Privacy Policy

This Policy aims to inform you as to the details of the type, extent and purpose of the processing of personal data during your use of our website at www.dorkasjewel.com and your rights in this regard.

1. Data Controller

The controller in respect of data collection, processing and use in connection with the use of our website is

Dorka S. Jewelry

Dorka S. Design LLC.

164 Carroll street

Brooklyn, NY

E-mail: dorkasjewel@gmail.com

2. Definitions

Personal data is all information which refers to an identified or identifiable natural person ("Data Subject"). A natural person is deemed to be identifiable if they can be directly or indirectly identified, in particular by means of association with identifying information such as a name, an identification number, location information, an online identifier or one or more particular characteristics, which are an expression of the physical, physiological, genetic, psychological, economic, cultural or social identity of this natural person.

Cookies are small text files which are stored locally, during each visit to our website, on the user's end device (e.g. PC, smartphone, tablet). They can contain a range of information about the end device used as well as about usage behavior and are sent back to the cookie-setting web server with the aim of recognizing a returning user and their settings.

GDPR is the abbreviation for REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

3. Data collected automatically during use of website

IP address and log files
a, Explanation and purpose of processing:

We automatically process the following information every time you visit our website:

the IP address of your computer or other end device (e.g. tablet PC or smartphone) and the request(s) sent by your browser
the volume of data transmitted, the type and version of browser used, the screen resolution and the operating system used.

The IP address and information on the request(s) from your internet browser are necessary, for technical reasons, for you to visit and use the website; without this data being processed, websites cannot be accessed and webpages cannot be displayed. The processing of the IP address is anonymized by way of abbreviation or deleted once it is no longer required for technical reasons for you to access/use the site.

In addition, the above mentioned data will be processed by us for the following purposes:

ensuring a smooth connection to the website can be made,
ensuring our website can be used in a convenient manner,
analysis of system security and stability and
other administrative purposes.

Information on the volume of data transmitted, the type and version of browser used, the screen resolution and the operating system used is collected and processed in order to optimize how content is displayed, determine the system capacity and make future modifications and improvements to the website, on the basis of statistical analyses (where applicable).

b. Legal basis:

The legal basis for this processing of data is Art. 6 (1), first sentence, (f) GDPR. The legitimate interest in processing the relevant data is that it makes accessing the website technically possible, optimizes how the content is displayed for the user and enables the continued improvement/optimization of the internet service in the future.

c. Right to Object:

As far as data processing based on Art. 6 (1) first sentence (f) GDPR is concerned, you have a right to object, notwithstanding other rights. For more on this, see below (Section 10: "Rights of the Data Subject")

2. Use of cookies by our server

a. Explanation and purpose of processing:

We use cookies on our website set by our web server (for explanation, see above). You are made aware of this by way of a banner which is displayed at least the first time you visit our website.

The session cookies used by our server are required in order to display dynamic pages and serve, for example, to store the current status (such as the shopping cart) and to enable the use of our website in a format optimized for your end device. This is required for the use of various functions on our website. Session cookies are automatically deleted immediately once a session is ended.

b. To prevent cookies being stored:

You can prevent cookies being stored by adjusting your browser settings accordingly; moreover, you can delete stored cookies using your browser. Preventing or deleting cookies may render, in some circumstances, the use of certain functions of the website impossible or inconvenient.

c. Legal basis:

The legal basis for this processing of data is Art. 6 (1), first sentence, (f) GDPR. The legitimate interest in processing the data is that it enables the use of the website and its functions.

d. Right to Object:

3. Google Analytics (web analysis)

a. Explanation and purpose of processing:

We use Google Analytics on our websites, a web analytics tool from Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). Google Analytics uses "cookies" which are stored on your PC and which enable an analysis of your use of the website. The information generated by the cookie contains for example browser type/version, operating system used, screen resolution, referrer URL (the website visited prior to this one), anonymised IP address of the computer used to access the website, time of server request, time spent on individual pages, files downloaded, videos watched, advertising banners clicked on, active orders, sequence of clicks etc. Further information on cookies used by Google can be found here.

This information could, in some circumstances, be transmitted to one of Google's servers in the USA and stored there. Google has committed to complying with the Privacy Shield Agreement published by the US Department of Commerce between the EU and the USA regarding the collection, use and storage of personal data from EU Member States.

We use Google Analytics on our websites with an IP anonymisation tool, with which your IP address, when collected by Google Analytics, is, in Member States of the European Union or in other states which are party to the Agreement on the European Economic Area, abbreviated beforehand and thus is transmitted by Google in anonymised form.

Google uses the information collected on our behalf on the basis of a contractual agreement entered into between Google and ourselves, in order to statistically evaluate the use of the website for us in aggregated form, to create reports on the website activities and behavior of users on our website and to provide us with other analysis services related to the website and its use. These reports assist us in designing our website and content according to the needs of users and in continuously improving it. The IP address transmitted by your browser in the scope of Google Analytics is not associated with other data from Google.

The maximum retention period we have chosen for data associated with cookies or user IDs and advertising IDs is 14 months. After this time period has expired, the data will be automatically deleted.

b. Prevention of storage of cookies:

You can prevent cookies being stored by adjusting your browser settings accordingly; moreover, you can delete stored cookies using your browser. Preventing or deleting cookies may render, in some circumstances, the use of certain functions of the website impossible or inconvenient.

In addition, you can deactivate the Google Analytics function using a browser add-on which you can download here: https://tools.google.com/dlpage/gaoptout. To do this, you must install that browser add-on. This prevents the analysis information from being sent to Google. Alternatively, you can set a so-called opt-out cookie by clicking here which prevents data being collected by Google Analytics in future. Please note, however, that on deleting cookies in your browser settings, this opt-out cookie will also be deleted and must be set once more.

c. Further information on Google Analytics:

Comprehensive information from Google on data processing in connection with Google Analytics can be found here.

d. Legal basis:

The legal basis for the use of Google Analytics is Art. 6 (1) first sentence (f) GDPR. The legitimate interest in processing the data is to analysis usage data and, on the basis of the knowledge gained, identify and remedy errors and to optimise the design of our website, including in relation to increasing the conversion rate.

e. Right to Object:

4. Customer data when placing an order

a. Explanation and purpose of processing:

In the scope of ordering, you must provide a several details regarding your personal data ("order data"). This includes title, name, invoice and delivery address, email address, telephone number (optional). We collect, process and use the data you provide in this context without your express consent solely to perform, execute and terminate the contractual relationship between you and us.

We generally only retain the data stored and associated with your customer account until such time as your order has been processed. We are, however, sometimes legally obligated to retain order data and business communications for a longer period. In this case, following a revocation of your consent, we will block the applicable data to be retained by us from being used for other purposes.

b. Legal basis:

The legal basis for this processing of data is Art. 6 (1), first sentence, (b) GDPR.

5. Payment processing

Paying by credit card via the payment service provider, STRIPE

a. Explanation and purpose of processing:

If you choose to make payment by credit card via the payment service provider, STRIPE, the payment is processed directly by Stripe Payments Europe Ltd, Block 4, Harcourt Centre, Harcourt Road, Dublin 2, Ireland, with whom we will share the information you provided to us in the scope of the ordering process (name, address, invoice amount, currency and transaction number). The sharing of your data takes place exclusively for the purposes of the payment processing with Stripe Payments Europe Ltd. We are not involved in the further processing of the payment via STRIPE. The data controller for the further payment processing is Stripe Payments Europe Ltd. Further information on STRIPE data protection can be found here.

b. Legal basis:

The legal basis for the transmission of your credit card data to STRIPE is Art. 6 (1) first sentence (f) GDPR. The legitimate interest in processing the data is our ability to offer a number of different payment possibilities to our customers, including payment by credit card.

c. Right to Object:

Payment via PayPal

a. Explanation and purpose of processing:

If you choose to make payment via PayPal, the payment is processed directly via your PayPal account held with the company PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg, Luxemburg ("PayPal"). The following data is generally transmitted to PayPal for this purpose: first name, surname, address, email address, IP address, telephone number (if provided) and your order data which is necessary for processing the payment (e.g. invoice amount, currency and transaction number).

Further payment processing is carried out directly by PayPal on the basis of the contractual agreement entered into between you and PayPal when you registered your PayPal account. The data controller for the further payment processing is PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg, Luxembourg. Further information on PayPal data protection can be found here.

b. Legal basis:

The legal basis for the transmission of your data to PayPal is Art. 6 (1) first sentence (f) GDPR. The legitimate interest in processing the data is our ability to offer a number of different payment possibilities to our customers, including a common payment method such as PayPal.

c. Right to Object:

6. Contact form

a. Explanation and purpose of processing:

You can contact us with any questions or requests by way of our online contact form or by email. When you do, the personal data transmitted by you (email address and where applicable name (optional) and other voluntary details) will be stored and processed by us electronically in order to answer your question(s) or deal with your enquiry. If you use the online contact form, you must provide your email address so that we know who has sent the enquiry.

The personal data collected in this context will be stored by us, to enable us to refer to past communications when processing later enquiries, until such time as consent is revoked.

The processing of your personal data when you contact us is undertaken on the basis of your consent. Naturally, your contacting us and thus also the transmission of your personal data in this context are voluntary. Your can revoke your consent at any time, by contacting us by way of the online contact form or sending an email to ***. Revoking consent has no influence on the legitimacy of the processing carried out on the basis of the consent prior to the revocation.

b. Text of the declaration of consent

I agree that the above data may be used by Dorka S. Jewelry answer my inquiry and may further be stored together with the communication until further notice for the purpose of addressing subsequent inquiries. I can withdraw my consent at any time with effect for the future via the online contact form or by sending an e-mail to dorkasjewel@gmail.com

c. Legal basis

The legal basis for this processing of data is Art. 6 (1) first sentence (a) GDPR.

7. Newsletter

Explanation and purpose of processing:

On our website, you have the option of subscribing to an e-mail newsletter containing regular information about our new products, discount codes for our products and events organized by us. In the course of placing your order you grant us consent to store and use your first name and surname as well as your email address for the purposes of sending you an email newsletter, which is generally sent no more than once a week. Your can revoke your consent at any time with effect for the future (c.f. Section 10 below).

The sending of the e-mail newsletter is carried out by the email service provider Rocket Science Group, LLC, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA (www.mailchimp.com), on the basis of a data processing agreement, which is certified for the EU-US Privacy Shield, such that an adequate level of protection is ensured.

We store your data for the above stated purpose, only until receipt of a notice of revocation.

b. Legal basis:

The legal basis for this processing is Art. 6 (1) first sentence (a) GDPR.

c. Text of the declaration of consent

I agree that the above data may be used by Dorka S. Jewelry in accordance with section 7 of the Privacy Policy to regularly send me information about new products, discount codes and events by Dorka S. Jewelry via e-mail. I can withdraw this consent (for example by e-mail to dorkasjewel@gmail.com or via the link in the newsletter) at any time with effect for the future.

8. Recipients of personal data

Contractual agreements for specific-purpose third party data processing exist with the following service providers, who are recipients of personal data (according to the definition in Art. 4 No. 9 GDPR) and process it as processors in compliance with the provisions of Art. 28 GDPR:

Squarespace (hosting provider)
MailChimp (email service provider)

9. Links to social media platforms

On our website, we link to our company pages on the following companies' social media platforms:

Facebook: Facebook, Inc., 1601 Willow Road, Menlo Park, California 94025, USA

Data Policy: https://de-de.facebook.com/policy.php

Instagram: Instagram LLC, 1601 Willow Road, Menlo Park, California 94025, USA

Data policy: https://help.instagram.com/155833707900388

Please note, in the event that you visit these linked sites, information may be collected and processed by the respective platform provider, which may be associated with your respective user account and stored and used according to the data protection provisions of the respective platform operator. Please take time to find out about the manner and extent of data use by the relevant platform operator before visiting the linked sites.

10. Rights of the Data Subject

a. You have the right to request confirmation from us on whether we are processing personal data concerning you. If this is the case, you have a right to information regarding this personal data (Art. 15 GDPR in conjunction with Sec. 34 BDSG (German Federal Data Protection Act)).

This does not apply if

the data is only stored because it may not be deleted due to data retention rules set out in the law or the company statutes
the storage is for the exclusive purpose of backing up data or data protection monitoring
and the provision of information would require a disproportionate cost and effort and any processing for other purposes has been excluded using appropriate technical and organizational measures.

b. You also have the right to request that inaccurate personal data be rectified and where applicable - taking into account the purposes of the processing - incomplete personal data be completed, including by means of a supplementary statement (Art. 16 GDPR). Moreover, in the cases laid out in Art. 17 (1) (a) to (f) GDPR, you have the right to request that personal data be deleted, provided no exception as per Art. 17 (3) GDPR applies, as well as a right to restriction of processing in the cases laid out in Art. 18 (1) GDPR. There is also the right to have data portability ensured in the cases laid out in Art. 20 (1) GDPR.

c. You have the right to appeal to the competent supervisory authority, if you are of the opinion that the processing of your personal data violates the GDPR.

d. The right to object to processing on the basis of legitimate interests
To the extent the processing of data is based on Art. 6 (1) (f) GDPR ("legitimate interests"), you have the right to lodge an objection at any time, for reasons related to your particular situation, to the processing of personal data concerning you. If you exercise your right to object, this can lead to you only being able to use our website as a whole or individual services or functions in a limited manner, or not at all.

To exercise your rights as a Data Subject, please contact us by email at dorkasjewel@gmail.com

Version: May 25th 2018