is the operator of the wiinkmochi.com website and the services offered on it. It is therefore responsible for the collection, processing and use of your personal data and for ensuring that the data processing complies with the applicable data protection legislation.
To find out what personal data we collect about you and for what purposes we use it, please read the information below carefully.
When you visit our website, our servers temporarily record each access in a log file. The following technical data is recorded, in principle as with any connection to a web server, without any intervention on your part and stored by us until it is automatically deleted after a maximum of 12 months:
This data is collected and processed for the purpose of enabling the use of our website (establishment of a connection), to ensure the long-term security and stability of the system and to enable the optimization of our online offering, but also for internal statistical purposes. These processing operations are based on our legitimate interest according to Art. 6 para. 1 letter f GDPR.
To place orders in our online store, you cannot order as a visitor. Because this would not give you access to your account. You must therefore create a customer account. When you register for a customer account, we collect the following data:
This data is collected in order to provide the customer with a direct and password-protected access to his basic data, stored in our system. The customer can consult his completed and current orders or manage/modify his personal data. Access to your account also allows you to delete it.
Your consent according to Art. 6 para. 1 letter a GDPR is the legal basis for the processing of data for this purpose.
If you wish to place orders in our online store, we require the following data for the execution of the contract:
Except as otherwise provided in this Privacy Policy or in the absence of your separate consent, we will only use the above data to perform this contract, including processing your orders, delivering the products ordered and ensuring that payment is made correctly.
The performance of a contract in accordance with Art. 6 para. 1 letter b GDPR is the legal basis for processing data for this purpose.
We will only pass on your personal data if you have expressly consented to this, if we are under a legal obligation to do so, or if this is necessary to assert our rights, in particular to assert our rights arising from the contractual relationship.
In addition, we pass on your data to third parties insofar as this is necessary for the use of the website and the execution of the contract (including outside the website), in particular for the processing of your reservations. This includes the carrier responsible for shipping the ordered goods. Data is also shared with Facebook (Meta) for the purpose of generating targeted advertising.
Our store is hosted on Shopify Inc which is the provider of the online sales platform. The personal data collected via the website is stored in Shopify's data storage system and databases as well as in the general Shopify application. Shopify's servers are located in the United States (web host: Google LLC). The transmission of data is for the purpose of providing and maintaining the functionality of our site. This is our legitimate interest according to Art. 6 para. 1 letter f GDPR.
Finally, we transmit your credit card information to the issuer and acquirer of your credit card when you pay by credit card on our site. If you choose to pay by credit card, you must enter all necessary information. The legal basis for the transfer of data in this case is the performance of a contract in accordance with Art. 6 para. 1 letter b GDPR. Regarding the processing of your credit card information by these third parties, please also read the general terms and conditions as well as the privacy policy of your credit card issuer.
We may also transfer your personal data to third party companies (contracted service providers) abroad for the data processing purposes specified in this privacy policy. These companies are subject to the same level of data protection as we are. If the level of data protection in a given country does not correspond to the Swiss or EU level, we will establish a contract to ensure that the protection of your personal data always corresponds to that of Switzerland or the EU.
Cookies make your visit to our site easier, more pleasant and more useful in various ways. Cookies are files containing information that your web browser automatically stores on your computer's hard drive when you visit our site.
For example, we use cookies to provide you with a shopping cart feature on multiple pages and to temporarily store information you enter when you fill out a form on our site so that you do not have to re-enter it when you visit another page. In addition, cookies may also be used to identify you as a registered user after you register on our site. This saves you from having to log in again when you visit another page.
Most web browsers automatically accept cookies. However, you can configure your browser so that it does not store any cookies on your computer or so that a message appears each time you receive a new cookie. The following pages explain how to configure cookie handling for the most commonly used browsers:
Disabling cookies may prevent you from using all the features of our site.
For the purpose of appropriate presentation and continuous optimization of our website, we use the audience analysis service of Google Analytics. In doing so, we create pseudonymized usage profiles and use small text files stored on your computer ("cookies"). The information generated by the cookie about your use of this website is transmitted to the servers of the providers of these services and is stored and processed for us. In addition to the data listed in section 1 below, we may receive the following information:
The information is used to analyze the use of the website, to compile reports on the website's activities and to provide other services related to the use of the website and the Internet for market research purposes and to tailor the website's presentation. This information may also be passed on to third parties in the event of a legal obligation or if these third parties are commissioned to process the data.
The provider of Google Analytics is Google Inc. a company of the Alphabet Inc. holding company based in the USA. Before the data is transmitted to the provider, the IP address is abbreviated by activating IP anonymization ("anonymizeIP") on this website within the member states of the European Union or in other states that are signatories of the Agreement on the European Economic Area. Google does not combine the anonymized IP address transmitted by your browser within the framework of Google Analytics with other data. In exceptional cases, the complete IP address will be transmitted to a Google server in the USA and abbreviated there.According to Google Inc. the IP address will not be linked to any other user data.
You can find further information about the web analysis service used on the Google Analytics website. You can find out how to prevent the processing of your data by the web analytics service at http://tools.google.com/dlpage/gaoptout?hl=fr.
The Facebook platform is part of Meta Platforms Inc (formerly Facebook Inc), which is based in the United States. Facebook processes data on behalf of an advertiser to measure the performance and reach of its advertising campaigns and to provide the advertiser with statistics about the audience that has seen and interacted with its ads (source: https://www.facebook.com/business/gdpr).
For more information about Facebook's use of information (Meta), you can visit https://www.facebook.com/about/privacy.
For the sake of completeness, we would like to inform users whose domicile or headquarters are in Switzerland that the United States is subject to surveillance measures by the US authorities. These measures generally allow the recording of all personal data of persons whose data has been transferred from Switzerland to the United States. This is done without any differentiation, limitation or exception based on purpose and without any objective criterion for limiting the access of the U.S. authorities to the data and their further use to very specific and strictly limited purposes that can justify the harm involved in accessing and using the data. Furthermore, we would like to inform you that in the United States, there is no means of redress for data subjects from Switzerland to gain access to your data and to have it corrected or deleted, nor do we have effective legal protection against general access rights of the US authorities. We explicitly draw the attention of the data subject to this legal and factual situation so that he or she can make an informed decision about consenting to the use of his or her data.
We inform users domiciled in an EU member state that, according to the EU, the United States - in particular due to the issues discussed in this section - does not have an adequate level of data protection. Insofar as we have explained in this privacy policy that certain data recipients (e.g. Google) are based in the United States, we will ensure either through contractual arrangements with these companies or through their certification according to the EU-US or Swiss-US Data Protection Shield that your data is afforded a reasonable level of protection by our partners.
You have the right to obtain, upon request, information about your personal data stored by us. Furthermore, you have the right to the correction of incorrect data and the deletion of your personal data as long as there is no legal obligation to store the data or no legal basis for processing the data.
You are also entitled to demand the return of the data you have provided to us (right to data portability). On request, we will also pass on the data to a third party of your choice. You have the right to obtain the data in a standard format.
You can contact us for the above purposes at the following email address: customer@wiinkmochi.com. We may ask you, at our discretion, for proof of identity to process your requests.
We use appropriate technical and organizational security measures to protect your personal data stored by us against manipulation, partial or total loss and against unauthorized access by third parties. Our security measures are constantly being improved in line with technological developments.
You should always keep your access data confidential and close the browser window when you have finished communicating with us, especially if you are not the only person using the computer.
We also take data protection within our company very seriously. Our employees and the service providers we hire are bound to secrecy and to compliance with the legal provisions on data protection.
We only store personal data for as long as is necessary for the use of the above-mentioned tracking and analysis services and for further processing based on our legitimate interest. We retain contractual data for a longer period of time as required by legal retention obligations. The retention obligations that require us to retain data arise from financial accounting and tax law.
According to these regulations, business communication, concluded contracts and accounting documents must be kept for a maximum of 10 years. As soon as we no longer need this data for the performance of our services, it will be blocked. The use of this data is reserved for tax and accounting purposes.
You have the right to lodge a complaint with a data protection supervisory authority.