Privacy Policy

We appreciate your interest in our website. For Mikuta Fashion GmbH, Paul-Lincke-Ufer 42, 10999 Berlin as operator of the www.mikuta.com platform (hereinafter referred to as "MIKUTA"), protecting your personal data during processing during all business processes has top priority. We want you to feel safe when visiting our website and using our services.

For that reason we have taken technical and organizational measures to ensure that we as well as our partners and external service providers observe the rules of data protection. Nevertheless, we draw your attention to the fact that the transmission of data on the internet may involve security holes and cannot be fully protected from access by third parties.

We treat your personal data as confidential and in accordance with the statutory data protection regulations such as the General Data Protection Regulation (GDPR) and the country-specific data protection regulations applicable to our company.

§ 1 General Information

(1) The following privacy policy is particularly intended to inform you about the type, scope, purpose, and duration of as well as the legal basis for the processing of personal data when using our website. Personal data is all data that is personally available concerning you, e.g. name, address, e-mail addresses and user behavior. Personal data will only be processed by us to the extent necessary and with the purpose of providing a functional and user-friendly website including its contents and the services offered there.

(2) The party responsible for this website for the purpose of data protection law (Art. 4 VII GDPR) is:

THIS IS NOT OUR RETURN ADDRESS
For returns/ exchanges please click here: Returns & exchanges

Klemens Weiß & Christian Goossens, CEO´s

Paul-Lincke-Ufer 42, 10999 Berlin, Germany

THIS IS NOT OUR RETURN ADDRESS
For returns/ exchanges please click here: Returns & exchanges

+4917620257432

hello@mikuta.com

(3) If you contact us via e-mail or contact form, the data you provide (e-mail-address as well as name) will be used for the purpose of processing your request. We delete the data that is transferred in this context, if the storage is no longer necessary and if there are no further legal obligations such as statutory storage requirements. There is no transfer of this personal data to third parties. Legal basis is Art. 6 Para 1 lit. b. and f. GDPR.

(4) Since we rely on contracted service providers for individual functions of our offers, we inform you about these third-party components and explain which data they collect and control in the section below.

 

Below you will find an overview of the processing in connection with the use of our website and the services offered through it.

In order to provide and continuously improve our services, we sometimes also use services from third-party providers through which personal data may be processed. We have selected these third-party providers carefully and in accordance with the provisions of the GDPR. Unless otherwise stated, only employees of us or the third-party providers who are entrusted with the execution of the corresponding functionality will have access to your personal data. Your personal data will generally be stored for the duration specified by us in regard to the fulfillment of the task and in accordance with commercial and tax law requirements and then deleted.

Unless otherwise stated in this privacy notice, your personal data will not be transferred to a third country outside the EU. Any other transfer will only take place if we are legally or officially obliged to do so or if the transfer is necessary in the context of your use of the website.

We process personal data of our users only within the framework of the statutory provisions, in particular the GDPR.

When you simply use the website, so if you do not register or otherwise provide data or information to us, we only collect the data that your browser transmits to our server (so-called "server log files"). When you visit our website, we collect the following data, which is technically necessary for us to display the website to you:

Our visited website

Date and time of the access

Amount of data sent in bytes

Source/reference from which you reached the website

Browser used

Operating system used

IP address used

This processing is carried out in accordance with Art. 6 para. 1 sentence 1 lit. b) of the General Data Protection Regulation ("GDPR") on the basis of your use of our website and our interest in improving the stability and functionality of our website in accordance with Art. 6 para. 1 sentence 1 lit. f) GDPR. We process your data in order to provide you with a functional website, store the data for the duration we have specified for this purpose and then delete your data.

If you contact us by email, we will process your email address. If you also provide us with your name and other personal data, we will also process these. The legal basis for this processing is Art. 6 para. 1 sentence 1 lit. b) GDPR. This is because we process your data in order to respond to your request.

With your consent, you can subscribe to our newsletter, with which we can send you interesting information about our services or products. You can withdraw your consent to receive the newsletter at any time. You can declare your withdrawal by clicking on the link at the end of the newsletter or by sending an email to hello@mikuta.com .

To register for our newsletter, we process your name, if you provide it, and your email address. The legal basis for the processing is your consent in accordance with Art. 6 para. 1 sentence 1 lit. a) and Art. 49 para. Sentence 1 lit. a) GDPR.

To send you our newsletter, we use the services of external service providers, some of which are located outside the EU, including the service provider Klaviyo, Inc, 125 Summer Street, Floor 6, Boston, MA, 02110, USA . The transfer of data to the USA is based on the Data Privacy Framework, according to which Klaviyo, Inc. is certified and alternatively on the EU standard contractual clauses. Details of the regulations can be found here https://www.dataprivacyframework.gov/s/program-overview and here https://eurlex.europa.eu/eli/dec_impl/2021/914/oj?uri=CELEX:32021D0914&locale=de.

If you create a customer account with us or express the wish via a corresponding button that your entered data should be stored for the purpose of simplified handling of future orders, we process your data provided during registration and thereafter for the purpose of managing the customer data and executing the orders placed. The legal basis for the processing is Art. 6 para. 1 sentence 1 lit. b) GDPR. We store your data for the duration of the customer account and for a period of up to three years thereafter, insofar as this is necessary in individual cases according to the statutory retention periods.

If you place orders via our website, then in addition to the data specified in the server log files and the goods or services ordered, we also process your name, your address, your email address, your telephone number if applicable, the purchase price together with payment details and the time stamp of the purchase.

In addition to our employees who are entrusted with the execution of the order, external service providers who are involved in order processing will also have access to your personal data, insofar as this is necessary for the provision of the respective service.

We reserve the right to send you offers for goods or services similar to thoseyou already purchased from our range to the email address we received from you when you placed your order (and thus in connection with the sale of goods or services). In accordance with Section 7 (3) Act Against Unfair Competition (UWG), this does not require your separate consent. In this context, data processing is carried out on the basis of our legitimate interest in the transmission of direct advertising in accordance with Art. 6 para. 1 sentence 1 lit. f) GDPR. However, if you have previously objected to the use of your emailaddress for this aforementioned purpose, we will not send you such emails. Furthermore, you are entitled to object to the use of your email address for the aforementioned advertising purpose at any time with effect for the future by notifying us, without incurring any costs other than the transmission costs according to the basic tariffs.

If your payment data is collected by us and not directly by the payment service provider, it will be forwarded to the payment service provider that you have selected to process the payment. We pass on the data that you provide to us and that is necessary for execution of the payment. Depending on the payment service provider selected, this may include Name, address, account number, bank code, credit card number if applicable, invoice amount, currency and transaction number, email address, IP address, mobile phone number. You can see which data is transmitted based on the categories requested during the payment process.

Data processing is carried out on the basis of Art. 6 para. 1 sentence 1 lit. b) GDPR. The data is transmitted solely for the purpose of processing the payment; the data will be deleted after delivery, unless our service providers are themselves obliged to retain the data for legal reasons. Please inform yourself about the data processing by the selected payment service provider on the corresponding websites of the provider with whom you have concluded your contract.

In order to be able to offer you the payment services of the respective payment service providers, we transmit personal data, such as contact data and order data, to the respective payment service provider, which processes your personal data for the purpose of executing the payment transaction. Information on data processing in this respect can be found at the respective payment service provider :

Klarna: Klarna Bank AB (publ). Sveavägen 46, 111 34 Stockholm, Swedenhttps://www.klarna.com/de/.

PayPal: PayPal Inc, 2211 N 1st St San Jose, CA 95131, USA, www.paypal.com/de/webapps/mpp/ua/privacy-full?locale.x=de_DE#Updated_PS

GPay: Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland https://payments.google.com/payments/apis-secure/get_legal_document?ldo=0&ldt=privacynotice&ldl=de

Amex: https://www.americanexpress.com/de-de/firma/legal/datenschutz-center/

Apple Pay: https://www.apple.com/de/privacy/features/

Mastercard: https://www.mastercard.de/de-de/datenschutz.html

Visa: https://www.visa.de/nutzungsbedingungen/visa-globale-datenschutzmitteilung.html

Sofort: https://www.sofort.com/datenschutzhinweise/

Union Pay: https://www.unionpayintl.com/en/privacyNotice/

Shop Pay: https://www.shopify.com/de/legal/datenschutz

Eps Überweisung: https://eps-ueberweisung.at/de/datenschutzhinweis

iDEAL: iDEAL Privacy & Cookie Statement

We also integrate the following external services to optimize our services and offers:

Unless otherwise stated in this privacy notice, the operator of all Google services mentioned here is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland. If, when using the services, personal data is transferred to locations outside the EU or European Economic Area in countries for which the European Commission has not issued an adequacy decision (https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_de), thedata transfer is secured by the so-called EU standard contractual clauses, which ensure that the processing of personal data is subject to a level of security that corresponds to that of the GDPR. If the standard contractual clauses are not sufficient to establish an adequate level of security, consent will be obtained from you in advance as part of the consent management system in accordance with Art. 49 para. 1 sentence 1 lit. a) GDPR. The transfer of data to the USA is also partly based on the Data Privacy Framework, according to which Google is certified. Details of the regulations can be found here https://www.dataprivacyframework.gov/s/program-overview

The "Google Analytics" service is used on this website. Google Analytics is a web analysis service and enables us to draw conclusions about user behavior on our website by setting cookies and the information thus obtained. The information generated by the cookies is also sent to a Google server in the USA and stored there.

The following data is collected and processed with the help of Google Analytics:

IP address (anonymized)

Usage data

Click path

App updates

Browser information

Device information

JavaScript support

Visited pages

Referrer URL

Downloads

Flash version

Location information

Purchase activity

Widget interactions

Date and time of the visit

The legal basis for processing is your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. If you do not want Google Analytics to collect and process the aforementioned data, you can refuse your consent or withdraw it at any time with effect for the future. The personal data is stored for as long as it is required to fulfill the purpose of processing. The data will be deleted as soon as it is no longer required to achieve the purpose.

In addition to Google Ireland Limited, the data may be transmitted to the following recipients as part of the processing:

To read the privacy notice and cookie policy of Google Ireland Limited, please visit https://policies.google.com/privacy?hl=en and https://policies.google.com/technologies/cookies?hl=en.

As part of the processing by Google Analytics, data may be transferred to the third countries USA, Singapore, Taiwan and Chile.

On this website the “Google Maps” service is integrated via API in order to be able to display geographical information. The use of Google Maps enables Google to collect, process and use data about your use of the service. By using Google Maps, information about the use of this website, including your IP address and the (start) address entered as part of the route planner function, can be transmitted to Google in the USA. The map content is transmitted by Google directly to your browser, which then integrates it into the website. Further information about how Google processes your data can be found in the Google privacy policy.

The following data is collected and processed using Google Maps:

IP address

Location information

Usage data

Date and time of visit

URLs

The legal basis for processing is your consent in accordance with Art. 6 para. 1 sentence 1 lit. a) GDPR. If you do not want Google to collect, process or use data about you via our website, you can refuse your consent or revoke it at any time with effect for the future. You can also deactivate JavaScript in your browser settings. In this case, however, you will not be able to use the map display.

The personal data will be stored for as long as it is necessary to fulfil the purpose of processing. The data will be deleted as soon as it is no longer required to achieve the purpose.

The data may be transmitted to the following recipients as part of the processing in addition to Google Ireland Limited:

As part of the processing by Google Analytics, data may be transmitted to the third countries USA, Singapore, Taiwan and Chile.

We use "Google Ads" (formerly Google AdWords) on our website, a service provided by Google Ireland Ltd. Google Ads enables us to draw attention to our attractive offers using advertising on external websites. This enables us to determine how successful individual advertising measures are. These advertising materials are delivered by Google via so-called "ad servers". For this purpose, we use so-called ad server cookies, which can be used to measure certain parameters for measuring success, such as the display of ads or clicks by users. If you access our website via a Google ad, Google Ads will save a cookie on your PC. These cookies usually expire after 30 days. They are not intended to be used to identify you personally.

The following information is usually saved as analysis values for this cookie: Unique cookie ID, number of ad impressions per placement (frequency), last impression (relevant for post-view conversions), opt-out information (marking that the user no longer wishes to be contacted). These cookies enable Google to recognize your web browser. If a user visits certain pages of an Ads customer's website and the cookie stored on their computer has not yet expired, Google and the customer can recognize that the user has clicked on the ad and been redirected to this page. Each Ads customer is assigned a different cookie. Cookies cannot therefore be tracked across Ads customers' websites.

We ourselves do not collect and process any personal data in the advertising measures mentioned. We only receive statistical evaluations from Google. Based on these evaluations, we can see which of the advertising measures used are particularly effective. We do not receive any further data from the use of the advertising material, in particular we cannot identify the users based on this information. Due to the marketing tools used, your browser automatically establishes a direct connection to the Google server.

To the best of our knowledge, Google receives the information that you have accessed the corresponding part of our website or clicked on an ad from us. If you have a user account with Google and are registered, Google can assign the visit to your user account. Even if you are not registered with Google or have not logged in, there is a possibility that Google will find out and save your IP address.

We use Google Ads for marketing and optimization purposes, in particular todisplay ads that are relevant and interesting to you, to improve campaign performance reports and to achieve a fair calculation of advertising costs. The legal basis is your consent in accordance with Art. 6 para. 1 sentence 1 lit a)GDPR.

As part of the processing by Google, data may be transmitted to the third countries USA, Singapore, Taiwan and Chile.

You can also prevent the installation of cookies by deleting existing cookies and deactivating the storage of cookies in the settings of your web browser. You can also prevent cookies from being stored by setting your web browser to block cookies from the domain “www.googleadservices.com” (https://www.google.de/settings/ads). Please note that this setting will be deleted if you delete your cookies. You can also deactivate interest-based ads using the link http://optout.aboutads.info. Please note that this setting will also be deleted if you delete your cookies.

You can find further information on data usage by Google, setting and objection options, and data protection on the following Google websites:

Privacy policy: https://policies.google.com/privacy?hl=de&gl=de

Google website statistics: https://services.google.com/sitestats/de.html

If you decide to communicate with us via WhatsApp, we will process your personal data, such as your telephone number, your picture, your status information and your name, if you provide it to us. In addition, we process the personal data that you transmit to us via WhatsApp. In this regard, we recommend that you only provide us with the information that is absolutely necessary to answer your request and refrain from providing additional information. Whether you use WhatsApp and contact us in this way is up to you and you can receive the same information by telephone, electronically and/or by post

WhatsApp is a telecommunications service of WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, and a company of Meta Platforms, Inc.

We process your personal data in order to answer your request sent via WhatsApp. The legal basis for this data processing is your use of our WhatsApp channel in accordance with Art. 6 para. 1 sentence 1 lit. b) GDPR.

Data processing by WhatsApp is governed by the privacy notice of WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, and is available at https://www.whatsapp.com/legal/?lg=de&lc=DE&eea=1#privacy-policy.

The employees who manage our WhatsApp channels will have access to your personal data. It cannot be ruled out that WhatsApp employees may also have access to your personal data. Likewise, it cannot be ruled out that your data will be stored on WhatsApp servers in the United States of America. The transfer of data to the USA is based on the Data Privacy Framework, according to which WhatsApp LLC is certified. Details of the regulations can be found here https://www.dataprivacyframework.gov/s/program-overview

We use the store system of the service provider Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland ("Shopify"), for the purpose of hosting and displaying our online store and for the use of Shopify AddOns on the basis of processing on our behalf. The data collected on our website is processed on Shopify's servers. The processing is carried out in accordance with Art. 6 Para. 1 S. 1 lit. b GDPR on the basis of your use of our website and our interest in improving the stability and functionality of our website in accordance with Art. 6 Para. 1 S. 1 lit. f GDPR.

As part of Shopify's aforementioned services, data may also be transferred to Shopify Inc, 150 Elgin St, Ottawa, ON K2P 1L4, Canada, Shopify Data Processing (USA) Inc, Shopify Payments (USA) Inc or Shopify (USA) Inc as part of further processing on behalf of Shopify. In the event that data is transferred to Shopify Inc. in Canada, the appropriate level of data protection is guaranteed by an adequacy decision of the European Commission. Further information on Shopify's data protection can also be found on the following website: https://www.shopify.de/legal/datenschutz

In the event that data is transferred to Shopify in the USA, the security of the transfer is ensured by so-called EU standard contractual clauses, which guarantee that the processing of personal data is subject to a level of security that corresponds to that of the GDPR. If the EU standard contractual clauses are not sufficient to establish an adequate level of security, your consent may serve as the legal basis for the transfer to third countries in accordance with Art. 49 para. 1 sentence 1 lit. a GDPR.

To improve the comfort and quality of our service, we use the Hotjar software from Hotjar Ltd, Level 2, St. Julians Business Centre, 3 Elia Zammit Street, St. Julians STJ 1000, Malta (https://www.hotjar.com). Using Hotjar, we can measure and evaluate user behavior (e.g. mouse movements, clicks, scrolling behavior, etc.) on our website. Hotjar can also determine how long you have remained with the mouse pointer on a certain place. From this information, Hotjar creates so-called heat maps, which can be used to determine which website areas are preferred by website visitors. Furthermore, we can determine how long you have stayed on a page and when you left it and at which point you canceled your entries in a contact form (so-called conversion funnels). Hotjar can also be used to obtain direct feedback from visitors to our website. This function is used to improve our web offerings. Hotjar uses technologies that enable the recognition of the user for the purpose of analyzing user behavior (e.g. cookies or the use of device fingerprinting). For this purpose, Hotjar sets cookies on users' devices and can then store user data (e.g. browser information, operating system, time spent on the site, etc.).

The legal basis for this data processing is your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. If you do not want Hotjar to collect and process the aforementioned data, you can refuse your consent or withdraw it at any time with effect for the future. The personal data is stored for as long as it is required to fulfill the purpose of processing. The data will be deleted as soon as it is no longer required to achieve the purpose.

We maintain online social media presences to increase our reach. If you click on a link embedded in our website, you will be redirected to the relevant page:

Instagram: https://www.instagram.com ,

Facebook: https://www.facebook.com.

Pinterest: https://www.pinterest.com.

TikTok https://www.tiktok.com.

If there is joint responsibility with Instagram or Facebook, the joint responsibility agreement applies. You can find the agreement at https://de-de.facebook.com/legal/terms/page_controller_addendum. Further information on the respective responsibilities can be found in the Facebook Page Insights Supplement (https://de-de.facebook.com/legal/terms/page_controller_addendum). The legal basis for the processing of the data is Art. 6 para 1 sentence 1 lit. f) GDPR. Our legitimate interest in this respect is to increase the reach of our online presence on social media channels. The purpose of the processing is to increase our presence on the internet. Access to the data is granted to our employees who are active in the management of the social media channels and, if applicable, employees of the respective provider. Your personal data is transferred to the companies listed below in the USA or can be accessed from there. The security of the transfer is ensured by so-called EU standard contractual clauses, which guarantee that the processing of personal data is subject to a level of security that corresponds to that of the GDPR. If the EU standard contractual clauses are not sufficient to establish an adequate level of security, your consent may serve as the legal basis for the transfer to third countries in accordance with Art. 49 para. 1 sentence 1 lit. a GDPR. You can find information on data processing at Instagram (Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA): http://instagram.com/about/legal/privacy; Facebook (Meta Platforms Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland): https://www.facebook.com/about/privacy/legal_bases ).

Depending on your browser settings and whether you have given us your consent, cookies may be set when you visit the website in order to extend the functionality of the website and make it more convenient for you to use.

Cookies are small text files that are stored on your computer. Cookies are stored and read on the basis of § 25 TDDDG. Most of the cookies we use are deleted from your hard disk at the end of the browser session ("session cookies"). In addition, we use so-called permanent cookies ("persistent cookies"), which remain on your end device in order to recognize you the next time you visit the website. If cookies are set, they collect and process certain user data such as browser and location data as well as IP address values to an individual extent as described above in the server log files. Persistent cookies are automatically deleted after a specified period, which may vary depending on the cookie.

If personal data is also processed by individual cookies used by us, the processing is carried out in accordance with Art. 6 para. 1 sentence 1 lit. f)GDPR on the basis of our legitimate interest in improving the stability and functionality of our website (in the case of so-called "necessary cookies") or in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR on the basis of your consent for all other cookies (marketing and analysis cookies).

An overview of the cookies used and the duration of the respective cookie storage can be found in the cookie settings in our cookie consent tool .

Please note that you can also set your browser so that you are informed about the setting of cookies and can decide individually whether to accept them or to exclude the acceptance of cookies for certain cases or in general. Each browser differs in the way it manages cookie settings. Cookie settings are described in the help menu of each browser, which explains how you can change your cookie settings. Please note that if you do not accept cookies, the functionality of our website may be restricted.

We use a so-called cookie consent tool to obtain consent for cookies and cookie-based applications that require consent.

Each cookie must be evaluated individually to a certain extent, as each cookie stores different data. The expiry time of a cookie also varies from a few minutes to a few years. Therefore, please refer directly to the cookie settings in our cookie consent tool, which is always displayed at the bottom of the website, for an overview of the cookies used and the duration of the respective cookie storage.

So that the cookie consent tool can clearly assign page views to individual users and individually record, log and store the consent settings made by the user for the duration of a session, certain user information, as described in the server log files, is collected by the cookie consent tool when our website is accessed, transmitted to the cookie consent tool server and stored there.

The data processing carried out by the cookie consent tool is carried out in accordance with Art. 6 para. 1 sentence 1 lit. f) GDPR on the basis of our legitimate interest in a legally compliant, user-specific and user-friendly consent management for cookies and also in a legally compliant design thereof, insofar as Art. 6 para. 1 sentence 1 lit. c) GDPR also applies as the legal basis. We process your data for this purpose for the duration of your session and delete your data afterwards, unless you have given your consent to the setting of cookies; in such a case, we process your data for the duration specified for each cookie.

You can contact us either in writing or by email at hello@mikuta.com to exercise the following rights:

Information about your data in order to check and verify it, in accordance with Art. 15 GDPR;

Receiving a copy of your personal data, Art. 15 (3) GDPR;

rectification, erasure or restriction of processing, including the right to have incomplete or inaccurate data completed by means of supplementary communication, in accordance with Art. 16, 17 and 18 GDPR

Objection to the processing of personal data processed by us on the basis of legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f) GDPR, pursuant to Art. 21 GDPR; there is a right to object to the processing if this is done for reasons arising from your particular situation; if the objection is directed against the processing of personal data for the purpose of direct marketing, you have a general right of objection without the requirement to specify a particular situation;

Receiving the data you have provided in a structured, commonly used and machine-readable format and transmitting this data to another controller, provided that you have given your consent to the processing or the processing is based on a contract;

You also have the right to lodge a complaint with a supervisory authority in connection with the processing of your personal data. You can contact the authority responsible for your place of residence or the Berlin Commissioner for Data Protection and Freedom of Information, Friedrichstraße 219, 10969 Berlin.

If you have given your consent to processing, you can revoke this at any time with effect for the future by notifying us, e.g. via hello@mikuta.com . We will store your consent for three years after the end of the year in which you withdraw your consent.

With the exception of the services described above, your personal data will not be used for automated decision-making or profiling. Profiling is only carried out with your consent as described above in the context of the individualservices.

We reserve the right to amend this privacy notice in the event of changes to the legal situation or our services or for other reasons. The current version is always available on our website.