Dimema is a company of Digital Media Management GmbH, with offices at Zugerstrasse 74, 6340 Baar, (“Dimema” or "we"). Dimema offers via www.dressplay.com a pay-as-you-go club for clothing fetishists (the “Website”).
Dimema is committed to handling user data responsibly. This privacy statement ("Privacy Statement “or “Privacy Notice") informs you about how Dimema processes your personal data and how you can change, retrieve or have it deleted.
Who is responsible for processing personal data?
Dimema is a controller insofar as personal data are processed by Dimema, unless otherwise indicated below. For us, your privacy is of great importance. We, therefore, comply with the relevant laws and regulations on privacy, including the GDPR.
To what does this Privacy Statement apply?
This Privacy Statement applies to the processing of personal data in our services, including the use of the Website.
What (personal) data do we process?
When using the Website, data are processed that we have obtained because you use our services and/or because you have provided them yourself. In some cases, this data may also be personal data. Personal data may be part of a chosen username or email address you used to register, but it can also be personal data that you actively provide to us, for example in communication with us via email or via web forms on our Website.
We also collect certain information automatically when you use the Website or visit our Website. For example, your IP address, the date, and time you use our services, and information about the hardware and software of your computer or mobile device. If you follow us on social media, we may also gain access to some of your (profile) data. The same applies when you "like" certain messages from us. We may also follow or “like” social media channels ourselves and thus access data about you.
We can also collect (anonymized) information about click behavior and which pages are displayed.
For what purposes do we process personal data?
Dimema may process (personal) data for the following purposes:
- to execute an agreement: This includes, for example, providing our services or providing certain information requested by you and answering (helpdesk) questions. This may also include accounting purposes, such as payment processing, invoicing, auditing, payment card verification etc. We may also contact you by email from time to time for administrative or operational purposes, such as in the case of a service message;
- to keep you informed of our latest news and products and services: we may notify you of interesting news and similar products and services of Dimema. This may be through a recommendation in our Website, or through a newsletter, etc. We give you the opportunity to unsubscribe in every newsletter;
- to inform you about personalized offers: If you have given your consent, we can make personalized offers based on your interests and behavior. You can withdraw this consent at any time;
- for the improvement of our services: We may also use personal data for statistical or analytical purposes and to improve our services. Think of measuring visits to our website, or reach of certain posts via social media etc. We can use the IP-address to determine your country so we can offer certain language preferences. We can also use this data for testing and troubleshooting purposes, and to generate statistics about our services and reach. The main purpose is to understand how our services perform, how they are used, and ultimately to optimize, adapt and improve our services, making them easier and more meaningful to use. We aim to use anonymous or pseudonymous data as much as possible;
- to comply with legal obligations and fulfil our legitimate interests: (e.g. for debt collection, fraud screening, mandatory check of IP address ranges in connection with certain film rights, safety, security, and legal purposes, such as handling disputes and complying with applicable laws and regulations).
We base these processing operations on the basis that the processing of personal data is necessary for the performance of a contract, in particular to complete and manage your orders, subscriptions and payments etc.
In addition, we base our processing on legitimate (commercial) interests to (be able to) offer, analyze, improve our services, and prevent fraud. When personal data are used for these legitimate interests, we will always balance the rights and interests relating to the protection of your personal data against ours.
For any use of personal data for direct marketing based on the grounds of commercial interest or personalized offers , you can always object freely to his processing of data. This can be done in your account settings.
We base this processing on the basis of complying with legal obligations (such as legal enforcement requests).
Finally, we use your consent as the basis for processing personal data, for example, if we would process data for use in certain direct marketing messages or in case we would use sensitive personal data. Such consent can be freely withdrawn at any time. The withdrawal of consent does not affect the lawfulness of the processing of personal data prior to the withdrawal of consent.
Do we share your data with third parties?
Insofar as we share personal data with other parties, we have made agreements with parties, for example in the form of a processing agreement. Our agreements include the manner in which the data is shared and stipulate that these third parties are obliged to adequately protect the personal data.
For example, we may provide personal data to third parties because:
- we have engaged them to process certain data;
- this is necessary to perform the agreement with you;
- you have given permission for this;
- we have a legitimate interest in doing so;
- we are required to do so by law (e.g. if the police require this in case of suspected crime).
Parties that may process personal data are:
- possible cookie suppliers (see further information on cookies below);
- IT suppliers and service providers;
- Payment service providers.
We additionally disclose personal data to law enforcement agencies to the extent required by law or strictly necessary for the prevention, detection or prosecution of crimes and fraud, or if we are otherwise required to do so by law. It may be necessary to further disclose personal data to competent authorities to protect and safeguard our rights or property or the rights and properties of our business partners.
We also might process certain personal data that is voluntarily provided by you as part of our complaint policy. Our complaint policy allows for the reporting of content that may be illegal or otherwise violates the standards of our service provider. You can find more information on this complaint policy on our content report form.
Which party do we work with to process payments?
If you choose to make payments to us, you can use the services of the payment provider Virtual Access Internet BV. for processing payments. (www.vxs.com). If you use the services of Virtual Access Internet BV. , it may process (personal) data, such as your name, your bank account number, and the name of your bank. More information on the services of Virtual Access Internet BV. can be found at https://vxs.com/aup.php.
What cookies or corresponding techniques do we use?
The Website uses so-called cookies and similar techniques. We only use so-called “first party cookies”. That means that we do not use any third parties to place cookies like trackers etc.
Apart from the cookie consent form, you can opt out of cookies by setting your internet browser so that it no longer saves cookies. You can also delete all previously stored information via your browser settings. More information on how to achieve this can be found at the website of your browser of choice.
Transfer of personal data outside the European Economic Area
Your personal data may be transferred to a country outside Switzerland and the European Economic Area (EEA) that provides a lower level of protection for personal data than the legislation in the EEA. For example, a provider of online services located outside the EEA, or a party using servers located outside the EEA (e.g. in the United States of America) may be used. If such a situation arises and personal data is transferred to a country outside the EEA that provides less legal protection for personal data, we will provide appropriate safeguards to ensure that the transfer takes place in accordance with applicable privacy laws This means, for example, that we use a model agreement from the European Commission or make arrangements for handling personal data.
How do we secure personal data?
Dimema takes the protection of your data seriously and takes appropriate measures to counter abuse, loss, unauthorized access, unwanted disclosure, and unauthorized modification. If you have the impression that your data is not properly secured or there are indications of misuse, please contact us at email@example.com.
If we detect a data breach, we will report it to the Personal Data Authority. In addition, if necessary, we will contact the data subject(s) within the statutory time limits.
How long do we keep your data?
Dimema retains your personal data as long as necessary for the above processing purposes or to comply with its legal obligations. For example, if you have placed an order, we will retain the information until the order is completed and seven years thereafter. This is required for legal tax purposes. When your account is deleted upon your request, we will anonymize your email address. We will then keep the anonymized user entries and the activities (e.g. purchase) in our system for the legally required term.
Data you have entered on Website, we will keep for as long as we need to provide the requested service. And in accordance with our terms of service.
Amendments to the Privacy Statement
This Privacy Statement may be amended. If so, we will publish the amended statement on our Website, after which this Privacy Statement will be effective immediately. The latest update is listed at the bottom of this statement.
What about your rights regarding your personal data?
You have a number of rights to keep control over your personal data, generally speaking you have the following rights:
- ask whether or not personal data relating to you is being processed and, if so, to access it;
- request rectification and/or deletion of this data;
- object to processing or to request restriction of processing;
- withdraw consent to processing if the processing is based on consent;
- receive or have your data transferred in the context of so-called data portability.
Should you wish to make such a request, you can always contact us at firstname.lastname@example.org.
Questions or complaints
If you have a question about how we handle personal data, you can contact us by sending an e-mail to email@example.com.
Under the GDPR, you also have the right to lodge a complaint with the Personal Data Authority (AP) in your country about how we handle your personal data. More information can be found on the website of your local Personal Data Authority.
With questions or complaints regarding the use of your personal data, you can send an email to firstname.lastname@example.org or write to us at the following address:
Digital Media Management GmbH