Data protection is closely linked to maintaining the trust and confidence you place in our company. For this reason, we only ever process personal data about you which are necessary. We take the utmost care when processing your data, particularly to protect your data from potential misuse.
1. Name and address of the controller responsible for the processing of personal data and the data protection officer
The controller, within the meaning of the GDPR, is Huber Fine Watches & Jewellery, Städtle 34, 9490 Vaduz, Liechtenstein, firstname.lastname@example.org, T +423 237 14 14.
To contact our data protection officer, please send an e-mail to email@example.com and include “data protection” in the subject line. If using our postal address, please ensure correspondence is marked for the attention of our data protection officer.
2. Collection and recording of personal data and the nature and purpose of their use
As stated above, we only process data which are necessary. What constitutes necessary data can vary depending on the individual or individuals concerned.
We collect the following information in particular when you contact us:
– Personal details (e.g. title, given name, family name, date of birth, nationality)
– Address and contact details (e.g. postal address, e-mail address, telephone number, mobile number)
This data is collected
– for the purposes of future correspondence with you;
– for invoicing purposes; and
– for the purposes of settling transactions.
As a rule, we are not in a position to conduct our business operations without this data. It is possible that we may process data that were not collected directly from you, but which come from third parties, sources available to the public or other data subjects.
Processing of personal data begins once you have contacted us and is necessary for the purposes listed in Article 6(1)(b) GDPR (for the performance of a contract or in order to take steps prior to entering into a contract) and for the mutual fulfilment of obligations (such as settling transactions).
Your data is also processed in order to ensure compliance with legal obligations (Article 6[c] GDPR) or for the performance of a task carried out in the public interest (Article 6[e] GDPR), particularly to ensure compliance with legal and regulatory provisions (e.g. DPA).
In addition, your data is processed for specific purposes concerning the legitimate interests pursued by us or a third party (Article 6[f] GDPR), particularly for the assertion and enforcement of claims, compliance with the rights of the data subject (e.g. right of access), to guarantee IT security and IT operations and to guarantee the security of buildings and facilities.
Furthermore, your data can be processed if you have given your consent (Article 6[a] GDPR). You have the right to withdraw your consent at any time. This also applies to withdrawing any declarations of consent that were submitted to us before the GDPR came into force on 25 May 2018. However, withdrawing consent does not affect the legality of any data which was processed before consent was withdrawn.
We reserve the right to continue processing any personal data collected for one of the purposes listed above for any of the other purposes listed above, provided this is consistent with the original purpose or is permitted and/or required by law.
3. Recipients or categories of recipients of the personal data
Within our company, employees are only permitted to process your data if they require your data for the purposes of fulfilling our contractual or legal obligations or safeguarding the rights of data subjects. Third parties may also be recipients of personal data for these purposes, including processors in areas such as IT services, logistics and printing services.
Your personal data will also be passed on to third parties if this is necessary for the settlement of transactions or the provision of services.
4. Transfer of personal data to third countries
Data is only transferred to countries outside the European Economic Area (EEA), known as third countries, within the scope of adequacy decisions by the European Commission or where this is necessary for the performance of a contract, in order to take steps prior to entering into a contract or for the provision of services, if you have given us your consent (e.g. within the scope of special services), if this is necessary in the public interest on important grounds or where this constitutes a legal requirement.
5. Duration of personal data retention
In principle, personal data recorded by us are retained until the legal obligation to retain such data expires, after which the personal data are erased, unless we deem it necessary to retain such data for a longer period, pursuant to Article 6(1)(c) GDPR, or you have given your consent to a longer retention period, pursuant to Article 6(1)(a) GDPR. Further processing and retention may also continue for a longer period for the purposes of preserving evidence, for example while the applicable provisions of limitations are in effect.
6. Your data protection rights
As a data subject, you have the right to access your personal data at any time, particularly concerning information as to their source and recipients and the purposes of the processing of your personal data. You also have the right to rectification, the right to data portability, the right to object, the right to restriction of processing and the right to erasure of incorrect data or any data processed without authorisation.
Should there be any changes to your personal data, we will ask you to inform us of these changes.
If you are of the opinion that the processing of your personal data by us is in violation of the applicable data protection rights or that your legal rights in terms of data protection have been infringed in any other way, a complaint may be lodged with the competent supervisory authority. In Liechtenstein, this is the Liechtenstein Data Protection Office.
7. Applicable version
1. Hosting the website
Every time our website is accessed, our system automatically records data and information from the operating system of the computer accessing our website.
The following data are collected:
– Information on the type and version of the browser being used
– The user’s operating system
– The host name of the computer accessing our website
– The user’s IP address
– The time and date of the access request
– The referral website
It is not possible to assign an IP address to the access time or the referral website. It is only possible to determine which websites and what times produce the highest number of access requests.
We retain this information within the scope of the relevant legal provisions for a maximum of 26 months. Processing is necessary for the purposes of data security, in order to ensure the stability and operational security of our system. Article 6(1)(f) GDPR forms the legal basis for this.
We ensure that data is collected anonymously so that no evaluation can be made of an individual’s personal preferences based on their personal data. It is not possible to draw any conclusions about an individual or to combine these data with other sources of personal data. Data is not passed on to third parties.
Temporary cookies remain valid for as long as your stay on a website, after which they are deleted by your browser. Permanent cookies are stored on your browser according to the settings you have selected or until you delete them.
3. Contact form/e-mail
When you fill in a contact form or send us an e-mail or any other electronic message, your details will only be stored for the purposes of processing your query or for correspondence concerning your query and will only be used in connection with your query.
Article 6(1)(b) GDPR forms the legal basis for processing your query. We will delete your e-mail address once your query has been resolved.
This also applies to the kultuhr magazine order form.
4. Applicable version
III. Facebook privacy
Huber Fine Watches & Jewellery, Städtle 34, 9490 Vaduz, Principality of Liechtenstein, runs the Facebook fan page at www.facebook.com/huberwatchesjewellery in conjunction with Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
When you visit our fan page, Facebook records your IP address along with other information present on your computer in the form of cookies. (This is also the case if you do not have a Facebook user account and regardless of whether you are logged into Facebook or not.) This information may be used to provide us as the operator of the fan page with statistical information (hereinafter referred to as “Insights Data”) on the usage of the fan page. We draw your express attention to the fact that we do not perform any analyses, not even statistical analyses. However, by setting up the fan page, we contribute to the processing of the personal data of our fan page visitors. Therefore, as the operator of the fan page, we are involved in decisions as to the purposes and means of processing of the personal data of our fan page visitors and therefore joint data controller in conjunction with Facebook as defined under Article 26 GDPR with regard to this processing.
The primary content of this agreement is supplied by Facebook Ireland. Facebook has made a commitment to us that it will assume primary responsibility for the processing of Insights Data and fulfil all obligations arising from the GDPR with regard to the processing of Insights Data as defined under Articles 12 and 13 GDPR, Articles 15 to 22 GDPR and Articles 32 to 34 GDPR, among others. Facebook Ireland will furthermore supply the key findings of this page insights extension to the data subject.
Facebook provides further information on this under the following links:
Any of your personal data which have been collected in this context will be processed by Facebook Ltd. and therefore potentially transmitted to countries outside of the EEA. How Facebook uses data associated with visits to Facebook pages for its own purposes, to what extent activities on the Facebook page are attributed to individual users, how long Facebook stores this data and whether or not data relating to visits to the Facebook site are passed on to third parties have not been fully and clearly disclosed by Facebook and are unknown to us.
In Facebook’s Data Policy, you will find, for example, information on ways of contacting Facebook and the setting options for advertisements. You can find this policy and information as to how you can manage or delete your data by visiting the following link:
You can find Facebook’s full Data Policy here:
We operate our Facebook page on the basis of our justified interest in optimising communications with you. This involves us processing your data, such as your name and the content of your messages, enquiries or posts, when you contact us via our fan page so that we can respond to your enquiries or posts. We do not, however, process any data in this connection for analysis or marketing purposes.
While navigating on the Rolex section of our website, you may interact with an embedded website from www.rolex.com. In such case, Privacy Notice and Cookies Policy of www.rolex.com are sole applicable.
V. Video surveillance: rights of data subjecs
The data subject has the right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data and the information described in Article 15 of the General Data Protection Regulation (GDPR). In this regard, it may be necessary for the data subject to provide specific details for the purpose of identifying him or her (Article 11 of the GDPR).
The data subject has the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her and, where applicable, to have incomplete personal data completed (Article 16 of the GDPR).
The data subject has the right to obtain from the controller the erasure of data where one of the grounds listed in Article 17 of the GDPR applies, e.g. if the data are no longer necessary in relation to the pursued purposes.
The data subject has the right to obtain from the controller restriction of the processing of his or her data where one of the conditions listed in Article 18 of the GDPR applies.
The data subject has the right to object, on grounds relating to his or her particular situation, to processing of personal data concerning him or her (Article 21 of the GDPR).
Without prejudice to any other administrative or judicial remedy, every data subject has the right to lodge a complaint with a supervisory authority if the data subject considers that the processing of personal data relating to him or her infringes the GDPR (Article 77 of the GDPR). The data subject can assert this right with a supervisory authority in the member state of his or her habitual residence, place of work or place of the alleged infringement.
August, 18 2020 – Version 1