条款
1. 一般条款
百奢, 地址:12 John Princes Street, London W1G 0NY(下文中称为“BESSENSE”或“我方”),是在线购物商城 www.bessense.com (下文中称为“网站”)的经营方。 您在该网站下达的所有订单以及我方的配送和服务均受下文规定的“一般交易条款和条件”的排他性约束,条款和条件自下达订单时生效。除非有明确的书面协议,否则我方不接受客户提出的有别于本文规定的任何条款和条件。
欧盟委员会提供的庭外解决争端平台(简称ODR平台),详请可查看http://ec.europa.eu/odr。
我们将不会在消费者仲裁委员会之前进行争议解决程序。
2. 合同
a. 在网站上展示商品并不表示www.bessense.com发出购买合同要约。
b. 使用我方网站上提供的订购表单提交订单,即是向我方提出有约束力的购买合同要约。在订购过程中输入所有必要信息,然后完成购买后将订购表单发送给我方,即提交了要约。提交要约之前,您可以查看自己输入的详细信息,并可以修改所提供信息中的任何错误。
c. 收到您的订单后,我方将向您发送电子邮件,以确认收到了您的订单并概述您订单中的详细信息(订单确认)。请注意,订单确认并不表示我方声明接受您的合同要约,只是为了告知您相关信息。
d. 仅当我方按订单安排发货时才表明我方接受要约,您与www.bessense.com之间的购买合同才生效。
e. www.bessense.com有权利不提供任何理由拒绝(任何)要约,尤其是当我方有正当依据怀疑客户在网上订购商品后有意进行商业转售时。
3. 自愿退货权利
a. www.bessense.com为您提供以下自愿退货权:
所有www.bessense.com产品可在收货后30天内退回www.bessense.com。但是,退货权仅适用于未穿着使用、未经洗涤且完好无损的未拆标签的商品。由于穿着、洗涤或造成其他使用痕迹以及拆除安全标签、拆除/损坏原包装、配件等造成的任何价值损失将导致退货被拒,因为我们无法对这些商品进行二次销售。在此种情况下,该商品将退还给客户,且不会退回购买时所支付的金额。
b. 退货运费
b.1. 如果符合以下规定,所有退货运费将由我方支付。
b.2. 所有退货商品仅使用与原始送货方式相同的服务(DHL或UPS等),并且采用原始包装内随附的运货单或退货标签。退还商品所需的必要单据和说明均随附在包装内。
b.3. 请注意,我方只接受来自送货目的地国家/地区的退货。例如,商品送货目的地为奥地利,则我方只接受来自奥地利的退货。
b.4. 如需退货,我方会将货款退还至您的账号/信用卡中。我方不会退还汇率浮动可能导致的损失。
b.5. 退货地址请于百奢客服联系。
4. 价格;商品展示;可用性;优惠券;优惠码
a. 商品价格以我方网站www.bessense.com在您下达订单结算时显示的价格为准。
b. www.bessense.com上提供的商品以实物商品数码照片的形式在该网站上进行展示。图片展示和实物商品之间的微小差异不构成所订购商品的缺陷。
c. 优惠券
c.1 优惠券可用于购买我方网站上展示的任何商品(不可购买其他礼品卡),但须在其有效期之前使用。
c.2. 优惠券仅依照退货和退款权及条件进行兑换或退款。
c.3 优惠券仅在我方使用本网站列示的相应币种向其送货的国家/地区有效。礼品卡只能在您购买礼品卡时确定的配送国家/地区使用。
d. 优惠码
d.1 优惠码的有效时段各不相同,可用于购买我方网站上展示的所有商品。
d.2 不允许进行属于营销推广或者您代表www.bessense.com接收的优惠码兑换或退款。不允许在我方条款和条件规定的标准退货时间范围之外使用优惠码退款。
d.3 www.bessense.com保留取消或锁定优惠码的权利,前提是由于法律原因而认为必须采取此类行动,例如在优惠码丢失或被冒用时。如果要取消或锁定优惠码,www.bessense.com会立即通知您。
d.4 关于使用优惠码所购买商品的退货政策:如果您依法行使退货权或根据我方的自愿退货政策退货,我方会向您退还退货商品对应的全部款项。如果您仅退回了订单中的某一件商品,则我方将对优惠码的价值额度进行相应调整,并且仅退还与退货商品相关的金额。优惠码将减少相当于退货商品价值的有效额度。如果您对整个订单退货,我方将全额退还您支付的款项,但相应优惠码不能再用于日后的购买。请注意,销售活动中发放的优惠码不能更换或退款。
5. 合同数据的存储
我方会存储您的订单数据。
此外,您还会收到订单确认电子邮件,其中将提供您输入的所有详细信息以及可打印的取消购买模板。
6. 使用礼品卡付款
a.1 在使用优惠券购物时,只需在结算时在指定字段选择优惠券即可。
7. 使用优惠码付款
a.1 在使用优惠码购物时,只需在结算时在指定字段内输入优惠码即可。
8. 商业交易的留置权
在商品贸易中,除非无可争议、依法确定反索赔或同一份销售合同中包括了损害赔偿,否则不能强制执行客户的商品留置权和服务免责声明。
隐私政策
The protection of your personal data is very important to us. We would therefore like to inform you in the following pages about the
data collected during your visit and the purposes it is used for. Should you still have any queries about the handling of your personal
data, please contact our data protection officer.
The ongoing further development of technology, changes in our services or the legal situation as well as other reasons can require
adjustments of our data protection notice. We therefore reserve the right to change this data protection declaration at any time and
ask you to regularly inform yourself about the current status.
1 BASIC INFORMATION ON DATA HANDLING
1.1 Extent of the personal data processing
We fundamentally collect and use the personal data of our users only insofar as this is required for the provision of a functional
website and of our contents and services as well as for the implementation of our business purpose. As a rule we collect and use
the personal data of our users only after the user has given his/her consent. Exceptions apply in such cases where it was not
possible to obtain prior consent for factual reasons and where the processing of the data is permitted because of statutory
requirements.
1.2 Purposes and legal basis for the processing of personal data
We process personal data only to fulfil our contractual obligations or to preserve our overriding legitimate interests. Our legitimate
interests are the implementation of our business purpose.
Insofar as we obtain consent from the data subject for processing operations of personal data, Article 6, paragraph 1, sentence 1 lit.
a EU General Data Protection Regulation (EU-GDPR) serves as the legal basis for the processing of personal data.
In the processing of personal data required to perform a contract of which the contractual party is the data subject, Art. 6 paragraph
1 sentence 1 lit. b GDPR serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.
Insofar as processing of personal data is required to fulfil a legal requirement that our company is subject to, Art. 6 paragraph 1
sentence 1 lit. c GDPR serves as the legal basis.
In the case that vital interests of the data subject or another natural person make the processing of personal data necessary, Art. 6
paragraph 1 sentence 1 lit. d GDPR serves as the legal basis.
If processing is required to protect a legitimate interest of our company or of a third party and the interests do not override the
interests, fundamental rights and freedoms of the data subject of the first-named interest, Art. 6 paragraph 1 sentence 1 lit. f GDPR serves as the legal basis for the processing.
1.3 Categories of recipients and personal data, origin of the same; data transmission
We forward personal data to our business partners and service providers for the implementation of the business purpose. To
implement our business purpose we use typical contact and address data of our customer and business partners. We typically
receive the personal data direct from the data subject or with the consent of the data subject and also in exceptional cases from
third parties.
Insofar as nothing to the contrary is stated in the following sections, no forwarding of your data to third parties takes place, unless
we are legally obliged to do so, or the data transmission is required to perform the contractual relationship or you have previously
given your explicit consent to the forwarding of your data. External service providers and partner companies, such as, for example,
online payment providers or the shipping company tasked with the delivery, only receive your data insofar as it is necessary for the
execution of your order. However, in these cases the extent of the transmitted data is restricted to the minimum required. Insofar
as our service providers come into contact with your personal data, we assure that the regulations of the data protection laws
are observed in the same manner. Please also observe the data protection notices of the individual providers. The individual
service provider is responsible for the contents of third party services, whereby we verify as far as can be reasonably expected
that the services observe statutory requirements.
1.4 Transmission to third countries
Essentially we do not forward personal data to recipients in third countries (i.e. countries outside of the EU). Should data be
forwarded to recipients in third countries, we assure not only that we will obtain the permission required for the forwarding,
but that the third country recipient also assures an adequate level of data protection (or derogations for specific situations
pursuant to Art 49 paragraph 1 GDPR applies).
In specific case we forward personal data to recipients in third countries (i.e. countries outside of the EU).
United States of America
In these specific cases we give the following guarantees as described in Art. 44 GDPR:
EU standard contractual clauses
Privacy shield
1.5 Data security
We have taken extensive technical and organisational precautions to protect your data from accidental or intentional manipulation,
loss, destruction or access by unauthorised persons. Our security procedures are regularly checked and revised to take into account
technological progress.
1.6 Data deletion and storage periods
The personal data of the data subject is deleted or blocked, as soon as the purpose for which it was stored no longer applies.
Storage can also be effected if this was required by the European or national legislators in European Union regulations, laws or
other stipulations that the person responsible is subject to. The data is also blocked or deleted if a statutory storage period
prescribed by the cited standards expires, unless there is a need for continued data storage for the purposes of a conclusion or
performance of a contract.
2 GENERAL DATA COLLECTION WHEN VISITING OUR WEBSITE
When visiting the website for purely informational purposes, i.e. when you do not register or transfer other information to us, we
collect only the personal data that your browser transmits to our server.
Within the framework of the balancing of interests pursuant to Art. 6 paragraph 1 senteince1 lit. f GDPR we have taken into
account and weighed up our interest in provision and your interest in the processing of your personal data in compliance with
data protection requirements. As the data below is necessary for the technical provision of our service in order to be able to
offer you access to our website and also to ensure stability and security, in particular to offer protection against misuse, we
have come to the conclusion that this data - in conjunction with an assurance of data security based on the state of technology -
can be processed, whereby your interest in processing in compliance with data protection requirements is adequately taken into
account.
Description and extent of data collection
Whenever our internet site is visited, our system automatically records data and information from the computer system of the
visiting computer.
The following data is collected:
Information about the browser type and version used
The operating system and the interface of the user
The internet server provider of the user
The IP address of the user
Access status/http status code
Date and time of the visit
Time zone difference to Greenwich Mean Time
Content of the request (concrete internet page)
The quantity of data transmitted
Websites, from which the system of the user accessed our internet site
Websites that are visited by the system of the user via our website
Regarding mobile end devices: Manufacturer and type designation of the Smartphone, tablet or other mobile end devices
Low-level tracer
The data is likewise stored in the logfiles of our system. Storage of this data together with other personal data of the user does
not take place.
Legal basis for data processing
The legal basis for the temporary storage of the data and the logfiles is Art. 6, paragraph 1, sentence1 lit. f GDPR.
Purpose of data processing
The temporary storage of the IP address by the system is necessary so as to enable delivery of the website to the computer of
the user. To do this the IP address of the user remains stored for the duration of the session.
Storage in logfiles is required in order to assure the functionality of the website. In addition, the data serves to optimise the
website and to assure the security of our IT systems. In particular our website and our other IT system help us to adapt to
the browser, operating system and end devices used.
An evaluation of the data for marketing purposes does not take place in this connection.
These purposes are also our legitimate interest in data processing pursuant to Art. 6 paragraph 1 sentence1 lit. f GDPR.
Duration of the storage
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. If the data is recorded
in order to provide the website, this is the case when the session in question has ended.
In the case of storage of data in logfiles, this is the case after seven days at the latest. Storage above and beyond this period is
possible. In this case the IP addresses of the user are deleted or distorted so that it is no longer possible to recognise the calling client.
Right to object and removal
The recording of data for the provision of the website and the storage of the data in logfiles is absolutely essential for the operation
of the internet site. As a consequence the user has no possibility to object to this.
3 REGISTRATION
On our internet site we offer users the possibility to register by entering their personal data. The data is entered in the input mask
and is transferred to us and stored. The data is not forwarded to third parties. The following data is collected as part of the
registration process:
Salutation
Academic title (optional)
First name
Last name
Email
Password
Address
Telephone number
Company (optional)
Country
Packing station (if available)
CPF – Natural Person Register (only Brazil)
At the time of registration the following data is also stored:
The IP address of the user
Date and time of the registration
Customer number
Entity-ID
Email hash
The user is asked as part of the registration process to consent to the processing of this data. After registration has been
completed you receive a personal access protected by password and can view and manage the registration data. Registration
is effected on a voluntary basis, but may be a precondition for using our services.
In this connection your data is forwarded to our email service provider Emarsys so that we can send you an email confirming
your registration.
Legal basis for the data processing
Assuming the user gives his or her consent, the legal basis for the processing of the data is Art. 6 paragraph 1 sentence1 lit. a GDPR.
If registration serves to perform a contract, of which the contractual partner is the user or in order to take steps prior to entering
into a contract, the legal basis for the processing of the data is also Art. 6 paragraph 1 sentence1 lit. b GDPR.
Purpose of data processing
User registration is necessary for the provision of certain contents and services, in particular the extended use of our web shop
on our website. User registration also serves for the performance of a contract with the user or to take steps prior to entering
into a contract. Registration refers in particular to the use of our web shop.
Sales contracts are typically concluded via the web shop for the following product groups:
Clothing
Shoes
Bags
Accessories (including jewellery)
Children's clothing
Furnishings
Gift vouchers
Duration of the storage
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected.
This is the case for the data collected during the registration process if the registration on our internet site is cancelled or modified.
Insofar as the data collected during the registration process is required to perform a contract or to take steps prior to entering into
a contract, this is only the case when the data is no longer required to perform the contract. Even after conclusion of the contract
it may still be necessary to store personal data in order to fulfil contractual or statutory obligations.
Personal data is stored as a measure to prevent fraud.
The deletion deadline for the purposes of fraud prevention is 6 months, for actual attempts of fraud 6 months.
Right to object and removal
As a user you can cancel your registration at any time. You can have the data stored about you altered at any time.
You can send an email to info@bessense.com requesting the deletion or modification of your data.
If the data is required for the performance of a contract or to take steps prior to entering into a contract, a premature deletion
of the data is only possible insofar as no contractual or statutory obligations contradict this.
4 CONTACT
Our internet site has a contact form which can be used to contact us by electronic means. If the user takes advantage of
this possibility, the data entered in the input mask is transmitted to us and stored. This data is:
There follows a list of the data in the input mask:
First and last name
Email address
Subject
Message
No data is stored when the message is sent. Alternatively, contact can be established via the email address provided. In this
case the personal data of the user transmitted via the email is stored. In this connection the data is not forwarded to third
parties. The data is solely used for the processing of the conversation.
Legal basis for the data processing
If the user has given his or her consent, the legal basis for the processing of the data is Art. 6 paragraph 1 sentence1 lit. a GDPR.
paragraph 1 sentence1 lit. a GDPR.
Legal basis for the processing of the data that is transmitted as part of sending an email is Art. 6 paragraph 1 sentence1 lit. a GDPR.
If the intention of the email contact is the conclusion of a contract, the legal basis for the processing is also Art. 6 paragraph 1
sentence1 lit. a GDPR.
Purpose of data processing
The processing of personal data from the input mask is used solely for the process of establishing the contact. In the case of contact
by email there is also the necessary and legitimate interest in processing the data.
The personal data otherwise processed during the sending process is used to prevent misuse of the contact form and to assure
the security of our IT systems.
Duration of the storage
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. For the personal data from
the input mask of the contract form and the personal data sent by email, this is the case when the conversation with the user
has ended. The conversation is deemed to have ended when the circumstances suggest that the subject matter in question has
been conclusively clarified.
The personal data additionally collected during the sending process is deleted at the latest seven days afterwards.
Right to object and removal
The user can revoke his or her consent to the processing of personal data at any time. If the user establishes contact with us
via email, he or she can object to the storage of his or her personal data at any time. The conversation cannot be continued in
such a case.
You can inform us of your revocation of consent as well as your objection to storage of your personal data by sending an email to
info@bessense.com
In this case all personal data stored during the establishment of the contact is deleted.
5 NEWSLETTER
The email address is the only required information for sending the newsletter. The provision of additional, specially marked
information is voluntary, and it will be used solely for the purpose of personalising the newsletter. This data will also be completely
deleted if you revoke consent. In addition, we store the IP addresses you use for registration and confirmation, as well as the times
these events take place. The purpose of this procedure is to have evidence of your registration and, if necessary, to clarify any
possible misuse of your personal data. After your confirmation, we save your registration data for the purpose of sending you the
newsletter. The legal basis for this is Art. 6(1)(1)(a) GDPR.
If we have received your email address in connection with your order and you have not objected to this, we reserve the right to
send you regular offers by email for products similar to those you have already purchased from our product range.
You can object to the use of your email address and the processing and use of data to create user profiles at any time without
giving reasons, simply by sending a message to info@bessense.com or via the unsubscribe link in the email newsletter, without
incurring any costs other than the transmission costs according to the basic tariffs defined in, for example, your existing Internet
service contract.
We would like to point out that we evaluate your user behaviour when sending the newsletter. For this evaluation, the emails we
send contain so-called web beacons, also known as tracking pixels. These are one-pixel image files that link to our website, enabling us to evaluate your user behaviour. This is done by collecting web beacons,
which are assigned to your email address and linked to your own ID. Links contained in the newsletter also contain these beacons.
The email service provider also stores cookies on your computer through your web browser. The cookies and the identification
numbers stored in them will not be associated with your name, address, email address or other personally identifiable information
unless you have expressly permitted us to send you information specifically tailored to your interests. The email service provider
uses these cookies to recognize your browser, so that we can track your movements on our website as well as recording and
measuring the success of certain marketing actions. We use this information to improve our website and email newsletters, in
particular by adapting our information and offers to the individual interests and needs of users.
The storage of cookies by the email service provider is carried out on the basis of Art. 6(1)(f) GDPR. The website operator has a justified interest in the anonymous analysis of user behaviour in order to optimise both their
website and their advertising.
With the data obtained in this way, we create a pseudonymous user profile in order to be able to provide you with a newsletter
tailored to your interests. The following data will be collected:
Have you opened the newsletter? And what did you click on in it?
When and how long did you visit our website? What products and categories did you look at?
When and what did you purchase? What category, and in what amount? And: Did you cancel the order?
We associate this data with your user account, if you have logged in.
The information we collect is stored on a server located within the European Union.
You can opt out of the cookie-based collection and analysis of online data described above by clicking the opt-out button below. If you exercise this option, an anonymous "opt-out" cookie will be stored in your web browser, informing the Emarsys web servers of your opting out and preventing the collection
of data. The opt-out cookie will remain in effect in the browser you are using until you delete it using that browser. However, if you delete the
cookie or use a different browser or computer, the email service provider will no longer be able to recognise that you have
declared your objection. Alternatively, you can configure your browser so that it does not accept cookies.
If you have registered in our webshop and placed products on your wish list, you will receive emails informing you about discounts,
availability and the last available unit of the products on the wish list. You can unsubscribe from these notifications by unchecking
the box at the end of the wish list.
EMARSYS
ON
OFF
6 YOUR ORDER IN OUR ONLINE SHOP
If you would like to place an order in our web shop it is necessary for the purposes of concluding the contract that you provide
personal data which we require to process the order. Mandatory details required for the processing of contracts are specifically
marked as such, other details are voluntary. We use the data given by you to process you order. In addition, we can forward your
payment details to the payment service provider selected by you. Additionally, we forward your address details to the shipping
logistics service provider selected to carry out shipping.
The legal basis for this is Art. 6 paragraph 1 sentence1 lit b. GDPR.
You can also create a user account on a voluntary basis, which we can then use to store your data for additional purchases at a
later date. This registration is based on Point 3 of this declaration.
We can also process the data given by you in order to notify you about additional products in our range that you may find of
interest or have emails about technical information sent to you.
Commercial and fiscal stipulations require us to store your address, payment and order details for the period of ten years.
Nevertheless, we restrict processing after two years; this means your data is only used to observe the statutory requirement.
You can object to the use of your data for advertising and data analysis purposes at any time. Please send your objection to
info@bessense.com.
To prevent unauthorised access to your personal data, in particular financial data, the order process is encrypted by hybrid
encryption protocol for the secure data transmission "Secure Socket Layer" (SSL).
7 Paypal
PayPal (PayPal (Europe) S.a.r.l. et Cie, S.C.A. 22-24 Boulevard Royal 2449 Luxemburg) is a payment method termed as a so-called E-wallet. This means the customer creates an actual payment method with PayPal and logs with us into his PayPal account during
the payment process in order to confirm the payment there. The login is effected on the PayPal site and the customer must share
no payment data. However, the following data is transmitted to PayPal when this payment method is used: amount, order number,
name (both of the invoice as well as the delivery address), address (both of the invoice as well as the delivery address), email,
telephone number. The purpose of the data processing is the execution of your payment via PayPal. We receive from PayPal a
payment conformation relating to mentioned data and the time of payment. Legal basis is Art. 6 paragraph 1 sentence 1 lit. b GDPR. The data transmission
described is effected simultaneously also for the purposes of fraud prevention at PayPal. Therefore, the additional legal basis Art. 6
paragraph 1 sentence1 lit. f GDPR applies. Insofar as you effect payment by PayPal, a right of objection is excluded as the
processing of your data is absolutely essential.
8 COOKIES
We use cookies in order to improve our web presence and to optimise use for you, but also for advertising purposes. Cookies
are small text files that are stored on your computer when you call up our website and enable a renewed identification of
your browser. Cookies store information, such as, for example, your language setting, the length of visit to our website or the
entries you made there. This avoids the need to reinput all the required data afresh at every session. Moreover, cookies enable us
to detect your preferences and to tailor our website to your areas of interest.
Most browsers accept cookies automatically. If you would like to prevent the acceptance of cookies, you can select the setting
"accept no cookies" in the browser settings. How this works in detail can be found in the instructions of your browser manufacturer.
Cookies already stored on your computer can be deleted at any time. However, we would like to point out this may restrict the
functionality of our web presence.
9 FIRST-PARTY COOKIES
This type of cookie is set by the website that the user visits. Only this website is permitted to read the cookie information.
9.1 Cookies used
We use cookies in order to design our website in a user-friendly fashion. Some elements of our internet site require the calling browser to be identified also after a page change.
10 DISCLOSING DATA
There will be no transfer of your personal data to a third party apart from for the specified purposes.
We disclose your personal data to a third party only if:
you have given your explicit consent to do so,
the disclosure is required for asserting, exercising or defending legal rights and there are no grounds for assuming that you have
an overriding legitimate interest in the non-disclosure of your data,
that there is a statutory obligation for the disclosure, and
this is legally permissible and required for implementing the contractual relationships with you.
Fundamentally, the high European level of data protection does not apply to data transfer outside the European Union. For a transfer,
it can be that there is currently no adequacy decision by the EU Commission in the sense of Art. 45, Para. 1, 3 GDPR. This means
that the EU Commission has not yet positively determined that the country-specific level of data protection corresponds to the level of data protection of the European Union based on GDPR, which is why we
have created the abovementioned suitable guarantees.
Possible risks, which cannot be completely excluded in connection with the data transfer are in particular:
your personal data could possibly be dealt with beyond the actual purpose.
Moreover, there is a possibility that you cannot sustainably assert and implement any of your legal data protection rights, such as,
for example, your right to information, correction, deletion or data portability.
There may also be a higher probability that there could be incorrect data processing and the personal data do not quantitively and
qualitatively meet or not fully meet the requirements of GDPR.
If your personal data are processed, you are the affected person in the meaning of GDPR and you have the following rights against
the responsible person:
11 Right to Information
You can demand from the responsible person a confirmation of your personal data processed by us which affect you.
If there is such processing, you can demand information on the following from the responsible person:
the purpose for which your personal data is being processed;
the categories of personal data being processed;
the recipient and/or the categories of recipients to whom the personal data affecting you are being or will be disclosed;
the planned storage time for the personal data affecting you or, if concrete details on this are not possible, the criteria for
determining the duration of storage;
the existence of a right to correction or deletion of the personal data affecting you, a right to restrict the processing by the
responsible person or a right to object to this processing;
the existence of a right to appeal to a supervisory authority
all available information on the origin of the data if the personal data were not collected from the affected person;
the existence of automated decision-making, especially profiling, pursuant to Art. 22, Paragraphs 1 and 4 GDPR and – at least in these cases – significant information about the logic involved and the scope and the intended effects of such processing for the affected person.
You have the right to demand information about whether the personal data affecting you are transferred to a third country or an
international organisation. In this context, you can demand to be informed about the suitable guarantees in Art. 46 GDPR in
connection with the transfer.
12 Right of Correction
You have the right to correction and/or completion against the responsible person, if the personal data processed that affect
you are incorrect or incomplete. The responsible person must make the correction without delay.
13 Right of Restricting the Processing
Under the following prerequisites, you can demand the restricting of the processing of the personal data affecting you:
if the correctness of the personal data affecting you has been disputed over a period, which enables the responsible person to
check the correctness of the personal data;if the processing is unlawful and you eject deletion of the personal data and instead of
this you request the restriction of the use
of the personal data;
if the responsible person no longer needs the personal data for the purpose of processing, but you need these for asserting,
exercising or defending legal rights, or if you have appealed against the processing pursuant to Art. 21, Para. 1, GDPR and has still not been determined whether the
legitimate grounds of the responsible person outweigh your grounds.
If the processing of the personal data affecting you is restricted, these data, apart from their storage, may only be processed with
your consent or for asserting, exercising or defending legal rights or to protect the rights of another natural person or legal entity
or on the grounds of an important public interest of the Union or a member state.
If the restriction of the processing is restricted pursuant to the abovementioned prerequisites, you will be notified by the responsible
person before the restriction is lifted.
14 Right of Deletion
a) Obligation of Deletion
You can demand the responsible person that the personal data affecting you be deleted without delay and the responsible person is
duty bound to delete these data without delay, unless one of the following grounds applies:
the personal data affecting you are no longer necessary for the purpose for which they were collected or processed in another way.
You withdraw your consent on which the processing under Art. 6, Para. 1, P. 1, lit. a or Art. 9, Para. 2, lit. a, GDPR is based and there
is an absence of another legal basis for the processing.
Pursuant to Art. 21, Para. 1, GDPR, you appeal against the processing and there are no overriding legitimate grounds for processing
or you appeal against the processing under Art. 21, Para. 2, GDPR.
The personal data affecting you has been unlawfully processed.
The deletion of the personal data affecting you is necessary for fulfilling a legal obligation under Union law or the laws of the
member states to which the responsible person is subject.
The personal data affecting you were collected regarding the services offered by the information society under Art. 8, Para. 1, GDPR.
b) Information to Third Parties
If the responsible person has disclosed the personal data affecting you and they are obligated to delete them under Art. 17,
Para. 1, GDPR, they are thus to take suitable measures, taking account of the available technology and the costs of implementation,
including of a technological type, to inform the person responsible for the data processing, who processes the personal data, that
you, as the affected person, have demanded the deletion of all links to these personal data or of copies or replications of these
personal data.
c) Exceptions
There is no right of deletion if the processing is required
to exercise the right to freedom of expression and information;
to fulfil a legal obligation, for which the processing is required under the law of the Union or the member states to which the
responsible person is subject, or to perform a task which is in the public interest or ensues in exercising public authority, which has been transferred to the responsible person;
on grounds of public interest around public health pursuant to Art. 9, Para. 2, lit. h and I as well as Art. 9, Para 3, GDPR;
for purposes of archiving, scientific or historical research or for statistical purposes pursuant to Art. 89, Para. 1, GDPR, insofar
as the law cited under Section a) is anticipated to make this processing impossible or seriously impairs it, or
to assert, exercise or defend legal rights.
15 Right of Notification
If you exercise the right of correction, deletion or restriction of the processing to the responsible person, they are obligated to
notify all recipients to whom the personal data affecting you has been disclosed of this correction or deletion of the data or
restriction of the processing, unless this proves to be impossible or is associated with disproportionate expenditure.
You have the right against the responsible person to be informed of these recipients.
16 Right of Data Portability
You have the right to receive the personal data affecting you, which you made available to the responsible person, in a structured,
accessible and machine-readable format. In addition, you have the right to transfer these data to another responsible person without hindrance by the
responsible person to whom the personal data was made available, if
the processing was based on consent pursuant to Art. 6, Para. 1, P. 1, lit. a, GDPR or Art. 9, Para. 2, lit. a, GDPR or on a contract
pursuant to Art.6, Para. 1, P. 1, lit. b, GDPR and the processing is done with the help of an automated process.
In addition, in exercising this right, you also have the right to obtain the personal data affecting you are transferred direct from a
responsible person to another responsible person, if this is technically possible. Freedom and rights of other persons may not be
affected by this.
The right of data portability does not apply to the processing of personal data that is necessary for performing a task which lies
in the public interest or ensues in exercising public authority, which has been transferred to the responsible person.
17 Right to Object
You have the right to object at any time to the processing of the personal data affecting you ensuing from Art. 6, Para. 1, P. 1, lit.
e or f, GDPR, for reasons arising from your own special situation; this also applies to profiling supported by one of these provisions.
The responsible person no longer processes the personal data affecting you, unless they can demonstrate compelling, legitimate
reasons for the processing which outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or
defend legal rights.
If the personal data affecting you is processed to operate direct advertising, you have the right to object at any time to the
processing of the personal data affecting you for the purpose of such advertising; this also applies to profiling if it is related to such direct advertising.
If you object to the processing for the purpose of direct advertising, the personal data affecting you will no longer be processed
for this purpose.
Irrespective of EU Directive 2002/58/EU, in connection with the use of the services of the information society, you can exercise
your right to object by means of automated process in respect of which technical specifications are applied.
You have the right to revoke your declaration of consent under data protection law at any time. By revoking the consent,
the legality of the processing undertaken up to the revocation is not affected.
18 RIGHT IN THE CASE OF DATA PROCESSING FOR OPERATING DIRECT ADVERTISING
Pursuant to Art. 21, Para. 2, GDPR, you have the right to object at any time to the processing of personal data affecting you.
In the event of a complaint from you against the processing of your personal data for the purpose of direct advertising,
your personal data will no longer be processed for this purpose. Please note that the objection has effect only for the future.
Processing carried out prior to the objection are not affected by this.
19 REFERENCE TO THE RIGHT TO OBJECT IN A BALANCING OF INTERESTS
If we base the processing of your personal data on a balancing of interests, you can object to the processing.
In exercising such a right to object, we request that the grounds on which we should not process your personal data as described
by us are presented. In the event of your justifiable objection, we will examine the facts and will either cancel or adjust the data
processing or explain our compelling, legitimate grounds to you.
20 LINKS TO OTHER WEBSITES
Our web pages may contain links to other providers. We point out that this data protection declaration applies exclusively to the
web pages of info@bessense.com. We have no influence on and do not control whether the other providers adhere to the
data protection provisions.
21 CHANGES TO THE DATA PROTECTION DECLARATION
We reserve the right to change or adjust this data protection declaration at any time, taking account of the applicable data protection provisions.
