Privacy Policy

This Privacy Policy describes how your personal information is collected, used, and shared when you visit or make a purchase from https://www.cirojewelry.com/ (the “Site”).

WHO IS RESPONSIBLE FOR THE DATA COLLECTION ON THIS WEBSITE?

The operators of this website take the protection of your personal data very seriously. We treat your personal data as confidential and in accordance with the statutory data protection regulations and this privacy policy.

If you use this website, various pieces of personal data will be collected. Personal information is any data with which you could be personally identified. 

Please note that data transmitted via the internet (e.g. via email communication) may be subject to security breaches. Complete protection of your data from third-party access is not possible.

The party responsible for processing data on this website is:

CIRO GmbH

Graben 17/17
A-1010 Vienna
Austria

Telephone: +43 (0) 1 513 30 76
Email: support@cirojewelry.com 

HOW DO WE COLLECT YOUR DATA?

Some data are collected when you provide it to us. This could, for example, be data you enter on a contact form, when registering for or paying in the web store or when contacting us by e-mail.

Other data are collected automatically by our IT systems when you visit the website. These data are primarily technical data such as the browser and operating system you are using or when you accessed the page. These data are collected automatically as soon as you enter our website.

PERSONAL INFORMATION WE COLLECT
When you visit the Site, we automatically collect certain information about your device, including information about your web browser, IP address, time zone, and some of the cookies that are installed on your device. Additionally, as you browse the Site, we collect information about the individual web pages or products that you view, what websites or search terms referred you to the Site, and information about how you interact with the Site. We refer to this automatically-collected information as “Device Information.”

We collect information about your device when visiting the SiteDevice Information using the following technologies:

- “Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. Cookies do not harm your computer and do not contain any viruses. Cookies help make our website more user-friendly, efficient, and secure. Cookies are small text files that are stored on your computer and saved by your browser.

Most of the cookies we use are so-called “session cookies.” They are automatically deleted after your visit. Other cookies remain in your device’s memory until you delete them. These cookies make it possible to recognize your browser when you next visit the site.

You can configure your browser to inform you about the use of cookies so that you can decide on a case-by-case basis whether to accept or reject a cookie. Alternatively, your browser can be configured to automatically accept cookies under certain conditions or to always reject them, or to automatically delete cookies when closing your browser. Disabling cookies may limit the functionality of this website. For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org.
Cookies which are necessary to allow electronic communications or to provide certain functions you wish to use (such as the shopping cart) are stored pursuant to Art. 6 paragraph 1, letter f of DSGVO. The website operator has a legitimate interest in the storage of cookies to ensure an optimized service provided free of technical errors. If other cookies (such as those used to analyze your surfing behavior) are also stored, they will be treated separately in this privacy policy.

For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org.
- “Log files” track actions occurring on the Site, and collect data including your IP address, browser type and browser version, operating system used, referrer URL, host name of the accessing computer, time of the server request, Internet service provider, referring/exit pages, and date/time stamps.

Your IP address will be collected, but immediately pseudonymized. As a result, only a rough localization is possible. The production of a personal reference is no longer possible.

These data will not be combined with data from other sources.

The basis for data processing is Art. 6 (1) (f) DSGVO, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.


- “Web beacons,” “tags,” and “pixels” are electronic files used to record information about how you browse the Site.

Additionally when you make a purchase or attempt to make a purchase through the Site, we collect certain information from you, including your name, billing address, shipping address, payment information (including credit card numbers), email address, and phone number. We refer to this information as “Order Information.”

When we talk about “Personal Information” in this Privacy Policy, we are talking both about Device Information and Order Information.

Contact form

Should you send us questions via the contact form, we will collect the data entered on the form, including the contact details you provide, to answer your question and any follow-up questions. We do not share this information without your permission.

We will, therefore, process any data you enter onto the contact form only with your consent per Art. 6 (1)(a) DSGVO. You may revoke your consent at any time. An informal email stating the revocation is sufficient. The data processed before we receive your revocation may still be legally processed.

We will retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Any mandatory statutory provisions, especially those regarding mandatory data retention periods, remain unaffected by this provision.

Registration on this website

You can register on our website in order to access additional functions offered here. The input data will only be used for the purpose of using the respective site or service for which you have registered. The mandatory information requested during registration must be provided in full. Otherwise, we will reject your registration.

To inform you about important changes such as those within the scope of our site or technical changes, we will use the email address specified during registration.

We will process the data provided during registration only based on your consent per Art. 6 (1)(a) DSGVO. You may revoke your consent at any time with future effect. An informal email stating the revocation is sufficient. The data processed before we receive your revocation may still be legally processed.

We will continue to store the data collected during registration for as long as you remain registered on our website. Statutory retention periods remain unaffected.

Newsletter data

If you would like to receive our newsletter, we require a valid email address as well as information that allows us to verify that you are the owner of the specified email address and that you agree to receive this newsletter. No additional data is collected or is only collected on a voluntary basis. We only use this data to send the requested information and do not pass it on to third parties.

We will, therefore, process any data you enter onto the contact form only with your consent per Art. 6 (1) (a) DSGVO. You can revoke consent to the storage of your data and email address as well as their use for sending the newsletter at any time, e.g. through the “unsubscribe” link in the newsletter. The data processed before we receive your revocation may still be legally processed.

The data provided when registering for the newsletter will be used to distribute the newsletter until you cancel your subscription when said data will be deleted. Data we have stored for other purposes (e.g. email addresses for the members area) remain unaffected.

Payment service providers

Our website accepts payments via [Name]. The provider of this service is [Name, Adresse].

If you select payment via [Name], the payment data you provide will be supplied to [Name] based on Art. 6 (1) (a) and Art. 6 (1) (b) DSGVO. You have the option to revoke your consent at any time with future effect. It does not affect the processing of data previously collected. 



HOW DO WE USE YOUR PERSONAL INFORMATION?
We will not process your personal data that you have made available to us for purposes other than those covered by a contract concluded with you or by your consent or otherwise by a provision in accordance with the DSGVO. An exception to this is the use for statistical purposes, provided that the data provided has been made anonymous.

We collect, process, and use your personal information only insofar as it is necessary to establish, or modify legal relationships with us. This is done based on Art. 6 (1) (b) DSGVO, which allows the processing of data to fulfil a contract or for measures preliminary to a contract. We collect, process and use your personal information when accessing our website only to the extent required to enable you to access our service or to bill you for the same.

We use the information collected when making a purchase or when attempting to make a purchase through the Site Order Information that we collect generally to fulfil any orders placed through the Site (including processing your payment information, arranging for shipping, and providing you with invoices and/or order confirmations). 

Additionally, we use this Order iInformation to:
Communicate with you;
Screen our orders for potential risk or fraud; and
When in line with the preferences you have shared with us, provide you with information or advertising relating to our products or services.

We use the information collected about your device when visiting the Site Device Information that we collect to help us screen for potential risk and fraud (in particular, your IP address), and more generally to improve and optimize our Site (for example, by generating analytics about how our customers browse and interact with the Site, and to assess the success of our marketing and advertising campaigns).

SHARING YOUR PERSONAL INFORMATION
We share your Personal Information with third parties to help us use your Personal Information, as described above. For example, we use Shopify to power our online store--you can read more about how Shopify uses your Personal Information here: . 

We also use Google Analytics to help us understand how our customers use the Site--you can read more about how Google uses your Personal Information here: https://www.google.com/intl/en/policies/privacy/. You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.

Finally, we may also share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights.

BEHAVIOURAL ADVERTISING
As described above, we use your Personal Information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.

You can opt out of targeted advertising by:

FACEBOOK - https://www.facebook.com/settings/?tab=ads
GOOGLE - https://www.google.com/settings/ads/anonymous
BING - https://advertise.bingads.microsoft.com/en-us/resources/policies/personalized-ads

Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at: .

RIGHT TO DATA PORTABILITY

You have the right to have data which we process based on your consent or in fulfilment of a contract automatically delivered to yourself or to a third party in a standard, machine-readable format. If you require the direct transfer of data to another responsible party, this will only be done to the extent technically feasible.

SSL OR TLS ENCRYPTION

This site uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as the inquiries you send to us as the site operator. You can recognize an encrypted connection in your browser’s address line when it changes from “http://” to “https://” and the lock icon is displayed in your browser’s address bar.

If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.

ENCRYPTED PAYMENTS ON THIS WEBSITE

If you enter into a contract which requires you to send us your payment information (e.g. account number for direct debits), we will require this data to process your payment.

Payment transactions using common means of payment (Visa/MasterCard, direct debit) are only made via encrypted SSL or TLS connections. You can recognize an encrypted connection in your browser’s address line when it changes from “http://” to “https://” and the lock icon in your browser line is visible.

In the case of encrypted communication, any payment details you submit to us cannot be read by third parties.

INFORMATION, BLOCKING, REVOCATION AND DELETION

As permitted by law, you have the right to be provided at any time with information free of charge about any of your personal data that is stored as well as its origin, the recipient and the purpose for which it has been processed. You also have the right to correction, data transfer, objection, restriction of processing as well as blocking or deletion of incorrect or inadmissibly processed data.

Many data processing operations are only possible with your express consent. You may revoke your consent to use your personal data at any time with future effect. An informal email stating the revocation is sufficient. The data processed before we receive your revocation may still be legally processed.

Your request for information, deletion, correction, objection and/or data transfer - in the latter case, provided that this does not involve disproportionate effort - can be sent to

CIRO GmbH

Graben 17/17
A-1010 Vienna
Austria

Email: support@cirojewelry.com

If you have further questions on the topic of personal data, you can contact us at any time at 

CIRO GmbH

Graben 17/17
A-1010 Vienna
Austria

Email: support@cirojewelry.com

If you are of the opinion that the processing of your personal data by us violates the applicable data protection law or your data protection rights have been violated in any other way, you have the possibility to complain to the responsible supervisory authority. In Austria this is the competent data protection authority.

TRANSMISSION OF DATA TO THIRD PARTIES

In order to fulfil a contract concluded with you, it may also be necessary to pass on your data to third parties (e.g. payment service providers, delivery services, service providers we use and to whom we make data available). Your data will be forwarded exclusively on the basis of the DSGVO, in particular for the purpose of fulfilling a contract concluded with you or on the basis of your prior consent.

Some of the above-mentioned recipients of your personal data are located outside your country or process your personal data there. The level of data protection in other countries may not correspond to that of Austria. However, we only transfer your personal data to countries for which the EU Commission has decided that they have an adequate level of data protection or we take measures to ensure that all recipients have an adequate level of data protection, for which purpose we conclude standard contractual clauses (2010/87/EC and/or 2004/915/EC).

We use Shopify to power our online store. It is operated by Shopify Inc.,151 O’Connor Street, Ground floor, Ottawa, ON K2P 2L8, Canada. 

You can read more about how Shopify uses your Personal Information here: https://www.shopify.com/legal/privacy

Our website uses plug-ins or functions from third parties, some of which transfer data to them. You can find more information on this in the points below:

We use Google Analytics, a web analytics service, to help us understand how our customers use the Site.

It is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Google Analytics uses so-called “cookies”. These are text files that are stored on your computer and that allow an analysis of the use of the website by you. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there.

Google Analytics cookies are stored based on Art. 6 (1) (f) DSGVO. The website operator has a legitimate interest in analyzing user behavior to optimize both its website and its advertising.

IP anonymization

We have activated the IP anonymization feature on this website. Your IP address will be shortened by Google within the European Union or other parties to the Agreement on the European Economic Area prior to transmission to the United States. Only in exceptional cases is the full IP address sent to a Google server in the US and shortened there. Google will use this information on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activity, and to provide other services regarding website activity and Internet usage for the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with any other data held by Google.

Browser plugin

You can prevent these cookies being stored by selecting the appropriate settings in your browser. However, we wish to point out that doing so may mean you will not be able to enjoy the full functionality of this website. You can also prevent the data generated by cookies about your use of the website (incl. your IP address) from being passed to Google, and the processing of these data by Google, by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout.

You can read more about how Google uses your Personal Information here: https://www.google.com/intl/en/policies/privacy/. here:
Outsourced data processing

We have entered into an agreement with Google for the outsourcing of our data processing and fully implement the strict requirements of the data protection authorities when using Google Analytics.

BEHAVIOURAL ADVERTISING
As described above, we use your Personal Information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.

You can opt out of targeted advertising by:

FACEBOOK - https://www.facebook.com/settings/?tab=ads
GOOGLE - https://www.google.com/settings/ads/anonymous
BING - https://advertise.bingads.microsoft.com/en-us/resources/policies/personalized-ads

Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at: http://optout.aboutads.info/.

DATA SECURITY

The protection of your personal data is carried out by appropriate organizational and technical precautions. These precautions relate in particular to protection against unauthorized, illegal or even accidental access, processing, loss, use and manipulation.

Notwithstanding our efforts to maintain an appropriately high level of due diligence at all times, it cannot be ruled out that information that you disclose to us via the Internet may be viewed and used by other persons. 

Please note that we therefore accept no liability whatsoever for the disclosure of information due to errors in data transmission not caused by us and/or unauthorized access by third parties (e.g. hack attack on email account or telephone).

We also use Google Analytics to help us understand how our customers use the Site--you can read more about how Google uses your Personal Information here: https://www.google.com/intl/en/policies/privacy/. You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.

ANNOUNCEMENT OF DATA MISHAPS

We strive to ensure that data breaches are detected early and, if necessary, immediately reported to you or the relevant regulatory authority, including the respective data categories that are affected.

STORAGE OF DATA

We will not store your data for longer than is necessary to fulfil our contractual or legal obligations and to ward off possible liability claims.DO NOT TRACKPlease note that we do not alter our Site’s data collection and use practices when we see a Do Not Track signal from your browser.YOUR RIGHTSIf you are a European resident, you have the right to access personal information we hold about you and to ask that your personal information be corrected, updated, or deleted. If you would like to exercise this right, please contact us through the contact information below.Additionally, if you are a European resident we note that we are processing your information in order to fulfill contracts we might have with you (for example if you make an order through the Site), or otherwise to pursue our legitimate business interests listed above. Additionally, please note that your information will be transferred outside of Europe, including to Canada and the United States.DATA RETENTIONWhen you place an order through the Site, we will maintain your Order Information for our records unless and until you ask us to delete this information.CHANGESWe may update this privacy policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal or regulatory reasons.CONTACT USFor more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail at support@cirojewelry.com