Changes to Data Protection Legislation. The UK Data Protection Act 2018 (DPA 2018), the applied GDPR (General Data Protection Regulation) has introduced significant and enhanced Rights for Data Subjects, which we will outline in this Privacy Notice.
The Data Controller. We, Xclusive Jewellers are what is known as the Data Controller, namely we have decided upon the purpose and means of processing your data on the Website. Our contact details are:
Mail: Xclusive Jewellers, 37 High Street, Newport, NP20 1GF
If you wish to contact Xclusive Jewellers, please email or send a letter to our contact details above.
Lawful Basis of Processing Personal Data When Visiting This Website. The lawful basis of processing your data is
Contractual obligations - where we need your data to comply with contractual obligations, for example, if you place an order with us, we’ll collect your address to enable us to arrange for the delivery of your purchase;
Legitimate interest - Where we require your data to pursue our legitimate interests per the normal running of our business and which does not materially impact your rights, freedom or interests;
Legal Compliance – where the law requires us to collect and process your data.
Purpose of Processing Personal Data. Personal data is collected on our Website for the following purposes
Supply and manage the service provided, for example, to process orders;
Better understand our customer base;
Manage customer accounts;
Respond to your queries, refund and exchange requests and complaints;
With your agreement, keep in touch with you about promotional offers and products we think may be of interest to you;
For crime and fraud prevention, detection and related purposes;
Personalise website content (using cookies);
Administer any prize draw or competition;
Where we have a legal right or duty to use or disclose your information.
Xclusive Jewellers may collect and process other personal data of yours, however, where this occurs there will be a supporting Privacy Notice.
Categories of Personal Data Processed by Xclusive Jewellers. We will collect and process the following personal data when you use the Website.
Your name, age/date of birth and gender;
Your contact details: postal address including delivery and billing addresses, telephone numbers (including mobile numbers) and email addresses;
Purchases and orders made by you;
Your online browsing activity on our website;
Your communication and marketing preferences;
Your correspondence and communication with us;
Your interests, feedback and survey responses;
Data from publicly available sources including any shared via a public platform such as a Twitter feed or public Facebook post;
Our CCTV systems may record your image during a visit to one of our shops as we have CCTV systems in operation to protect both customers and our staff;
This list is not exhaustive and occasionally we may need to collect additional data for purposes set out in this policy.
In addition, when you visit our website, open our emails, use our apps or interact with our related tools, widgets or plug-ins, we may collect certain information by automated means, such as cookies, web beacons and web server logs. The information we collect in this manner may include your IP address, unique device identifier, browser characteristics, domain and other system settings, search queries, device characteristics, operating system type, language preferences, referring URLs, actions taken on our site, dates and times of website visits, metadata and other information associated with other files stored on your device. Through these automated collection methods, we obtain ‘clickstream data, which is a log of the links and other content on which a visitor clicks while browsing a website. We may link certain data elements we have collected through automated means, such as your browser information, with other information we have obtained about you for the purposes described below, and to let us know, for example, whether you have opened an email we sent to you. While you can change your cookies settings in your browser, please note that without cookies your use of the website may be impaired.
We may also offer internet-based advertising programs on our websites such as AdChoices and NetworkAdvertising. These third-party services selectively display adverts based on browsing history. You can opt-out of these services via these third party websites (please note we have no control over third party websites).
We also may collect information about the location of the mobile device or tablet used to access the website (“Location Data”). Location Data includes: (a) the location of the mobile device or tablet derived from GPS or WiFi use; (b) the IP address of the mobile device or tablet or internet service used to access the website; and (c) other information made available by a user or others that indicates the current or prior location of the user, such as geotag information in photographs. If you do not want us to collect Location Data from your device, please delete the app or disable the location settings on your device or tablet. Note, however, that disabling the location setting may affect your ability to access and use that app.
When you connect with social media through the website, you may link with social media platforms and social media plug-ins (e.g., the Facebook “Like” button, “Share to Twitter” button) (collectively, “Social Media”). When accessing services through a Facebook or other Social Media account, we may (depending on the applicable user privacy settings) automatically have access to information provided to or through the Social Media platform. We may collect and use this information for the purposes described in this Policy or at the time the information is collected.
Information collected directly by the third-party providers of the features is subject to the privacy policies or notices of these providers. We are not responsible for these providers’ information and privacy practices.
How Do We Use Your Data? We use the data that we collect about you for the following purposes:
To supply and manage the service we provide to you, for example, we need to collect your data to enable us to process orders made on our website;
To better understand our customer base to provide both better products and services;
To manage any registered account that you hold with us;
with your agreement, to keep in touch with you about promotional offers and products which we think may be of interest to you;
to respond to your queries, refund requests and complaints;
to verify your identity;
for crime and fraud prevention, detection and related purposes;
to administer any prize draw or competition;
where we have a legal right or duty to use or disclose your information.
We will not disclose any of the information that you provide to us about yourself or anyone else to any third parties without your consent, although we reserve the right to disclose your information if the law requires us or permits us to do so. We may share personal information with service providers who perform services on our behalf. These service providers are permitted to use or disclose the information only as necessary to perform services on our behalf or comply with legal requirements.
We may use information collected through cookies, web beacons, pixels, web server logs and other automated means for purposes such as (a) customising our users’ visits to our website, (b) delivering content tailored to our users’ interests and how our users browse our website, and (c) managing our website and other aspects of our business. To the extent required by applicable law, we will obtain your consent before collecting information using cookies or similar automated means.
We may use third-party analytics services on our websites and apps, such as those of:
The analytics providers that administer these services use technologies such as cookies, web server logs and web beacons to help us analyse your use of our website. The information collected through these means (including IP address) may be used by these analytics providers and other relevant third parties who use the information, for example, to evaluate the use of the website. To learn more about these analytics services and how to opt-out, please visit the relevant websites listed above.
Transfer of Personal Data Outside the EEA (European Economic Area). All personal data collected by Xclusive Jewellers is stored in servers and data centres within the UK.
Sale or Passing of Personal Data to Third Parties. We will not sell or pass your personal data to any company, other than those described above. However, to support law enforcement investigation and other obligations, Xclusive Jewellers may be required to pass personal data outside of normal processes, for very specific and limited purposes.
Retention of Personal Data. We will not retain your data for longer than necessary for the purposes set out in this policy or as required by law or according to our statutory obligations. Different retention periods apply to different types of data. Whilst we will not normally hold any personal data for longer than six years, we reserve the right to retain it to the extent permitted by law, or longer than six years in the event of a dispute or claim.
Data Subject’s Rights. Under DPA 2018 legislation you have some Rights which we have outlined below:
Right of Access. You are entitled to access your personal data so that you are aware of and can verify the lawfulness of the processing. This is best achieved through submitting a Subject Access Request (SAR). In summary, you have the right to obtain:
Confirmation that your data is being processed;
Access to your personal data (a copy); and
Other supplementary information, which corresponds to the information in this Privacy Notice.
Fees and Timings. This information will be provided to you without charge; without delay and within one month. If an extension is required you will be informed of this. If requests are considered manifestly unfounded or excessive, in particular, because they are repetitive, Xclusive Jewellers may choose to:
Charge a reasonable fee taking into account the administrative costs of providing the information; or
Refuse to respond.
The reasons for this will be formally notified to you and your rights to appeal to the appropriate Supervisory Authority, i.e. UK Information Commissioner’s Office (ICO) will be highlighted.
Identify Verification. To protect your personal data, Xclusive Jewellers will seek to verify your identity before releasing any information, which will normally be in electronic format.
Right of Rectification. You are entitled to have personal data rectified if it is inaccurate or incomplete. If any data held about you is inaccurate or incomplete, Xclusive Jewellers will respond within one month of your request. In the unlikely event Xclusive Jewellers does not act on the request for rectification, Xclusive Jewellers will inform you of your rights to complain or seek judicial remedy.
Right of Erasure. You may request the deletion or removal of personal data where there is no compelling reason for its continued processing. The Right to Erasure does not provide an absolute ‘right to be forgotten.’ However, you do have a right to have personal data erased and to prevent processing in specific circumstances:
Where the personal data is no longer necessary about the purpose for which it was originally collected/processed;
When you withdraw consent (and this is the basis of processing);
When you object to the processing and there is no overriding legitimate interest for continuing the processing;
The personal data was unlawfully processed;
The personal data has to be erased to comply with a legal obligation; and
The personal data is processed to offer information society services to a child.
Right to Restrict Processing. When processing is restricted, Xclusive Jewellers are permitted to store the personal data, but not further process it. In this event exactly what is held and why will be explained to you by Xclusive Jewellers.
Right to Data Portability. You may request to obtain and reuse your personal data for your purposes across different services. This allows you to move, copy or transfer personal data easily from one IT environment to another safely and securely, without hindrance to usability. The Right to Data Portability only applies:
To personal data you have provided to Xclusive Jewellers;
Where the processing is based on your consent or for the performance of a contract; and
When processing is carried out by automated means.
In these circumstances, Xclusive Jewellers will provide a copy of your data to you in an electronic format free of charge, without undue delay and within one month. If there is a delay to this, you will be informed by Xclusive Jewellers.
Right to Object. You have the Right to Object to:
Processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling);
Direct marketing (including profiling); and
Processing for purposes of scientific/historical research and statistics.
Automated Decision Making and Profiling. Xclusive Jewellers do not employ any automated decision-making or conduct profiling of Data Subjects.
Cookies. This section outlines the type of cookies we apply to the Website. The cookies we use are described as below:
Strictly Necessary Cookies. These are cookies that allow you to use different parts of our website. Without them, the different features that you have requested cannot be provided. These are usually set in response to an action performed by the user like clicking on a link or failing to enter the correct password to your account.
Functional Cookies. These help us to make your experience within our site more personal. For instance, knowing if you have been on the site before so that messages for new visitors are not displayed to you.
First Party Cookies. These are cookies that are set by our website. And only we can read them.
Session Cookies. These are stored while you browse our site and then deleted once you leave.
Persistent Cookies. These are saved on your computer and won’t be deleted when you close the web page. We use these to provide functionality like keeping you logged in when you come back to the site.
Performance Cookies. These help us to track how people are using our site. They help us to know what pages people are using most and how users navigate around the site, we use this information to make an informed decision about how we can improve the user experience of our site. The information we get using these cookies is completely anonymous and we will not attempt to identify you or influence your experience of our site while you are on it.