Last updated: 01 October 2018
INFORMATION WE COLLECT FROM YOU
In the course of your visits to our website or use of our products and services, we may obtain the following information about you: name, company name, email address, telephone number, credit card details, billing address, geographic location, IP address, survey responses, support queries, blog comments and social media handles (together ‘Personal Data’).
Our services are not directed to persons under 18 and we do not knowingly collect Personal Data from anyone under 18. If we become aware that a child under 18 has provided us with Personal Data, we will delete that information as quickly as possible. If you are the parent or guardian of a child and you believe they have provided us with Personal Data without your consent, then please contact us.
You can review, correct, update or delete your Personal Data by either logging into your account and making the changes yourself or contacting us directly to do so.
HOW WE USE YOUR INFORMATION
Personally Identifiable Information: We use the information we collect to deliver our services to you, including: communicating with you, providing technical support, notifying you of updates and offers, sharing useful content, measuring customer satisfaction, diagnosing problems and providing you with a personalised website experience.
Marketing communications are only sent to you if you have requested or subscribed to them. You can opt out of our marketing communications at any time by unsubscribing or emailing us and your request will be actioned immediately.
Non-Personally Identifiable Information: We also use the information we collect in aggregated and anonymized forms to improve our services, including: administering our website, producing reports and analytics, advertising our products and services, identifying user demands and assisting in meeting customer needs generally.
Any information you choose to make publicly available, such as blog comments and testimonials on our website, will be available for others to see. If you subsequently remove this information, copies may remain viewable in cached and archived pages on other websites or if others have copied or saved the information.
Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you.
Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
For more insight, you may also want to read Shopify’s Terms of Service (https://www.shopify.com/legal/terms) or Privacy Statement (https://www.shopify.com/legal/privacy).
STORAGE AND SECURITY OF YOUR INFORMATION
We will use all reasonable means to protect the confidentiality of your Personal Data while in our possession or control. All information we receive from you is stored and protected on our secure servers from unauthorized use or access. Credit card information is encrypted before transmission and is not stored by us on our servers.
To enable us to deliver our services, we may transfer information that we collect about you, including Personal Data, across borders for storage and processing in countries other than Australia. If your Personal Data is transferred and processed outside Australia, it will only be transferred to countries that have adequate privacy protections.
We retain your personal information for as long as needed to provide services to you and as otherwise necessary to comply with our legal obligations, resolve disputes and enforce our agreements.
In the event there is a breach of our security and your Personal Data is compromised, we will promptly notify you in compliance with the applicable law.
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
COOKIES AND PIXELS
Here is a list of cookies that we use. We’ve listed them here so you that you can choose if you want to opt-out of cookies or not.
_session_id, unique token, sessional, Allows Shopify to store information about your session (referrer, landing page, etc).
_shopify_visit, no data held, Persistent for 30 minutes from the last visit, Used by our website provider’s internal stats tracker to record the number of visits
_shopify_uniq, no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer.
cart, unique token, persistent for 2 weeks, Stores information about the contents of your cart.
_secure_session_id, unique token, sessional
storefront_digest, unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access.
By using our website, you (the visitor) agree to allow third parties to process your IP address, in order to determine your location for the purpose of currency conversion. You also agree to have that currency stored in a session cookie in your browser (a temporary cookie which gets automatically removed when you close your browser). We do this in order for the selected currency to remain selected and consistent when browsing our website so that the prices can convert to your (the visitor) local currency.
SHARING YOUR INFORMATION WITH THIRD PARTIES
We do not and will not sell or deal in Personal Data or any customer information.
DISCLOSURE OF YOUR INFORMATION
We may from time to time need to disclose certain information, which may include your Personal Data, to comply with a legal requirement, such as a law, regulation, court order, subpoena, warrant, in the course of a legal proceeding or in response to a law enforcement agency request. Also, we may use your Personal Data to protect the rights, property or safety of https://splendidjewellery.com, our customers or third parties.
If there is a change of control in one of our businesses (whether by merger, sale, transfer of assets or otherwise) customer information, which may include your Personal Data, could be transferred to a purchaser under a confidentiality agreement. We would only disclose your Personal Data in good faith and where required by any of the above circumstances.
LINKS TO OTHER WEBSITES
OUR RESPONSIBILITIES UNDER GENERAL DATA PROTECTION REGULATION (GDPR)
If you are a resident of the EU or UK you have certain rights and protections under the GDPR regarding the processing of your Personal Data.
We collect, use and store your Personal Data to enable us to provide you with our goods or services and information about them. We rely on the following lawful means of processing your Personal Data:
– Where it is necessary to fulfil a contract with you. This includes where we collect your Personal Data to enable us to send you our goods or provide you with our services.
– Where you have given us valid consent to use your Personal Data. We will rely on that consent and only use the Personal Data for the specific purpose for which you have given consent. This includes where we email newsletters or send mobile phone notifications.
– We may also process your Personal Data where it is to further our legitimate interests which could include usage statistics, analytics and internal analysis so we can improve our services to you.
YOUR RIGHTS AS AN EU OR UK RESIDENT
If you are a resident of the EU or UK you have various rights including the:
– Right to be informed;
– Right of access;
– Right to rectification;
– Right to object;
– Right to restriction of processing;
– Right to erasure or to be forgotten;
– Right to data portability; and
– Right not to be subject to automated processing.
If you want to access your Personal Data or ask for the information to be corrected, please contact us. In some circumstances, you also have a right to object to or ask that we restrict certain processing activities or delete your Personal Data. If you would like to limit or request deletion of your Personal Data or exercise any other rights you can do so by contacting us.
WITHDRAWING YOUR CONSENT
You can withdraw your consent to our collection or processing of your Personal Data. You can do so by contacting us or by opting out of email newsletter communications by following the instructions in those emails or by clicking unsubscribe. If you withdraw your consent to the use of your Personal Data, you may not have access to our services and we might not be able to provide you with our services. In some circumstances, where we have a legal basis to do so, we may continue to process your information after you have withdrawn consent. For example, if it is necessary to comply with an independent legal obligation or if it is necessary to do so to protect our legitimate interest in keeping our services secure.
We comply with the GDPR protection directives set out by the EU and UK regarding the collection, use and retention of Personal Data from EU member countries and the UK. All Personal Data stored on our platform is treated as confidential. It is stored securely and is only accessed by authorized personnel. Our collection is limited in relation to what is necessary, for the purpose for which the Personal Data is processed, and kept only for so long as is necessary for the purpose for which the Personal Data was collected. We implement and maintain appropriate technical, security and organisational measures to protect Personal Data against unauthorized or unlawful processing or use, and against accidental loss, destruction, damage, theft or disclosure. We ensure the encryption and pseudonymisation of Personal Data and we have adequate cyber security measures in place.
By providing us with your Personal Data, you consent to us disclosing it to third parties who reside outside the EU or UK. We will ensure that those third parties are GDPR compliant.