We will always keep your data safe and secure. This policy explains what information we collect about you and how we use it.
The website is owned and operated by Layla Diamonds Ltd T/A Layla Diamonds (“we”, “our” and “us”).
This policy takes effect for all our Customers and website Visitors from [POLICY LIVE DATE]. We sell our products on our website, Google Shopping, Facebook and Instagram.
Layla Diamonds must comply with UK General Data Protection Regulation (“UK GDPR”) and the Data Protection Act 2018 and will therefore process your data securely and transparently.
In most cases, Layla Diamonds is a Data Processor, by acting on our Customer’s instructions who places an order with us for one of our diamond fine jewellery products on our website.
The Customer is generally speaking, the Data Controller, who determines the purpose of the data and the means.
1. DATA CONTROLLER DETAILS
100 Hatton Garden
London Diamond Bourse
Email address: email@example.com
Contact number: (+44) 07572 782719
Direct messaging via Instagram @layladiamonds
Registered company number: 12109023
2. DATA PROTECTION PRINCIPLES
In relation to personal data, we will:
3. TYPES OF DATA WE COLLECT
The types of data that we must collect to provide our retail services includes:
We collect this information either because it is necessary so that we can perform our contract of providing products or services to you, or in our legitimate interests to do so and/or to meet our legal obligations, as an online retail business.
Our selected partners may require your email address and/or postal address in order to provide customer service support, statistical research and/or for conducting delivery duties. Our partners are strictly prohibited from using your personal data for any other purposes other than the above and are obliged to comply with customer confidentiality and privacy of data principles at all times.
4. HOW WE COLLECT YOUR DATA
If you are our Customer, we collect data about you only as supplied by you when placing an order with Layla Diamonds and/or when you contact us.
We collect personal information from you including any electronic devices (such as mobile phones, tablets and desktops) that you use when you:
Personal data is held securely on our website and email IT systems, which are password protected and access to the above information is restricted to Layla Diamonds and its colleagues who may require access to it to undertake their job duties and in order to process your orders and/or send emails for a mailing list to those who are subscribed on our mailing list.
The website used is via our web provider [NAME]. This protection is validated by an SSL (Secure Sockets Layer) certificate, a transport layer security and is enabled for HTTPS for our website.
If you have subscribed to our newsletter (if and when we provide this), we will send you newsletter updates by email to share any offers and information on our fine jewellery products to keep you updated of what we are up to and to assist with our new products. This is the only time we will ever send marketing emails.
You can stop receiving marketing emails from us at any time by contacting us via our website contact us function, messaging service on our site or you can simply email us.
Ways to opt out
We will never disclose your personal information to third parties for their own marketing purposes.
4. WHY WE COLLECT YOUR DATA
5. WHY WE PROCESS YOUR DATA
Layla Diamonds can process your data only for specific purposes due to data protection law:
All of the processing carried out by us falls into one of the legally permitted reasons.
We will need to collect your personal data in order to carry out the contract that we have entered into with you as a Customer. We also process data to ensure we can carry out activities that are in the legitimate interests of Layla Diamonds. For example, to secure payments of our products online.
6. IF YOU DO NOT PROVIDE YOUR DATA TO US
Our main reason to process your data is so that we can carry out our contractual duties agreed with you, mailing list subscribers and/or visitors of our website.
If you do not provide us with the required data to be able to carry out our contractual duties, we cannot perform our obligations including the processing of Customer orders for the sale of our fine jewellery products. However, providing this data is your decision and must be at all times.
7. SHARING YOUR DATA
Your data will only be shared with our colleagues at Layla Diamonds and couriers where required, in order for them to undertake their duties and our website provider/IT support agents to manage technical issues. We also will not share your data with bodies outside of the European Economic Area.
SHARING YOUR INFORMATION
We will never share or sell any of your data/personal information with any third party subject to the below exceptions.
We may share your data with the following companies, as an essential part of being able to provide our services to you for these specific purposes:
We may also be required to share some of your data with others for the below reasons:
8. PROTECTING YOUR DATA
We acknowledge our obligation to ensure your data is protected against accidental loss or disclosure, destruction and abuse. We have implemented safeguarding processes for this.
Layla Diamonds has taken the following steps to protect personal data, which it holds or to which it has access:
i. It may appoint or employ individuals with specific responsibilities for:
· Processing and controlling of data.
· The comprehensive reviewing and auditing of its data protection systems and procedures.
· Overseeing the effectiveness and integrity of all the data that must be protected.
ii. It provides its employees (if any) with information and training to make them aware of the importance of protecting personal data, to teach them how to do this, and to understand how to treat information confidentially.
iii. It can account for all personal data it holds, where it comes from, who it is shared with and also who it might be shared with.
iv. It carries out risk assessments to identify any vulnerability in its personal data handling and processing, and to take steps in reducing the risks of mishandling and potential breaches of data security.
The process includes an assessment of the impact of both the use and potential misuse of personal data.
v. It recognises the importance of seeking individuals’ consent (where appropriate) for obtaining, recording, using, sharing, storing and retaining their personal data, and regularly reviews its procedures for doing so, including the audit trails that are needed and are followed for all consent decisions.
Layla Diamonds understands that consent given by the Customer must be freely given, specific, informed and unambiguous, at all times.
Layla Diamonds will seek consent on a specific and individual basis where appropriate. Full information will be given regarding the activities about which consent is sought. Relevant individuals have the absolute and unimpeded right to withdraw their consent at any time.
vi. It has the appropriate safeguarding processes for detecting, reporting and investigating suspected or actual personal data breaches, including where these are caused by security breaches. It is aware of its duty to report breaches that cause significant harm to the affected individuals to the Information Commissioner Office and to the Data Subject, and is aware of the possible consequences.
vii. To understand the implications of the transfer of personal data internationally. Where access to your data is required, the following apply:
i. The principle of least privilege is always applicable. Therefore those with access to such data will only have the minimum amount of access to a resource that is required for them to undertake their role.
ii. Access to personal data is protected safely. Passwords that are used must meet the specified complexity requirements and must be kept confidential to the user and not shared with anyone else including colleagues (if any).
iii. We regularly monitor our system for possible vulnerabilities and attacks.
iv. All emails to and from Layla Diamonds will be sent using [NAME OF EMAIL HOST e.g. google].
v. Where we share your data with third parties, we have a written agreement with them to ensure that your data is held securely and in line with UK GDPR requirements.
Third parties must implement appropriate technical and organisational measures to ensure the security of your data.
Protecting your information
As you know, the internet is not a 100% secure method for communication and so we are unable to guarantee the security of any information you send to us (or we send to you) via the internet. We are not responsible for any damages which you, or others, may suffer as a result of the loss of confidentiality of such information. We take reasonable precautions to protect your information. We cannot ensure or warrant the security of any information you transmit to us, and you do so at your own risk. We use our best endeavours to ensure it is secure on all our online and IT systems as outlined above.
We will never store or process your card details/card payment data/bank account details ourselves though they are processed and may be stored by our third party service providers. We encrypt your payment card details in your browser and securely transfer this data to our third party payment provider to process a payment/provide a refund and/or to prevent and detect fraud against either you or us.
The security of your financial transactions is extremely important to us and we are committed to protecting you as best as we can.
9. HOW LONG DO WE KEEP YOUR DATA?
Layla Diamonds keeps your data only for as long as it is necessary for us. You are entitled to exercise your right to erasure of this data by making a request verbally or in writing to us (phone call, post or email) though we recommend a written request.
Once we no longer need your data, we will take steps to delete it. Layla Diamonds conducts annual checks of personal data that we hold to ensure everything has been deleted at the end of its retention period.
10. AUTOMATED DECISION MAKING
No decision will be made about you solely on the basis of automated decision making (where a decision is taken about you using an electronic system without human involvement), which has a significant impact on you.
11. YOUR RIGHTS IN RESPECT OF YOUR DATA
Data protection laws provide you with specific rights in relation to the data we hold about you. These rights are set out as follows:
Withdrawing your consent means that we will stop processing the data that you had previously given us consent to use. There will be no consequences for withdrawing your consent. However, in some cases, we may continue to use the data where so permitted by having a legitimate reason for doing so.
If you wish to exercise any of the rights explained above, please contact us as soon as possible, via email at firstname.lastname@example.org.
13. IF YOU WISH TO MAKE A COMPLAINT
In the event you are unhappy or wish to make a complaint to Layla Diamonds about your privacy or personal data concerns, please contact us by email on email@example.com so that we can investigate your complaint as soon as possible. We will try our best to provide you with an amicable resolution, where possible and will treat these matters seriously.
The supervisory authority in the UK for data protection is the Information Commissioner Office (ICO). If you think that your data protection rights have been breached by us, please contact us in the first instance so we can look into this for you, otherwise you are entitled to make a complaint to the ICO.
14. DATA PROTECTION OFFICER
Our Data Protection Officer can be contacted at:
WHAT IS A COOKIE?
A cookie is a piece of data sent from a website and stored on your computer’s hard drive. When you use the same website such as ours again in the future, the data stored in the cookie can be retrieved by the website to notify the same site of your previous activity.
In order to be able to purchase online, you must have your cookies enabled.
Our cookies do not store personal information such as your name, address or payment details. However, cookies may allow us the ability to access this information once you are logged into your account with us, for specific reasons outlined below.
HOW CAN YOU MANAGE YOUR COOKIES ON OUR WEBSITE?
To check your cookies setting or if you prefer to limit, block or delete your cookies from www.layladiamonds.com, you will need to update your options using your browser.