Privacy & Cookies

Policy

The law in relation to data protection changed on the 25 May 2018 when the General Data Protection Regulation came into force in the United Kingdom and across Europe. Your use of our website and services/products will be subject to the most current version of this privacy policy posted on our website at the time of your use.  We recommend that you check the website from time to time to inform yourself of any changes – we will notify you every time we make a significant change to this policy. The most recent version will apply each time you access this website.

For the purposes of the General Data Protection Regulation, Blacklock Jewellery ('we' or 'us') is the 'data controller' (i.e the company who is responsible for, and controls the processing of, your personal data).

Who we are and how you can contact us

We are Blacklock Jewellery, a fine jewellery retailer since 1832.

Our registered office is 86-90 Paul Street, London, EC2A 4NE

If you wish to contact us, please send an email to info@blacklockjewellery.com.

Personal data we may collect about you

We may collect personal information about you in the following ways:

Data you give to us:

• Data you give to us when you place an order with us
• When you talk to us on the phone or in person
• When you message us using message applications such as Whats’App
• When you use our website
• In emails or letters to us
• If you sign up to our promotions, events or newsletter
• When you give us feedback

Data we collect when you use our services:

• Payment and transaction data
• Profile and usage data, including data we gather from the devices you use to connect to those services such as computers and mobile phones, using cookies (please see our cookies policy below) and other internet tracking software

Data from third parties we work with:

• Social networks
• Agents or contractors working on our behalf (such as our CRM Partner, Newsletter Distributor, Mailing House, online payment gateway provider)
• A friend of yours

Data we collect about you

We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:

• Identity data – name, username, title, and date of birth
• Contact data – billing address, delivery address, email address or telephone numbers
• Financial data – payment card details
• Transaction data – details about payments to and from you and other details of products and services you have purchased from us
• Technical data - internet protocol (IP) address, originating domain, your login data, browser type and version, time zone setting and location data, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our website
• Profile data – your purchases or orders made by you, your interests, preferences, feedback and survey responses
• Usage data – information about how you use our website, products and services

Marketing and communications data – your preferences in receiving marketing from us and our third parties and your communication preferences

This information helps us to build a profile of our users. Some of this data will be aggregated or statistical, which means that we will not be able to identify you individually. For further information on our use of cookies, please see our Cookie policy.

We do not routinely collect any “special categories” of personal data about you (this includes details about your religion, race or ethnicity, sexual orientation, political opinions, information about your health and genetic and biometric data), nor do we collect any information about criminal convictions and offences.

How we use your personal data

Your personal data and privacy is protected by law.

We are only allowed to use personal information about you if we have a legal basis to do so, and we are required to tell you what that legal basis is.

In some circumstances we can use your personal information if it is in our legitimate interest to do so. As a business we need to provide details of what that legitimate interest is.As a business we need to provide details of what that legitimate interest is. A legitimate interest is when we have a business or commercial reason to use your information which, when balanced against your rights, is justifiable. Legitimate interests are detailed in the table below.

We have set out in the table below: the personal information which we collect from you, how we use it, and the legal ground on which we rely when we use the personal information.

What we use your personal information for	What personal information we collect	Our legal grounds for processing	Our legitimate interests (if applicable)
To provide you with information, products or services that you request from us	Identity data Contact data	Performance of our contract with you	To provide requested information in a timely manner
To process and deliver (if applicable) your order	Identity data Contact data	Performance of our contract with you	To ensure processing and delivery of goods
To manage payments	Financial Data	Performance of our contract with you	To ensure secure payment for goods
To manage our relationship with you – notify you about changes to our service	Identity data Contact data Profile data	Legitimate interest	To keep your records up-to-date and ensure that we run our business efficiently and supply the services that are requested
To enable you to receive our exclusive offers and special events (including when you sign up to receive our newsletter)	Identity data Contact data Marketing and communications data	Consent Legitimate interest	To grow our business and keep you informed of offers and events that may interest you
To use data analytics to improve our website, products, marketing, customer relationships and experiences	Technical data Profile data Usage data	Legitimate interest	To define types of customers for our services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy
To make suggestions and recommendations to you about goods that may be of interest to you	Identity data Contact data Marketing and communications data	Legitimate interest	To keep you informed of new products or similar products to the ones you showed an interest in

Who we share your personal information with

We may share your personal information with any of the following organisations, for the purposes of providing the goods or services which you have requested from us:

Our business partners in accordance with the 'Marketing and opting out' section below

Our credit card processors (Payment Gateway Provider)

Our customer relationship management provider (CRM System)

Our marketing automation platform provider (Newsletter Distributor)

External service providers (acting as data processors) that provide applications/functionality, data processing or IT services to us (for example, we use third parties to support us in storing processed data)

Law enforcement agencies in connection with any investigation to help prevent unlawful activity

Third Parties

We will not share your personal data with any third party for its marketing purposes.

We sometimes share your personal data with trusted third parties. Examples detailed below:

IT companies to help support our website and other business systems.

Operational companies such as delivery couriers.

Direct marketing companies who help us manage our electronic communications with you.

Google/Facebook to show you products that might interest you while you’re browsing the internet. This is based on either your marketing consent or your acceptance of cookies on our websites. See our Cookies Notice below for details.

Marketing and opting out

We will only contact you by email about our products, if you have asked us to do so.

We may use your data to provide you with information about goods, services, upcoming offers or events which may be of interest to you.

We can only use your personal information to send you marketing messages if we have either your consent or a legitimate interest to do so.

We will not share your personal data with any third party for its marketing purposes.

If you have changed your mind and would prefer us not to contact you for any of the above, then you can opt out at any time – you just need to contact us on info@blacklockjewellery.com, or use the ‘Unsubscribe’ link on any marketing message sent to you. See further 'Your rights', below.

Where you opt out of receiving marketing messages from us, this will not apply to personal data provided to us as a result of purchasing our goods or services or any other transaction between you and us.

If you are a new customer, or where we permit named third parties to use your data, we (or they) will contact you by electronic means only if you have consented to this.

If you do not want us to use your data in this way, please tick the relevant box on the form.

Where we process your data

All information you provide to us is stored on our secure servers or, where purchases are made face to face, in hard copy until electronic records can be made (when hard copies will then be securely destroyed). Any online payment transactions will be encrypted and carried out through our appointed agent through a secure site. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site on a secure basis, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.

When we use your information as described in this policy, this may involve sending your information outside the European Economic Area (EEA) to countries such as the USA.

If we do this, we have procedures in place to ensure your data receives the same protection as if it were being processed inside the EEA. For example, our contracts with third parties stipulate the standards they must follow at all times.

By providing us with your personal information, you agree that we may transfer, store and process your information outside the EEA. Governments in certain countries such as the USA have broad powers to access data for security, crime prevention and detection and law enforcement purposes.

Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA info@blacklockjewellery.com .

Keeping your data secure

We know how much data security matters to all our customers. We have put in place appropriate security measures intended to prevent your personal data from being lost or from being altered, disclosed, used or accessed in an unauthorised way.

We secure access to all transactional areas of our websites and apps using ‘https’ technology.

Your personal data and sensitive data such as payment card information is secured and tokenised to ensure it is protected.

In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know.

While we will use all reasonable efforts to safeguard your personal data, you acknowledge that the use of the internet is not entirely secure and for this reason we cannot guarantee the security or integrity of any personal data that are transferred from you or to you via the internet.

We regularly monitor our system for possible vulnerabilities and attacks, and we have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator (including the ICO) of a breach where we are legally required to do so.

How long will we keep your personal data

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. We will also keep a record of your name and email address on our suppression list if you request that we do not send you direct marketing.

To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

Monitoring

We may monitor and record communications with you (such as telephone conversations and emails) for the purpose of quality assurance, training, fraud prevention and compliance.

Your rights

You have the right to request:

Access to the personal data we hold about you, free of charge in most cases.

The correction of your personal data when incorrect, out of date or incomplete.

The deletion of the data we hold about you, in specific circumstances; for example, when you withdraw consent or object, and we have no legitimate interest.

A computer file in a common format (CSV or similar) containing the personal data that you have previously provided to us, and the right to have your information transferred to another entity where this is technically possible.

Restriction of the use of your personal data, in specific circumstances, generally while we are deciding on an objection you have made. 

That we stop processing your personal data, in specific circumstances; for example, when you have withdrawn consent, or object for reasons related to your individual circumstances.

That we stop using your personal data for direct marketing (either through specific channels, or all channels).

That we stop any consent-based processing of your personal data after you withdraw that consent.

You can contact us to request to exercise these rights at any time by putting your request in writing to info@blacklockjewellery.com. Please provide us with enough information to identify you (eg order number(s)); and specify the information that is incorrect and what it should be replaced with.

You also have the right to ask us to stop processing your personal data for direct marketing purposes by putting your request in writing to info@blacklockjewellery.com. Please provide us with enough information to identify you (eg order name); and specify in the header 'Unsubscribe'.

If your objection is not to direct marketing in general, but to direct marketing by a particular channel (e.g. email or telephone), please specify the channel you are objecting to

If we choose not to action your request, we will explain the reasons for our refusal. 

Your right to withdraw consent

• Whenever you have given us your consent to use your personal data, you have the right to change your mind at any time and withdraw that consent. If you withdraw your consent, we may not be able to provide you with certain products or services.

Where we rely on our legitimate interest

• In cases where we are processing your personal data on the basis of our legitimate interest, you can ask us to stop for reasons connected to your individual situation. We must then do so unless we believe we have a legitimate overriding reason to continue processing your personal data, such as administration.

Direct marketing

• You have the right to stop the use of your personal data for direct marketing activity through all channels, or selected channels. We must always comply with your request.

Checking your identity

To protect the confidentiality of your information, we will ask you to verify your identity before proceeding with any request you make under this Privacy Notice.

If you have authorised a third party to submit a request on your behalf, we will ask them to prove they have your permission to act.

Access to personal data

• You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive - alternatively, we may refuse to comply with your request in these circumstances.

Making a Complaint

Please let us know if you are unhappy with how we have used your personal information by contacting us at info@blacklockjewellery.com

You also have a right to complain to the Information Commissioner’s Office. You can find their contact details at www.ico.org.uk.

We would be grateful for the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.

Changes to our privacy policy

Any changes we may make to our privacy policy in the future will be posted on this page and, except in the case of minor updates, will be notified to you by email. We may need to ask you to agree to the changes, or refresh your consent to us using your personal information.