PRIVACY POLICY

 

This privacy policy has been updated on May 2023.

Based on Article 13 of the Swiss Federal Constitution and the data protection regulations of the Federal Government (Data Protection Act) and in accordance with GDPR, every person is entitled to the protection of their privacy and against misuse of their personal data. We comply with these terms. Personal data will be kept strictly confidential and will not be sold or passed on to third parties. 

We look forward to your visit to our website and your interest in our offers. For external links to third-party content we accept no liability as they are not part of this website.

The protection of your personal data is very important to us and takes place within the framework of the legal regulations, which you can refer to e.g. under the link listed at the end of this Privacy Policy.

These data will not be disclosed to third parties without your explicit consent.

In the following, we will explain what information we collect during your visit to our website and how it is used:

HOW AND WHEN WE COLLECT YOUR DATA

When visiting the website:

Every time a customer (or other visitors) enters our website, your device (computer, laptop, tablet, smartphone, etc.) automatically sends information which is logged in a temporary file by our web service provider (Shopify, GoDaddy Inc...). This data contains your IP address and anonymous information about your device, and it is used to block malicious traffic and to display the site using a layout compatible with your device. Our legitimate interest in collecting your data, in accordance with Art. 6 par.1 (f) of the GDPR, is based on the following purposes: 

  • Ensuring a smooth connection setup and comfortable use of the website,

  • Evaluation of system security and stability,

  • Further administrative purposes. 

In no case we use the collected data for the purpose of drawing conclusions about you.

 

Registering as a user in our platform: 

Buyers can create a user account on our platform.

The following mandatory data must be entered to register as a user (buyer) and set up a user account:

  • a valid email address

  • a password of your choice.

These constitute the login data for your user account.

You can also provide this voluntary user data:

  • Your first and last name

  • A profile picture

  • Your address (street, post code, city/town, country)

  • Your phone number.

Registering to our newsletter

You can choose to subscribe to our newsletter. This process requires you to give us your email address and, optionally, your name.

This data is stored by our email campaign service provider Shopify, Wix or Mailchimp, situated in USA, which is a EU-US Privacy Shield and Swiss Safe Harbor Frameworks certified processor.

When concluding a contractual relationship of any kind

When concluding a contractual relationship of any kind on our website, such as placing an order, we may ask you for the following personal data:

  • Data that personally identifies you, such as your natural name, e-mail address and home address

  • other personal data which we are legally obliged or authorized to collect and process and which we need for your authentication, identification or verification of the data we collect.

The processing of data is based on Art. 6 par.1 (b) of GDPR. The retention period is limited to the purpose of the contract and, if available, statutory and contractual retention requirements.

TRANSFER OF PERSONAL DATA

We may pass on your data to third parties only when:

  • You have given your express consent to this (Art. 6 par.1 (a) GDPR),

  • This is necessary to provide you with the service or for the settlement of contractual relationships with you (Art. 6 (1) (b) GDPR),

  • There is a legal obligation to pass it on (Art. 6 par.1 (c) GDPR),

  • Disclosure is required for asserting, exercising or defending legal claims and there is no reason to assume that you have a predominantly legitimate interest in not disclosing your data (Article 6 par.1 (f) GDPR).

In all these cases, the amount of data transmitted is limited to the minimum required. Our privacy policy is consistent with applicable data protection laws and the data is processed only in the European Union.

YOUR RIGHTS

On request, we will be pleased to inform you about what personal data we stored (Article 15 GDPR), in particular the processing purposes, the type of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, your rights as well as the existence of automated decision-making including profiling.

You also have the right to correct and complete the data we collected. A basic example may be the case of a change in your delivery address (Art. 16 GDPR).
Furthermore, you have the right to demand that we restrict the processing of your data, provided that the legal conditions for doing so are met (Art. 18 GDPR).
You have the right to receive the personal data relating to you in a structured, common and machine-readable format or to request the transfer to another person responsible (Art. 20 GDPR).
In addition, you are entitled to the so-called “right to be forgotten”. You can request the deletion of your personal data from us, provided that the legal prerequisites exist (Art. 17 GDPR). Regardless of this, your personal data will be deleted by us if the purpose of the data collection has been omitted or the data processing has been unlawful.

IN ACCORDANCE WITH ART. 7 par.3 of GDPR, YOU HAVE THE RIGHT TO REVOKE YOUR ONCE AUTHORIZATION GIVEN CONSENT TO US AT ANY TIME.

You also have the right to object to the processing of your personal data at any time, provided that a right of objection is provided for by law. In the case of an effective revocation, your personal data will also be deleted by us (Article 21 GDPR). If you would like to exercise your right of revocation or objection, it is sufficient to send an e-mail to the e-mail address listed at the end of this privacy policy.

In case of violations of the data protection regulations, you have the right to file a complaint with the supervisory authority.

To report concerns you may have about our data handling practices you can contact the responsible data protection supervisory authority:

HOW LONG WE KEEP YOUR DATA

The data collected will be stored by us as long as necessary for the provision of the services and our contract and legal obligations, unless you exercise your right to cancellation or your right to transfer data to another company.

After deletion of your user account your data is automatically deleted or anonymized to prevent further use, except for the cases in accordance with Article 6 par. 1 (c) of GDPR, when it must be stored for a longer period of time pursuant to retention and documentation requirements under tax or commercial code (HGB, StGB, AO), or if you have consented to storage for a longer period of time in line with Article 6 para. 1 sentence 1 item a GDPR.

Orders data is kept up to 2 years and then anonymized.

Whenever you use a credit card to pay for our product, only your Stripe ID is stored in our databases and it is kept for up to 1 week.

HOW WE USE YOUR INFORMATION

Web Statistics Collection (Web Statistics Tool)

Our website uses Google Analytics to help us analyze and improve our website. No identifiable data is collected.

We also track user’s behavior using Facebook Pixel. The data collected using this tool is aggregated but not fully anonymized, for this reason we notify you about the use of this technology and require your authorization via our cookie banner. No data is collected if you deny or revoke the use of this cookie.

Newsletter

When registering to our newsletter, according to Art. 6 par.1 (a) of the GDPR, you have expressly authorised us to use your e-mail address to send you marketing material. It is possible to unsubscribe at any time via a link at the end of each newsletter. Alternatively, you can send an unsubscribe request at any time by e-mail (preferably with the subject: “unsubscribe newsletter”).

DATA SECURITY
We take all necessary technical and organizational security measures to store your personal data so that it is not accessible to unauthorized third parties or the public.

All the third party involved in the services we provide are certified EU-US Privacy Shield and Swiss Privacy Shield and guarantee high levels of security.

CHANGES TO THIS PRIVACY POLICY

We may occasionally make changes and corrections to this Privacy Notice. If we believe that the changes are material, we’ll let you know by doing one (or more) of the following: (1) posting the changes on this site, and/or (2) sending you an email or message about the changes. We will also give you the opportunity to consent to these material changes. Changes will be effective upon the posting of the changes and your acceptance of the changes, which may be through your continued use of the site after the changes take effect.

CONTACT DETAILS OF THE CONTROLLER

SBW is the Controller for all personal data processing described in this policy

Contact Info: info@stefanobragawatches.com