top of page



Name and business address 

Heunize Cosmetic GmbH 

Coupling 1 

20099 Hamburg 






Phone: +49 40 18208291 

Further information according to § 5 TMG 

Commercial Register: Hamburg District Court – HRB 170167 

Managing Directors: Heunize Trujillo Lara and Wolfgang Michalowski 

VAT ID: DE345837045


to fulfill the information obligations according to Art. 13 DSGVO and Art. 14 DSGVO 

  1. General 

This data protection information applies to data processing by: 

Heunize Cosmetic GmbH, Koppel 1, 20099 Hamburg, Germany 

Responsible persons: Heunize Trujillo Lara, Wolfgang Michalowski 

Email:, phone: +49 40 18208291 

At the bottom of this page you have the option to enable or disable features that could affect your privacy rights. 

The following overview summarizes the types of data processed and the purposes of their processing and refers to the data subjects. 

  1. Types of data processed 

  • Inventory data (e.g. names, addresses) 

  • Content data (e.g. text input, photographs, videos) 

  • Contact details (e.g. email, phone numbers) 

  • Meta/communication data (e.g. device information, IP addresses) 

  • Usage data (e.g. websites visited, interest in content, access times) 

  1. Categories of data subjects 

  • Interested parties 

  • Communication partner 

  • Users (e.g. website visitors, users of online services, customers) 

  1. Purposes of processing 

  • Provision of our online offer and user-friendliness 

  • Visit action evaluation 

  • Direct marketing (e.g. by email or post) 

  • Interest-Based and Behavioral Marketing 

  • Contact requests and communication 

  • Conversion measurement (measurement of the effectiveness of marketing measures) 

  • Profiling (creating user profiles) 

  • Remarketing 

  • Range measurement (e.g. access statistics, recognition of returning visitors) 

  • Tracking (e.g. interest/behavioural profiling, use of cookies) 

  • Contractual benefits and service 

  1. Relevant legal bases 

In the following we inform you about the legal basis of the General Data Protection Regulation (GDPR), on the basis of which we process the personal data. Please note that in addition to the regulations of the GDPR, the national data protection regulations in your or our country of residence and domicile may apply. 

  1. Consent (Art. 6 Para. 1 S. 1 lit. a DSGVO) 

The data subject has given their consent to the processing of their personal data for one or more specific purposes. 

  1. Fulfillment of contract and pre-contractual inquiries (Art. 6 Para. 1 S. 1 lit. b. DSGVO) 

The processing is necessary for the performance of a contract to which the data subject is party or for the implementation of pre-contractual measures that are taken at the request of the data subject. 

  1. Legitimate interests (Art. 6 Para. 1 S. 1 lit. f. GDPR) 

Processing is necessary to safeguard the legitimate interests of the person responsible or a third party, provided that the interests or fundamental rights and freedoms of the data subject which require the protection of personal data do not prevail. 

  1. Security measures 

We take appropriate technical and organizational measures in accordance with the legal requirements, taking into account the state of the art, the implementation costs and the type, scope, circumstances and purposes of the processing as well as the different probabilities of occurrence and the extent of the threat to the rights and freedoms of natural persons to ensure a level of protection appropriate to the risk. 

The measures include, in particular, securing the confidentiality, integrity and availability of data by controlling physical and electronic access to the data as well as access, input, disclosure, securing availability and their separation. Furthermore, we have set up procedures that ensure the exercise of data subject rights, the deletion of data and reactions to data threats. Furthermore, we already take the protection of personal data into account when developing or selecting hardware, software and processes in accordance with the principle of data protection, through technology design and through data protection-friendly default settings. 

  1. Collection and storage of personal data and the type and purpose of their use 

  1. When visiting the site 

When you visit our website, the browser used on your device automatically sends information to our website server. This information is temporarily stored in a so-called log file. The following information is recorded without your intervention and stored until it is automatically deleted: 

  • IP address of the requesting computer, 

  • Date and time of access, 

  • Name and URL of retrieved file, 

  • Website from which access is made (referrer URL), browser used and, if applicable, the operating system of your computer and the name of your access provider. 

The data mentioned are processed by us for the following purposes: 

  • Ensuring that the website connects smoothly, 

  • Ensuring comfortable use of our website, 

  • Evaluation of system security and stability as well as for other administrative purposes. 

The legal basis for data processing is Art. 6 Para. 1 S. 1 lit. f GDPR. Our legitimate interest follows from the data collection purposes listed above. Under no circumstances do we use the collected data for the purpose of drawing conclusions about your person. 

In addition, we use cookies and analysis services when you visit our website. You can find more detailed explanations in Sections 4 and 5 of this data protection declaration. 

  1. When registering for our planned newsletter 

If you have given your express consent in accordance with Article 6 Paragraph 1 Clause 1 Letter a GDPR, we may use your e-mail address to regularly send you our newsletter, which is currently being planned. Providing an email address is sufficient to receive the newsletter.  

You can unsubscribe at any time, for example via a link at the end of each newsletter. Alternatively, you can also email your unsubscribe request to at any time.  

  1. When using our contact form 

If you have any questions, we offer you the opportunity to contact us using a form provided on the website. It is necessary to provide a valid e-mail address so that we know who sent the request and can answer it. Further information can be provided voluntarily.  

Data processing for the purpose of contacting us takes place in accordance with Article 6 Paragraph 1 Clause 1 Letter a GDPR on the basis of your voluntarily given consent.  

The personal data collected by us for the use of the contact form will be automatically deleted after the request you have made has been dealt with.  

  1. Sharing data 

A transfer of your personal data to third parties for purposes other than those listed below does not take place.  

We only share your personal information with third parties if: 

  • you have given your express consent to this in accordance with Article 6 Paragraph 1 S. 1 lit.

  • the transfer according to Art. 6 Paragraph 1 S. 1 lit. f DSGVO is necessary to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding legitimate interest in the non-transfer of your data, _cc781905-5cde- 3194-bb3b-136bad5cf58d_

  • in the event that there is a legal obligation for the transfer according to Article 6 Paragraph 1 Sentence 1 lit.

  • this is legally permissible and required for the processing of contractual relationships with you in accordance with Art. 6 (1) sentence 1 lit. b GDPR.

In such a case, we observe the legal requirements and, in particular, conclude appropriate contracts or agreements with the processors of your data that serve to protect your data. 

Data processing in third countries 

If we process data in a third country (i.e. outside the European Union (EU), the European Economic Area (EEA)) or the processing within the framework of the use of third-party services or the disclosure or transmission of data to other persons, bodies or companies takes place, this is only done in accordance with the legal requirements. 

Subject to express consent or contractually or legally required transmission, we only process or pass the data in third countries with a recognized level of data protection, which include US processors certified under the "Privacy Shield", or on the basis of special guarantees, such as contractual obligations so-called standard protection clauses of the EU Commission, the existence of certifications or binding internal data protection regulations (Art. 44 to 49 DSGVO, information page of the EU Commission: -protection/international-dimension-data-protection_de 

  1. Cookies 

We use cookies on our site. These are small files that your browser creates automatically and that are stored on your end device (laptop, tablet, smartphone, etc.) when you visit our site. Cookies do not damage your end device and do not contain viruses, Trojans or other malware.  

Information is stored in the cookie that arises in connection with the specific end device used. However, this does not mean that we are immediately informed of your identity.  

On the one hand, the use of cookies serves to make the use of our offer more pleasant for you. We use so-called session cookies to recognize that you have already visited individual pages on our website. These are automatically deleted after leaving our site.  

In addition, we also use temporary cookies to optimize user-friendliness, which are stored on your end device for a specific period of time. If you visit our site again to make use of our services, it will automatically be recognized that you have already been with us and what inputs and settings you have made so that you do not have to enter them again.  

On the other hand, we use cookies to statistically record the use of our website and to evaluate it for the purpose of optimizing our offer (see Section 5). These cookies enable us to automatically recognize when you visit our site again that you have already been with us. These cookies are automatically deleted after a defined period of time.  

The data processed by cookies are required for the purposes mentioned to protect our legitimate interests and those of third parties in accordance with Article 6 Paragraph 1 Sentence 1 lit. f GDPR. 

Most browsers accept cookies automatically. However, you can configure your browser in such a way that no cookies are stored on your computer or that a message always appears before a new cookie is created. However, the complete deactivation of cookies may mean that you cannot use all the functions of our website.  

  1. Analysis Tools  

  1. Tracking Tools 

The tracking measures listed below and used by us are carried out on the basis of Article 6 (1) sentence 1 lit. f GDPR. With the tracking measures used, we want to ensure a needs-based design and the continuous optimization of our website. On the other hand, we use the tracking measures to statistically record the use of our website and to evaluate it for the purpose of optimizing our offer for you. These interests are to be regarded as legitimate within the meaning of the aforementioned provision.  

The respective data processing purposes and data categories can be found in the corresponding tracking tools.  

  1. Google Analytics 

We use Google Analytics, a web analytics service provided by Google LLC, for the purpose of tailoring our website to meet your needs and continually optimizing it. ( (1600 Amphitheater Parkway, Mountain View, CA 94043, USA; hereinafter "Google"). In this context, pseudonymised user profiles are created and cookies (see Section 4) are used. The information generated by the cookie about your use of this website such as 

  • Browser type/version, 

  • Operating system used, 

  • Referrer URL (the previously visited page), 

  • Host name of the accessing computer (IP address), 

  • Server request time, 

are transferred to a Google server in the USA and stored there. The information is used to evaluate the use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage for the purposes of market research and the needs-based design of these websites. This information may also be transferred to third parties if this is required by law or if third parties process this data on our behalf. Under no circumstances will your IP address be merged with other Google data. The IP addresses are anonymized so that an assignment is not possible (IP masking).  

You can prevent the installation of cookies by setting the browser software accordingly; we would like to point out to you however that in this case not all functions of this website can be used in full. You can also prevent the collection of the data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing a browser add-on (https: //  

As an alternative to the browser add-on, especially for browsers on mobile devices, you can also prevent Google Analytics from collecting data by deactivating it at the bottom of this page. An opt-out cookie will be set to prevent future collection of your data when you visit this website. The opt-out cookie is only valid in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you must set the opt-out cookie again. You can also disable this cookie at the bottom of this page. 


Attention: If you delete your cookies, this means that the deactivation cookie will also be deleted and you will have to store it again.  

Further information on data protection in connection with Google Analytics can be found in the Google Analytics help (  

  1. Server log files 

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are: 

  • Browser type and browser version 

  • operating system used 

  • Referrer URL 

  • Host name of the accessing computer 

  • Server request time 

  • IP address 


This data is not merged with other data sources. 

The basis for data processing is Art. 6 Paragraph 1 lit. f GDPR, which allows the processing of data to fulfill a contract or pre-contractual measures.  

  1. Rights of data subjects  

You have the right: 

  • to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you can obtain information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to correction, deletion, restriction of processing or objection, the existence of a Right of appeal, the origin of your data, if not collected from us, and the existence of automated decision-making including profiling and, if necessary, meaningful information about their details; 

  • in accordance with Art. 16 GDPR, to immediately request the correction of incorrect or incomplete personal data stored by us; 

  • According to Art. 17 GDPR, to request the deletion of your personal data stored by us, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims is required; 

  • According to Art. 18 GDPR, to request the restriction of the processing of your personal data, insofar as you dispute the accuracy of the data, the processing is unlawful, but you refuse to delete it and we no longer need the data, but you use them to assert, exercise or defense of legal claims or you have objected to processing pursuant to Art. 21 GDPR; 

  • in accordance with Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request transmission to another person responsible; 

  • pursuant to Art. 7 Para. 3 GDPR, to revoke the consent you have given to us at any time. As a result, we are no longer allowed to continue the data processing based on this consent for the future and  

  • to complain to a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or work or our office.  


Right to object 

If your personal data is processed on the basis of legitimate interests in accordance with Article 6 Paragraph 1 Clause 1 Letter f GDPR, you have the right to object to the processing of your personal data in accordance with Article 21 GDPR, provided there are reasons for this, which arise from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right to object, which we will implement without specifying a particular situation.  

You can initially declare your objection using your browser settings, e.g. by deactivating the use of cookies (which can also limit the functionality of our online offer). 

An objection to the use of cookies for online marketing purposes can be raised using a variety of services, especially in the case of tracking, via the US website or the EU website // or generally on

Types of data processed:  

Usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses). 

Affected persons: 

Users (e.g. website visitors, users of online services). 

Legal basis:  

Consent (Art. 6 Para. 1 S. 1 lit. a GDPR), legitimate interests (Art. 6 Para. 1 S. 1 lit. f. GDPR). 

Furthermore, you can exercise your right of revocation or objection by sending an email to

  1. Data security 

When you visit our website, we use the widespread SSL (Secure Socket Layer) method in conjunction with the highest level of encryption supported by your browser. This is usually a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is being transmitted in encrypted form by the closed representation of the key or lock symbol in the lower status bar of your browser. 

We use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.  

  1. Updating and changing this privacy policy  

Due to the further development of our website and offers on it or due to changed legal or official requirements, it may become necessary to change this data protection declaration. You can access and print out the current data protection declaration here at any time.  


Status: 25.04.2022 

iStock-576607102 Kopie.jpg
iStock-576607102 Kopie.jpg
iStock-576607102 Kopie.jpg
iStock-576607102 Kopie.jpg
bottom of page