With this
Privacy policy We provide information about what personal data we process, for what purpose, how, and where, particularly in connection with our internet platform and website.
2nd Skin Tattoo & Piercing and our other offerings. This privacy policy also provides information about the rights of individuals whose data we process.Special, supplementary, or additional privacy policies and other legal documents such as general terms and conditions (GTC), terms of use, or conditions of participation may apply to individual or additional offerings and services.Our offerings are subject to Swiss data protection law and any applicable foreign data protection law, in particular that of the European Union (EU) with the General Data Protection Regulation (GDPR). The European Commission
acknowledgesthat Swiss data protection law ensures adequate data protection.The English version of this privacy policy is authoritative. Versions in other languages are for informational purposes only and are not binding.
1. contact addresses
Responsibility for the processing of personal data:
2nd Skin AG Altstetterstrasse 134 8048 Zurich Switzerland
admin@2ndskn.comWe point out if there are other controllers for the processing of personal data in individual cases.
Data protection representation in the European Economic Area (EEA)
We have the following data protection representation in accordance with
Article 27 GDPR in the European Economic Area (EEA), including the European Union (EU) and the Principality of Liechtenstein, Iceland, and Norway as
additional Contact point for supervisory authorities and data subjects for inquiries relating to the General Data Protection Regulation (GDPR):
VGS Data Protection Partner UG Kaiserkai 69 20457 Hamburg Germany
info@datenschutzpartner.eu2. processing of personal data
2.1 Terms
personal data is any information relating to an identified or identifiable person. A
affected person is a person whose personal data is being processed.
Edit includes
everyone Handling of personal data,
independently the means and procedures used, in particular the storage, disclosure, procurement, collection, deletion, saving, modification, destruction, and use of personal data.The
European Economic Area (EEA) covers the European Union (EU) as well as the Principality of Liechtenstein, Iceland, and Norway. The General Data Protection Regulation (GDPR) defines the handling of personal data as the processing of personal data.
2.2 Legal basis
We process personal data in accordance with Swiss data protection law, in particular the
Federal Act on Data Protection (DSG) and the
Regulations on the Federal Act on Data Protection (VDSG).
We process - if and insofar as the General Data Protection Regulation (GDPR) is applicable - personal data in accordance with at least one of the following legal bases: - Art. 6 para. 1 lit. b GDPR for the necessary processing of personal data for the performance of a contract with the data subject and for the implementation of pre-contractual measures.
- Art. 6 para. 1 lit. f GDPR for the necessary processing of personal data in order to protect the legitimate interests of us or third parties, unless the fundamental freedoms and rights and interests of the data subject prevail. Legitimate interests are, in particular, our interest in being able to provide our services in a permanent, user-friendly, secure and reliable manner and to be able to advertise them if necessary, information security and protection against misuse and unauthorized use, the enforcement of our own legal claims and compliance with Swiss law.
- Art. 6 para. 1 lit. c GDPR for the necessary processing of personal data to fulfill a legal obligation to which we are subject under any applicable law of member states in the European Economic Area (EEA).
- Art. 6 para. 1 lit. e GDPR for the necessary processing of personal data for the performance of a task carried out in the public interest.
- Art. 6 para. 1 lit. a GDPR for the processing of personal data with the consent of the data subject.
- Art. 6 para. 1 lit. d GDPR for the necessary processing of personal data in order to protect the vital interests of the data subject or another natural person.
2.3 Type, scope and purpose
We process personal data that
necessary in order to provide our services in a permanent, user-friendly, secure, and reliable manner. Such personal data may fall into the categories of inventory and contact data, browser and device data, content data, meta or marginal data and usage data, location data, sales, contract, and payment data.We process personal data during those
durationthat is necessary for the respective purpose or purposes or required by law. Personal data that is no longer required for processing is anonymized or deleted. Persons whose data we process have
fundamentally a right to erasure.We process personal data
fundamentally only with the consent of the data subject, unless processing is permissible for other legal reasons, for example to fulfill a contract with the data subject and for corresponding pre-contractual measures to safeguard our overriding legitimate interests, because processing is apparent from the circumstances or after prior information.In this context, we process in particular information that a data subject provides when contacting us—for example, by letter, email, contact form, social media, or telephone—when registering for a user account, or when publishing their own content.
voluntarily and independently transmitted to us. We may store such information in an address book or similar tools, for example. If you transmit personal data about third parties to us, you are obliged to ensure data protection for such third parties and to ensure the accuracy of such personal data.We also process personal data that we receive from third parties, obtain from publicly available sources, or collect when providing our services, if and to the extent that such processing is permitted for legal reasons.
2.4 Processing of personal data by third parties, including abroad
We may have personal data processed by commissioned third parties or process it jointly with third parties or with the help of third parties or transfer it to third parties. Such third parties are in particular providers whose services we use. We also ensure adequate data protection with such third parties.Such third parties are located
fundamentally in Switzerland and in the European Economic Area (EEA). However, such third parties may also be located in other countries and territories on Earth and elsewhere in the universe, provided that their data protection laws comply with
Assessment by the Federal Data Protection and Information Commissioner (EDÖB) and – if and to the extent that the General Data Protection Regulation (GDPR) applies – in accordance with
Assessment by the European Commission – ensures adequate data protection, or if adequate data protection is ensured for other reasons, such as through a corresponding contractual agreement, in particular based on standard contractual clauses, or through corresponding certification. In exceptional cases, such a third party may be located in a country without adequate data protection, provided that the data protection requirements, such as the express consent of the data subject, are met.
3. rights of data subjects
Data subjects whose personal data we process have rights under Swiss data protection law. These include the right to information and the right to correction, deletion, or blocking of the personal data processed.Data subjects whose personal data we process may – insofar as the General Data Protection Regulation (GDPR) applies – request confirmation free of charge as to whether we process their personal data and, if so, request information about the processing of their personal data, have the processing of their personal data restricted, exercise their right to data portability, and have their personal data corrected, deleted ("right to be forgotten"), blocked, or completed.Data subjects whose personal data we process may, if and to the extent that the GDPR applies, revoke their consent at any time with effect for the future and object to the processing of their personal data at any time.Data subjects whose personal data we process have the right to lodge a complaint with a competent supervisory authority. The supervisory authority for data protection in Switzerland is the
Federal Data Protection and Information Commissioner (EDÖB).
4. data security
We take appropriate and suitable technical and organizational measures to ensure data protection and, in particular, data security. However, despite such measures, the processing of personal data on the Internet can always present security gaps. We therefore cannot guarantee absolute data security.Access to our online offering is provided via transport encryption (SSL/TLS, in particular with the Hypertext Transfer Protocol Secure, abbreviated HTTPS). Most browsers indicate transport encryption with a padlock in the address bar.Access to our online offering is subject to – as
fundamentally Any use of the internet – mass surveillance without cause or suspicion, as well as other surveillance by security authorities in Switzerland, the European Union (EU), the United States of America (USA), and other countries. We cannot directly influence the processing of personal data by secret services, police agencies, and other security authorities.
5. use of the website
5.1 Cookies
We may use cookies on our website. Cookies—both our own cookies (first-party cookies) and cookies from third parties whose services we use (third-party cookies)—are data that are stored in your browser. Such stored data is not necessarily limited to traditional cookies in text form. Cookies cannot execute programs or transmit malware such as Trojans and viruses.When you visit our website, cookies may be stored in your browser temporarily as "session cookies" or for a specific period of time as so-called permanent cookies. "Session cookies" are automatically deleted when you close your browser. Permanent cookies have a specific storage period. In particular, they enable your browser to be recognized the next time you visit our website, thereby allowing us to measure the reach of our website, for example. However, permanent cookies can also be used for online marketing, for example.You can deactivate and delete cookies in your browser settings at any time, either completely or partially. Without cookies, our website may no longer be fully available. We actively request your express consent for the use of cookies, if and to the extent necessary.For cookies that are used to measure success and reach or for advertising, a general objection ("opt-out") is possible for numerous services via the
Network Advertising Initiative (NAI),
YourAdChoices (Digital Advertising Alliance) or
Your Online Choices (European Interactive Digital Advertising Alliance, EDAA).
5.2 Server log files
We may collect the following information for each visit to our website, provided that it is transmitted by your browser to our server infrastructure or can be determined by our web server: Date and time, including time zone, Internet Protocol (IP) address, access status (HTTP status code), operating system including user interface and version, browser including language and version, individual subpages of our website accessed, including the amount of data transferred, the last website accessed in the same browser window (referrer or referrer).We store such information, which may also constitute personal data, in server log files. The information is necessary to provide our online offering in a permanent, user-friendly, and reliable manner, as well as to ensure data security and, in particular, the protection of personal data—including by third parties or with the help of third parties.
5.3 Tracking pixels
We may use tracking pixels on our website. Tracking pixels are also known as web beacons. Tracking pixels - including those from third parties whose services we use - are small, usually invisible images that are automatically retrieved when you visit our website. Tracking pixels can be used to collect the same information as server log files.
6. notifications and messages
We send notifications and communications such as newsletters by e-mail and via other communication channels such as instant messaging.
6.1 Performance measurement and reach measurement
Notifications and messages may contain web links or tracking pixels that record whether an individual message has been opened and which web links have been clicked on. Such web links and tracking pixels can also record the use of notifications and messages on a personal basis. We require this statistical recording of usage for measuring success and reach in order to be able to offer notifications and messages in an effective, user-friendly, permanent, secure and reliable manner based on the needs and reading habits of the recipients.
6.2 Consent and objection
You must
fundamentally expressly consent to the use of your email address and other contact details, unless such use is permitted for other legal reasons. Where possible, we use the "double opt-in" procedure for any consent to receive emails, which means that you will receive an email with a web link that you must click on to confirm, so that no misuse by unauthorized third parties can occur. We may log such consents, including Internet Protocol (IP) addresses and dates and times, for evidence and security reasons.You can
fundamentally You can unsubscribe from notifications and communications such as newsletters at any time. This does not apply to notifications and communications that are essential for our services. By unsubscribing, you can object to the statistical recording of usage for the purpose of measuring success and reach.
6.3 Service provider for notifications and messages
We send notifications and messages via third-party services or with the help of service providers. Cookies may also be used for this purpose. We also ensure adequate data protection for such services.In particular, we use:
We are present on social media platforms and other online platforms in order to communicate with interested parties and provide information about our services. In doing so, personal data may also be processed outside Switzerland and the European Economic Area (EEA).The general terms and conditions (GTC) and terms of use, as well as privacy policies and other provisions of the individual operators of such online platforms, also apply. These provisions provide information in particular about the rights of data subjects, including in particular the right to information.For our
Social media presence on Facebook Including so-called Page Insights, we are jointly responsible with Facebook Ireland Limited in Ireland, insofar as the GDPR applies. Page Insights provide information about how visitors interact with our Facebook presence. We use Page Insights to make our social media presence on Facebook effective and user-friendly.Further information on the type, scope, and purpose of data processing, information on the rights of data subjects, and the contact details of Facebook and Facebook's data protection officer can be found in the
Facebook's privacy policy ("Data Policy")We have established a so-called
"Addendum for responsible persons" concluded and thus agreed in particular that Facebook is responsible for ensuring the rights of affected persons. For the so-called Page Insights, the relevant information can be found on the pages.
Information about page insights, including "Page Insights Supplement Regarding the Responsible Party" and
Information about page insights data from Facebook.Users of social media platforms have the option of logging in or registering for our online offering with their corresponding user account.
(“Social Login”)The respective terms and conditions of the social media platforms in question apply, such as general terms and conditions (GTC) and terms of use or privacy policies.
8. success and reach measurement
We use
Google Analyticsto analyze how our website is used, allowing us to measure, for example, the reach of our website and the success of third-party links to our website. This is a service provided by the American company Google LLC. For users in the European Economic Area (EEA) and Switzerland, the Irish
Google Ireland Limited responsible.Google also attempts to track individual visitors to our website when they use different browsers or devices.
(Cross-device tracking)Cookies are also used for this purpose. Google Analytics requires your Internet Protocol (IP) address, but this is not combined with other data from Google.In any case, we have your Internet Protocol (IP) address anonymized before Google analyzes it. As a result, your complete IP address
fundamentally not transferred to Google in the USA.Further information on the type, scope, and purpose of data processing can be found in the
Principles for data protection and security and in the
Privacy policy each from Google, in the
Guide to data protection in Google products (including Google Analytics), in the
Information about how Google uses data from websites that use Google services and in the
Information about cookies at Google. In addition, there is the option of
"Browser add-on to disable Google Analytics" to use as well as
Objection to personalized advertising to collect.
9. services of third parties
We use third-party services to ensure that our offering is permanent, user-friendly, secure, and reliable. These services also enable us to embed content in our website. Such services—for example, hosting and storage services, video services, and payment services—require your Internet Protocol (IP) address, as otherwise they would be unable to transmit the relevant content. Such services may be located outside Switzerland and the European Economic Area (EEA), provided that adequate data protection is guaranteed.For their own security-related, statistical, and technical purposes, third parties whose services we use may also process data in connection with our offering and from other sources—including cookies, log files, and tracking pixels—in aggregated, anonymized, or pseudonymized form.
9.1 Digital infrastructure
We use third-party services in order to be able to use the digital infrastructure required for our offering. These include, for example, hosting and storage services from specialized providers.
9.2.1 Facebook
We use social plugins from
Facebookto embed Facebook functions and Facebook content in our website. Such functions include, for example, "Like" or "Share." Cookies are also used for this purpose. Further information can be found on the page
Facebook's "social plug-ins".The social plugins are provided by Facebook Ireland Ltd. in Ireland or Facebook Inc. in the USA. If you are logged in to Facebook as a user, Facebook can assign the use of our online offering to your profile. Further information on the type, scope, and purpose of data processing can be found in the
Facebook's privacy policy ("Data Policy").
9.2.2 Instagram
We use the option for our website to integrate functions and content from
Instagram embed. This allows us to display images published on Instagram on our website, for example. Cookies are also used for this purpose.Instagram is a service provided by Facebook Ireland Limited in Ireland and Facebook Inc. in the United States. If you are registered as a user on Instagram or other Facebook services, Facebook can assign your use of our online offering to your profile. Further information on the type, scope, and purpose of data processing can be found in the
Instagram's privacy policy.
9.3 Entertainment
9.3.1 We use
Vimeoto embed videos on our website. Cookies are also used for this purpose. Vimeo is a service provided by the American company Vimeo Inc. Further information about the type, scope, and purpose of data processing can be found in the
Questions and answers about data protection at Vimeo and in the
Vimeo Privacy Policy.9.3.2 We use
YouTubeto embed videos in our website. Cookies are also used for this purpose. YouTube is a service provided by the American company Google LLC. For users in the European Economic Area (EEA) and Switzerland, the Irish
Google Ireland Limited responsible. Further information on the type, scope, and purpose of data processing can be found in the
Principles for data protection and security and in the
Privacy policy each from Google, in the
Guide to data protection in Google products (including YouTube), in the
Information about how Google uses data from websites that use Google services and in the
Information about cookies at Google. In addition, there is the possibility of
Objection to personalized advertising to collect.
9.4 Fonts
We use
Google Fontsto embed selected fonts in our website. This involves
no cookies This is a service provided by the American company Google LLC, which is offered independently of other Google services. For users in the European Economic Area (EEA) and Switzerland, the Irish
Google Ireland Limited responsible. Further information on the type, scope, and purpose of data processing can be found in the
Principles for data protection and security as well as in the
Privacy policy by Google.
9.5 Advertising
We use
Google Ads (formerly AdWords)in order to advertise our services in a targeted manner on the Google search engine and elsewhere on the Internet, for example on other websites, based on search queries, among other things. Google Ads is a service provided by the American company Google LLC. For users in the European Economic Area (EEA) and Switzerland, the Irish
Google Ireland Limited responsible. Cookies are also used in Google Ads. Google uses various domain names—in particular doubleclick.net, googleadservices.com, and googlesyndication.com—for Google Ads.We want to use such advertising to reach people who are interested in our online offering or who already use our online offering. To this end, we transmit relevant information—including personal data—to Google.
(Remarketing)We can also determine whether our advertising is successful, i.e., whether it leads to visits to our website.
(Conversion Tracking).Further information on the type, scope, and purpose of data processing can be found in the
Principles for data protection and security and in the
Privacy policy each from Google, in the
Information about how Google uses data from websites that use Google services and in the
Information about cookies at Google. In addition, there is the possibility of
Objection to personalized advertising to collect.
10. extensions for the website
We use
Google reCAPTCHAto protect input forms from bots and spam, while at the same time reliably enabling entries from humans. Cookies are also used for this purpose. This is a service provided by the American company Google LLC. For users in the European Economic Area (EEA) and Switzerland, the Irish
Google Ireland Limited responsible. Further information on the type, scope, and purpose of data processing can be found in the
Principles for data protection and security and in the
Privacy policy by Google and in the
Information about cookies at Google.
11. final provisions
We may amend and supplement this privacy policy at any time. We will inform you of such amendments and additions in an appropriate form, in particular by publishing the current data protection declaration on our website.