1. scope of application
The protection of personal data is very important to us. With the following information on data protection, we would like to explain to you which personal data we process for which purposes while you are using our Internet offer.
The following information applies to all contents of the website https://www.truecare.skin (hereinafter referred to as "offer").
The legal basis for data protection can be found in the EU General Data Protection Regulation (hereinafter referred to as DSGVO) and the Federal Data Protection Act.
"Personal data" means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g. cookie) or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
"Processing" means any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organization, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction."
3. Types of personal data
Access data is data about each access to the server on which our website is located. Access data includes the name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider.
Cookies are small files that allow specific information related to the device to be stored on the access device. The following cookies are used:
Facebook Pixel: in order to offer you content that is as interesting and relevant to you as possible, also in our online communication, we use Facebook Pixel. Duration 3 months.
Google Analytics: Google Analytics is a tracking tool of the US company Google LLC, which is used for data traffic analysis of websites. Runtime 1 year.
Cookie Banner: It stores their cookie settings on our website. Duration 1 year.
Session Cookies: With the session cookie, data associated with a website is stored on the computer of the visitor to the website and transmitted to the server upon request. This allows the website visitor to be identified and to store and retrieve certain settings - for example, an online shopping cart. Duration until the end of the visit to our website.
If you register with us as a customer, fill out the contact or appointment form on our website, or contact us by other means (e.g. telephone, e-mail), we process the personal data that you enter in the respective form or provide to us by other means (e.g. last name, first name, e-mail address, address).
4. Cookie settings
5. Purposes of processing
Our hosting provider collects access data on our behalf for security reasons to control fraud and abuse and for statistical recording of website usage. The legal basis for the processing is Art. 6 para. 1 sentence 1 f DSGVO. For processing of the IP address by third-party providers, see item 6.
On the one hand, cookies serve the user-friendliness of websites and thus the users (e.g. storage of login data). On the other hand, they can be used to collect statistical data on website usage and to be able to analyze it for the purpose of improving our offers.
If you register as a customer, we use your personal data for the administration of your account (legal basis Art. 6 para. 1 sentence 1 b DSGVO). If you use our contact or appointment form or provide us with your personal data by other means, we will use it to process your request (legal basis Art. 6 para. 1 sentence 1 a, f DSGVO). If you communicate with us via e-mail, your e-mails and the personal data communicated therein will be transported on our behalf to the servers of our e-mail provider Space.Net AG in order to be stored on our servers (legal basis Art. 6 para. 1 sentence 1 a, f DSGVO).
Our legitimate interest to collect data in the sense of Art. 6 para. 1 f DSGVO follows from the fact that we cannot process your request (registration, contact, order processing) without your data.
If you agree, we will inform you at regular intervals by e-mail about our service offers, news in our institutes and skin care tips. You can register for our newsletter. If you would like to receive information, we need a valid e-mail address from you. After your registration, an e-mail will be sent to the specified e-mail address, in which you will be asked to confirm that you wish to receive the newsletter. When you register for the newsletter, your e-mail address, the IP address used and the time of registration and confirmation are stored. The purpose of this procedure is to be able to prove your registration and, if necessary, to clarify a possible misuse of your personal data. The legal basis for this is Art. 6 para. 1 sentence 1 f DSGVO. The legal basis for sending the newsletter is Art. 6 para. 1 sentence 1 f a DSGVO.
You can revoke your consent to the sending of the newsletter at any time and unsubscribe from the newsletter. You can declare the revocation by clicking on the link provided in every newsletter e-mail or by e-mail. We would like to point out that a revocation does not change the lawfulness of the processing granted until the revocation (no retroactive effect of the revocation).
By subscribing to the newsletter, you give us the following consent, if applicable, which we reproduce here only for your information:
7. Data processing by third parties
Our website is operated on the servers of the hosting provider Space.Net AG. This company processes the personal data mentioned in section 3 on our behalf for the operation of our website and for abuse control. The legal basis for this is Art. 6 para. 1 sentence 1 f DSGVO.
Plug-ins, usage analysis
We integrate various services and content from third-party providers on our website. The integration may result in the processing of your personal data. In addition, the integration of third-party content may result in a data transfer to countries outside the EU. You can find more information on this under sections 8. and 9.
The legal basis for the integration of the services and content is Art. 6 para. 1 sentence 1 f DSGVO. Our legitimate interest for data processing follows from the fact that we use third-party services for the purpose of user-friendliness of our website and optimization of our offers.
Online appointment calendar, customer management
8. Google analytics and google maps
If you click on "Confirm" at the bottom of the cookie bar when visiting our website without changing the settings regarding Google Analytics on the Cookie Settings page, you consent within the meaning of Article 49 (1) sentence 1 a) DSGVO that your data (IP address, timestamp, user behavior on our website, if applicable) is transmitted to Google in the USA and processed there. The ECJ considers the USA to be a country with a level of data protection that is not adequate by European standards. There is a risk of access by US authorities. In addition, we do not know exactly how Google processes your data. The legal basis for the use of Google Analytics is Art. 6 para. 1 sentence 1a DSGVO.
9. Facebook Pixel
By integrating the so-called "Facebook Pixel" on our website, we can display our advertising measures ("Facebook Ads") to users of our website and the social network Facebook and measure and evaluate the success ("Conversion Tracking"). Due to the marketing tools used, your browser automatically establishes a direct connection with the Facebook server when you visit our website. We have no influence on the scope and further use of the data collected by Facebook through the use of this tool and therefore present the processes known to us: Through the integration of the Facebook pixel, Facebook receives the information that you have accessed the corresponding web page of our website, or clicked on an ad from us. If you are registered with a Facebook service, Facebook can assign the visit to your account. Even if you are not registered with Facebook or have not logged in, there is a possibility that the provider may learn your IP address and other identifying features and use them to create a profile. The information collected is stored on Facebook servers, including in the USA.
10 Voluntariness of the provision of data
The provision of personal data when visiting our website is not required by law or contract, nor is it necessary for the conclusion of a contract. You are also not obliged to provide personal data when visiting our website, however, the collection of access data when visiting our website takes place automatically. If you wish to register as a customer, the registration data is required.
11. Duration of processing
Access data, cookies
Access data is stored by our hosting provider for security reasons (e.g. to clarify acts of abuse or fraud) for a maximum period of 6 months and then deleted. Data whose further storage is required for evidentiary purposes is exempt from deletion until the final clarification of the respective incident.
If IP addresses are processed by third-party providers, we have no influence on the duration of the processing. You will find the links to the data protection declarations of the third-party providers under item 6. There you can inform yourself about the duration of the processing.
For the storage duration of cookies, see section 3 above.
We process personal data that you provide via our forms or communicate to us by other means for the duration of the processing of your request, provided that this data is not subject to the retention periods under tax and commercial law or consent justifies continued storage.
You have the right to object at any time to personal data processed on the basis of Article 6 (1) sentence 1 f DSGVO, provided that there are grounds for the objection arising from your particular situation. However, your Personal Data will be further processed if there are compelling legitimate grounds to further process the data that override the interests, rights and freedoms of your person, or if the processing serves the assertion, exercise or defense of legal claims. If we process personal data from you for the purpose of direct marketing, you have the right to object at any time, without giving reasons, to the processing of personal data for the purpose of such marketing (Article 21 DSGVO).
13. Further data subject rights
In the event that you have given your consent, you have the right to revoke it. We would like to point out that a revocation does not change the lawfulness of the processing granted until the revocation (no retroactive effect of the revocation).
Within the scope of the DSGVO, you have the right to receive information free of charge upon request about the personal data we hold about you (Art. 15 DSGVO).
Furthermore, in accordance with the DSGVO, you have the right to correction (Art. 16 DSGVO), deletion (Art. 17 DSGVO), restriction (Art. 18 DSGVO) and transfer (Art. 20 DSGVO) of your personal data.
You also have the right to complain to the data protection supervisory authority responsible for us in justified cases (Art. 77 DSGVO).
You can assert your rights under the GDPR by e-mail or in writing. You can find the contact details of the provider below.
14. Contact details
Person in charge:
TRUE CARE GmbH
Data Protection Officer:
Data protection supervisory authority:
Bavarian State Office for Data Protection Supervision
PO Box 606
Telephone: +49 (0) 981 53 1300
Fax: +49 (0) 981 53 98 1300
Status: October 2022