+1 (914) 5200573

Support 24/7

0
0
0 Your Cart $0.00

Cart (0)

No products in the cart.

Privacy Policy - Wrist Charm Store

1. Information About Processors and Third-Country Transfers

Wrist Charm Store may use service providers to process personal data on our behalf (processors) for a number of processes.
Wrist Charm Store has concluded data processing contracts in accordance with Article 28 of the General Data Protection Regulation of the European Union (hereinafter GDPR) with all processors specified in this Data Privacy Policy. These contracts ensure that the processors process the data on our behalf in accordance with the GDPR and that the rights of the data subject are protected.

When personal data are transferred to a third country (e.g., the USA) in connection with these data processing contracts, Wrist Charm Store takes appropriate measures to ensure that a substantially equivalent level of data protection is provided.
Wrist Charm Store has signed standard data protection clauses with all processors that are based in a third country. These clauses have been adopted by the European Commission and, in accordance with Article 46(2)(c) GDPR, constitute an appropriate safeguard to ensure the required level of data protection. In addition, we only commission service providers based in a third country that can demonstrate they can ensure a substantially equivalent level of protection for the personal data transferred by taking appropriate additional measures.

 

2. Collection and Storage of Personal Data and the Nature and Purpose of the Use Thereof

2.1. Visiting the Website

When you visit our website, the browser you are using on your device automatically sends information to our website server. This information is temporarily stored in a log file. The following information is automatically collected and automatically deleted after 20 weeks:

  • IP address of the requesting computer
  • Date and time of access
  • Name and URL of the accessed file
  • Website from which the site was accessed (referrer URL)
  • Session ID
  • User agent
  • Cookies / flash cookies
  • Browser used, and if applicable, your operating system and access provider.

We process the data listed above for the following purposes:

  • To ensure that the connection to the website is established smoothly.
  • To ensure that our website can be used with ease and to optimize our platform.
  • To ensure and evaluate system security and stability.
  • To detect and prevent attacks on our website.
  • For other internal statistical and administrative purposes.

In general, we do not use the collected data to identify you as an individual. However, in the event of an attack on our network infrastructure, your IP address will be analyzed in order to assert or defend against legal claims.

The data processing takes place on the basis of our legitimate interests in accordance with Article 6(1)(f) GDPR. Our legitimate interests result from the aforementioned purposes for data collection.

We also use cookies and analytics services when you visit our website. For further details, see Sections 6. und 7. of this Data Privacy Policy.

2.2. Registering as a User on Our Platform

Buyers, private sellers, and professional dealers can create a Wrist Charm Store account on our platform. In order to set up the account, the data specified under Sections 3.2.1., 3.2.2., 3.2.3., and 3.2.4. must be provided. These data are processed for the following purposes:

  • To identify you as our contract partner;
  • To establish, formulate, execute, and amend contractual relationships concerning the use of our platform and the services it offers;
  • To assess the plausibility of the data provided;
  • To contact you with any questions that arise;
  • To assert any claims against you, as necessary.

The processing of the data specified under Sections 3.2.1., 3.2.2., 3.2.3., and 3.2.4. is carried out upon your request and is necessary for the purposes outlined above, i.e., for the use of the platform and thus for the performance of the contract as well as in order to take steps prior to entering into a contract, in accordance with Article 6(1)(b) GDPR.

In addition, you must provide your taxpayer ID number if you use our platform to sell items. The legal basis for collecting your taxpayer ID number is Article 6(1)(f) GDPR. Our legitimate interest required by this clause is reporting obligations under tax law stipulated in the German Platform Transparency Act and thus the prevention of administrative offenses. If you are not a reportable seller within the meaning of the German Platform Transparency Act, your taxpayer ID number will be deleted upon expiry of the reporting period, unless you have consented to storage beyond this point in accordance with Article 6(1)(a) GDPR. For more information on the processing of your taxpayer ID number, see Section 4.1..

You may have the option of providing voluntary information, depending on the type of account you have. We process voluntarily provided information on the basis of our legitimate interests in accordance with Article 6(1)(f) GDPR. This information is used to facilitate contact with you and ensure any questions that arise are answered quickly.

If you delete your account, your data are automatically deleted to prevent further use unless, in accordance with Article 6(1)(c) GDPR, these data must be stored for a longer period in line with retention and documentation obligations under tax and commercial law (stipulated by the German Commercial Code, German Criminal Code, or the Fiscal Code of Germany), or if you have consented to storage for a longer period in accordance with Article 6(1)(a) GDPR.

2.2.1. Wrist Charm Store Account

The following data are required to register as a user (buyer) and set up an account:

  • Valid email address
  • Password of your choice

These data are used as your login information.

You also have the option of uploading a profile picture and voluntarily providing the following data:

  • Your first and last name
  • Your address (street, post code, city/town, country)
  • Your phone number
  • Your date of birth
  • Your gender
  • Your profession
  • The languages you speak.

2.3. Complying With US Statutory Tax Requirements (Sales Tax)

In order to comply with US statutory tax requirements, we use AvaTax, a cloud-based solution from our processor Avalara, Inc. (255 South King Street Suite 1800 Seattle, WA 98104, USA). AvaTax automates the determination of sales tax rates and the complex calculation of US sales tax. For this purpose, the following personal data belonging to dealers (see Section 3.2.4.) based in the USA will be processed:

  • Delivery and billing address

The purpose of data collection is to determine the regional tax regulations we are subject to. In the US, these differ not only at state level but, to some extent, also from county to county. It is therefore essential for us to know exactly where a dealer is located in the USA in order to determine the correct sales tax rate using AvaTax.

The legal basis for the processing of your personal data is Article 6(1)(c) and (f) GDPR, as the processing is necessary for the fulfillment of our legal obligation under US tax laws. In addition, as an international marketplace, we have a legitimate interest in observing the legislation in the markets in which we operate. Only the personal data of dealers in the USA who are subject to US tax laws are processed.

 

2.4. Using Our Platform-Internal Messenger

Registered users are able to use the platform-internal messenger to communicate with us and with dealers, buyers, and private sellers. Registration is required to use the platform-internal messenger (see Section 3.2.).

Communication via the platform-internal messenger always takes place between you, the person you are contacting, and Wrist Charm Store. Wrist Charm Store is an active participant in the communication and a moderator thereof. When using the platform-internal messenger, we will automatically and manually scan the messages you send. The purposes of doing so are to:

  • Prevent fraud;
  • Detect any illegal activities and violations of our general terms and conditions;
  • Improve communication and customer support.

The data processing takes place on the basis of our legitimate interests in accordance with Article 6(1)(f) GDPR. The processing of data for the purposes specified above is considered a recognized legitimate interest under the GDPR.

You can manage the messages you have sent and received independently, or submit a request for us to delete them. In the event of attempted fraud, illegal activity, or a violation of our general terms and conditions, we may continue to store any relevant messages on the basis of our legitimate interests in accordance with Article 6(1)(f) GDPR for use as evidence and for establishing, exercising, and defending our legal claims, even if you have submitted a deletion request.

2.5. Automatically Creating a Customer Profile

We create a customer profile for your Wrist Charm Store account in order for you to use our platform as a registered user/dealer. We categorize your customer profile and supplement it with additional data so that you only receive information likely to be of interest to you. To do so, we use the following data:

  • Your personal information (e.g., your basic profile information);
  • The length of your membership;
  • Statistical information (e.g., the type, frequency, and intensity of your use of the website);
  • The history of the listings, brands, and sellers you've visited.

We process the data listed above for the following purposes:

  • For statistical evaluation;
  • For market research;
  • To ensure that the platform functions properly and that it is user-oriented;
  • To personalize our services;
  • To show advertising to you which is exclusively targeted to your actual or assumed needs and thus eliminate irrelevant advertising.

The data processing takes place on the basis of our legitimate interests in accordance with Article 6(1)(f) GDPR. The processing of data for the purposes specified above is considered a recognized legitimate interest under the GDPR.

We may only create a full profile for you if you have given us your consent for the use of wristcharmstore's personalization cookies in accordance with Article 6(1)(a) GDPR (further information about cookies is provided under Section 6.).

 

2.6. Using Our Contact Form

You can use a form on our website to contact us with questions or contact a dealer / private seller. If you wish to address your question to a dealer / private seller, we will forward your contact request to them. The following data are required to use the contact form:

  • Valid email address
  • Your question/message

We process the data listed above for the following purposes:

  • To identify you;
  • To answer your question;
  • To forward your question to the relevant dealer / private seller, as needed.

In addition, you can voluntarily provide your name and phone number for a quicker response time.

When you use our contact form, we may scan and analyze your message. This is carried out for the purposes of preventing fraud, detecting illegal activity, detecting violations against our general platform terms and conditions, and improving communication and customer support in general.

The data processing is carried out upon your request and is necessary for the purposes outlined above, i.e., for the performance of the contract as well as in order to take steps prior to entering into a contract, in accordance with Article 6(1)(b) GDPR. In addition, data processing with regard to the contact request is based on our legitimate interests in accordance with Article 6(1)(f) GDPR. These also result from the aforementioned purposes.

The personal data required to use the contact form are automatically deleted once your request has been processed.

 

2.7. Shipping Packages

In order for you to track your order electronically from the time it is shipped, private sellers are asked to provide us with the relevant delivery service and tracking number. Dealers are required to provide the relevant tracking number. Using this information, our service provider, AfterShip Ltd. (One Midtown 38/f Hoi Shing Road Tsuen Wan Unit 2 No. 11, Hong Kong), provides a method to track the delivery status. This involves the processing of the following data:

  • Your shipping or delivery address
  • Other shipping information
  • Order data
  • Data about the shipment status

These data are processed on the basis of Article 6(1)(b) GDPR since they are necessary for the performance of the contract for the use of the platform or for the performance of the sales contract.

2.8. Leaving a Comment in Our Magazine

You may leave comments on articles published in our magazine. In order to publish your comment, your IP address is processed. You must also provide the following data in addition to your comment:

  • Your name
  • a valid e-mail address
  • the comment.

Commenting on articles is voluntary. We use your personal data to publish your comment and to give other users the opportunity to respond to it. We require your email address in order to be able to contact you and to pursue any legal violations. Your IP address is also required to pursue any legal violations.

The data processing takes place on the basis of our legitimate interests in accordance with Article 6(1)(f) GDPR to offer you the opportunity to comment on articles in our magazine and to interact with us and other users.

 

2.9. Collection of Personal Data From Third Parties

On rare occasions, users may communicate to us personal data from third parties (e.g., authorized representatives, contact persons, other account holders). In such instances, users are required to provide information only to the extent that the third-party data subject is aware of. In particular, this awareness on the part of the third-party data subject includes information about us as the data controller, as well as the disclosed data and the purpose of said disclosure.
In all other respects, this data privacy information applies to third-party data subjects, to the extent that said information is not only relevant for contractual partners. This includes, in particular, information about us as the data controller and our data privacy officer, as well as information about the rights of data subjects. If we, as an exception, receive contact data for a third-party data subject, we will inform the data subject directly. However, we do not typically request contact data from third parties. We will only use the third-party information for the intended purpose (e.g., necessary contact and payment processing using the account details provided).
Data belonging to third-party data subjects will be deleted at the latest upon the deletion of the data pertaining to the stated person, or if this person amends or deletes the data concerned.

The processing of the data of third-party data subjects takes place on the basis of our legitimate interests in accordance with Article 6(1)(f) GDPR in providing our contractual partners the opportunity to justifiably involve third parties.


 

3. Disclosure of Data

We only disclose your personal data to third parties when:

  • You have provided your express consent in accordance with Article 6(1)(a) GDPR;
  • Disclosure is necessary for compliance with a legal obligation in accordance with Article 6(1)(c) GDPR;
  • Disclosure is necessary for the establishment, exercise, or defense of legal claims and there is no reason to assume that you have an overriding legitimate interest that precludes disclosure of your data in accordance with Article 6(1)(f) GDPR.

3.1. Disclosure Within the Context of Tax Reporting Obligations

Under the German Act Implementing EU Directive 2021/514 on Administrative Cooperation in the Field of Taxation and the Modernization of Procedural Tax Law (hereinafter "DAC7"), we, as a platform operator, are obligated to process information about persons and companies that perform certain paid activities using our platform. For the purposes of taxation, these details must be reported annually to the German Federal Central Tax Office, together with information about the nature and scope of these activities. The German Federal Central Tax Office subsequently forwards the data reported by us to the responsible tax authorities in Germany or their counterparts in other EU member states.

Accordingly, the following personal data will be transferred to the German Federal Central Tax Office on an annual basis, provided that you are a reportable seller:

  • Your first and last name
  • Your address
  • Your taxpayer ID number(s)
  • Your date of birth
  • Your VAT ID number (if applicable)

If you are registered as a professional dealer, we, as a platform operator, are also obligated by the DAC7 to transfer the following information to the German Federal Central Tax Office on an annual basis, provided that you are a reportable seller:

  • Your company name
  • Your address
  • Your taxpayer ID number(s)
  • Your VAT ID number
  • Your commercial registration number.

In the course of transferring the information described above to the German Federal Central Tax Office, you may continue to assert your rights as a data subject under Section 12. of our Data Privacy Policy.

 

3.2. Disclosure as Joint Controllers for Processing Personal Data

As a platform operator, we jointly determine the purposes and means of certain processing operations with other data controllers, such that we act as joint controllers within the meaning of Article 26 GDPR.

 

3.3. Disclosure of Data in Connection With Fixed-Term Cooperations With Marketing Agencies

In order to run marketing campaigns, we work closely with various marketing agencies. We transfer personal data to our marketing agencies, where necessary, to measure the success of the campaigns, optimize our activities in online marketing, and optimize our platform in a user-oriented manner. The personal data are collected as part of the use of marketing pixels (see Section 6.2.) and, where necessary, transferred to the relevant marketing agencies for the purposes described above. The relevant data categories include, but are not limited to, the following:

  • Information about your browser and device;
  • Our website address and the actions you took on our website;
  • Date and time of the request;
  • Your IP address.

These personal data can only be collected if you have given us your consent to use the corresponding marketing pixel in accordance with Article 6(1)(a) GDPR. The transfer of data to our marketing agencies takes place on the basis of our legitimate interests mentioned above in accordance with Article 6(1)(f) GDPR.

If your data are transferred, the marketing agencies are our processors (see Section 2.). We generally only work with agencies for a limited period of time. By concluding data processing contracts, the marketing agencies are obligated to immediately delete all personal data they received from us and not use these data for their own purposes after the contractual relationship has ended.

 

 

 

4. Analysis Tools

 

4.1. Tracking Tools

The following tracking measures are only used if you have provided your express consent in accordance with Article 6(1)(a) GDPR. You can withdraw your consent separately for each individual tool with future effect at any time with the help of the Consent Manager, which you will find at the end of this Data Privacy Policy. The lawfulness of processing up until the time you withdraw your consent is not affected. The purpose of the tracking measures is to ensure that our website has a user-oriented design and continues to be optimized. At the same time, we use the tracking measures to statistically record the use of our website and evaluate such use to further optimize our offerings for your benefit.

The purposes and categories of the data processing are listed below.

4.2. Google Analytics

In order to ensure a user-oriented design and continuous optimization of our websites, we use Google Analytics, a web analytics service provided by our processor Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter "Google"). In this context, pseudonymized user profiles are created and cookies (see Section 6.1.) are used. The information generated by the cookie about your use of this website includes:

  • Your browser type and version
  • Your operating system
  • The referrer URL (the previous page you visited)
  • The host name of the querying computer (IP address)
  • Time of the server request

These data are transferred to one of Google's servers in the USA and stored there.

The information is used to evaluate website use, compile reports on website activity, and to provide further services associated with website and Internet usage for the purposes of market research and the user-oriented design of these web pages. This information may also be transferred to third parties as appropriate, insofar as this is required by law or insofar as these parties process the data on our behalf. Under no circumstances will your IP address be merged with other data from Google. IP addresses are anonymized to eliminate any possibility of this happening (IP masking).

You can disable the use of cookies by selecting the appropriate settings in your browser. However, this may prevent you from using all the features of our site to their full extent.

 

 

5. Rights of the Data Subject

You have the right:

  • To withdraw consent you have granted us at any time in accordance with Article 7(3) GDPR. If you do so, we are no longer permitted to continue the data processing that was based on this consent in the future.
  • To access information about the personal data of yours that we are processing in accordance with Article 15 GDPR. In particular, you are entitled to information about the purposes of the processing; the categories of personal data concerned; the recipients or categories of recipient to whom the personal data have been or will be disclosed; the envisaged period for which the personal data will be stored; the existence of the right to request rectification, erasure, and restriction of processing of personal data or to object to such processing; the right to lodge a complaint; for instances in which the personal data are not collected from the data subject, any available information as to their source; and the existence of automated decision-making, including profiling and meaningful information on their details.
  • To request the rectification of inaccurate personal data belonging to you and have incomplete personal data completed in accordance with Article 16 GDPR.
  • To request the erasure of personal data belonging to you and stored by us, unless the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise, or defense of legal claims in accordance with Article 17 GDPR.
  • The right to request the restriction of the processing of your personal data in accordance with Article 18 GDPR, insofar as you contest the accuracy of your personal data; the processing is unlawful, but you oppose its erasure; we no longer need the personal data, but you require them for the establishment, exercise, or defense of legal claims; or you have objected to the processing in accordance with Article 21 GDPR.
  • To receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request that they be transferred to another controller in accordance with Article 20 GDPR.
  • To lodge a complaint with a supervisory authority in accordance with Article 77 GDPR. You can do so with a supervisory authority in the place of your permanent residence, place of work, or our company headquarters.

5.1. Right to Object

If your personal data are processed on the basis of legitimate interests in accordance with Article 6(1)(f) GDPR, you have the right to object to the processing of your personal data in accordance with Article 21 GDPR provided there are grounds relating to your particular situation or the objection pertains to direct marketing. In the latter case, you have a general right to object which we will act upon without you having to provide special circumstances.

If you would like to exercise your right to object, you can do so by sending an email to support@wristcharmstore.com stating this intention.

 

5.2. Data Protection

We use the prevalent TLS (Transport Layer Security) protocol for our website in combination with the highest level of encryption supported by your browser. TLS is a secure and proven standard used in online banking, as well as many other applications. A secure TLS connection is indicated among other things by the letter "s" appended to the "http" (i.e., https://…) in the address bar of your browser, as well as a padlock symbol either in your address bar or at the bottom of your browser.

We also implement appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or total loss, destruction and unauthorized access by third parties. The security measures we implement are continuously upgraded to remain up to date with advances in technology.

If you register with us as a user, you can only access your user account after entering your personal password. You should always keep your access data confidential and close the browser window when you have finished communicating with us, especially if you share your computer with others.

We take company-internal data protection very seriously. Our employees and contracted service companies are obliged to maintain strict confidentiality and to comply with data protection regulations.

 

5.3. Retention Period

In principle, your data will be deleted, taking into account retention periods under commercial and tax law, when the purpose for which the data were collected no longer applies, unless you have consented to further processing. We also reserve the right to retain certain categories of data for a period of three years, provided that the data can be used to prove certain facts and to establish, exercise, or defend legal claims.

 

5.4. Updates and Amendments to This Data Privacy Policy

This is the current version of our Privacy Policy after it was last updated on November 2023 .

It may be necessary to amend this Privacy Policy as our website and offerings are updated, or to comply with changes in legal or regulatory requirements. You can access and print the current version of this Privacy Policy on our website at any time

Categories

Menu

Your experience on this site will be improved by allowing cookies Cookie Policy