Data protection information for the users of our website

Thank you for your interest in our website. We take the protection of your personal data seriously. Accordingly, we process your data in accordance with the statutory data protection regulations. In this privacy policy you will find information about which personal data is processed by Healy World B.V. (hereinafter referred to as “Healy”, “we”, “us”) in connection with your visit to or use of our website.

1. Responsible for data processing

is responsible for the processing of your personal data:

Healy International B.V.
Paterswoldseweg 806,
9728 Groningen
Netherlands
E-mail: privacy@healy.world

To assert the rights set out in this privacy policy or if you have any questions about the processing of your personal data, please contact our data protection officer at dpo@healy.world. You can also contact us by post at the above address with the addition “For the attention of the data protection officer”.

2. Purposes and legal bases of data processing

In the following, we provide information about the details of the processing of personal data in the context of the use of our website.

2.1 Collection of personal data when visiting our website

In order to make the use of our website as pleasant and efficient as possible, we collect the following data, which is technically necessary to display the website to you and to ensure stability and security:

• Location of the request
• IP address
• Date and time of the request
• Time zone difference to Greenwich Mean Time (GMT)
• Content of the request (specific page)
• Access status/HTTP status code
• Amount of data transferred in each case
• Website from which the request comes
• Browser type
• Operating system and its interface
• Language and version of the browser software

The requesting provider After a technical evaluation, this data is deleted immediately. This data collection serves to safeguard our legitimate interests in a correct presentation and the guarantee of trouble-free operation of our website offer, as well as compliance with the provisions of the GDPR in terms of security and confidentiality, in accordance with Art. 6 para. 1 lit. f of the General Data Protection Regulation (“GDPR”).

2.2 Use of cookies and pixels

When you use and visit our website, cookies or similar technologies such as pixels (hereinafter generally referred to as “cookies”) are used on your computer. Cookies are small text files that are stored by your browser on your end device to store certain information, or image files such as pixels. Most web browsers are set to allow all cookies by default. However, you can prevent the use of cookies at any time with effect for the future by setting your browser so that no cookies or only certain cookies are permitted or so that you are notified as soon as cookies are sent.

You can also use cookie blockers such as “DoNotTrackMe”. Please note that if you reject cookies, some functions on the website may be restricted or unavailable. We therefore recommend that you accept cookies from us and our partners in your browser settings.

This website uses cookies that are absolutely necessary for the operation of the website as well as cookies that enable certain functions, such as saving your language settings for the next visit. If personal data, such as your IP address, is processed as part of the cookies required to operate the website, the legal basis for this is our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR to be able to offer you our website and associated functions.

In addition, we use optional cookies for marketing purposes, for the collection of statistical data about our website visitors or for special functions on our website. The legal basis for the placement of these cookies on your end device and for the subsequent data processing is Section 25 (1) TTDSG and Art. 6 (1) lit. a GDPR.

Cookie declaration 

Necessary (28)

Necessary cookies help to make a website usable by enabling basic functions such as page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

Name	Provider	Purpose	Procedure	Type
AWSALB [x5]	eu.academy.healy.world eu.healy.store help.healy.world mexico.healy.store thailand.healy.store	Registers which server cluster is serving the visitor. This is used in connection with load balancing to optimize the user experience.	7 days	HTTP
AWSALBCORS [x5]	eu.academy.healy.world eu.healy.store help.healy.world mexico.healy.store thailand.healy.store	Registers which server cluster is serving the visitor. This is used in connection with load balancing to optimize the user experience.	7 days	HTTP
CookieConsent [x4]	Cookiebot www.healy.shop	Saves the user’s consent status for cookies on the current domain.	1 year	HTTP
oidc-csrf-token [x3]	eu.academy.healy.world eu.healy.store help.healy.world	Is required for Healy SSO processes	1 day	HTTP
wpEmojiSettingsSupports	eu.academy.healy.world	This cookie is associated with a bundle of cookies that serve the purpose of providing and presenting content. The cookies retain the correct state of font, blog/image sliders, color themes and other website settings.	Session	HTML
PHPSESSID [x2]	eu.healy.store help.healy.world	Retains the user’s statuses for all page requests.	Session	HTTP
wc_cart_hash_#	eu.healy.store	Pending	Persistent	HTML
wc_fragments_#	eu.healy.store	Pending	Session	HTML
wp-wpml_current_language [x3]	eu.healy.store eu.academy.healy.world help.healy.world	Designates the country code that is calculated based on the user’s IP address. Used to determine which language should be used for users.	Session	HTTP
1.gif	Cookiebot	Used to count the number of sessions on the website, which is necessary to optimize the provision of CMP products.	Session	Pixel
_zcsr_tmp	Zoho One	This cookie is required for the login function on the website.	Session	HTTP
hex (10)	Zoho One	Registers which server cluster is serving the visitor. This is used in connection with load balancing to optimize the user experience.	Session	HTTP

Preferences (9)

Preference cookies allow a website to remember information that affects the way a website behaves or looks, such as your preferred language or the region you are in.

Name	Provider	Purpose	Procedure	Type
__articles-en__data	help.healy.world	Pending	Persistent	HTML
__articles-en__data__ttl__	help.healy.world	Pending	Persistent	HTML
__articles-en__protocol	help.healy.world	Pending	Persistent	HTML
__articles-en__protocol__ttl__	help.healy.world	Pending	Persistent	HTML
__articles-en__thumbprint	help.healy.world	Pending	Persistent	HTML
__articles-en__thumbprint__ttl__	help.healy.world	Pending	Persistent	HTML
_icl_visitor_lang_js	help.healy.world	Saves the user’s preferred language on the website.	1 day	HTTP
wpml_browser_redirect_test	help.healy.world	Saves the user’s preferred language on the website.	Session	HTTP
LS_CSRF_TOKEN	Zoho One	Identifies the visitor across devices and visits to optimize the chatbox function on the website.	Session	HTTP

Statistics (3)

Statistics cookies help website owners understand how visitors interact with websites by collecting and reporting information anonymously.

Name	Provider	Purpose	Procedure	Type
siqlsdb	eu.healy.store	Defines a unique ID for the session. This allows the website to obtain data on visitor behavior for statistical purposes.	Persistent	HTML
_pk_id#	matomo.aws.healy.world	Records statistics about the user’s visits to the website, such as the number of visits, average time spent on the website and which pages were read.	1 year	HTTP
_pk_ses#	matomo.aws.healy.world	Used by Piwik Analytics Platform to track the visitor’s page views during the session.	1 day	HTTP

Marketing (22)

Marketing cookies are used to follow visitors on websites. The intention is to show ads that are relevant and engaging to the individual user and therefore more valuable to publishers and third party advertisers.

Name	Provider	Purpose	Procedure	Type
uesign	Zoho One	Sets an ID for the specific user. This enables the website to address the user with relevant offers via its chat functionality.	30 days	HTTP
#-#	YouTube	Pending	Session	HTML
iU5q-!O9@$	YouTube	Registers a unique ID to keep statistics of the videos from YouTube that the user has watched.	Session	HTML
LAST_RESULT_ENTRY_KEY	YouTube	Used to track user interaction with embedded content.	Session	HTTP
LogsDatabaseV2:V#||LogsRequestsStore	YouTube	Pending	Persistent	IDB
nextId	YouTube	Used to track user interaction with embedded content.	Session	HTTP
remote_sid	YouTube	Necessary for the implementation and functionality of YouTube video content on the website.	Session	HTTP
requests	YouTube	Used to track user interaction with embedded content.	Session	HTTP
ServiceWorkerLogsDatabase#SWHealthLog	YouTube	Necessary for the implementation and functionality of YouTube video content on the website.	Persistent	IDB
TESTCOOKIESENABLED	YouTube	Used to track user interaction with embedded content.	1 day	HTTP
VISITOR_INFO1_LIVE	YouTube	Tries to estimate user bandwidth on pages with integrated YouTube videos.	180 days	HTTP
VISITOR_PRIVACY_METADATA	YouTube	Saves the user’s consent status for cookies on the current domain.	180 days	HTTP
YSC	YouTube	Registers a unique ID to keep statistics of the videos from YouTube that the user has watched.	Session	HTTP
ytidb::LAST_RESULT_ENTRY_KEY	YouTube	Used to track user interaction with embedded content.	Persistent	HTML
YtIdbMeta#databases	YouTube	Used to track user interaction with embedded content.	Persistent	IDB
yt-remote-cast-available	YouTube	Saves the user settings when accessing a YouTube video integrated on other websites	Session	HTML
yt-remote-cast-installed	YouTube	Saves the user settings when accessing a YouTube video integrated on other websites	Session	HTML
yt-remote-connected-devices	YouTube	Saves the user settings when accessing a YouTube video integrated on other websites	Persistent	HTML
yt-remote-device-id	YouTube	Saves the user settings when accessing a YouTube video integrated on other websites	Persistent	HTML
yt-remote-fast-check-period	YouTube	Saves the user settings when accessing a YouTube video integrated on other websites	Session	HTML
yt-remote-session-app	YouTube	Saves the user settings when accessing a YouTube video integrated on other websites	Session	HTML
yt-remote-session-name	YouTube	Saves the user settings when accessing a YouTube video integrated on other websites	Session	HTML

Not classified (0)

Unclassified cookies are cookies that we are currently trying to classify, together with providers of individual cookies.

We do not use these types of cookies.

The cookie statement was last updated on 19.03.2024.

You can open and adjust the cookie settings by clicking on “Renew or change cookie consent” in the footer of the website. You can also revoke your consent to the placement of cookies there.

2.3 Matomo

In order to gain a better understanding of user behavior on our website and to continuously improve our online offering, we use Matomo (formerly Piwik), an open source software for the statistical analysis of visitor access. Matomo enables us to collect anonymized data about the behaviour of our visitors, such as pages viewed, length of stay, geographical origin and browser types used. This information helps us to optimize the user experience on our website and to tailor content even more specifically to your needs. The following data is collected:

• Three bytes of the IP address of the user’s accessing system (anonymized IP address)
• The website called up
• The website from which the user came to our website (referrer)
• The subpages that are accessed from the accessed website
• The time spent on the website
• The frequency of visits to the website

When you visit our website, you will be asked for this consent by a notice (e.g. in our cookie banner). You have the option of withdrawing your consent to data processing by Matomo at any time. You can do this simply by adjusting your cookie settings in the footer of our website. After your revocation, no further data will be collected by Matomo during your visit to our website. To ensure the protection of your data, we use Matomo in such a way that IP addresses are only stored in abbreviated form in order to prevent them from being directly linked to individuals. In addition, all data collected by Matomo remains on servers under our control and is not passed on to third parties.

The legal basis for the processing is your consent in accordance with Art. 6 para. 1 lit. a GDPR. You can withdraw this consent at any time. The data stored through tracking will be deleted as soon as it is no longer required for our recording purposes. This is the case after twelve months.

2.4 Linking to YouTube videos

We do not integrate YouTube videos directly into our website, but instead provide external links to the videos hosted on YouTube’s servers. This means that we do not collect or process any personal data in connection with the video playback. If you click on these external links, you will be redirected directly to the YouTube platform.

Please note that when you click on the YouTube links and are redirected to YouTube, data about you as a user may be transmitted to YouTube. This may include information such as your IP address, the date and time of your visit and the specific URL you accessed. The data transfer takes place regardless of whether you are logged in to YouTube or not. If you are logged into a Google account, your data can be assigned directly to your account. If you do not wish your data to be associated with your YouTube profile, you must log out before activating the button. YouTube stores your data as usage profiles and uses them for the purposes of advertising, market research and/or the needs-based design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact YouTube to exercise this right.

The purpose of forwarding to YouTube is to provide you with a wider selection of multimedia content. The use of YouTube links enables us to provide you with multimedia content directly and efficiently. The use of YouTube links is based on our legitimate interest in a multimedia presentation of our online content in accordance with Art. 6 para. 1 lit. f GDPR.

2.5 Collection and use of personal data for contact requests

When you contact Healy World by email or via the contact form, the data you provide (your email address and, if applicable, your first and last name) will be stored by us in order to answer your inquiry. This data processing takes place on the basis of Art. 6 para. 1 lit. f GDPR, our legitimate interest in being able to talk to you about our products and services or Art. 6 para. 1 lit. b GDPR, if it is a pre-contractual communication. The communication of the form of address serves the gender-equitable and polite way of addressing and communicating and is therefore in our legitimate interest, Art. 6 para. 1 lit. f) GDPR.

2.6 Collection and use of personal data with WhatsApp Business

To improve our customer communication, we use WhatsApp Business, a messaging service from WhatsApp Inc. at your request, which enables us to communicate directly with our customers and members. By using WhatsApp Business to exchange messages, personal data such as your telephone number, the name you have chosen and your avatar will be processed. The use of this service is voluntary and requires that you agree to WhatsApp’s privacy policy, which can be viewed at WhatsApp Privacy Policy. Please note that WhatsApp has access to communication metadata and may store this data outside the European Union. We recommend that you do not share sensitive personal information via WhatsApp. This data processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR, our legitimate interest in being able to talk to you about our products and services or Art. 6 para. 1 lit. b GDPR, if it is a pre-contractual communication.

2.7 Collection and use of personal data by Live Chatbox

In order to offer our website visitors a direct communication channel, we provide a live chat box on our website. This service allows you to ask us general questions in real time. To answer your questions, your name and e-mail address, your Healy username and the date and time of access are processed. We ask you not to share any personal data or sensitive information with us via the live chatbox, as this communication channel is primarily intended for general inquiries and is not designed for the transmission of confidential information. All data submitted via the live chatbox will be handled in accordance with our privacy policy to ensure your privacy and the security of your data. The live chatbox is operated by our service provider Zoho Corporation GmbH, Trinkausstr. 7, 40213 Düsseldorf, Germany, with whom we have concluded a corresponding agreement for the processing of personal data on our behalf. Data processing in connection with the use of the live chatbox is carried out on the basis of Art. 6 para. 1 lit. f GDPR, our legitimate interest in being able to talk to you about our products and services or Art. 6 para. 1 lit. b GDPR, insofar as it concerns pre-contractual communication.

2.8 Online store

In our online store on the website, we offer you the opportunity to shop from the comfort of your own home. In order to process your order and fulfill the contract concluded between us, it is necessary to provide certain personal data. This includes your title, surname and first name, your postal address and your e-mail address. If necessary, you can also specify a different delivery address. The processing of this data is based on Art. 6 para. 1 lit. b) GDPR, which permits the processing of data for the performance of a contract or pre-contractual measures. The collection of your salutation enables us to address you in a gender-appropriate and respectful manner. This procedure serves the purpose of polite and individual communication and is therefore in our legitimate interest in accordance with Art. 6 para. 1 lit. f) GDPR.

2.9 Collection of personal data upon conclusion of contract and payment

When ordering products, the following personal data is processed as part of the registration required for an order:

• Salutation
• Name
• Address
• Phone number
• E-mail address
• Possibly a different delivery address
• Credit card, bank and bank transfer details

Healy World uses this data exclusively for the purpose of executing the contract and the necessary communication with the customer. This includes the initiation, conclusion, processing, warranty and, if necessary, the reversal of the contract. The data is stored until the contract has been fully executed. If commercial and tax retention periods apply, the data may be stored for up to 10 years. The processing of this data is necessary for the fulfillment of the contract. If you do not provide this data, we will generally not be able to fulfill the contract with you.

This data processing is based on Art. 6 para. 1 lit. b GDPR for the execution of the contract. The legal basis for further storage for tax and commercial law reasons is the necessity according to the law pursuant to Art. 6 para. 1 lit. c GDPR in conjunction with the provisions of the German Fiscal Code and the German Commercial Code.

As part of the ordering process, we offer you various payment methods to make the purchase process as flexible and secure as possible. The available payment options include credit cards (VISA, MasterCard, American Express), PayPal, SOFORT Überweisung, iDEAL and KLARNA. Please note that when you select one of these payment methods, relevant payment information is transmitted to the respective payment service provider. This data transfer is necessary to process the payment and fulfill the purchase contract. We do not store complete payment data in our systems, but adhere strictly to the data protection regulations and security requirements of the respective payment service providers in order to ensure the protection of your personal data. For more information on the data protection practices of the individual payment service providers, we recommend that you consult the data protection declarations of these services.

The PayPal payment method can be used if you have a registered PayPal account. In this case, you will be forwarded directly to your PayPal account after clicking on “Buy now”. PayPal is a service of PayPal (Europe) SARL & Cie, S.C.A. 22-24 Boulevard Royal, L-2449 Luxembourg. You can find more information on data processing when using the PayPal or PayPal Express payment service at https://www.paypal.com/de/webapps/mpp/ua/privacy-full?locale.x=de_DE. The legal basis for the processing of the data is Art. 6 para. 1 lit. f) GDPR. The legitimate interest lies in payment processing.

2.10 Trusted Shops Trustbadge and customer reviews

Trusted Shops widgets are integrated on this website to display Trusted Shops services (e.g. seal of approval, collected reviews) and to offer Trusted Shops products to buyers after an order. This serves to safeguard our legitimate interests, which predominate in the context of a balancing of interests, in optimal marketing by enabling secure shopping in accordance with Art. 6 para. 1 lit. f GDPR. The Trustbadge and the services advertised with it are an offer from Trusted Shops GmbH, Subbelrather Str. 15C, 50823 Cologne, with whom we are jointly responsible under data protection law in accordance with Art. 26 GDPR.

As part of this data protection notice, we inform you below about the essential contents of the contract in accordance with Art. 26 para. 2 GDPR.

The trust badge is provided by a US CDN provider (content delivery network) as part of a shared responsibility. An appropriate level of data protection is ensured by standard data protection clauses and other contractual measures. Further information on data protection at Trusted Shops GmbH can be found in their privacy policy.

When the Trustbadge is called up, the web server automatically saves a so-called server log file, which also contains your IP address, the date and time of the call, the amount of data transferred and the requesting provider (access data) and documents the call. The IP address is anonymized immediately after collection so that the stored data cannot be assigned to your person. The anonymized data is used in particular for statistical purposes and for error analysis.

After completing your order, your e-mail address hashed using the cryptographic one-way function will be transmitted to Trusted Shops GmbH. The legal basis is Art. 6 para. 1 lit. f GDPR. This serves to check whether you are already registered for services with Trusted Shops GmbH and is therefore necessary for the fulfillment of our and Trusted Shops’ overriding legitimate interests in the provision of the buyer protection linked to the specific order and the transactional evaluation services in accordance with Art. 6 Para. 1 lit. f GDPR. If this is the case, further processing will be carried out in accordance with the contractual agreement concluded between you and Trusted Shops. If you have not yet registered for the services, you will then be given the opportunity to do so for the first time. Further processing after registration is also based on the contractual agreement with Trusted Shops GmbH. If you do not register, all transmitted data will be automatically deleted by Trusted Shops GmbH and a personal reference is then no longer possible.

Trusted Shops uses service providers in the areas of hosting, monitoring and logging. The legal basis is Art. 6 para. 1 lit. f GDPR for the purpose of ensuring trouble-free operation. Processing may take place in third countries (USA and Israel). An adequate level of data protection is ensured in the USA by standard data protection clauses and other contractual measures and in Israel by an adequacy decision.

Within the framework of the joint responsibility existing between us and Trusted Shops GmbH, please contact Trusted Shops GmbH in the event of data protection issues and to assert your rights using the contact options provided in the data protection information linked above. Irrespective of this, you can always contact the controller of your choice. If necessary, your request will then be forwarded to the other responsible party for a response.

2.11 Use of data for advertising purposes, newsletter for customers

With your consent, we will use your contact information to send you personalized messages and offers about our products. This will only be done with your prior consent, in accordance with Article 6(1)(a) of the General Data Protection Regulation (GDPR) and in accordance with Section 7(2)(3) of the German Act against Unfair Competition (UWG). You can revoke your consent at any time by clicking on the unsubscribe link that you will find in every newsletter or by sending an email to privacy(a)healy.world.

To make our newsletters more interesting for you, we also use a technique that helps us to measure their effectiveness. This is done by using so-called tracking pixels, which record how often a newsletter is opened and how readers interact with it. The resulting connection via the internet enables us to collect relevant data (such as IP address, date and time of access) that shows us how widely our newsletter is distributed. This practice is based on our legitimate interest in understanding the reach and effectiveness of our communications, in accordance with Article 6(1)(f) of the GDPR.

We would also like to point out that, within the framework of the legal requirements of the UWG, we may also send you advertising for similar products or services directly by e-mail without your express consent under certain conditions. This requires that you have provided us with your electronic mail address in connection with the sale of a product or service, that the advertising is for our own similar products or services, that you have not objected to the use of your electronic mail address, and that it is clearly stated when the electronic mail address is collected and each time it is used that you can object to the use of your electronic mail address at any time without incurring any costs other than the transmission costs according to the basic rates.

An objection to the use of your data for direct marketing purposes in accordance with the UWG is possible at any time and can be made by notifying us via the above-mentioned contact channels. After receiving your objection, we will no longer use the relevant contact data for advertising purposes.

2.12 Reporting systems for legal violations (HinSchG and LkSG)

If you have a professional relationship with us, we enable you to report possible violations of compliance rules or legal requirements via a special reporting system on our website. You can also inform us about human rights or environmental risks and violations in connection with our suppliers’ supply chains, regardless of your professional relationship, by using our supply chain reporting system. For these purposes, we provide an e-mail address whistleblowing(a)healy.world, which you can also use anonymously. The purpose of processing your data is to collect and verify information about possible violations of our compliance policies or legal requirements and to act accordingly. As a rule, we collect and process information about the reported violation itself as well as contact information, unless the report is made anonymously. The data processing may concern both the reporter and the accused person. We guarantee that all information submitted will be treated in strict confidence. When investigating reports, we also take into account the legitimate interests of the persons concerned. Data recipients may be external lawyers or authorities. The legal basis for the processing of this data results from our legal obligations pursuant to Article 6(1)(c) GDPR, in conjunction with Section 10 of the Whistleblower Protection Act (HinSchG) or Section 8 of the Supply Chain Due Diligence Act (LkSG).

2.13 Social networks

Our website offers you direct access to our social media profiles on Facebook, Instagram, Pinterest and YouTube. Simply clicking on the respective links will take you directly to our presence on these social networks. Please note that each of these platforms has its own privacy policy, which you can view on the respective pages. These statements inform you about how your data is processed and protected on these platforms. We recommend that you familiarize yourself with these privacy policies.

2.14 Legal requirements

In some cases, we are legally obliged to collect and store certain data, for example in the context of tax regulations from the German Commercial Code or the German Fiscal Code. We may also be obliged to process personal data in the context of a legal dispute. This processing is based on Art. 6 para. 1 lit. c GDPR in conjunction with the respective legal regulations.

3. Data transmission

We treat your personal data with the utmost care and only pass it on if it is necessary for the processing of our contractual relationship or to pursue our legitimate interests. In order to provide our services effectively, we work with specialized external service providers, including customer advisory services, payment services, financing partners, logistics companies, postal services, credit agencies, call centers, IT providers, debt collection services and legal advisors. We have concluded strict data processing agreements with all of these partners to ensure the protection of your data.

• For our hosting services, we transfer the necessary personal data (such as contact, payment, technical data, usage data and content as well as log and analysis information) to selected third parties. This transfer enables us to provide you with technical support and the necessary infrastructure for your hosting services, in accordance with Art. 6 para. 1 lit. b GDPR for the fulfillment of the contract.
• For payment processing, we share your payment information, including first and last name, address, e-mail address and telephone number, with the selected payment provider. This disclosure is either based on your express consent or is necessary to fulfill our contract with you. Here we rely on Art. 6 para. 1 lit. a (with consent) or lit. b (fulfillment of contract) GDPR.
• In the course of delivery, necessary information such as your first and last name, address, e-mail address and telephone number will be passed on to our shipping partners. This is done exclusively in order to fulfill the purchase contract with you, based on Art. 6 para. 1 lit. b GDPR.
• We use the customer management and merchandise management system of TimeWaver Home GmbH, Darritzer Straße 6, 16818 Märkisch Linden, Germany as part of order processing. For this purpose, your personal data collected as part of the order will be transmitted to Zoho Corporation GmbH, Trinkausstr. 7, 40213 Düsseldorf, Germany. The legal basis for this data processing is Art. 6 para. 1 lit. f GDPR.

Data may be transferred to third countries (i.e. countries that are neither members of the European Union nor of the European Economic Area) if this is necessary to provide services to you, is required by law or if you have given us your consent. In addition, we may also transfer your personal data to processors in third countries. Please note that not all third countries have a level of data protection recognized as adequate by the European Commission. For data transfers to third countries where there is no adequate level of data protection, we ensure that the recipient either has an adequate level of data protection (e.g. by agreeing so-called EU standard contractual clauses of the European Union with the recipient) or that our users have given their express consent before the data is transferred.

4. Commission business

When purchasing from our online store, you have the option of selecting an Independent Healy World Member (IHWM) who has advised you on one of our products. If you wish, you can also ask us to provide you with an IHWM as a personal contact. Depending on the order, it may also be a commissionable transaction for the IHWM who advised you. In these cases, data on the identity of the IHWM will be added to the order data during order processing and billing data will be transmitted to the IHWM for the purpose of commission billing and advice. The legal basis for the processing is Art. 6 para. 1 lit. c) GDPR in conjunction with § 84ff. HGB and § 257 HGB.

5. Storage period

We store your data for as long as this is specified in the respective processing activities under section 2 and for as long as this is necessary for the provision of our services to you or as long as we have a legitimate interest in further storage.

In addition, we are subject to various retention and documentation obligations, including those arising from the German Commercial Code (HGB) and the German Fiscal Code (AO). Finally, the storage period is also assessed according to the statutory limitation periods, which can be up to thirty years, for example according to §§ 195 ff. of the German Civil Code (BGB), whereby the regular limitation period is three years.

6. Children

Our services are aimed at an adult audience. We ask persons under the age of 18 not to send any personal data to us without the consent of their parents or legal guardians. If we discover that we have received data from minors without their consent, we will delete it immediately. We encourage parents and legal guardians to monitor and supervise the online activities of their children. If you have any concerns about your child’s data transmission, please contact us directly so that we can respond appropriately.

7 Rights of the data subjects

Data subjects affected by data processing have the following rights:

Right to information: The right to information about your personal data processed by us and the right to a copy of this data;

Right to rectification: If your personal data is incorrect or incomplete, you have the right to rectification;

Right to restriction of processing: This right includes the restriction of the use or the manner of use. This right is limited to certain cases and exists in particular if: (a) the data is inaccurate; (b) the processing is unlawful and you oppose the erasure; (c) we no longer need the data, but you require the data for the establishment, exercise or defense of legal claims.

Right to erasure: You can request the erasure of your personal data, unless there is an obligation to retain it. The right to erasure is not an absolute right. For example, we have the right to continue processing your personal data if such processing is necessary to comply with our legal obligations or to assert, exercise or defend legal claims;

Right to data portability: This right includes that we transfer your personal data in a structured, commonly used and machine-readable format for your own purposes, if technically possible;

Right to withdraw your consent: If you have given us your consent to processing, you have the right to withdraw your consent at any time. Such a withdrawal does not affect the lawfulness of processing based on consent before its withdrawal.

Right to lodge a complaint: You have the right to lodge a complaint with the data protection supervisory authority. A list of all supervisory authorities for Germany can be found here https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html. 

Right to object pursuant to Art. 21 GDPR

You have the right to object to the processing of your personal data on grounds relating to your particular situation, provided that the processing is carried out in the public interest or on the basis of a balancing of interests, including profiling. In the event of your objection, we will cease processing your personal data unless we can prove compelling reasons that override your interests or the processing of your personal data is necessary for the establishment, exercise or defense of legal claims. Insofar as we process your personal data for direct marketing purposes, you have the right to object to this processing at any time; this also applies to the creation of profiles, insofar as this is covered by such direct marketing measures.

We hope that this information has been helpful for you to better understand your rights. If you have any further questions about our privacy practices, please do not hesitate to contact us. Please note that changes to this statement may be necessary due to developments on our website or changes in legal or regulatory requirements. We therefore recommend that you check back regularly for updates.

In order to view the data protection information that we offer you as PDF files for download, you will need to install the Adobe Acrobat Reader add-on program, which is available free of charge on the Internet. This enables you to view and use the documents in their entirety. To download the latest version of Acrobat Reader, please visit the following website: https://get.adobe.com/de/reader/.

Status of the privacy policy: 09.04.2024