Privacy Policy

Datenschutzerklärung der envi GmbH

  1. Einleitung Diese Datenschutzerklärung gilt für die Erhebung, Verarbeitung und Nutzung personenbezogener Daten durch die envi GmbH (nachfolgend “ENVI”) im Zusammenhang mit der Nutzung der Plattform envinaturals.com (nachfolgend “Website” oder “Online-Shop”). Der Schutz Ihrer personenbezogenen Daten ist uns wichtig. Wir behandeln Ihre personenbezogenen Daten vertraulich und in Übereinstimmung mit den gesetzlichen Datenschutzvorschriften sowie dieser Datenschutzerklärung. Diese Erklärung gibt Ihnen einen Überblick darüber, welche Daten wir erheben, wie wir sie verwenden und welche Rechte Sie in Bezug auf Ihre personenbezogenen Daten haben.
  2. Verantwortliche Stelle Verantwortlich für die Erhebung, Verarbeitung und Nutzung Ihrer personenbezogenen Daten im Sinne der Datenschutzgesetze ist:

envi GmbH
Mooslenz 39
6345 Kössen
Österreich
E-Mail: contact@envinaturals.com

  • Erhebung und Speicherung personenbezogener Daten sowie Art und Zweck ihrer Verwendung Wir verarbeiten Ihre Daten in folgenden Fällen:
  • Beim Besuch unserer Website
  • Bei der Kontaktaufnahme über das Kontaktformular oder per E-Mail
  • Bei der Bestellung von Produkten in unserem Online-Shop
  • Bei der Erstellung eines Kundenkontos
  • Beim Abonnieren unseres Newsletters
  • Beim Hinterlassen von Bewertungen zu gekauften Produkten oder dem Service

a) Besuch der Website

Beim Besuch unserer Website werden automatisch bestimmte Daten durch Ihren Browser an unseren Server übermittelt und temporär in einem Logfile gespeichert:

  • IP-Adresse des anfragenden Rechners
  • Datum und Uhrzeit des Zugriffs
  • Name und URL der abgerufenen Datei
  • Website, von der aus der Zugriff erfolgt (Referrer-URL)
  • Verwendeter Browser und ggf. das Betriebssystem Ihres Rechners sowie der Name Ihres Access-Providers

Diese Daten werden zur Administration der Website verarbeitet, insbesondere um:

  • einen reibungslosen Verbindungsaufbau der Website zu gewährleisten
  • eine komfortable Nutzung unserer Website zu ermöglichen
  • die Systemsicherheit und -stabilität zu analysieren

Die Rechtsgrundlage der Datenverarbeitung ist Art. 6 Abs. 1 lit. f DSGVO.

b) Nutzung des Kontaktformulars oder Kontaktaufnahme per E-Mail

Bei Anfragen per Kontaktformular oder E-Mail verarbeiten wir Ihre E-Mail-Adresse sowie ggf. weitere freiwillig angegebene Informationen, um Ihre Anfrage zu beantworten. Dies erfolgt gemäß Art. 6 Abs. 1 lit. f DSGVO.

c) Erstellung eines Kundenkontos

Bei der Erstellung eines Kundenkontos erheben wir folgende Daten:

  • Vorname, Nachname
  • Adresse
  • E-Mail-Adresse
  • Telefonnummer
  • Geburtsdatum (optional)
  • Benutzername und Passwort

Diese Daten dienen der Verwaltung Ihres Kontos und der Erleichterung zukünftiger Bestellungen. Die Rechtsgrundlage ist Art. 6 Abs. 1 lit. b DSGVO.

d) Bestellung als Gast

Wenn Sie als Gast bestellen, erheben wir folgende Daten:

  • Vorname, Nachname
  • Adresse
  • E-Mail-Adresse
  • Telefonnummer

Diese Daten werden zur Abwicklung Ihrer Bestellung und Kontaktaufnahme bei Fragen genutzt. Die Rechtsgrundlage ist Art. 6 Abs. 1 lit. b DSGVO.

e) Anmeldung zum Newsletter

Bei der Anmeldung zum Newsletter erheben wir folgende Daten:

  • Vorname
  • E-Mail-Adresse

Die Daten werden zur Versendung des Newsletters und zur Information über Angebote genutzt. Die Rechtsgrundlage ist Art. 6 Abs. 1 lit. a DSGVO.

f) Abgabe von Bewertungen

Bei der Abgabe einer Produktbewertung verarbeiten wir folgende Daten:

  • Vorname
  • E-Mail-Adresse
  • Ihre Bewertung

Dies dient der Qualitätsverbesserung und Marketingzwecken. Die Rechtsgrundlage ist Art. 6 Abs. 1 lit. f DSGVO.

  • Weitergabe von Daten Ihre Daten werden nicht an Dritte weitergegeben, es sei denn:
  • Sie haben Ihre ausdrückliche Einwilligung erteilt (Art. 6 Abs. 1 lit. a DSGVO)
  • Dies ist zur Vertragserfüllung erforderlich (Art. 6 Abs. 1 lit. b DSGVO)
  • Es besteht eine gesetzliche Verpflichtung (Art. 6 Abs. 1 lit. c DSGVO)
  • Die Weitergabe ist zur Wahrung berechtigter Interessen erforderlich (Art. 6 Abs. 1 lit. f DSGVO)

4.1 Weitergabe von Daten an Lieferanten Zur Bearbeitung Ihrer Bestellung übermitteln wir erforderliche Daten (z. B. Name, Adresse, Kontaktinformationen) an die Lieferanten, die Ihre Bestellung ausführen. Diese sind vertraglich verpflichtet, die EU-Datenschutzgesetze einzuhalten.

  • Speicherdauer personenbezogener Daten Wir speichern Ihre Daten nur so lange, wie es für die jeweiligen Zwecke erforderlich ist oder gesetzliche Aufbewahrungspflichten bestehen.
  • Cookies Wir verwenden Cookies, um die Nutzung unserer Website zu verbessern. Details finden Sie in unserer Cookie-Richtlinie.
  • Analyse- und Tracking-Tools Wir nutzen Tracking-Tools gemäß Art. 6 Abs. 1 lit. f DSGVO zur Optimierung unserer Website:
  • Google Analytics
  • Facebook Pixel
  • Rechte der betroffenen Personen Sie haben das Recht auf:
  • Auskunft (Art. 15 DSGVO)
  • Berichtigung (Art. 16 DSGVO)
  • Löschung (Art. 17 DSGVO)
  • Einschränkung der Verarbeitung (Art. 18 DSGVO)
  • Datenübertragbarkeit (Art. 20 DSGVO)
  • Widerspruch gegen die Verarbeitung (Art. 21 DSGVO)
  • Beschwerde bei einer Aufsichtsbehörde (Art. 77 DSGVO)

Kontakt für Datenschutzanfragen: contact@envinaturals.com

  • Datensicherheit Wir nutzen SSL-Verschlüsselung und technische Sicherheitsmaßnahmen, um Ihre Daten zu schützen.
  • Datenverarbeitung durch Lieferanten Unsere Lieferanten sind unabhängige Verantwortliche für die Verarbeitung der Kundendaten.
  • Datenverarbeitung durch Dritte Wir setzen Drittanbieter (z. B. Zahlungsdienstleister) ein, die nur im erforderlichen Umfang Zugriff auf Ihre Daten haben.
  • Skin Match Tool Wir empfehlen, die Datenschutzrichtlinie von Skin Match Technology Switzerland AG vor der Nutzung dieses Dienstes zu lesen: Link zur Datenschutzrichtlinie.
  • Internationale Datenübermittlungen Falls eine Übermittlung außerhalb des EWR erfolgt, stellen wir sicher, dass entsprechende Schutzmaßnahmen getroffen werden.
  • Aktualisierung der Datenschutzerklärung Diese Datenschutzerklärung kann aktualisiert werden. Die aktuelle Version ist unter envinaturals.com/privacy-policy abrufbar.

Stand: Januar 2025

English Version

Privacy Policy of envi GmbH

  1. Introduction

This privacy policy applies to the collection, processing and use of personal data by envi GmbH (hereinafter referred to as ‘ENVI’) in connection with the use of the envinatrals.com platform (hereinafter referred to as the ‘‘website’ or ‘online shop’). The protection of your personal data is important to us. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy. This statement gives you an overview of what data we collect, how we use it and what rights you have in relation to your personal data.

  1. Responsible body

The controller for the collection, processing and use of your personal data within the meaning of the data protection laws is 

envi GmbH 

Mooslenz 39 

6345 Kössen 

Austria 

E-Mail: contact@envinaturals.com

  1. collection and storage of personal data and the nature and purpose of their use

As a data controller, we process your data when:

  • you visit our website
  • you send us your messages or enquiries via the contact form or by sending us an email
  • you order products from our online shop and we process your order
  • you create a customer account in our online shop
  • you subscribe to our newsletter
  • you leave feedback on products purchased in our shop or the quality of the service of your order

a) When visiting the website

When you visit our website envinaturals.com, the browser used on your device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file. The following information is collected without any action on your part and stored until it is automatically deleted 

– IP address of the requesting computer 

– Date and time of access 

– Name and URL of the retrieved file 

– Website from which the access was made (referrer URL) 

– Browser used and, if applicable, the operating system of your computer and the name of your access provider.  

The aforementioned data is processed by us only for the purpose of administering the website, including:  

– Ensuring a smooth connection to the website 

– Ensuring a comfortable use of our website 

– analysing system security and stability

 These data are not associated with specific visitors to the envinatrals.com platform

The legal basis for data processing is Art. 6 para. 1 lit. f GDPR. Our legitimate interest follows from the data collection purposes listed above. Under no circumstances do we use the data collected for the purpose of drawing conclusions about your person.

b) When using the contact form on our website or sending an email message to us

If you have questions of any kind, we offer you the opportunity to contact us using a form provided on the website or by sending us a message to the email address listed in the „CONTACT” tab on our website. It is necessary to provide a valid e-mail address so that we know who sent the enquiry and can answer it. Further information can be provided voluntarily. Data processing for the purpose of contacting us is carried out in accordance with Art. 6 para. 1 lit. f GDPR on the basis of  our legitimate interest. 

c) When creating a customer account

When you create a customer account, we collect the following personal data 

– First name, surname 

– your address 

– e-mail address 

– telephone number

– Date of birth (optional) 

– User name and password 

 Purpose of data collection: 

– To enable the management of your customer account 

– Simplify future orders 

– Provision of a personalised shopping experience

The legal basis for data processing is Art. 6 para. 1 lit. b GDPR.

d) Ordering as a guest

If you place an order as a guest, we collect the following personal data: 

– First name, surname 

– your address 

– e-mail address 

– Telephone number

 Purpose of data collection: 

– Processing and fulfilment of your order 

– Contacting you in case of questions or problems regarding your order 

– Ensuring the delivery of the ordered products

The legal basis for data processing is Art. 6 para. 1 lit. b GDPR.

e) Signing up and subscribing to our newsletter

When you subscribe to our newsletter, we collect the following personal information:

– First name

– Email address

The purpose of collecting this data is to:

– Deliver newsletters to you

– Send marketing materials about our offerings and special promotions

The legal basis for data processing is Art. 6 para. 1 lit. b GDPR.

f) Leaving opinions about products or service

When you share your opinion about a product you purchased or our service, we collect the following personal information:

– First name

– Email address

– Your opinion

We collect this data for the following purposes:

– To improve product quality and service

– To enhance our marketing efforts

The legal basis for data processing is Art. 6 para. 1 lit. f GDPR.

  1. transfer of data

Your personal data will not be transferred to third parties for purposes other than those listed below. We only pass on your personal data to third parties if: 

– you have given your express consent to this in accordance with Art. 6 para. 1 lit. a GDPR, 

– the disclosure pursuant to Art. 6 para. 1 lit. f GDPR is necessary for the establishment, exercise or defence of legal claims and there is no reason to assume that you have an overriding legitimate interest in the non-disclosure of your data, 

– in the event that there is a legal obligation for the disclosure pursuant to Art. 6 para. 1 lit. c GDPR, and 

– this is legally permissible and necessary for the processing of contractual relationships with you in accordance with Art. 6 para. 1 lit. b GDPR. 

envi GmbH collects and processes your personal data to process your orders and to provide and improve our services. Your data is used in particular for the following purposes 

– Processing your orders and delivering the ordered products 

– Opening and managing your user account 

– Processing your enquiries 

– Sending you advertising, provided you have consented to this

4.1 Forwarding of data to the suppliers

To process your order, we forward the necessary data (e.g. name, address, contact details) to the supplier responsible for delivering your order. Suppliers may pass this data on to their warehouses, logistics partners or shipping service providers.

Suppliers are contractually obliged to comply with applicable EU laws, including the GDPR. For further information on the suppliers’ data protection, please contact the respective supplier directly or visit their website and refer to its privacy policy for more information.

4.2 The processing of your personal data is based on the following legal bases

– Art. 6 para. 1 lit. b GDPR: for the fulfilment of a contract to which you are a party 

– Art. 6 para. 1 lit. c GDPR: for the fulfilment of a legal obligation to which we are subject 

– Art. 6 para. 1 lit. f GDPR: to safeguard our legitimate interests (in the event of a potential claim), provided that your interests or fundamental rights and freedoms do not prevail 

– Art. 6 para. 1 lit. a GDPR: on the basis of your consent

  1. Personal data storage period

We only store your personal data for as long as is necessary to fulfil the above-mentioned purposes or as required by statutory retention periods. After the respective purpose has ceased to apply or these periods have expired, the corresponding data will be routinely deleted.

In particular:  

– When you send us messages or inquiries via the contact form or email, we will retain your information until the end of our correspondence and the statute of limitations for any potential claims 

– When you order products from our online shop, we will keep your information until your order is completed, the statute of limitations for any claims has expired, or the mandatory retention period for sales documents ends 

– When you create a customer account in our online shop, we will retain your information until you choose to delete your account 

– When you subscribe to our newsletter, we will keep your information until you unsubscribe

– When you leave feedback on purchased products or on the quality of our service, we will retain your feedback until you decide to delete your review and until the statute of limitations for any claims has expired

  1. Cookies

We use cookies on our website. These are small files that your browser automatically creates and that are stored on your end device (laptop, tablet, smartphone, etc.) when you visit our website. Cookies do not cause any damage to your end device and do not contain any viruses, Trojans or other malware. 

Information is stored in the cookie that results in each case in connection with the specific end device used. However, this does not mean that we obtain direct knowledge of your identity. 

On the one hand, the use of cookies serves to make the use of our website more convenient for you. For example, we use session cookies to recognise that you have already visited individual pages of our website. These are automatically deleted after you leave our site. 

In addition, we also use temporary cookies to optimise user-friendliness, which are stored on your end device for a specified period of time. If you visit our site again to use our services, it is automatically recognised that you have already visited us and which entries and settings you have made so that you do not have to enter them again. 

On the other hand, we use cookies to statistically record the use of our website and to evaluate it for the purpose of optimising our offer for you. These cookies enable us to automatically recognise that you have already visited our website when you visit it again. These cookies are automatically deleted after a defined period of time. 

The data processed by cookies is required for the purposes mentioned to safeguard our legitimate interests and those of third parties in accordance with Art. 6 para. 1 lit. f GDPR. 

The cookie bar provided on the website provides an up-to-date list of the cookies used on the Website. 

You can give your consent to the use of cookies on your terminal device in the browser settings you are using. You can also do this via the cookie bar on our website. In the same way, you can withdraw your consent or change its scope at any time.

Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or a message always appears before a new cookie is created. However, completely deactivating cookies may mean that you cannot use all the functions of our website.

  1. Analysis and tracking tools

The tracking measures listed below and used by us are carried out on the basis of Art. 6 para. 1 lit. f GDPR. With the tracking measures used, we want to ensure a needs-based design and the continuous optimisation of our website. On the other hand, we use the tracking measures to statistically record the use of our website and to evaluate it for the purpose of optimising our offer for you. These interests are to be regarded as legitimate within the meaning of the aforementioned provision.

We utilize the following tools:

– Google Analytics – employed to analyse the website’s statistics. 

– Facebook Pixel – used to manage and optimize our advertising on Facebook. 

The data collected by these tools is not connected to specific users of the website and is not used to identify any individual user.

  1. Rights of data subjects

You have the right to 

– to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you can request information about the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of appeal to a supervisory authority and the origin of your data if it was not collected by us; 

– in accordance with Art. 16 GDPR, to immediately request the correction of incorrect or complete personal data stored by us 

– in accordance with Art. 17 GDPR, to request the erasure of your personal data stored by us, unless the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims 

– in accordance with Art. 18 GDPR, to demand the restriction of the processing of your personal data if you contest the accuracy of the data, the processing is unlawful but you oppose the erasure of the data and we no longer need the data, but you require it for the establishment, exercise or defence of legal claims or you have objected to processing in accordance with Art. 21 GDPR 

– in accordance with Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request that it be transmitted to another controller 

– in accordance with Art. 77 GDPR, to lodge a complaint with a supervisory authority if you believe that the processing of your personal data violates data protection law.

To exercise your rights, please reach out to us at the following email address: contact@envinaturals.com

  1. Data security

We use the widespread SSL (Secure Socket Layer) method in conjunction with the highest level of encryption supported by your browser when you visit our website. As a rule, this is 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can recognise whether an individual page of our website is transmitted in encrypted form by the closed display of the key or lock symbol in the lower status bar of your browser. 

We also use suitable technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.

  1. Data processing by suppliers

The suppliers on our platform act as independent controllers for the processing of customer data in connection with their orders. They are obliged by the supplier agreement to comply with EU data protection laws. However, we do not accept any liability for violations by suppliers. Please contact the supplier directly if you have specific questions.

  1. Data processing by third parties 

We may use third party providers to assist in the provision of our services, e.g. payment service providers, service providers, email marketing service providers or accountants. These third parties only have access to your personal data to the extent necessary to fulfil their tasks and are obliged to protect your data in accordance with this privacy policy.

  1. Skin Match Tool

Our website provides access to the Skin Match Tool, a third-party service. We recommend reading the privacy policy of Skin Match Technology Switzerland AG before continuing to use the service.

Link to Skin Match Technology Switzerland AG’s privacy policy: https://getskinmatch.com/legal/privacy-policy

  1. International data transfers

If we transfer personal data to a country outside the European Economic Area (EEA), we will ensure that this is done in accordance with data protection laws. We will take appropriate safeguards to ensure that your data is adequately protected there too. This may be through the use of standard contractual clauses or other appropriate measures.

  1. Relevance and updates of this privacy policy

Due to the further development of our website and offers on it or due to changed legal or official requirements, it may become necessary to change this privacy policy. You can access and print out the current privacy policy at any time on the website at envinaturals.com/privacy-policy.

This privacy policy is currently valid and is dated: January 2025

Shopping Cart

All prices incl. VAT.