Privacy Policy

Last Updated: 05 November 2024

Jewellery Advisory Services Ltd (“JAS,” “we,” “us,” or “our”) respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you interact with us or visit our website, www.jewelleryadvisoryservices.com (“the Website”). By using our Website or services, you consent to the terms of this Privacy Policy.

Data Controller Information

• Data Controller: Jewellery Advisory Services Ltd

• Address: 2nd Floor, 67-68, New House, Hatton Garden, London EC1N 8JY

• Email: enquiries@jewelleryadvisoryservices.com

As a data controller under the General Data Protection Regulation (GDPR) and the Data Protection Act 2018, JAS is responsible for determining how we process and protect your data.

What Data We Collect

We may collect and process various types of personal data, including:

• Identity Data: Name, title, and date of birth.

• Contact Data: Postal address, email address, and phone numbers.

• Transaction Data: Records of services you have purchased or engaged.

• Technical Data: IP address, browser type, operating system, and device information.

• Usage Data: Information on how you use our Website and services.

• Marketing and Communication Data: Preferences for receiving communications from us.

We also collect certain data through cookies and other tracking technologies on our Website. For more information, please refer to our Cookie Policy.

How We Collect Your Data

We collect personal data through various methods:

• Direct Interactions: When you fill out forms, make enquiries, or correspond with us by post, email, or phone.

• Automated Technologies: As you interact with our Website, we may automatically collect Technical Data through cookies, server logs, and other technologies.

• Third Parties and Public Sources: We may receive personal data from analytics providers and social media platforms.

How We Use Your Data

We process your personal data for the following purposes and under the lawful bases permitted by GDPR:

• To Provide Services: Including appraisals, expert witness services, and general consultancy. Lawful Basis: Performance of a Contract.

• To Process Payments and Manage Transactions: For billing and payment purposes. Lawful Basis: Performance of a Contract.

• To Communicate with You: For enquiries, service updates, and customer support. Lawful Basis: Legitimate Interests or Consent where required.

• To Improve Our Services and Website: Analysing how our Website and services are used to improve user experience. Lawful Basis: Legitimate Interests.

• To Comply with Legal Obligations: For auditing, fraud prevention, and regulatory compliance. Lawful Basis: Legal Obligation.

We will not use your data for any other purpose without obtaining your consent, unless otherwise required or permitted by law.

Data Sharing and Disclosure

We only share your personal data with trusted third parties when necessary and for the purposes outlined above:

• Service Providers: To support our services (e.g., payment processors, IT service providers).

• Legal and Regulatory Authorities: As required by law or to enforce legal rights.

• Professional Advisers: Including lawyers, auditors, and insurers for the management of business operations.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not permit our third-party service providers to use your data for their own purposes.

International Data Transfers

If we transfer your data outside of the UK or EEA, we will ensure appropriate safeguards are in place to protect your data in compliance with GDPR. These may include reliance on standard contractual clauses, adequacy decisions, or binding corporate rules.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes we collected it for, including satisfying any legal, accounting, or reporting requirements. Typically, we retain personal data for six years after the completion of a service. After this period, we securely delete or anonymise your data.

Your Data Protection Rights

Under GDPR, you have specific rights regarding your personal data:

• Right to Access: You can request access to your personal data and obtain a copy.

• Right to Rectification: Request corrections to inaccurate or incomplete data.

• Right to Erasure: Request deletion of your data where there is no longer a lawful reason for processing.

• Right to Restrict Processing: Request limited processing of your data in certain circumstances.

• Right to Data Portability: Receive your data in a structured, commonly used format.

• Right to Object: Object to the processing of your data for direct marketing purposes or on grounds relating to your situation.

Data Security

We are committed to ensuring your data is secure. We employ appropriate technical and organisational measures to protect personal data against unauthorised access, disclosure, or destruction. However, no data transmission over the Internet is completely secure, and we cannot guarantee absolute security.

Cookies

Our Website uses cookies to enhance user experience and analyse traffic. Cookies are small files stored on your device. You can set your browser to refuse cookies, but this may limit your use of certain features on our Website. Please refer to our Cookie Policy for details on the types of cookies we use and how to manage them.

Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. The updated version will be posted on our Website with the effective date. We encourage you to review this Policy periodically to stay informed of how we are protecting your data.

For further information about your data protection rights or to lodge a complaint, you may contact the Information Commissioner’s Office (ICO) at www.ico.org.uk or by calling 0303 123 1113.