Privacy policy
Privacy policy for the use of our website
1. Person responsible for data processing (hereinafter: “we”)
FEMALIGN UG (limited liability)
Sudbrackstraße 12
33611 Bielefeld
E-mail: info@femalign.de
Phone: +49 157 51110328
Further details about us can be found in our imprint.
2. Personal data, purposes of processing and legal basis
It is generally possible to use our website without having to provide personal data. The provision of personal data is voluntary.
Personal data is any information relating to an identified or identifiable natural person (hereinafter “data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the identity of that natural person.
The purpose of processing data is to operate this website with information about our range of services, including contact options and online application options.
Personal data is only collected on our website if this is necessary
- for the use of the website (legal basis: Art. 6 para. 1 sentence 1 lit. a) and/or Art. 6 para. 1 sentence 1 lit. b) General Data Protection Regulation (GDPR),
- to safeguard our interest in improving the user experience and maintaining the security of use (legal basis: Art. 6 para. 1 sentence 1 lit. f) GDPR)
- for the use of the services offered on the website as well as pre-contractual measures, in particular for form entries (legal basis: Art. 6 para. 1 sentence 1 lit. a) and/or Art. 6 para. 1 sentence 1 lit. b) GDPR) or
- is necessary for the conclusion and performance of a contract (legal basis: Art. 6 para. 1 sentence 1 lit. a) and lit. b) GDPR).
Further details on the processing of data can be found below under the corresponding headings:
3. access data/server log files
When you visit our website, the servers automatically save the information that your browser sends, so-called server log files. The information includes
- Name of the website accessed,
- file,
- date and time of access,
- notification of successful retrieval,
- browser type and version,
- the user's operating system,
- referrer URL,
- IP address (anonymized),
- provider.
This data is not merged with other data sources. The information is used in accordance with Art. 6 para. 1 sentence 1 lit. f) GDPR exclusively to analyze and maintain the technical operation of the servers and the network.
4. Cookies
Our website stores cookies. Cookies are small files that make it possible to store specific information related to the device on the user's access device (PC, smartphone, etc.). On the one hand, they serve the user-friendliness of websites and thus the users (e.g. storage of login data). On the other hand, they are used to collect statistical data on website usage and to analyze it for the purpose of improving the offer. You can find more detailed information in the following sections of our privacy policy. If you give your consent for cookies that are not required, the legal basis is Section 25 (1) TDDDG, Article 6 (1) sentence 1 lit. a) GDPR (consent). You can find further information on this and on the cookies and services used in our consent management tool and revoke your consent at any time freely and without detriment with effect for the future.
As a user, you can influence the use of cookies. Most browsers have an option to restrict or completely prevent the storage of cookies. However, it should be noted that the use and in particular the ease of use are restricted without cookies.
5. Contact via e-mail
If you send us inquiries by e-mail, your details from the e-mail, including the contact details you provide there, will be stored by us for the purpose of processing the inquiry and in the event of follow-up questions in accordance with Art. 6 Para. 1 S. 1 lit. b) GDPR. We will never pass on this data without your consent.
6. Contact form
If you send us inquiries via the contact form, your details from the inquiry form, including the contact data you provide there, will be stored by us for the purpose of processing the inquiry and in the event of follow-up questions in accordance with Art. 6 Para. 1 S. 1 lit. b) GDPR. We will not pass on this data without your consent.
7. Customer account
You can create a customer account with us on our website. The information required for this (mandatory information) will be provided during the registration process. You must also assign a user name and a password. This information is required so that we can set up the customer account for you. You can then also view your orders and order data in the customer account. The data processing is based on the need to execute the contract in accordance with Art. 6 para. 1 sentence 1 lit. b) GDPR.
8. Shopify
We use Shopify, a store system from the service provider Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland, for the purpose of displaying and hosting our online store. All data collected on our website is processed on Shopify's servers.
They are used in order to present our services in the best possible way. The legal basis for this is Art. 6 para. 1 sentence 1 lit. f) GDPR or, if you have given your consent to the use of cookies on the basis of a notice (“cookie banner”) provided by us on the website, the legality of the use is governed by Art. 6 para. 1 sentence 1 lit. a) GDPR, § 25 para. 1 TDDDG. As part of Shopify's aforementioned services, data may also be transferred to Shopify Inc, 150 Elgin St, Ottawa, ON K2P 1L4, Canada, Shopify Data Processing (USA) Inc, Shopify Payments (USA) Inc or Shopify (USA) Inc as part of further processing on behalf of Shopify. In the event that data is transferred to Shopify Inc. in Canada, the appropriate level of data protection is guaranteed by an adequacy decision of the European Commission.
Further information on Shopify's data protection can be found on the following website: https://www.shopify.de/legal/datenschutz.
9. Payment methods
a) Shop pay
We use the payment service provider “store pay” from Shopify. The provider here is also Shopify International Limited Victoria Buildings, 2nd floor 1-2 Haddington Road Dublin 4, D04 XN32. Store Pay is an accelerated checkout that allows you to save your e-mail address, your credit card details and your delivery and billing information. You can enter an email address at checkout to save your payment information. When you check out with Shop Pay, you will be redirected to the order verification page. You will then receive a six-digit code via text message or email. Once you have opted in to Shop Pay and completed verification, you can use your saved information for any Shopify checkout where the feature is enabled. The transmission is processed exclusively for the purpose of payment processing in accordance with Art. 6 para. 1 sentence 1 lit. b) GDPR. For details on payment to store pay, please refer to the terms and conditions and the data protection provisions of the payment provider at: https://shop.app/privacy.
b) PayPal
We use PayPal, among others, for the purpose of payment processing. This is an online payment service provided by PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg. Your payment data will only be transmitted to PayPal if this is necessary for payment processing. The legal basis is Art. 6 para. 1 sentence 1 lit. b) GDPR. If you use PayPal as a payment method, the bank details you have stored with PayPal will be used by PayPal for payment. We have no access to this data. You can access PayPal's privacy policy here.
PayPal reserves the right to carry out a credit check for the payment methods credit card via PayPal, direct debit via PayPal and purchase on account. For this purpose, your payment data will be passed on to credit agencies in accordance with Art. 6 para. 1 lit. a) GDPR on the basis of your consent to the determination of your solvency. PayPal uses the result of the credit check with regard to the statistical probability of non-payment for the purpose of deciding on the provision of the respective payment method. The credit report may contain probability values (so-called score values). If score values are included in the result of the credit report, they are based on a scientifically recognized mathematical-statistical procedure. The calculation of the score values includes, but is not limited to, address data. Further data protection information, including information on the credit agencies used, can be found in PayPal's privacy policy here: https://www.paypal.com/webapps/mpp/ua/privacy-full.
You can object to this processing of your data at any time by sending a message to us or to PayPal. However, PayPal may then continue to be entitled to process your personal data if this is necessary for contractual payment processing in accordance with Art. 6 para. 1 sentence 1 lit. b) GDPR.
c) Google Pay
If you opt for the “Google Pay” payment method of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”), payment will be processed via the “Google Pay” application of your mobile device running at least Android 4.4 (“KitKat”) and equipped with an NFC function by charging a payment card stored with Google Pay or a payment system verified there (e.g. PayPal). To approve a payment via Google Pay of more than €25, your mobile device must first be unlocked using the verification measure set up in each case (e.g. facial recognition, password, fingerprint or pattern). For the purpose of payment processing, the information you provide during the order process, together with information about your order, will be forwarded to Google in encrypted form. Google then encrypts this data again with a developer-specific key before the data is transmitted to the payment service provider of the payment card stored in Google Pay to process the payment. The encryption ensures that only the website through which the purchase was made can access the payment data. After the payment has been made, Google sends your device account number and a transaction-specific, dynamic security code to the source website to confirm the success of the payment.
If personal data is processed during the described transfers, the processing is carried out exclusively for the purpose of payment processing in accordance with Art. 6 para. 1 sentence 1 lit. b) GDPR.
Further information on data protection at Google Pay can be found at: https://payments.google.com/payments/apissecure/get_legal_document?ldo=0&ldt=privacynotice&ldl=de.
d) Maestro, Mastercard, Visa
If you make the payment by credit card or suitable debit card, the payment is processed by your respective card provider as payment provider. The data required for this (card number, validity and verification number) is encrypted and forwarded to the payment provider and cannot be viewed by the website operator. The payment provider may transfer, process and store personal data outside the EU that is required to process the payment. Your payment provider is solely responsible for processing this data.
If personal data is processed during the described transfers, the processing is carried out exclusively for the purpose of payment processing in accordance with Art. 6 para. 1 sentence 1 lit. b) GDPR.
For details, please refer to the privacy policy of your payment provider at
https://www.visa.de/promotions/geldzurueck/datenschutz.html
https://www.mastercard.de/de-de/datenschutz.html
https://www.americanexpress.com/de/legal/datenschutzrichtlinien.html.
e) Instant bank transfer (Sofort)
It is also possible to pay by instant bank transfer. The provider of Sofortüberweisung is Sofort GmbH, Fußbergstraße 1, 82131 Gauting, Germany. By selecting the payment method Sofortüberweisung, a cashless payment is possible, through which we receive immediate confirmation of your payment. For this purpose, we pass on your personal data entered with us and the data of your order to Sofortüberweisung for the collection of the invoice amount. This includes your name, address, e-mail address, telephone number and IP address as well as other data required for payment processing. These are used in particular for identity verification and fraud prevention. With Sofortüberweisung, you enter your bank and login details and initiate your transfer using your PIN and TAN. The PIN and TAN are passed on to Sofortüberweisung to check the account coverage and transfer to the provider.
If personal data is processed during the described transfers, the processing is carried out exclusively for the purpose of payment processing in accordance with Art. 6 para. 1 sentence 1 lit. b) GDPR.
For details on payment with Sofortüberweisung, please refer to the privacy policy of Sofort GmbH at https://www.sofort.de/datenschutz.html.
10. Newsletter
If you would like to receive the newsletter offered by us, we require an e-mail address as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. For confirmation purposes, you will receive an e-mail from us in which you must confirm the data entered again via a link. We use your data exclusively for sending the requested information and do not pass it on to third parties.
The data entered in the newsletter registration form is processed exclusively on the basis of your consent in accordance with Art. 6 para. 1 lit. a) GDPR. You can revoke your consent to the storage of the data, the e-mail address and its use for sending the newsletter at any time, for example via the “unsubscribe” link in the newsletter or by e-mail to The legality of the data processing operations already carried out remains unaffected by the revocation.
Our newsletters are sent via “MailChimp”, a newsletter distribution platform of the US provider Rocket Science Group LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA or via Pushowl, an offer of Creatorbox Softwares Private Limited, No 39, 2nd Floor NGEF Lane, Suite no 909 Indiranagar First Stage Bangalore KA 560038 IN.
Your data will be transmitted to MailChimp or Pushowl. Both are prohibited from selling your data and using it for purposes other than sending newsletters. You can find more information at https://mailchimp.com/legal/privacy and at https://pushowl.com/privacy.
11. Goaffpro partner network
We are a member of the affiliate network of Goaffpro, a service of Oxybit Enterprises Pvt Ltd, 16, Sector 20, Part 1, HUDA, Sirsa, Haryana -125055, India (“Goaffpro”). In this context, we have placed advertisements as links on the pages of affiliate partners that lead to offers on our website. Goaffpro uses cookies, which are generally set on the partner site and for which we are therefore not responsible under data protection law. Cookies are small text files that are stored on your end device in order to be able to trace the origin of transactions (e.g. “sales leads”) generated via such links. Among other things, Goaffpro can recognize that you have clicked on the partner link and have been redirected to our website.
This information is required for payment processing between us and Goaffpro. If the information also contains personal data, the described processing is based on our legitimate financial interest in the processing of commission payments with Goaffpro in accordance with Art. 6 para. 1 sentence 1 lit. f) GDPR. If personal data is collected by Goaffpro, it is processed exclusively on servers in Falkenstein, Germany, according to the company.
Further information on data usage by Goaffpro can be found at https://goaffpro.com/privacy. If you wish to block the analysis of user behavior via cookies, you can set your browser so that you are informed about the setting of cookies and decide individually whether to accept them or to exclude the acceptance of cookies for certain cases or in general.
12. Instagram feed
We use the “Instagram Feed” plug-in on our website. The plug-in is developed by Smash Balloon LLC in the USA (https://smashballoon.com/) (“Provider”) and is offered as a WordPress plug-in or as a stand-alone PHP plug-in. The plug-in enables us to display the newsfeed of our Instagram fan page directly on our website. For this purpose, the plug-in retrieves the information from Instagram and integrates it into our website.
It is used to present our services in the best possible way. The legal basis for this is Art. 6 para. 1 sentence 1 lit. f) GDPR or if you have given your consent to the use of cookies on the basis of a notice (“cookie banner”) provided by us on the website, the legality of the use is governed by Art. 6 para. 1 sentence 1 lit. a) GDPR, § 25 para. 1 TDDDG.
As far as we are currently aware, no special cookies are set in your browser specifically by this plug-in that collect, process or use personal data. Nevertheless, we cannot completely rule out the possibility that personal data (e.g. IP addresses, browser data, etc.) may be transmitted to the provider of the plug-in or Instagram. If you click on a link in the newsfeed, you will be redirected to our Instagram fan page. In this case, Instagram stores the website from which you accessed our Instagram fan page. For more information on what data is collected, processed or used when you visit Instagram pages, please refer to Instagram's privacy policy.
Further information on Smash Balloon's data protection can be found here: https://smashballoon.com/gdpr-and-our-plugins. If you do not want Instagram to be able to associate your visit to our pages with your Instagram user account, please log out of your Instagram user account.
13. Recipients of personal data
Notwithstanding the above paragraphs, we only disclose personal data to the following categories of recipients:
To our employees, to the shipping service provider Hermes Germany GmbH, Essener Straße 89, 22419 Hamburg for the purpose of shipping the ordered items to you and to the hoster of our website. The hoster is Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland. We have concluded a data processing agreement (DPA) with our hoster.
Beyond this, your personal data will not be passed on to third parties without your express consent, unless we are legally obliged to do so within the meaning of Art. 6 para. 1 sentence 1 lit. c) GDPR or the transfer of data is absolutely necessary for the execution of a contractual relationship in accordance with Art. 6 para. 1 sentence 1 lit. b) GDPR.
We would like to point out that data transmission over the Internet (e.g. when communicating by email) may be subject to security vulnerabilities. Complete protection of data against access by third parties is not possible.
14. Duration of storage
We delete your personal data immediately after the purpose has been achieved. For example, we store your data from your emails and the contact form until your request has been fully processed and dealt with. After that, the data is usually deleted.
In addition, we check on an annual basis whether your stored data can be deleted.
Session cookies are automatically deleted by us after your visit to the website. Access data and server log files are deleted after one week.
Please note that certain data must be stored for at least six (§ 257 HGB) or ten (§ 147 AO) years under commercial and tax law.
15. Rights of the data subjects
You are not legally obliged to provide your personal data. However, the provision may be necessary for the conclusion of a contract or for functions of the website. If you do not provide it, it may not be possible to offer a contract or a function on the website.
There is no automated decision-making on the website and no profiling takes place.
The rights of data subjects arise in particular from Articles 15 to 23 and Article 77 GDPR and from Sections 32 to 37 of the Federal Data Protection Act (BDSG)-new.
With regard to your personal data, you have the right to
- Information, Art. 15 GDPR
- Rectification, Art. 16 GDPR
- erasure, Art. 17 GDPR
- Restriction of processing, Art. 18 GDPR
- Transferability, Art. 20 GDPR.
If you have given your consent to the processing of personal data, you have the right of
- Revocation, Art. 7 GDPR
with effect for the future.
You also have the right to object to the processing of personal data
- objection, Art. 21 GDPR.
1. you have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (f) of Article 6(1) GDPR (data processing on the basis of a balancing of interests).
If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or the processing serves the establishment, exercise or defense of legal claims.
2. in individual cases, we process personal data for direct marketing purposes. If this is the case for you, you have the right to object at any time to the processing of data concerning you for the purpose of such advertising.
If you object to processing for direct marketing purposes, we will no longer process your personal data for these purposes.
The objection can be made informally and should preferably be addressed
be addressed to us, see above under 1.
If you are of the opinion that the processing of personal data concerning you violates data protection law, you always have the
- right to lodge a complaint
with the competent supervisory authority, see Art. 77 GDPR. Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR.
The contact details of the data protection officers in the federal states, the supervisory authorities for the non-public sector, broadcasting, churches, in Europe and in other countries as well as the Virtual Data Protection Office can be found there: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html
The supervisory authority responsible for us is the State Commissioner for Data Protection of North Rhine-Westphalia, Kavalleriestraße 2-4, 40213 Düsseldorf.
