Politique de confidentialité

    1.  We are grateful that you are visiting our website and thank you for your interest. In the following, we inform you about the handling of your personal data when using our website. 
    2. This Privacy Policy describes how treasuresbykyem.com collects, uses, and discloses your Personal Information when you visit or make a  purchase from the Site.
    3. The controller of data processing on this website within the meaning of Datenschutz-Grundverordnung (DSGVO) is Frieda Kyem, Von-Stauffenberg-Str.41, 82008 Unterhaching, Germany, e-mail: info@treasuresbykyemcom. The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.
    1. Collecting Personal Information
    When you visit the Site, we collect certain information about your device, your interaction with the Site, and information necessary to process your purchases. We may also collect additional information if you contact us for customer support.

    if you do not register or otherwise transmit information to us, we only collect data that your browser transmits to our server (so-called "server log files"). When you visit our website, we collect the following data, which is technically necessary for us to display the website to you:

    • Our visited website
    • Date and time at the time of access
    • Amount of data sent in bytes
    • Source/reference from which you reached the page
    • Browser used
    • Operating system used
    • IP address used (if applicable: in anonymized form)

      The processing is carried out in accordance with Art. 6 para. 1 lit. f DSGVO on the basis of our legitimate interest in improving the stability and functionality of our website. The data is not passed on or used in any other way. However, we reserve the right to check the server log files retrospectively if there are concrete indications of illegal use.

      2. Hosting

      Hosting by Shopify

      We use the store system of the service provider Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland ("Shopify"), for the purpose of hosting and displaying the online store on the basis of processing on our behalf. All data collected on our website is processed on Shopify's servers. As part of Shopify's aforementioned services, data may also be transferred to Shopify Inc, 150 Elgin St, Ottawa, ON K2P 1L4, Canada, Shopify Data Processing (USA) Inc, Shopify Payments (USA) Inc or Shopify (USA) Inc as part of further processing on our behalf. In the event that data is transferred to Shopify Inc. in Canada, the appropriate level of data protection is guaranteed by adequacy decision of the European Commission. Shopify Data Processing (USA) Inc., Shopify Payments (USA) Inc. and Shopify (USA) Inc. in the USA are certified for the us-European data protection agreement "Privacy Shield", which ensures compliance with the level of data protection applicable in the EU.
      For further information on Shopify's data protection, please visit the following website: https://www.shopify.de/legal/datenschutz.
      Further processing on servers other than the aforementioned of Shopify only takes place within the framework communicated below.

      3. Cookies

      A cookie is a small amount of information that’s downloaded to your computer or device when you visit our Site. We use a number of different cookies, including functional, performance, advertising, and social media or content cookies. Cookies make your browsing experience better by allowing the website to remember your actions and preferences (such as login and region selection). This means you don’t have to re-enter this information each time you return to the site or browse from one page to another. Cookies also provide information on how people use the website, for instance whether it’s their first time visiting or if they are a frequent visitor.

      We use cookies to optimize your experience on our Site and to provide our services.

      The length of time that a cookie remains on your computer or mobile device depends on whether it is a “persistent” or “session” cookie. Session cookies last until you stop browsing and persistent cookies last until they expire or are deleted. Most of the cookies we use are persistent and will expire between 30 minutes and two years from the date they are downloaded to your device.

      You can control and manage cookies in various ways. Please keep in mind that removing or blocking cookies can negatively impact your user experience and parts of our website may no longer be fully accessible.

      Most browsers automatically accept cookies, but you can choose whether or not to accept cookies through your browser controls, often found in your browser’s “Tools” or “Preferences” menu. For more information on how to modify your browser settings or how to block, manage or filter cookies can be found in your browser’s help file or through such sites a.

      You can find the links for managing your cookies on your device.

      Internet Explorer: https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies
      Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen
      Chrome: https://support.google.com/chrome/answer/95647?hl=de&hlrm=en
      Safari: https://support.apple.com/de-de/guide/safari/sfri11471/mac
      Opera: https://help.opera.com/de/latest/web-preferences/#cookies

      Additionally, please note that blocking cookies may not completely prevent how we share information with third parties such as our advertising partners. To exercise your rights or opt-out of certain uses of your information by these parties, please follow the instructions in the “Behavioural Advertising” section above.

      4. Contact


      When contacting us (e.g. via contact form or e-mail), personal data is collected. Which data is collected in the case of a contact form can be seen from the respective contact form. This data is stored and used exclusively for the purpose of responding to your request or for contacting you and the associated technical administration. The legal basis for the processing of this data is our legitimate interest in responding to your request in accordance with Art. 6 (1) lit. f DSGVO. If your contact aims at the conclusion of a contract, the additional legal basis for the processing is Art. 6 (1) lit. b DSGVO. Your data will be deleted after final processing of your request. This is the case when the circumstances indicate that the matter in question has been conclusively clarified and provided that there are no statutory retention obligations to the contrary.

      5. Data processing when opening a customer account and for contract execution.


      Pursuant to Art. 6 para. 1 lit. b DSGVO, personal data will continue to be collected and processed if you provide it to us for the execution of a contract or when opening a customer account. Which data is collected can be seen from the respective input forms. Deletion of your customer account is possible at any time and can be done by sending a message to the above address of the person responsible. We store and use the data provided by you for the purpose of processing the contract. After complete processing of the contract or deletion of your customer account, your data will be blocked with regard to tax and commercial law retention periods and deleted after expiration of these periods, unless you have expressly consented to a further use of your data or a legally permitted further use of data was reserved by our side.

      6 .Data processing for order processing


      In order to process your order, we work together with the service provider(s) listed below, who support us in whole or in part in the execution of concluded contracts. Certain personal data is transmitted to these service providers in accordance with the following information.
      The personal data collected by us will be passed on to the transport company commissioned with the delivery as part of the contract processing, insofar as this is necessary for the delivery of the goods. We pass on your payment data to the commissioned credit institution within the framework of payment processing, insofar as this is necessary for payment processing. If payment service providers are used, we will inform you explicitly about this below. The legal basis for the transfer of data is Art. 6 (1) lit. b DSGVO.


      6.1 Use of payment service providers (payment services)

      • Paypal

      When paying via PayPal, credit card via PayPal, direct debit via PayPal or - if offered - "purchase on account" or "installment payment" via PayPal, we pass on your payment data to PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal") as part of the payment processing. The transfer takes place in accordance with Art. 6 para. 1 lit. b DSGVO and only insofar as this is necessary for the payment processing.
      PayPal reserves the right to conduct a credit check for the payment methods credit card via PayPal, direct debit via PayPal or - if offered - "purchase on account" or "installment payment" via PayPal. For this purpose, your payment data may be passed on to credit agencies in accordance with Art. 6 para. 1 lit. f DSGVO on the basis of PayPal's legitimate interest in determining your solvency. PayPal uses the result of the credit check in terms of the statistical probability of non-payment for the purpose of deciding on the provision of the respective payment method. The creditworthiness information may contain probability values (so-called score values). Insofar as score values are included in the result of the credit report, they have their basis in a scientifically recognized mathematical-statistical procedure. The calculation of the score values includes, but is not limited to, address data. For further information on data protection law, including information on the credit agencies used, please refer to PayPal's data protection declaration: https://www.paypal.com/de/webapps/mpp/ua/privacy-full.
      You can object to this processing of your data at any time by sending a message to PayPal. However, PayPal may still be entitled to process your personal data if this is necessary for the contractual processing of payments.

      • Shopify Payments

      We use the payment service provider "Shopify Payments", 3rd Floor, Europa House, Harcourt Building, Harcourt Street, Dublin 2. If you choose a payment method offered via the payment service provider Shopify Payments, the payment processing is carried out by the technical service provider Stripe Payments Europe Ltd, 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland, to whom we pass on your information provided during the ordering process together with information about your order (name, address, account number, bank code, credit card number if applicable, invoice amount, currency and transaction number) in accordance with Art. 6 (1) lit. b DSGVO. Your data will only be passed on for the purpose of payment processing with Stripe Payments Europe Ltd. and only insofar as it is necessary for this purpose. You can find more information on the data protection of Shopify Payments at the following Internet address: https://www.shopify.com/legal/privacy.
      Data protection information on Stripe Payments Europe Ltd. can be found here: https://stripe.com/de/privacy

      7. Use of Social Media Plug- ins 

      7.1 Instagram plugin 

      Our website uses so-called social plugins ("plugins") of the online service Instagram, which is operated by Instagram LLC., 1601 Willow Rd, Menlo Park, CA 94025, USA ("Instagram").

      In order to increase the protection of your data when visiting our website, these buttons are not unrestricted plugins, but are only integrated into the page using an HTML link. This type of integration ensures that when you call up a page of our website that contains such buttons, no connection is yet established with the servers of Instagram. When you click on the button, a new browser window opens and calls up the Instagram page, where you can interact with the plugins there (possibly after entering your login data).
      Instagram LLC. based in the USA is certified for the us-European data protection agreement "Privacy Shield", which ensures compliance with the level of data protection applicable in the EU.

      For the purpose and scope of the data collection and the further processing and use of the data by Instagram, as well as your rights in this regard and setting options for protecting your privacy, please refer to Instagram's privacy policy: https://help.instagram.com/155833707900388/

       7.2 Facebook plugins with Shariff solution

      Our website uses so-called social plugins ("plugins") of the social network Facebook, which is operated by Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("Facebook").

      In order to increase the protection of your data when visiting our website, these buttons are not unrestricted plugins, but are only integrated into the page using an HTML link. This type of integration ensures that when you call up a page of our website that contains such buttons, no connection is yet established with Facebook's servers. When you click on the button, a new browser window opens and calls up the Facebook page, where you can interact with the plugins there (possibly after entering your login data).

      For the purpose and scope of the data collection and the further processing and use of the data by Facebook, as well as your rights in this regard and setting options for protecting your privacy, please refer to Facebook's privacy policy: https://www.facebook.com/policy.php

      8. Online Marketing

      8.1 Facebook Pixel for the creation of Custom Audiences

      Within our online offer, the so-called "Facebook Pixel" of the social network Facebook is used, which is operated by Facebook Ireland Limited, 4 Grand Canal Quare, Dublin 2, Ireland ("Facebook").
      If a user clicks on an advertisement placed by us and played on Facebook, an addition is added to the URL of our linked page by Facebook Pixel. If our site allows data sharing with Facebook through Pixel, this URL parameter is inscribed in the user's browser via a cookie that our linked site sets itself. This cookie is then read by Facebook Pixel and enables the data to be forwarded to Facebook.
      With the help of the Facebook Pixel, it is possible for Facebook, on the one hand, to determine the visitors to our online offer as a target group for the display of advertisements (so-called "Facebook Ads"). Accordingly, we use the Facebook pixel to display the Facebook ads placed by us only to those Facebook users who have also shown an interest in our online offer or who have certain characteristics (e.g. interests in certain topics or products determined on the basis of the websites visited), which we transmit to Facebook (so-called "Custom Audiences"). With the help of the Facebook pixel, we also want to ensure that our Facebook ads correspond to the potential interest of users and do not have a harassing effect. This allows us to further evaluate the effectiveness of the Facebook ads for statistical and market research purposes by tracking whether users were redirected to our website after clicking on a Facebook ad (so-called "conversion").The data collected is anonymous for us, so we cannot draw any conclusions about the identity of the user. However, the data is stored and processed by Facebook, so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes, in accordance with the Facebook data usage policy (https://www.facebook.com/about/privacy/). The data can enable Facebook as well as its partners to place advertisements on and outside of Facebook.
      The data processing associated with the use of the Facebook Pixel is carried out on the basis of our overriding legitimate interest in the evaluation, optimization and economic operation of our online offering and our advertising measures pursuant to Art. 6 (1) lit. f DSGVO.
      The information generated by Facebook is usually transmitted to a Facebook server and stored there; this may also involve transmission to the servers of Facebook Inc. in the USA. Facebook Inc. with headquarters in the USA is certified for the us-European data protection agreement "Privacy Shield", which ensures compliance with the level of data protection applicable in the EU.

      9. Rights of the data subject

      9.1 The applicable data protection law grants you comprehensive data subject rights (rights of information and intervention) vis-à-vis the controller with regard to the processing of your personal data, which we inform you about below:

      • Right to information pursuant to Art. 15 DSGVO: In particular, you have a right to information about your personal data processed by us, the processing purposes, the categories of personal data processed, the recipients or categories of recipients to whom your data have been or will be disclosed, the planned storage period and/or the criteria for determining the storage period, the existence of a right to rectification, erasure, restriction of processing, objection to processing, complaint to a supervisory authority, the origin of your data if it has not been collected from you by us, the existence of automated decision-making, including profiling, and, if applicable, meaningful information about the logic involved and the scope and intended effects of such processing that concern you, as well as your right to be informed about what guarantees exist in accordance with Art. 46 DSGVO when your data is transferred to third countries;
      • Right to rectification pursuant to Art. 16 DSGVO: You have the right to have any inaccurate data relating to you corrected without delay and/or to have any incomplete data stored by us completed;
      • Right to deletion pursuant to Art. 17 DSGVO:
      • You have the right to request the deletion of yourpersonal data if the conditions of Art. 17 (1) DSGVO are met. However, this right does not exist in particular if the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the assertion, exercise or defense of legal claims;
      • Right to restriction of processing pursuant to Art. 18 DSGVO: You have the right to request the restriction of the processing of your personal data as long as the accuracy of your data, which you dispute, is being verified, if you refuse the deletion of your data due to unlawful data processing and instead request the restriction of the processing of your data, if you require your data for the assertion, exercise or defense of legal claims after we no longer need this data after the purpose has been achieved, or if you have lodged an objection for reasons relating to your particular situation as long as it has not yet been determined whether our legitimate grounds prevail;
      • Right to information in accordance with Art. 19 DSGVO: If you have asserted the right to rectification, erasure or restriction of processing against the controller, the controller is obliged to inform all recipients to whom the personal data concerning you have been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort. You have the right to be informed about these recipients.
      • Right to data portability pursuant to Art. 20 DSGVO: You have the right to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request that it be transferred to another controller, insofar as this is technically feasible;
      • Right to revoke consent given in accordance with Art. 7 (3) DSGVO: You have the right to revoke consent to the processing of data once given at any time with effect for the future. In the event of revocation, we will delete the data concerned without delay, unless further processing can be based on a legal basis for processing without consent. The revocation of consent shall not affect the lawfulness of the processing carried out on the basis of the consent until the revocation;
      • Right to lodge a complaint pursuant to Art. 77 GDPR: If you consider that the processing of personal data concerning you infringes the GDPR, you have - without prejudice to any other administrative or judicial remedy - the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, workplace or the place of the alleged infringement.

      9.2 RIGHT OF OBJECTION

      IF WE PROCESS YOUR PERSONAL DATA WITHIN THE FRAMEWORK OF A BALANCING OF INTERESTS ON THE BASIS OF OUR OVERRIDING LEGITIMATE INTEREST, YOU HAVE THE RIGHT AT ANY TIME TO OBJECT TO THIS PROCESSING WITH EFFECT FOR THE FUTURE ON GROUNDS ARISING FROM YOUR PARTICULAR SITUATION.
      IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED. HOWEVER, WE RESERVE THE RIGHT TO CONTINUE PROCESSING IF WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING THAT OVERRIDE YOUR INTERESTS, FUNDAMENTAL RIGHTS AND FREEDOMS, OR IF THE PROCESSING IS FOR THE PURPOSE OF ASSERTING, EXERCISING OR DEFENDING LEGAL CLAIMS.

      IF WE PROCESS YOUR PERSONAL DATA FOR THE PURPOSES OF DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR THE PURPOSES OF SUCH MARKETING. YOU MAY EXERCISE THE OBJECTION AS DESCRIBED ABOVE.

      IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED FOR DIRECT MARKETING PURPOSES.

      10. Duration of the storage of personal data

      The duration of the storage of personal data is measured on the basis of the respective legal basis, the purpose of processing and - if relevant - additionally on the basis of the respective statutory retention period (e.g. retention periods under commercial and tax law).
      When processing personal data on the basis of explicit consent pursuant to Art. 6 (1) a DSGVO, this data is stored until the data subject revokes his or her consent.If there are statutory retention periods for data that is processed within the scope of legal or quasi-legal obligations on the basis of Art. 6 (1) (b) DSGVO, this data will be routinely deleted after the retention periods have expired, provided that it is no longer required for the fulfillment of the contract or the initiation of the contract and/or there is no legitimate interest on our part in continuing to store it.
      When processing personal data on the basis of Art. 6(1)(f) DSGVO, this data is stored until the data subject exercises his or her right to object pursuant to Art. 21(1) DSGVO, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims.
      When processing personal data for the purpose of direct marketing on the basis of Article 6 (1) (f) DSGVO, this data is stored until the data subject exercises his or her right to object pursuant to Article 21 (2) DSGVO.
      Unless otherwise stated in the other information in this statement about specific processing situations, stored personal data will otherwise be deleted when it is no longer necessary for the purposes for which it was collected or otherwise processed.

       

      11. Contact us

      For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail at info@treasuresbykyem.com or by mail using the details provided below:

      Treasures by Kyem, Frieda kyem , Von-Stauffenberg-Straße 41, 82008 Unterhaching, Deutschland