data protection

Data protection at

We take the protection of your personal data very seriously and treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration.

Safe shopping with SSL

By using SSL on the entire website, we enable the most safe shopping experience possible. Your personal data is encrypted before the transfer of our software with up to 2048 bit SSL (Secure Socket Layer), which is a very high level of security.

You can see an encrypted connection from the fact that the address line of the browser from "http: //" changes to "https: //" and on the castle symbol in your browser line. If the SSL encryption is activated, the data you transmit to us cannot be read by third parties.

Save and use personal data

Personal data is information with which a person can be identified and contacted. We receive and save your personal data when you get in touch with us, fill out forms, are active on our website, shop from us, register for our enewsletter and write a product or shop rating.

We collect and save this personal data, as they are necessary to answer your questions, inform you and to process your orders correctly. We also use this information in order to be able to offer you the most relevant shopping experience tailored to your interests.

In addition, we also use anonymous data that save our software and the analysis tools used to improve our website and offer.

Information and deletion of personal data

You can view and change your personal data in your customer account at any time so that they are always up to date. Simply register in the customer account. Here you will find all the personal data we save for you. For safety reasons, we do not indicate any payment information in the customer account. Contact us if you have any questions about personal data or want to delete your customer account. Please note that we are not allowed to delete orders and the invoices generated from legal provisions.

Storage of personal data

We only preserve personal data as long as it is necessary to meet the purposes described in this data protection directive, unless a longer retention period is required or permitted based on legal provisions.

GDPR

As a person concerned, you have the following rights:

  • According to Art. 15 GDPR, the right to request information about your personal data processed by us in the scope described there;
  • According to Art. 16 GDPR, the right to immediately request the correction of incorrect or completion of your personal data stored by us;
  • According to Art. 17 GDPR the right to request the deletion of your personal data stored by us, unless the further processing
    • to exercise the right to freedom of expression and information;
    • to fulfill a legal obligation;
    • For reasons of public interest or
    • To assert, exercise or defend legal claims
      is required;
  • According to Art. 18 GDPR the right to restrict the processing of your personal data, if necessary
    • the correctness of the data is denied by you;
    • the processing is illegal, but they reject their deletion;
    • we no longer need the data, but you need it to assert, exercise or defend legal claims or
    • They have objected to the processing in accordance with Art. 21 GDPR;
  • According to Art. 20 GDPR, the right to obtain your personal data that you have provided to us in a structured, common and machine -reading beer format or to request the transmission to another responsible;
  • According to Art. 77 GDPR, the right to complain to a supervisory authority. As a rule, you can contact the supervisory authority of your usual whereabouts or workplace or our company seat.

Do we pass information on?

The information from the users of this website and our customers are very important for us, since we cannot process or optimize our offer without it. Therefore, it is by no means in our interest to pass them on to third parties. In the cases described here, we only pass on data to service providers, which tasks are performing for us.

  • Package delivery

    In order for you to receive your package quickly and safely, we hire a wide variety of full filling and parcel deliverers, such as DHL, UPS, Austrian Post and Collissimo, with the processing of the orders and the transport of the packages from our shipping camp to your home. These companies only receive their shipping address from us and, if necessary, their telephone number.

  • Customer service

    In order to offer you the best possible customer service, we work with experienced customer service and call centers. These accept your telephone orders and contact you if you have any queries. The staff has access to those customer data that are required to fulfill an order or answer customer questions.

  • Email newsletter shipping

    Our email newsletter is free. You can unsubscribe from our newsletter at any time with just one click. So that we can optimally inform you by email, we send our newsletter via platforms that specialize in sending emails professionally and securely. These companies store the email address and the name for personal addressing for the shipping of our emails. In order to make the emails as relevant as possible for you, we also include personal information that you give us when you are active on our website or buy from us.

  • Service emails

    If you are active on our website and create a customer account, order products or fill out a form, we will send you Service emails, such as the order confirmation, shipping confirmation or payment reminder. You cannot unsubscribe from this group of service emails.

    Email advertising without registration for the newsletter and your right to object:
    If we receive your e-mail address in connection with the sale of a goods or service and you have not contradicted it, we reserve the right to regularly offer you on the basis of Section 7 (3) UWG to send from our range by email. This serves to protect our legitimate interests on an advertising speech by our customers in the context of a balancing of interests. You can object to this use of your e-mail address at any time by a message to the contact option described below or via a link provided in the advertising email, without incurring other than the transmission costs according to the basic tariffs.

    We send service emails via platforms that specialize in sending emails professionally and safely. These companies store the email address and the name for personal addressing for the shipping of our emails. In order to make the emails as relevant as possible for you, we also include personal information that you give us when you are active on our website or buy from us.

    Email advertising with registration for the newsletter
    If you register for our newsletter, we use the data required or separated from you to send you our e-mail newsletter regularly on the basis of your consent in accordance with Art. 6 Para. 1 Sentence 1 lit. a GDPR. You can deregister from the newsletter at any time and can be made either by a message to the contact option described below or via a link provided in the newsletter. After deregistration, we delete your email address, unless you have expressly consented to further use of your data or we are reserved for any other use of data that is legally permitted and about which we inform you in this declaration.

  • Letters and catalogs

    We use different service providers to send our catalogs and letters. To do this, we only pass on the name and address to these companies.

  • contact form

    If you send us a message using the contact form, your information from the form, including the contact details you specified, will be stored by us for the purpose of processing your request. The employees in customer service and call center have access to this data to answer your request.

  • Payment processing

    Depending on the payment method, different data will be forwarded to payment service providers and banks.

     

  • PayPal: You will be forwarded to the payment provider, where you can register with your email address and password. Apart from the payment method, nothing is saved with us.
  • Instant.com: You will be forwarded to the payment provider where you can register with your user name and PIN in your online banking. However, this data is not saved at immediately.com. With us, too, nothing is stored in addition to the payment method.
  • Credit card: The credit card details are safely transferred to the payment provider using SSL encryption. With us, only the last 4 positions of the card number and the payment method are saved so that you can assign them to the next order. With every further order, only one so -called alias code is transferred to the payment provider in order to trigger the new payment.
  • Sepa direct debit: Iban and BIC are saved with us and safely transferred to the bank with every payment using SSL.
  • Payment in advance: The incoming payments are handled by a payment service provider. To do this, we only pass on the data required for processing using SSL safely to this. Apart from the payment method, nothing is saved with us.
  • Analysis platforms

    To check whether everything works smoothly on our website and to constantly improve our offer, we use different analysis platforms such as Google Analytics and Google Search Console. Here anonymous data is transmitted and evaluated via the use of our website. This data helps us to improve our offer. Personal data, such as name, address, payment information, are not relevant for these analyzes and are therefore not recorded.

  • Interest -based ads and personalization

    We use your interactions with our website to switch interest -related ads that could be relevant to you. However, we do not use information that identifies individuals directly (such as name or email) to switch interest -based ads or remarketing. In order to show the most relevant product recommendations, we work with search engines, advertisers, publishers, social media networks and Adping companies. We also use this information in order to be able to offer you the most relevant shopping experience that is as relevant to your interests on our website.

With these companies we have a contract that includes the use of our data. These service providers only have access to the personal data required to fulfill their tasks. Under no circumstances can you use them for other purposes. In addition, you are obliged to treat the information according to this data protection declaration and the relevant data protection laws.

Transfer of business shares

It could be that areas or our entire company will be sold in the future. In this case, customer data is usually transferred to the buyer as part of the transaction so that the business can be properly continued. However, all affected customer information is still subject to the data protection declaration described here.

Server log files

Our software automatically stores information in so-called server log files that automatically transmits your browser to us. These are:

  • Browser type / browser version
  • operated operating system (user agent values ​​of the browser)
  • Referrer URL
  • Url requested
  • Data size of the server response
  • IP address of the accessible computer
  • Time of the server request

This data cannot be assigned to certain people. This data is not merged with other data sources. We reserve the right to check this data retrospectively if we become aware of specific indications for illegal use.

Cookies

Our website uses so -called cookies. These serve to make our website more user -friendly, more effective and safer. Cookies are small text files that your browser stores.

Most of the cookies we use are so-called "session cookies". They are automatically deleted after the end of their visit. Other cookies remain stored on their device until they delete them. These cookies enable us to recognize their browser the next time they visit .

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general, and activate the automatic deletion of the cookies when the browser is closed. When deactivating the cookies, some functions of our website can be restricted.

Cameleoon

Cameleoon is a SaaS solution that enables A/B tests and web staffing. Customers and partners of cameleoon use the solution to get a better understanding of how your website is used and to offer your customers an optimized user experience. Kameleoon does not save any personal data. However, you can contradict the use of cameleoon at any time by clicking on the following link:


password

The password, which you assign on our website when creating your customer account, is saved via an asymmetrical encryption process. This means that your password is not saved as a normal text and is therefore not readable for anyone. We too cannot read your password and therefore do not send it back to you.

If you forget your password, you can create a new password at any time by clicking on the link and entering your email address under which you opened your customer account with us. You will then receive an email with a link via which you can access one page where you can assign a new password.

Social plugins and videos

We use plugins from social networks Facebook, Google+ and Twitter as well as the online video portal YouTube on our website

If a user calls a website of a social network that contains such a plugin, its browser establishes a direct connection with the servers of the social network. The content of the plugin is transmitted directly to your browser by the social network and integrated from it into the website. Vitaminexpress therefore has no influence on the scope of the data that the social networks collect with the help of the plugins and therefore informs the users according to its knowledge:

By integrating the plugins, the social networks receive the information that a user has called up the corresponding page of the offer. If the user has logged in to the social network, this can assign a visit to his account with this social network. If users interact with the plugins, for example, press the Like button or make a comment, the corresponding information is transmitted directly from your browser to the social network and stored there. If a user is not yet a member of the social network, there is still the possibility that this network will find and save the user's IP address. According to Facebook, for example, only an anonymized IP address is stored in Germany.

The purpose and scope of the data collection and the further processing and use of the data by the social networks as well as the relevant rights and setting options for the protection of the privacy of the users can be found in the data protection information of the respective social network.

If a user is already a member and does not want a social network to collect data about it via the Vitaminexpress website and link with his existing stored member data, he must log out of the social network before visiting the website.

Our website uses plugins from the YouTube page operated by Google. If you visit one of our pages equipped with a YouTube plugin, a connection to the YouTube servers is established. The YouTube server is communicated which of our pages you have visited.

If you are logged into your YouTube account, enable youtube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.

Here is the data protection instructions of the respective social networks:

Can children use our website?

Vitaminexpress does not offer any products for buying by minors. Products that are intended for children can only be bought by adults. If you have not yet reached the age of 18, you can only buy from us together with a parent or guardian.

Better sleep

More energy

Less stress