Privacy policy

1. General

The protection of your personal data is important to us.
We treat personal data confidentially and in accordance with the applicable data protection laws, in particular the Swiss Federal Act on Data Protection (FADP), as well as this Privacy Policy.

This Privacy Policy provides transparent information about how and for what purpose personal data is collected, processed, stored, and protected in connection with the Nanush online store.

2. Controller

The controller responsible for data processing within the meaning of the FADP is:

Alma Behluli Xhelili
(Einzelunternehmen, Auftritt unter dem Namen Nanush)
E-Mail: info@nanush.ch
Switzerland

3. Obligation to Provide Data

In the context of a business relationship, those personal data must be provided that are necessary to conclude and process orders and to comply with legal obligations.

Without such data, it is generally not possible to enter into or perform a contract.
When visiting the website, technical data (e.g., IP address) is also processed, which is necessary for operating and securing the website.

4. Types of Personal Data Processed

Depending on how the online store is used, the following data may be processed in particular:

  • First and last name
  • Shipping and billing address
  • Email address and telephone number
  • Payment and transaction data
  • Order and communication data
  • Technical data (e.g., IP address, browser information)

5. Purposes of Data Processing

Personal data is processed in particular for the following purposes:

  • Processing orders and deliveries
  • Communication with customers
  • Payment processing
  • Compliance with legal retention obligations
  • Operation, security, and optimization of the online store

6. Use of Shopify

The online store is operated via the e-commerce platform Shopify.
Shopify provides the technical infrastructure and processes personal data on our behalf.

In doing so, data may be processed on servers outside Switzerland or the European Union. Shopify undertakes to comply with appropriate data protection standards.

Further information can be found in Shopify’s Privacy Policy.

7. Disclosure of Data to Third Parties

Personal data is only disclosed to third parties insofar as this is necessary to fulfill the contract or if there is a legal obligation.

Recipients may include in particular:

  • Payment service providers
  • IT and hosting service providers (e.g., Shopify)
  • Shipping and logistics service providers

No disclosure is made for other purposes.

8. International Data Transfers

As part of using Shopify or payment service providers, personal data may be transferred abroad.

In such cases, it is ensured that an adequate level of data protection is guaranteed or that appropriate contractual safeguards are in place.

9. Data Security

We implement appropriate technical and organizational security measures to protect personal data against unauthorized access, loss, or misuse.

Please note that electronic transmission of data can involve security risks.

10. Cookies

The online store uses cookies and similar technologies to enable and improve the use of the website.

Cookies can be restricted or disabled in the browser settings. However, this may impair the functionality of the online store.

11. Rights of Data Subjects

Within the framework of the applicable data protection laws, data subjects have, in particular, the following rights:

  • Access to processed personal data
  • Rectification of incorrect data
  • Deletion of personal data, provided there is no legal retention obligation
  • Restriction of or objection to processing
  • Data release or data portability, where provided by law

Requests can be sent at any time to the contact address stated above.

12. Retention Period

Personal data is retained only for as long as necessary for the purposes stated above or as long as legal retention obligations exist.

Once the purpose no longer applies, the data will be deleted or anonymized, where possible.

13. Changes to this Privacy Policy

This Privacy Policy may be amended at any time.
The version published on the website at the relevant time shall apply.

14. Applicable Law

Swiss data protection law applies.
Where applicable, the provisions of the General Data Protection Regulation (GDPR) are also taken into account.