Goldstation Jewellers Ltd are committed to providing the highest level of data security possible. This Policy lays out how we use any personal data that you provide us with.
We only collect personal data only when absolutely necessary, and we will never sell, rent or otherwise distribute any of your personal information, but we may sometimes share your information with trusted service providers and selected partners who work on our behalf.
We will only provide the minimum information necessary and we ensure that any third parties with access to your data are held to strict standards for data use and security.
Everyone who works for or with Goldstation Jewellers Ltd either as a partner or supplier has a responsibility for ensuring that data is collected, stored and handled appropriately.
What we collect and how we use it
We collect information from you in a number of different ways in order to fulfil services on your behalf. These include direct contact via telephone and/or email, and via a registration form on our website.
All traffic (transferral of files) between this website and your browser is encrypted and delivered over HTTPS.
We use the information we collect to service your account and to provide you with relevant information and offers. You are free to opt out of receiving offer information at any time.
This information will be stored for 26 months. To find out more Go to Google Analytics – Data privacy and security to find out more.
Contrary to popular opinion, IP addresses cannot personally identify you as an individual. IP addresses are supplied by your Internet Service Provider (ISP) are are usually "Dynamic" IP addresses (e.g. IP addresses are different every time you connect to the Internet, unless you opt for a "fixed" or "static" IP address).
Please see What's my IP for more information on the differences between IP address types and how they are used.
Our account registration form allows you to create an account with us which forms the basis of a contract for using our services, and we will ask for information that enables us to administer your service(s) with us. This will normally include information such as your name, contact details such as address, email or telephone number.
We will use this information to contact you as and when necessary to keep you updated with any important updates to the services we provide for you, and for any associated administration and transactional services as required from time to time (e.g. to provide services to you as applicable).
Payments are made via third party payment processors (e.g. PayPal or Worldpay etc), and you will be redirected to the relevant secure site where you will enter your payment details. We do not ask for or store any sensitive data such as credit card details etc.
Data Collection, Processing and Storage
Any personal data that we collect from you via a registration or contact form on this website will be stored on our UK based servers.
Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Once we have received your information, we will use strict procedures and security features to prevent any unauthorised access.
Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
Retention of Data
Personal Data will only be retained for as long as it is necessary to provide services to you.
However, in order to comply with legislation such as the Companies Act and accounting for HMRC purposes, we will need to retain "legally required personal data" for a period of up to 10 years.
Subject Access Requests
Right to be forgotten
External Link References:
Data protection Act 1988 (DPA): http://www.legislation.gov.uk/ukpga/1998/29/contents
EU General Data Protection Regulation 2018 (GDPR): http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=uriserv:OJ.L_.2016.119.01.0001.01.ENG&toc=OJ:L:2016:119:TOC
HTTPS Encryption: https://en.wikipedia.org/wiki/HTTPS
Google Analytics – Data privacy and security: https://support.google.com/analytics/answer/6004245?hl=en-GB
Information Commissioners Office (ICO): https://ico.org.uk/
ICO – Personal Information "Subject Access Requests": https://ico.org.uk/for-the-public/personal-information/
ICO – Your "Right to be Forgotten": https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/right-to-erasure/