We take the protection of your personal data seriously and process it in accordance with the EU General Data Protection Regulation (GDPR) and the Austrian Data Protection Act.
1. Controller
Care Cute Aesthetic GmbH
Dominikanerbastei 21 / Top 17
1010 Vienna, Austria
Email: info@kbeauty-shop.com · Phone: +43 (0)800 400098
VAT ID (UID): ATU78190958
2. What data we process and why
- Order data (name, address, email, phone, order details): to process and fulfil your orders and for invoicing. Legal basis: Art. 6(1)(b) GDPR (performance of a contract).
- Payment data: processed by our payment providers; we do not store full card details. Legal basis: Art. 6(1)(b) GDPR.
- Shipping data: shared with our logistics partners solely to deliver your order. Legal basis: Art. 6(1)(b) GDPR.
- Account data (if you register): to manage your customer account. Legal basis: Art. 6(1)(b) GDPR.
- Newsletter (email): only with your consent, sent via our email service provider. Legal basis: Art. 6(1)(a) GDPR. You may unsubscribe at any time.
- Cookies & analytics: see our Cookie Policy. Non-essential cookies are only set with your consent. Legal basis: Art. 6(1)(a) GDPR.
- Consent records: when you give consent (cookies, AI assistant), we store the consent, timestamp and IP address as proof of consent. Legal basis: Art. 6(1)(c) and Art. 7 GDPR.
- AI skincare assistant: if you choose to use it, your messages are processed to generate a response. We ask for your consent before use and record it.
3. Recipients
We share data only with processors who help us run the shop (hosting, payment, shipping, email), bound by data-processing agreements, and only as far as necessary.
4. Retention
We keep order and invoice data for the statutory retention periods (in Austria generally 7 years). Other data is deleted when it is no longer needed.
5. Your rights
You have the right to access, rectification, erasure, restriction, data portability and objection, and the right to withdraw consent at any time. To exercise these rights, contact info@kbeauty-shop.com. You also have the right to lodge a complaint with the Austrian Data Protection Authority (Datenschutzbehörde).