Privacy policy
1. General Information
This privacy policy has been adopted in August 2020 by GE FAM GmbH (the®Diamonds), a private limited liability company established under the laws of the Germany, a member state of the European Union, registered office Rostocker str. 33, 18069, Lambrechtshagen, Germany and registered in the Commercial Register under registration number DE327391869, and therefore is subject to the European General Data Protection Regulation (GDPR) and Estonian data protection laws. This privacy policy shall not list nor describe all rules and principles of the GDPR; however, these rules and principles of the GDPR shall still be applicable towards the®Diamonds and you.
This privacy policy applies between you, the User of this Website, and the®Diamonds, the owner and provider of this Website. It does not extend to any websites that can be accessed from this Website, including, but not limited to, any links we may provide to other third parties websites. This privacy policy applies to our use of any and all data collected by us or provided by you in relation to your use of this Website. This privacy policy reflects how and for which purposes the®Diamonds collects, processes, and distributes your personal data provided by you when you visit our webpage https://the.diamonds (Webpage) when you use the services (products) that the®Diamonds provides (Services) or when you communicate with the®Diamonds.
By using or accessing in any way this Webpage, or using the Services or transmitting data to the®Diamonds by email or other electronic means, you agree with the terms of this Privacy Policy. If you do not agree to this Privacy Policy, please do not use or access our Webpage or Services and do not submit any data to the®Diamonds. Please read this Privacy policy each time before using our Webpage or Services and before transferring any data to the®Diamonds. the®Diamonds may change this Privacy Policy at any time. These changes will be posted on this Webpage.
For the data collecting and processing activities mentioned in this Privacy Notice, the®Diamonds is the responsible data controller as we determine both the purpose and means of data collecting and processing. This Privacy Policy aims to give you information on how the®Diamonds collects and processes your personal data through your use of our Website and our Services for our own purposes (i.e., where we are the Controller). It is intended to meet our duties as a Data Controller under European data protection legislation “GDPR”. This Privacy Policy does not describe the instructions how we act as a Data Processor.
This privacy policy should be read alongside, and in addition to, our Terms and Conditions, which can be found at: https://the.diamonds/terms&conditions.
2. The data we collect about you
Personal data’ means any information relating to an identified or identifiable natural person (‘data subject’). It does not include data where the identity has been removed (anonymous data).
We may collect, use, store and transfer different kinds of personal data about you which we have grouped together follows:
- Identity Data includes (first name, last name, username or similar identifier, title, date of birth and gender);
- Contact Data includes (billing address, delivery address, email address and telephone numbers);
- Financial Data includes (bank account and payment card details);
- Transaction Data includes (details about payments to and from you and other details of products and services you have purchased or ordered from us);
- Technical Data includes (internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website);
- Profile Data includes (your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses);
- Usage Data includes (information about how you use our website, products and services);
- Marketing and Communications Data includes (your preferences in receiving marketing from us and our third parties and your communication preferences).
We do not collect any Special Categories of Sensitive Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
3. If you fail to provide the requested personal data
Where we need to process your personal data either to comply with law, or to enter in a contract with you or perform the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to enter into the contract with you or perform the contract we have with you (for example, we may not be able to provide you with goods (services) or to respond to or fulfill a request you make of us.) In this case, we may have to cancel your product (service) order but we will notify you if this is the problem at the time.
4. Information we collect from third-parties
We may receive information containing Personal Data from third parties and sources other than the Service, such as for example our partners and advertisers. If we combine or associate information received from other sources with Personal Data that we collect through the Service, we will treat the combined information as Personal Data in accordance with this Privacy Policy.
We use different methods to collect personal data from and about you including through:
Direct interactions. You may give us your Identity, Contact and Financial Data by filling in forms or by corresponding with us by post, phone, email or otherwise.This includes personal data you provide when you:
- apply for our products or services;
- providing us with a business card;
- make a payments to us, through this Webpage or otherwise;
- register with us and create an account on our website;
- subscribe to our service or publications;
- request marketing to be sent to you;
- enter a competition, promotion or survey through a social media channel;
- give us some feedback;
- or use our services.
Automated technologies or interactions. As you interact with our website, we may automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies. This information helps us to make improvements to Website content and navigationWe may also receive Technical Data about you if you visit other websites employing our cookies. For more information about cookies, and how we use them on the Website, see the section below, headed “Cookies”.
Third parties or publicly available sources. We may receive personal data about you from various third parties and public sources as set out below:
- Technical Data from the following parties:
- analytics providers located inside or outside the EU;
- advertising network providers located inside or outside the EU; and
- search information providers located inside or outside the EU.
- Contact and transaction data from providers of technical, payment and delivery services inside or outside the EU.
5. the®Diamonds processes your personal data only on the following legal basis:
- Your consent- The data subject has given consent to the processing of his or her personal data for one or more specific purposes;
- Contractual Necessity -processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract ;
- Compliance with Law - processing is necessary for compliance with a legal obligation to which the controller is subject;
- Legitimate Interests - Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third part, for example : Processing for direct marketing purposes; Processing for preventing fraud; Transmission of personal data within a group of undertakings for internal administrative purposes, including customers and employee data; processing for the purposes of ensuring network and information security, including preventing unauthorized access to electronic communications networks and stopping damage to computer and electronic communication systems; reporting possible criminal acts or threats to public security to a competent authority.
6. We may use your personal data as follows:
- deciding whether and on what terms to provide Services;
- to provide our services to you. Generally for the performance of a contract entered into (or prior to entering into a contract) between you and the®Diamonds.
- to facilitate any communication required for delivery of our services, including sharing your personal information as necessary to fulfill your Order;
- to operate, customize, update, maintain, improve and protect our Webpage, products and services;
- to respond to comments and questions and provide customer service;
- to send information including confirmations, invoices, technical notices, updates, and support and administrative messages;
- to communicate about promotions, upcoming events, and other news about products and services offered by us or our partners;
- to allow you to participate in interactive features on our Website;
- to notify you about changes to our Website or any products or services we offer or will be offering in the future;
- understanding how you use the Webpage and Services
- to inform marketing analytics;
- in any other way we may describe when you provide the information; and/or
- for any other purpose with your consent.
- processing and monitoring of transactions, the payment and billing thereof, and performance of other agreed tasks;
- resolution of disputes and enforcement of rights and contracts;
- accounting, calculation and collection of fees;
- verification of your transactions;
- provision of information, advertisements (including interest-based advertisements), offers, update notices;
- comparison of data for accuracy, identification and verification with third parties;
- statistical, research and reporting purposes;
- to anonymize it to create aggregated statistical data, which may be shared with third parties;
- other reasonable business-related purposes, to fulfil legal obligations or for purposes related to the above-.;
- to comply with laws;
- to protect, investigate, and deter against fraudulent, unauthorized, or illegal activity;
- to prevent money laundering and terrorist financing;
- to respond to lawful requests and legal processes;
- to protect the rights and property of the®Diamonds, our agents, customers, and others, including enforcing our agreements, policies, and terms of use and sale;
- in an emergency, this includes protecting the safety of our employees and agents, our customers or any other person.
7. Security
the®Diamonds has implemented appropriate technical and organizational security measures designed to protect your Personal Data against accidental or unlawful loss, alteration, disclosure, access, destruction, and unlawful or unauthorized forms of Processing. Information that you provide to the®Diamonds through this Website is encrypted using industry standard Secure Sockets Layer (SSL) technology, with the exception of information you send via email. Your information is processed and stored on controlled servers with restricted access. Unfortunately, we cannot ensure or warrant the security of any information you transmit to our Website, and you do so at your own risk. As a consequence, the®Diamonds disclaims any warranties or representations relating to maintenance or nondisclosure of private information.
You should take steps to protect against unauthorized access to your device and account by, among other things, choosing a safe password that nobody else knows or can easily guess and keeping your log-in and password private. We are not responsible for any lost, stolen, or compromised passwords or for any activity on your account via unauthorized password activity.Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we can not guarantee the security of your data transmitted to our Webpage, any transmission is at your own risk. Once we have received your persona data, we will use strict procedures and security features to try to prevent unauthorized access. We limit access to your personal data to those employees and other staff who have a business need to have such access. All such people are subject to a contractual duty of confidentiality.
8. Disclosures.
We respect your rights to privacy. The information we collect is purely for our own internal business purposes. the®Diamonds may disclose your Personal Data to other entities for legitimate business purposes (including providing services to you and operating our Website) in accordance with applicable law. the®Diamonds may disclose your Personal Data to:
Third party service providers (for example payment services providers, shipping companies, web service providers (cloud storage, data aggregation services, targeted marketing)). These selected parties may process your personal information to the extent that it is necessary to perform such functions on our behalf. It means that the®Diamonds may disclose your data to such third-party Processor (contractors) of the®Diamonds to process it for the®Diamonds, for the purposes of managing transactions, providing content, assessing your creditworthiness, invoicing, tax calculations, hosting services, customer relationship management, analytics, collecting fees and debts, identifying you, but also for improving your user experience, performing business support functions, providing customer support, marketing, communication, courier and postal services or other related tasks. If the®Diamonds engages a third-party Processor to Process your Personal Data, the Processor will be subject to binding contractual obligations to only Process the Personal Data in accordance with our prior written instruction, and to use measures to protect the confidentiality and security of the Persona Data, along with any additional requirements under applicable law. We have procedures in place to ensure that these third-party companies value your privacy.
Corporate Restructuring. We may share some or all of your personal information in connection with or during negotiation of any merger, financing, acquisition or dissolution, transaction or proceeding involving sale, transfer, divestiture or disclosure of all or a portion of our business or assets. In the event of an insolvency, bankruptcy, or receivership, personal information may also be transferred as a business asset. If another company acquires our company, business or assets, that company will possess the personal information collected by us and will assume the rights and obligations regarding the personal information as described in this Privacy Policy. Other Disclosures -In addition to the disclosures reasonably necessary for the purposes identified above in this privacy policy, the®Diamonds may disclose personal data if it believes in good faith that such disclosure is necessary (a) to the extent that we are required to do so by the laws of the Republic of Estonia and the GDPR; (b) in connection with any legal proceedings or prospective legal proceedings; (c) to investigate or assist in preventing any violation or potential violation of the law, (d) in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk).
Links to third-party websites. This website may include links to third-party websites or use third party plug-ins or content. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. If you chose to interact with any such link, plug-in or content, your Personal Data may be shared with the third party provider of the relevant web page platform.We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.
9.Data transfers to third countries
The General rule for us is that Personal Data we collect through our Webpage is processed in centralized database within the European Union/European Economic Area (EU/EEA). However, in some cases data which we collect from you may be stored and processed in and transferred to countries outside of the European Union /European Economic Area (EEA). For example, this could occur if our servers are located in a country outside the EU/EEA or one of our service providers is situated in a country outside the EU/EEA. Such service providers may be engaged in, among other things, the fulfillment of your order, the processing of your payment details and the provision of supporting services. By submitting your personal data, you agree to this transfer, storing and processing.
In these cases of any transfer of your personal data to the third party processors located outside EU/EEK which are undergoing processing or are intended for processing after transfer to a third country will take place only if, the conditions laid down in the Chapter V (Transfers of personal data to third countries or international organizations ) of the GPRR are complied with by the controller and processor.
We will only transfer Data outside the EEA where it is compliant with data protection legislation and the means of transfer provides adequate safeguards in relation to your data, eg by way of data transfer agreement, incorporating the current standard contractual clauses adopted by the European Commission, by signing up to the EU-US Privacy Shield Framework, in the event that the organization in receipt of the Data is based in the United States of America, pursuant to the consent of the individual to whom the personal information pertains; and/or as otherwise permitted by applicable European requirements. To ensure that your Data receives an adequate level of protection, we have put in place appropriate safeguards and procedures with the third parties we share your Data with. This ensures your Data is treated by those third parties in a way that is consistent with the Data Protection Laws.
10. How long we process your personal data
We do not retain your personal data for any longer than is necessary for the purposes mentioned in this Privacy Policy. When we process your personal data on the basis of your consent, we will store your personal data no longer than is necessary, or until you revoke your consent.
When we process your personal data on the basis of the preparation or the performance of a contract with you, we will store your personal data for up to 1 (one) years after our contract has expired.
When we process your personal data on the basis of a legal obligation, we will store your personal information for the period which is determined by the law.
Once the applicable data processing period has expired, the®Diamonds will permanently delete the relevant Personal Data. It may take 30 days for clearing out the backups of the Service.
11. You as a data subject have the right to:
Request access to your personal data (“data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you rectified, though we may need to verify the accuracy of the new data you provide to us.
Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
Withdraw your consent at any time where the processing is based on your consent to process your personal data. The withdrawal of consent will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, it may occur that we are not able to provide certain products or services to you. We will notify you if this is the problem at the time you withdraw your consent.
Not to be subject to automated decision-making including profiling. the®Diamonds may process your data by automated means, but you will not be subjected to a decision based solely on automated processing, including profiling if such decision-making has legal effects or similarly significantly affects you.
to lodge a complaint with the competent supervisory authority such as, but not limited to the Data Protection Inspectorate (website in Estonia: www.aki.ee) if you think that our processing of your Personal Data infringes your rights under applicable law.
Cookies
When you are using our website, we collect personal data you passively provide to us in the form of cookies and other similar technologies. A cookie is a unique text file that a website sends to your browser and is stored on your computer’s hard drive. It is used to store a website user’s configuration and preferences (e.g., language). Cookies further enable us to collect information, such as your browser type and version, your internet service provider, your IP address, the various pages you are visiting on our website or other websites you may have visited. This information is of value to us as we use it to improve your visit and provide you with a personalized experience when you visit our website. Cookies may contain unique identifiers, which may be considered personal data. We advise to allow the use of cookies in order for your browser to work properly and to optimize the use of our website. However, if you do not feel comfortable with the use of cookies, it is possible to opt out and prevent your browser from recording them. You may disable any cookie and delete existing cookies in your internet browser options at any time. You will find further details in the help section of your browser.
In addition to the cookies used by us and/or our service providers, some cookies are placed by third parties, such as Google. These third-party cookies are not under our control so you should check such parties’ website for further information about their use.
Additional Information to California users
As required by the California Consumer Privacy Act (“CCPA”), below are the categories of personal information about California consumers that the®Diamonds collects and discloses, where we determine the means and purposes of data processing.
We collect and disclose for a business purpose the following categories of personal information:
Contact Information and Identifiers, including real name, alias, postal address, unique personal identifier, online identifier, IP address, email address, phone number, account name, gender, age, or other similar identifiers.
Usage Data, including internet or other electronic network activity information, such as browsing history, search history, and information regarding a consumer’s interaction with an internet website, application, or advertisement.
California Consumer Rights:
California law gives California consumers the right to make the following requests:
The right to opt-out of sale of your personal information. You have the right to direct us not to sell personal information we have collected about you to third parties now or in the future. the®Diamonds does not sell personal data information. The right to request a copy of the personal information that we have collected about you in the previous 12 months, upon verification of your identity.
The right to request deletion of the personal information that we have collected from you, subject to certain exemptions (for example, where the information is used by us to detect security incidents, debugging or to comply with a legal obligation).
The right to request more details about the personal information we collect and how and why we use and share it, including the categories of personal information we have collected about you, the categories of sources for personal information we collect, the business or commercial purposes for collecting personal information, and the categories of third parties with which we share personal information California residents that have an established business relationship with us have rights to know how their information is disclosed to third parties for their direct marketing purposes under California’s “Shine the Light” law (Civ. Code §1798.83).
The right not to receive discriminatory treatment for exercising these rights. However, please note that if the exercise of these rights limits our ability to process personal information (such as in the case of a deletion request), we may no longer be able to provide you our products and services or engage with you in the same manner.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us. You can exercise your data subject rights and submit your requests via info@the.diamonds. We will duly address all your privacy related requests. Furthermore, within a period of one month, we will provide you either with a comprehensive answer or with clear explanation of the reasons why answering to your request may take longer time than planned.