Privacy Policy

1.Information on the Collection of Personal Data

1.1 Personal Data
We inform you about how we process personal data when using our website. Personal data includes information that can be connected to you personally, such as your name, address, email addresses, and user behavior. We want to explain our processing procedures and comply with legal obligations, especially those outlined in the EU General Data Protection Regulation (GDPR).

1.2 Data Controller
The entity responsible for processing personal data, as defined in Article 4 (7) GDPR, is Jewelry Buddha.

2.Processing of Personal Data When Visiting Our Website

When you visit our website for informational purposes (without registering or providing additional information), we process personal data transmitted by your browser to our server. The data is necessary for displaying our website, ensuring stability, and security. The legal basis is Art. 6 (1) f GDPR and includes:

(A) IP address
(B) Date and time of the request
(C) Content of the request (visited page)
(D) Amount of data transmitted
(E) Browser 

3.Further Functions and Offers of Our Website

3.1 Overview of Various Offers
Beyond informational use, our website offers services like account registration, purchasing goods, and additional functions to facilitate sales and analyze/marketing offers (explained in Sections 4 and 5). These may require further personal data or involve processing data for specific services.

3.2 Use of External Service Providers
We may use external service providers (e.g., payment service providers, shipping companies), selected and monitored by us, to process your data.

3.3 Further Third-Party Involvement
Your data may be shared with third parties for promotions, competitions, or contract conclusion. Details will be provided during data input or in offer descriptions.

3.4 Third Parties Outside the EEA
If service providers or partners operate outside the EEA, consequences will be detailed in the offer description.

4.Processing of Personal Data When Contacting or Registering with Us

When you contact us or register a customer account, we collect data you provide, such as:

(A) Name, title, or user name
(B) Login data (email, password)
(C) Contact details (address, phone, email)
(D) Additional information you share about yourself and interests

5.Processing of Personal Data When Making a Purchase

5.1 Shopping Information
Shopping data collected during online purchases may include:

(A) Purchased item details
(B) Order number
(C) Delivery and billing addresses
(D) Delivery and payment status
(E) Communication related to purchases
(F) Return status
(G) Information on service providers involved

5.2 Payment Details
Payment methods involve collecting details like billing addresses, preferred payment method, IBAN, BIC, account/credit card details.

5.3 Transfer of Data on Outstanding Debts to Collection Service Providers
Outstanding debts may lead to data transfer for debt collection purposes, following legal bases in Article 6 (1) b/f GDPR. 

6.Cookies

6.1 General information about cookies
Cookies, tags, web pixels and similar technologies can be used to collect information automatically. The types include strictly necessary cookies, functional cookies, performance/analytical cookies and advertising/targeting cookies.

6.2 Cookies
A cookie is a file that a website or vendor transfers to your device's hard drive that allows the system to recognize it.

6.3 Your Choices
Cookies can be managed by your browser settings and you can disable certain types of cookies, but this may affect functionality.

6.4 Network Pixels
Conversion pixels and network pixels are used for activity and usage analysis.

6.5 Analytics
Third party services such as Google Analytics monitor and analyze website traffic.

6.6 Behavioral Remarketing
Remarketing services display personalized ads based on your actions on our website.

6.7 Other tracking technologies
Tracking technologies such as Java script, entity tags and HTML5 local storage can be used for a variety of purposes.

6.8 Refusal to Track
Our website does not currently process or respond to Do Not Track signals.

6.9 Location Information
Device settings can prevent the sending of location information.

7.Transmission of data to third parties

7.1 Transmission only permitted by law
Data transmission is based on German or European law, in particular service providers, group companies, technical service providers, payment service providers, credit institutions, transportation companies, authorities or third parties as permitted by law.

7.2 Payment Service Providers and Credit Institutions
We offer different payment methods such as prepayment, credit card payment, PayPal payment and invoice payment. For this purpose, payment data may be transferred to payment service providers with whom we work.

7.3 Freight forwarders
(A) We work with external transportation companies to deliver orders. These freight forwarders receive the following data to fulfill the relevant orders:
(B) your name
(C) your shipping address
(D) your postal code (if applicable)
(E) your e-mail address (if applicable) (if the shipping company wishes to notify you of a provisional delivery date by e-mail).

7.4 Authorities and other third parties
If we are required to do so by an official or court decision, or for the purposes of prosecution, we will forward your data to the prosecuting authorities or other third parties where necessary.

8.Retention and deletion of data

We will save your personal data for as long as necessary for the purposes set out in this privacy statement, in particular for the fulfillment of contractual and legal obligations. We will also save your personal data for other purposes, including the defense of legal claims, if we are legally allowed to do so for a specific purpose.

If you close your customer account, we will delete all data we have stored about you. If the complete deletion of your data is not possible or necessary for legal reasons, further processing of the relevant data will be blocked. If the data is blocked, we will take technical and organizational measures to ensure that only a limited number of employees have access to the relevant data as required and only for specific purposes (e.g. tax audits). Data blocking occurs, for example, in the following cases:

(A) Your order and payment details as well as other details are usually subject to various legal retention obligations, such as those in Handelsgesetzbuch (HGB - Commercial Code) and Abgabenordnung (AO - Tax Code). We are legally obliged to retain these data for ten years for the purposes of tax audits and financial audits. Only then can we finally delete the relevant data.

(B) Even if your data are not subject to any legal retention obligation, we may, where permitted by law, not delete them immediately but carry out a preliminary blocking. This applies in particular in cases where we may need the relevant data for further contractual processing or for prosecution or legal defense (e.g. in the case of a complaint). The decisive criterion for the duration of the blocking is the statutory limitation period. After the end of the relevant statute of limitations period, the data in question will be definitively deleted.

Where permitted by law, deletion may be waived if the data are anonymized or pseudonymized and if deletion would exclude or seriously hamper processing for scientific research or statistical purposes.

9.How is my personal data protected?

We use technical and organizational measures to ensure system security. For your orders and customer logins, we use SSL encryption (Secure Socket Layer) for the secure transmission of your personal data. 

10.Your rights

10.1 Your rights against us as data controller
You have the following rights against us as the data controller with respect to personal data relating to you:

(A) The right to information
(B) the right to rectification or deletion
(C) the right to restrict processing
(D) Right to object to processing
(E) Right to data portability
(F) Right to withdraw consent (where consent is the basis for data processing)

10.2 Information requests
To ensure that your data will not be disclosed to third parties when requesting information, please include sufficient proof of identity with your request.

10.3 Withdrawal of consent
If you consent to the processing of your data, you can withdraw your consent at any time. Withdrawal of consent affects the authority to process your personal data after you have given us your consent. Until you withdraw your consent, your data processing rights are not affected.

10.4 Processing objections based on balancing of interests
(A) You may object to the processing of your personal data if we process it on the basis of a balance of interests. In this case, if the processing is not necessary, in particular for the fulfillment of a contract with you, we will explain this in each case in the functional description below. In the event of an objection, we will ask you to explain why we should not process your personal data in the way we do. If you object, we will review the situation and either stop or adjust the data processing or show you compelling legitimate reasons for us to continue processing the data.
(B) Of course, you can object to the processing of your personal data for advertising and data analysis purposes at any time. The best way to exercise an objection for advertising purposes is to contact us using the contact details above.

You also have the right to complain to a data protection supervisory authority about our processing of your personal data. The competence of the supervisory authority depends on the location of the data controller. However, you may contact any data protection authority in any member state of the European Union, in particular your place of residence, which will forward your complaint to the competent authority. 

11.Changes to this privacy policy

Further improvements to our website or changes in legal and regulatory requirements may require changes to this privacy statement. We therefore recommend that you re-read this privacy statement at any time, as appropriate.

12.Data Protection Officer

You can contact our Data Protection Officer at info@jewelrybuddha.com and add "Data Protection Officer".