PRIVACY POLICY
Zach fine jewelry Handels Gesellschaft mbH (hereinafter "Zach fine jewelry", information about Zach fine jewelry can be found here: www.zachfinejewelry.com ) is pleased that you are visiting our website. Data protection and data security when using our website are very important to us. We would therefore like to inform you at this point which of your personal data we collect when you visit our website and for what purposes it is used.
Since changes in the law or changes to our internal company processes may make it necessary to adapt this data protection declaration, we ask you to read this data protection declaration regularly. The data protection declaration can be called up, saved and printed out at any time under data protection declaration.
§ 1 responsible person and scope
The person responsible within the meaning of the EU General Data Protection Regulation (hereinafter: GDPR) and other national data protection laws of the member states as well as other data protection regulations is:
Zach fine jewelry Handels Gesellschaft mbH
Neuer Markt 9, 1010 Vienna
Tel +43 1 5120 088
Fax +43 1 5120 088
Email: zach@diamonds14.at
This data protection declaration applies to the website of Zach fine jewelry, which can be accessed under the domain www.zachfinejewelry.com and the various subdomains (hereinafter referred to as "our website").
A request for information, deletion, etc. can be submitted at any time to the above address (s) by email or post.
§ 2 principles of data processing
Personal data is all information that relates to an identified or identifiable natural person. This includes, for example, information such as your name, your age, your address, your telephone number, your date of birth, your e-mail address, your IP address or user behavior. Information in which we cannot (or only with a disproportionate effort) relate to you personally, e.g. by anonymizing the information, is not considered personal data. The processing of personal data (e.g. the collection, querying, use, storage or transmission) always requires a legal basis or your consent. Processed personal data will be deleted as soon as the purpose of the processing has been achieved and there are no longer any statutory retention requirements.
If we process your personal data for the provision of certain offers, we will inform you below about the specific processes, the scope and purpose of the data processing, the legal basis for the processing and the respective storage period.
§ 3 Individual processing operations
1. Provision and use of the website
a. Type and scope of data processing
When you visit and use our website, we collect the personal data that your browser automatically transmits to our server. This information is temporarily stored in a so-called log file. When you use our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure stability and security:
IP address of the requesting computer
Date and time of access
Name and URL of the file accessed
Website from which access is made (referrer URL)
Browser used and possibly the operating system of your computer, as well as the name of your access provider
b. Legal basis
Article 6 (1) lit.f GDPR serves as the legal basis for the data processing mentioned. The processing of the data mentioned is necessary for the provision of a website and thus serves to safeguard a legitimate interest of our company.
c. Storage period
As soon as the specified data is no longer required to display the website, it will be deleted. The collection of the data for the provision of the website and the storage of the data in log files is essential for the operation of the website. There is consequently no possibility of objection on the part of the user. Further storage can take place in individual cases if this is required by law.
2. Registration / user account
a. Type and scope of data processing
On our website we offer you the opportunity to register by providing personal data in order to be able to use our web shop.
With the processed data, we create an individualized user account for you, with which you can use certain content and services, in particular our web shop on our website.
We process your e-mail address so that we can send you new access data if you should forget it.
The following overview shows you in detail which personal data we process from you when you register:
Surname
E-mail address
address
Date of birth
IP address
company
Phone number
b. Legal basis
The processing of the personal data presented (cf. § 4 2. a.) Serves the fulfillment of a contract between you and Zach fine jewelry or the implementation of pre-contractual measures in accordance with Art. 6 Para. 1 lit. b GDPR.
c. Storage period
As soon as the processed data is no longer required for the execution of the contract, it is normally deleted. However, even after the contract has been concluded, it may be necessary to save your personal data in order to meet contractual or legal obligations. Further storage can take place in individual cases, for example, if this is required by law. If you do not withdraw your consent, your data can also be stored in order to contact you for various other purposes, such as inquiries about the product, submission of offers, marketing measures.
d. Cancellation of registration
As a user, you can cancel your registration at any time. You can have the data stored about you changed at any time. To do this, proceed as follows: Send us an email with your change request to: zach@diamonds14.at .
However, if the processed data is required to fulfill a contract or to carry out pre-contractual measures, premature deletion of the data is only possible if this does not conflict with contractual or legal obligations.
3. Purchase of goods
a. Type and scope of data processing
On our website we offer users the opportunity to purchase goods by providing personal data. The data required for this is entered in an input mask and transmitted to us and stored. A transfer of data to third parties does not take place. The following data is collected during the ordering process:
Surname
address
Date of birth
E-mail address
company
Phone number
Your data will be passed on to the shipping company commissioned with the delivery, insofar as this is necessary for the delivery of the goods. In order to process payments, we pass on your payment data to the bank commissioned with the payment or the respective payment partner. These companies may only use your data for order processing and not for other purposes.
If you purchase goods on our website and enter your e-mail address, we can use this to send you a newsletter regarding our own similar goods or services, for marketing purposes and to contact you for other issues and queries.
b. Legal basis
When processing your personal data (cf. § 4 3. a.), Which are necessary for the fulfillment of a sales contract concluded with us, Article 6 (1) lit. b GDPR serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.
The legal basis for sending the newsletter as a result of the purchase of goods is Article 6 (1) (f) GDPR
c. Storage period
Once the contract has been processed in full and the purchase price has been paid in full, your data will be blocked for further use and deleted after the tax and commercial retention periods have expired, unless you have expressly consented to further use of your data. Further storage can take place in individual cases if this is required by law.
4. Newsletter and contact
a. Type and scope of data processing
You can subscribe to a free newsletter on our website. In order to be able to send you the newsletter regularly, we need the following information from you:
Surname
E-mail address
address
Phone number
Your request
Your data will not be passed on to third parties in connection with sending the newsletter. Name and email address are mandatory, some of the other required data are partially voluntary or do not need to have any content or information. For all data and text parts that you specify, you agree that Zach fine Jewelry may use and save them for the conditions set out in the terms and conditions.
We use the so-called double opt-in procedure for sending the newsletter, which means that we will only send you the newsletter if you have previously confirmed your registration via the link contained in a confirmation email sent to you for this purpose. We want to ensure that only you can register for the newsletter as the owner of the specified email address. Your confirmation must be made promptly after receiving the confirmation email, otherwise your newsletter registration will be automatically deleted from our database.
b. Legal basis for sending newsletters
The processing of your email address by Zach fine jewelry for sending the newsletter is based on the following declaration of consent voluntarily given by you in accordance with Art. 6 Para. 1 lit. a GDPR:
Declaration of consent:
By entering my data and clicking the “Send message” button, I declare my consent to the processing of my email address, my name and my address for regular newsletter dispatch. I can unsubscribe from the newsletter service at any time by sending an email to zach@diamonds14.at with the subject "Unsubscribe".
I can revoke my consent to the collection of the personal data collected during the registration process at any time at zach@diamonds14.at or by post to Zach fine jewelry Handels Gesellschaft mbH, Neuer Markt 9, 1010 Vienna.
If you have not given your consent to the newsletter and you have provided your email address to Zach fine jewelry, the processing is based on Article 6 (1) (f) GDPR (legitimate interest). In this case, you can object to the sending of the newsletter at any time (see § 10).
a. Legal basis for establishing contact / customer file
The processing of your email address by Zach fine jewelry for sending the newsletter is based on the following declaration of consent voluntarily given by you in accordance with Art. 6 Para. 1 lit. a GDPR:
Declaration of consent:
By entering my data and clicking the "Send message" button, I give my consent to the processing of my email address, name, address, telephone number and the reason for my request for personal contact and storage in the customer file by Zach fine jewelry.
I can revoke my consent to the collection of the personal data collected during the registration process at any time at zach@diamonds14.at or by post to Zach fine jewelry Handels Gesellschaft mbH, Neuer Markt 9, 1010 Vienna.
b. Storage period
Your e-mail address, first and last name, postal address, telephone number and the reason for your request will be stored for as long as you have subscribed to the newsletter and / or want your data in the customer file. After you have unsubscribed from the newsletter, your email will only be used for personal contact. If you revoke the processing of your personal data in the customer profile, all personal data will be deleted.
Further storage can take place in individual cases if this is required by law.
5. Contact form
a. Type and scope of data processing
On our website we offer you to contact us using a form provided. As part of the process of sending your request via the contact form, reference is made to this data protection declaration to obtain your consent. If you use the contact form, the following personal data will be processed about you:
E-mail address
Salutation
Surname
Phone number
address
The purpose of entering your email address is to assign your request and to be able to respond to you. When using the contact form, your personal data will not be passed on to third parties.
b. Legal basis
The data processing described above (cf. § 4 5. a.) For the purpose of establishing contact takes place in accordance with Art. 6 Paragraph 1 lit. a GDPR on the declaration of consent you voluntarily submit below:
Declaration of consent:
By entering my data and clicking the “Submit” button, I declare my consent to the processing of my email address, my name, my telephone number and my address in order to answer my contact request.
I can revoke my consent to the collection of personal data collected while using the contact form at any time at zach@diamonds14.at or by post to Zach fine jewelry Handels Gesellschaft mbH, Neuer Markt 9, 1010 Vienna.
c. Storage period
As soon as the request you have made has been dealt with and the relevant issue has been finally clarified, the personal data processed via the contact form will be deleted from you. Further storage can take place in individual cases if this is required by law.
§ 4 transfer of data
We will only pass on your personal data to third parties if:
You have given your express consent to this in accordance with Article 6 (1) (a) GDPR
this is legally permissible and required according to Art. 6 Paragraph 1 lit. b GDPR to fulfill a contractual relationship with you
According to Art. 6 Para. 1 lit. c GDPR there is a legal obligation for the transfer
The transfer according to Art. 6 Para. 1 lit.f GDPR is necessary to safeguard legitimate company interests, as well as to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding legitimate interest in not disclosing your data.
§ 5 use of cookies
a. Type and scope of data processing
We use cookies on our website. Cookies are small files that are sent by us to the browser of your terminal device and stored there when you visit our website. Some functions of our website cannot be offered without the use of technically necessary cookies. Other cookies, however, enable us to carry out various analyzes. Cookies are able, for example, to recognize the browser you are using when you visit our website again and to transmit various information to us. With the help of cookies we can, among other things, make our website more user-friendly and effective for you, for example by tracking your use of our website and determining your preferred settings (e.g. country and language settings). If third parties process information via cookies, they collect the information directly via your browser. Cookies do not cause any damage to your device. They cannot run programs or contain viruses.
Various types of cookies are used on our website, the type and function of which are explained in more detail below.
Transient cookies are used on our website, which are automatically deleted as soon as you close your browser. This type of cookie enables your session ID to be recorded. This means that various requests from your browser can be assigned to a common session and it is possible for us to recognize your device when you visit our website later.
With the help of these cookies it is possible for us to carry out an analysis of the website usage and to improve the performance and functionality of our website. For example, information is recorded on how our website is used by visitors, which pages are accessed most frequently, or whether error messages are displayed on certain pages
b. Legal basis
Due to the purposes of use described (cf. § 6. a.), The legal basis for the processing of personal data using cookies lies in Art. 6 Paragraph 1 lit.f GDPR. If you have given us your consent to the use of cookies on the basis of a notice given by us on the website (“cookie banner”), the legality of their use is also based on Article 6 (1) (a) GDPR.
c. Storage period
As soon as the data transmitted to us via the cookies is no longer required to achieve the purposes described above, this information will be deleted. Further storage can take place in individual cases if this is required by law.
d. Configuration of the browser settings
Most browsers are preset to accept cookies as standard. However, you can configure your browser so that it only accepts certain cookies or no cookies at all. However, we would like to point out that you may no longer be able to use all functions of our website if cookies are deactivated on our website by your browser settings. You can also delete cookies that have already been saved in your browser via your browser settings. It is also possible to set your browser so that it notifies you before cookies are saved. Since the various browsers can differ in their respective functions, we ask you to use the respective help menu of your browser for the configuration options.
If you want a comprehensive overview of all third-party access to your Internet browser, we recommend installing specially developed plug-ins.
§ 6 tracking and analysis tools
We use tracking and analysis tools to ensure ongoing optimization and needs-based design of our website. With the help of tracking measures, it is also possible for us to statistically record the use of our website by visitors and to further develop our online offer for you with the help of the knowledge gained. Based on these interests, the use of the tracking and analysis tools described below is justified in accordance with Article 6 (1) (f) GDPR. If you have given us your consent to the use of cookies on the basis of a notice given by us on the website (“cookie banner”), the legality of their use is also based on Article 6 (1) (a) GDPR. The following description of the tracking and analysis tools also shows the respective processing purposes and the processed data.
1. Google Analytics
This website uses Google Analytics, a web analysis service from Google Inc., 1600 Amphitheater Parkway, Mountainview, CA 94043 USA (“Google”). Google Analytics uses so-called "cookies", text files that are stored on your computer and that enable your use of the website to be analyzed.
The information generated by these cookies, for example about the time, place and frequency of your use of this website, is usually transmitted to a Google server in the USA and stored there. When using Google Analytics, it cannot be ruled out that the cookies set by Google Analytics can collect other personal data in addition to the IP address. We would like to point out that Google may transfer this information to third parties if this is required by law or if third parties process this data on behalf of Google.
Google will use the information generated by cookies on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activity and to provide the website operator with other services relating to website activity and internet usage. According to Google, the IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
You can generally prevent the storage of cookies by setting your browser software accordingly. However, we would like to point out that in this case you may not be able to use all functions of this website to their full extent.
It cannot be ruled out that the cookies set by Google Analytics can collect other personal data in addition to the IP address. To prevent information about your use of the website from being recorded by Google Analytics and transmitted to Google Analytics, you can download and install a plug-in for your browser under the following link: tools.google.com/dlpage/gaoptout .
This plugin prevents information about your visit to the website from being transmitted to Google Analytics. Any other analysis is not prevented by this plugin.
We would like to point out that you cannot use the browser plug-in described above when visiting our website via the browser of a mobile device (smartphone or tablet). When using a mobile device, you can prevent Google Analytics from collecting your usage data by using the following description: Deactivate Google Analytics on your mobile phone: First, open the "Settings" app on your Android smartphone. In the "Google" category you will find the item "Personal data & privacy". If you open the "Search settings", you can deactivate the tracking function "Recent locations" (information as of August 14, 2018). Alternatively, our website can also offer you a link to deactivate Google Analytics. This link is labeled accordingly and in a self-explanatory manner (such as "Deactivate Google Analytics").
By clicking on this link, a so-called opt-out cookie is set in your browser. This prevents information about your visit to the website from being transmitted to Google Analytics. Please note that the opt-out cookie is only valid for this browser and only for this domain. If you delete the cookies in this browser, the opt-out cookie will also be deleted. To continue to prevent Google Analytics from collecting data, you must click the link again. The use of the opt-out cookie is also possible as an alternative to the above plug-in when using the browser on your computer.
In order to ensure the best possible protection of your personal data, Google Analytics has been expanded to include the code “anonymizeIp” on this website. This code causes the last 8 bits of the IP address to be deleted and your IP address to be recorded anonymously (so-called IP masking). Your IP address will be shortened by Google before it is transmitted within member states of the European Union or in other contracting states of the Agreement on the European Economic Area and thereby anonymized. The full IP address is only transmitted to a Google server in the USA and shortened there in exceptional cases.
§ 7 plugins
1. Vimeo
Our website uses plugins from Vimeo.com, which is operated by Vimeo LCC, 555 West 18th Street, New York, New York 10011, USA. If you access our website with such a plugin, a connection to the Vimeo servers is established and the plugin is displayed on the website by a message to your browser. This will tell the Vimeo server which of our websites you have visited. If you are logged in as a member of Vimeo, Vimeo will assign this information to your personal user accounts on these platforms. When using these plugins, such as clicking / start buttons on a video or sending a comment, this information is assigned to your Vimeo user account, for example, which you can only prevent by logging out before using the plugin.
Information on the collection and use of data by the above platform or plugins can be found in the data protection information: vimeo.com/privacy.  ;
2. Youtube
We use the provider YouTube, among others, for the integration of videos. YouTube is operated by YouTube LLC with headquarters at 901 Cherry Avenue, San Bruno, CA 94066, USA. YouTube is represented by Google Inc. based at 1600 Amphitheater Parkway, Mountain View, CA 94043, USA.
We use plugins from the provider YouTube on some of our websites. If you call up the Internet pages on our website that have such a plugin - for example our media library - a connection to the YouTube servers is established and the plugin is displayed. This will tell the YouTube server which of our websites you have visited. If you are logged in as a member of YouTube, YouTube will assign this information to your personal user account. When using the plugin, for example by clicking the start button of a video, this information is also assigned to your user account. You can prevent this assignment by logging out of your YouTube user account and other user accounts of the companies YouTube LLC and Google Inc. and deleting the respective cookies from the companies before using our website.
Further information on data processing and information on data protection by YouTube (Google) can be found at www.google.de/intl/de/policies/privacy/.
§ 8 hyperlinks
Our website contains so-called hyperlinks to websites from other providers. If you activate these hyperlinks, you will be redirected from our website directly to the website of the other provider. You can recognize this by the change in the URL, among other things. We cannot assume any responsibility for the confidential handling of your data on these third party websites, as we have no influence on whether these companies comply with data protection regulations. Please refer to these websites for information about how these companies handle your personal data.
§ 9 rights of data subjects
As a person affected by the processing of personal data, the GDPR gives you the following rights:
According to Art. 15 GDPR you can request information about your personal data processed by us. In particular, you can obtain information about the processing purposes, the categories of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to correction, deletion, restriction of processing or objection, the existence of a Right to lodge a complaint, the origin of your data, if we have not collected it, via a transfer to third countries or to international organizations as well as the existence of automated decision-making including profiling and, if necessary, meaningful information on their details.
According to Art. 16 GDPR you can immediately request the correction of incorrect or the completion of your personal data stored by us.
According to Art. 17 GDPR, you can request the deletion of your personal data stored by us, insofar as the processing is not to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend Legal claims is required.
According to Art. 18 GDPR, you can request the restriction of the processing of your personal data if you dispute the correctness of the data, the processing is unlawful, we no longer need the data and you refuse to delete it because you want to assert or exercise it or need defense of legal claims. You also have the right under Art. 18 GDPR if you have objected to processing in accordance with Art. 21 GDPR.
According to Art. 20 GDPR, you can request to receive your personal data that you have provided to us in a structured, common and machine-readable format, or you can request that it be transmitted to another person responsible.
According to Art. 7 Para. 3 GDPR, you can revoke your once given consent to us at any time. As a result, we are no longer allowed to continue the data processing based on this consent in the future.
According to Art. 77 GDPR, you have the right to complain to a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence, your place of work or our company headquarters. In Austria, the supervisory authority is the data protection authority, Wickenburggasse 8, 1080 Vienna, phone: +43 1 52 152-0, e-mail: dsb@dsb.gv.at , web: www.dsb.gv.at.
§ 10 right of objection
When processing your personal data on the basis of legitimate interests in accordance with Art. 6 Para. 1 lit. f GDPR, you have the right to object to the processing of your personal data in accordance with Art. 21 GDPR, provided there are reasons for this that arise from your special situation arise or the objection is directed against direct mail. In the case of direct mail, you have a general right of objection, which we will implement without specifying a particular situation.
§ 11 data security and security measures
We are committed to protecting your privacy and treating your personal data confidentially. In order to avoid manipulation, loss or misuse of your data stored by us, we take extensive technical and organizational security precautions, which are regularly checked and adapted to technological progress. This includes the use of recognized encryption methods (TLS 1.2). However, we would like to point out that due to the structure of the internet it is possible that the rules of data protection and the above security measures are not observed by other persons or institutions not within our area of responsibility. In particular, data disclosed in unencrypted form - e.g. B. if this is done by email - be read by third parties. We have no technical influence on this. It is the responsibility of the user to protect the data provided by him against misuse by encryption or in any other way.