updated August 1st 2016
1. Data protection
www.bomia.com is a product of
skyDSL Deutschland GmbH
Waldstr. 86 - 90
We, the skyDSL Deutschland GmbH, appreciate your visit to our website and your interest in our company, our products and services.
Your privacy and the security of your data are very important to us. That's why it is us also important that our corporate philosophy and our code of conduct in relation to the data protection provides protection of your data beyond the statutory standard.
During our contractual relationship, we collect and process your personal data. These informations are solely and exclusively used to enhance your shopping experience with Bo & Mia, in order to provide a better service customer service, and to fulfill our contractual obligations.
The following statements gives you an overwiew about the collected data, for how long and to which purposes. In addition, we will explain how we guarantee that your data is safe, and what rights you have regarding the treatment of your personal informations.
2. What is personal data?
Personal data is all the information that can be used to identify a person. This information may be collected directly or indirectly during your interactivity with a webpage. For example, by contacting a customer service over the phone, via chat or through a contact form when you place an order or subscribe to a newsletter.
3. Which personal data is collected?
3.1 Agreement Data
When you order our services or products, we need personal data, such as: your name, your address and contact informations (phone number and or email address). These are essential data to formalize a contract with us and or to contact you for purpose of customer service. It is also necessary for us to identify the place where we will provide our service and where we should ship the ordered goods.
Sometimes we need further informations such as your tax number or proof of your personal data. These data are only requested in cases which we we need to guarantee you own safety to ensure thats your data is not going to be used by strangers.
We also need your date of birth to make sure our contractors are of legal age. This is how we jointly protect the rights of underage people.
As any other service provider, we need your payment information, such as: for example, your bank account or credit card number. The use and treatment of your data is strictly monitored according to the current state of our legal regulations.
We receive only the data above mentioned, if you actively and voluntarily have given your consent to its use. If you do not grant this consent, your data is not stored.
3.2 Telephone data and Traffic data
Telephone data and traffic data are the information that results from your access to SAT. Traffic data is, for example, the time when you were connected to internet and or the amount of transmitted data. Your telephone information inclues, for example, the time and duration of a call and the phone number you called.
These data are only collected for technical and billing-related purposes. At no time will the contents of your communications or phone calls be analyzed. In addition, they are protected by the secrecy of communication.
3.3 Access data
Each time you access our website or chat, a record is stored in our servers. This data set consists of informations such as:
- the requested domain,
- the name of the accessed files,
- the date and time of the request,
- the amount of data transferred,
- the access status (file transfer, file not found, etc)
- a description of the used web brouser.
Furthermore, for technical reasons, the IP-address is temporarily stored. A user-related evaluation does not take place. However, the data records are evaluated by skyDSL Deutschland GmbH exclusively for statistical purposes, in order to get an overview of the frequency of access to individual segments of the offer.
4. For how long do we keep your data?
Your informations will be stored as long as necessary for the good performance of the services you requested, as well as the fullfilment of your contarct and the compliance of our legal obligations.
Once your data is no longer relevant for the purposes which it was collected, it will be deleted.
Please note that as a company, we are legally obliged to comply with minimum retention periods. Depending on which documents are concerned, there is a retentions requirement of 6 to 10 years.
If you have further questions regarding the the period we retain your information, you can contact our data protection officer, whose contact information can be found at the end of this document.
5. How do we protect your personal data?
All informations you provide us, regardless of time and contact channel you used to reach us, are protected. At SAT we work with strict technical and organizational measures to ensure the secutiry of your data, both online and offline.
Only employees with appropriate authority and need insight into some of your data to accomplish their task are allowed to access your information. Every interaction with the customer is recorded in our system to understand when which employee worked with your data.
The data that you convey to us as part of the registration process for a closed user group (e.g. for the use of our customer pages) or via e-mail is only used for the performance of our services agreed with you. Your data will not be passed on to third parties.
The data that you enter for our services during the registration or login is encrypted using an SSL standard. The encryption ensures that your data can not be read or altered by third parties during transmission.
Various physical, electronic and procedural security mechanisms are used to ensure the necessary security in the collection, storage and release of personal customer information. These security procedures mean that we may ask you to provide proof of your identity before we provide you with your personal information.
The bank or credit card information provided for the identification of the means of payment will be shortened for security reasons, such as the last five numbers of your credit card will be visible. However, logically, the whole number will be forwarded during the application process to the responsible billing institution.
We also use various security mechanisms. Both physical and electronic, as well as procedures to provide the security required to collect, store and share personal information of customers. Part of this security procedure is to request proof of your identity before we ask for further personal details.
6. In which cases your data will be used between SAT and third parties?
We work with other companies (third parties) that on our behalf, perform the tasks necessary to perform our services.
Some of these companies are courier companies, which send customer our parcels; payment service providers, for credit card or bank payment processes; or our installations partners, whom, upon request, install the equipment for you. Other operators are also instructed by us to provide telephone service (currently available only in France and Germany)
These companies only have access to the personal information needed to perform the tasks assigned to them.
In exceptional cases, for statistical or security reasons, SAT is required to submit data to appropriate government agencies.
To maximize the security of our relationship, SAT works with external credit reporting agencies and collection agencies to help us verify our customers' creditworthiness and reduce potential fraud.
6.1 Data transmission to SCHUFA
The skyDSL Deutschland GmbH sends in the context of this privacy statemen, personal data collected on the application, execution and termination of a business relationship and data on non-contractual behavior or fraudulent behavior to SCHUFA Holding AG, Kormoranweg 5, 65201 Wiesbaden.
The legal bases of these transfers are Article 6 (1) (b) and Article 6 (1) (f) of the General Data Protection Regulation (DS-BER). Transmissions on the basis of Article 6(1)(f) DS GMOs may only take place if this is necessary to safeguard the legitimate interests of skyDSL Deutschland GmbH or third parties and does not outweigh the interests or fundamental rights and freedoms of the data subject which require the protection of personal data. The data exchange with the SCHUFA also serves the fulfillment of legal obligations to carry out creditworthiness checks of customers (§ 505a and 506 of the Civil Code). SCHUFA processes the data received and also uses them for the purpose of profile building (scoring) in order to provide its contractual partners in the European Economic Area and in Switzerland and, if necessary, other third countries (if an adequacy decision of the European Commission exists for these) with information, inter alia, for assessing the creditworthiness of natural persons. Further information on SCHUFA's activities can be found at the SCHUFA information
in accordance with Art. 14 DS-GVO or viewed online at www.schufa.de/datenschutz.
7. Are personal data transferred abroad?
Our company is located in Germany and our services are provided within Europe.
If you are a customer located in another EU country or in Switzerland, some of the services mentioned in the previous sections may require you to submit your data to our business partners in the European country where they are located ,
This transmission is made in accordance with the conditions set out in this statement and in compliance with the strict security and confidentiality rules imposed on us by both the legislator and ourselves on the basis of our corporate philosophy.
8. These are your rights
You have the right to be informed at any time about the data stored concerning your person, its origin and recipient as well as the purpose of data processing. In addition, you have the right to rectification, deletion, opposition, limitation, transfer of your personal data and oblivion.
To exercise these rights, you may contact the Data Protection Officer as indicated below.
Of course, you have the right to confidentiality of communication and demands if your data is not handled properly.
9. On what law is based this ??
This data protection declaration is based on Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data, on the free movement of such data and repealing Directive 95/46/EC (Basic Data Protection Regulation).
10. How can you contact us?
Your trust is important to us. Therefore, we are always available to answer your questions regarding the processing of your personal data. If you have questions which this data protection declaration could not answer or if you would like more detailed information on any point, please contact us at any time at the following address
- The Data Protection Officer -
Waldstr. 86 - 90
skyDSL Deutschland GmbH, Stand: 25. May 2018