Privacy Policy for Ruby’s Jewellery (rubysjewellery.com)

We are staunchly committed to protecting and meticulously safeguarding your privacy and personal data through advanced protection protocols and comprehensive security measures across our entire platform.

This policy applies where we are acting as a data controller with respect to the personal data of our website visitors and service users; in other words, where we determine the purposes and means of the processing of that personal data. In this role, we are responsible for maintaining comprehensive oversight of how your personal information is collected, used, and protected throughout our systems.

We may process usage data (“usage data”), which comprehensively includes browser type and version, operating system, referral source, length of visit, page views, website navigation paths, and timing and frequency of visits. This information is collected through server logs, cookies, and website analytics tools and may include interaction patterns, feature utilization, and browsing behavior. The source of this data is our analytics tracking system, user devices, and browser interactions. We process this information for several important purposes, including improving website functionality, optimizing user experience, analyzing trends, and maintaining security, which enables us to enhance service delivery, personalize content, and prevent fraudulent activities. The legal basis for this processing is our legitimate interests in monitoring and improving our website and services.

We may process account data (“account data”), which comprehensively includes name, email address, telephone number, postal address, payment information, purchase history, and account preferences. This information is collected through registration forms, checkout processes, and account settings and may include billing details, shipping addresses, and communication preferences. The source of this data is direct user input during account creation and subsequent interactions. We process this information for order fulfillment, payment processing, customer support, and marketing communications, which enables us to provide our services, process transactions, and maintain customer relationships. The legal basis for this processing is the performance of a contract and our legitimate interests in proper business administration.

We may process profile data (“profile data”), which comprehensively includes username, profile picture, biographical information, jewelry preferences, wish lists, and style preferences. This information is collected through profile creation, preference settings, and user interactions and may include saved items, favorite designs, and size specifications. The source of this data is voluntary user submissions and account customization. We process this information for personalizing user experience, providing product recommendations, and enabling social features, which enables us to deliver tailored content, facilitate sharing, and enhance user engagement. The legal basis for this processing is consent and our legitimate interests in providing personalized services.

User Rights:

Right to Access: You have the right to access your personal data that we process. This includes obtaining confirmation of whether we process your data and receiving a copy of that data in a structured, commonly used format. You can request access to specific categories of data, historical processing records, and information about how your data is used. To exercise this right, you can submit a formal request through our dedicated data access portal or contact our privacy team directly. We will respond within 30 days and may require government-issued identification, proof of address, and account verification to protect your privacy.

Right to Rectification: You have the right to correct any inaccurate personal data we hold about you and complete any incomplete personal data. This includes updating contact information, correcting billing details, and modifying account preferences. To exercise this right, you can either update your information directly through your account settings or submit a correction request through our support channel. We will process your request within 15 days and may require account verification, supporting documentation, and specific details about the information to be corrected.

Right to Erasure: You have the right to request the deletion of your personal data when it is no longer necessary for the purposes for which it was collected. This includes removing account information, usage history, and profile data. To exercise this right, you can submit an erasure request through our privacy center or contact our data protection officer. We will process your request within 30 days and may require account password verification, identity confirmation, and specific consent withdrawal acknowledgments.

Right to Restrict Processing: You have the right to limit how we use your personal data if you contest its accuracy or object to its processing. This includes temporarily halting data processing, limiting data usage to specific purposes, and suspending marketing communications. To exercise this right, you can submit a processing restriction request through our privacy settings or contact our support team. We will respond within 15 days and may require account ownership verification, specific processing details, and reason documentation.

Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format and transmit it to another controller. This includes downloading your account information, order history, and profile details. To exercise this right, you can use our data export tool or submit a portability request through our customer service channel. We will fulfill your request within 30 days and may require two-factor authentication, account verification, and specific format preferences.Data Processing and Security Measures

At rubysjewellery.com, we carefully process various types of personal data to provide our services:

We process Service Data which includes customer profiles, account settings, and service preferences. This processing involves automated collection and analysis, enabling us to personalize your shopping experience and jewelry recommendations. For example, in the context of jewelry retail, this includes size preferences, metal allergies, and style choices. The legal basis for this processing is legitimate business interests and contractual necessity, specifically to provide personalized jewelry services and maintain accurate customer records.

We process Technical Data which includes device information, IP addresses, and browsing patterns. This processing involves automated logging and analysis, enabling us to optimize website performance and security. For example, this includes tracking shopping cart abandonment rates and page load times. The legal basis for this processing is legitimate interests, specifically to maintain website functionality and prevent fraud.

We process Communication Data which includes email correspondence, chat logs, and customer service interactions. This processing involves storage and analysis of communications, enabling us to provide effective customer support and maintain service quality. For example, this includes jewelry care inquiries and custom order discussions. The legal basis for this processing is consent and legitimate interests, specifically to respond to customer inquiries and improve service delivery.

We process Transaction Data which includes purchase history, payment details, and shipping information. This processing involves secure payment processing and order fulfillment, enabling us to complete sales transactions and deliver products. For example, this includes processing credit card payments and tracking jewelry deliveries. The legal basis for this processing is contractual necessity and legal obligations, specifically to fulfill orders and comply with tax regulations.

We process Preference Data which includes saved items, wish lists, and marketing preferences. This processing involves preference tracking and analysis, enabling us to provide personalized recommendations and marketing communications. For example, this includes jewelry style preferences and anniversary reminders. The legal basis for this processing is consent and legitimate interests, specifically to enhance the shopping experience and provide relevant communications.

Security Measures

Our security infrastructure includes:

Our comprehensive encryption protocols ensure end-to-end protection of your data, incorporating industry-standard algorithms and regular security updates to maintain data integrity. This includes regular security assessments and penetration testing by qualified professionals.

We implement multi-layered security infrastructure, including advanced firewalls and intrusion detection systems that continuously monitor for and prevent unauthorized access attempts. This infrastructure undergoes regular updates and enhancements.

Access to personal data is strictly controlled through role-based permissions, multi-factor authentication, and detailed access logs. We maintain comprehensive audit trails of all data access and modifications.

Our continuous monitoring systems provide real-time threat detection and automated response protocols, ensuring immediate action against potential security threats.

We maintain comprehensive backup procedures with encrypted offsite storage and regular recovery testing, ensuring data availability and integrity.

All staff undergo regular security awareness training and must comply with detailed data protection protocols, including specific training for handling sensitive data.

International Data Transfers

We may transfer your personal data to countries outside your jurisdiction. These transfers are protected by appropriate safeguards, including Standard Contractual Clauses, Binding Corporate Rules, and Privacy Shield certifications. Each international transfer is conducted under strict protocols that ensure:
– Adequate data protection standards
– Compliant processing procedures
– Enforceable data subject rights
– Effective legal remedies

International transfers are protected by ISO 27001, GDPR, and CCPA standards, ensuring compliance with international data protection regulations. We implement additional measures including:
– Regular compliance audits
– Data protection impact assessments
– Documented transfer mechanisms
– Continuous monitoring procedures

Regarding international transfers, you maintain specific rights including:
– Right to information about transfers
– Right to object to transfers
– Right to withdraw consent
– Right to data protection guarantees

Data Retention

We maintain specific retention periods for different data categories:

Account Information: 7 years after account closure to comply with tax and legal requirements
Usage Data: 2 years to analyze long-term usage patterns and improve services
Transaction Records: 7 years to comply with financial regulations and handle potential disputes
Communication History: 3 years to maintain service continuity and handle ongoing customer relations
Technical Logs: 1 year for security monitoring and system optimization

These retention periods are determined by:
– Legal requirements
– Business purposes
– Technical necessities
– User preferences

Special circumstances affecting retention:
– Legal obligations
– Dispute resolution
– Security investigationsCookie Policy for rubysjewellery.com

Essential cookies serve fundamental functions for our website operations. These cookies process authentication data, security tokens, and session information to maintain a secure and stable browsing experience. In our jewelry retail context, these cookies enable secure checkout processes, shopping cart maintenance, and user account access. We use them specifically for user authentication, implementing robust security measures, managing basic site operations, maintaining session stability, and ensuring technical reliability across our platform.

Functional cookies enhance your jewelry shopping experience by remembering your preferences. These cookies process user-specific settings to deliver personalized functionality. For example, they remember your preferred metal types, ring sizes, and favorite collections. They enable language preferences, region-specific pricing and availability, user interface customization, feature optimization, and storage of personalized settings for future visits.

Analytics cookies help us understand how visitors interact with our jewelry collections. These cookies collect data about page interactions, helping us understand which pieces attract the most attention. They track navigation patterns through our collections, feature usage of our jewelry customization tools, session duration on product pages, and user preferences for different jewelry categories.

Performance cookies assess and improve our website’s operation by monitoring site speed during high-traffic periods, identifying technical issues in our product displays, optimizing content delivery for high-resolution jewelry images, analyzing user experience with our virtual try-on features, and tracking system performance across our entire platform.

Cookie Management

You can control your cookie preferences through your browser settings, our cookie consent banner, privacy preference center, and account settings. We respect your right to modify these choices at any time.

GDPR Compliance

For EU residents, we ensure explicit consent mechanisms before processing data, implement data minimization practices, strictly limit data usage to stated purposes, maintain appropriate storage limitations, and provide full transparency in our processing activities.

CCPA Compliance

California residents have specific rights regarding their personal information, including the right to know about collected data, delete personal information, opt-out of data sales, receive non-discriminatory service, and access collected information.

COPPA Compliance

Regarding users under 13, we implement strict age verification requirements, require parental consent for any data collection, limit data collection to essential information only, maintain special protection measures for young users’ data, and provide comprehensive parental access rights.

Updates and Changes

Our policy updates involve regular review procedures, clear user notifications of changes, consent renewal requests when necessary, detailed documentation of modifications, and continuous compliance monitoring to meet evolving privacy standards.

Contact Information

For privacy-related inquiries:
Primary Contact: [email protected]
Response Time: Within 48 hours
Verification Required: For data-related requests
Available Support: Privacy concerns, data requests, rights exercise

This policy was created specifically for rubysjewellery.com and covers all associated services within the jewelry retail industry.