Data protection and security
The protection of your personal data and your privacy is incredibly important to us. The purpose of this policy is to fully inform you on how we handle your personal data.
Data controller, data protection officer
mytheresa.com GmbH, Einsteinring 37, 85609 Aschheim/Munich, Germany is responsible for your privacy protection and is the official service provider. If you have questions regarding our website, the following information, or if you would like to contact our privacy protection representative, please send us an email at firstname.lastname@example.org.
Definition of personal data
"Personal data" are defined by law as "information concerning the personal or material circumstances of an identified or identifiable natural person". This includes, for example, information such as an individual's name, address and email address, as well as any other information that can be attributed to a particular individual.
Collection and use of personal data
During registration for your customer account, we collect and implement your personal data in order to finalize the order process, as well as customize your personal shopping experience. Your data will be transmitted to third parties only as required to perform the contract or for billing purposes. For example, the service providers we employ in the handling of orders (e.g., carriers, payment service providers, banks) will be provided with the data necessary for completing your order.
In subscribing for a newsletter you agree that mytheresa.com GmbH, Einsteinring 37, 85609 Aschheim/Munich may use the data you entered to inform you by email about the contents and/or products selected by you. You may revoke your consent at any time with effect for the future, either by written notice to mytheresa.com GmbH, Einsteinring 37, 85609 Aschheim/Munich or by email to email@example.com. You may also unsubscribe from any newsletter via the link provided at the end of each newsletter. We transfer your data to our service providers only for data administration and hosting purposes.
In connection with our newsletter mailings, we may utilise user data to create anonymous user profiles for purposes of market research, advertising or customised newsletter contents. As part of certain marketing activities, our service providers may obtain necessary data to process orders. They reserve the right to use this information only for their designated activities and are prohibited from sharing it with unauthorised third parties. You may object to any such use of your data by notice via post, fax, or email to firstname.lastname@example.org, in no particular format.
Further, we collect, process and use address and order data for our own marketing purposes. You may object to any such use, processing and transfer of your personal data for marketing purposes at any time by notice via post, fax, or email to email@example.com, in no particular format.
We also collect and use the data you submit to us when using the contact form, for the purpose of processing your inquiries.
We use third party retargeting and remarketing features on our website. These technologies allow us to address internet users who previously visited mytheresa.com, by personalised advertising on our partners' websites. For this purpose the retargeting or remarketing provider will store a cookie on your hard drive. Based on the cookie technology, anonymous user details will be stored, for example the advertising you received from us or clicked, the products you viewed, whether you purchased anything. The anonymous data are not connected with your personal data at any time and serve the sole purpose of customising our advertising to the user's interests.
You may object to the use of the retargeting and/or remarketing feature by accessing the third party providers' cookie opt-out pages via the following links:
Use of intelliAd
This website uses the web analysis service and Bid-Management tool from intelliAd Media LLC, Sendlinger Str. 7, 80331 Munich, Germany. In order to customize and optimize the presentation of this website, user data will be collected anonymously and aggregately saved while also using this information to generate representative user profiles under a pseudonym. Cookies will be saved locally through the use of intelliAd Tracking. According to the current version of § 15 of the German Tele-media law, you as the website user have the right to object to having your user data saved (collected anonymously), both now as well as in the future. Please use the intelliAd Opt-Out function to object to having your user data saved.
Use of Google Analytics
We also use Google Analytics, a web analysis service of Google Inc. ("Google"). Google Analytics is based on cookies and allows an analysis of website usage. As we have activated IP anonymisation for our website, the IP addresses that are automatically transmitted with the usage details are abbreviated by Google within the European Union or other contracting states of the European Economic Area before the data are forwarded to and stored in the USA. It is only in exceptional cases that IP addresses are transmitted first to a Google server in the USA, where they are shortened. Acting on our behalf, Google uses the data to analyse the use of the website for us, to compile website activity reports, and to render further services relating to website and internet use. The above described IP anonymising procedure has been agreed between Google Inc. and the Hamburg Commissioner for Data Protection and Freedom of Information and recognised as compliant with data protection requirements (see the press release on the HmbBfDI).
The IP address transmitted by your browser in connection with Google Analytics will not be connected with other Google data. You may prevent the storage of such cookies by adjusting your browser settings accordingly. You may also prevent the recording of the data generated by the cookie and concerning your usage of the website (including your IP address) by Google and to the processing of such data by Google by downloading and installing the browser plugin available via the following link.
Use of social plugins
We use social plugins of several providers on our website in the respective standard plugin:
- The Facebook "Gefällt mir" ("Like") button of Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA. The button is marked with the Facebook logo and the addition "Gefällt mir" ("Like").
- The "+1" button of Google+ (Google Plus) of Google Inc., 1600 Amphitheatre Parkway, Mountain View, California, 94043 USA.
- The social plugin of Twitter, operated by Twitter, Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA.
- The social plugin of the website Pinterest.
When you access one of our websites containing any of the above plugins, the plugin provider may store a cookie in your browser. We have no control over the scope of the data collected by the provider by means of the plugin.
The plugins may provide their hosts with information such as the date and time of your visit to our websites, your IP address, or the type of browser you use. If you are logged on to your account with the plugin provider while visiting our websites, the provider may match this information and any data you enter, should you interact with the plugins, to your user account, for instance if you click the corresponding button on our website or post a comment. Your recommendations or comments may be displayed as information, together with your profile name and photograph, in the relevant provider’s service, for instance in search results or in your user profile, or at other places on websites and in advertisements on the internet.
If you are not a member of the relevant provider’s service, the provider may under certain circumstances nevertheless obtain and store your IP address.
For the purpose and scope of the data collection and further processing and use of your data by the provider as well as your related rights and opt-out possibilities to protect your privacy, please see the privacy policies of Facebook, of Google+ , of Twitter, and of Pinterest.
If you are a member of the relevant service and do not wish the service provider to collect data on you via our websites and connect them with the member data stored by the provider, you have to log off from your account with the provider before visiting our internet sites.
Use of Chartbeat
For system administrative purposes, prevention of misuse and the analysis of user behaviour trends, IP-addresses, browser types and header details, as well as information about the geographical location of access, will be assessed via Chartbeat. The use and evaluation of these data will be conducted anonymously, and personal details and IP-addresses will not be linked in any manner.
The header information will be used to determine which pages the IP-address has visited. Traffic information will be used for real-time analytics. Chartbeat may randomly collect anonymous traffic information for the purpose of benchmarking and may provide these data to be used by other websites.
Storage, correction, deletion and deactivation of your personal data
You may at any time view, modify and delete the data in your customer account which you entered for your registration. Data that are still required to complete the services requested by you, especially the performance and completion of contracts, cannot be deleted. The data will be deactivated upon termination of the contract, and furthermore will be deleted once the applicable retention period provided by law or contract has expired.
To request information or any correction or deletion of data, please email to firstname.lastname@example.org or send a letter to mytheresa.com GmbH, Einsteinring 37, 85609 Aschheim/Munich, stating your name and your contact details.