Privacy policy

Last updated on: May 10, 2021
This Privacy Policy (the "Policy") describes our policies regarding the collection, use and disclosure of personal information on our various marketing activities (website mysandy.com, offline activities, social media, email messages in HTML format, collectively "Channels").

Liability for links

References and links to third-party websites are outside our area of responsibility. We decline all responsibility for such websites. Access to and use of such websites is at the user's own risk.

What data we collect

Personal data means data that can be used to find out your identity. This includes, for example, your name or your e-mail address. However, information that cannot be clearly linked to you, such as the number of visitors to a website, is not personal data.
Collection of personal data
. We may collect personal data when you interact with and use the Channels. The data that may be collected includes, but is not limited to:
.
  • Your name and physical address and email addresses and telephone numbers
  • .
  • Behavioural and demographic attributes where these are linked to personal identifiers
  • .
  • Past transactional behaviour on DOKOKI AG's marketing channels
  • .
  • Data about your company such as the name, size and location of your company and your role within the company
  • .
Collection of usage data
. In order to ensure a high level of security and optimal use of our channels and to be able to optimise their availability, we store selected usage data of visitors when they access the channels. There is no evaluation of this usage data to create personal usage profiles.

Usage data includes, but is not limited to:
  • Unique IDs such as a cookie placed on your computer, mobile device or device IDs
  • .
  • Internet Protocol ("IP") address and data derived from your IP address, such as your geographic location
  • .
  • Information about your devices such as information contained in HTTP Headers (defined below) or other Internet Transfer Protocol signals, browser or device type and version, operating system, user agent identifiers and information about the presence or use of "apps" on your mobile devices, screen resolution and your preferred language
  • .
  • Behavioural data about your use of the Channels, such as web pages clicked, websites and content areas visited, and date and time of activity
  • .
  • The web search you used to locate and navigate to the Channels
  • .
Occasionally, we link Usage Data with Personal Data, such as an exact geographic location with your name. If we link usage data to personal data, we treat the linked data as personal data.

How we use and share the data

Personal Data. We use the personal data you share with us for the following purposes:
  • To carry out marketing, tailored to your needs - We use personal data to inform you about new products and services. Your visit to our channels will be tailored to your interest according to your personal data. In addition, we may measure the success of our marketing campaigns based on personal data.
  • .
  • Responding to enquiries - We use personal data to be able to respond to your enquiries as specifically as possible and thus create the highest possible added value in responding to the enquiry.
  • Interactions on third party social networks - We may use personal data to communicate with you on third party social networks. These interactions are subject to the privacy policies and terms of use of the relevant network.
  • Improving relevance on channels - We may use your personal data to personalise content on channels. This focuses on achieving greater, personalised relevance of content on the Channels.
  • Joint sales activities in the DOKOKI network - We coordinate our sales activities jointly with our partners in the DOKOKI network. DOKOKI AG receives access to your personal data and information about sales activities. All parties are separately responsible for regulating their personal data collected for joint sales activities. We recommend that you read the privacy policies of these partners to answer any questions you may have about how your personal data is handled.
  • Improving products, services and experiences - We may use your personal information to evaluate and improve our products, services, marketing activities and customer relationships.
  • Communicating with you about conferences or events - We or our partners may inform you about conferences or events hosted or supported by us or one of our partners. In doing so, you may receive information about event topics, logistics, payment, changes and additional meetings, special screenings or other special services we may provide in connection with your event registration.
  • .
Use Data
. Except as otherwise provided in applicable law, we may use, transfer and disclose other information we collect for any purpose. If we are required by applicable law to treat other data as personal data, we will only use and disclose it in the same way as personal data.

Bonus check for purchase on account
If we make advance payments, e.g. in the case of a purchase on account, we may obtain creditworthiness information from a credit agency on the basis of mathematical-statistical procedures in order to protect our legitimate interests. For this purpose, we transmit the personal data required for a credit check to the credit agency Intrum AG, Eschenstrasse 12, 8603 Schwerzenbach or similar providers and use the information received about the statistical probability of a payment default for a weighed decision about the establishment, implementation or termination of the contractual relationship. The creditworthiness information may contain probability values (score values) which have been calculated on the basis of scientifically recognised mathematical-statistical procedures and in the calculation of which, among other things, address data are included. Your interests worthy of protection are taken into account in accordance with the legal provisions. Our legitimate interest in data processing within the meaning of Art. 6 para. 1 lit. f EU-DSGVO lies in the purposes described above.

How we capture data

DOKOKI AG's use of automated interactions may change as technology changes. The following describes in more detail how we currently use data collected during automated interactions.

Electronic communication protocols
. When you visit web pages or read HTML emails, information is automatically transmitted from you when you connect for technological reasons. This is usually information about network access (from where you are accessing), the device (hardware and browser or mail client), your IP address (allows conclusions to be drawn about geographical location and company) as well as date and time.

Cookies
We use standard market techniques such as cookies or tracking pixels (invisible graphics) on our website. They are used to make our website user-friendly, effective and secure. Cookies are small text files that are stored locally in the cache of the website user's internet browser and allow the browser in question to be recognised. In addition to so-called session cookies, which are automatically deleted as soon as you log out or close your browser, we also use so-called permanent cookies, for example for the "Stay logged in on this computer" function, which recognise a returning user. Our cookies do not cause any damage to your computer.
You can prevent the installation of cookies by setting your browser software accordingly. Of course, you can delete cookies at any time using the corresponding browser function. If you delete cookies or set your browser to reject cookies, this may affect the function of the website.

Personalised or embedded URLs
. We may use personalised or embedded URLs that allow us to identify them without cookies. When using an obviously personalised or embedded URL, personal information may be collected as you navigate through our website.

Embedded pixels and tracking technologies
. We may use embedded pixel technologies in the Electronic Channels that are used to identify individual user visits (as opposed to aggregate visits) or for advertising purposes. Embedded pixels or other technologies may also be used in emails and in online advertising. In this case, they provide information about when an email or advertisement was opened and how effective marketing campaigns are. The data collected with these technologies can be linked to the recipient's email address.

Advertising with third parties

Opt-In, Opt-out and "Do Not Track"
. The privacy of our visitors and customers is very important to us. We have therefore established a strict opt-in policy for mysandy.com and provided a data control centre for our visitors. You will find this at the bottom left as a coloured cogwheel. Here you can set the level of privacy you want and give or withdraw your consent for tracking (opt-in) in various gradations (opt-out).

Google Tag Manager
We use the Google Tag Manager on our website. This service allows website tags to be managed via an interface. The Google Tag Manager only implements tags. No cookies are set and no personal data is collected. The Google Tag Manager triggers other tags that may collect data. The Google Tag Manager does not access this data. If a deactivation has been made at domain or cookie level, it remains in place for all tracking tags, insofar as these are implemented with the Google Tag Manager. More information on the Google Tag Manager can be found at the following link: https://www.google.de/tagmanager/use-policy.html

The user has the option to prevent all tags of the Google Tag Manager from being sent. To do this, the user must click on the opt-out link below to place the Google Tag Manager deactivation cookie in their browser.

Web analytics service Google Analytics / Universal Analytics
We use Google Analytics, a web analytics service provided by Google, Inc. ("Google"). Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyse how users use the site. The information generated by the cookie about the use of this website is usually transmitted to a Google server in the USA and stored there. In the event that IP anonymisation is activated on this website, however, Google will truncate the user's IP address beforehand within Member States of the European Union or in other contracting states to the Agreement on the European Economic Area.
. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by the user's browser as part of Google Analytics will not be merged with other Google data. The user can prevent the storage of cookies by making the appropriate setting in the browser software. However, we would like to point out that in this case not all functions of this website can be used to their full extent. The user can also prevent the collection of data generated by the cookie and related to the use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the following link in the browser plug-in: Link: https://tools.google.com/dlpage/gaoptout?hl=de
We would like to point out that this website uses Google Analytics with the extension "_anonymizeIp()" and therefore IP addresses are only processed in abbreviated form in order to exclude direct personal reference.

Hotjar
We use Hotjar to better understand the needs of our users and to optimise the offering and experience on this website. Using Hotjar's technology, we get a better understanding of our users' experiences (e.g. how much time users spend on which pages, which links they click on, what they like and don't like etc.) and this helps us to tailor our offering to our users' feedback. Hotjar uses cookies and other technologies to collect data about the behaviour of our users and their devices, in particular the IP address of the device (only collected and stored anonymously during your use of the website), screen size, device type (unique device identifiers), information about the browser used, location (country only), preferred language for viewing our website. Hotjar stores this information on our behalf in a pseudonymised user profile. Hotjar is contractually prohibited from selling the data collected on our behalf.
For more information, please see the 'about Hotjar' section on Hotjar's help page.

Google Ads - Conversion Tracking
We use the online advertising programme "Google AdWords" on our channels and conversion tracking as part of Google AdWords. The conversion tracking cookie is set when a user clicks on an ad placed by Google. Cookies are small text files that are stored on your computer system. These cookies lose their validity after 30 days and are not used for personal identification. If the user visits pages on this website and the cookie has not yet expired, Google and we will be able to recognise that the user has clicked on the ad and been redirected to this page. Each Google AdWords user receives a different cookie. Cookies cannot therefore be tracked across AdWords users' websites.
The information collected using the conversion cookie is used to create conversion statistics for AdWords users who have opted in to conversion tracking. We learn the total number of users who clicked on the ad and were redirected to a page tagged with a conversion tracking tag. However, we do not receive any information that personally identifies users. If the user does not wish to participate in the tracking, he or she can object to this use by deactivating the Google conversion tracking cookie via the internet browser under user settings. The user will subsequently not be included in the conversion tracking statistics.
Further information on Google's privacy policy: https://www.google.de/policies/privacy/

Facebook conversion pixel
. If the user has given his or her express consent by clicking a button provided for this purpose, we use the "Facebook pixel" of Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA ("Facebook") within our website. This makes it possible to track the behaviour of users after they have seen or clicked on a Facebook advertisement. This process is used to evaluate the effectiveness of Facebook ads for statistical and market research purposes and may help optimise future advertising efforts.
. The data collected is anonymous for us, so it does not offer any conclusions about the identity of the users. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes, in accordance with the Facebook data usage policy (https://www.facebook.com/about/privacy/). The user may allow Facebook and its partners to serve ads on and off Facebook. It may also store a cookie on his or her computer for these purposes.
Consent to the use of the Facebook Pixel may only be given by users who are older than 13 years of age. Younger users must ask their legal guardians for permission. In order to object to the use of cookies on the computer in general, the internet browser can be set in such a way that no more cookies can be placed on the computer in the future or that cookies that have already been placed are deleted. However, switching off all cookies may mean that some functions on our channels can no longer be carried out. The user can also deactivate the use of cookies by third-party providers such as Facebook on the following website of the Digital Advertising Alliance: https://www.aboutads.info/choices/
.
TikTok - Conversion Pixel
. If the user has given their express consent by clicking a button provided for this purpose, we use the "TikTok pixel" TikTok Inc. with headquarters at 10100 Venice Blvd, Culver City, CA 90232, USA ("TikTok") within our website. This allows the behaviour of users to be tracked after they have seen or clicked on a TikTok advertisement. This process is used to evaluate the effectiveness of TikTok ads for statistical and market research purposes and may help to optimise future advertising efforts.

. The video platform TikTok is operated exclusively by TikTok Inc. with its registered office at 10100 Venice Blvd, Culver City, CA 90232, USA. We therefore advise you that you use TikTok and its functions on your own responsibility. In what way TikTok uses the data for its own purposes, to what extent activities on TikTok are assigned to individual users, how long TikTok stores this data and whether data from a visit to TikTok is passed on to third parties is not conclusively and clearly stated by TikTok and is not known to us. You can find TikTok's privacy notice here: https://www.tiktok.com/legal/privacy-policy?lang=de.

Data processing
Use of the video platform TikTok
TikTok Inc. with its registered office at 10100 Venice Blvd, Culver City, CA 90232, USA is solely responsible for the processing of your data when using the video platform TikTok, including its various functions. We have no control over the collection of data by TikTok or over the data processing operations that exist at TikTok. The privacy policy of TikTok can be found here: https://www.tiktok.com/legal/privacy-policy?lang=de

. Demographic data, statistical data
In order to evaluate user behaviour, TikTok collects personal data. TikTok makes a certain part of this data available to us in anonymised, aggregated form. Among other things, we receive evaluations of the number of new followers, demographic data such as gender, country and age, without any reference to identifiable persons. We use this data to analyse user behaviour so that we can better tailor our profile and our services to your needs and interests. We cannot identify any visitor to our TikTok profile from this data. The legal basis for this data processing is Art. 6 para. 1 lit. b DSGVO (processing of data for the performance of a contract or pre-contractual measures) and Art. 6 para. 1 lit. f DSGVO (processing of data to protect the legitimate interests of the controller). The processing serves our legitimate interest in the statistical recording of the use of our offer on TikTok, the performance of data analyses and the purpose of optimising our offer.

. Recipients, third countries
All data is transferred to TikTok Inc. TikTok may transfer the data to recipients and countries outside the European Union. TikTok describes these recipients in its privacy policy, see https://www.tiktok.com/legal/privacy-policy?lang=de

. Save/Delete
The processing and storage of your data takes place - on the video platform TikTok. We do not process your data in any other systems. In accordance with the TikTok privacy policy, your data will generally be stored for the period of time that your account is on the platform, see https://www.tiktok.com/legal/privacy-policy?lang=de.

Your rights
Below we would like to inform you about the rights you have as a data subject under Articles 15-21 of the GDPR and Article 77(1) of the GDPR.
To exercise your rights, please contact:
by e-mail or letter. DOKOKI AG
Krauchthalstrasse 2
CH-3324 Hindelbank
hello@mysandy.com
For privacy-related issues involving TikTok Inc. please contact TikTok at privacy@tiktok.com.

Right of access:
In accordance with Article 15 of the GDPR, you have the right to obtain information about data processing and a copy of the data processed. Under your TikTok profile settings (privacy and security / personalisation of data) you have the possibility to download a copy of your - under TikTok - stored information.

. Right of rectification:
In accordance with Art. 16 DSGVO, you have the right to request us to correct or complete your personal data. Under your TikTok profile settings (Manage my account) as well as in your profile (Edit profile) you have the possibility to correct your - under TikTok - stored data.

. Right to deletion:
In accordance with Art. 17 (1) DSGVO, you have the right to demand that we delete your personal data. If we have published your personal data, you also have the right, in accordance with Article 17(2) of the GDPR, to request that we inform other data controllers of your request to delete all links to and/or copies or replications of your personal data. Via your TikTok profile settings (Manage My Account), there is the possibility to have your - under TikTok - account deleted.

. Right to restriction of processing:
In accordance with Art. 18 DSGVO, you have the right to request us to restrict the processing of your personal data. Regarding the data stored by TikTok, please contact TikTok at privacy@tiktok.com.

Right to data portability:
In accordance with Article 20 of the GDPR, you have the right to obtain the personal data you have provided to us about yourself in a structured, commonly used and machine-readable format and to request that this data be transferred to another controller. TikTok offers you the possibility under your TikTok profile settings (privacy and security / personalisation of data) to have your data - stored under TikTok - transferred.

. Right of objection:
In accordance with Art. 21 DSGVO, you have the right to object to the processing of your personal data by us. As we do not process your data for advertising purposes, this requires a reason based on your particular situation. In the event of an objection, we will no longer process your personal data to which the objection relates from the time of receipt during the review that then follows and will delete it after the review has been completed - in the event of a justified objection (Art. 21 DSGVO, § 36 BDSG).

Complaints to supervisory authorities:
In accordance with Art. 77 (1) DSGVO, you have the right to lodge a complaint with a supervisory authority against the processing of your personal data by us, insofar as you are of the opinion that the processing of your personal data violates data protection provisions.

Trusted Shop

To display our Trusted Shops seal of approval and any reviews collected, as well as to offer Trusted Shops products to buyers after they have placed an order, the Trusted Shops Trustbadge is integrated on this website.
.
This serves to protect our legitimate interests in optimal marketing by enabling secure shopping in accordance with Art. 6 para. 1 p. 1 lit. f DSGVO, which prevail in the context of a balancing of interests. The trust badge and the services advertised with it are an offer of Trusted Shops GmbH, Subbelrather Str. 15C, 50823 Cologne. The Trustbadge is provided by a CDN provider (Content Delivery Network) within the framework of order processing. Trusted Shops GmbH also uses service providers from the USA. An appropriate level of data protection is ensured. Further information on the data protection of Trusted Shops GmbH can be found here: https://www.trustedshops.de/impressum/#datenschutz

When the Trustbadge is called up, the web server automatically saves a so-called server log file, which also contains your IP address, the date and time of the call-up, the amount of data transferred and the requesting provider (access data) and documents the call-up. Individual access data are stored in a security database for the analysis of security anomalies. The log files are automatically deleted no later than 90 days after creation.

Further personal data is transferred to Trusted Shops GmbH if you decide to use Trusted Shops products after completing an order or if you have already registered to use them. The contractual agreement between you and Trusted Shops applies. For this purpose, personal data is automatically collected from the order data. Whether you as a buyer are already registered for product use is automatically checked using a neutral parameter, the email address hashed by cryptological one-way function. The e-mail address is converted into this hash value, which cannot be decrypted by Trusted Shops, before it is transmitted. After checking for a match, the parameter is automatically deleted.

This is necessary for the fulfilment of our and Trusted Shops' overriding legitimate interests in the provision of the buyer protection linked to the specific order in each case and the transactional evaluation services pursuant to Art. 6 para. 1 p. 1 lit. f DSGVO. Further details, including the objection, can be found in the Trusted Shops privacy policy linked above and in the Trustbadge.

Information and data correction / deletion of data

Upon request, we will inform you at any time which data we have stored about you. If, despite our efforts to ensure that your data is correct, complete and up-to-date, we have stored incorrect information, we will correct this immediately at your request. You can reach our data protection officer with a description of your request at info@dokoki.com.

Retention and deletion

The criterion for the duration of the storage of personal data is the respective statutory retention period. After expiry of the period, the corresponding data is routinely deleted if it is no longer required for the fulfilment or initiation of the contract.

Security through technical and organisational measures

In accordance with Art. 32 Para. 1 EU-DSGVO, we use technical and organisational measures for the security of data processing in order to protect personal data from accidental or intentional manipulation, loss, destruction or access by unauthorised persons. The security measures in use are regularly reviewed and improved in line with technological developments.

Protection of minors

Persons who have not yet reached the age of 16 may not provide us with personal information without the consent of their legal guardians. Personal information may only be provided to us by persons who have not yet reached the age of 16 if the express consent of their legal guardians has been obtained or if the persons have reached the age of 16 or are older. This data will be processed in accordance with these guidelines.

International transfer

If we process data in a third country (i.e. outside Switzerland and the European Union (EU) or a third country with the EU's safe third country adequacy status) or if we do so in the context of using third-party services or disclosing or transferring data to third parties, this will only be done if it is done to fulfil our (pre-)contractual obligations, on the basis of your consent, on the basis of a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual permissions, we only process or allow the processing of data in a third country if the special requirements of Art. 44 ff. DSGVO are met. This means that the processing is carried out, for example, on the basis of special guarantees, such as the officially recognised determination of a level of data protection corresponding to that of the EU (e.g. for the USA through the "Privacy Shield") or compliance with officially recognised special contractual obligations (so-called "standard contractual clauses").

Confidential data

We ask that you do not send or share any sensitive personal information (e.g. national insurance numbers, racial or ethnic information, political opinions, religious or other beliefs, health, criminal history or trade union membership) with us.

Contact

Our data protection officer can be contacted at info@dokoki.com

DOKOKI AG
Krauchthalsrasse 2
3324 Hindelbank
Switzerland

Hosting und Content Delivery Networks (CDN)

his website is hosted by an external service provider (hoster). The personal data collected on this website is stored on the hoster's servers. This may include, but is not limited to, IP addresses, contact requests, meta and communication data, contractual data, contact details, names, website accesses and other data generated via a website.
The hoster is used for the purpose of contract fulfilment vis-à-vis our potential and existing customers (Art. 6 para. 1 lit. b DSGVO) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 para. 1 lit. f DSGVO).

Our hoster will only process your data insofar as this is necessary for the fulfilment of its service obligations and will follow our instructions with regard to this data.

Conclusion of a contract on commissioned processing

In order to ensure data protection-compliant processing, we have concluded an order processing contract with our hoster.

E-Mail

DOKOKI AG reserves the right to re-use the e-mail address and telephone number provided when ordering for its own marketing purposes (newsletter & more). By sending a personal e-mail to hello(at)mysandy.com, you can opt out of this.

Newsletter data
. If you would like to receive the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. No further data is collected or only on a voluntary basis. We use this data exclusively for sending the requested information and do not pass it on to third parties.

The processing of the data entered in the newsletter registration form is based exclusively on your consent (Art. 6 para. 1 lit. a DSGVO). You can revoke your consent to the storage of the data, the e-mail address and their use for sending the newsletter at any time, for example via the "unsubscribe" link in the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation.

The data you provide us with for the purpose of receiving the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted after you unsubscribe from the newsletter. Data that has been stored by us for other purposes remains unaffected by this.

Plugins and tools

YouTube with enhanced privacy
. Our website uses plugins from the website YouTube. The operator of the pages is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA.

We use YouTube in extended data protection mode. According to YouTube, this mode means that YouTube does not store any information about visitors to this website before they watch the video. However, the transfer of data to YouTube partners is not necessarily excluded by the extended data protection mode. Thus, YouTube - regardless of whether you watch a video - establishes a connection to the Google DoubleClick network.

As soon as you start a YouTube video on our website, a connection to YouTube's servers is established. This tells the YouTube server which of our pages you have visited. If you are logged into your YouTube account, you enable YouTube to assign your surfing behaviour directly to your personal profile. You can prevent this by logging out of your YouTube account.

Furthermore, YouTube can save various cookies on your end device after starting a video. With the help of these cookies, YouTube can obtain information about visitors to our website. This information is used, among other things, to collect video statistics, improve the user experience and prevent fraud attempts. The cookies remain on your terminal device until you delete them.

If applicable, further data processing operations may be triggered after the start of a YouTube video, over which we have no control.

YouTube is used in the interest of an appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO.

For further information on data protection at YouTube, please refer to their privacy policy at: https://policies.google.com/privacy?hl=de.

Google Web Fonts
This site uses so-called web fonts provided by Google for the uniform display of fonts. The Google Fonts are installed locally. A connection to Google servers does not take place.
Google Maps
This site uses the map service Google Maps via an API. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
To use the functions of Google Maps, it is necessary to store your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transmission. Google Maps is used in the interest of an appealing presentation of our online offers and to make it easy to find the places we indicate on the website. This constitutes a legitimate interest within the meaning of Art. 6 Para. 1 lit. f DSGVO. More information on the handling of user data can be found in Google's privacy policy: https://policies.google.com/privacy?hl=de.