Private Policy

Data protection declaration

skinxpert GmbH (hereinafter skinxpert) takes the protection of your data very seriously and maintains the platform in accordance with the applicable legal provisions on data protection with the inclusion of the provisions of the EU Data Protection Basic Regulation (hereinafter: DSGVO). Below we inform you about the type and scope of processing of your personal data by skinxpert GmbH.

1. general
This data protection declaration is intended to inform you about data processing by skinxpert GmbH (as "person in charge"). skinxpert GmbH is responsible for the following website:
skinxpert GmbH 
Berlin avenue 58A
30175 Hanover
If you have any further questions that the data protection declaration should not answer, please contact our data protection officer at Data protection officer of skinxpert GmbH is Prof. Dr. Heinrich Stedler.
The supervisory authority in charge for skinxpert GmbH is:
The State Commissioner for Data Protection of Lower Saxony
Prince route 5
30159 Hanover, Germany 

2. data processing when accessing our website
When you visit our website, information such as
the IP address,
the date and time of access,
the name and URL of the retrieved file,
the website from which the access was made (referrer URL),
the browser you are using and, if applicable, the operating system of your Internet-capable computer as well as the name of your access provider

to our server and temporarily stored by us. The legal basis for such processing is provided for in Article 6(1)(f) of the DSBER. The legitimate interest is for the following purposes:
Optimization of the connection setup, 
Ensuring and optimizing the user-friendliness and handling of our website,
Ensuring system security and stability
and for security/punishment in the event of a cyber attack.
Our website uses cookies, tracking tools, targeting procedures and social media plug-ins. These tools and procedures are described in more detail below.

3. data processing during registration
It is possible to register as a customer. A password-protected customer account will be created. The data involved is shown in the input mask that is filled in during registration. This data is used exclusively for internal permanent storage of your personal data in a password-protected customer account. The IP address, date and time of registration are stored.

4. data processing during the ordering process
Data processing within the framework of orders serves to process all transactions within the order. The legal basis for this is Article 6 paragraph 1 letter b) DSGVO. The data involved can be seen from the input mask that you fill in when placing your order.
The following data processing is required to process the purchase contract:
Your e-mail address will be used for electronic communication about your order and its processing. The legal basis for such processing is provided for in Article 6(1)(c) of the DSBER.
In order to fulfil the contractual obligations, the order data is transmitted to the upstream supplier and, if applicable, to his transport person who delivers the goods or provides the booked services, and made available for use of the data for this purpose. The legal basis for such processing is provided for in Article 6(1)(b) of the DSBER.
For the fulfilment of the contract it may be necessary for the data to be forwarded to our payment service provider or to the commissioned credit institution. This depends on the selected payment method.
The following payment methods can be used:
Credit card (partial)
Paypalplus (purchase by invoice, credit card, partial payment)

We use the services of Klarna GmbH, Theresienhöhe 12, 80339 Munich for immediate bank transfer and BS PAYONE GmbH for payment by credit card.
Lyoner Strasse 9 D-60528 Frankfurt/Main and at paypal and paypalplus PayPal (Europe) S.à r.l. et Cie, S.C.A. 22-24 Boulevard Royal L-2449 Luxembourg

5. further data processing
Furthermore, data is collected and collected which you yourself explicitly communicate to us. For example, for individual customer contact by e-mail, telephone or on the platform, if you use the option of entering data (such as login registration, booking forms, inquiry forms). The data that are intended for collection are communicated to you in their nature before the respective process, if these do not result from the type of the upcoming process (e.g. name and password for login registration or in the "User data" mask: telephone and e-mail).
Furthermore, usage data is collected which you leave behind when using the platform (article searches carried out) and/or which the respective Internet provider communicates when using the platform (including the IP address of your computer) and/or generates via e-tracking. Usage data can contain personal or company-related data or allow conclusions to be drawn about them.
Without your registration or without your login, anonymous user data, such as which browser type and operating system you use and which pages you have visited on the website, are transmitted by your browser when you access the platform. The data collected is not used to identify you or your company.
The usage data is automatically stored in server log files. These are used to make the handling of the platform functions more attractive and to ensure and improve their performance.
This represents a legitimate interest for us and is therefore based on the legal basis of Art. 6 paragraph 1 letter f) DSGVO. 

6.  data processing for advertising purposes
In principle, data processing for advertising purposes represents a legitimate interest for skinxpert GmbH pursuant to Article 6 paragraph 1 letter f DSGVO. 
Furthermore, data processing is subject to the requirements of Section 7 (3) UWG.
If you are registered or listed as a customer with us, we process your contact data and inform you about products and services as well as relevant news independently of the newsletter subscription.
You have a separate right to object to data processing for advertising purposes at any time and free of charge for the respective communication channel with effect for the future. By the contradiction the contact address concerned is blocked for the respective communication channel for the further commercial data processing. You can file an objection by e-mail or by post to the contact details given.

7. e-mail campaigns
We only send e-mail campaigns (e.g. newsletters) with the consent of the recipient in accordance with Art. 6 paragraph 1 letter a) DSGVO. The data entered during the registration to the skinxpert GmbH information service will be used exclusively for this purpose. By registering for the skinxpert GmbH information service you will receive information about new and/or interesting products/articles via various e-mail campaigns. We use it for our own and external (from our suppliers and manufacturers) advertising purposes.
The data will be used exclusively for the newsletter dispatch and will not be passed on to third parties.
Consent to receive e-mail campaigns can be revoked at any time for the respective e-mail campaign. The link to cancel is at the end of each e-mail.

8. websites of third parties
skinxpert GmbH has no influence on the current contents of websites of third parties which can be reached via the platform and the way these websites are operated. skinxpert GmbH is not responsible for data protection and not for the contents of this website.

9. recipients outside the EU
With the exception of the processing listed below on our websites, we will not pass on your data to recipients based outside the European Union or the European Economic Area.

10. Cookies
General information
We use cookies on our websites. Cookies are text files which are stored on a computer system via an Internet browser. They do no damage to your computer. 
If the use of cookies represents a processing of personal data, the use of cookies is based on the legal basis Art. 6 paragraph 1 letter f) DSGVO. Our legitimate interest results from the website optimization, so that we can present our offer more securely and more user-friendly. This enables us to tailor the content of our website more specifically to your needs and thus improve our offering for you. Furthermore, we are interested in advertising cookies, so that we can place and display interest oriented advertising for you.
In particular, we use cookies to save settings you have made, such as your country selection, filter functions or provided functionalities when browsing within the platform. 
We use process cookies to ensure that our website functions correctly. These include navigation on the website and the secure processing of purchases on the website. For example, we save your shopping cart using the "Basket2" cookie.
We also use security cookies to authenticate you as a user and to ensure that your user data is safe from unauthorized access by third parties. For example, we use the cookies "sid" and "jsessionid" to secure access to protected platform areas.
We use session status cookies to collect information about our users' interaction with the site. This enables us to continuously improve and optimize our services for our users. For example, we use the "sid3" cookie to anonymously analyze the effectiveness of selected improvements to our website.
However, you can configure your browser so that no cookies are stored on your computer.
However, complete deactivation of cookies may prevent you from using all functions of our website.
The storage time of the cookies depends on their intended use and is not the same for everyone.

Google Analytics
skinxpert GmbH uses Google Analytics, a web analysis service of Google Inc ("Google"), CA 94043, 1600 Amphitheatre Parkway, Mountain View, USA, for the purpose of demand-oriented design and optimization of our website.
Google Analytics uses so-called "cookies", which are stored on your computer. Cookies are used to analyse the use of the website.
The information generated by the cookies about your use of this website is usually transferred to a Google server in the USA and stored there. The information that cookies generate is:
Browser type,
Operating system,
the website from which the access was made (referrer URL),
IP address,
Date and time of the server request.
This website uses Google Analytics with the IP anonymisation function ("anonymizeIp").
Google will reduce your IP address in the Member States of the European Union or in other states party to the Agreement on the European Economic Area beforehand. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.
On behalf of skinxpert GmbH, Google will use this information to evaluate your use of the website, to compile reports on website activities and to provide skinxpert GmbH with further services associated with website use for purposes of market research and demand-oriented design. The IP address transmitted by your browser in the context of Google Analytics is not merged with other Google data.
You may refuse the use of cookies by selecting the appropriate settings on your browser. However, we would like to point out that in this case you may not be able to use all functions of this website to their full extent. You can also prevent Google from collecting data generated by the cookie and relating to your use of the website (including your IP address) and processing of this data by Google by downloading and installing the browser plug-in available under the following link
You can prevent the collection by Google Analytics by clicking on the following link. An opt-out cookie is set to prevent future collection of your data when you visit this website: Disable Google Analytics
The terms of use and notes on data protection can be found at or at

Google AdWords
Our website integrates the Google Conversion Tracking "Google AdWords", the Google Inc, CA 94043, 1600 Amphitheatre Parkway, Mountain View, USA. Google AdWords is an analysis service for advertising on the Internet. When you click on a Google ad (Google search engine or on third-party websites), a so-called conversion cookie is stored on your computer.
The cookie expires after 30 days. If it has not expired yet, Google and we can recognize which pages you visit on our website. The system also records whether you have completed or cancelled a shopping basket. Neither we nor other Google AdWords advertisers receive information about your identity.
In the cookie, personal data (such as the IP address, websites visited) is stored by you. These are transferred to Google in the USA and stored there.
The purpose of Google AdWords is to advertise our website by placing interest-compliant advertising on the websites of third parties and/or by placing third-party advertising on our website.
Google uses the data to generate visitor statistics. These visitor statistics from Google AdWords to our website show us the success of our Google AdWords ad. This will enable us to further optimize our AdWords ads in the future.
You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.
You can prevent the conversion tracking of "Google AdWords" by clicking the following link and making the desired settings there. Note that this setting only applies to the browser used. Google's privacy policy can be found at
To display the collected ratings and social media feedback, the Trustami trust seal is included on this website. This serves the implementation of our legitimate interests in an optimal marketing of our offer on our own website. When the Trustami Trust Seal is called, the web server automatically stores data (access data) in the form of a server log file, which contains, for example, the date and time of access, your IP address in abbreviated form and the requesting provider. This access data is not evaluated and is automatically overwritten at the latest seven days after the end of your page visit. The Trustami Trust Seal and the services advertised with it are an offer of Trustami GmbH, Friedrich-Wilhelm Str.68, 12103 Berlin.

11. videos
third parties
For an optimal and lively article presentation, we also include some videos in the article descriptions on our website. The integration takes place via third party providers. If you call up a video, a connection is established to the respective third server and certain, use-related information is transmitted to it. For the handling of this data the respective data protection regulations of the third providers apply. Skinxpert GmbH receives no knowledge of the content of the data collected by the respective third party provider and has no influence on their use.
On our website we include videos from the video portal YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.
When you view videos on YouTube, a connection is established to YouTube's servers in the USA. This transfers certain information to YouTube. The YouTube server is informed which website you have visited. 
If you are logged into your YouTube account, you allow YouTube to associate your surfing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account. YouTube may also place cookies on your device. In particular, the tracker Google Analytics. This is our own tracking from YouTube, to which we have no access. You can stop tracking by Google Analytics by using the opt-out tools that Google offers for some Internet browsers. Users can also prevent Google from collecting data generated by Google Analytics and relating to their use of the website (including their IP address) and from processing this data by Google by downloading and installing the browser plug-in available under the following link:
It also allows YouTube to use certain other features, such as rating or sharing videos. These features are provided exclusively by YouTube and the respective third party providers and you should not use them.

Skinxpert GmbH has no knowledge of the content of the data collected by YouTube or third party providers and has no influence on their use.

For more information about YouTube's collection, use and rights regarding your information, please see YouTube's privacy policy at

12. Social Media Plug-ins
On our website we use social media plug-ins according to Art. 6 paragraph 1 letter a), letter f) DSGVO to make us better known. The advertising purposes therein represent a legitimate interest for us.
Facebook-like feature
Our website integrates plug-ins from the social network Facebook, 1601 South California Avenue, Palo Alto, CA 94304, USA.
The Facebook plug-ins are identified by the Facebook logo or the "Like" button on our website. An overview of the Facebook plug-ins can be found here:
When you visit our website, the plug-in establishes a direct connection between your browser and the Facebook server.
Data is transmitted and stored on Facebook.
Facebook receives the information that you have visited our website with your IP address. If you click the Facebook "Like" button while logged into your Facebook account, you can link the contents of our website on your Facebook profile. This allows Facebook to associate your visit to our site with your account. Skinxpert GmbH has no knowledge of the content of the transmitted data; as well as their use by Facebook.
For more information, please see Facebook's Privacy Policy at If you do not want Facebook to associate your visit to our site with your Facebook account, please log out of your Facebook account before visiting our site.
You can also completely prevent the Facebook plug-ins from loading with add-ons for your browser, e.g. the "Facebook Blocker".
Our website integrates plug-ins of the social network Google Plus, Google Inc, CA 94043, 1600 Amphitheatre Parkway, Mountain View, USA.
The plug-in can be recognized by the "+1" button. The Goole Plug-In is activated by a click, thereby your browser establishes a direct connection to the servers of Google. Google stores the IP address, the information that you clicked "+1" for a content, as well as information about the website that you viewed when you clicked "+1", even if you do not have a Google+ profile or are not currently logged in to your Google+ profile.
If you are logged in to Goolge+, the data will be assigned directly to your profile. Furthermore, the information is published on Google+ (according to the profile setting) and displayed to your contacts.
Google records information about your "+1" activity to improve Google services for you and others.
The information collected is used as follows:
In addition to the uses described above, the information you provide will be used in accordance with the applicable Google Privacy Policy. Google may publish aggregate statistics on users'"+1" activity or share them with users and partners.
The purpose and scope of data processing by Google as well as your relevant rights and setting options for the protection of your privacy can be found in the following data protection information from Google:
Google Maps
Our website integrates plug-ins of the online service Google Maps of Google Inc, CA 94043, 1600 Amphitheatre Parkway, Mountain View, USA. By using Google Maps on our website, information about the use and your IP address is transmitted to and stored by Google.
We have no knowledge of the purpose and scope of data collection and the further processing and use of the data by Google. According to Google, this information is not linked to other Google services. The data collected by Google may be transferred to third parties.
By using our website you agree to the data processing by Google.
The execution of data processing on Google Maps can be prevented by deactivating Javascript in your browser. However, this means that the map view of Google Maps can no longer be displayed.
For more information about Google's privacy practices, visit


13. deletion of personal data
Data that we store will be blocked for further use when the relevant authorisation ceases to apply, in particular after the purpose has been achieved, and deleted after expiry of the storage periods under tax and commercial law, unless you have expressly consented to the further use of your data or something else has been contractually agreed.

14. Data security
Appropriate technical and organisational measures are taken to protect your data against unintentional or unlawful deletion, disclosure, access or against manipulation or loss as well as against other misuse.
For your security, your data is encrypted using an SSL (Secure Socket Layer) website certificate. This is an encryption standard that is also used in online banking, for example. You can recognize a secure SSL connection by the attached s on the http (i.e. https://...) in the address bar of your browser or by the lock symbol at the bottom of your browser.
Please note that security when using the Internet depends on various circumstances and cannot be guaranteed at all times.

15. Overview of your rights
Right to information
You may request information on the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the origin of your data, unless these were collected directly from you.
Right to correction
You may request the correction of inaccurate data or the completion of correct data.
Right to cancellation
You can request the deletion of your personal data.
Right to data transferability
You can have the data provided by you transmitted in a common, machine-readable format or request transmission to another person responsible.
Right of appeal
To do this, you can contact the supervisory authority of your usual place of residence or our responsible supervisory authority.
Right of Restriction
You may exercise the right to restrict data processing if the accuracy of personal data is disputed, processing is unlawful and the data subject refuses to delete the personal data and instead requests the restriction of the use of the personal data, the data controller no longer needs the personal data for the purpose of processing, but the data subject needs it for the purpose of asserting, exercising or defending legal claims, or the data subject objects to the processing in accordance with Section 4.2. Art. 21 DSGVO, as long as it is not yet clear whether the legitimate reasons of the person responsible outweigh those of the person concerned.
right of objection
The general right of objection applies to all processing purposes described here which are processed on the legal basis of Art. 6 paragraph 1 letter f) DSGVO. Unlike data processing, which is described under "Data processing for advertising purposes", we are only obliged to implement the objection if you give reasons of overriding importance that arise from a particular situation.