Privacy Policy

The responsible provider of this website in the sense of data protection law is:

APOTHECARY OF THE SOUL
Christine Gruber
Bleulerstrasse 5
8008 Zurich
Switzerland
blossom@apothecaryofthesoul.com

Data protection
Based on Article 13 of the Swiss Federal Constitution and the data protection regulations of the Swiss Confederation (Data Protection Act, DSG), every person has the right to protection of his or her privacy and to protection against misuse of his or her personal data. We comply with these provisions. Personal data is treated as strictly confidential and is neither sold nor passed on to third parties.

Data processing on this website is carried out by the website operator. You can find his contact details in the imprint of this website. On the one hand, your data is collected when you provide it to us. This may, for example, be data that you enter in a contact form. Other data is collected automatically by our IT systems when you visit the website. This is mainly technical data. This data is collected automatically as soon as you enter our website.

Personal data (hereinafter referred to as “data”) are processed by us only as necessary and for the purpose of providing a functional and user-friendly website, including its contents and the services offered there.

According to Art. 4 No. 1. of Regulation (EU) 2016/679, i.e. the General Data Protection Regulation (hereinafter referred to as “GDPR”), “processing” means any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organisation, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
With the following data protection declaration, we inform you in particular about the type, scope, purpose, duration and legal basis of the processing of personal data, insofar as we decide either alone or jointly with others on the purposes and means of the processing. In addition, we inform you below about the third-party components we use for optimisation purposes and to increase the quality of use, insofar as third parties process data on their own responsibility.

Rights of users and data subjects
With regard to the data processing described in more detail below, users and data subjects have the right to
to confirmation as to whether data relating to them is being processed, to information about the data processed, to further information about the data processing and to copies of the data (cf. also Art. 15 DSGVO);
correction or completion of inaccurate or incomplete data (cf. also Art. 16 of the GDPR);
the immediate erasure of the data concerning them (cf. also Art. 17 GDPR), or, alternatively, insofar as further processing is necessary in accordance with Art. 17 (3) GDPR, the restriction of processing in accordance with Art. 18 GDPR;
to receive the data concerning them and provided by them and to transfer this data to other providers/controllers (cf. also Art. 20 GDPR); to lodge a complaint with the supervisory authority if they are of the opinion that the data concerning them is being processed by the provider in breach of data protection provisions (cf. also Art. 77 GDPR). In addition, the provider is obliged to inform all recipients to whom data has been disclosed by the provider of any correction or deletion of data or restriction of processing that takes place on the basis of Articles 16, 17 (1), 18 DSGVO. However, this obligation does not exist insofar as this notification is impossible or involves a disproportionate effort. Notwithstanding this, the user has a right to information about these recipients.

Likewise, pursuant to Art. 21 DSGVO, users and data subjects have the right to object to the future processing of data concerning them, insofar as the data is processed by the provider pursuant to Art. 6 (1) (f) DSGVO. In particular, an objection to data processing for the purpose of direct advertising is permissible.

Your data processed when using our website will be deleted or blocked as soon as the purpose of the storage no longer applies, the deletion of the data does not conflict with any statutory retention obligations and no other information is provided below on individual processing procedures.

Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, the origin of the data, its recipients and the purpose of the data processing and, if applicable, a right to correction, blocking or deletion of this data. In this regard and also for further questions on the subject of personal data, you can contact us at any time via the contact options listed in the imprint.

SSL or TLS encryption
For security reasons and to protect the transmission of confidential content that you send to us as site operator, our website uses ssL or TLS encryption. This means that data you transmit via this website cannot be read by third parties. You can recognise an encrypted connection by the “https://” address line of your browser and the lock symbol in the browser line.

Server log files
In server log files, the provider of the website automatically collects and stores information that your browser automatically transmits to us. These are:

Browser type and browser version
Operating system used
Referrer URL
Host name of the accessing computer
Time of the server request
IP address
This data is not merged with other data sources. The data processing is based on Art. 6 para. 1 lit. b DSGVO, which permits the processing of data for the fulfillment of a contract or pre-contractual measures.

Contact form
Data transmitted via the contact form, including your contact details, are stored in order to be able to process your enquiry or to be available for follow-up questions. This data will not be passed on without your consent.
The data entered in the contact form is processed exclusively on the basis of your consent (Art. 6 para. 1 lit. a DSGVO). A revocation of your already given consent is possible at any time. An informal communication by e-mail is sufficient for the revocation. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.
Data transmitted via the contact form will remain with us until you request us to delete it, revoke your consent to store it or there is no longer any need to store the data. Mandatory legal provisions – in particular retention periods – remain unaffected.

YouTube
Our website uses YouTube plugins for the integration and display of video content. The provider of the video portal is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. When a page with an integrated YouTube plugin is called up, a connection to the YouTube servers is established. This tells YouTube which of our pages you have accessed. YouTube can assign your surfing behaviour directly to your personal profile if you are logged into your YouTube account. You can prevent this by logging out first. YouTube is used in the interest of an appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO.
Details on the handling of user data can be found in YouTube’s privacy policy at: https://www.google.de/intl/de/policies/privacy.

Google Maps
This website uses Google Maps API to visually display geographical information. When using Google Maps, Google also collects, processes and uses data about visitors’ use of the map functions. You can find more information about data processing by Google at https://policies.google.com/privacy?hl=en-GB . There you can also change your personal privacy settings in the privacy centre.

Google Fonts
We use external fonts, “Google Fonts” of the provider “Google” (Google LLC 1600 Amphitheatre Parkway Mountain View, CA 94043). These fonts are integrated by retrieving them from a Google server in the USA. In this process, data on the use of the fonts functions by visitors to the websites is also collected, processed and used – processing may take place in the USA. This collected data also includes the IP address. Further information on data processing by Google can be found in their privacy policy (https://policies.google.com/privacy?hl=en-GB). There, in the so-called “Data Protection Centre”, you can also change the settings with which your own data can be managed and protected.

Updated: 24 March 2021