Nitya Stones, located at 27 Mark Road Hemel Hampstead HP2 7BN, is responsible for processing personal data by the EU General Data Protection Regulation (GDPR). For any queries or concerns related to data protection, you may contact us at Info@nityastones.co.uk or by sending a letter to our address.
To ensure transparency in our data processing practices, we have compiled the following information based on different categories of data subjects:
- Website Visitors 1.1 Server Protocol Data
Our web server collects data such as IP address, date and time of the request, time zone, a specific page or file accessed, HTTP status code, amount of data transferred, the website from which the request came, browser used, operating system of the device, and language. This data helps us display website content in the best way possible.
1.2 Web Analysis with Google Analytics
1.3 Web Analysis with Google AdWords
We use Google AdWords conversion tracking to analyze website usage after clicking on a Nitya Stones ad. Google AdWords uses temporary cookies, and the information generated by these cookies is transferred to a Google server in the USA. Google processes this information to evaluate website usage and compile reports on website activities.
1.4 The purpose of data processing is to present Nitya Stones on the internet, communicate with interested parties, customers, and business partners, and design the website in line with their requirements.
1.5 The legal basis for processing is Art. 6 (1)(b) GDPR (contract of use for the website). The legal basis for analyzing user behaviour is Art. 6 (1) (f) GDPR (legitimate interest, namely the demand-oriented design of the website).
1.6 Protocol and communication data will not be transferred to third parties unless special circumstances have arisen. Data may be transferred to the police and public prosecutor’s office if a criminal offence is suspected or in the course of an investigation. We use service providers to process orders for the provision of our services, particularly for IT system provision, maintenance, and servicing.
1.7 IP addresses are anonymized within 24 hours, and pseudonymous user data is deleted after six months.
1.8 Personal data, such as the IP address, is required to use the website. Communication without providing data is not possible. However, website usage is possible without pseudonymous user analysis.
- Customers and Their Contacts at Nitya Stones 2.1 AtNitya Stones, we process customer data to fulfil our contractual obligations, which include providing consulting, support, and information about new products and product innovations.
2.2 The legal basis for processing data of natural persons who are our customers is Article 6(1)(b) GDPR (contract) and Article 6(1)(c) GDPR (legal obligations). The legal basis for processing contact data of customers who are not natural persons is Article 6(1)(f) GDPR (legitimate interest, specifically communication with the customer). The legal basis for providing information on products is Article 6(1)(f) GDPR (legitimate interest, specifically advertising).
2.3 For payment processing, we may share customer data with banks. In some cases, we may transfer data to debt collection service providers, lawyers, and courts. We also use service providers to process orders and provide our services, especially for IT system provision, maintenance, and servicing.
2.4 We store all contract and bookkeeping-related data for ten calendar years after the contract’s end following tax and commercial law retention periods.
2.5 Providing data is mandatory for customers based on statutory and contractual regulations. Without providing data, the contractual relationship cannot be established or executed.
2.6 Nitya Stones may process support requests, and the processing is based on the conclusion of EU standard contractual clauses. You can request a copy of this from our data protection officer at any time.
2.7 We may record calls for training and monitoring purposes.
- Communication Partners and External Parties at Nitya Stones 3.1 We process data for the preparation and execution of contractual relationships or other forms of communication.
3.2 For contracts with natural persons, the legal basis for processing is Article 6(1)(b) GDPR (contract or contract initiation), whereas for contracts with legal persons, Article 6(1)(f) GDPR (legitimate interest, specifically communication with relevant contact persons) and Article 6(1)(c) GDPR (statutory obligations, especially tax and commercial law provisions) apply. For documentation of communication processes, the legal basis is Article 6(1)(f) GDPR (legitimate interest).
3.3 We may transmit contact and contract data to other service providers, business partners, offices, and authorities if necessary for executing the contract or order. We also use service providers to process orders and provide our services, especially for IT system provision, maintenance, and servicing.
3.4 We delete data of contract partners and service providers ten calendar years after termination of the contract or order.
3.5 Processing contact data of service providers and business partners is necessary for executing the contract or order. Failure to provide data may significantly impair communication.