Imprint & Privacy Policy
Last Updated: 29 November 2025
1. Data Controller
The data controller responsible for processing your personal data in accordance with the EU General Data Protection Regulation (GDPR) is:
ZVC GmbH – “Cléamoi Jewelry”
Museumstraße 2–6
28195 Bremen
Germany
Email: hello@cleamoijewelry.com
This Privacy Policy describes how we collect, process, and use personal information when you visit our website, make a purchase, or otherwise interact with us.
2. Hosting and E-Commerce Platform (Shopify)
Our online store is hosted on the platform of:
Shopify International Ltd.
2nd Floor, 1-2 Victoria Buildings
Haddington Road, Dublin 4, D04 XN32
Ireland
Shopify processes personal data on our behalf as a processor (Art. 28 GDPR). Data may be transferred to servers operated by:
- Shopify Inc., Canada, and
- Shopify Data Processing, USA
Shopify uses recognized transfer mechanisms such as the EU Standard Contractual Clauses (SCCs).
For more information:
https://www.shopify.com/legal/privacy
3. Personal Data We Process
We process personal data that you provide to us, that is collected automatically, or that we receive from third parties.
3.1 Data You Actively Provide
- Name
- Billing and shipping address
- Email address
- Phone number
- Payment details (we do not receive full credit card numbers; these are processed by payment providers)
- Order and return information
- Messages you send to us (e.g., customer support inquiries)
3.2 Data Collected Automatically
- IP address
- Browser type and version
- Device information
- Operating system
- Date and time of access
- Referrer and exit URLs
- Interaction data (clicks, pages viewed, session behavior)
3.3 Cookies and Similar Technologies
We use cookies to:
- Enable essential shop functions
- Store cart data
- Provide analytics (performance, error logs)
Non-essential cookies are only activated with your consent (Art. 6(1)(a) GDPR), as managed through Shopify’s cookie banner.
4. Purposes and Legal Bases for Processing
4.1 Order Processing & Customer Account Management
We process your data to:
- Fulfill and manage orders
- Process payments
- Communicate regarding orders
- Set up and manage customer accounts
Legal basis:
Art. 6(1)(b) GDPR – performance of a contract
4.2 Customer Service
We process data to respond to your inquiries.
Legal basis:
Art. 6(1)(b) GDPR
Art. 6(1)(f) GDPR – legitimate interest in efficient customer support
4.3 Marketing & Newsletters (if enabled)
Includes:
- Promotional emails
- Personalized product recommendations
- Retargeting or remarketing via Shopify features
Legal basis:
Art. 6(1)(a) GDPR – consent (you may withdraw at any time)
4.4 Security and Fraud Prevention
We process data to:
- Prevent misuse
- Detect fraudulent activity
- Maintain platform security
Legal basis:
Art. 6(1)(f) GDPR – legitimate interest in secure website operation
4.5 Compliance with Legal Obligations
E.g., tax and accounting requirements.
Legal basis:
Art. 6(1)(c) GDPR – legal obligation
5. Disclosure of Personal Data to Third Parties
We only share your personal data when necessary to provide our services, fulfill contractual obligations, or maintain shop functionality.
5.1 Shopify (Platform & Analytics)
Shopify may process data to:
- Operate the online store
- Perform payment transactions
- Provide analytics & performance insights
- Maintain security infrastructure
- Enable personalized shopping features
Shopify may combine data from interactions with our store and other Shopify-powered stores.
5.2 Payment Providers
Shopify Payments (Stripe)
Shopify Payments processes payment data including:
- Payment method
- Payment confirmation
- IP address
- Fraud analysis data
Responsible entities:
- Shopify Payments (Ireland) Ltd.
- Stripe Payments Europe Ltd.
Privacy policies:
https://stripe.com/privacy
https://www.shopify.com/legal/terms-payments
PayPal
If you select PayPal, the following data is transmitted to PayPal:
- Name
- Address
- Purchase amount
- Payment details
Responsible entity:
PayPal (Europe) S.à r.l. et Cie, S.C.A., Luxembourg
Privacy policy:
https://www.paypal.com/webapps/mpp/ua/privacy-full
5.3 Shipping Providers
We share shipping data (name, address, phone number if needed) with carriers such as DHL.
5.4 Additional Service Providers
Including:
- IT providers
- Hosting/CDN providers (via Shopify)
- Customer service providers
All are bound by data processing agreements where required.
6. International Data Transfers
Some data may be transferred to Canada or the United States.
Legal basis:
- EU Standard Contractual Clauses (SCCs)
- Adequacy decision for Canada
7. Data Retention
We retain personal data only as long as needed for the following purposes:
- Order data: 10 years (statutory retention)
- Customer accounts: until deletion
- Marketing data: until consent is withdrawn
- Technical logs: typically 30 days
8. Your Rights under the GDPR
You have the following rights:
- Right of access (Art. 15)
- Right to rectification (Art. 16)
- Right to erasure (Art. 17)
- Right to restriction of processing (Art. 18)
- Right to data portability (Art. 20)
- Right to object to processing (Art. 21)
- Right to withdraw consent (Art. 7(3))
To exercise your rights, email: hello@cleamoijewelry.com
Right to Lodge a Complaint
You may contact your local data protection supervisory authority.
Competent authority for our location:
The State Commissioner for Data Protection of the Free Hanseatic City of Bremen
https://www.datenschutz.bremen.de
9. Protection of Minors
Our services are not intended for children.
We do not knowingly process data from individuals under 16 years of age.
10. Data Security
We use technical and organizational security measures to protect your data.
No internet transmission can be guaranteed to be fully secure.
11. Changes to This Privacy Policy
We may update this Privacy Policy as needed to reflect changes in our services or legal requirements. The latest version will always be published on our website.
12. Contact
ZVC GmbH – “Cléamoi Jewelry”
Museumstraße 2–6
28195 Bremen
Germany
Email: hello@cleamoijewelry.com