NIKAYA JEWELRY
/
Privacy Policy

Privacy Policy

  1. General Information

Nikaya d.o.o. respects the privacy of its customers and protects all personal data in accordance with European legislation (Regulation (EU) 2016/697 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation or GDPR) and the conventions of the Council of Europe (ETS No. 108, ETS No. 181, ETS No. 185, ETS No. 189)) as well as the national legislation of the Republic of Slovenia (Personal Data Protection Act – ZVOP-2, Official Gazette RS, No. 163/22; Electronic Commerce Market Act – ZEPT, Official Gazette RS, No. 96/09 and 19/15, etc.).

Personal data means any information relating to an identified or identifiable individual (e.g., name, address, email, telephone number). As the data controller, Nikaya d.o.o. ensures that all data is processed lawfully, fairly, and transparently.

  1. Data We Collect

We primarily process the following data:

  • Contact information (name, surname, address, email, telephone number, communication content),
  • Order and payment information (invoice number, transaction details, tax number),
  • Information you provide voluntarily (interests, descriptions, photographs, etc.),
  • Technical access data when using our website (IP address, browser, device, time zone, visit history),
  • Data required to fulfil our legal obligations.

We obtain this data especially:

  • through physical forms you complete,
  • through online forms on our website,
  • via correspondence by email, regular mail, telephone, online forms, forums, etc.,
  • when paying online.
  1. Purpose of Processing Personal Data

Data is used exclusively for:

  • fulfilling orders and providing services,
  • complying with legal obligations,
  • sending notifications and newsletters (when you provide consent),
  • improving the user experience on our website,
  • preventing misuse and ensuring security.

If processing requires your consent, you may withdraw it at any time.

3.1 Processing Based on Your Consent

With your explicit consent, we process personal data only for the purposes you have approved. This includes:

  • direct communication and marketing (e.g., information about new products, offers, promotions, prize games, changes to business terms or the website),
  • user identification,
  • preparing personalised offers based on your inquiries and interests.

In certain cases, providing personal data is essential for completing an order or forming a contract. Without mandatory data, purchases through our online store cannot be completed.

We use the contact information you provided when giving your consent, typically via email or telephone.

We are not responsible for any consequences arising from incorrectly submitted data (e.g., errors, disputes, damage).

3.2 Processing for Contractual Obligations

We process your data when required to fulfil contractual relationships you enter into with us (e.g., purchase, custom-made products, repairs, or service execution).
This data is used for:

  • customer identification,
  • preparing and signing a contract,
  • delivery or collection of goods,
  • issuing invoices and receiving payments,
  • resolving complaints or disputes,
  • informing you about changes in our general terms and conditions.

3.3 Processing Based on Legitimate Interests

To ensure quality services and a secure user experience, we also process data based on our legitimate interests, always balancing our needs with your rights.

Reasons include:

  • preventing misuse and fraud,
  • protecting our rights and asserting claims in legal or administrative procedures,
  • improving user experience, website functionality, and services,
  • ensuring security (preventing unauthorised access, cyber attacks, malware distribution).

If misuse or fraud is suspected, data may be shared with competent authorities.

3.4 Processing Based on Legal Obligations

We also process your data when required by law (e.g., tax regulations, employment laws, anti-money-laundering and counter-terrorist-financing laws).

Data may include:

  • personal name,
  • residential address,
  • date and place of birth,
  • tax number or EMŠO,
  • citizenship,
  • information from an official identification document,
  • information on whether you are a politically exposed person.

These data may also be collected from publicly available records.

  1. Data Retention
  • Data processed based on consent: until the consent is withdrawn.
  • Contract-related data: until contractual obligations end or warranty periods expire (up to 5 years).
  • Data processed under legitimate interests: up to 10 years.
  • Data processed under legal obligations: according to regulations (e.g., 10 years under ZPPDFT-1).
  1. Cookies

The website www.nikayajewelry.com (including emails, online services, advertising, and interactive applications) uses cookies to enable functionality, improve the user experience, enhance security, and support analytics. Cookies do not identify you personally and are used solely to improve website performance.

By using this website, you agree that www.nikayajewelry.com may store cookies on your device. You can manage or delete cookies in your browser settings. Without certain cookies, the website may not function properly.

What are cookies?
Cookies are small text files, typically containing letters and numbers, stored on your device by a website to recognise it.

Why do we use cookies?
They allow us to adjust website content to your preferences, speed up interactions, save your settings, and improve efficiency and enjoyment when browsing.
They help maintain relevant and fresh content, support online services (such as e-commerce), and collect statistics (e.g., visit frequency).
They also allow us to evaluate website design effectiveness and the relevance of third-party advertisements.

  1. Data Sharing

Data may be shared exclusively with contractual partners who perform services for us (e.g., delivery services, payment processors, IT support). All partners have signed data-processing agreements ensuring security and lawful handling.
For sending newsletters, we use external service providers who also comply with GDPR.

  1. Your Rights

At any time, you have the right to:

  • access your personal data,
  • request correction or completion,
  • request deletion (“right to be forgotten”),
  • request restriction of processing,
  • object to processing,
  • data portability,
  • lodge a complaint with the Information Commissioner (https://www.ip-rs.si).

You may withdraw your consent at any time by emailing info@nikayajewelry.com.
After receiving your withdrawal, your personal data will be deleted within 30 days.

  1. Contact

For any questions related to personal data protection, you may contact:
E: info@nikayajewelry.com
NIKAYA d.o.o. (Zlatarna Nikaya Jewelry)
Ježkova ulica 1
1000 Ljubljana