Last updated on: May 10, 2021
Liability for links
References and links to third party websites are outside our responsibility. Any responsibility for such websites is disclaimed. Access and use of such websites is at the user’s own risk.
What data we collect
Personal data is data that can be used to find out your identity. This includes, for example, your name or email address. However, information that cannot be clearly linked to you, such as the number of visitors to a website, is not considered personal data.
Collection of personal data
We may collect personal data when you interact with and use the Channels. The data that may be collected includes, but is not limited to:
- Your name and postal address, as well as your email addresses and telephone numbers.
- Behavioral and demographic attributes, to the extent they are linked to personal identifiers
- Past transactional behavior on DOKOKI AG’s marketing channels
- Data about your company, such as the name, size and location of your company and your role within the company
Collection of usage data
In order to ensure a high level of security and optimal use of our channels and to optimize their availability, we store selected usage data of visitors when they access the channels. There is no evaluation of this usage data to create personal usage profiles.
Usage data includes, but is not limited to:
- Unique IDs such as a cookie placed on your computer, mobile device or device IDs.
- Internet Protocol (“IP”) address and data derived from your IP address, such as your geographic location
- Information about your devices such as information contained in HTTP Headers (defined below) or other Internet Transfer Protocol signals, browser or device type and version, operating system, user agent identifiers and information about the presence or use of “apps” on your mobile devices, screen resolution and your preferred language
- Behavioral data about your use of the Channels, such as web pages clicked, websites and content areas visited, and the date and time of activities
- The web search you used to locate and navigate to the Channels
Occasionally, we link Usage Data with Personal Data, such as an exact geographic location with your name. If we link usage data to personal data, we treat the linked data as personal data.
How we use and share the data
We use the personal data you share with us for the following purposes:
- Conducting marketing, customized to your needs.
- We use personal data to inform you about new products and services. Your visit to our channels will be customized to your interest according to your personal data. In addition, we may measure the success of our marketing campaigns based on personal data.
- Responding to inquiries
- We use personal data to respond to your inquiries in the most specific way possible to provide the highest possible value in responding to the inquiry.
- Interactions on third party social networks
- Improving relevance on channels
- We may use your personal data to personalize content on the Channels. The focus here is on achieving a higher, personal relevance of the content on the channels.
- Joint sales activities in the DOKOKI network
- We coordinate our sales activities together with our partners in the DOKOKI network. DOKOKI AG receives access to your personal data and information about sales activities. All parties are separately responsible for regulating their personal data collected for joint sales activities. We recommend that you read the privacy policies of these partners to answer any questions you may have about the handling of your personal data.
- Improving products, services and experiences
- We may use your personal information to evaluate and improve our products, services, marketing activities and customer relationships.
- Communicating with you about conferences or events
We or our partners may provide you with information about conferences or events hosted or sponsored by us or one of our partners. In doing so, you may receive information about event topics, logistics, payment, changes and additional meetings, special screenings or other special services we may provide in connection with your event registration.
Except as otherwise provided in applicable law, we may use, transfer and disclose other data that we collect for any purpose. If we are required by applicable law to treat other data as personal data, we will only use and disclose it in the same manner as personal data.
How we collect data
DOKOKI AG’s use of automated interactions may change as technology changes. The following describes in more detail how we currently use data collected during automated interactions.
Electronic communication protocols
When you visit web pages or read HTML e-mails, information is automatically transmitted from you when you connect for technological reasons. This is usually information about network access (where you are accessing from), device (hardware and browser or mail client), your IP address (allows conclusions about geographic location and company), and date and time.
We use standard market techniques such as cookies or tracking pixels (invisible graphics) on our website. They are used to make our website user-friendly, effective and secure. Cookies are small text files that are stored locally in the cache of the website user’s Internet browser and allow the browser in question to be recognized. In addition to so-called session cookies, which are automatically deleted as soon as you log out or close your browser, we also use so-called permanent cookies, for example for the “Stay logged in on this computer” function, which recognize a returning user. Our cookies do not cause any damage to your computer.
You can prevent the installation of cookies by making the appropriate settings in your browser software. Of course, you can delete cookies at any time using the appropriate browser function. If you delete cookies or set your browser to reject cookies, this may affect the function of the website.
Personalized or embedded URLs
We may use personalized or embedded URLs that allow us to identify them even without cookies. When using an obviously personalized or embedded URL, personal data may be collected as you navigate through our website.
Embedded pixels and tracking technologies
We may use embedded pixel technologies in electronic channels that are used to identify individual user visits (as opposed to aggregate visits) or for advertising purposes. Embedded pixels or other technologies may also be used in emails and in online advertising. In this case, they provide information about when an email or ad was opened and how effective marketing campaigns are. The data collected with these technologies can be linked to the recipient’s email address.
Advertising with third parties
Opt-In, Opt-Out and “Do Not Track”.
The privacy of our visitors and customers is very important to us. We have therefore established a strict opt-in policy for mysandy.com and provided a data control center for our visitors. You will find this on the bottom left as a colored gear. There you can set the level of privacy you want and give or withdraw your consent for tracking (opt-in) in various gradations (opt-out).
Google Tag Manager
We use the Google Tag Manager on our website. Through this service, website tags can be managed via an interface. The Google Tag Manager only implements tags. No cookies are set and no personal data is collected. The Google Tag Manager triggers other tags that may collect data. The Google Tag Manager does not access this data. If a deactivation has been made at the domain or cookie level, it remains in place for all tracking tags, insofar as these are implemented with the Google Tag Manager. More information about Google Tag Manager can be found at the following link: https://www.google.de/tagmanager/use-policy.html.
The user has the option to prevent all tags of the Google Tag Manager from being sent. To do this, the user must click on the following opt-out link to place the Google Tag Manager deactivation cookie in their browser.
Web analytics service Google Analytics / Universal Analytics
We use Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses “cookies”, which are text files placed on the user’s computer, to help the website analyze how users use the site. The information generated by the cookie about the use of this website is usually transmitted to a Google server in the USA and stored there. In the event that IP anonymization is activated on this website, however, Google will truncate the user’s IP address beforehand within member states of the European Union or in other contracting states to the Agreement on the European Economic Area.
Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by the user’s browser as part of Google Analytics will not be merged with other data from Google. The user can prevent the storage of cookies by making the appropriate setting in the browser software. However, we would like to point out that in this case not all functions of this website can be used to their full extent.
The user can also prevent the collection of data generated by the cookie and related to the use of the website (including your IP address) to Google, as well as the processing of this data by Google, by downloading and installing the following link in the browser plug-in:
We would like to point out that this website uses Google Analytics with the extension “_anonymizeIp()” and therefore IP addresses are only processed in abbreviated form in order to exclude direct personal reference.
We use Hotjar to better understand the needs of our users and to optimize the offering and experience on this website. Using Hotjar’s technology, we get a better understanding of our users’ experiences (e.g., how much time users spend on which pages, which links they click, what they like and don’t like, etc.), and this helps us tailor our offerings to our users’ feedback. Hotjar works with cookies and other technologies to collect data about our users’ behavior and about their devices, in particular IP address of the device (collected and stored only in anonymized form during your website use), screen size, device type (Unique Device Identifiers), information about the browser used, location (country only), language preferred to view our website. Hotjar stores this information on our behalf in a pseudonymized user profile. Hotjar is contractually prohibited from selling the data collected on our behalf.
For more information, please see the ‘about Hotjar’ section on Hotjar’s help page.
Google Ads – Conversion Tracking
We use the online advertising program “Google AdWords” on our channels and conversion tracking as part of Google AdWords. The cookie for conversion tracking is set when a user clicks on an ad placed by Google. Cookies are small text files that are stored on your computer system. These cookies lose their validity after 30 days and are not used for personal identification. If the user visits pages of this website and the cookie has not yet expired, Google and we can recognize that the user clicked on the ad and was redirected to this page. Each Google AdWords user receives a different cookie. Cookies can therefore not be tracked across AdWords users’ websites.
The information obtained using the conversion cookie is used to create conversion statistics for AdWords users who have opted in to conversion tracking. We learn the total number of users who clicked on the ad and were redirected to a page tagged with a conversion tracking tag. However, we do not receive information that personally identifies users. If the user does not wish to participate in the tracking, he can object to this use by deactivating the Google conversion tracking cookie via the internet browser under user settings. The user will subsequently not be included in the conversion tracking statistics.
Facebook conversion pixel
If the user has given his or her express consent by clicking a button provided for this purpose, we use the “Facebook pixel” of Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”) within our website. This allows the behavior of users to be tracked after they have seen or clicked on a Facebook ad. This procedure is used to evaluate the effectiveness of Facebook ads for statistical and market research purposes and can help to optimize future advertising measures.
The data collected is anonymous for us, so it does not offer any conclusions about the identity of the users. However, the data is stored and processed by Facebook, so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes, in accordance with the Facebook Data Use Policy (https://www.facebook.com/about/privacy/). The user can enable Facebook as well as its partners to place advertisements on and outside of Facebook. It may further store a cookie on his computer for these purposes.
TikTok – Conversion Pixel
If the user has given his or her express consent by clicking a button provided accordingly for this purpose, we use the “TikTok pixel” TikTok Inc. with headquarters at 10100 Venice Blvd, Culver City, CA 90232, USA (“TikTok”) within our website. This allows us to track the behavior of users after they have seen or clicked on a TikTok advertisement. This process is used to evaluate the effectiveness of TikTok ads for statistical and market research purposes and may help optimize future advertising efforts.
The TikTok video platform is operated exclusively by TikTok Inc. with headquarters at 10100 Venice Blvd, Culver City, CA 90232, USA. We therefore advise you that you use TikTok and its functions on your own responsibility. In what way TikTok uses the data for its own purposes, to what extent activities on TikTok are assigned to individual users, how long TikTok stores this data and whether data from a visit to TikTok is passed on to third parties is not conclusively and clearly stated by TikTok and is not known to us. TikTok’s privacy notice can be found here: https://www.tiktok.com/legal/privacy-policy?lang=de.
Use of the video platform TikTok
Demographic Data, Statistical Data
In order to evaluate user behavior, TikTok collects personal data. TikTok provides a certain part of this data to us in anonymized, aggregated form. Among other things, we receive evaluations of the number of new followers, demographic data such as gender, country and age, without any reference to identifiable persons. We use this data for the analysis of user behavior, so that we can better align our profile and our offer to your needs and interests. We cannot identify any visitor to our TikTok profile from this data.
The legal basis for this data processing is Art. 6 para. 1 lit. b DSGVO (processing of data for the performance of a contract or pre-contractual measures) and Art. 6 para. 1 lit. f DSGVO (processing of data to protect the legitimate interests of the controller). The processing serves our legitimate interest of the statistical recording of the use of our offer on TikTok, the performance of data analyses and the purpose of optimizing our offer.
Receivers, third countries
In the following, we would like to inform you about the rights you have as a data subject according to Art. 15-21 of the GDPR and Art. 77 (1) of the GDPR
Please contact us to exercise your rights by e-mail or letter to:
For privacy-related issues concerning TikTok Inc. please contact TikTok at email@example.com.
Right of access:
In accordance with Art. 15 DSGVO, you have the right to receive information about data processing and a copy of the processed data. Under your TikTok profile settings (privacy and security / personalization of data), you have the option to download a copy of your – under TikTok – stored information.
Right of rectification:
In accordance with Art. 16 DSGVO, you have the right to request that we correct or complete your personal data. Under your TikTok profile settings (Manage My Account) as well as in your profile (Edit Profile) you have the possibility to correct your – under TikTok – stored data.
Right to erasure:
In accordance with Article 17 (1) DSGVO, you have the right to request that we delete your personal data. If we have published your personal data, you also have the right, in accordance with Article 17(2) of the GDPR, to request that we inform other data controllers of your request for the erasure of all links to and/or copies or replications of your personal data. Via your TikTok profile settings (Manage My Account), there is the possibility to have your – under TikTok – account deleted.
Right to restriction of processing:
In accordance with Article 18 of the GDPR, you have the right to request that we restrict the processing of your personal data. Regarding the data stored by TikTok, please contact TikTok at firstname.lastname@example.org.
Right to data portability:
Pursuant to Article 20 of the GDPR, you have the right to obtain the personal data about you that you have provided to us in a structured, commonly used and machine-readable format and to request that such data be transferred to another controller. TikTok offers you under your TikTok profile settings (privacy and security / personalization of data) the possibility to have your – under TikTok – stored data transferred.
Right of objection:
In accordance with Art. 21 DSGVO, you have the right to object to the processing of your personal data by us. Since we do not process your data for advertising purposes, this requires a reason based on your particular situation. In the event of an objection, we will no longer process your personal data to which the objection relates from the time we receive it during the review that then follows and will delete it after the review has been completed – in the event of a justified objection (Art. 21 DSGVO, § 36 BDSG).
Complaint with supervisory authorities:
In accordance with Art. 77 (1) DSGVO, you have the right to lodge a complaint with a supervisory authority against the processing of your personal data by us, insofar as you are of the opinion that the processing of your personal data violates data protection provisions.
The Trusted Shops trust badge is integrated on this website to display our Trusted Shops seal of approval and any ratings collected, as well as to offer Trusted Shops products to buyers after they have placed an order.This serves to protect our legitimate interests in an optimal marketing by enabling a safe purchase in accordance with Art. 6 para. 1 p. 1 lit. f DSGVO, which prevail in the context of a balancing of interests. The trust badge and the services advertised with it are an offer of Trusted Shops GmbH, Subbelrather Str. 15C, 50823 Cologne. The Trustbadge is provided by a CDN provider (Content-Delivery-Network) as part of an order processing. Trusted Shops GmbH also uses service providers from the USA. An appropriate level of data protection is ensured. Further information on the data protection of Trusted Shops GmbH can be found here: https://www.trustedshops.de/impressum/#datenschutz.
When the Trustbadge is called up, the web server automatically saves a so-called server log file, which also contains your IP address, the date and time of the call-up, the amount of data transferred and the requesting provider (access data) and documents the call-up. Individual access data are stored in a security database for the analysis of security anomalies. The log files are automatically deleted no later than 90 days after creation.
Further personal data is transferred to Trusted Shops GmbH if you decide to use Trusted Shops products after completing an order or if you have already registered to use them. The contractual agreement between you and Trusted Shops applies. For this purpose, personal data is automatically collected from the order data. Whether you as a buyer is already registered for product use is checked automatically using a neutral parameter, the e-mail address hashed by cryptological one-way function. The e-mail address is converted into this hash value, which cannot be decrypted by Trusted Shops, before it is transmitted. After checking for a match, the parameter is automatically deleted.
Information and data correction / deletion of data
Upon request, we will inform you at any time about the data we have stored about you. If, despite our efforts to ensure that your data is correct, complete and up to date, we have stored incorrect information, we will correct this immediately at your request. You can reach our data protection officer with a description of your request at email@example.com.
Retention and deletion
The criterion for the duration of storage of personal data is the respective statutory retention period. After expiry of the period, the corresponding data is routinely deleted, provided that it is no longer required for the fulfillment or initiation of the contract.
Security through technical and organizational measures
In accordance with Art. 32 (1) EU-DSGVO, we use technical and organizational measures for security in the processing of data in order to protect personal data against accidental or intentional manipulation, loss, destruction or access by unauthorized persons. The security measures in use are regularly reviewed and improved in line with technological developments.
Protection of minors
Persons who have not yet reached the age of 16 may not transmit personal information to us without the consent of their legal guardians. Personal information may only be provided to us by persons who have not yet reached the age of 16 if the express consent of their legal guardians has been obtained or if the persons have reached the age of 16 or are older. This data will be processed in accordance with these guidelines.
If we process data in a third country (i.e. outside Switzerland and the European Union (EU) or one with adequacy status as a safe third country on the part of the EU) or if this occurs in the context of using third-party services or disclosing, or transferring data to third parties, this will only occur if it is done in order to fulfill our (pre)contractual obligations, on the basis of your consent, due to a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual permissions, we process or allow the processing of data in a third country only if the special requirements of Art. 44 et seq. DSGVO are met. This means that the processing is carried out, for example, on the basis of special guarantees, such as the officially recognized determination of a level of data protection that corresponds to the EU (e.g. for the USA by the “Privacy Shield”) or compliance with officially recognized special contractual obligations (so-called “standard contractual clauses”).
We ask that you do not send or share any sensitive personal information (e.g., social security numbers, racial or ethnic information, political opinions, religious or other beliefs, health, criminal history, or union membership) with us.
Our Privacy Officer can be reached at firstname.lastname@example.org
3324 Hindelbank BE
Hosting and Content Delivery Networks (CDN)
This website is hosted by an external service provider (hoster). The personal data collected on this website is stored on the hoster’s servers. This may include, but is not limited to, IP addresses, contact requests, meta and communication data, contract data, contact details, names, website accesses and other data generated via a website.
The hoster is used for the purpose of fulfilling contracts with our potential and existing customers (Art. 6 para. 1 lit. b DSGVO) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 para. 1 lit. f DSGVO).
Our hoster will only process your data to the extent necessary to fulfill its service obligations and follow our instructions regarding this data.
Conclusion of a contract for commissioned processing
To ensure data protection-compliant processing, we have concluded an order processing contract with our hoster.
DOKOKI AG reserves the right to reuse the e-mail address and telephone number provided with the order for its own marketing purposes (newsletter & other). By sending a personal e-mail to hello(at)mysandy.com you can opt out of this.
If you would like to receive the newsletter offered on the website, we require an email address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. Further data is not collected or only on a voluntary basis. We use this data exclusively for sending the requested information and do not pass it on to third parties.
The processing of the data entered in the newsletter registration form is based exclusively on your consent (Art. 6 para. 1 lit. a DSGVO). You can revoke your consent to the storage of the data, the email address and their use for sending the newsletter at any time, for example via the “unsubscribe” link in the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation.
The data you provide for the purpose of receiving the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted after you unsubscribe from the newsletter. Data that has been stored by us for other purposes remains unaffected by this.
Plugins und Tools
YouTube with enhanced data protection
Our website uses plugins from the website YouTube. The operator of the pages is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA.
We use YouTube in extended data protection mode. According to YouTube, this mode means that YouTube does not store any information about visitors to this website before they watch the video. However, the transfer of data to YouTube partners is not necessarily excluded by the extended data protection mode. Thus, YouTube – regardless of whether you watch a video – establishes a connection to the Google DoubleClick network.
As soon as you start a YouTube video on our website, a connection to YouTube’s servers is established. This tells the YouTube server which of our pages you have visited. If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.
Furthermore, YouTube can save various cookies on your end device after starting a video. With the help of these cookies, YouTube can obtain information about visitors to our website. This information is used, among other things, to collect video statistics, improve the user experience and prevent fraud attempts. Cookies remain on your terminal device until you delete them.
If necessary, further data processing operations may be triggered after the start of a YouTube video, over which we have no control.
YouTube is used in the interest of an appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 (1) lit. f DSGVO.
Google Web Fonts
This site uses so-called web fonts provided by Google for the uniform display of fonts. The Google Fonts are installed locally. A connection to Google servers does not take place.
This site uses the map service Google Maps via an API. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
To use the functions of Google Maps, it is necessary to store your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transmission.
The use of Google Maps is in the interest of an appealing presentation of our online offers and an easy location of the places indicated by us on the website. This represents a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO.