The Vieri GmbH, Witzlebenstr. 38 , 14057 Berlin (“Vieri”)
The protection of personal data is very important to us. Whether data is collected and for what purposes it is processed is explained in the following privacy policy. We adhere to all applicable legal regulations regarding the protection of personal data and data security. Our employees also receive extensive training and are obligated to maintain confidentiality and comply with all data protection regulations.
I. Name and contact details of the person responsible
The controller within the meaning of Art. 4 EU GDPR for the processing of personal data is:
Vieri GmbH
Witzlebenstr. 38
II. What data is collected?
Server log files
We collect data, so-called server log files, about every access to the server on which the https://vieri.com This access data includes, for example, the name of the website accessed, the file, the date and time of access, the amount of data transferred, notification of successful access, the browser type and version, the user's operating system, the referrer URL (the previously visited page), the IP address, and the requesting provider.
The legal basis for data processing is Art. 6 (1) (f) EU GDPR.
User account
When setting up a user account, we collect personal data from the user. This includes their name, email address, address, and – on a voluntary basis – their telephone number. When purchasing a ring, we ask for their ring size.
The legal basis for data processing is Art. 6 (1) (a) EU GDPR.
Contact form
We provide a contact form to give you the opportunity to contact us electronically. The data you enter in the input form will be transmitted to us and stored. For this purpose, you must provide your email address. Any further information is voluntary.
The legal basis for data processing is Art. 6 (1) (a), Art. 6 (1) (b) and Art. 6 (1) (f) EU GDPR.
Contact us
If you contact us using the email address provided on our website, I will process the personal data you provide – email address, additional contact information and your name – for the purpose of answering your inquiry.
The legal basis for data processing is Art. 6 (1) (b) and Art. 6 (1) (f) EU GDPR.
Newsletter
We offer a regular newsletter, which requires your email address to receive. Before the newsletter is sent, you must expressly confirm that you wish to receive our newsletter using the so-called double opt-in process. You will then receive a confirmation and authorization email with a link. By clicking on this link, you confirm that you wish to receive the newsletter. This registration will be logged to provide legal evidence of the registration process.
You can unsubscribe from the newsletter at any time. The corresponding link is included in every newsletter sent. Alternatively, you can revoke your consent by contacting us at info@vieri.com .
The legal basis for data processing is Art. 6 (1) (a) EU GDPR.
Cookies
Our website uses cookies. These are short data packets exchanged between computer programs or text files stored on the user's computer system. Session cookies are deleted when you close your browser, while persistent cookies remain on your device and allow us to recognize your browser the next time you visit. The following data is stored and transmitted, for example: login information, items in the shopping cart, etc.
You can set your browser to inform you about the setting of cookies and to decide individually whether to accept them, or to deny the acceptance of cookies in certain cases or in general, for example, for third-party cookies. If you do not accept cookies, the functionality of our website may be limited.
The legal basis for data processing is Art. 6 (1) (f) EU GDPR.
III. For what purposes is the data used?
Personal data will only be collected, stored and processed to the extent necessary for the provision of the service, the execution of the contract or the response to the inquiry.
We process your personal data only in strict compliance with data protection regulations. In particular, we only process such data if we have legal permission.
In detail:
Server log files
We process the aforementioned data to establish a connection to our website. This processing is necessary to ensure the security and stability of the system.
We use the log data only for statistical evaluations, for the purposes of business operations, service security and the optimization of the offer.
We reserve the right to subsequently review the log data if there is concrete evidence to suspect illegal use of the service provided.
User account
Creating a user account allows you to use the services we offer. Based on the information you enter, we will send you an invoice for the purchased items and locations.
Contact form
The contact form allows you to easily contact us. Collecting your email address is essential to responding to your inquiry. If additional data is processed, such as name, address, or similar, this processing serves to identify the respective user and thus best address their request and prevent any misuse of the contact form.
Contact us
Processing your email address is essential to responding to your request. If additional data is processed, such as name, address, or similar, this processing serves to individualize the respective user and thus be able to respond to their request in the best possible way.
Newsletter
The newsletter serves the purpose of informing you about our offers and current developments. Your email address is collected to send you the newsletter.
Cookies
The use of cookies makes it possible to optimally adapt the website to the needs of each user. Cookies can be used, for example, to create virtual shopping carts, specify language preferences, or record information entered once, such as search terms or location data. The use of cookies enables us to analyze user behavior, the performance of the website (e.g., loading times when using different browsers), and to display suitable, personalized advertising based on user behavior.
IV. Will data be passed on to third parties and if so, which ones?
As a general rule, the data you provide will not be made available to third parties. However, in individual cases, it may be necessary to transfer your personal data to companies entrusted by us with the provision of specific services in order to execute the contract. These third parties, in turn, are obligated to comply with the statutory provisions when handling and processing this data.
We will pass on your payment details to the commissioned credit institution during payment processing.
When paying by credit card via PayPal or by direct debit via PayPal, we will forward your payment data to PayPal (Europe) S.à rl et Cie, SCA, 22-24 Boulevard Royal, L-2449 Luxembourg, as part of the payment processing. Further information on the data protection policy of PayPal (Europe) S.à rl et Cie, SCA can be found here .
When paying by credit card via PayPal or by direct debit via PayPal, we will forward your payment data to PayPal (Europe) S.à rl et Cie, SCA, 22-24 Boulevard Royal, L-2449 Luxembourg, as part of the payment processing. Further information on the data protection policy of PayPal (Europe) S.à rl et Cie, SCA can be found here .
When paying via the payment service Stripe, the data is transmitted in encrypted form to Stripe Payments Europe Ltd., Block 4, Harcourt Centre, Harcourt Road, Dublin 2, Ireland. Further information on Stripe's data protection policy can be found here .
When paying via the SumUp payment service, the data will be transferred to SumUp Payments Limited, 32-34 Great Marlborough St, W1F 7JB, London, United Kingdom. Further information on SumUp's data protection policy can be found here .
Disclosure to authorized authorities and government institutions will only occur within the scope of statutory disclosure obligations and in the event of a court order requiring this. In these cases, we may provide the information, e.g., to assert, exercise, and defend legal claims, enforce existing contracts, in the context of allegations of fraud, security measures, or generally applicable legal regulations.
Personal data will not be passed on outside the scope described here without your express consent.
Under no circumstances will we sell or rent personal data to third parties.
V. How long will the data be stored?
Your data will be stored for as long as it is necessary to fulfill the purposes stated above. As soon as this is no longer the case, e.g., after the contract has been fully executed, it will be deleted or blocked if required by commercial or tax law. From the point at which statutory retention periods no longer apply, the data will be deleted unless you have expressly consented to further use.
Server log files are stored on the server for 30 days.
VI. Your rights as a data subject
As a data subject, you are entitled to the rights listed below. These rights arise from the provisions of the General Data Protection Regulation and are presented here in a partly simplified form.
1. Right to information
According to Art. 15 of the GDPR, you have the right to request confirmation from us as to whether personal data concerning you is being processed. If this is the case, you have the right to information about this personal data and the information specified in Art. 15 (1) (2) of the GDPR. This includes, in particular, the purpose of the processing, the categories of data processed, the recipients to whom the data has been or will be disclosed, and, where possible, the planned storage period or the criteria for the storage period.
2. Right to rectification
According to Art. 16 of the GDPR, you have the right to request that we immediately correct any inaccurate personal data concerning you. Taking into account the purposes of the processing, you have the right to request that incomplete personal data be completed, including by means of a supplementary statement.
3. Right to erasure
According to Art. 17 of the GDPR, you have the right to request that we delete personal data concerning you immediately. We are obligated to delete personal data immediately if one of the reasons listed in Art. 17 (1) of the GDPR applies. These reasons include, for example, that the data is no longer necessary for the purposes for which it was collected or otherwise processed.
4. Right to restriction of processing
According to Art. 18 of the GDPR, you have the right to request that we restrict processing if one of the conditions specified in Art. 18 of the GDPR applies. This includes, for example, if you dispute the accuracy of the personal data. In this case, we may only process the data to a limited extent for as long as it takes to verify the accuracy of the personal data.
5. Right to data portability
According to Art. 20 of the GDPR, you have the right to receive the personal data concerning you that you have provided to us in a structured, common, and machine-readable format. You have the right to transmit this data to another controller, i.e., another data processing entity, without hindrance, provided that the original processing was based on consent or was necessary to perform a contract.
6. Right of objection
According to Art. 21 of the GDPR, you have the right to object at any time to the processing of personal data concerning you if this data is processed on the basis of Art. 6 (1) (e) or (f) of the GDPR and there are reasons related to your personal situation. You can object to the processing of data for direct marketing purposes at any time. Personal data will then no longer be processed for this purpose. You can exercise your right of objection by submitting an informal declaration. A written declaration or, alternatively, an email to the above-mentioned contact address is sufficient.
7. Right to withdraw consent
According to Art. 7 (3) of the GDPR, you have the right to revoke your consent to the processing of your data at any time. This does not affect the legality of the processing carried out on the basis of your consent until the revocation. You can exercise your right of revocation by submitting an informal declaration. A written declaration or, alternatively, an email to the above-mentioned contact address is sufficient.
8. Automated decision-making in individual cases, including profiling
According to Art. 22 of the GDPR, you have the right not to be subjected to a decision based solely on automated processing – including profiling – that produces legal effects concerning you or similarly significantly affects you. Art. 22 (1) GDPR provides for exceptions to this, with some reverse exceptions in Art. 22 (4) GDPR.
9. Right to lodge a complaint with a supervisory authority
According to Art. 15 of the GDPR, you have the right to request confirmation from us as to whether personal data concerning you is being processed. If this is the case, you have the right to information about this personal data and the information specified in Art. 15 (1) (2) of the GDPR. This includes, in particular, the purpose of the processing, the categories of data processed, the recipients to whom the data has been or will be disclosed, and, where possible, the planned storage period or the criteria for the storage period.
2. Right to rectification
According to Art. 16 of the GDPR, you have the right to request that we immediately correct any inaccurate personal data concerning you. Taking into account the purposes of the processing, you have the right to request that incomplete personal data be completed, including by means of a supplementary statement.
3. Right to erasure
According to Art. 17 of the GDPR, you have the right to request that we delete personal data concerning you immediately. We are obligated to delete personal data immediately if one of the reasons listed in Art. 17 (1) of the GDPR applies. These reasons include, for example, that the data is no longer necessary for the purposes for which it was collected or otherwise processed.
4. Right to restriction of processing
According to Art. 18 of the GDPR, you have the right to request that we restrict processing if one of the conditions specified in Art. 18 of the GDPR applies. This includes, for example, if you dispute the accuracy of the personal data. In this case, we may only process the data to a limited extent for as long as it takes to verify the accuracy of the personal data.
5. Right to data portability
According to Art. 20 of the GDPR, you have the right to receive the personal data concerning you that you have provided to us in a structured, common, and machine-readable format. You have the right to transmit this data to another controller, i.e., another data processing entity, without hindrance, provided that the original processing was based on consent or was necessary to perform a contract.
6. Right of objection
According to Art. 21 of the GDPR, you have the right to object at any time to the processing of personal data concerning you if this data is processed on the basis of Art. 6 (1) (e) or (f) of the GDPR and there are reasons related to your personal situation. You can object to the processing of data for direct marketing purposes at any time. Personal data will then no longer be processed for this purpose. You can exercise your right of objection by submitting an informal declaration. A written declaration or, alternatively, an email to the above-mentioned contact address is sufficient.
7. Right to withdraw consent
According to Art. 7 (3) of the GDPR, you have the right to revoke your consent to the processing of your data at any time. This does not affect the legality of the processing carried out on the basis of your consent until the revocation. You can exercise your right of revocation by submitting an informal declaration. A written declaration or, alternatively, an email to the above-mentioned contact address is sufficient.
8. Automated decision-making in individual cases, including profiling
According to Art. 22 of the GDPR, you have the right not to be subjected to a decision based solely on automated processing – including profiling – that produces legal effects concerning you or similarly significantly affects you. Art. 22 (1) GDPR provides for exceptions to this, with some reverse exceptions in Art. 22 (4) GDPR.
9. Right to lodge a complaint with a supervisory authority
According to Article 77 of the GDPR, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement, without prejudice to any other administrative or judicial remedy, if you consider that the processing of personal data concerning you infringes this Regulation.
In this case, the competent supervisory authority is:
Berlin Commissioner for Data Protection and Freedom of Information
Berlin Commissioner for Data Protection and Freedom of Information
Friedrichstrasse 219
10969 Berlin
Phone: 030/13 889-0
Fax: 030/215-5050
www.datenschutz-berlin.de
VII. Third-party services
We use the following third-party services:
• Instagram Inc., subsidiary of Facebook Inc., 181 South Park Street, San Fransisco, CA 94107, USA (“Instagram”)
• MailChimp (The Rocket Science Group, LLC, 675 Ponce de Leon, Avenue NE, Atlanta, GA 30308, USA (“MailChimp”)
A third-party provider may be located in a third country, i.e., a country where the GDPR does not have direct legal effect. In this case, data will only be transferred if you have given your consent, an adequate level of data protection exists, or if there is other legal permission.
Google, Facebook/Instagram, Twitter, LinkedIn and MailChimp operate under the Privacy Shield Agreement (EU-US Privacy Shield), which means that the requirements of the Privacy Shield Agreement are equivalent to the data protection level of the European Union and that the data is treated accordingly.
The purpose of data processing is generally user-specific advertising, meaning that personalized advertising can be displayed that corresponds to the user's presumed interests or is derived from their previous usage behavior. For this purpose, cookies are stored on users' devices. These cookies can store usage behavior and thus map areas of interest.
We would like to clarify that users should contact the respective third-party providers directly in the event of requests for information and/or the assertion of other data subject rights. These providers have access to and control over the user data stored and processed there and can provide information and/or take appropriate action. If you contact us directly, we will try to support your request as best as possible. However, since we have no access to or control over the data stored by third-party providers, our options are limited.
1. Facebook, Instagram
We have integrated plugins from the social networks and services Facebook and Instagram on our website https://vieri.com/.
To ensure your maximum protection and adhere to the principle of data minimization, we use the 2-click method. This means that direct contact between the social network and you is only established when you actively click the corresponding button. If the social network button is not clicked, no data is collected, no activities are logged, and no browsing profile is created.
If you click the button, the respective service provider receives the information that you have accessed our website. This does not require a user account with the respective service, nor do you need to be logged in if you have one. However, if you have a user account with the service provider and are logged in, this data will be assigned directly to the account. You can prevent this by logging out of your user account for the respective service before clicking the button.
We have no influence on whether, to what extent, for what purpose and for how long the service providers and social networks collect personal data.
Further information on how user data is handled can be found here:
2. MailChimp
Our email newsletter is sent via the service provider MailChimp. MailChimp offers statistical analysis options for usage data, although this analysis is generally group-related and not individual. The usage data generated by MailChimp is generally not analyzed individually. Where possible, any tracking offered by MailChimp is deactivated. However, if you access a newsletter in a browser using the link provided in the email for correct display, the analysis tool Google Analytics is used on the website then displayed. Only MailChimp has access to the data generated by this. However, you can prevent tracking by Google Analytics by using certain browser plug-ins.
The data protection regulations can can be viewed here .
VIII. Technical and organizational measures
We take technical and organizational measures to ensure that the security and protection requirements of the EU GDPR are met and that personal data is protected against loss, destruction, manipulation, or access by unauthorized persons. These measures are always adapted to the current state of the art.
IX. Changes to the Privacy Policy
We reserve the right to change this privacy policy at any time. We ask you to review the privacy policy regularly.