Privacy Policy of the A4 COSMETICS Shop

(Last update: May 2019)

We are pleased about your interest in our shop under the URL https://www.a4healthandbeauty.... (hereinafter referred to as "Shop"). Below we inform you about the processing of your personal data when operating our Shop.

1. Responsibility

    The “controller” under data protection law is ESM GmbH & Co. KG (referred to below as „A4COSMETICS“ or „us“), Cuvilliesstraße 14, 81679 Munich, Germany email address: [email protected].

    2. Contact details of the data protection officer

      Our Data Protection Officer can be contacted at: [email protected]

      3.Access to our Shop

        You can visit our Shop without providing personal data. We store your access data temporarily in so-called "web server log files". These cover the following data:

        • IP address
        • Date and time of the retrieval of the shop
        • Name and URL of the requested file
        • The transferred data volume
        • The notification whether the access was successful
        • Browser type/version
        • URL of the website visited before,
        • Name of your internet access provider

        The collection of those data is required to enable your device to access our Shop and use its functions. Unfortunately, the Shop cannot be used without the provision of your IP address.

        Such data collection takes place prior to entering into a contract and for the purposes of our legitimate interests to show you the content of this Shop.

        4. Cookies

          4.1 Use of Cookies for convenience

          When using our Shop, cookies will be generated to ensure that your visit is an enjoyable one and to enable the use of specific functions. “Cookies” are small text files which are transmitted from our web server to the browser of your terminal device and will be stored there. We have a legitimate interest in carrying out the processing for the purpose of improving our Shop and analyzing its use.

          The cookies contain the following data:

          The following table describes which cookies we use and why they are requested:

          Name of cookie

          Description of the cookie

          requiredsession Cookies




          These cookies are required for a trouble-free visit of the Shop, as they provide the current browser session via several page views and tabs.



          This cookie stores your setting as to whether cookies may be used by the Shop or not. Please note that this cookie and the session cookies are mandatory for technical reasons.

          Necessary permanent Cookie





          The login cookie stores the login data of your customer account in encrypted form as soon as you have checked the option "Stay logged in" when logging in. The mage cookies are necessary for keeping the shop system to provide the site, the shopping cart and the purchase. The same applies to autocomplete and section_data_ids. The aka_ cookies are set by PayPal and secure the payment process. Further information on the use of cookies by PayPal can be found at

          Blog section commentar & share function Cookies



          When you use the blog a share feature is activated enabling you to share content on social networks. The cookies identify the sharing user and protect others against spam. For avoiding double sending of comments additional cookies are installed when you use the comment function in the blog.

          Statistic permanent Cookies



          These cookies are provided by the feature Google Analytics (see below under Section 4.2).

          These cookies store information about the user behaviour. The cookies collect anonymous data about the number of visitors to the Shop, where the visitors came from and which pages of the Shop have been accessed.

          When you disable the Google Analytics feature on this page, the cookie _dc_gtm_UA-* will be set.

          Users who logged in:

          If you provide us with your consent by clicking "Stay logged in. I can withdraw this consent at any time with future effect. The lawfulness of the cookies used up to the receipt of the revocation will not be affected thereby.” we are able to install a permanent Cookie, which recognizes you when you access our Shop and automatically associates you with your customer account.

            Cookie Richtlinie

            5. Customer Account

              On our Shop, you can set up a customer account.

              When creating a customer account, you will be asked to enter your first name, last name, e-mail address and a password. E-mail address and password serve as your access data, which we cross-check with the inputs you provide when logging into your customer account. We use your surname and first name to identify you as our contractual partner. Hence, the purposes of this data processing are pre-contractual measures and fulfillment of the contract.

              We use your access data (e-mail address and password), which you enter in order to access your customer account, to verify the information you provided when setting up your customer account. This also promotes the purpose of fulfilling the contract. To complete the registration process, we will provide you with an e-mail with a link. Your registration will not be completed before you click on the link. If you do not click on the link for more than 14 days, your registration data will be deleted unless you are registered as a guest with an order in our system.

              Setting up a customer account is voluntary. You can place orders as a guest at any time, even without a customer account. In this case, however, you cannot log into our customer account area and you will need to re-enter your personal data if you make an additional order at a later time.

              After having set up a customer account, you can access and edit your personal data and your address book. If you enter names and addresses of third parties (e.g. in the address book or as shipping address), we assume that you are authorized to do so, and you gained the prior consent of the affected individuals.

              You can terminate your customer account at any time with short notice. We reserve the right to terminate your account with one month's notice to the end of the month if you did not log into your account for five years or more.

              6. Ordering goods

                • Order process

              The data (including but not limited to name and address) provided in your order are required for pre-contractual purposes and for the fulfilment of the contract. Without such data no contract can be entered into. We will ask you for your phone number based on our legitimate interest to contact you by telephone in case of questions regarding your orders. If you do not provide us with your telephone number, we will not be able to ask you any questions about orders. The data provided by you (name, address, telephone number and e-mail address) will be stored electronically and used to carry out your order, which means processing your payment processing and delivering your goods. We use the e-mail address you provide to confirm receipt and acceptance of your order and verify that the e-mail address you provided actually belongs to you. By this means, we take pre-contractual measures. If you do not provide us with your email address, we will not be able to inform you of the status of the order and verify that the email address is yours.

              • Payment Methods

              Currently, you can choose between the following payment methods:

              • PAYONE (Kauf auf Rechnung).
              • Credit card.
              • PayPal and
              • SOFORT Ueberweisung.

              When choosing the payment option "credit card" your credit card data, when choosing the payment option "invoice" invoice amount, order number and date of birth will be collected and processed by BS PAYONE GmbH, Lyoner Str. 9, 60528 Frankfurt on the Main, Germany (hereinafter referred to as "BS PAYONE").

              SOFORT GmbH, a company belonging to the Klarna Group, resident at Theresienhoehe 12, 80339 Munich, Germany offers the payment method “SOFORT Ueberweisung” to You. To proceed Your payment, SOFORT GmbH collects the following personal data: name, IBAN, reference, amount and date.

              If you would like to use PayPal for your payment, the amount to be paid will be transferred to PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter referred to as "PayPal"), after which your log-in data will be collected by PayPal. The data processing takes place according to your own contractual user relationship with Paypal. Except for the information on your successful payment we do not receive any of your payment data.

              The billing service is offered by BS PAYONE. BS PAYONE is a payment service provider who initiates your payment for the goods you ordered. With the goods or by e-mail you will receive an invoice from BS PAYONE. BS PAYONE will then forward this payment to A4Cosmetics.

              We process your data based on the payment method and with the payment provider you selected to initiate the payment of goods to process the payment and our economic interest in outsourcing processes that are not part of our main business. If you do not want to provide the information requested for that payment option, that payment option will not be available and you will need to choose an alternative payment option.

              Further details on data protection can be found on the following websites:

              • BS PAYONE:


              • SOFORT Ueberweisung:


              7. Sending newsletters

                On our Shop, you can subscribe for our e-mail newsletter.

                When subscribing for our newsletter you make the following agreement:

                "I agree that ESM GmbH & Co. KG, Munich, regularly (maximum 2 times per month) informs me by e-mail about current offers and interesting facts about A4 Cosmetics. I can withdraw this consent at any time with effect for the future. The lawfulness of the newsletters sent up to the receipt of the revocation will not be affected thereby."

                You can unsubscribe from the newsletter by using the unsubscribe option provided in the newsletter or simply by notifying us, e.g. by sending an e-mail to [email protected] . You cannot use this service without providing your e-mail address for the newsletter.

                8. Using the contact form and our customer support number

                  By this Link you can ask us questions about products or other topics. You will need to provide us with your name, email address and message. You can also use our service hotline. The purpose for providing your data varies based on your request and your status as an interested party or customer. It can be fulfilling an agreement or providing pre-contractual measures. We cannot answer your request without the requested information. If you do not provide voluntary details, this will be without any consequences. If you forward us voluntary details we will use it to contact you.

                  9. Statutory and contractual duties to provide data

                    The provision of your data as described in this data privacy policy is neither contractually required nor prescribed by law.

                    10. Disclosure of your data

                      We will only disclose your data to third parties if we are entitled or obliged to do so by applicable law.

                      We are authorized to do so if you give us consent or third parties who process data on our behalf: If we do not carry out our business activities (e.g. operation of the Shop, product adaptation, customer service, production and dispatch of advertising material, data analysis and, if applicable, data clearing, payment processing) ourselves, but have them carried out by other companies, and these activities are connected with the processing of your data, we have previously contractually bound these companies to use the data only for the purposes permitted by law. We are authorised to monitor these companies in that respect. Data will also be shared with Google Ireland through the Google Maps service on a shared responsibility basis.

                      When you order goods in our Shop we forward your data required for delivery (name, address) to the respective shipping company. If delivery shall take place to a country of the EU except for Germany more than one shipping company can be involved. Additionally, we forward your payment data to the responsible bank for payment in order to process payments unless you selected a payment service provider for this purpose.

                      In the event of a default in payment name, address and date of birth will be forwarded to collection service providers and processed on our behalf for debt recovery. This shall speed accelerate the collection of debts as our legitimate interest.

                      In particular cases, we may be bound by law to pass your personal data along to authorities or courts. This data processing is therefore based on a legal obligation.

                      11. Storage period and deletion of data

                        The data that you provide when setting up a customer account will be stored until you terminate your customer account or you do not log into your customer account for a period of 5 years and we therefore terminated your customer account. This shall include but not be limited to order data.

                        Your blog comments (including the displayed name and email address) will be stored by A4Cosmetics until you withdraw your consent or the content will be deleted by A4Cosmetics.

                        Apart from that, we store your order data for up to 10 years pursuant to the legal retention periods. To the extent that your data needs to serve as evidence in a legal dispute, those data will be stored for the duration of the legal dispute or the statutory limitation periods, respectively. While the limitation period can be up to 30 years (see Art. 195 pp of the German Civil Code), the regular limitation period is three years.

                        The data that you provide when using our contact form or service number will be deleted as soon as we can assume that your request has been completely clarified and that this data has not been collected for contractual purposes at the same time. Communication on warranty rights is stored for the duration of the warranty period or the end of the respective limitation period. Data collected and used on the basis of your consent will be deleted after receipt of your withdrawal.

                        12. Your rights (rejection, revocation, information, correction, restriction of processing, deletion, transferability, complaint)

                        • Objection
                        • You have the right at any times to object the processing of your personal data which is processed in connection with this shop. Therefore you can use the contact data of section 1 and 2. If you reject, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms.

                          • Revocation

                          In addition, you have the right to revoke any consent given with effect for the future. The lawfulness of the processing activities based on your consent will, however, not be affected up to the exercise of the right of revocation.

                          • Other rights

                          You have the right, free of charge, to be provided with information regarding your personal data stored by us, to correct inaccurate data, and to have data being restricted in processing or deleted. You also have the right to be provided with your data in a structured, commonly used and machine-readable format and to have your data transmitted by us to another person. Finally, you have the right to lodge a complaint with a supervisory authority.

                          With the exception of your right to lodge a complaint with a supervisory authority, you may address your relevant request to the contact details specified in sections 1 and 2 above.

                          13. Data security

                          Your personal data will be transmitted via the Internet in encrypted form. We secure the Website and the other systems by technical and organisational measures, in particular, the encryption technology, SSL (Secure Socket Layer), against any loss, destruction, access, alteration or dissemination of your data by unauthorised persons.You can access your customer account only by entering your personal password. Please treat any access data strictly confidential and close your browser window if you terminated the communication with us, in particular if you use the device with others.

                          Taking into account the state of technology, the costs of implementation and the nature, scope, context and purposes of the processing, as well as the likelihood and severity of an infringement of the rights and freedoms of natural persons, the A4COSMETICS has implemented appropriate technical and organisational measures within the meaning of Article 32 GDPR.

                          The following measures will, inter alia, be taken to protect your data and to protect them against any loss, destruction, access, alteration or dissemination by unauthorised persons:

                          • ensuring the confidentiality, integrity, availability and resilience of the processing systems and services;
                          • ensuring the speedy restoration of the availability of personal data in the event of a physical or technical incident;
                          • the implementation of procedures for regularly testing, assessing and evaluating the effectiveness of the technical and organisational measures for ensuring the security of the processing.
                          • Please note that, while we endeavour to create a secure and reliable Shop for users, the absolute confidentiality of messages or materials transmitted to, or from, the Shop cannot be guaranteed.