Your items are reserved for 02:37 minutes!

Your cart is currently empty.

Sale up to 50% off |Free shipping on all orders

Trusted by 20,000+ happy customers |Shipping across the U.S.

Buy 2 or more products – get 25% off automatically!

Privacy Policy

Privacy Policy

INFORMATION ON THE COLLECTION OF PERSONAL DATA AND CONTROLLER CONTACT DETAILS

Thank you for visiting our website and for your interest. Below we inform you about how we handle your personal data when you use our website. “Personal data” means any information that can be used to identify you personally.

The data controller for this website within the meaning of the General Data Protection Regulation (GDPR) is Rosa New York. The controller is the natural or legal person who, alone or jointly with others, determines the purposes and means of processing personal data.

For security reasons and to protect the transmission of personal data and other confidential content (e.g., orders or inquiries sent to the controller), this website uses SSL or TLS encryption. You can recognize an encrypted connection by the “https://” prefix and the lock icon in your browser’s address bar.

DATA COLLECTION WHEN VISITING OUR WEBSITE

If you use our website for informational purposes only—i.e., you do not register or otherwise transmit information to us—we collect only the data that your browser transmits to our server (so-called server logs). When you visit our website, we record the following technically necessary information to properly display the site:

the page visited on our website
date and time of access
amount of data transferred in bytes
the source/referrer from which you arrived at the page
the browser used
the operating system used
the IP address used (possibly in anonymized form)

Processing is carried out pursuant to Art. 6(1)(f) GDPR based on our legitimate interest in ensuring the stability and functionality of the website.

This information is not passed on to third parties nor used in any other way. However, we reserve the right to check the server logs retrospectively if there are specific indications of unlawful use.

3) COOKIES

To make your visit to our website more pleasant and to enable the use of certain functions, we use cookies on various pages. Cookies are small text files that are stored on your device.

Some cookies are deleted after you end your browser session, i.e., when you close your browser (session cookies). Other cookies remain on your device and allow us or our partner companies (third-party cookies) to recognize your browser on your next visit (persistent cookies). These cookies may collect and process certain user information such as browser data, location data, or IP address. Persistent cookies are automatically deleted after a specified period, which may vary by cookie.

In some cases, cookies help save settings—for example, to facilitate the purchasing process (e.g., storing the contents of your cart for a later visit). Where personal data is processed via cookies, this is done pursuant to Art. 6(1)(b) GDPR for the performance of a contract, or pursuant to Art. 6(1)(f) GDPR based on our legitimate interest in ensuring optimal website functionality and a user-friendly experience.

We may also work with advertising partners to offer you more interesting online content. In this case, cookies from partner companies (third-party cookies) may be stored on your device during your visit. If so, we will inform you separately and transparently about the use of such cookies and the scope of data processing.

Note: You can set your internet browser to inform you about the setting of cookies and allow cookies only in individual cases, to accept cookies for certain cases, or to generally disable them. Each browser manages cookie settings differently. Help can be found at the links below:

Internet Explorer: https://support.microsoft.com/help/17442/windows-internet-explorer-delete-manage-cookies
Firefox: https://support.mozilla.org/kb/cookies-information-websites-store-on-your-computer
Chrome: https://support.google.com/chrome/answer/95647
Safari: https://support.apple.com/guide/safari/manage-cookies-and-website-data-sfri11471
Opera: https://help.opera.com/en/latest/web-preferences/#cookies

Please note: refusing cookies may limit the functionality of our website.

4) CONTACTING US

Personal data is collected when you contact us (e.g., via contact form or email). The specific data collected is evident from the respective form fields.

We use this data solely to respond to your inquiry and for the related technical administration. The legal basis for processing is our legitimate interest in handling your request pursuant to Art. 6(1)(f) GDPR. If your contact is aimed at concluding a contract, the additional legal basis is Art. 6(1)(b) GDPR.

Your data will be deleted once your inquiry has been fully processed, provided there are no statutory retention obligations or it is not apparent from the circumstances that the matter has not yet been conclusively resolved.

5) DATA PROCESSING WHEN OPENING A CUSTOMER ACCOUNT AND FOR CONTRACT PERFORMANCE

Pursuant to Art. 6(1)(b) GDPR, personal data will continue to be collected and processed if you provide it to us for the purpose of concluding or performing a contract or when opening a customer account. The data collected is apparent from the respective input forms.

You may cancel your customer account at any time by sending a message to the contact details above. We store and use the data you provide solely for contract performance. After complete performance of the contract or deletion of the customer account, your data will be blocked with regard to tax and commercial retention periods and deleted after these periods have expired, unless you have expressly consented to further use of your data or we are legally entitled to further use.

USE OF YOUR DATA FOR DIRECT MARKETING

Newsletter Subscription

If you subscribe to our email newsletter, we will regularly send you information about our offers. The only required information is your email address. Any additional data is voluntary and used to address you personally.

We use the double opt-in process—your subscription is only activated after you explicitly confirm that you agree to receive the newsletter. For this purpose, you will receive a confirmation email containing a link to confirm your subscription.

By confirming, you consent to the processing of your data pursuant to Art. 6(1)(a) GDPR. We store your IP address and the date and time of subscription to verify potential misuse. We use your data exclusively to send the newsletter. You may unsubscribe at any time via the link in any newsletter or by contacting the controller mentioned above.

After you unsubscribe, your email address is immediately removed from the mailing list unless you have expressly consented to further use or there are other legal grounds.

Newsletter to Existing Customers

If you provided your email address when purchasing goods or services, we reserve the right to email you information about similar products from our range. We do not need separate consent for this. Sending is based on our legitimate interest pursuant to Art. 6(1)(f) GDPR.

If you originally objected, you will not receive such emails. You may object at any time with effect for the future—simply contact the controller. Upon receipt of your objection, your email address will no longer be used for advertising purposes.

DATA PROCESSING FOR ORDER FULFILLMENT

We transfer personal data we collect from you to the shipping company commissioned with delivery to the extent necessary to fulfill the contract. We transfer payment data to the respective bank or payment service provider as necessary for payment processing.

Use of Payment Service Providers

PayPal
When paying via PayPal (including credit card, direct debit, invoice, or installment), your payment data is transmitted to PayPal (Europe) S.à r.l. et Cie, S.C.A., 22–24 Boulevard Royal, L-2449 Luxembourg, pursuant to Art. 6(1)(b) GDPR.

PayPal may perform a credit check based on its legitimate interest under Art. 6(1)(f) GDPR and may transmit payment data to credit agencies for this purpose. Credit reports may contain score values calculated using recognized statistical methods, which may include address data.

Details can be found in PayPal’s Privacy Policy: https://www.paypal.com/webapps/mpp/ua/privacy-full

You may object to this processing at any time. PayPal may, however, remain entitled to process your data if necessary for contractual payment processing.

SOFORT (Klarna Group)
If you choose SOFORT, processing is carried out by SOFORT GmbH, Theresienhöhe 12, 80339 Munich, Germany (part of Klarna Bank AB, Sveavägen 46, 111 34 Stockholm, Sweden). Your data is transferred solely for payment processing pursuant to Art. 6(1)(b) GDPR. More information: https://www.klarna.com/sofort/privacy-policy/

Note: Additional customs duties and/or import taxes are not included in the price and are the customer’s responsibility.

REVIEW REQUESTS

We may use your email address once to remind you to leave a review of your order if you expressly consented during or after ordering (Art. 6(1)(a) GDPR). You may withdraw your consent at any time by notifying the controller.

USE OF SOCIAL MEDIA: SOCIAL PLUG-INS

9.1 Facebook Plug-ins with the Shariff Solution

Our website uses social plug-ins (“plug-ins”) of the Facebook network operated by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA (“Facebook”).

To increase data protection, these buttons are integrated only as HTML links, not as fully enabled plug-ins. This ensures no automatic connection to Facebook servers when a page is loaded. Only when you click a button will a new browser window open to the Facebook page where you can interact with the plug-in (after logging in if necessary).

Facebook Inc. is certified under the EU-U.S. Privacy Shield, ensuring an adequate level of data protection.

For information on the purpose and scope of data collection and processing by Facebook, as well as your rights and settings options to protect your privacy, see Facebook’s Privacy Policy: https://www.facebook.com/policy.php

9.2 Google+ Plug-ins with the Shariff Solution

Our website uses plug-ins of the Google+ network operated by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”), integrated as HTML links to enhance privacy (no automatic connection until clicked).

Google LLC is certified under the EU-U.S. Privacy Shield.

For details on data processing and your rights, see Google’s Privacy Policy: https://policies.google.com/privacy

9.3 Instagram Plug-ins with the Shariff Solution

Our website uses plug-ins of the Instagram service operated by Instagram LLC, 1601 Willow Rd, Menlo Park, CA 94025, USA (“Instagram”), integrated as HTML links to enhance privacy.

Instagram LLC is certified under the EU-U.S. Privacy Shield.

For more information, see Instagram’s Privacy Policy: https://help.instagram.com/155833707900388/

10.1 DoubleClick by Google

This website uses the online marketing tool DoubleClick by Google (Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA).

DoubleClick uses cookies to display ads relevant to users, compile reports on campaign performance, and avoid repeatedly showing the same ads. Google uses a cookie ID to track which ads are shown in which browser. Processing is based on our legitimate interest in optimally marketing our website pursuant to Art. 6(1)(f) GDPR.

Your browser automatically establishes a connection to Google’s server. We have no influence over the scope and further use of data collected by Google. If you are registered with Google, your visit may be assigned to your account; even if you are not registered or logged in, Google may still obtain and store your IP address.

If you do not wish to participate in tracking, you can disable conversion cookies by blocking cookies from the domain googleadservices.com: https://www.google.com/settings/ads
You can also manage preferences via the Digital Advertising Alliance: www.aboutads.info

Rejecting cookies may limit our website’s functionality.

Google LLC is certified under the EU-U.S. Privacy Shield. More information: https://policies.google.com/privacy

10.2 Google Ads Conversion Tracking

We use Google Ads and, within this, conversion tracking by Google LLC.

A conversion cookie is set when a user clicks a Google ad. These cookies usually expire after 30 days and are not used for personal identification. Clients receive aggregate statistics only.

If you do not want to be tracked, you can block conversion cookies (e.g., by blocking cookies from googleadservices.com or via https://www.google.com/settings/ads). Settings may be cleared if you delete cookies. You can also manage preferences via www.aboutads.info.

11) WEB ANALYTICS SERVICES – GOOGLE (UNIVERSAL) ANALYTICS

This website uses Google Analytics (Google LLC). Google Analytics uses cookies. The information generated (including a truncated IP address) is usually transmitted to a Google server in the USA and stored there.

We use Google Analytics with the “_anonymizeIp()” extension to ensure IP anonymization. Processing is based on Art. 6(1)(f) GDPR—our legitimate interest in statistical analysis for optimization and marketing.

You can prevent cookies via your browser settings, but some features may be limited. You can also prevent data collection and processing by Google by installing the browser add-on: https://tools.google.com/dlpage/gaoptout

As an alternative—especially on mobile—set an opt-out cookie to prevent future collection in this browser/domain (note: clearing cookies requires resetting the opt-out).

Google LLC is certified under the EU-U.S. Privacy Shield.

We also use Google Analytics cross-device analysis via a user ID. A unique, persistent, anonymous ID is assigned on first access to group interactions across devices and sessions. You can object at any time; you must disable Google Analytics on all devices you use.

12) RETARGETING / REMARKETING / REFERRAL ADVERTISING

Facebook Custom Audiences via Pixel
With your explicit consent, we use the Facebook Pixel (Facebook Inc.) to track user behavior after they view or click a Facebook ad. This helps evaluate ad effectiveness for statistical and market research purposes and optimize future advertising. Data is anonymous to us but processed by Facebook and may be linked to your profile per Facebook’s data policy (facebook.com/about/privacy/). Cookies may be stored for this purpose. Consent is required (Art. 6(1)(a) GDPR) and only for users over 13.

To disable third-party cookies (e.g., Facebook), visit: Digital Advertising Alliance – www.aboutads.info/choices/

Google Ads Remarketing
We use Google Ads Remarketing (Google LLC) to advertise this website in Google search results and on third-party sites. Google sets a cookie that enables interest-based advertising via a pseudonymous cookie ID. Processing is based on Art. 6(1)(f) GDPR (optimal marketing).

Further processing occurs only if you have consented to Google linking your web/app browsing history with your Google account and using account information for ad personalization, including cross-device remarketing. You can permanently disable ad cookies by installing the browser plug-in: https://www.google.com/settings/ads/onweb/
Or manage settings via www.aboutads.info.

Google LLC is certified under the EU-U.S. Privacy Shield. More info on Google advertising privacy: https://policies.google.com/technologies/ads

DATA SUBJECT RIGHTS

13.1 Under applicable data protection law, you have comprehensive rights regarding the processing of your personal data:

Right of access – Art. 15 GDPR
Right to rectification – Art. 16 GDPR
Right to erasure – Art. 17 GDPR
Right to restriction of processing – Art. 18 GDPR
Right to notification – Art. 19 GDPR
Right to data portability – Art. 20 GDPR
Right to withdraw consent – Art. 7(3) GDPR
Right to lodge a complaint – Art. 77 GDPR

13.2 RIGHT TO OBJECT

IF WE PROCESS YOUR PERSONAL DATA BASED ON OUR LEGITIMATE INTERESTS, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION, WITH EFFECT FOR THE FUTURE.

If you exercise your right to object, we will stop processing the relevant data. Further processing is reserved only if we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms, or if processing serves the establishment, exercise, or defense of legal claims.

IF WE PROCESS YOUR PERSONAL DATA FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME.
If you object, we will no longer process your personal data for direct marketing.

14) DATA RETENTION

The period for which personal data is stored is determined by the applicable statutory retention periods (e.g., commercial and tax law). After the period has expired, the corresponding data will be routinely deleted, provided it is no longer necessary for contract performance or contract initiation and/or we no longer have a legitimate interest in further retention.