Privacy Policy

​​

In order for me to operate my business and provide my services to You, it is sometimes necessary for me to collect or process information about You. In general terms, this information will take one or more of the following forms:

​​

#1. Information that you provide to us directly, such as in the situation where you complete an online form or send us a message via our website;

​

#2. Information that is automatically sent to me by Your computer’s internet browser when you visit my website, such as your computer’s technical address (or ‘IP address’) or information about which particular internet browser you are using and so on;

​

#3. Information about how you use my website or my services, such as which pages you visit, how frequently you visit the site and so forth.

​

This privacy policy sets out the detail of what information I collect, as well as how that data is used and protected.

Please read the Privacy Policy carefully before you start to use the Website. By using the Website or by clicking to accept or agree to the Terms of Use when this option is made available to you, you accept and agree to be bound and abide by the Privacy Policy. If you do not want to agree to the Privacy Policy, you must not access or use the Website.

​

OUR COMMITMENT TO DATA PRIVACY

I am fully committed to maintaining the privacy of any information (‘personal data’) that you provide to me. Furthermore, I commit to ensure that such data is held securely, used appropriately and only retained for as long as is necessary.

​

My systems and services are designed with privacy in mind, and I operate a ‘data minimization, principle wherever possible – that is to say that I will only ever ask you for the minimum amount of information required to provide my services efficiently; I have no desire to retain (and therefore maintain) any more information than is necessary. I aspire to comply to the fullest extent possible with applicable data protection regulations, in particular the European Union’s General Data Protection Regulation (‘GDPR’) and ePrivacy Directive, where applicable.

​

WHO I AM

In terms of your use of this website, Stefanie Dauser acts in the capacity of Data Controller, and should you have any questions or concerns about the data I hold about you, I can be contacted using the information below:

​

Data Controller: Stefanie Dauser

Email correspondence: steff.cooksandtreats@gmail.com

​

DEFINITION OF PERSONAL DATA

When I refer to ‘personal data’I mean any information that allows me to identify you personally. Obvious examples include your name, email address, postal address etc. I will always seek to gain your explicit consent to providing this information before I collect it from you, although this may not be the only legal basis on which I collect the data.

​

Other types of information, such as your computer’s ‘IP’ address or broad geographical location do not, generally, allow me to identify you directly. However, because in their current form, European data privacy regulations are somewhat vague in this regard, I will cover the use of such data here also.

How Your Data Is Protected

​

We take the security of all personal data very seriously, and that data is protected in a number of ways:

Access control: We operate on a strict ‘need to know’ basis for all data that I work with, and that is particularly true for any personal data. Access is controlled by individual user accounts, where a strong password policy is enforced.

​

Dedicated security software: I operate dedicated security scanning and access control software on all of my websites. This software is responsible for limiting login attempts to my site, blocking potentially malicious attempts to access my services, and regularly performing full file system scans.

​

Data encryption: This website is secured with SSL encryption, which means that all traffic to and from my servers is encrypted. This applies to my own administrative access to the website as well as that of users of our services.

​

Selection of third party service providers: I use a very limited number of third party service providers, but some are essential for the provision of physical hosting environments and cloud services. One of the core factors in the selection of such providers is their ability to provide secure systems and processes. My main service provider is WIX.

​

ACCESS TO YOUR PERSONAL DATA

In the situation where you have directly provided personal information to me (such as by completing an online form or contacting me for further information), you have a number of rights regarding the personal data that I hold:

You have the right to obtain from us confirmation about whether any such data is being held;

You have the right to require that I provide you with whatever data I am holding/processing about you, including the right for that data to be transferred to another data controller;

Even if you have consented to Us processing your personal data, you have the right to withdraw that permission at any time;

​

You have the right to require us to rectify any incomplete or incorrect information held about you;

​

You have the right to require us to erase the data held about you (the ‘right to be forgotten’);

​

In the situation where I collect personal data automatically (such as from your internet browser or via internet Cookies or other similar technologies):

​

You have the right to object to the legal basis upon which I am collecting this data, and I have an obligation to consider and respond to that objection;

​

You have the right to request the prevention of further processing of your data while your objection is considered;

You have the right to make a complaint to the relevant data protection authority.

​

In most circumstances, you can exercise these rights without paying a fee to me.

​

​

TYPES OF DATA COLLECTED

​

Website Contact Forms/ Newsletter Forms:

When you complete one of the contact forms on our website, I will ask you for a number of pieces of personal information, such as your name, email address and other contact details. This is obviously required for me to respond to your request. If you do not use or submit an online form on the website, no data will be collected in that regard.

If you submit to receive my Newsletter, you will receive the newsletter emails on a regular basis. You can unsubscribe at any time, using the unsubscribe link on every Newsletter at the bottom.​

​

Account Logins:

For some website functionality, I will need to create for you a user account that allows you to login to the site to ensure that only authorized individuals can access your data and that functionality. Examples include when you make an online purchase via the site, or when you have a role in administering or contributing towards the website content (such as a blog author). The purpose of these user accounts is to protect your personal data behind login security, and to protect the integrity of my site and the servers that run it.

Data collected will generally involve your name and email address (which doubles as username) as a minimum, but may include your postal address if it is required for online purchases.

If you do not register for an online account then no such data will be collected in this regard.

​

Technical Data (such as 'IP' address):

When you visit our website, my systems will log a record of your visit in my server logs, and typically this record will include the technical ‘IP’ address that is associated with your device and the browser type and version that you are using.

​

Such server logs are extremely common practice, and are used to monitor technical resources, monitor high-level server activity, and importantly to detect and prevent malicious or fraudulent activity on our systems. This data can also be used, if required, to diagnose reports of technical issues. The storage of IP addresses, allow us to identify patterns of behavior (such as repeated malicious attempts to access a system).

IP addresses, in and of themselves, do not allow me in any way to identify you as an individual, especially given that it is very common for IP addresses to be dynamically allocated by your service provider, and will therefore often routinely change.

Furthermore, I do not and will not use the content of server access logs to attempt to determine an identifiable individual. I therefore do not consider that data held within server logs falls within the scope of ‘personal data’, and accordingly I do not seek your consent to collect it.

​

​

Cookies & 'similar technologies':

I have included cookies, web beacons and similar technologies into one section because they all perform similar functions even if, from a technical perspective, they work slightly differently.

All of these technologies allow me to better understand how users are using my website and other related services. They can also be an essential part of providing certain online functionality. They are all essentially small data files placed on your computer (or other device) that allow me to tell when you have visited a particular page, or performed a particular action (such as clicking a particular button) on my website.

 

These technologies are used by most websites as they provide useful insight into how the services are being used, as well as improving speed, performance and security, and enabling me to improve our personification of your experience.

 

 

Cookies:

These are small text files placed in the memory of your browser or device when you visit a website. Cookies allow a website to recognize a particular device or browser.

​

There are several types of cookies:

​

Session cookies expire at the end of your browser session and allow me to link your actions during that particular browser session.

​

Persistent cookies are stored on your device in between browser sessions, allowing me to remember your preferences or actions across multiple sites.

​

First-party cookies are set by the site you are visiting.

​

Third-party cookies are set by a third party site separate from the site you are visiting.

​

There are a number of ways that you can influence how cookies are used on your particular device. Most commercial browsers (such as Chrome, Safari, Edge, Internet Explorer, Firefox etc) allow you to set preferences for whether to allow or block website cookies. They will also provide tools that allow you to remove any cookies that have already been set. Using the ‘Help’ functionality of your browser, or an internet search, will help you to understand how to use these features for your particular browser. By using our site then you are consenting to the use of cookies, and we will set other non-essential cookies as described in this policy.

​

​

Website Analytics:

I use Google Analytics and Google Tag Manager to better understand what people look at on my website.

When people visit my site, information about their visit (such as which pages they look at, how long they spend on the site and so on) is sent in an anonymous form to Google Analytics (which is controlled by Google).

The data contains information about anyone who uses my website from your computer, and there is no way to identify individuals from the data.

​

We ensure that no personally identifiable information is ever contained within the data sent to my analytics providers, and I also perform a process which partially obscures your IP address information.

As analytics information is not personal data, I do not specifically ask for your prior consent.

In addition to Google Analytics, I use a number of industry-standard Google services to provide particular pieces of website content. These include:

​

Google Fonts: I may use one or more of Google’s web fonts to ensure that my website content is displayed in a clear and consistent fashion across all of the different types of devices and browsers.

Google Maps: I may use the Google’s mapping services to provide dynamic geographic maps on our website

Google Recaptcha: I may use Google’s Recaptcha service (which provides the ‘I Am Not A Robot’ functionality) on our web contact forms. This is a security measure to prevent the abuse of our contact forms by automated programs.

Each of these services involve my website making a connection to one or more Google servers, and may result in Google placing cookies on your device.

 

Social media plug-ins

​

We use social plug-ins from the social networks Facebook and Instagram on my website based on Art. 6 Para. 1 S. 1 lit.f GDPR to make my company better known. The underlying advertising purpose is to be regarded as a legitimate interest within the meaning of the GDPR. Responsibility for the data protection-compliant operation is to be guaranteed by the respective provider. I integrate these plug-ins using the so-called two-click method toprotect visitors to my website in the best possible way.

 

Facebook

Social media plugins from Facebook are used on my website to make their use more personal. For this I use the “LIKE” or “SHARE” button. This is an offer from Facebook. When you call up a page on my website that contains such a plugin, your browser establishes a direct connection with the Facebook servers. The content of the plugin is transmitted directly from Facebook to your browser, which integrates it into the website. By integrating the plugins, Facebook receives the information that your browser has accessed the corresponding page of our website, even if you do not have a Facebook account or are not currently logged into Facebook. This information (including your IP address) is transmitted directly from your browser to a Facebook server inthe USA and

stored there. If you are logged into Facebook, Facebook can assign your visit to my website directly to your Facebook account. If you interact with the plugins, for example press the “LIKE” or “SHARE” button, the corresponding information is also transmitted directly to a Facebook server and stored there. The information is also published on Facebook and shown to your Facebook friends. Facebook can use this information for the purpose of advertising, market research and the needs-based design of Facebook pages. For this purpose, Facebook creates usage, interest and relationship profiles, e.g. to evaluate your use of my website with regard to the advertisements shown to you on Facebook, to inform other Facebook users about your activities on my website and to provide additional information about the use of Facebook to provide related services. If you do not want Facebook to assign the data collected via my website to your Facebook account, you must log out of Facebook before visiting my website. The purpose and scope of the data collection and the further processing and use of the data by Facebook as well as your related rights and setting options to protect your privacy can be founding

Data protection information (https://www.facebook.com/about/privacy/) from Facebook.

 

Instagram

My website also uses so-called social plugins (“plugins”) from Instagram, which is operated by Instagram LLC., 1601 Willow Road, Menlo Park, CA 94025, USA (“Instagram”). The plugins are marked with an Instagram logo, for example in the form of an “Instagram camera”. When you visit a page on my website that contains such a plugin, your browser establishes a direct connection to the Instagram servers. The content of the plugin is transmitted directly from Instagram to your browser and integrated into the page. Through this integration, Instagram receives the information that your browser has accessed the corresponding page of my website, even if you do not have an Instagram profile or are not currently logged into Instagram. This information (including your IP address) is sent directly from your browser to an Instagram server in the USA and stored there. If you are logged in to Instagram, Instagram can immediately assign your visit to my website to your Instagram account. If you interact with the plugins, for example by pressing the “Instagram” button, this information is also transmitted directly to an Instagram server and stored there. The information is also published on your Instagram account and shown to your contacts there. If you do not want Instagram to directly assign the data collected via my website to your Instagram account, you must log out of Instagram before visiting my website. You can find more information on this in Instagram’s privacy policy (https://help.instagram.com/155833707900388).