GUILT-FREE CANDY
DATA PROTECTION
DATA PROTECTION
Data Protection
OVERVIEW
This Privacy Policy describes how your personal information is collected, used and shared when you visit neoh.com (the "Site") or make a purchase.
SECTION 1 - PERSONAL INFORMATION WE COLLECT
When you visit the Site, we automatically collect certain information about your device, including information about your web browser, IP address, time zone and some of the cookies installed on your device. In addition, as you browse the Site, we collect information about the individual web pages or products you view, which websites or search terms referred you to our Site, and information about how you interact with the Site. We refer to this automatically collected information as “Device Information.”
We collect device information using the following technologies:
- “ Cookies ” are data files placed on your device or computer that often contain an anonymous, unique identifier. If you would like to find out which cookies have been stored in your browser, if you want to change or delete cookie settings, you can do this in your browser settings:
Chrome: Delete, enable and manage cookies in Chrome
Safari: Manage cookies and site data with Safari
Firefox: Delete cookies to remove data that websites have placed on your computer
Internet Explorer: Deleting and managing cookies
Microsoft Edge: Deleting and managing cookies
For more information about cookies and how to disable cookies, please visit http://www.allaboutcookies.org.
The following cookies are used by Google Analytics:
Name: _ga
Value: 2.1326744211.152211110227-5
Purpose: By default, analytics.js uses the _ga cookie to store the user ID. Basically, it is used to distinguish website visitors.
Expiry date: after 2 years
Name: _gid
Value: 2.1687193234.152211110227-1
Purpose: The cookie is also used to distinguish website visitors
Expiry date: after 24 hours
Name: _gat_gtag_UA_
Value: 1
Intended use: Used to reduce the request rate. If Google Analytics is provided via Google Tag Manager, this cookie is named _dc_gtm.
Expiry date: after 1 minute
Name: AMP_TOKEN
Value: no information
Purpose: The cookie has a token that can be used to retrieve a user ID from the AMP client ID service. Other possible values indicate a logout, a request, or an error.
Expiry date: after 30 seconds up to one year
Name: __utma
Value: 1564498958.1564498958.1564498958.1
Purpose: This cookie can be used to track your behavior on the website and measure your performance. The cookie is updated each time information is sent to Google Analytics.
Expiry date: after 2 years
Name: __utmt
Value: 1
Purpose: The cookie is used like _gat_gtag_UA_ to throttle the request rate.
Expiry date: after 10 minutes
Name: __utmb
Value: 3.10.1564498958
Purpose: This cookie is used to determine new sessions. It is updated every time new data or information is sent to Google Analytics.
Expiry date: after 30 minutes
Name: __utmc
Value: 167421564
Purpose: This cookie is used to set new sessions for returning visitors. This is a session cookie and is only stored until you close the browser again.
Expiry date: After closing the browser
Name: __utmz
Value: m|utmccn=(referral)|utmcmd=referral|utmcct=/
Purpose: The cookie is used to identify the source of traffic to our website. This means that the cookie stores where you came to our website from. This could have been another page or an advertisement.
Expiry date: after 6 months
Name: __utmv
Value: not specified
Purpose: The cookie is used to store custom user data. It is always updated when information is sent to Google Analytics.
Expiry date: after 2 years
Note: We cannot claim completeness here. Which cookies are set in each individual case depends on the embedded functions and your use by the provider.
The following cookies are used by Google AdSense:
Name: uid
Value: 891269189211110227-0
Purpose: The cookie is stored under the domain adform.net. It provides a uniquely assigned, machine-generated user ID and collects data about activity on our website.
Expiry date: after 2 months
Name: C
Value: 1
Purpose: This cookie identifies whether your browser accepts cookies. The cookie is stored under the domain track.adform.net.
Expiry date: after 1 month
Name: cid
Value: 8912691894970695056,0,0,0,0
Purpose: This cookie is stored under the domain track.adform.net, stands for client ID and is used to improve advertising for you. It can deliver more relevant advertising to the visitor and helps improve campaign performance reporting.
Expiry date: after 2 months
Name: IDE
Value: zOtj4TWxwbFDjaATZ2TzNaQmxrU211110227-3
Purpose: The cookie is stored under the domain doubkeklick.net. It is used to register your actions after viewing or clicking on the ad. This allows us to measure how well an ad is received by our visitors.
Expiry date: after 1 month
Name: test_cookie
Value: not specified
Purpose: You can use the “test_cookies” to check whether your browser supports cookies at all. The cookie is stored under the domain doubkeklick.net.
Expiry date: after 1 month
Name: CT592996
Value: 733366
Purpose: Is stored under the domain adform.net. The cookie is set as soon as you click on an advertisement. We were unable to find out more detailed information about the use of this cookie.
Expiry date: after one hour
Note: We cannot claim completeness here. Which cookies are set in each individual case depends on the embedded functions and your use by the provider.
Here is the data for the most important cookies for Google's conversion tracking (AdWords) :
Name: Conversion
Value: EhMI_aySuoyv4gIVled3Ch0llweVGAEgt-mr6aXd7dYlSAGQ211122808-3
Purpose: This cookie stores every conversion you make on our site after coming to us via a Google Ad.
Expiry date: after 3 months
Name: _gac
Value: 1.1558695989.EAIaIQobChMIiOmEgYO04gIVj5AYCh2CBAPrEAAYASAAEgIYQfD_BwE
Purpose: This is a classic Google Analytics cookie and is used to record various actions on our website.
Expiry date: after 3 months
Note: The cookie _gac only appears in connection with Google Analytics. The above list does not claim to be complete, as Google often uses other cookies for analytical evaluations.
The following cookies are used by Facebook:
Name: _fbp
Value: fb.1.1568287647279.257405483-6211110227-7
Purpose: This cookie uses Facebook to display advertising products.
Expiry date: after 3 months
Name: fr
Value: 0aPf312HOS5Pboo2r..Bdeiuf…1.0.Bdeiuf.
Purpose: This cookie is used to ensure that Facebook Pixel works properly.
Expiry date: after 3 months
Name: comment_author_50ae8267e2bdf1253ec1a5769f48e062211110227-3
Value: Author's name
Purpose: This cookie stores the text and name of a user who, for example, leaves a comment.
Expiry date: after 12 months
Name: comment_author_url_50ae8267e2bdf1253ec1a5769f48e062
Value: https%3A%2F%2Fwww.testseite…%2F (author’s URL)
Purpose: This cookie stores the URL of the website that the user enters in a text field on our website.
Expiry date: after 12 months
Name: comment_author_email_50ae8267e2bdf1253ec1a5769f48e062
Value: Author email address
Purpose: This cookie stores the user's email address if they have provided it on the website.
Expiry date: after 12 months
Note: We cannot claim completeness here. Which cookies are set in each individual case depends on the embedded functions and your use by the provider.
The following cookies are used by Instagram:
Name: csrftoken
Value: ""
Purpose: This cookie is most likely set for security reasons to prevent fraudulent requests. However, we were unable to find out more precisely.
Expiry date: after one year
Name: mid
Value: ""
Purpose: Instagram sets this cookie to optimize its own services and offers on and outside of Instagram. The cookie sets a unique user ID.
Expiry date: after the end of the session
Name: fbsr_211110227124024
Value: no information
Purpose: This cookie stores the log-in request for users of the Instagram app.
Expiry date: after the end of the session
Name: rur
Value: ATN
Purpose: This is an Instagram cookie that ensures functionality on Instagram.
Expiry date: after the end of the session
Name: urlgen
Value: "{"194.96.75.33″: 1901}:1iEtYv:Y833k2_UjKvXgYe211110227"
Purpose: This cookie is used for Instagram’s marketing purposes.
Expiry date: after the end of the session
Note: We cannot claim completeness here. Which cookies are set in each individual case depends on the embedded functions and your use by the provider.
The following cookies are used by LinkedIn:
Name: bcookie
Value: =2&34aab2aa-2ae1-4d2a-8baf-c2e2d7235c16211122808-
Purpose: The cookie is a so-called “browser ID cookie” and therefore stores your identification number (ID).
Expiry date: After 2 years
Name: long
Value: v=2&lang=de-de
Purpose: This cookie stores your default or preferred language.
Expiry date: after the end of the session
Name: lidc
Value: 1818367:t=1571904767:s=AQF6KNnJ0G211122808…
Purpose: This cookie is used for routing. Routing records how you got to LinkedIn and how you navigate through the website.
Expiry date: after 24 hours
Name: rtc
Value: kt0lrv3NF3x3t6xvDgGrZGDKkX
Purpose: No further information could be found about this cookie.
Expiry date: after 2 minutes
Name: JSESSIONID
Value: ajax:2111228082900777718326218137
Purpose: This is a session cookie that LinkedIn uses to maintain anonymous user sessions through the server.
Expiry date: after the end of the session
Name: bscookie
Value: “v=1&201910230812…
Purpose: This cookie is a security cookie. LinkedIn describes it as a secure browser ID cookie.
Expiry date: after 2 years
Name: fid
Value: AQHj7Ii23ZBcqAAAA…
Purpose: No further information could be found about this cookie.
Expiry date: after 7 days
- " Log files " track actions that occur on the Site and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date and time stamps.
- “ Web beacons ,” “ tags ,” and “ pixels ” are electronic files used to record information about how you browse the Site.
When you open a user account, we also store the necessary user data that you voluntarily provide (name, email and password). You can instruct us to delete your user account at any time. We will use the information you provide to fulfill and process your order. If you make a purchase or attempt to make a purchase through the Site, we collect certain information from you, including your name, your company (optional), your billing address, your shipping address, your payment information (including credit card numbers, email address and telephone number). We refer to this information as “Order Information.” When we talk about “Personal Information” in this Privacy Policy, we are talking about both Device Information and Order Information.
Please note that we are the payment service provider PayPal use. The provider of this payment service is PayPal (Europe) S.à.rl et Cie, SCA, 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter referred to as "PayPal"). If you decide to make a payment via this payment provider, the payment details you provided will be forwarded to the payment provider in accordance with Article 6, paragraph 1(f) of the GDPR. It is considered a legitimate interest to offer our customers a wide range of convenient payment options. You can find further information about data processing at PayPal at https://www.paypal.com/de/webapps/mpp/ua/privacy-full.
We also use the service provider Klarna . Klarna checks and evaluates your data and, if there is a legitimate interest and reason, exchanges data with other companies and credit reporting agencies. Your personal information will be treated in accordance with the applicable data protection regulations and in accordance with the information in Klarna's data protection regulations . If you have chosen Klarna's payment services Klarna invoice and Klarna installment purchase as a payment option, you have consented to us receiving the following personal data necessary for processing the purchase on account and an identity and credit check, such as first and last name, address, date of birth, gender , email address, IP address, telephone number and the data necessary for processing the purchase on account that is related to the order, such as the number of items, item number, invoice amount and taxes in percent, have been collected and transmitted to Klarna. This data is transmitted so that Klarna can create an invoice and carry out an identity and creditworthiness check to process your purchase using the invoice processing you require. According to the GDPR, Klarna has a legitimate interest in transmitting the buyer's personal data and needs this in order to obtain information from credit agencies for the purpose of identity and creditworthiness checks. As part of the decision on the establishment, implementation or termination of the contractual relationship, Klarna, in addition to an address check, also collects and uses information about the buyer's previous payment behavior as well as probability values for this behavior in the future. Klarna calculates these score values based on a scientifically recognized mathematical-statistical procedure. For this purpose, Klarna will, among other things, use your address data. If after this calculation it turns out that your creditworthiness is not good, Klarna will inform you immediately. Revocation of the use of personal data towards Klarna:
- You can revoke your consent to Klarna's use of personal data at any time. However, Klarna may continue to be entitled to process, use and transmit personal data if this is necessary for contractual payment processing through Klarna's services, is legally required, or is required by a court or authority.
2. Of course, you can obtain information about the personal data stored by Klarna at any time. If you as a buyer wish this or would like to notify Klarna of changes to the stored data, you can contact datenschutz@klarna.de.
Newsletter: When you register for the newsletter, your email address will be saved with your consent and used exclusively for our own advertising purposes until you unsubscribe from the newsletter. For this we use the so-called double opt-in procedure, which means we will only send you our email newsletter if you have expressly given us your consent. To do this, we will send you a confirmation email in which we ask you to give us your consent by clicking on the link contained in the email. You can unsubscribe from the newsletter at any time. A message in text form to the contact details mentioned in Section 8 (e.g. e-mail, letter) is sufficient. Of course, you will also find an unsubscribe link in every newsletter.
Use of telephone numbers: In accordance with Art. 6 Para. 1 lit. Services stored, processed and used to transmit messages to you. To use the messenger service, an active account with the respective provider is required. This service is provided by the company chatarmin.com GmbH, A-3400 Klosterneuburg, as a technical service provider and processor. Your consent to the processing of personal data can always be freely revoked; For this purpose, a corresponding notification to our support or Chatarmin is sufficient. Further information can be found in our respective privacy policies and/or the messenger services chatarmin.com GmbH included.
In order to continually improve your shopping experience and protect you from unnecessary advertising, we use the automatically generated information you provide to create individual advertising tailored to you and your interests. We only use information in pseudonymized form, such as receipt and read confirmations of emails, your order history, date and time of visit to the homepage, and product pages that you have visited. The analysis and evaluation of this information enables us to send you individual advertising. Our goal is to make our advertising more useful and interesting for you. We would like to prevent indiscriminate advertising and only send you advertising that corresponds to your interests, for example in the form of newsletters, product recommendations in emails, letter advertising or package inserts. If you do not want to receive individual advertising, you can object to this at any time in whole or for specific measures. A message in text form to the contact details mentioned in Section 8 (e.g. e-mail, letter) is sufficient.
The processing is based on Article 6 Paragraph 1 Letter a) GDPR. We store your data until you revoke your consent.
SECTION 2 - HOW WE USE YOUR PERSONAL INFORMATION
Your customer account data will only be processed to provide you with the functions of the customer account and - if you make a purchase - to process and fulfill your order. The processing of these data is processed on the basis of Art. 6, paragraph 1(b) of the GDPR. In addition, we are required by law to store certain types of data, such as invoices and other information relevant to our accounting processes, for a certain period of time. The data will be processed for this purpose on the basis of Article 6(1)(b) of the GDPR. 6, paragraph 1(c) of the GDPR. We use the device information we collect to help us screen for potential risk and fraud (in particular your IP address) and more generally to improve and optimize our website (for example, by producing analytics about how our website works). customers browse and interact with the website and to evaluate the success of our marketing and advertising campaigns).
SECTION 3 - RIGHTS OF THE DATA SUBJECT
The General Data Protection Regulation guarantees you certain rights which you can exercise against us if there are legal grounds for doing so.
Art. 15 of the GDPR - Right of access of the data subject: You have the right to obtain confirmation from us as to whether personal data concerning you is being processed and, if so, what and how this data is being processed.
Art. 16 of the GDPR - Right to rectification: You have the right to request that we immediately correct inaccurate personal data relating to you. Taking into account the purposes of the processing, you also have the right to have incomplete personal data filled in, including by means of a supplementary statement.
Art. 17 of the GDPR - Right to deletion ("Right to be forgotten"): You have the right to request that we delete the personal data concerning you without undue delay.
Art. 18 of the GDPR - Restriction of processing: You have the right to obtain a restriction on processing from the controller.
Art. 20 of the GDPR - Right to data portability: If we process your data based on your consent or for the performance of a contract, you have the right to have the personal data relating to you that you have provided to us in a structured, commonly used and machine-readable format and you have the right to transmit this data to another person responsible for processing without hindrance from us or to have the data transmitted directly or indirectly to another person responsible, to the extent that this is technically possible.
Art. 21 of the GDPR - Right to object: You have the right at any time, for reasons relating to your particular situation, to object to the processing of personal data concerning you if this is based on our legitimate interests or in the public interest or in Exercise of public authority is necessary. If you object to the processing of your personal data, we will no longer process your personal data unless we can demonstrate that there are compelling reasons for doing so which override your interests, rights and freedoms, or if we need to process your data, to establish, exercise or defend a legal claim. If we process your personal data for direct marketing purposes, you have the right to object to such processing of your data at any time. If you object to the processing of your data for direct marketing purposes, we will no longer process your personal data for this purpose.
Art. 77 of the GDPR - Right to complain to a supervisory authority: You have the right to lodge a complaint with a supervisory authority, in particular in the member state of your habitual residence, your place of work or the place of the alleged infringement, if you are of the opinion that the Processing of your personal data violates applicable regulations. If you have given your consent, you can revoke it at any time. In such cases, any data processing that took place before you withdraw your consent will be considered lawful. To withdraw your consent, send us an email to support@neoh.com.
SECTION 4 - SHARING YOUR PERSONAL INFORMATION & DATA PROCESSING
We share your personal information with third parties to help us use your personal information as described above.
For example we use Shopify to run our online store. You can read more about how Shopify uses your personal information here: https://www.shopify.com/legal/privacy.
We usetwo external Logisticians to process the orders. For this purpose, your personal data, as collected during the order and which are necessary for transport, will be sent to LOGSTA GmbH (In den Wiesen 4, 2544 Leobersdorf, Austria) and Maillog Richter & Weiner GesmbH, Talpagasse 1a, 1230 Vienna. Finally, we may also disclose your personal information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights.
We also use Google Analytics from Google (Google LLC (“Google”), 1600 Amphitheater Parkway, Mountain View, CA 94043 USA) to understand how our customers use the website. You can read more about how Google uses your personal data here: https://www.google.com/intl/en/policies/privacy/. You can also opt out of Google Analytics here: https://tools.google.com/dlpage/gaoptout. You can stop tracking here: http://tools.google.com/dlpage/gaoptout?hl=d. The legal basis for the use of Google Analytics is Article 6, Paragraph 1(f) of the GDPR.
This website uses the Facebook (Facebook Inc., 1601 South California Avenue, Palo Alto, CA 94304 USA) form for providing targeting/remarketing functions. This feature is intended to make it possible to display targeted advertising to Facebook users/Instagram users who have visited our website ("Facebook Advertising"). For this purpose, the fact that you have visited this website is transmitted to the Facebook server; Facebook then links this information to your personal user account. Further information can be found at: https://www.facebook.com/about/privacy/ The use of this service is based on Art. 6, paragraph 1(f) of the GDPR. The aforementioned purpose is classified as a legitimate interest. Click here to revoke your consent to use this service.
Our website uses Google AdWords . AdWords is an online advertising program. We use conversion tracking as part of this program. If you click on an ad hosted by Google (Google LLC ("Google"), 1600 Amphitheater Parkway, Mountain View, CA 94043 USA), a cookie will be placed on your system to track the conversion. The cookie allows us and Google to determine that you clicked on the ad and were redirected to our website. Conversion cookies are used to create conversion statistics for AdWords customers who use conversion tracking. You can find further information at: https://www.google.de/policies/privacy/. The use of this service is based on Article 6, paragraph 1(f) of the GDPR. The aforementioned purpose is classified as a legitimate interest. Click here to revoke your consent to use this service.
The data is stored on our website using Pinterest Ads (Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland) Based on the stored data, we and Pinterest can recognize that you clicked on an ad, were redirected to our website and made a purchase. In addition, browsing behavior is used to show relevant Pinterest ads on the platform that may be of interest to you. Information about your identity is not stored. You can find the terms of use and data protection regulations at https://policy.pinterest.com/de/privacy-policy and at https://policy.pinterest.com/de/cookies. The legal basis for the use of Pinterest Ads is Article 6 Paragraph 1 Letter f) GDPR. Click here to object.
Through the conversion tracking and website demographics features of LinkedIn (LinkedIn Corporation © 2019 ("LinkedIn") 1000 W. Maude Ave, Sunnyvale, CA 94085) we can understand what happens after a LinkedIn user clicks on our ad using analytics methods and systems provided by LinkedIn (e.g. Insight -Tags, pixels and APIs) that allow us to send data to LinkedIn and its partners about actions people take on our websites ("event data"). LinkedIn Matched Audiences and associated data integrations allow us to target ads to audiences based on the data we provide to LinkedIn directly or through an authorized third party on our behalf. Information about your identity is not stored. Further information about the terms of use and the data protection declaration can be found at https://www.linkedin.com/legal/privacy-policy. The use of this service is based on Article 6, paragraph 1(f) of the GDPR. The aforementioned purpose is classified as a legitimate interest. You can withdraw your consent to use this service at the following links, which can be found in Section 2.4 of the Privacy Policy: https://www.linkedin.com/legal/privacy-policy.
On our website we use the display system from Amazon (Amazon Europe Core S.à.rl, 5 Rue Plaetis, L-2338 Luxembourg). Amazon allows us to increase the effectiveness of Internet-based advertising by using cookies stored on your computer. The data stored is used to determine whether you clicked on an ad, were redirected to our website and made a purchase. There is no information to directly identify individuals. Name or email address will be used. Further information about the terms of use and data protection can be found at https://www.amazon.com/gp/help/customer/display.html/ref=help_search_3-25?ie=UTF8&nodeId=201909010&qid=1543915330&sr=3-25for. The legal basis for the use of the Amazon advertising system is Article 6 Paragraph 1 Letter f) GDPR. You can object at the following link: https://www.amazon.com/adprefs
SECTION 5 - ADVERTISING
As described above, we use your personal information to send you targeted advertising or marketing communications that we believe may be of interest to you. For more information about how targeted advertising works, you can visit the Network Advertising Initiative ("NAI") educational site at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work. You can opt out of some of these services by visiting the Digital Advertising Alliance's opt-out portal at http://optout.aboutads.info/.
SECTION 6 - DO NOT TRACK
Please note that we do not change our website's data collection and usage practices when we see your browser's Do Not Track signal.
SECTION 7 - CHANGES
We may update this privacy policy from time to time, for example to reflect changes in our practices or for other operational, legal or regulatory reasons.
SECTION 8 - CONTACT
For more information about our privacy practices, if you have any questions, or would like to make a complaint, please contact us by email at support@neoh.com or by post using the details provided below:
NEOH UK Ltd.
29 Tunstall Road
London
SW9 8BZ