Data Protection Terms and Conditions for spellsofthemoon.ch
1. Introduction
At spellsofthemoon.ch, we are committed to protecting your personal information in compliance with the Swiss Federal Act on Data Protection (DPA) and, where applicable, the European General Data Protection Regulation (GDPR). By using our services, you agree to the collection and use of information as outlined in this privacy policy.
2. Data Collection
We collect personal data strictly necessary for providing our services. This includes:
- Account Information: Such as name, email address, telephone number, and delivery address
- Payment Data: Billing details and payment information, processed securely via third-party payment providers
- Technical Data: IP address, device information, log data, and browser type
- Usage Data: Interactions with our website, products viewed, preferences, and purchase history
Data is collected with your consent or as necessary to fulfill contractual or legal obligations.
3. Purpose of Data Collection and Use
Your personal data is processed solely for legitimate business purposes, including:
- Order Fulfillment: To process, ship, and manage orders and returns
- Customer Support: To provide assistance, manage inquiries, and improve user experience
- Marketing and Promotions: To send you information about our products, exclusive offers, and events (with your explicit consent)
- Website Optimization: To enhance our site’s functionality, usability, and personalized recommendations
- Legal Compliance and Fraud Prevention: To comply with legal obligations and safeguard against fraud or misuse
4. Data Disclosure and Sharing
Personal data is not shared with third parties for independent use. However, it may be shared under the following conditions:
- Service Providers: With third-party providers (e.g., payment processors, logistics partners, IT services) solely to facilitate our services
- Legal Obligations: With governmental authorities if required by law or to respond to legal requests, protect our rights, or prevent fraud
Third parties handling personal data are obligated by strict contractual agreements to comply with data protection standards and confidentiality.
5. Retention of Data
We retain your data only as long as necessary to fulfill the purposes outlined or as legally required. Once your data is no longer needed, it will be deleted or anonymized, unless retention is mandated by law.
6. Security Measures
To protect your data from unauthorised access, modification, or loss, we implement industry-standard security practices, including encryption, firewalls, and strict access controls. Payment transactions are processed through PCI-compliant providers, ensuring your data’s confidentiality and security.
7. Your Rights as a Data Subject
Under Swiss data protection law and GDPR, where applicable, you have the following rights:
- Access: Obtain a copy of your personal data held by us
- Rectification: Correct inaccurate or incomplete data
- Deletion (Right to Be Forgotten): Request the deletion of your data, where permissible
- Restriction: Restrict the processing of your personal data under certain conditions
- Data Portability: Receive your data in a structured format for transfer to another provider
- Objection: Object to data processing, particularly for direct marketing purposes
- Withdraw Consent: Withdraw your consent for processing, where processing is based on consent
To exercise these rights, please contact us at info@spellsofthemoon.ch. We may require proof of identity for verification.
8. Cookies and Similar Technologies
Our website uses cookies to enhance functionality, analyze website traffic, and personalize content. Cookies may be managed in your browser settings, although disabling certain cookies may impact the website’s performance and functionality.
9. International Data Transfers
Although data is stored within Switzerland, certain third-party providers may process data outside Switzerland. In such cases, we ensure that data transfers comply with applicable regulations, including EU Standard Contractual Clauses or other safeguards for adequate data protection.
10. Automated Decision-Making and Profiling
We may use automated decision-making or profiling in limited cases, such as product recommendations or personalized marketing. These activities are carried out under strict conditions to ensure they align with legal requirements and only with your consent where required. You may object to profiling at any time by contacting us.
Certain Plugins may contain Google Analytics trackers.
Use of Google Analytics
Type and Purpose of Processing:
This website uses Google Analytics, a web analytics service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA (hereinafter referred to as “Google”). Google Analytics uses “cookies,” which are text files stored on your computer, allowing an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transmitted to and stored on a Google server in the USA. However, due to IP anonymization being activated on this website, your IP address will be truncated by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, compile reports on website activity, and provide other services related to website and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other data held by Google.
The purpose of data processing is to analyze the use of the website and compile reports on website activity. Further services related to website and internet usage are to be provided based on this information.
Legal Basis:
The processing of data is based on the user’s consent (Art. 6 para. 1 lit. a GDPR).
Recipient:
The recipient of the data is Google as a processor. For this purpose, we have concluded the corresponding data processing agreement with Google.
Storage Duration:
The data will be deleted as soon as it is no longer required for our recording purposes.
Transfer to Third Countries:
Google processes your data in the USA and is certified under the EU-US Privacy Shield Framework: EU-US Privacy Shield.
Provision Voluntary or Required:
The provision of your personal data is voluntary and based solely on your consent. If you prevent access, this may result in functional limitations on the website.
Revocation of Consent:
You can prevent the storage of cookies by adjusting your browser settings accordingly. However, we would like to point out that in this case, you may not be able to use all the features of this website to their full extent. Additionally, you can prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) by Google, as well as the processing of this data by Google, by downloading and installing the browser plugin available at the following link: Browser Add-On for Deactivating Google Analytics.
Additionally, or as an alternative to the browser add-on, you can prevent tracking by Google Analytics on our website by clicking this link. An opt-out cookie will be installed on your device, preventing the collection of data by Google Analytics for this website and this browser in the future, as long as the cookie remains installed in your browser.
Profiling:
Using the Google Analytics tracking tool, the behavior of website visitors can be evaluated, and their interests analyzed. A pseudonymous user profile is created for this purpose.
11. Links to External Websites
Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of these sites. We encourage you to review their privacy policies before providing any personal information.
12. Changes to Our Privacy Policy
This privacy policy may be updated periodically to reflect changes in our practices, legal requirements, or regulatory obligations. We will notify you of significant changes through our website or by other appropriate means. Your continued use of our services after such changes constitutes acceptance of the updated terms.
14. Log Files
When you visit our website, we automatically collect certain data through server log files. These log files may contain:
- IP Address: Your device’s IP address, which can help us diagnose issues with our servers and identify potential security threats
- Browser Type and Version: Information on the browser you use, aiding in optimizing compatibility and user experience
- Pages Visited: URLs of pages visited, time spent on each page, and navigation paths to improve site functionality
- Date and Time of Access: Timestamped records that help us understand peak usage times and improve performance
Purpose of Log File Data: This data is used to maintain security, improve our services, troubleshoot technical issues, and enhance user experience. Log files are stored securely and are deleted or anonymized once they are no longer needed for their specific purposes.
Log file data is not combined with other personal data sources or used to identify individual users unless it is necessary to investigate unauthorised access or prevent fraudulent activities.
13. Contact Information
For inquiries regarding this privacy policy or to exercise your rights, please contact us:
Email: info@spellsofthemoon.ch
Effective Date: 28.10.2024