Log in

Cart

Your cart is currently empty.

Continue shopping
Total
$0.00 USD

Privacy Policy

Date: September 16, 2025

1. Information on the Collection of Personal Data

1.1 Personal Data

Below, we inform you about the processing of personal data when using our website (siumal). Personal data refers to any information that can be associated with you personally—such as your name, address, email address, or user behavior. This policy aims to clarify our data processing procedures while fulfilling our legal obligations, particularly those under the EU General Data Protection Regulation (GDPR).

1.2 Data Controller

The data controller pursuant to Article 4(7) GDPR is the operator of siumal. For inquiries regarding the processing of your personal data, contact us at service@siumal.com.

2. Processing of Personal Data When Visiting Our Website

When using the website for informational purposes (i.e., browsing without registering or providing additional information), we process personal data transmitted by your browser to our server. The following data is technically necessary to display the website, ensure its stability and security, and must therefore be processed by us. The legal basis for this processing is Article 6(1)(f) GDPR:

 

  • IP address
  • Date and time of the request
  • Content of the request (e.g., specific jewelry product pages visited)
  • Amount of data transmitted
  • Browser type and version

3. Further Functions and Offers of Our Website

3.1 Overview of Offers

Beyond informational use, we provide additional services (e.g., account registration, jewelry purchases) and use tools to facilitate sales (e.g., payment method selection) or analyze/market our products (detailed in Sections 4 and 5). For these purposes, you may need to provide additional personal data, and we will process such information solely to deliver the respective services. The data processing principles outlined in this policy apply to all described processing activities.

3.2 Use of External Service Providers

We may engage external service providers to process your data (e.g., payment processors, shipping companies—see Sections 5 and 7). These providers are carefully selected, bound by our written instructions, and regularly monitored to ensure compliance with GDPR and data protection best practices.

3.3 Further Third-Party Involvement

We may share your personal data with third parties not mentioned elsewhere in this policy if we collaborate on promotions, contests, or similar services. Depending on the service, partners may collect your data independently. You will receive detailed information about such data sharing when providing your data or in the description of the specific offer (e.g., a jewelry giveaway).

3.4 Third Parties Outside the EEA

If our service providers or partners are based outside the European Economic Area (EEA), we will inform you of the implications of this data transfer (e.g., legal safeguards) in the description of the relevant offer or service.

4. Processing of Personal Data When Contacting Us or Registering an Account

4.1 Contacting Us

When you contact us via email (service@siumal.com) or a contact form, we store the data you provide (e.g., your name, email address, phone number if shared) to respond to your inquiry (e.g., questions about a necklace’s material, help with order tracking). This data is retained only until your inquiry is resolved.

4.2 Account Registration

When registering a customer account, we only collect information you voluntarily share. This may include:

 

  • Your first and last name (and title or username, if applicable)
  • Login credentials: email address and a password (stored in encrypted form to protect security)
  • Contact details: postal address, phone number, and email address
  • Additional personal information or preferences you choose to share (e.g., favorite jewelry styles, gift-giving occasions)

5. Processing of Personal Data When Making a Purchase

5.1 Shopping Information

When you order jewelry from our online store, we collect “shopping data” to process and fulfill your order. This may include:

 

  • Details of purchased items (e.g., product name, price, model number, and specifications like “Sterling Silver Dainty Cross Necklace”)
  • Order number (for tracking and reference)
  • Delivery and billing addresses (to ensure accurate shipment and invoicing)
  • Delivery and payment status (e.g., “dispatched,” “delivered,” “paid”)
  • Communications related to the purchase (e.g., emails about a delayed ring delivery, requests for a jewelry repair)
  • Return status (e.g., “return requested,” “return approved”)
  • Information about involved service providers (e.g., parcel tracking numbers from shipping companies)

5.2 Payment Details

We offer various payment methods (e.g., credit card, PayPal). We collect the payment details you provide (e.g., billing address) to process payments and may receive additional payment-related information from external payment processors (e.g., confirmation of successful transaction). We only share data necessary for payment processing with our payment providers—never full credit card details or sensitive financial information beyond what is required.

 

Payment details may include:

 

  • Billing address
  • Preferred payment method (e.g., Visa, PayPal)
  • Relevant account identifiers (e.g., PayPal ID, last four digits of a credit card for reference)

5.3 Debt Collection (If Applicable)

If outstanding invoices for jewelry purchases are not settled despite repeated reminders, we may transfer the minimum necessary data to a debt collection service provider to recover the amount owed. The legal basis for this transfer is Article 6(1)(b) GDPR (fulfillment of a contract) for fiduciary collection, or Article 6(1)(f) GDPR (legitimate interest in recovering debts) for debt assignment.

6. Cookies and Tracking Technologies

6.1 General Information About Cookies

We use cookies, tags, web pixels, and similar technologies to automatically collect information about your use of our services. Cookies are small text files stored on your device that enable recognition of your browser and storage of preferences. If required by law, we will request your consent before using non-essential cookies via our cookie banner. You may withdraw consent or update preferences at any time by clicking the “Manage Cookies” link in the website footer.

6.2 Types of Cookies

We use first-party (set by siuma) and third-party (set by external providers) cookies for the following purposes:

 

Cookie Type Purpose
Strictly Necessary Cookies Essential for website functionality (e.g., logging in, adding jewelry to cart). Cannot be disabled.
Functional Cookies Remember your preferences (e.g., saved billing addresses, language settings) to personalize your experience. Do not enable targeted advertising.
Performance/Analytics Cookies Collect passive usage data (e.g., which jewelry pages you visit, time spent on the site) to improve website performance and product offerings.
Advertising/Targeting Cookies Make ads more relevant (e.g., avoiding repeated jewelry ads, showing styles you’ve viewed). Third-party partners may use these to build interest profiles.

6.3 Managing Cookies

You can control cookies via your browser settings (e.g., Chrome, Safari, Firefox). Most browsers’ “Help” sections explain how to block new cookies, receive notifications for new cookies, or delete existing cookies. Blocking all cookies may limit website functionality (e.g., inability to save items to your cart).

6.4 Web Pixels

We use conversion pixels (short code snippets) to evaluate marketing campaign success (e.g., tracking clicks on a necklace ad) or user actions (e.g., completing a purchase). Pixels record when a device or browser visits a specific page (e.g., a “Thank You” page after ordering earrings) to analyze usage patterns.

6.5 Analytics

We use Google Analytics to monitor and analyze website usage (e.g., which jewelry categories are most popular). Google Analytics is a web analytics service provided by Google LLC. For details on Google’s privacy practices, visit: https://policies.google.com/privacy?hl=en. To opt out of Google Analytics, use the browser add-on available at: https://tools.google.com/dlpage/gaoptout.

6.6 Behavioral Remarketing

We use remarketing to display personalized jewelry ads on third-party websites after you visit our site. For example, if you view a pair of diamond earrings but do not purchase, we may show you ads for similar styles on other platforms.

 

We use the following tools for remarketing:

 

  • Google Ads: Provided by Google Ireland Ltd. (Gordon House, Barrow Street, Dublin 4, Ireland). Opt out via Google Ads Settings: https://www.google.com/settings/ads.
  • Bing Ads: Operated by Microsoft Ireland Operations Limited (One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland). For Microsoft’s privacy policy, visit: https://privacy.microsoft.com/en-US/. Consent for Bing Ads is managed via our cookie banner.
  • Facebook Ads: Using Facebook Business Tools, we display interest-based ads on Facebook. Adjust preferences via Facebook’s Ad Preferences. We do not share personal data with Facebook—instead, we upload irreversibly encrypted (hashed) email lists to create “lookalike audiences” (users with similar interests). Facebook deletes the list after matching, and we cannot identify individuals in the lookalike audience.

6.7 Other Tracking Technologies

We may use additional tracking technologies to collect “clickstream” data, including:

 

  • Domain name of your internet service provider
  • Device type, IP address, browser type/version, and operating system
  • Average time spent on the site, pages viewed (e.g., “Gemstone Rings”), content searched for (e.g., “gold hoop earrings”), and access times
  • Unique identifiers for your device or login credentials

 

Site pages may also use:

 

  • JavaScript (to enhance functionality, e.g., loading product images)
  • Entity tags (to cache site components and improve speed)
  • HTML5 local storage (to save preferences for future visits, e.g., recently viewed jewelry)

6.8 Do Not Track

Some browsers transmit “Do Not Track” (DNT) signals. Due to a lack of uniform global standards for DNT, our website does not process or respond to these signals.

6.9 Location Information

You can prevent sharing location data by:

 

  • Disabling location services in your device settings
  • Denying location access to . via your browser or mobile app preferences

7. Transfer of Data to Third Parties

7.1 Legal Basis for Transfers

We share your personal data only as permitted by GDPR and European law. We collaborate with service providers in key areas (e.g., customer service, technical support, logistics) who process data solely on our behalf and within the scope of our instructions.

7.2 Technical Service Providers

We work with technical service providers to maintain and improve our website (e.g., hosting services, security tools). If these providers process data outside the EU, we ensure equivalent data protection via EU-approved safeguards (e.g., Standard Contractual Clauses).

7.3 Payment Service Providers

We share necessary payment data with our payment processors (e.g., credit card companies, PayPal) to process transactions securely. These providers are bound by strict data protection obligations and do not use your data for unrelated purposes.

7.4 Shipping Companies

We share your name, delivery address, and order details with shipping companies to deliver your jewelry. In some cases, we may share your email address to enable delivery notifications (e.g., “Your necklace has shipped”).

7.5 Authorities and Other Third Parties

We may disclose your data if required by law (e.g., court order, tax audit) or to protect our legal rights (e.g., investigating fraudulent jewelry purchases or counterfeit claims).

8. Retention and Erasure of Data

We store your personal data only as long as necessary for the purposes outlined in this policy—typically:

 

  • Account Data: Retained while your account is active. If you delete your account, we erase all associated data unless legal retention requirements apply.
  • Order Data: Retained for 7 years to comply with tax and accounting laws (e.g., invoicing records for jewelry purchases).
  • Contact Data: Retained only until your inquiry is resolved (e.g., email exchanges about a defective bracelet).

 

If full deletion is not legally permitted (e.g., tax records), we “block” the data—restricting access to authorized staff only and preventing further processing. Blocked data is deleted once the legal retention period expires.

 

Anonymized or pseudonymized data (e.g., aggregated sales data for jewelry styles) may be retained for statistical purposes if deletion would hinder research or business improvement.

9. Protection of Personal Data

We use technical and organizational measures to secure your data, including:

 

  • SSL/TLS encryption for all data transmitted between your browser and our server (e.g., when entering payment details or creating an account).
  • Encrypted storage for sensitive data (e.g., passwords, payment information).
  • Regular security audits and employee training on data protection best practices.

 

While we strive to protect your data, no system is 100% secure. We are not liable for data breaches caused by third-party attacks beyond our control.

10. Your Rights as a Data Subject

Under GDPR, you have the following rights regarding your personal data:

 

  1. Right to Information: Request details of the data we hold about you (e.g., your order history, saved preferences).
  2. Right to Rectification: Correct inaccurate or incomplete data (e.g., update your delivery address).
  3. Right to Erasure: Request deletion of your data (if no legal reason to retain it).
  4. Right to Restriction of Processing: Ask us to limit how we use your data (e.g., while resolving a complaint).
  5. Right to Data Portability: Receive your data in a machine-readable format (e.g., to transfer to another jewelry retailer).
  6. Right to Withdraw Consent: Revoke consent for non-essential processing (e.g., marketing emails) at any time.

 

To exercise these rights, contact us at service@siumal.com with proof of identity (e.g., a copy of your ID or order confirmation). We will respond within 1 month (extendable by 2 months for complex requests).

 

You also have the right to lodge a complaint with a data protection authority (e.g., your local supervisory authority in the EU) if you believe we have violated GDPR.

11. Changes to This Privacy Policy

We may update this policy to reflect legal changes, website improvements, or new services. Updates will be posted on this page with a revised effective date. Your continued use of siumal after the update constitutes acceptance of the revised policy.

12. Data Protection Officer

You can contact our Data Protection Officer at service@siumal.com (subject line: “Data Protection Inquiry”) or via our postal address (attention: Data Protection Officer).