Privacy Policy of RaffaelloVintage.etsy.com
By registering and shopping on RaffaelloVintage.etsy.com, the User agrees that the site will collect, store, record and work with the information provided to it in accordance with the Personal Data Protection Act (GDPR).
The site reserves the right to send to the User both information regarding his order and messages with promotions, discounts and new products. The user has the right to refuse to receive the latter information.
1. Personal information collected by the site
The information we collect concerns the execution of the order requested by the User - name, email address, delivery address, payment details and details of the ordered product itself. Performing a Custom order to customize a User's product may be associated with receiving pictures that we use to perform the order. Within 60 days of their receipt, they are permanently deleted.
2. Regulations on which the collection, use and sharing of personal information is based
The GDPR (LPPD) Regulation requires us to present the general situations where we process customer information, including:
• When necessary to process and execute the Goods / Service claimed by the User, dispute resolution, maintenance, and for the needs of the NRA, the CPC and other public authorities.
• If there is a legal requirement to keep user information - court order, legal obligations, legal claim.
• By agreeing to provide the information personally by the User, which consent may be withdrawn at any time.
Objectives for collecting information:
The collected data is used to settle our relationship with the User as a customer of RaffaelloVintage.etsy.com This may include:
• Order data - this is expressed in the information needed to complete the order - processing the order, arranging delivery, offering return conditions, etc.
• Administrative data - includes our communication with the User, correspondence, whether or not related to a particular order, queries, news, and more.
Protection
We constantly develop and monitor the security of all our sites, which is to protect our users' privacy from malicious external influences. For this reason, the requirement to access the site includes checking the selected username and password.
Advertising
Based on User's orders and preferences, we may send advertising messages that relate to both products and services to RaffaelloVintage.etsy.com and our partners. Automatic data collection, which is linked to partial sharing of user information with our partners, is solely and entirely for the purpose of providing user-friendly ads.
Compliance with the law
In our business, we comply with the applicable laws, regulations, court orders, requests from the government and law enforcement agencies to legitimately offer our products and services, protecting our personal interest, that of our customers, and resolving potential consumer disputes.
3. Third parties with whom we share personal information
The information provided by the User in registering and using the RaffaelloVintage.etsy.com site is important to our business. Therefore, sharing of this data occurs in very limited cases, as follows:
• Subcontractors - these are our partners responsible for making the service / product desired by the User - printing an image and passing the product to a courier delivery company.
• Providers - Moving the ordered product is done through a courier company. For the purpose of this activity, we share user information with them, but only to the extent that the service (delivery address, names, and phone number) is available.
Duration of storing personal information
Personal data is stored for as long as necessary to provide our services as described in our Privacy Policy. However, for compliance with legal and regulatory requirements, it may be necessary to extend the period for storing the data. The maximum period for which this happens is 4 years.
4. Buyer's rights in respect of the use of his or her personal data
Based on the requirements of the Personal Data Protection Act (GDPR), the following rights apply to our clients residing in EU countries as well as certain other territories:
• Access to information - at any time, the user has access to and a copy of the personal data with which we operate and store. For this purpose, you need to contact us via our contact form.
• Change, limitation, deletion - The user has the ability to change his data, restrict his use or completely delete it. These rights are applicable if there is no legal reason to keep them in their original form.
• At any time may terminate the use of our data for the purpose of providing marketing services, and may, if desired, be resumed. Deleting this part of your personal information may only occur if there is no legal requirement to store it.
• If the User resides in an EU country and wishes to express concern about the personal data he has provided on our site, he may also do so through the Competent Authority.
5. Transferring personal information outside of EU:
I may store and process your information through third-party hosting services in the US and other jurisdictions. As a result, I may transfer your personal information to a jurisdiction with different data protection and government surveillance laws than your jurisdiction. If I am deemed to transfer information about you outside of the EU, I rely on Privacy Shield as the legal basis for the transfer, as some services are Privacy Shield certified.
If you have any further answers, please feel free to contact me.
For purposes of EU data protection law, I, Nadia Petrov, am the data controller of your personal information. If you have any questions or concerns, you may contact me at dejo@gbg.bg