Privacy policy
PRIVACY POLICY
Effective date: 1/01/26 This policy explains how [DSP Group BV] processes your personal data in connection with juwelinaparis.com.
1. Data Controller
The data controller responsible for the personal data collected via juwelinaparis.com is:
|
Company name: [DSP GROUP BV] Legal form: [BV] Registered address: [8 Beukenlaan, 2020 Antwerp Belgium] VAT number: BE0790866635] KBO number: [0790866635] E-mail: [contactus@JUWELINAPARIS.COM] |
We process your personal data in accordance with Regulation (EU) 2016/679 (GDPR), the Belgian Law of 30 July 2018 on the protection of natural persons with regard to the processing of personal data, and all other applicable Belgian and EU data protection legislation.
2. Personal Data We Collect
2.1 Data you provide directly
When you interact with the Site, we may collect:
-
Identity data: first name, last name, username
-
Contact data: e-mail address, telephone number, postal address
-
Transactional data: order history, items purchased, returns, complaints
-
Payment data: payment method type, last four digits of card (we do not store full card numbers)
-
Account data: account credentials, preferences, wish lists
-
Communications data: messages you send us, customer service correspondence
-
Profile data: purchase history, review content, marketing preferences
2.2 Data collected automatically
When you visit the Site, we automatically collect:
-
Technical data: IP address, browser type and version, device type, operating system
-
Usage data: pages visited, time spent, links clicked, search queries
-
Cookie data: see Section 8 (Cookies) below
2.3 Data received from third parties
We may receive personal data from:
-
Sellers (order fulfilment data)
-
Payment processors (transaction confirmation)
-
Social media platforms (if you connect a social account or use social login)
-
Marketing partners (with your consent)
-
Analytics providers
3. Lawful Bases for Processing
We process your personal data only where we have a valid lawful basis under GDPR Art. 6. The lawful basis depends on the specific processing activity:
|
Purpose |
Lawful Basis |
Details |
|---|---|---|
|
Processing your order and payment |
Contract (Art. 6(1)(b)) |
Necessary to fulfil your purchase |
|
Creating and managing your account |
Contract (Art. 6(1)(b)) |
Necessary to provide account services |
|
Communicating about your order |
Contract (Art. 6(1)(b)) |
Order updates, delivery notices |
|
Legal and tax obligations |
Legal obligation (Art. 6(1)(c)) |
Invoicing, VAT records, fraud prevention |
|
Personalised marketing (newsletter) |
Consent (Art. 6(1)(a)) |
Only with your explicit opt-in |
|
Retargeting / ad cookies |
Consent (Art. 6(1)(a)) |
Only with cookie consent |
|
Improving the Site (analytics) |
Legitimate interest (Art. 6(1)(f)) |
Anonymised/pseudonymised where possible |
|
Fraud prevention and security |
Legitimate interest (Art. 6(1)(f)) |
Protecting customers and the platform |
|
Responding to complaints |
Legitimate interest (Art. 6(1)(f)) |
Handling disputes and returns |
|
Sharing data with Sellers (fulfilment) |
Contract (Art. 6(1)(b)) |
Necessary to deliver your order |
4. How We Use Your Personal Data
4.1 Order Processing and Fulfilment
We use your identity, contact, transactional and payment data to process and fulfil your order, including transmitting necessary data to delivery carriers.
4.2 Customer Account
If you create an account, we use your data to manage your profile, store your preferences and purchase history, and enable you to track orders and manage returns.
4.3 Marketing Communications
We will only send you marketing e-mails, SMS or push notifications if you have given your express prior consent (opt-in), in accordance with Book XII BCEL and the Belgian Data Protection Authority Recommendation 01/2025 on direct marketing. You may withdraw your consent at any time by clicking “Unsubscribe” in any marketing message or by contacting us at [contactus@JUWELINAPARIS.COM].
Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
4.4 Analytics and Site Improvement
We use pseudonymised usage data to understand how visitors interact with the Site, identify areas for improvement, and optimise user experience. Where we use third-party analytics tools (e.g., Google Analytics), these tools are configured to anonymise IP addresses.
4.5 Fraud Prevention and Security
We may process your data to detect, investigate and prevent fraudulent transactions, money laundering and other illegal activities, including checking transaction details against known fraud indicators.
5. Data Retention
We retain your personal data only for as long as necessary for the purposes for which it was collected, or as required by law. Our standard retention periods are:
|
Data Category |
Retention Period |
|---|---|
|
Customer account data |
Duration of account + 2 years after last activity |
|
Order and transactional data |
10 years (Belgian accounting/tax obligations) |
|
Payment data (tokenised only) |
Duration of payment relationship + 1 year |
|
Marketing consent records |
Until consent is withdrawn + 3 years (limitation period) |
|
Customer service correspondence |
3 years from resolution |
|
Technical/log data (cookies, IP) |
Up to 13 months |
|
Anonymised analytics data |
Up to 26 months |
6. Sharing Your Personal Data
We do not sell your personal data. We share it only in the following circumstances:
6.1 Sellers and Suppliers
For Seller-fulfilled or dropshipped orders, we share your delivery name, address and order details with the relevant Seller. Sellers are contractually bound to: (i) process your data only for fulfilment purposes; (ii) comply with GDPR; and (iii) not retain your data beyond the fulfilment period.
6.2 Service Providers (Data Processors)
We engage the following categories of data processors, each bound by a GDPR-compliant data processing agreement:
-
[E-commerce platform: Shopify Inc. server infrastructure, order management]
-
[Payment processor: [Shopify] transaction processing]
-
[Delivery carrier(s): [BPost/DHL Express] shipment and tracking]
-
[E-mail service provider: [Google, Shopify & Klaviyo] transactional and marketing e-mails]
-
[Analytics: Google Analytics, Shopfy
6.3 Legal Obligations
We may disclose your data to competent authorities (e.g., tax authorities, law enforcement, courts) where required by applicable law or court order.
6.4 Business Transfers
In the event of a merger, acquisition or sale of all or part of our business, your data may be transferred to the acquiring entity, subject to the same privacy protections.
6.5 International Transfers
Some of our service providers (e.g., Shopify, Google) store or process data outside the European Economic Area (EEA). We ensure that any such transfer is protected by adequate safeguards, including: Standard Contractual Clauses (SCCs) approved by the European Commission;
For more information on the safeguards in place, contact us at [contactus@JUWELINAPARIS.COM].
7. Your Data Subject Rights
Under the GDPR, you have the following rights in relation to your personal data:
|
Right |
What it means |
|---|---|
|
Access (Art. 15) |
Request a copy of the personal data we hold about you |
|
Rectification (Art. 16) |
Ask us to correct inaccurate or incomplete data |
|
Erasure (Art. 17) |
Ask us to delete your data (“right to be forgotten”), subject to legal retention obligations |
|
Restriction (Art. 18) |
Ask us to restrict processing while a dispute is resolved |
|
Portability (Art. 20) |
Receive your data in a structured, machine-readable format |
|
Objection (Art. 21) |
Object to processing based on legitimate interest or for direct marketing |
|
Withdraw consent (Art. 7(3)) |
Withdraw previously given consent at any time, without affecting prior processing |
|
Automated decisions (Art. 22) |
Not to be subject to solely automated decisions with significant effects |
To exercise any of these rights, contact us at [contactus@JUWELINAPARIS.COM]. We will respond within one month (extendable by two months in complex cases). Requests are free of charge. We may require proof of identity before processing your request.
You have the right to lodge a complaint with the Belgian Data Protection Authority (Gegevensbeschermingsautoriteit / Autorité de protection des données):
|
Website: www.dataprotectionauthority.be Address: Rue de la Presse 35 / Drukpersstraat 35, 1000 Brussels, Belgium E-mail: contact@apd-gba.be Phone: +32 (0)2 274 48 00 |
8. Cookies and Similar Technologies
8.1 What are cookies?
Cookies are small text files stored on your device when you visit a website. We also use similar technologies such as pixels, tags and local storage (collectively “Cookies”).
8.2 Categories of cookies we use
|
Category |
Basis |
Purpose |
|---|---|---|
|
Strictly necessary |
No consent required |
Session management, shopping cart, security, fraud prevention. Cannot be disabled. |
|
Functional |
Legitimate interest |
Language preference, saved addresses, wish lists. Can be disabled but may affect Site functionality. |
|
Analytics |
Consent |
Google Analytics anonymised Site usage statistics. Active only after consent. |
|
Marketing / retargeting |
Consent |
Meta Pixel, Google Ads, personalised advertising. Active only after consent. |
|
Social media |
Consent |
Social sharing and login buttons from Pinterest, Meta, Tiktok. Active only after consent. |
8.3 Managing your cookie preferences
When you first visit the Site, a cookie consent banner will allow you to accept or refuse non-essential cookies. You can change your preferences at any time via the “Cookie Settings” link in the footer.
You may also control cookies through your browser settings. Note that disabling all cookies may impair some Site functions.
We use COOKIE Banner to manage your preferences and maintain a record of consents given, in line with GDPR Art. 7.
9. Data Security
We implement appropriate technical and organisational security measures to protect your personal data against unauthorised access, alteration, disclosure or destruction. These include:
-
SSL/TLS encryption for all data transmissions
-
Restricted internal access on a need-to-know basis
-
Regular security assessments
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the Belgian Data Protection Authority within 72 hours and, where the breach is likely to result in a high risk, notify affected individuals without undue delay, in accordance with GDPR Arts. 33–34.
10. Children's Privacy
Our Site is not directed at children under the age of 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us immediately at [contactus@JUWELINAPARIS.COM] and we will delete such data promptly.
11. Updates to This Policy
We may update this Privacy Policy from time to time. The “Last updated” date at the top of this document will be revised accordingly. If changes are material, we will notify you by e-mail (if you have an account) or via a prominent notice on the Site. We encourage you to review this Policy periodically.
Your continued use of the Site after any changes constitutes acceptance of the updated Policy. If you do not accept the changes, you must stop using the Site and, if applicable, delete your account.
12. Contact and DPO
For any questions, concerns or requests relating to this Privacy Policy or our data processing activities, please contact:
|
[DSP Group BV] Privacy Team [8 Beukenlaan, 2020 Antwerp Belgium] E-mail: [contactus@JUWELINAPARIS.COM] |
We aim to respond to all privacy-related requests within one month.
Governed by Belgian law. Compliant with GDPR, BCEL Book VI/XII, EU Consumer Rights Directive, and the Digital Services Act.
