Privacy Policy

Sara O Jewellery (“we”, “us”) values your privacy. This Privacy Policy explains what personal data we collect, how we use it, who we share it with, and your rights under UK data protection law (UK GDPR and Data Protection Act 2018).

1) Data Controller

Sara O Jewellery is the data controller for personal data processed through our website and webshop.

Company Details:

  • Trade Name: Sara O Jewellery
  • Email: info@saraojwellery.co.uk
  • Business Address: 123 High Street, London, UK 
    Website: https://saraojwellery.co.uk/

 

2) Personal Data We Collect

2.1 Data You Provide Directly

  • Identification & contact: name, email, phone number (if provided)
  • Billing & shipping: address, postal code, city, country
  • Order details: products ordered, order number, order history, communications regarding your order
  • Customer service: messages, including photos (e.g., for defects or incorrect deliveries)

2.2 Data Collected Automatically

  • Device & usage: IP address, browser type, OS, pages visited, clicks, timestamps
  • Cookies & similar technologies (depending on your consent, see [Cookie Policy])

2.3 Payment Data

  • Payments processed via third-party providers
  • We generally do not receive full card details, but may receive payment status, method, transaction ID, and last four digits of the card

3) How We Collect Your Data

  • Placing an order (checkout/order form)
  • Customer service interactions (email, contact form, live chat if applicable)
  • Newsletter subscriptions (with explicit consent)
  • Cookies and similar technologies on our website (analytics, functional, marketing, depending on consent)

4) Why We Process Your Data (Purposes & Legal Basis)

4.1 Performance of Contract

  • Process and deliver orders
  • Process payments
  • Provide customer service (questions, complaints, returns, warranty)
    Legal basis: Necessary for the performance of a contract

4.2 Legal Obligations

  • Accounting, invoicing, and tax compliance
    Legal basis: Statutory obligation under UK law

4.3 Legitimate Interests

  • Fraud prevention and website security
  • Improving website and services (basic analytics)
  • Handling disputes and legal claims
    Legal basis: Legitimate interest after weighing your privacy rights

4.4 Consent (if applicable)

  • Newsletter and marketing communications
  • Marketing cookies / tracking (depending on cookie settings)
    Legal basis: Consent, which you can withdraw at any time via unsubscribe link or by contacting us

5) Who We Share Your Data With

We only share data where necessary or legally required:

  • Payment providers
  • Carriers / delivery services
  • IT and hosting providers (website/email security)
  • Analytics and marketing services (based on consent)
  • Customer service providers

All third parties act as processors and are contractually obliged to protect your data.

6) International Transfers

Some providers may process data outside the UK or EEA. In such cases, we ensure appropriate safeguards, e.g., UK-approved Standard Contractual Clauses (SCCs).

7) Data Retention

We do not retain personal data longer than necessary, unless required by law:

  • Orders & invoices: retained for 6 years (for VAT/tax purposes)
  • Customer service communications: retained until resolution of the matter
  • Newsletter data: retained until you unsubscribe
  • Cookies: retained according to our Cookie Policy

8) Your Rights (UK GDPR)

You have the right to:

  • Access your data
  • Rectify inaccuracies
  • Erasure (“right to be forgotten” in certain cases)
  • Restrict processing
  • Data portability
  • Object to processing based on legitimate interest
  • Withdraw consent at any time
  • Lodge a complaint with the UK Information Commissioner’s Office (ICO)

9) Exercising Your Rights

Submit a request via: info@saraojewellery.co.uk (replace with real email)

Include:

  • Full name
  • Email used to place orders or communicate
  • The right you wish to exercise

We may ask for verification to prevent misuse.

10) Security

We implement technical and organizational measures to protect your data against loss, misuse, or unauthorized access. No internet transmission method is 100% secure.

11) Cookies

We use cookies and similar technologies. For details and preferences, refer to our Cookie Policy. Users can manage consent and withdraw cookies at any time.

12) Children

Our website is not intended for children under 16. We do not knowingly collect personal data from children.

13) Automated Decision-Making

We do not make automated decisions affecting you, including profiling for marketing or order processing.

14) Changes to This Privacy Policy

We may update this Privacy Policy. The most recent version is always available on our website.

15) Contact

For any questions or to exercise your rights:
Sara O Jewellery
Email: info@saraojwellery.co.uk