Svanhilde Jewellery Oy (Business ID 3308806-1) is committed to protecting and respecting your privacy. We take the protection of the privacy of our customers seriously and undertake to protect their privacy in accordance with Finnish law and the requirements set by the EU GDPR. We offer our customers the opportunity to influence the processing of their data. The purpose of this statement is to inform our customers about the processing of their data.
Last updated: 14th January 2023
After reviewing this policy, if you have additional questions, want more information about our privacy practices, or would like to make a complaint, please contact us by e-mail at email@example.com.
This Policy covers our collection, processing and use of personal data when you use any of our Website.
When you supply any personal data to us we have legal obligations towards you in the way we use that data. For ease of reading, we have divided this Policy into several sections:
- Privacy Of Children
- What Is Personal Data And What Do We Collect
- How And Why Do We Use/Share Your Information
- Your Rights And Choices
- Changes And Amendments
- Contact Details
It is important that you read this Policy together with any other privacy notice or fair processing notices that we may provide on the Website at or around the time that we collect or process personal data about you (for example, fair processing notices that we may display to you at the time that you sign up to receive e-mail updates from us) so that you are fully aware of how and why we are using that data.
This Policy supplements other notices including our Website Terms and Conditions and is not intended to override or replace them.
By visiting or otherwise using our Website, you are agreeing to the practices set out in this Policy. If, for any reason, you do not agree to the terms of this Policy, please stop using this Website.
We reserve the right to revise or amend this Policy at any time to reflect changes to our business or changes in the law. Where these changes are significant we will endeavour to let users of the Websites know. However, it is your responsibility to check this Policy before each use of the Website – for ease of reference the top of this Policy indicates the date on which it was last updated.
2. Privacy Of Children
Please note that our Website is not directed at children under the age of 16 (each a "Child" together "Children") and we do not knowingly collect personal information about Children. If you believe we have collected personal information about your Child, you may contact us at firstname.lastname@example.org and request that we cease processing information about your Child. If you are under the age of 16, please do not submit any Personal Information through the Website and Services. We encourage parents and legal guardians to monitor their children's Internet usage and to help enforce this Policy by instructing their children never to provide Personal Information through the Website and Services without their permission. If you have reason to believe that a child under the age of 16 has provided Personal Information to us through the Website and Services, please contact us. You must also be at least 16 years of age to consent to the processing of your Personal Information in your country (in some countries we may allow your parent or guardian to do so on your behalf).
3. What Is Personal Data And What Do We Collect
You can access and use the Website and Services without telling us who you are or revealing any information by which someone could identify you as a specific, identifiable individual. If, however, you wish to use some of the features on the Website, you may be asked to provide certain Personal Information (for example, your name and e-mail address). We receive and store any information you knowingly provide to us when you make a purchase, or fill any online forms on the Website. Some of the information we collect is directly from you via the Website and Services. However, we may also collect Personal Information about you from other sources such as public databases and our joint marketing partners. You can choose not to provide us with your Personal Information, but then you may not be able to take advantage of some of the features on the Website. Users who are uncertain about what information is mandatory are welcome to contact us.
Information You Provide:
We collect information you provide directly via the Service, including but not limited to when you register an account, update your profile, access our content, make a purchase, participate in a sweepstakes, contest, survey, or other promotion (“Promotion”), contact customer support, sign up for our text messaging program, or apply for a job. We may use Service Providers (defined below) to collect this information.
The information we collect includes information that that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, to you. The following is a list of the categories of information we collect and have collected in the last 12 months:
- Contact Data. We collect your first and last name, e-mail address, postal address, phone number (and mobile carrier, if you enrol in our text messaging program), and other similar contact data.
- Credentials. We collect passwords and other information for authentication and account access.
- Demographic Data. We collect demographic information including your age, birth month and/or day, gender, and country.
- Payment Data. We collect data necessary to process your payment if you make a purchase, including your payment instrument number (such as a credit card number or information identifying your financing account), and the security code and expiration date associated with your payment instrument.
- Profile Data. We collect your interests, favourites, wish lists, ring size preferences, and other profile data.
- Content. We collect the content of messages you send to us, such as feedback and product reviews you write, messages sent through our text messaging program, questions and information you provide to customer support or comments and content that you may post on social media channels. For example, if you contact a customer service representative or jewellery consultant and provide information to the consultant or submit a request through our Service, we will use your information to respond to your request and to provide you with additional information that we believe may be helpful to you. We may also collect content such as photos, videos or other content that you submit to us.
You may choose to voluntarily submit other information to us through the Service that we do not request, and, in such instances, you are solely responsible for such information.
Information Collected Automatically:
Svanhilde Jewellery Oy automatically collects information about your device and how your device interacts with our Service. When you open the Website, our servers automatically record information that your browser sends. This data may include information such as your device's IP address, browser type and version, operating system type and version, language preferences or the webpage you were visiting before you came to the Website and Services, pages of the Website and Services that you visit, the time spent on those pages, information you search for on the Website, access times and dates, and other statistics.
Information collected automatically is used only to identify potential cases of abuse and establish statistical information regarding the usage and traffic of the Website and Services. This statistical information is not otherwise aggregated in such a way that would identify any particular user of the system.
We may use Service Providers to collect this information. The categories of information we automatically collect and have collected in the last 12 months includes:
- Service Use Data. We collect data about the features you use, the pages you visit, the e-mails and advertisements you view, the products you purchase, the time of day you browse, your referring and exiting pages, and other similar information.
- Device Connectivity and Configuration Data. We collect data about the type of device or browser you use, your device’s operating software, your internet service provider, your device’s regional and language settings, and other similar information.
- IP Address and Device Identifiers. Svanhilde Jewellery Oy collects your IP address and other device identifiers, including mobile advertising identifiers. We collect this data for various purposes, including to assess, diagnose problems, and improve functioning of our Service, servers, and hosting providers as well as to analyse trends and traffic patterns, gather demographic information, track the date, time, and duration of each session within our website, prevent fraud, and customise our services and advertisements.
- Location Data. We collect data about your device’s location.
- Log Files. Our server logs automatically collect information, such as your IP address, your browser type and language, and the date and time of your visit, which helps us track users' movements around our site and understand trends.
- Operational: Cookies are essential in order for you to use our Service, such as our shopping bag, as well as to access password protected areas, such as your personal account.
- Analytics and Performance: Cookies collect information about how you use our Service and remember the choices you make (such as your language or location) to provide an enhanced performance and a more personalised experience.
- Customisation: Cookies allow us to gather information on how our Service is being used so that we can provide content that is relevant to you. If you sign up for our text messaging program, cookies may be used to customise your experience by sending you personalised text messages such as shopping cart reminders.
- Social Networking: Cookies allow users to share our pages and content to third-party social networking sites.
- Location-Identifying Technologies. Location-aware technologies may be used to collect precise location data when you enable location-based services through your device. Location data may be used for purposes such as verifying your device’s location and delivering or restricting relevant content and advertising based on that location.
The length of time that a cookie remains on your computer or mobile device depends on whether it is a “persistent” or “session” cookie. Session cookies last until you stop browsing and persistent cookies last until they expire or are deleted. Most of the cookies we use are persistent and will expire between 30 minutes and two years from the date they are downloaded to your device.
You can control and manage cookies in various ways. Please keep in mind that removing or blocking cookies can negatively impact your user experience and parts of our website may no longer be fully accessible.
Most browsers automatically accept cookies, but you can choose whether or not to accept cookies through your browser controls, often found in your browser’s “Tools” or “Preferences” menu. For more information on how to modify your browser settings or how to block, manage or filter cookies can be found in your browser’s help file or through such sites as: www.allaboutcookies.org.
For further information on Tracking Technologies and your rights and choices regarding them, see the sections entitled “Other Parties” and “Your Rights and Choices” below.
Do Not Track
Please note that because there is no consistent industry understanding of how to respond to “Do Not Track” signals, we do not alter our data collection and usage practices when we detect such a signal from your browser.
4. How and why do we use or share your personal information
We share your Personal Information with service providers to help us provide our services and fulfil our contracts with you, as described above. For example:
- We use Shopify to power our online store. You can read more about how Shopify uses your Personal Information here: https://www.shopify.com/legal/privacy.
- We may share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights.
In order to make the Website and Services available to you, or to meet a legal obligation, we need to collect and use certain Personal Information. If you do not provide the information that we request, we may not be able to provide you with the requested products or services. Any of the information we collect from you may be used for the following purposes:
- Fulfil and manage orders
- Deliver products or services
- Improve products and services
- Send administrative information
- Respond to inquiries and offer support
- Request user feedback
- Improve user experience
- Post customer testimonials
- Enforce terms and conditions and policies
- Protect from abuse and malicious users
- Respond to legal requests and prevent harm
- Run and operate the Website and Services
Processing your Personal Information depends on how you interact with the Website and Services, where you are located in the world and if one of the following applies: (i) you have given your consent for one or more specific purposes; this, however, does not apply, whenever the processing of Personal Information is subject to California Consumer Privacy Act or European data protection law; (ii) provision of information is necessary for the performance of an agreement with you and/or for any pre-contractual obligations thereof; (iii) processing is necessary for compliance with a legal obligation to which you are subject; (iv) processing is related to a task that is carried out in the public interest or in the exercise of official authority vested in us; (v) processing is necessary for the purposes of the legitimate interests pursued by us or by a third party.
Note that under some legislations we may be allowed to process information until you object to such processing (by opting out), without having to rely on consent or any other of the following legal bases below. In any case, we will be happy to clarify the specific legal basis that applies to the processing, and in particular whether the provision of Personal Information is a statutory or contractual requirement, or a requirement necessary to enter into a contract.
Billing and payments
We use third party payment processors to assist us in processing your payment information securely. Such third party processors' use of your Personal Information is governed by their respective privacy policies which may or may not contain privacy protections as protective as this Policy. We suggest that you review their respective privacy policies.
5. Your Rights And Choices
You may access, update, or remove certain account information that you have voluntarily submitted to us through the Service. If you would like to update or revise information in your account, you may do so through your account or by contacting us as set forth in the section entitled “Contact Us” below. We may require additional information from you to allow us to confirm your identity. Please note that we will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. California residents and data subjects in Europe have additional rights as set forth in the sections entitled “Additional Disclosures for California Residents” and “Additional Disclosures for Data Subjects in Europe” below.
Retention of information
We will retain and use your Personal Information for the period necessary to comply with our legal obligations, resolve disputes, and enforce our agreements unless a longer retention period is required or permitted by law. We may use any aggregated data derived from or incorporating your Personal Information after you update or delete it, but not in a manner that would identify you personally. Once the retention period expires, Personal Information shall be deleted. Therefore, the right to access, the right to erasure, the right to rectification and the right to data portability cannot be enforced after the expiration of the retention period.
Transfer of information
Depending on your location, data transfers may involve transferring and storing your information in a country other than your own. You are entitled to learn about the legal basis of information transfers to a country outside the European Union or to any international organisation governed by public international law or set up by two or more countries, such as the UN, and about the security measures taken by us to safeguard your information. If any such transfer takes place, you can find out more by checking the relevant sections of this Policy or inquire with us using the information provided in the contact section.
The rights of users
You may exercise certain rights regarding your information processed by us. In particular, you have the right to do the following: (i) you have the right to withdraw consent where you have previously given your consent to the processing of your information; (ii) you have the right to object to the processing of your information if the processing is carried out on a legal basis other than consent; (iii) you have the right to learn if information is being processed by us, obtain disclosure regarding certain aspects of the processing and obtain a copy of the information undergoing processing; (iv) you have the right to verify the accuracy of your information and ask for it to be updated or corrected; (v) you have the right, under certain circumstances, to restrict the processing of your information, in which case, we will not process your information for any purpose other than storing it; (vi) you have the right, under certain circumstances, to obtain the erasure of your Personal Information from us; (vii) you have the right to receive your information in a structured, commonly used and machine readable format and, if technically feasible, to have it transmitted to another controller without any hindrance. This provision is applicable provided that your information is processed by automated means and that the processing is based on your consent, on a contract which you are part of or on pre-contractual obligations thereof.
The right to object to processing
Where Personal Information is processed for the public interest, in the exercise of an official authority vested in us or for the purposes of the legitimate interests pursued by us, you may object to such processing by providing a ground related to your particular situation to justify the objection. You must know that, however, should your Personal Information be processed for direct marketing purposes, you can object to that processing at any time without providing any justification. To learn, whether we are processing Personal Information for direct marketing purposes, you may refer to the relevant sections of this document.
Data protection rights under GDPR
If you are a resident of the European Economic Area (EEA), you have certain data protection rights and Svanhilde Jewellery Oy aims to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Information. If you wish to be informed what Personal Information we hold about you and if you want it to be removed from our systems, please contact us. In certain circumstances, you have the following data protection rights:
- You have the right to request access to your Personal Information that we store and have the ability to access your Personal Information.
- You have the right to request that we correct any Personal Information you believe is inaccurate. You also have the right to request us to complete the Personal Information you believe is incomplete.
- You have the right to request the erase your Personal Information under certain conditions of this Policy.
- You have the right to object to our processing of your Personal Information.
- You have the right to seek restrictions on the processing of your Personal Information. When you restrict the processing of your Personal Information, we may store it but will not process it further.
- You have the right to be provided with a copy of the information we have on you in a structured, machine-readable and commonly used format.
- You also have the right to withdraw your consent at any time where Svanhilde Jewellery Oy relied on your consent to process your Personal Information.
You have the right to complain to a Data Protection Authority about our collection and use of your Personal Information. For more information, please contact your local data protection authority in the European Economic Area (EEA).
If you are a resident of California, you have the right to access the Personal Information we hold about you (also known as the ‘Right to Know’), to port it to a new service, and to ask that your Personal Information be corrected, updated, or erased. If you would like to exercise these rights, please contact us by sending an email to email@example.com.
How to exercise these rights
Any requests to exercise your rights can be directed to Svanhilde Jewellery Oy through the contact details provided in this document. Please note that we may ask you to verify your identity before responding to such requests. Your request must provide sufficient information that allows us to verify that you are the person you are claiming to be or that you are the authorised representative of such person. You must include sufficient details to allow us to properly understand the request and respond to it. We cannot respond to your request or provide you with Personal Information unless we first verify your identity or authority to make such a request and confirm that the Personal Information relates to you.
We secure information you provide on computer servers in a controlled, secure environment, protected from unauthorised access, use, or disclosure. We maintain reasonable administrative, technical, and physical safeguards in an effort to protect against unauthorised access, use, modification, and disclosure of Personal Information in its control and custody. However, no data transmission over the Internet or wireless network can be guaranteed. Therefore, while we strive to protect your Personal Information, you acknowledge that (i) there are security and privacy limitations of the Internet which are beyond our control; (ii) the security, integrity, and privacy of any and all information and data exchanged between you and the Website and Services cannot be guaranteed; and (iii) any such information and data may be viewed or tampered with in transit by a third party, despite best efforts.
In the event we become aware that the security of the Website and Services has been compromised or users Personal Information has been disclosed to unrelated third parties as a result of external activity, including, but not limited to, security attacks or fraud, we reserve the right to take reasonably appropriate measures, including, but not limited to, investigation and reporting, as well as notification to and cooperation with law enforcement authorities. In the event of a data breach, we will make reasonable efforts to notify affected individuals if we believe that there is a reasonable risk of harm to the user as a result of the breach or if notice is otherwise required by law. When we do, we will post a notice on the Website.
7. Changes And Amendments
We reserve the right to modify this Policy or its terms relating to the Website and Services from time to time in our discretion and will notify you of any material changes to the way in which we treat Personal Information. When we do, we will revise the updated date at the top of this page. We may also provide notice to you in other ways in our discretion, such as through contact information you have provided. Any updated version of this Policy will be effective immediately upon the posting of the revised Policy unless otherwise specified. Your continued use of the Website and Services after the effective date of the revised Policy (or such other act specified at that time) will constitute your consent to those changes. However, we will not, without your consent, use your Personal Information in a manner materially different than what was stated at the time your Personal Information was collected.
Acceptance of this policy
You acknowledge that you have read this Policy and agree to all its terms and conditions. By accessing and using the Website and Services you agree to be bound by this Policy. If you do not agree to abide by the terms of this Policy, you are not authorised to access or use the Website and Services.
8. Contact Details
If you would like to contact us to understand more about this Policy or wish to contact us concerning any matter relating to individual rights and your Personal Information, you may send us an email at firstname.lastname@example.org.