PRIVACY POLICY
The purpose of this document (hereinafter “Privacy Policy“) is to provide information to Users regarding their personal data, defined as any information that may allow the identification of a physical person (hereinafter “Personal Data”), collected by the website and the application www.onirisjewels.com (hereinafter “Application“).
The Data Controller, as identified below, may modify or update this policy wholly or partially, and inform the User of this. Modifications and updates will be binding once published on the Application. The User is therefore invited to read the Privacy Policy each time they access the Application.
If the User does not accept modifications to this Privacy Policy, they should stop using the Application and ask the Data Controller to delete their Personal Data.
- Personal Data collected by this Application
-
- Content and information provided voluntarily by the User
-
-
- Contact information and content: this is Personal Data that the User provides voluntarily to the Application during its use, such as personal details, contact details, login details to access services and/or products, interests, personal preferences and other personal information.
-
-
- Data and content acquired automatically during use of the Application
-
-
- Technical data: digital systems and software procedures responsible for the functioning of this Application acquire, during their normal operation, certain Personal Data, whose transmission is inherent in the use of internet communication protocols. This information is not collected in order to associate it with identifiable Users, but it may, by its very nature, allow the identification of Users through processing and association with Data held by third parties. This category includes IP addresses or domain names used by the User to connect to the Application, URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to convey the request to the server, the size of the file obtained in response etc.
- User data: Personal Data regarding the User’s use of the Application may also be collected, such as pages visited, actions taken, functions and services used.
- Localisation data: the Application may collect Personal Data regarding the User’s location, which may be GNSS data (Global Navigation Satellite System, for example GPS) in addition to data which identifies the nearest repeater, wifi and bluetooth hotspots, which are communicated when accessing products or functions based on location.
-
-
- Personal Data collected using cookies or similar technology
- Purposes
-
- External handling of payments by credit card, bank transfer or other means: to handle Users’ payments via external platforms which acquire payment information without the Controller of the Application having access to the same.
- The sending of emails or newsletters and the management of mailing lists: to contact Users via emails containing sales and promotional information associated with the Application.
- Methods of data processing
- Legal basis of data processing
-
- the User’s consent for one or more specific purposes;
- processing is necessary for the fulfilment of a contract with the User and/or the fulfilment of pre-contractual procedures;
- processing is necessary for compliance with a legal obligation on the Data Controller;
- processing is necessary for the fulfilment of a task in the public interest or for the exercise of public powers held by the Data Controller;
- processing is necessary for the pursuit of the legitimate interests of the Data Controller or of third parties;
- processing is necessary for the pursuit of the vital interests of the Data Controller or of third parties.
- Location
- Security measures
- Period of data storage
- Automatic decision-making processes
- Rights of the User
-
- withdraw consent at any time;
- object to the processing of their Personal Data;
- access their Personal Data;
- verify and request correction;
- obtain a limitation on processing;
- obtain the deletion of their Personal Data;
- receive their Personal Data or transfer it to another Data Controller;
- make a compliant to the Data Protection authority and/or take legal action.
- Data Controller