Privacy Policy

Privacy Policy (GDPR)

We are pleased that you are interested in our online shop. Protecting your privacy is very important to us. Below we provide detailed information about the handling of your personal data.

1. Controller

Deepti Gahrotra

Bijouria

Berlin, Germany
E-Mail: info.bijouria@gmail.com

 

2. Collection and Storage of Personal Data and Type and Purpose of Use

a) When visiting the website
When you visit our website, the browser used on your device automatically sends information to the server of our shop system (Shopify). This information is temporarily stored in a so-called log file. The following information is collected without your intervention and stored until it is automatically deleted:

  • IP address of the requesting computer
  • Date and time of access
  • Name and URL of the retrieved file
  • Website from which access is made (referrer URL)
  • Browser used and, if applicable, the operating system of your computer as well as the name of your access provider

These data are processed for the following purposes:

  • Ensuring a smooth connection to the website
  • Ensuring comfortable use of our website
  • Evaluating system security and stability
  • For other administrative purposes

Legal basis for data processing: Art. 6(1)(f) GDPR.

b) When using our contact form or e-mail contact
For any inquiries, you can contact us via the form provided on the website or by e-mail. A valid e-mail address is required so that we know who sent the request and to be able to answer it. Additional details can be provided voluntarily.
Data processing for the purpose of contacting us is carried out in accordance with Art. 6(1)(a) GDPR based on your voluntary consent.

c) When placing an order in our online shop
If you place an order in our shop, we collect the following data:

  • Title, first name, last name
  • Billing and delivery address
  • E-mail address
  • Telephone number (optional)
  • Payment informatio

We process these data in order to:

  • Identify you as our customer
  • Process and deliver your order
  • Correspond with you
  • Issue invoices
  • Process any liability claims and assert any claims against you

Legal basis: Art. 6(1)(b) GDPR.

 

3. Disclosure of Data

Your personal data will only be passed on to third parties if necessary for contract performance:

  • to the shipping company commissioned with the delivery,
  • to the payment service provider commissioned with payment processing,
  • to Shopify Inc., 151 O’Connor Street, Ground floor, Ottawa, ON K2P 2L8, Canada (shop system provider).
    Data transfer to Canada is based on an adequacy decision by the European Commission.

 

4. Payment Service Providers

We use the following payment service providers:

  • PayPal (PayPal (Europe) S.à r.l. et Cie, S.C.A., Luxembourg)
  • Shopify Payments (Stripe Payments Europe, Ltd., Ireland)
    Each payment provider processes your data under its own responsibility. Please refer to the respective provider’s privacy policy.

 

5. Cookies

Our website uses cookies. Cookies are small text files stored on your device that enable certain functions. We use technically necessary cookies and — if you consent — cookies for analytics or marketing purposes.
Legal basis: Art. 6(1)(a) GDPR (consent) or Art. 6(1)(f) GDPR (legitimate interest).

 

6. Analytics Tools

Shopify may use Shopify Analytics for analytical purposes. If you use additional tracking tools (e.g. Google Analytics), these must be listed here separately with legal basis and opt-out options.

 

7. Your Rights as a Data Subject

Under the GDPR, you have the right to:

  • Request access to your personal data (Art. 15 GDPR)
  • Request rectification of inaccurate or incomplete personal data (Art. 16 GDPR)
  • Request erasure of your personal data (Art. 17 GDPR)
  • Request restriction of processing (Art. 18 GDPR)
  • Receive your personal data in a structured, commonly used and machine-readable format (Art. 20 GDPR)
  • Withdraw consent you have previously given at any time (Art. 7(3) GDPR)
  • Lodge a complaint with a supervisory authority (Art. 77 GDPR)

8. Data Security

We use the common SSL (Secure Socket Layer) method in connection with the highest encryption level supported by your browser when you visit the website.

 

9. Currency and Amendment of this Privacy Policy

This Privacy Policy is currently valid and was last updated in August 2025.
Due to the further development of our website or due to changed legal or official requirements, it may become necessary to change this Privacy Policy.