Privacy
Privacy Policy
How we handle your data – transparently, economically, and in compliance with GDPR.
Privacy
How we handle your data – transparently, economically, and in compliance with GDPR.
1) Introduction and Contact Details of the Data Controller
1.1 We are delighted that you are visiting our website and thank you for your interest. Below, we inform you about the handling of your personal data when using our website. Personal data refers to all data that can be used to identify you personally.
1.2 Data Controller
The data controller for data processing on this website, in accordance with the General Data Protection Regulation (GDPR) and the Swiss Data Protection Act (revDSG), is:
Compass for Cancer
Laura Herbella
Trader License No. 1514147
Dubai, United Arab Emirates
Email: info@compassforcancer.com
Website: www.compassforcancer.com
2) Data Collection When Visiting Our Website
2.1 When using our website for informational purposes only, we only collect data that your browser transmits to the page server (so-called server log files):
Processing is carried out in accordance with Art. 6 Para. 1 lit. f GDPR on the basis of our legitimate interest in improving the stability and functionality of our website.
2.2 For security reasons, this website uses SSL or TLS encryption, recognizable by "https://" and the padlock symbol in the browser's address bar.
3) Hosting
Shopify
We use Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland for hosting our website.
Data is also transferred to: Shopify Inc., 150 Elgin St, Ottawa, ON K2P 1L4, Canada.
All data collected on our website is processed on Shopify's servers. We have concluded a data processing agreement with Shopify. For data transfers to Canada, an adequate level of data protection is ensured by an adequacy decision of the European Commission.
Cloudflare
We use a Content Delivery Network from: Cloudflare Inc., 101 Townsend St., San Francisco, CA 94107, USA.
This service enables faster delivery of content via regionally distributed servers. Processing is carried out in accordance with Art. 6 Para. 1 lit. f GDPR on the basis of our legitimate interest in improving the stability and loading speed of our website. Cloudflare has joined the EU-US Data Privacy Framework, which ensures the European level of data protection based on an adequacy decision by the European Commission.
4) Cookies
We use cookies — small text files that are stored on your device. Session cookies are deleted after closing the browser, persistent cookies remain for a longer period.
Technically necessary cookies are used in accordance with Art. 6 Para. 1 lit. b or lit. f GDPR. Analytics and marketing cookies are only set with your express consent in accordance with Art. 6 Para. 1 lit. a GDPR. You can withdraw your consent at any time via our cookie consent tool.
5) Cookie Consent Tool
To obtain effective user consent for cookies requiring consent, we use a cookie consent tool. This is displayed as an interactive user interface when the page is accessed. Cookies requiring consent are only loaded if you actively accept them. The tool itself sets technically necessary cookies to store your preferences. Processing is carried out in accordance with Art. 6 Para. 1 lit. f and lit. c GDPR.
6) Contact
When you contact us by email or contact form, your data will be processed exclusively for the purpose of handling and responding to your inquiry, in accordance with Art. 6 Para. 1 lit. f or lit. b GDPR. Your data will be deleted as soon as the matter in question has been definitively clarified and there are no legal retention obligations preventing deletion.
7) Customer Account
If you open a customer account, the personal data required for this will be processed in accordance with Art. 6 Para. 1 lit. b GDPR. Your account can be deleted at any time by sending a message to info@compassforcancer.com.
8) Newsletter
If you subscribe to our newsletter, we use the double opt-in procedure: you will first receive a confirmation email with a verification link before you receive newsletters. The legal basis is Art. 6 Para. 1 lit. a GDPR.
We use the service for sending newsletters: Klaviyo, Inc., 125 Summer St, Boston, MA 02110, USA. We have concluded a data processing agreement with the provider.
You can unsubscribe from the newsletter at any time via the unsubscribe link in the newsletter or by email to info@compassforcancer.com. After unsubscribing, your email address will be immediately deleted from the distribution list.
9) Order Processing and Payment Service Providers
9.1 General
For order processing, we process name, email address, and payment data in accordance with Art. 6 Para. 1 lit. b GDPR.
9.2 Shopify Payments / Stripe
When paying by credit card, debit card, or SEPA via Shopify Payments, the processing is handled by Stripe Payments Europe Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland. Your payment data will be passed on exclusively for payment processing.
9.3 PayPal
When paying via PayPal, the processing is carried out by PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg. PayPal's privacy policy applies: https://www.paypal.com/de/legalhub/privacy-full
9.4 Klarna
When paying with Klarna, the transaction is processed by Klarna Bank AB, Sveavägen 46, 111 34 Stockholm, Sweden. Klarna may share your data with credit agencies for credit assessment and fraud prevention. Further information: https://www.klarna.com/de/datenschutz/
9.5 Apple Pay
When paying with Apple Pay, the transaction is processed by Apple Distribution International, Hollyhill Industrial Estate, Cork, Ireland. Apple uses hardware and software security features on your device. Apple only stores anonymized transaction data. Further information: https://support.apple.com/de-de/HT203027
9.6 Google Pay
When paying with Google Pay, the transaction is processed by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland. Google transmits a one-time transaction number for verification. Further information: https://payments.google.com/payments/apis-secure/get_legal_document?ldo=0&ldt=privacynotice&ldl=de
10) Meta Pixel (Facebook/Instagram)
The Meta Pixel from Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland, is integrated into our website.
The Meta Pixel makes it possible to track the behavior of visitors to our website after they have been redirected to our website by clicking on a Facebook or Instagram ad. This allows us to evaluate the effectiveness of our advertisements and use them for statistical and market research purposes.
The data collected in this way is anonymous to us - we cannot draw any conclusions about the identity of the users. However, the data is stored and processed by Meta, so that a connection to the respective user profile is possible. Meta can use this data for its own advertising purposes in accordance with Meta's data policy.
Processing only takes place with your explicit consent in accordance with Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time via our cookie consent tool.
For data transfers to the USA, Meta has joined the EU-US Data Privacy Framework. Further information on data processing by Meta: https://www.facebook.com/privacy/explanation
11) Shopify Analytics
This website uses the web analytics service of Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland (data is also transferred to Canada: Shopify Inc., 150 Elgin St, Ottawa, ON K2P 1L4).
Shopify Analytics collects pseudonymized visitor data (IP address, browser information, page interactions) for statistical analysis of user behavior. Processing only takes place with your consent in accordance with Art. 6 para. 1 lit. a GDPR and can be deactivated via our cookie consent tool.
12) Best Currency Converter
This website uses the "Best Currency Converter" service from Grizzly Apps SRL, Str. Muresului Nr. 7, Brasov, Romania. The service collects your IP address to adjust the currency display in accordance with Art. 6 para. 1 lit. f GDPR. The IP address is not permanently stored. After the first currency adjustment, a functional session cookie is set, which is automatically deleted after the session ends.
13) Rights of the data subjects
13.1 The applicable data protection law grants you the following rights:
To exercise your rights, please contact: info@compassforcancer.com
13.2 RIGHT TO OBJECT
IF WE PROCESS YOUR PERSONAL DATA ON THE BASIS OF OUR OVERRIDING LEGITIMATE INTEREST WITHIN THE FRAMEWORK OF A BALANCING OF INTERESTS, YOU HAVE THE RIGHT TO OBJECT TO THIS PROCESSING AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION, WITH EFFECT FOR THE FUTURE. IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL CEASE PROCESSING THE DATA CONCERNED, UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS.
IF YOUR DATA IS PROCESSED FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME. UPON RECEIPT OF YOUR OBJECTION, WE WILL IMMEDIATELY CEASE PROCESSING FOR DIRECT MARKETING PURPOSES.
14) Storage period