Privacy Policy

Your privacy is important to us. This policy explains how we collect, use, protect, and manage your personal data.

Last Updated: December 2024

Your Data Protection Rights

9 Jewels Ltd is committed to protecting your privacy and complying with the UK Data Protection Act 2018 and the General Data Protection Regulation (GDPR). This policy explains your rights and how we handle your personal information.

Who We Are

Data Controller: 9 Jewels Ltd

Registered Office: Office 16696, 182-184 High Street North, East Ham, London E6 2JA, United Kingdom

Company Registration Number: 12345678 (England and Wales)

Contact Email: privacy@9jewels.co.uk

Contact Phone: +44 20 1234 5678

If you have any questions about this privacy policy or how we handle your data, please contact us using the details above.

Information We Collect

Personal Information You Provide

When you interact with our website or make a purchase, we may collect:

Identity Information: Name, title, date of birth
Contact Information: Email address, phone number, billing and shipping addresses
Financial Information: Payment card details (processed securely by our payment providers - we do not store full card details)
Transaction Information: Order history, purchase details, preferences
Account Information: Username, password, security questions
Marketing Preferences: Your choices regarding marketing communications

Information We Collect Automatically

When you visit our website, we automatically collect:

Technical Information: IP address, browser type, device type, operating system
Usage Information: Pages viewed, time spent on pages, click patterns, referral sources
Cookie Information: Cookie identifiers and related data (see our Cookie Policy)
Location Information: Approximate geographical location based on IP address

How We Use Your Information

We use your personal information for the following purposes:

Order Processing: To process and fulfill your orders, including payment processing and delivery
Customer Service: To respond to inquiries, provide support, and handle returns or complaints
Account Management: To create and manage your account, including authentication and security
Marketing Communications: To send promotional emails, special offers, and updates (only with your consent)
Website Improvement: To analyze usage patterns and improve our website functionality and user experience
Fraud Prevention: To detect and prevent fraudulent transactions and protect against security threats
Legal Compliance: To comply with legal obligations, including tax and accounting requirements
Business Operations: To manage our business operations, including inventory management and financial reporting

Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

Contract Performance: Processing necessary to fulfill our contract with you (e.g., processing your order)
Legitimate Interests: Processing necessary for our legitimate business interests (e.g., fraud prevention, website security)
Consent: Where you have given explicit consent (e.g., marketing emails)
Legal Obligation: Where we must comply with legal or regulatory requirements

Sharing Your Information

We may share your personal information with the following third parties:

Payment Processors: Secure payment providers to process transactions (e.g., Stripe, PayPal)
Shipping Partners: Courier services to deliver your orders (e.g., Royal Mail, DHL)
Service Providers: Third-party services that help us operate our business (e.g., email service providers, analytics services)
Professional Advisors: Lawyers, accountants, and other professional advisors when necessary
Law Enforcement: Government authorities when required by law or to protect our rights

We never sell your personal information to third parties for marketing purposes.

Data Security

We implement appropriate technical and organizational security measures to protect your personal information from unauthorized access, disclosure, alteration, or destruction.

Our security measures include:

SSL/TLS encryption for data transmission
Secure payment processing through PCI DSS compliant providers
Regular security audits and vulnerability assessments
Access controls and authentication mechanisms
Employee training on data protection and security
Secure backup and disaster recovery procedures

While we take all reasonable precautions, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security of your data.

Your Data Protection Rights

Under GDPR and UK data protection law, you have the following rights:

Right to Access: Request copies of your personal data
Right to Rectification: Request correction of inaccurate or incomplete data
Right to Erasure: Request deletion of your personal data (subject to certain conditions)
Right to Restrict Processing: Request that we limit how we use your data
Right to Data Portability: Request transfer of your data to another service
Right to Object: Object to processing based on legitimate interests or for direct marketing
Right to Withdraw Consent: Withdraw consent for processing at any time

To exercise any of these rights, please contact us at privacy@9jewels.co.uk. We will respond within one month.

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, or reporting requirements.

Retention periods:

Customer account data: Until account deletion or 3 years of inactivity
Order and transaction data: 7 years (for tax and accounting purposes)
Marketing consent: Until consent is withdrawn
Website analytics data: 26 months

Cookies

Our website uses cookies and similar technologies to enhance your browsing experience, analyze website traffic, and personalize content.

Types of cookies we use:

Essential Cookies: Required for website functionality
Analytics Cookies: Help us understand how visitors use our website
Marketing Cookies: Used to deliver relevant advertisements

You can manage cookie preferences through your browser settings. Note that disabling certain cookies may affect website functionality.

Marketing Communications

We may send you marketing emails about our products, special offers, and news. You can opt out at any time by:

Clicking the "unsubscribe" link in any marketing email
Updating your preferences in your account settings
Contacting us at marketing@9jewels.co.uk

Note: Even if you opt out of marketing emails, we will still send transactional emails related to your orders and account.

International Data Transfers

Your personal data is primarily stored and processed within the UK and European Economic Area (EEA). If we transfer data outside the UK/EEA, we ensure appropriate safeguards are in place, including:

Standard Contractual Clauses approved by the European Commission
Adequacy decisions confirming sufficient data protection
Binding Corporate Rules for transfers within corporate groups

Changes to This Policy

We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. We will notify you of significant changes by:

Posting the updated policy on our website
Updating the "Last Updated" date at the top of this page
Sending an email notification for material changes (if you have an account)

We encourage you to review this policy periodically to stay informed about how we protect your information.

Complaints

If you believe we have not handled your data correctly, you have the right to lodge a complaint with the UK Information Commissioner's Office (ICO):

Information Commissioner's Office

Wycliffe House, Water Lane

Wilmslow, Cheshire SK9 5AF

Phone: 0303 123 1113

Website: www.ico.org.uk

We would appreciate the opportunity to address your concerns first, so please contact us before lodging a complaint with the ICO.

Questions About Your Privacy?

If you have any questions about this Privacy Policy or how we handle your data, please contact our privacy team.