Privacy Policy
JUDALINI.com Privacy Policy
-----
This Privacy Policy describes how your personal information is collected, used, and shared when you visit or make a purchase from judalini.myshopify.com (the “Site”).
WHO ARE WE
The following company acts aas controller with regards to the processing of your
personal data as described in this Privacy Policy:
Judalini Ltd., a limited liability company duly registered with the Bulgarian
Commercial register with UIC 201641300, having its seat and registered address at
84 Yanko Sakazov Blvd. 84, Sofia 1309, Bulgaria
PERSONAL INFORMATION WE COLLECT
When you visit the Site, we automatically collect certain information about your device, including information about your web browser, IP address, time zone, and some of the cookies that are installed on your device. Additionally, as you browse the Site, we collect information about the individual web pages or products that you view, what websites or search terms referred you to the Site, and information about how you interact with the Site. We refer to this automatically-collected information as “Device Information”.
We collect Device Information using the following technologies:
- “Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org.
- “Log files” track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.
- “Web beacons”, “tags”, and “pixels” are electronic files used to record information about how you browse the Site.]
Additionally when you make a purchase or attempt to make a purchase through the Site, we collect certain information from you, including your name, billing address, shipping address, payment information (including credit card numbers, paypal id), email address, and phone number. We refer to this information as “Order Information”.
When we talk about “Personal Information” in this Privacy Policy, we are talking both about Device Information and Order Information.
LEGAL BASIS FOR COLLECTING PERSONAL DATA
We must have a legal basis to collect and process personal data. We collect and
process personal data only on the grounds allowed by the GDPR. We reassure you
herewith that we will use personal data only for lawful purposes such as the
performance of the contract you may enter with us, improving our services or other
legitimate business needs.
See the summary below for the general purposes we collect personal data for:
| Purpose |
For providing and improving our services We will mainly use the information to provide the services you have requested from us. For user authentication, management and administration of services to develop and improve our services. |
| Legal Basis |
For the performance of a contract If you use our contact form or register as a user on our website (you are accepting our Terms and Conditions), we may process personal data to perform our contractual obligations. We process such data on these grounds when we execute transactions requested by our clients. For the purposes of performing a contract, we may also transfer the necessary personal data to third parties (such as, but not limited to, couriers and payment service providers). Legitimate interest Where it is in our legitimate interests to ensure that our services are well-managed, and their quality is improved so that our clients are provided with a high standard of service to protect our business interests and the interests of our clients. |
| Purpose |
To exercise our legal rights We may use personal data where it is necessary to do so, for example to detect, prevent and respond to fraud or other violations of law, for legal and dispute management purposes, and for debt collection and recoveries purposes. |
| Legal Basis |
Legal obligations Where the law requires this. Legitime interest Where it is in our legitimate interest to prevent and investigate fraud and other crimes and to verify the client's identity in order to protect our business and to comply with laws that apply to us. |
| Purpose |
To keep in touch We use some personal data to contact you and respond to your inquiries. We send important notifications to your email address, such as verification requests/statuses, as well as general technical and administrative information. |
| Legal Basis |
For the performance of a contract Where we are obliged by a contract to provide you certain notices in relation to the performance of such a contract. Legitimate interest Where it is our legitimate interest to provide information about our business and services that we believe would benefit or inform our clients. |
| Purpose |
To offer you exciting deals We may also use personal data to provide advertisements for our offers (see behavioural advertising below). |
| Legal Basis |
Consent Where we have your permission to do so (e.g., opt-in, subscribe, via email). |
HOW DO WE USE YOUR PERSONAL INFORMATION?
We use the Order Information that we collect generally to fulfill any orders placed through the Site (including processing your payment information, arranging for shipping, and providing you with invoices and/or order confirmations). Additionally, we use this Order Information to:
- Communicate with you;
- Screen our orders for potential risk or fraud; and
- When in line with the preferences you have shared with us, provide you with information or advertising relating to our products or services.
- Using that information to share it with our suppliers so we can deliever your order.
We use the Device Information that we collect to help us screen for potential risk and fraud (in particular, your IP address), and more generally to improve and optimize our Site (for example, by generating analytics about how our customers browse and interact with the Site, and to assess the success of our marketing and advertising campaigns).
SHARING YOUR PERSONAL INFORMATION
We share your Personal Information with third parties to help us use your Personal Information, as described above. For example, we use Shopify to power our online store--you can read more about how Shopify uses your Personal Information here: https://www.shopify.com/legal/privacy. We also use Google Analytics to help us understand how our customers use the Site -- you can read more about how Google uses your Personal Information here: https://www.google.com/intl/en/policies/privacy/. You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.
By using our website, you (the visitor) agree to allow third parties to process your IP address, in order to determine your location for the purpose of currency conversion. You also agree to have that currency stored in a session cookie in your browser (a temporary cookie which gets automatically removed when you close your browser). We do this in order for the selected currency to remain selected and consistent when browsing our website so that the prices can convert to your (the visitor) local currency.
Finally, we may also share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights.
BEHAVIOURAL ADVERTISING
As described above, we use your Personal Information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.
You can opt out of targeted advertising by using the links below:
- Facebook: https://www.facebook.com/settings/?tab=ads
- Google: https://www.google.com/settings/ads/anonymous
- Bing: https://advertise.bingads.microsoft.com/en-us/resources/policies/personalized-ads
Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at: http://optout.aboutads.info/.
DO NOT TRACK
Please note that we do not alter our Site’s data collection and use practices when we see a Do Not Track signal from your browser.
YOUR RIGHTS
If you are a European resident, you have the right to access personal information we hold about you and to ask that your personal information be corrected, updated, or deleted. If you would like to exercise this right, please contact us through the contact information below.
You have the following rights:
Information or confirmation as to whether or not personal data concerning you are
being processed.
Access information about, for instance, but not limited to, the purposes of the
processing; the categories of personal data concerned; the recipients or categories of
recipients to whom the personal data have been or will be disclosed.
Rectification of inaccurate personal data concerning you. Taking into account the
purposes of the processing, the data subject has the right to have incomplete
personal data completed, including by means of providing a supplementary
statement/documents.
Erasure (to be forgotten) of personal data concerning yourself in certain
circumstances. This right only applies to data held at the time the request is received.
It does not apply to data that may be created in the future. Please note that when we
are required by law to process certain personal data, then the right to erasure will not
apply to such data, e.g. when we are obligated by law to retain the personal data for
a certain period of time. We would like to clarify also that the right to be forgotten so
apply that the erasure will be fulfilled in respect of live systems, but that the data will
remain within the backup environment for a certain period of time until it is
overwritten. This signifies that we will put the backup data ‘beyond use’, even if it
cannot be immediately overwritten (the backup is simply held on our systems until it
is replaced in line with an established schedule).
Restriction of processing in certain circumstances. This is an alternative to
requesting the erasure of your data, where for instance (but not limited to), the
processing is unlawful, and the data subject opposes the erasure of the personal
data and requests the restriction of their use instead unless this proves impossible or
involves disproportionate effort.
Data portability of the personal data as long as the processing is based on consent
or on a contract, and the processing is carried out by automated means. This right
allows data subjects to obtain and reuse their personal data for their own purposes
across different services, from one IT environment to another, in a safe and secure
way, without affecting its usability.
Object the processing of personal data. For instance (but not limited to), the data
subject has the right to object, at any time, to the processing of personal data
concerning them for marketing purposes; however, if the data subject is objecting to
other uses, we can refuse to comply with the objection but only if we can prove we
have a strong reason to continue processing your data that overrides your objection.
Avoid automated decision-making (with no human involvement), such as profiling,
which uses personal data to make calculated assumptions about individuals.
Withdraw data processing consent to the processing of your personal data at any
time and we will cease the processing of the relevant information. However, please
bear in mind that consent is only one of several lawful grounds for personal data
processing, so exercising this right means that there is no other legal basis in place.
Information on action taken within one month of receipt of the request. That period
may be extended by two further months where necessary, taking into account the
complexity and number of the requests.
Information in case of a data breach that is likely to result in a high risk to the rights
and freedoms of the data subject.
Additionally, if you are a European resident we note that we are processing your information in order to fulfill contracts we might have with you (for example if you make an order through the Site), or otherwise to pursue our legitimate business interests listed above. Additionally, please note that your information will be transferred outside of Europe, including to Canada and the United States. We undertake to only transfer personal data to a third country an adequacy decision by
the EU Commission exists.
DATA RETENTION
When you place an order through the Site, we will maintain your Order Information for our records unless and until you ask us to delete this information.
CHANGES
We may update this privacy policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal or regulatory reasons.
MINORS
The Site is not intended for individuals under the age of 16.
CONTACT US
For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e‑mail judalini@judalini.com or by mail using the details provided below:
JUDALINI
[Re: Privacy Compliance Officer]
JUDALINI Ltd, Sofia, Yanko Sakazov Blvd. 84, 1309 Bulgaria
COMPLAINT TO A SUPERVISORY AUTHORITY
If for any reason you are not satisfied with our actions with regard to your personal
data, we ask you to inform us first so that we can understand what the problem is due
to and try to solve it. We will carefully consider your request, as well as answer all
your questions. If you believe that you have not received adequate assistance from
us or that there is a violation of your rights, you have the right to file a complaint with
a supervisory authority in your country of residence. You can find the contact details
of the competent authorities in the European Union at:
https://edpb.europa.eu/about-edpb/about-edpb/members_en
-----