De Beers Jewellers & De Beers Forevermark Privacy Notice

Introduction

We respect your right to privacy and aim to ensure that we are fair and transparent when collecting and using the personal information you have provided to us.

This Privacy Notice (or “Notice”) applies to our website visitors and customers. It explains what personal data we collect, how we use it and provides additional information to comply with our obligations under the UK & EU General Data Protection Act (GDPR). If you are a supplier, authorised jeweller or other business stakeholder of Forevermark or the De Beers Group, please also see the De Beers Group privacy notice for information about how your personal data is processed.

Who is the Responsible Party of my data?

De Beers Jewellers Ltd and Forevermark Ltd are part of De Beers plc, a company registered in Jersey under company number 122752 whose registered office is at 3rd Floor, 44 Esplanade, St Helier, Jersey, JE4 9WG, operating under De Beers UK Ltd.

De Beers Jewellers & De Beers Forevermark are joint data controllers for data collection, processing and analysis of website data, including analytical, statistical and cookie & cookie consent data (see cookie notice) for further information.

For all other data processing activities such as Sales and Marketing, De Beers Jewellers & De Beers Forevermark are both separate data controllers.

De Beers Jewellers and De Beers Forevermark are operated by multiple entities and franchises around the globe, who are the controller of your personal data gathered in store and of any data which you consented to be shared with them from this Website.

A list of local De Beers Jewellers and De Beers Forevermark entities, locations and contact details can be found below:

Forevermark entities and Regulatory Authorities:

Forevermark entity	Address	Regulatory Authority and contact details (if applicable)
Forevermark Limited (UK)	17 Charterhouse Street, EC1N 6RA, London UK	Information Commissioner's Office Phone: 0303 123 1113 Email: casework@ico.org.uk Post: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
Forevermark China	Suite 4608, The Park Place, No. 1601, Nanjing West Road, Shanghai 200040, China	Not applicable.
Forevermark KK (Japan)	Yebisu Garden Place Tower 30F, 4-20-3 Ebisu, Shibuya-ku, Tokyo, 150-6030, Japan	Personal Information Protection Committee (PPC) Phone: 03-6457-9849 Post: Kasumigaseki Common Gate West Tower 32nd Floor, 3-2-1, Kasumigaseki, Chiyoda-ku, Tokyo, 100-0013, Japan
Forevermark Hong Kong	26/F Kinwick Centre, 32 Hollywood Road, Central, Hong Kong	Not applicable.
De Beers India Private Limited	TCG Finance Centre, 6th floor, C-53, G Block, Bandra Kurla Complex, Bandra ( East), Mumbai 400098, India	Not applicable.
Forevermark US Inc	300 First Stamford Place. Stamford, CT, 06902, USA	No single authority

De Beers entities and Regulatory Authorities

De Beers entity country	De Beers Entity	Contact Details for De Beers Controller Entity	Regulatory authority and contact details (if applicable)
Australia	De Beers Jewellers Ltd	Post: 17 Charterhouse Street, London, EC1N 6RA	Office of the Australian Privacy Commissioner Phone: 1300 363 992 Email: enquiries@oaic.gov.au Post: GPO Box 5218, Sydney NSW 2001, Australia
India	De Beers Jewellers Ltd	Post: 17 Charterhouse Street, London, EC1N 6RA	Not applicable.
Japan	De Beers Jewellers Ltd	Post: 17 Charterhouse Street, London, EC1N 6RA	Personal Information Protection Committee (PPC) Phone: 03-6457-9849 Post: Kasumigaseki Common Gate West Tower 32nd Floor, 3-2-1, Kasumigaseki, Chiyoda-ku, Tokyo, 100-0013, Japan
Monaco	De Beers Jewellers Ltd	Post: 17 Charterhouse Street, London, EC1N 6RA	Data Protection Authority of Monaco (Commission de Contrôle des Informations Nominatives - CCINN) Phone: (+377) 97 70 22 44 Fax: (+377) 97 70 22 45 Email: ccin@ccin.mc Post: “Suffren” building, Block B, 4th floor, 7, rue Suffren Reymond, 98000 - Monaco
Norway	De Beers Jewellers Ltd	Post: 17 Charterhouse Street, London, EC1N 6RA	Details of the relevant supervisory authority can be found at the following website: https://edpb.europa.eu/about-edpb/board/members_en
Switzerland	De Beers Jewellers Ltd	Post: 17 Charterhouse Street, London, EC1N 6RA	Federal Data Protection and Information Commissioner Phone: +41 (0)58 462 43 95 Email: ccin@ccin.mc Post: Office of the Federal Data Protection and Information Commissioner FDPIC Feldeggweg 1 CH - 3003 Berne
Malaysia	De Beers Jewellers Ltd	Post: 17 Charterhouse Street, London, EC1N 6RA
Saudi Arabia	De Beers Jewellers Ltd	Post: 17 Charterhouse Street, London, EC1N 6RA
South Korea	De Beers Jewellers Ltd	Post: 17 Charterhouse Street, London, EC1N 6RA
UK	De Beers Jewellers Ltd	Post: 17 Charterhouse Street, London, EC1N 6RA	Information Commissioner's Office Phone: 0303 123 1113 Email: casework@ico.org.uk Post: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
EU	De Beers Jewellers Ltd	Post: 17 Charterhouse Street, London, EC1N 6RA	Details of the relevant supervisory authority can be found at the following website: https://edpb.europa.eu/about-edpb/board/members_en

What are the purposes you use my personal information for?

We collect personal information for the following purposes:

To fulfil our promise to you

where we agree to provide you with our products and services in order to:
- process information at your request to take steps to enter into a contract for sale or for services;
- provide you with our products and services, including the Register My Diamond service, call backs and live chat;
- process orders and payments;
- make deliveries;
- send service communications so that you receive a full and functional service and so we can perform our obligations to you. These may be sent by email or post or, if the circumstances require it, we may contact you by phone or text message. These will include notifications about changes to our service; and
- record information to facilitate your rights under guarantee.
On the basis of your consent:
- Where we rely on your consent for processing this will be brought to your attention when the information is collected from you or be a result of a request by you, such as you choosing to share your wish lists or gift registry;
- To display your messages/captions, photos and/or videos (which may include 'likes', comments or other reactions to such messages/captions, photos and/or videos) on our site
- marketing and promotion purposes
- book in-store and virtual appointments and tracking sales derived from these;
To provide you with the best service and improve and grow our business (our legitimate interests) we will process information in order to:
- provide you with a personalised service;
- respond to your queries and to provide guidance about our products and stockists;
- improve our products and services;
- keep our site and systems safe and secure;
- make our Website easier to use;
- understand our customer base and purchasing trends;
- tailor advertising to you;
- create custom audiences on social media sites based on your information and engagement with us so we can target our advertising to similar audiences;
- defend against or exercise legal claims and investigate complaints; and
- understand the effectiveness of our marketing.
- to track sales conversion rates of customers who use the virtual appointments service
To comply with legal requirements relating to:
- the provision of products and services;
- data protection;
- health and safety;
- anti-money laundering;
- fraud investigations;
- assisting law enforcement; and
- any other legal obligations placed on us from time to time.

We may process special category data in the form of health data (dietary requirements) for event catering.

What personal information will we collect?

We collect the following personal information from you:

your full name
address
payment and transaction details
order and appointment booking details
contact number
email address
ID verification data - collected for anti-money laundering checks which may also include passport, driving license and national ID card information
time spent on our Website
search queries submissions
pictures, videos and messages which you submit to us either via our social media sites (including by use of hashtags associated with us) or our site.
cookies (please see our cookie notice for further information)
log-in and device information
opt-in consent for marketing
We also may acquire information about you, from publicly available sources, social media platforms, and other parties that may share information as permitted in their privacy policies
Customer data collection, in store and online registration, can also include optional personal details such as wedding date, jewellery interests, ring size

Where do you get my personal information from?

We collect and receive personal information about you in the following ways:

Personal Information you give us:

This includes any personal information that you provide to us directly, whether through our Website or via phone, text messages, social media or any other medium. This may include personal information you give to us by:

filling in forms on our Social Media accounts or our Website (hereafter referred to as Platforms);
when you register on our Platforms or subscribe to use services on our Platforms;
when you enter a competition, promotion or complete a survey;
by posting comments or content on our Platforms;
when you purchase one of our products or services;
when you contact us and when you otherwise provide information directly to us.

Personal Information we collect or receive when you use our Platforms, products or services:

We collect personal information when you use our Platforms or services, or buy products from us by using cookies and web beacons. This may reveal log-in information, device information and search queries submissions. We receive this when you:

access our Platforms (this reveals the type of device you’re using, your browser or operating system and your Internet Protocol (“IP”) address);
interact with our Platforms and other services, view content and submit search queries.

Information from third-party sources:

We may receive additional information about you that is publicly or commercially available and combine that with the information we have collected or received about you in other ways. We may also receive information about you when you choose to connect with social networking services while using our Platforms.

Required Information

Some types of personal data are required as condition for using our services. Mandatory information includes personal data required for processing payments, account creation and delivering online orders. Failure to provide this mandatory information will mean that you will be unable to place an order with us.

Security Measures

At De Beers Jewellers & De Beers Forevermark, we take your safety and security very seriously and we are committed to protecting your personal and financial information. All information kept by us is stored on our secure servers. Where we have given you (or where you have chosen) a password that enables you to access certain parts of our service, you are responsible for keeping this password confidential. We ask you not to share a password with anyone and we recommend that you change your password every three months.

We have implemented appropriate technical and organisational measures to protect the security,integrity and confidentiality of personal data collected on our Website and in our stores. Due to the inherent nature of the internet as an open global communications vehicle, we cannot guarantee that information, during transmission through the internet or while stored on Our system or otherwise in Our care, will be absolutely safe from intrusion by others, such as hackers. We do however maintain physical, electronic and procedural safeguards to protect your Personal Data.

We may transfer and store your data outside the European Economic Area ("EEA") or your country. We will only do so if adequate protection measures are in place in compliance with data protection legislation. It may also be processed by staff operating outside the EEA or your country who work for us or for one of our service providers for the purposes outlined in this notice. Such staff may be engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services.

More specifically, we may transfer your data to your local De Beers Jewellers or Forevermark entity within our group of companies for the purpose of managing our relationship with you and for the purposes outlined in this notice. This includes for our franchise partners located in the Middle East, Russia and Canada.

International Transfers

The Forevermark Website is hosted in the US, debeers.com, debeers.cn, debeers.co.uk is hosted in Germany. However, some personal data is transferred to different jurisdictions whose privacy laws may not be equivalent to the laws in your country of residence. We use adequate safeguards to ensure that the level of protection for international transfers meets the requirements of relevant data protection regulations.

Data Retention

We will keep information about you in line with our Data Retention Policy and Data Retention Schedule unless obligations to our regulators require otherwise or we are required remove such data from our records.
Once the information is no longer required for business, legal or regulatory requirements it will be disposed or anonymised.

Your rights

Right to access

You have the right to request access to any of your personal information that we hold.

Right to rectification and deletion

You have the right to request correction of any inaccurate data relating to you. You have the right to request that we delete your personal information under certain circumstances: if it is inaccurate, irrelevant, excessive, out-of-date, incomplete, misleading or has been obtained unlawfully.

Right to withdraw consent

Where we have relied on your consent to process particular information and you have provided us with your consent to process data, you have the right to withdraw such consent at any time.

Right to object to processing justified on legitimate interest grounds

Where we are relying upon legitimate interest to process data, then you have the right to object to that processing. If you object, we must stop that processing unless we can either demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms or where we need to process the data for the establishment, exercise or defence of legal claims.

Where we rely upon legitimate interest as a basis for processing we believe that we can demonstrate such compelling legitimate grounds, but we will consider each case on an individual basis.

Right to lodge a compliant

Should you have any issues, concerns or problems in relation to your data, or wish to notify us of data which is inaccurate, please let us know by contacting us using the contact details above. In the event that you are not satisfied with our processing of your personal data, you have the right to lodge a complaint with the relevant supervisory authority, which is the Information Commissioner’s Office (ICO) in the UK, at any time. The ICO’s contact details are available here: https://ico.org.uk/concerns/

We ask that you please attempt to resolve any issues with us before contacting any supervisory authority. For further information regarding your rights, or to exercise any of your rights, please contact dataprotection@angloamerican.com