«
 

Huber Fine Watches & Jewellery Privacy Policy


 

 I. General Privacy Policy


Data protection is closely linked to maintaining the trust and confidence you place in our company. For this reason, we only ever process personal data about you which are necessary. We take the utmost care when processing your data, particularly to protect your data from potential misuse.
With this Privacy Policy, we would like to provide you with an overview of how we process your data and to inform you of your rights pursuant to the provisions of the General Data Protection Regulation (GDPR) and the Liechtenstein Data Protection Act (DPA):

1. Name and address of the controller responsible for the processing of personal data and the data protection officer
The controller, within the meaning of the GDPR, is Huber Fine Watches & Jewellery, Städtle 34, 9490 Vaduz, Liechtenstein, , T +423 237 14 14.
To contact our data protection officer, please send an e-mail to and include “data protection” in the subject line. If using our postal address, please ensure correspondence is marked for the attention of our data protection officer.

2. Collection and recording of personal data and the nature and purpose of their use
As stated above, we only process data which are necessary. What constitutes necessary data can vary depending on the individual or individuals concerned.
We collect the following information in particular when you contact us:
- Personal details (e.g. title, given name, family name, date of birth, nationality)
- Address and contact details (e.g. postal address, e-mail address, telephone number, mobile number)
This data is collected
- for the purposes of future correspondence with you;
- for invoicing purposes; and
- for the purposes of settling transactions.
As a rule, we are not in a position to conduct our business operations without this data. It is possible that we may process data that were not collected directly from you, but which come from third parties, sources available to the public or other data subjects.
Processing of personal data begins once you have contacted us and is necessary for the purposes listed in Article 6(1)(b) GDPR (for the performance of a contract or in order to take steps prior to entering into a contract) and for the mutual fulfilment of obligations (such as settling transactions).
Your data is also processed in order to ensure compliance with legal obligations (Article 6[1][c] GDPR) or for the performance of a task carried out in the public interest (Article 6[1][e] GDPR), particularly to ensure compliance with legal and regulatory provisions (e.g. DPA).
In addition, your data is processed for specific purposes concerning the legitimate interests pursued by us or a third party (Article 6[1][f] GDPR), particularly for the assertion and enforcement of claims, compliance with the rights of the data subject (e.g. right of access), to guarantee IT security and IT operations and to guarantee the security of buildings and facilities.
Furthermore, your data can be processed if you have given your consent (Article 6[1][a] GDPR). You have the right to withdraw your consent at any time. This also applies to withdrawing any declarations of consent that were submitted to us before the GDPR came into force on 25 May 2018. However, withdrawing consent does not affect the legality of any data which was processed before consent was withdrawn.
We reserve the right to continue processing any personal data collected for one of the purposes listed above for any of the other purposes listed above, provided this is consistent with the original purpose or is permitted and/or required by law.

3. Recipients or categories of recipients of the personal data
Within our company, employees are only permitted to process your data if they require your data for the purposes of fulfilling our contractual or legal obligations or safeguarding the rights of data subjects. Third parties may also be recipients of personal data for these purposes, including processors in areas such as IT services, logistics and printing services.
Your personal data will also be passed on to third parties if this is necessary for the settlement of transactions or the provision of services.

4. Transfer of personal data to third countries
Data is only transferred to countries outside the European Economic Area (EEA), known as third countries, within the scope of adequacy decisions by the European Commission or where this is necessary for the performance of a contract, in order to take steps prior to entering into a contract or for the provision of services, if you have given us your consent (e.g. within the scope of special services), if this is necessary in the public interest on important grounds or where this constitutes a legal requirement.

5. Duration of personal data retention
In principle, personal data recorded by us are retained until the legal obligation to retain such data expires, after which the personal data are erased, unless we deem it necessary to retain such data for a longer period, pursuant to Article 6(1)(c) GDPR, or you have given your consent to a longer retention period, pursuant to Article 6(1)(a) GDPR. Further processing and retention may also continue for a longer period for the purposes of preserving evidence, for example while the applicable provisions of limitations are in effect.

6. Your data protection rights
As a data subject, you have the right to access your personal data at any time, particularly concerning information as to their source and recipients and the purposes of the processing of your personal data. You also have the right to rectification, the right to data portability, the right to object, the right to restriction of processing and the right to erasure of incorrect data or any data processed without authorisation.
Should there be any changes to your personal data, we will ask you to inform us of these changes.
You have the right to withdraw any consent you have given to the use of your personal data at any time. Any queries regarding the assertion of your right to access, erasure, rectification, object and/or data portability can be directed to the addresses given in Point 1 of this Privacy Policy.
If you are of the opinion that the processing of your personal data by us is in violation of the applicable data protection rights or that your legal rights in terms of data protection have been infringed in any other way, a complaint may be lodged with the competent supervisory authority. In Liechtenstein, this is the Liechtenstein Data Protection Office.

7. Applicable version
This Privacy Policy is valid in its current version of June 2018.
It may become necessary to amend this Privacy Policy, due to the ongoing development of our website and the offers available via our website or as a result of amendments made to legal or regulatory provisions. The version of the Privacy Policy on our website is to be considered the current version, and is available to access and print off at any time.