Privacy Policy
Welcome to Hip Bambino! Thank you for your interest in our company, website, and shop. The protection of your personal information is important to us. We process your data in accordance the General Data Protection Regulation (GDPR) and this privacy policy.
Our privacy policy explains which personal information we collect from you via our website, what we use it for, when we delete it and how your data is protected. In addition, we will inform you of the respective legal basis that allows us to process your data. Finally, we will also tell you about your rights in connection with the processing of your data.
Personal data is information that makes it possible to identify a natural person. This includes in particular, your name, date of birth, address, telephone number, e-mail address, but also your IP address. Anonymous data exists if no personal reference to the user can be made.
The responsible party in terms of data protection law is:
Hip Bambino LLC
Commerce Township,
MI 48390, USA
Data collection
All personal information that we obtain from you via the website will only be processed for the purposes described in more detail below. This is done within the framework of the respective legal regulations mentioned or only with your consent.
In particular, Art. 6 GDPR specifies when data processing is permitted. Hip Bambino collects personal information if:
-
you have given your consent (Art. 6 para. 1 lit. a GDPR),
-
the data is necessary for the fulfillment of a contract / pre-contractual measures (Art. 6 para. 1 lit. b GDPR),
-
the data is necessary for the fulfillment of a legal obligation (Art. 6 para. 1 lit. c GDPR) or
-
the data is necessary to protect the legitimate interests of our company, provided that your interests worthy of protection are not overridden (Art. 6 para. 1 lit. f GDPR). Storage duration or criteria for determining the duration
Hip Bambino processes and stores your personal information only for the period of time required to achieve the respective processing purpose or for as long as a legal retention period (in particular commercial and tax law) exists. Once the purpose has been achieved or the retention period has expired, the corresponding data is routinely deleted.
Data transfers
In certain cases, it is necessary to transmit the processed personal information in the course of data processing. In this respect, there are different recipient bodies and categories of recipient.
Internal
If necessary, we transfer your personal information within Hip Bambino. Of course, we comply with the associated legal framework and ensure that your data is processed properly. Access to your personal information is only granted to authorised employees who need access to the data due to their job, e.g., to fulfill your order or to contact you in case of queries.
External bodies
Personal data is transferred to the following categories of recipients, in compliance with legal requirements:
-
Service providers in the context of fulfillment processing.
-
Shipping service providers, suppliers, payment services
-
Companies that provide marketing services
-
Service providers within the scope of communication systems
-
State authorities and institutions as far as this is required or necessary.
Secure transmission of your data
In order to protect the data stored with us in the best possible way against accidental or intentional manipulation, loss, destruction or access by unauthorized persons, we use appropriate technical and organizational security measures. The security levels are continuously reviewed in cooperation with security experts and adapted to new security standards.
Links to other providers
Our website also contains - clearly recognizable - links to the websites of other companies. As far as there are links to websites of other providers, we have no influence on their contents. Therefore, no guarantee or liability can be assumed for these contents. The respective provider or operator of the pages is always responsible for the content of these pages. The linked pages were checked for possible legal violations and recognizable infringements at the time of linking. Illegal contents were not recognizable at the time of linking. However, permanent monitoring of the content of the linked pages is not reasonable without concrete indications of a legal violation. Such links will be removed immediately if infringements of the law become known.
Data subject rights
We are happy to inform you below about the rights to which you as the person concerned may be entitled to free of charge.
-
Information
We will be happy to inform you whether and if so which of your personal information we have and are processing.
-
Correction
If we have stored incorrect personal information, we will of course be happy to correct it.
-
Restriction
You can have the processing of your personal information restricted under certain legal conditions. This is the case, for example, if you dispute the accuracy of the data we have.
-
Deletion
We will be happy to delete your personal information independently of our deletion management on individual request, provided that this is possible for us for legal reasons.
-
Objection
You can object to the data processing operations carried out by us on your personal information, which are based on a consideration of interests, by stating specific reasons.
-
Revocation
If you have given us consent for data processing, you can of course revoke this without giving reasons with effect for the future.
You can assert your data subject rights at any time via the contact options mentioned.
Log files
As mentioned above, we want to provide you with an optimal user experience in our online shop and with our advertisements, which is tailored to your individual needs. To this end, we work together with various service providers and technology providers and use cookies and tracking methods.
The following data is collected anonymously for the purpose of demand-oriented design and optimization of this website:
-
Information on the device used (e.g., operating system, browser, screen resolution, language set.
-
Information on pages viewed during the website visit (e.g., category or product detail pages)
-
Information within the ordering process (e.g., order number, delivery and payment method, shipping and/or billing address)
-
Information on access data (e.g., entry via email newsletters, other websites or online advertising measures).
The scope of the stored and processed data is limited purely to the performance of statistical evaluations. Your IP address is made unrecognizable immediately after receipt, which means that it is not possible to assign usage profiles to IP addresses.
The collection of the data is necessary from a technical point of view in order to continuously optimize the functions as well as the presentation of our website on different devices, operating systems and browsers and to be able to make our offer more interesting for you as a user and is therefore based on the legitimate interest according to Article 6, paragraph 1, lit. f of the GDPR. The data collected will be stored for a period of 5 years and will not be transferred to third countries.
Cookies
In order to make visiting our website more attractive and to enable the use of certain functions, we use so-called cookies. These are small text files that are stored on your terminal device and store certain information for exchange with our system. The legal basis for the processing of this data is Art. 6 (1) sentence 1 lit. f GDPR. For further details on the cookies, we use please read our Cookie Policy.
Hosting
As part of processing on our behalf, a third-party provider provides hosting and web site display services for us. All data collected in the course of using this web site or in forms provided for this purpose in the online shop as described below are processed on its servers. Processing on other servers only takes place within the framework explained here.
We host our website at Wix.com Ltd, 40 Namal Tel Aviv St, Tel Aviv 6350671, Israel. Wix a tool for creating and hosting websites. When you visit our website, Wix is used to analyse user behaviour, visitor sources, the region of the website visitors and the number of the number of visitors. Wix stores cookies on your browser, which are necessary for the presentation of the website and to ensure security (necessary cookies).
The data is stored on Wix servers in Israel. Israel is considered a secure third country. This means that Israel has a level of data protection that corresponds to the level of data protection in the UK and the European Union. For details, please refer to the privacy policy of Wix.
The use of Wix is based on our legitimate interest. We have a legitimate interest in the most reliable presentation of our website. Insofar as a corresponding consent has been requested, the processing is carried out exclusively on the basis of your consent, insofar as the consent allows the storage of cookies or the access to information in the user's device.
Newsletter
On our website, users are given the opportunity to subscribe to our newsletter. In principle, our newsletter can only be received by the data subject if he or she registers for the newsletter mailing. For legal reasons, a confirmation email is sent to the email address entered by a data subject for the first time for the newsletter dispatch using the double opt-in procedure. This confirmation e-mail serves to verify whether the owner of the e-mail address as the data subject has authorised the receipt of the newsletter.
When registering for the newsletter, we also store the IP address of the device used by the data subject at the time of registration as well as the date and time of registration, which is assigned by the Internet service provider (ISP). The collection of this data is necessary in order to be able to trace the (possible) misuse of the e-mail address of a data subject at a later date and therefore serves our legal protection.
The personal information collected in the context of a registration for the newsletter is used exclusively for sending our newsletter. Furthermore, subscribers to the newsletter could be informed by e-mail if this is necessary for the operation of the newsletter service or a related registration, as could be the case in the event of changes to the newsletter offer or changes to the technical circumstances.
The processing of your e-mail address is thus based exclusively on your consent (Art. 6 para. 1 p. 1 lit. a) GDPR). You can revoke this consent at any time. An informal communication by e-mail to us is sufficient for this purpose. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.
Contact options
We process and store the personal information provided in the contact enquiry solely for the purpose of processing and responding to your enquiry and contacting you. The legal basis for the processing of your personal information is Art. 6 para. 1 lit. b) GDPR.
If you write to us via e-mail, we will process the data you provide in the e-mail in order to contact you and answer your questions and requests. In doing so, the principle of data economy and data avoidance is observed in that you only have to provide the data that we absolutely need from you in order to contact you. These are usually your first and last name, your e-mail address, the topic selection and the message field itself. In addition, your IP address is processed out of technical necessity and for legal protection.
Social media
We maintain presences in the "social media". Insofar as we have control over the processing of your data, we ensure that they comply with applicable data protection regulations. However, you use these platforms and their functions on your own responsibility. This applies in particular to the use of the interactive functions (e.g., commenting, sharing, rating). With your consent, data may be transferred to a third country outside the USA, which may have a lower level of data protection than the USA (Art. 49 para. 1 p. 1 lit. a GDPR). We maintain our social media profiles in order to communicate with visitors to these profiles es and to inform them about our offers in this way.
In addition, we collect data for statistical purposes in order to be able to further develop and optimize the content and to make our offer more attractive. The data required for this purpose (e.g., total number of page views, page activities and data provided by visitors, interactions) are processed and made available by the social networks. We have no influence on the generation and presentation of this data.
In addition, your personal information is used by the providers of the social media, but also by usfor market research, communication, and advertising purposes. It is possible, for example, that usage profiles are created based on your usage behavior and the resulting interests. This allows, among other
things, advertisements to be placed within and outside the platforms that presumably correspond to your interests. Cookies are usually stored on your computer for this purpose. Independently of this, data that is not directly collected from your end devices may also be stored in your usage profiles. The storage and analysis also takes place across devices; this applies in particular, but not exclusively, if you are registered as a member and logged in to the respective platforms.
Shopping in the online shop
In our online shop we offer you two options for purchase processing:
-
Creation of a customer account
-
Placing an order as a guest
For both registration options, the data required for order and payment processing and fraud prevention are requested, marked as mandatory fields:
-
Name, street, postcode, city, date of birth and e-mail address.
-
if the delivery address is different, the name, street, postcode and town are requested separately.
-
In addition, the user's IP address, the date and time of registration are stored (technical background data).
a) Creation of a customer account
If you decide to register in our web shop, you have the advantage that you can view your order history and manage your master data, and your specified data will be stored for future order transactions.
Once you have completed the registration process, your data is stored with us for use in the protected customer area. The online shop naturally offers you the possibility to make changes to your master data and to use the "My Account" function.
You can of course revoke your consent to the use of your account, your customer account in the shop will then be deactivated.
Please note: Your password will be stored in encrypted form. Employees of our company cannot read this password. Therefore, they cannot give you any information if you have forgotten your password. In this case, please use the "Forgotten password" function, which will send you an automatically generated new password by e-mail. No member of staff is authorised to ask you for your password by telephone or in writing. Therefore, please never give your password if you receive such requests.
b) Carrying out a guest order
If you decide to place a guest order in our web shop, no customer account will be created in our shop. If you place another order, you will have to enter your data again for order processing.
Furthermore, the data processing procedures described under the heading "Tracking measures and cookies" apply. Of course, you have the described contact options and data subject rights at your disposal.
Payment systems
In our online shop you can choose between different payment methods. For this purpose, the respective payment-relevant data is collected in order to be able to carry out your order and payment processing. In addition, your IP address is processed due to technical necessity and for legal protection.
Certain personal information, see mandatory data, are required for the fulfillment of the contract. Without this data, we will unfortunately have to refuse to conclude the contract, as we will then not be able to carry it out. The data will be transmitted accordingly to our payment service providers for payment processing. The payment systems we use SSL encryption to protect the transmission of your data.
Payment data is collected during the ordering process. For orders on our site, you have the possibility to choose between different payment methods. For each of the payment methods. The legal basis for the data processing is Art. 6 para. 1 b) GDPR, as the processing of the data is necessary for the performance of the contract. The transfer of data for payment processing as well as for fraud prevention and detection is based on our legitimate interest according to Art. 6 para. 1 p. 1 lit. f) GDPR as well as on Art. 6 para. 1 p. 1 lit. b) GDPR for the fulfillment of the contractual relationship.
If you select Google Pay for payment processing, we will transmit the payment details a data subject provided to us during the ordering process to complete the order. The subsequent payment process takes place exclusively via Google Pay, without us having any further possibility to influence it and the legal basis is Art. 6 (1) b) GDPR for payment processing.
Data transfer to shipping service providers
In order to fulfill the contract in accordance with Art. 6 para. 1 p. 1 lit. b GDPR, we pass on your data to the shipping company commissioned with the delivery, insofar as this is necessary for the delivery of ordered goods. Depending on which payment service provider you select in the ordering process, we pass on the payment data collected for this purpose to the credit institution commissioned with the payment and, if applicable, to payment service providers commissioned by us or to the selected payment service. In some cases, the selected payment service providers also collect this data themselves if you create an account with them. In this case, you must register with the payment service provider with your access data during the ordering process. In this respect, the privacy policy of the respective payment service provider applies.
If you have given us your express consent to do so during or after your order, we will pass on your e-mail address to the selected shipping service provider in accordance with Art. 6 Para. 1 Sentence 1 lit. a GDPR so that the shipping service provider can contact you before delivery for the purpose of delivery notification or coordination.
Storage and retention
Your personal information will be stored by us only for as long as is necessary to achieve the purposes for which the data was collected or - if statutory retention periods exist that go beyond this point and for the duration of the legally prescribed retention period. We then delete your personal information. Only in a few exceptional cases is your data be stored beyond this period, e.g., if storage is necessary in connection with the enforcement of and defense against legal claims against us.
Hip Bambino is entitled to process your personal information insofar as this is necessary to fulfill legal obligations. For this purpose, Hip Bambino may transfer this data in particular to authorities, law enforcement agencies and courts. In this case, the transfer of your data is required for compliance with a legal obligation to which we are subject. Hip Bambino is further entitled to process personal information if and to the extent necessary to detect or prevent misuse of this website or to enforce claims of Hip Bambino, its employees or users, whereby the data processing in these cases is necessary to protect these aforementioned legitimate interests.
International transfers
Our main operations are based in the USA and your personal information is generally processed, stored and used within in the USA. In some instances, your personal information may be processed outside the USA. If and when this is the case, we take steps to ensure there is an appropriate level of security, so your personal information is protected in the same way as if it was being used within the USA. Where we need to transfer your data outside the USA, we will use approved standard contractual clauses in contracts for the transfer of personal information to third countries.
Direct marketing in the context of a customer relationship
We use the data you provide to fulfill and process our contract and to respond to your enquiries or on the basis of your consent. Insofar as you have also given us separate consent to process your data for booking, quotation and advertising purposes, Hip Bambino is entitled to contact you for these purposes via the communication channels you have ticked in this consent.
Changes
This Policy and our commitment to protecting the privacy of your personal information can result in changes to this Policy. Please regularly review this Policy to keep up to date with any changes.
Queries and Complaints
Any comments or queries on this policy should be directed to us. If you believe that we have not complied with this policy or acted otherwise than in accordance with data protection law, then you should notify us.