Privacy Policy

(updated: March 2024)

Huber Holding AG, FN 061259m, Hauptstraße 17, 6840 Götzis, HUBER Digital GmbH, FN 552053v, Exerzierplatz 1, 6841 Mäder, as well as all companies of the Huber Holding AG group (hereinafter " HUBER "), take the protection of your personal data very seriously and use your personal data exclusively within the framework of the legal provisions in force.

The data protection declaration applies to the following online portals and services as well as their mobile applications, operated by HUBER

The data processing method is similar for most of our offers. This data protection declaration therefore applies to all services and benefits we offer our customers in Europe. Unless otherwise stated, the contracting party and controller within the meaning of the GDPR is HUBER Digital GmbH (hereinafter referred to as HUBER), FN 552053v, Hauptstraße 17, 6840 Götzis.

At HUBER, the protection of personal data is of particular importance. Therefore, we comply with legal provisions such as the General Data Protection Regulation (GDPR) and the Data Protection Act (FADP) when collecting, using, and processing personal data. In the following, we inform you about the scope and purpose of our data processing and your rights in this regard.

You can visit our website without providing any personal information. We only store access data without personal reference, such as the name of your internet service provider, the page from which you are visiting us or the name of the requested file. This data is analyzed exclusively for the purpose of improving our offer and does not allow any conclusions to be drawn about your person.

Personal data is only collected if you voluntarily provide it to us when ordering goods, opening a customer account, submitting a request via the contact form or subscribing to our newsletter, vouchers, SMS, direct mailings or any other electronic mail or by accepting optional cookies. We use the data you provide to us without your prior consent only to execute and process your order or to respond to your request. Personal data is any information that relates to an identified or identifiable natural person.

To As part of the contract execution, we store the following data - to the extent that you have made it available to us - and may pass it on to third parties for the provision of the service:

The data you provide is required for the performance of the contract or the implementation of pre-contractual measures. Without this data, we cannot conclude a contract with you. We therefore use this data for the purpose of order processing (including payment processing), handling inquiries, and evaluation. The legal basis for this is Article 6(1)(b) GDPR. If you open a customer account, your orders and saved goods will also be stored collectively with the customer account. You give your consent to this (Art. 6(1)(a) GDPR).

When registering for the newsletter , your name and email address will be used with your consent for advertising purposes until you unsubscribe from the newsletter or the email address provided is clearly incorrect. Unsubscribing from the newsletter is possible at any time and can be done either by sending a message to the contact address described below (das Link fehlt) or via a link provided for this purpose in the newsletter.

You can also register under the same conditions to receive SMS messages, other emails (e.g. push messages in apps) or direct mailings in order to regularly receive all the latest news and current information about our company and our products.

With your consent, we share data within the group and with websites that cooperate with us for the purpose of analyzing user behavior and, on this basis, transmitting information for advertising purposes. In addition, we use your data to display or send you vouchers and personalized product recommendations by email based on the products you have ordered or viewed and the data in your wish list.

The data we have collected from interested parties and customers for marketing and information purposes or for sending a newsletter or surveys as well as for advertising products that may be of interest to you are processed, in case of consent, until revocation, otherwise, due to our legitimate interest for marketing purposes, for a period of three years in principle from the last purchase or contact initiated by the interested party.

To the extent that you have given us your explicit consent during or after your order or because this is permitted on the basis of another legal basis in accordance with Article 6 of the GDPR, we will send you a reminder by email to evaluate your order. Any consent given for this purpose can be revoked at any time by sending a message to the option of contact described below .

On our website, we regularly offer competitions to increase the attractiveness of our site and obtain more interactions from visitors.

We use the personal data provided as part of a competition exclusively for the purpose of conducting the competition and not for marketing purposes. If, as part of registering for the competition, you give your explicit and voluntary consent to receive a newsletter or other marketing measures from us, we will consider this as consent.

If you contact us through the contact form on the website or by email, the data you provided will be kept with us for 24 months to process your request and in the event of a request for additional information.

If you register on our website and/or create a customer account , or if you place an order, the processing of your data is for the technical operation of this website, the operation and administration of your customer account, the processing of your order(s) and the permanent information about current promotions (in particular by means of electronic newsletters or e-mails). We use the personal data provided by you exclusively to the extent that it is necessary to fulfill the respective purpose (e.g. registration as a customer, sending the newsletter, processing an order, sending information material, processing a competition, answering a question) and/or if permitted by law.

We collect data from candidates for job offers opened with us for the purpose of initiating a possible employment relationship in accordance with Article 6, paragraph 1, point b of the GDPR or, where applicable, on the basis of explicit consent for evidentiary purposes. You will find here other information relating to data protection in relation to application processes.

We use partner programs from various providers. With your consent, using an affiliate program may result in the transmission, storage, and processing of your data to the respective affiliate program provider. This means that as soon as you interact with the products and services of an affiliate program, this provider (in addition to us) also collects data about you (including your IP address, location, etc.). The exact nature of the data stored depends on the individual provider. In particular, we participate in the AWIN affiliate program. Data processing is carried out in accordance with this and AWIN's data protection declaration:

https://www.awin.com/de/datenschutzerklarung .

In this case, the recorded information includes user behavior, IP address, device information and URL.

Your customer data, which is lawfully processed by a HUBER company for the reasons set out above, may in some cases be combined with the data systems (CRM, etc.) of the entire HUBER Group. This happens either i) because other companies within the group act exclusively as processors, or ii) because you have given your consent for your personal data to be combined and processed within the HUBER Group.

The purpose of consenting to the processing of your customer data by the CDP is to obtain comprehensive information about customer behavior and preferences. This allows us to deliver personalized marketing campaigns and improve the customer experience. Customer data is gathered from various HUBER sources or databases, including our internal systems, website interactions, social media, and other data sources with which we have a business relationship. You agree to the processing and aggregation of personal data within the HUBER group.

We also use klaviyo Inc., headquartered in the USA, as a processor. In this context, your personal data is also transferred to the USA. Klaviyo has incorporated the European Commission's standard contractual clauses and is committed to complying with them. You can find more information here:

https://www.klaviyo.com/legal/privacy.

Developing and delivering customized features and services is a top priority for us. Here are some examples of our customized services:

Furthermore, you may receive advertising messages from HUBER brands without subscribing to our newsletter, either on the basis of your consent or, to the extent legally permissible, even without consent. These messages contain individual recommendations based on your purchasing behavior. As part of our services, we present you with information and offers based on your interests. You will receive a limited number of product recommendations, surveys, and requests for product evaluations from us, even if you have not subscribed to a newsletter. When selecting these individual product recommendations, we preferably use data from your previous orders, in compliance with legal regulations.

If you do not wish to receive individual product recommendations by email from us, you can opt out at any time by clicking on the unsubscribe link available in each email.

In order to offer you more personalized content, we collect data based on your previous user behavior and use of the services. For example, if you open our newsletters more frequently, we interpret this as an interest on your part and ensure that your requirements in terms of frequency and content of emails are met.

Personal data processed in the context of purchasing operations are kept for as long as required by legal provisions (retention obligations, etc.).

If you register on our website and/or create a customer account or make a purchase and have provided us with personal data as part of our user agreement, we will generally retain this data until the expiry of a period of three years from your last contact with us, unless you request its deletion at an earlier date and there are no mandatory legal requirements requiring longer storage of the data.

If you contact us via the contact form on the website or by email, the data you provide will be stored by us for 24 months to process your request and in case of follow-up questions. Personal data received through surveys will be anonymized after 12 months.

If you have given your consent to the use of your personal data and we are then continuously active (e.g. when sending the newsletter), we will only delete your data after you have revoked your consent.

Your personal data will be passed on to third parties if this is necessary for the execution of the contract or to provide information to customers, to fulfill legal obligations or if you have given your consent to the sharing of data. Where applicable, we may also use service providers who help us to display advertising and provide you with information that may be of interest to you, as well as to conduct surveys that allow us to improve our services. The service providers we use (e.g. payment service providers for payment processing, shipping companies for delivery processing, suppliers for shipping communication, IT companies for technical support of order processing, for e-mail marketing) receive the data to fulfill contracts concluded with you or to help us with advertising or surveys in the sense mentioned above. Our service providers may only use the data for the performance of their tasks.

We use services in which data is or may be transferred abroad. The transfer may take place if this third country has been confirmed by the European Commission as having an adequate level of data protection or if other appropriate data protection safeguards exist (e.g. mandatory internal company data protection rules or standard EU data protection clauses).

A new adequacy decision has been adopted by the European Commission for the United States, in accordance with Article 45 of the GDPR. This adequacy decision applies to data importers in the United States that are registered on the Data Privacy Framework List ( https://www.dataprivacyframework.gov/s/participant-search ).

We check for each of our service providers whether they are registered on the Data Privacy Framework List or otherwise meet the legal requirements for transferring data to third countries. If so, your consent is required (Article 49(1)(a) GDPR).

We have no direct influence over whether US authorities may access personal data transmitted to service providers in the USA when using these services. Although we assume that the level of protection is guaranteed, access by US authorities to data processed in the USA is nevertheless possible.

In order to make your visit to our website more attractive and to enable the use of certain functions, we use so-called cookies on various pages. These are small text files that are stored on your terminal device. Some of the cookies we use are deleted at the end of the browser session, i.e. after you close your browser (so-called session cookies). Other cookies remain on your terminal device and enable us or our partner companies to recognize your browser on your next visit (persistent cookies). You can configure your browser so that you are informed about the setting of cookies and decide individually whether to accept them or exclude the acceptance of cookies in certain cases or generally. If you do not accept cookies, the functionality of our website may be limited.

As the cookies used for this purpose also change regularly, we have recorded information about the cookies we use in a separate cookie policy, which can be viewed here and which forms an integral part of this data protection declaration.

We use Google Analytics, a web analysis service provided by Google Inc. ( www.google.com ). Google Analytics uses so-called "cookies", text files that are stored on your device and that enable an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. However, if IP anonymization is activated on this website, your IP address will be truncated beforehand by Google within member states of the European Union or in other signatory states to the Agreement on the European Economic Area.

Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. IP anonymization is active on this website. Google will use this information on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activity and to provide the website operator with other services related to website activity and internet usage. The IP address transmitted by your browser as part of Google Analytics will not be combined with other data held by Google. You can prevent the storage of cookies by selecting the appropriate settings on your browser; however, we would like to point out that in this case you may not be able to use all the functions of this website.

You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from Google processing this data, by downloading and installing the browser add-on available at the following address:

http://tools.google.com/dlpage/gaoptout?hl=de .

As an alternative to the browser add-on, you can click this link to prevent Google Analytics from collecting data on this website in the future. An opt-out cookie will then be stored on your device. If you delete your cookies, you will need to click the link again.

On our website, we also use offers from Google Maps. If you are logged in to Google, the data is directly assigned to your account. Google uses your data for the purposes of advertising, market research, and the design of websites tailored to your needs. You can find further information on the purpose and scope of data collection as well as your right to object at the following address: http://www.google.de/intl/de/policies/privacy .

Google may process your data in the United States. Before you consent to the storage of cookies through Google Analytics, please read the corresponding information in the privacy policy. Google LLC is included in the Data Privacy Framework List.

We are also present on various social media networks. Data processing sometimes takes place in this context. You can find further information on this in their data protection declarations:

To find out about the purpose and scope of data collection, the further processing and use of the data by the providers as well as your rights and setting options in this regard to protect your privacy, please refer to the providers' data protection information.

If you do not want the data collected via our website to be directly attributed to your profile in the relevant service, you must log out of the relevant service before visiting our website.

When you place your first order, you register for the loyalty program. In this context, your name, email address, and optionally, your date of birth are stored. The order number, order amount, return information, as well as the device, information about the device you are using, and your IP address are also processed to calculate or manage statistics. The legal basis for the processing in this regard is your consent to our General Terms and Conditions. This data processing is intended to implement the loyalty program. Unsubscribing from the loyalty program is possible at any time and can be done by sending a message to service@wohunderwear.com .

With your consent, we transmit data within the group as well as to sites that cooperate with us for the purpose of analyzing user behavior and, on this basis, transmitting information for advertising purposes.

In addition, we use your data to display or email you vouchers and personalized product recommendations based on the products you have ordered or viewed and your wish list data.

If consent is given, we process the data we have collected from customers within the framework of the loyalty program until their revocation.

For the implementation of the loyalty program, we use the “Yotpo” program of Yotpo Ltd, New York, 400 Lafayette St, New York, USA (see also https://www.yotpo.com/privacy-policy/ ). In this context, personal data is also processed in the USA. See also point VI Data processing abroad.

We use HTTPS (Hypertext Transfer Protocol Secure) to transmit data over the Internet without the risk of interception. We have thus introduced an additional layer of security and satisfy data protection through technological design. By using TLS (Transport Layer Security), an encryption protocol for secure data transmission over the Internet, we guarantee the protection of confidential data. You can recognize the use of this data transmission security by the small lock symbol in the top left corner of the browser, to the left of the Internet address and by the use of the scheme https (instead of http) as part of our Internet address.

We reserve the right to amend this data protection declaration at any time in order to adapt it to changing legal requirements or technical changes. The current version of the data protection declaration is always available on our website. If you have any questions regarding data protection or wish to exercise your rights regarding your personal data, you can contact us at any time.

Within the meaning of the GDPR, you are considered a data subject when we process personal data concerning you. Therefore, you can exercise various data subject rights, which are enshrined in the GDPR. These are the right of access (Article 15 GDPR), the right to rectification (Article 16 GDPR), the right to erasure (Article 17 GDPR), the right to restriction of processing (Article 18 GDPR), the right to object (Article 21 GDPR), the right to lodge a complaint with a supervisory authority (Article 77 GDPR), and the right to data portability (Article 20 GDPR).

If you believe that the processing of your data violates data protection legislation or that your data protection rights have been violated in any other way, you can lodge a complaint with the supervisory authority. In Austria, this is the Data Protection Authority.

For any questions regarding the collection, processing or use of your personal data, for any requests for information, rectification, blocking or deletion of data as well as for the revocation of granted authorizations, please contact:

HUBER DIGITAL GmbH

Hauptstrasse 17

6840 Götzis, Austria

E-mail: dataprotectionbeauftragter@huberholding.com