Introduction

This notice applies to any online and mobile website, application and digital service (“Services”) of Fiori jewels LTD (“Fiori”, “we”, “us” or “our”).

It also describes your data protection rights, including a right to object to some of the processing which Fiori jewels LTD carries out (e.g. direct marketing). You can also learn about cookies and similar technology in this notice.

What information do we collect?

The following categories of personal data will be collected about you in connection with your interaction with us and use of our Services including, but not limited to, when you purchase products on our Services, you complete forms on our Services, submit user-generated reviews or ratings, and engage in any social media functions on our Services.

1. Information you give us
   • personal identification information such as, your name, date of birth and gender.
   • contact information such as, email address and telephone number.
   • demographic information: such as, postal address.
   • financial information: such as, credit/debit card numbers.
   • your purchase history.
   • if you have completed a survey or entered a competition with us.
   • if you contact us by phone, email or otherwise, we will keep a record of that correspondence.
   • your marketing preferences, including any consents you have given us when you subscribe to our newsletter or set up an online account.
2. Information we collect automatically
   • information related to the browser, device or operating system you use to access our services.
   • your IP address, the website you came from, information on actions taken on our services including but not limited to pages viewed, dated and times of visits, time spent on each page, products viewed, clicked on, added to your basket and purchased.
3. Information we receive from third partiesSometimes we receive personal data about you from third parties when you engage with our services through social media, or other non-Fiori Jewels LTD sites or applications, those sites will share personal data with us including, but not limited to:
   • the content you have viewed or interacted with.
   • about adverts within the content which you have been shown or clicked on.
   • your IP address, registered beacons or GPS (geo location) signals you have received.
   • publicly available information.
   • non-personal information used to supplement existing information, such as demographics and affluence metrics (e.g. social-demographic groupings through matching postcodes).

The privacy notices for these sites and applications will contain more detail about this and how to change your privacy settings on those sites and applications.

How do we use this information, and what is the legal basis for this use?

We process your personal data for the following purposes:

• To fulfil a contract, or take steps linked to a contract including fulfilling any orders your place.

This includes:

• processing your order, registration for the Services, or entry to a competition.
• providing the Services, to communicate with you about them or your account with us.
• communicating with you (including by email and SMS) and providing our customer services.
• verifying your identity and sending you information about changes to our terms or policies.

To conduct our business and pursue our legitimate interests, in particular:

• we will use your personal data to provide products and Services you have requested, and respond to any comments or complaints you may send us.
• we monitor use of our Services, and use your personal data to help us monitor, improve and protect our products, content, services and websites, both online and offline.
• we use your personal data to personalise our products and Services for you.
• to prevent, investigate and/or report fraud, misrepresentation, security incidents or crime, in accordance with applicable law.
• we use information you provide to investigate any complaints received from you or from others, about our website or our products or services.
• we will use data in connection with legal claims, compliance, regulatory and investigative purposes as necessary (including disclosure of such information in connection with legal process or litigation).

Where you give us your consent, we will use your personal data:

• to send you newsletters and other promotional material about our Services and to use technologies to check if these have been received and opened to help make our communications relevant to you.
• to place cookies and use similar tracking technologies to personalise content and advertising for you and to make our content function better.
• to invite you to take part in market research (where consent is required).
• on other occasions where we ask you for consent, we will use the data for the purpose which we explain at that time.

For purposes which are required by law:

• in response to requests by government or law enforcement authorities conducting an investigation.

Who will we share this data with, where and when?

With your consent (where required), we share your personal data with trusted thirdparty service providers, suppliers, affiliates, divisions, partners, sponsors, agents and representatives we have engaged to perform business-related functions on our behalf. For example:
(i) conduct research and analytics.
(ii) create content.
(iii) provide customer support services.
(iv) conduct or support marketing.
(v) fulfil orders.
(vi) handle payments.
(vii) host services.
(viii) administer contests.
(ix) maintain databases.

In all cases, the third party is acting on Fiori express instructions and in accordance with this Policy, confidentiality and levels of security.
Without your consent, we share your personal data:

• with third party platforms such as Facebook or Google to send you targeted advertisements on our behalf.
• in response to legal process, for example: in response to a court order or a subpoena, a law enforcement or government agency’s request.
• with third parties if this will help us to enforce our policies and terms of use, to check for potential illegal activity (such as copyright infringement or fraud) or to protect the safety of other users of the Services.
• if we, or one of our business units, undergoes a business transition, like a merger, acquisition by another company, or sale of all or part of our assets.

How long will we retain your data?

Where we process personal data for marketing purposes or with your consent, we process the data until you ask us to stop and for a short period after this (to allow us to implement your requests). We also keep a record of the fact that you have asked us not to send you direct marketing or to process your data indefinitely so that we can respect your request in future.

Data will be retained for 6 months in Database Servers and backup unless Contract Agreement specifies a shorter duration.

Data from both primary & backup Servers can be purged within 30 days in case of Client request.

What rights do I have?

• You have the right to ask us for a copy of your personal data; to correct, delete or restrict (stop any active) processing of your personal data and to obtain the personal data you provide to us for a contract or with your consent in a structured, machine readable format, and to ask us to share (port) this data to another controller.
• You can object to the processing of your personal data in some circumstances (in particular, where we don’t have to process the data to meet a contractual or other legal requirement, or where we are using the data for direct marketing).
• These rights may be limited, for example if fulfilling your request would reveal personal data about another person, where they would infringe the rights of a third party (including our rights) or if you ask us to delete information which we are required by law to keep or have compelling legitimate interests in keeping. We will inform you of relevant exemptions we rely upon when responding to any request you make.

To exercise any of these rights, or to obtain other information, such as a copy of a legitimate interests balancing test, you can get in touch with us using the details set out below. If you have unresolved concerns, you have the right to complain to an EU data protection authority where you live, work or where you believe a breach may have occurred.

Where we require your personal data to comply with legal or contractual obligations, then provision of such data is mandatory: if such data is not provided, then we will not be able to manage our contractual relationship with you, or to meet obligations placed on us.

Withdrawing consent or otherwise objecting to direct marketing

Wherever we rely on your consent, you will always be able to withdraw that consent, although we may have other legal grounds for processing your data for other purposes, such as those set out above. In some cases, we are able to send you direct marketing without your consent, where we rely on our legitimate interests.

You have an absolute right to opt-out of direct marketing we carry out for direct marketing, at any time. You can do this by clicking on the unsubscribe link at the bottom of our emails, or by contacting us using the details set out below.

SECURITY MEASURES

We have put in place physical, electronic, and managerial procedures designed to help prevent unauthorised access, to maintain data security, and to use correctly the personal data we collect online. These safeguards vary based on the sensitivity of the personal data that we collect and store.

Although we take appropriate measures to safeguard against unauthorised disclosures of personal data, we cannot assure you that your personal data will never be disclosed, altered or destroyed in a manner that is inconsistent with this privacy notice.

Children’s Privacy

Our services do not target and are not intended to attract children under the age of 16. We do not knowingly solicit personal data from children under the age of 16 or send them requests for personal information.

Cookies

When you visit the service we may store some information (commonly known as a “cookie” or similar technologies) on your device. Cookies are pieces of information that a website transfers to your hard drive to store and sometimes track information about you. Cookies are specific to the server that created them and cannot be accessed by other servers, which means that they cannot be used to track your movements around the web.

Cookies can be categorized as set out below:

• strictly necessary cookies – these cookies are essential in order to enable you to move around a website and use its features and enable services you have specifically asked for. Consent is not generally required for these cookies.
• performance cookies – these collect information about how visitors use a website, for example, by recording which pages users go to most often (usually on an anonymous basis).
• functionality cookies – these cookies allow a website to remember the choices a user makes, such as a username or language preference.
• targeting or advertising cookies – these collect information about a user’s browsing habits and are usually placed by advertising networks with the website operator’s permission.

Cookies can also be categorised in accordance with how long they are saved on your device. “Session cookies” are short-term cookies that are only saved on the computer’s memory for the duration of a user’s visit to the website, whereas “persistent cookies” remain saved in the computer’s memory for a set period of time, even after the browser session has ended.

How to manage & remove cookies

If you are using our Services via a browser, you can change your cookie preferences and withdraw your consent at any time using the Cookie Preferences Centre.

The Help menu on the menu bar of most browsers also tells you how to prevent your browser from accepting new cookies, how to delete old cookies, how to have the browser notify you when you receive a new cookie and how to disable cookies altogether.

If you are using our Services via an application, then you can change your consent by following the relevant application’s directions. In addition, the operating system for your device provides instructions on how to prevent tailored advertising and how to reset your device’s advertising identifier.

Who is the data controller?

The data controller for your information is Fiori Jewels which you have a relationship with or which manages the website you have visited. Please find our contact details below.

How do I get in touch with you?

We hope that we can satisfy queries you may have about the way we process your data. If you have any concerns about how we process your data, or would like to opt out of direct marketing, you can get in touch at or by writing to:

FIORI JEWELS FZCO

OFFICE 127, BUILDING 5
GOLD AND DIAMOND PARK
SHEIKH ZAYED ROAD P.O.Box 65129
Dubai, UAE.
Email : contact@fiorijewels.com

Changes to this Privacy Notice

From time to time, we may update this notice. We will notify you about any upcoming material changes by either sending you an email to the email address you recently provided to us or by prominently posting a notice on our Services. We encourage you to periodically check back and review this notice so that you know what personal data we collect, how we use it, and with whom we share it