinayoga.com is based on the WordPress software provided by wordpress.org. The CMS is configured to fully comply with the requirements of the GDPR.
Third-Party Plugins
All used plugins are 100% GDPR-compliant in the present configurations according to their providers and our research.
Social Plugins
On our website we offer you the use of social media buttons. To protect your data, we rely on the “Shariff” solution. This means that these buttons are only included on the website as a graphic containing a link to the corresponding website of the button provider. By clicking on the graphic, you will be forwarded to the services of the respective provider. Only then will your data be sent to the respective provider. If you do not click on the graphic, there is no exchange between you and the providers of the social media buttons/networks. Information about the collection and use of your data in the social networks can be found in the terms of use and privacy policies of the respective providers.
We have integrated the social media buttons of the following networks on our website:
Facebook, Google, Pinterest, Twitter, LinkedIn, Reddit and Tumblr.
Web Hosting
The website www.josefinayoga.com is hosted at Hostpoint AG, Neue Jonastrasse 60, 8640 Rapperswil-Jona, Switzerland. A data processing addendum with Hostpoint protects your rights.
So-called log files are created by the Hostpoint servers so that the hosting service can be provided technically flawlessly and in compliance with the law. These files always include the following data of the visitors of this website:
IP address
browser
Date and time
accessed URL
referrers
protocol used
Error messages
This data remains on the Hostpoint systems until the legal deadline expires and is then automatically deleted.
ssL Encryption
To protect the security of your data during transmission, we use state-of-the-art encryption methods (ssL) via HTTPS.
Newsletter
On the basis of your explicit consent, we will regularly send you our newsletter or comparable information by e-mail via the provider Mailerlite to your specified e-mail address.
Your e-mail address is sufficient for receiving the newsletter, but optionally you can also enter your first and last name for personalization purposes. When registering to receive our newsletter, the data provided by you will be used exclusively for this purpose. Subscribers may also be notified by e-mail of circumstances relevant to the service or registration (e.g. changes to the newsletter offer or technical circumstances).
For an effective registration we need a valid e-mail address. In order to verify that a registration is actually made by the owner of an e-mail address, we use the “double opt-in” procedure. For this purpose, we log the registration to the newsletter, the sending of a confirmation e-mail and the receipt of the requested answer. Further data will not be collected. The data is used exclusively for the newsletter dispatch and stored on the server of the provider Mailerlite. The Privacy Policy of Mailerlite applies.
You can revoke your consent to the storage of your personal data and its use for the newsletter dispatch at any time. In each newsletter you will find a corresponding link. In addition, you can also unsubscribe directly at any time or inform us of your corresponding request via the contact option indicated at the top of this data protection information.
A Data Processing Addendum between Mailerlite and Josefina Yoga protects your rights.
Contacting
If you contact us by e-mail regarding questions of any kind, you give us your voluntary consent for the purpose of contacting us. A valid e-mail address is required for this purpose. This is used to assign the request and then reply to it. The specification of further data is optional. The information provided by you will be stored for the purpose of processing your inquiry and for possible follow-up questions. After your request has been processed, personal data will be deleted.
Changes to our Privacy Policy
We reserve the right to adapt this privacy policy so that it always complies with current legal requirements or to implement changes to our services in the privacy policy declaration, e.g. when introducing new services. The new privacy policy will then apply for your next visit.
Questions to the Data Protection Officer
If you have any questions about data protection, please write us an e-mail or contact the person responsible for data protection in our organisation directly:
Josefina Eliggi, hola at josefinayoga dot com