Privacy

Policy

We will always keep your data safe and secure. This policy explains what information we collect about you and how we use it.

The website is owned and operated by Layla Diamonds Ltd T/A Layla Diamonds (“we”, “our” and “us”).

This policy takes effect for all our Customers and website Visitors from January 2023. We sell our products on our website, Google Shopping, Facebook and Instagram.

Layla Diamonds must comply with UK General Data Protection Regulation (“UK GDPR”) and the Data Protection Act 2018 and will therefore process your data securely and transparently.

In most cases, Layla Diamonds is a Data Processor, by acting on our Customer’s instructions who places an order with us for one of our diamond fine jewellery products on our website. 

The Customer is generally speaking, the Data Controller, who determines the purpose of the data and the means. 

In accordance with UK GDPR and privacy law, our privacy policy outlines the types of data that we collect and hold about you. This includes our Customer’s contact details including email address, postal address for deliveries, first and last name and contact number. This is for the sole purpose of processing and delivering Layla Diamonds orders. We also may be required to collect payment related data concerning debit and credit cards. All card payments are processed either via PayPal or Stripe. We accept Visa, Mastercard and American Express payments. For further information, you can go to their privacy policies for more information on payment processing by them here: 

www.stripe.com/gb/privacy

www.paypal.com/uk/webapps/mpp/paypal-and-your-data

Our privacy policy also explains how we use information, how long the information is kept for and any other relevant information about your data.

1. Data Controller details 

Layla Diamonds

100 Hatton Garden

London Diamond Bourse

London

EC1N 8NX

UK


Email address: sales@layladiamonds.com

Contact number: (+44) 07572 782719

Direct messaging via Instagram @layladiamonds 

Website: www.layladiamonds.com

Registered company number: 12109023


2. Data protection principles 

In relation to personal data, we will:

  • Process it fairly, lawfully and in a clear, transparent way;
  • Collect personal data only for specific and legitimate reasons;
  • Only use it in the way that we have told you about;
  • Ensure it is correct and up to date;
  • Keep your data for only as long as we require it;
  • Process it in a way designed to ensure it will not be lost, destroyed or used for anything that you are not aware of. 

3. Types of data we collect

The types of data that we must collect to provide our retail services includes:

  • Your personal details including your name and the recipient’s name (if different), your address, the delivery address, your email address and contact number. 


We collect this information either because it is necessary so that we can perform our contract of providing products or services to you, or in our legitimate interests to do so and/or to meet our legal obligations, as an online retail business.

Our selected partners may require your email address and/or postal address in order to provide customer service support, statistical research and/or for conducting delivery duties. Our partners are strictly prohibited from using your personal data for any other purposes other than the above and are obliged to comply with customer confidentiality and privacy of data principles at all times. 

4. How we collect your data

If you are our Customer, we collect data about you only as supplied by you when placing an order with Layla Diamonds and/or when you contact us. 

We collect personal information from you including any electronic devices (such as mobile phones, tablets and desktops) that you use when you:


  • Use our retail services (online and in-person) with Layla Diamonds.
  • Register for an account on our website. 
  • Submit an order on our site for our jewellery product/s and to make online payments by card, Stripe and/or PayPal.
  • Provide us information on our website, contact us form, update information on your account or when you communicate with us.
  • Contact us via Whatsapp or when you request a virtual visit.
  • Send us a message via our website, email or social media platforms including Instagram.
  • Enter a competition hosted by us or as a fellow partner, in order to contact the winner.


IT systems

Personal data is held securely on our website and email IT systems, which are password protected and access to the above information is restricted to Layla Diamonds and its colleagues who may require access to it to undertake their job duties and in order to process your orders and/or send emails for a mailing list to those who are subscribed on our mailing list.

The website used is via our web provider [NAME]. This protection is validated by an SSL (Secure Sockets Layer) certificate, a transport layer security and is enabled for HTTPS for our website. 

Marketing correspondence

If you have subscribed to our newsletter (if and when we provide this), we will send you newsletter updates by email to share any offers and information on our fine jewellery products to keep you updated of what we are up to and to assist with our new products. This is the only time we will ever send marketing emails.

You can stop receiving marketing emails from us at any time by contacting us via our website contact us function, messaging service on our site or you can simply email us. 

Ways to opt out

  • By clicking on the ‘unsubscribe’ link in any email.
  • By emailing us to opt out. Simply say opt out or unsubscribe in the subject line or body of an email.

We will never disclose your personal information to third parties for their own marketing purposes.

4. Why we collect your data

  • To fulfil and deliver your order.
  • To update you on your order or to process a refund.
  • To create bespoke jewellery on request.
  • To let you know of new products and promotions we are running at the time. This is in our legitimate interests to do so to enhance our services and products for you and also to grow our business. We, of course, provide the option of opting out of receiving our marketing and updates communications.
  • To allow you to use our website fully.
  • To send competition winners their prize (where advertised and implied consent is given by our winning participants by way of taking part in the competition).
  • To prevent and detect fraud against either you or us.


5. Why we process your data

Layla Diamonds can process your data only for specific purposes due to data protection law:

  • So that we can perform a legal contract that we are a party to with you;
  • To ensure we can carry out legally required duties and/or
  • To ensure we can promote the legitimate interests of Layla Diamonds or the Customer, where necessary. 


All of the processing carried out by us falls into one of the legally permitted reasons. 

We will need to collect your personal data in order to carry out the contract that we have entered into with you as a Customer. We also process data to ensure we can carry out activities that are in the legitimate interests of Layla Diamonds. For example, to secure payments of our products online. 

6. If you do not provide your data to us

Our main reason to process your data is so that we can carry out our contractual duties agreed with you, mailing list subscribers and/or visitors of our website. 

If you do not provide us with the required data to be able to carry out our contractual duties, we cannot perform our obligations including the processing of Customer orders for the sale of our fine jewellery products. However, providing this data is your decision and must be at all times. 

7. Sharing your data

Your data will only be shared with our colleagues at Layla Diamonds and couriers where required, in order for them to undertake their duties and our website provider/IT support agents to manage technical issues. We also will not share your data with bodies outside of the European Economic Area. 

Sharing your information 

We will never share or sell any of your data/personal information with any third party subject to the below exceptions.

Exception

We may share your data with the following companies, as an essential part of being able to provide our services to you for these specific purposes:

  • Payment service providers and delivery companies that we use. They only receive data they require to provide the relevant service and nothing else. For example, processing payments and/or delivering your orders.
  • Professional service providers, such as our website hosts who help us run our online retail business and IT systems.

We may also be required to share some of your data with others for the below reasons:

  • If we are requested by the police or a regulatory or government authority investigating illegal activities to provide such information concerning your activities whilst using our website and online networks such as Instagram and email, we shall be legally obliged to do so.

8. Protecting your data

We acknowledge our obligation to ensure your data is protected against accidental loss or disclosure, destruction and abuse. We have implemented safeguarding processes for this. 

Layla Diamonds has taken the following steps to protect personal data, which it holds or to which it has access:

i. It may appoint or employ individuals with specific responsibilities for:

· Processing and controlling of data.

· The comprehensive reviewing and auditing of its data protection systems and procedures.

· Overseeing the effectiveness and integrity of all the data that must be protected.

ii. It provides its employees (if any) with information and training to make them aware of the importance of protecting personal data, to teach them how to do this, and to understand how to treat information confidentially. 

iii. It can account for all personal data it holds, where it comes from, who it is shared with and also who it might be shared with.

iv. It carries out risk assessments to identify any vulnerability in its personal data handling and processing, and to take steps in reducing the risks of mishandling and potential breaches of data security. 

The process includes an assessment of the impact of both the use and potential misuse of personal data.

v. It recognises the importance of seeking individuals’ consent (where appropriate) for obtaining, recording, using, sharing, storing and retaining their personal data, and regularly reviews its procedures for doing so, including the audit trails that are needed and are followed for all consent decisions. 

Layla Diamonds understands that consent given by the Customer must be freely given, specific, informed and unambiguous, at all times. 

Layla Diamonds will seek consent on a specific and individual basis where appropriate. Full information will be given regarding the activities about which consent is sought. Relevant individuals have the absolute and unimpeded right to withdraw their consent at any time.

vi. It has the appropriate safeguarding processes for detecting, reporting and investigating suspected or actual personal data breaches, including where these are caused by security breaches. It is aware of its duty to report breaches that cause significant harm to the affected individuals to the Information Commissioner Office and to the Data Subject, and is aware of the possible consequences.

vii. To understand the implications of the transfer of personal data internationally. Where access to your data is required, the following apply:

i. The principle of least privilege is always applicable. Therefore those with access to such data will only have the minimum amount of access to a resource that is required for them to undertake their role.

ii. Access to personal data is protected safely. Passwords that are used must meet the specified complexity requirements and must be kept confidential to the user and not shared with anyone else including colleagues (if any).

iii. We regularly monitor our system for possible vulnerabilities and attacks.

iv. All emails to and from Layla Diamonds will be sent using [NAME OF EMAIL HOST e.g. google].

v. Where we share your data with third parties, we have a written agreement with them to ensure that your data is held securely and in line with UK GDPR requirements. 

Third parties must implement appropriate technical and organisational measures to ensure the security of your data.

Protecting your information

As you know, the internet is not a 100% secure method for communication and so we are unable to guarantee the security of any information you send to us (or we send to you) via the internet. We are not responsible for any damages which you, or others, may suffer as a result of the loss of confidentiality of such information. We take reasonable precautions to protect your information. We cannot ensure or warrant the security of any information you transmit to us, and you do so at your own risk. We use our best endeavours to ensure it is secure on all our online and IT systems as outlined above.

Payments

We will never store or process your card details/card payment data/bank account details ourselves though they are processed and may be stored by our third party service providers. We encrypt your payment card details in your browser and securely transfer this data to our third party payment provider to process a payment/provide a refund and/or to prevent and detect fraud against either you or us.

The security of your financial transactions is extremely important to us and we are committed to protecting you as best as we can. 

9. How long do we keep your data?

Layla Diamonds keeps your data only for as long as it is necessary for us. You are entitled to exercise your right to erasure of this data by making a request verbally or in writing to us (phone call, post or email) though we recommend a written request.  

Once we no longer need your data, we will take steps to delete it. Layla Diamonds conducts annual checks of personal data that we hold to ensure everything has been deleted at the end of its retention period.

10. Automated decision making

No decision will be made about you solely on the basis of automated decision making (where a decision is taken about you using an electronic system without human involvement), which has a significant impact on you.

11. Your rights in respect of your data

Data protection laws provide you with specific rights in relation to the data we hold about you. These rights are set out as follows:

  • The right to be informed. This means that we must tell you how we use your data and this is the purpose of this privacy notice.
  • The right of access. You have the right to access the data that we hold on you. To do so, you should make a subject access request to our sales team by email at sales@layladiamonds.com. This information will be provided free of charge, unless a request is manifestly unfounded or excessive, particularly if it is repetitive. In rare circumstances, Layla Diamonds may charge a reasonable fee to respond or may need to refuse the request without fee payment for very excessive requests.
  • The right for any inaccuracies to be corrected. If any data that we hold about you is incomplete or inaccurate, you are able to require us to correct it.
  • The right to have information deleted. If you would like us to stop processing your data, you have the right to ask us to securely delete or destroy it from our systems where you believe there is no reason for us to continue processing it.
  • The right to restrict the processing of the data. For example, if you believe the data we hold is incorrect, we will stop processing the data (whilst still holding it) until we have ensured that the data is correct.
  • The right to data portability. You may transfer the data that we hold on you for your own purposes.
  • The right to object to the inclusion of any information. You have the right to object to the way we use your data where we are using it for our legitimate interests.
  • The right to regulate any automated decision-making and profiling of personal data. You have a right not to be subject to automated decision making in a way that adversely affects your legal rights. Where you have provided consent to our use of your data, you also have the unrestricted right to withdraw that consent at any time. 

Withdrawing your consent means that we will stop processing the data that you had previously given us consent to use. There will be no consequences for withdrawing your consent. However, in some cases, we may continue to use the data where so permitted by having a legitimate reason for doing so.

If you wish to exercise any of the rights explained above, please contact us as soon as possible, via email at sales@layladiamonds.com

12. Amendments to our privacy policy

We reserve the right to amend our privacy policy and cookies policy, whilst of course ensuring it complies with relevant legislation and laws. We will ensure that our policy shows the most up to date information and may notify you of such changes by including the revised privacy policy on our website.

13. If you wish to make a complaint

In the event you are unhappy or wish to make a complaint to Layla Diamonds about your privacy or personal data concerns, please contact us by email on sales@layladiamonds.com so that we can investigate your complaint as soon as possible. We will try our best to provide you with an amicable resolution, where possible and will treat these matters seriously. 

The supervisory authority in the UK for data protection is the Information Commissioner Office (ICO). If you think that your data protection rights have been breached by us, please contact us in the first instance so we can look into this for you, otherwise you are entitled to make a complaint to the ICO.

14. Data Protection Officer

Our Data Protection Officer can be contacted at:

sales@layladiamonds.com  


COOKIES POLICY

What is a cookie?

A cookie is a piece of data sent from a website and stored on your computer’s hard drive. When you use the same website such as ours again in the future, the data stored in the cookie can be retrieved by the website to notify the same site of your previous activity.

In order to be able to purchase online, you must have your cookies enabled.

Our cookies do not store personal information such as your name, address or payment details. However, cookies may allow us the ability to access this information once you are logged into your account with us, for specific reasons outlined below.

www.layladiamonds.com uses cookies for the below reasons:

  • To identify you when you sign into our website;
  • To remember your preferences and your past activity (like items you have added to your shopping basket);
  • To allow you to share products and information with social media platforms;
  • To improve the use of our website, content and our online retail services;
  • To offer you a better customer service experience with Layla Diamonds.


How can you manage your cookies on our website?

To check your cookies setting or if you prefer to limit, block or delete your cookies from www.layladiamonds.com, you will need to update your options using your browser.