The controller of your personal data is SIA 976, reg. No. 40203602834, legal address: Hospitalu Street 26-13, Riga, Latvia (hereinafter referred to as the Company).

By using the services of the Company, you voluntarily entrust us with your personal data, thereby becoming a customer (hereinafter referred to as the Client).

The Company is committed to respecting your rights to lawful processing and protection of personal data and complying with all applicable data protection regulations.

This Policy outlines how your personal data is processed during the provision of our services. Below, you will find information about:

• What personal data is collected and how we obtain it;
• The purposes and legal bases for processing your data;
• Whether and how your data is shared with third parties;
• How we protect your data and how long we store it;
• How you can access your data;
• Our commercial communication practices.

This Policy is publicly available, and the Company reserves the right to make changes or updates at any time.

 1. Collected Personal Data and Methods of Obtaining Data

1.1. The following personal data may be processed when using the Company’s services:

• Name and surname;
• Phone number;
• Email address;
• Delivery address;
• Information about selected products and their specifications;
• Internet Protocol (IP) address and usage data.

1.2. Payment card and bank account data are not processed by the Company. Payment processing is carried out by secure third-party providers. The Company provides these providers only with order details (such as the order number and total amount).

1.3. Personal data is obtained in the following ways:

• Data provided directly by the Client when filling out forms on our website;
• Data provided during communication with Company representatives via email.
• Data received from third-party service providers involved in fulfilling orders;
• Data generated through the use of our website.

1.4. This Policy applies to all forms of data processing, whether the Client provides their data electronically or in paper form.

2. Purpose and Legal Basis for Data Processing

2.1. Personal data is processed for the following purposes:

• To fulfill contractual obligations (e.g., completing and delivering orders);
• To handle warranties and claims;
• To improve services and develop new offerings;
• To send marketing communications with prior consent;
• To conduct customer satisfaction surveys and loyalty programs;
• To comply with legal obligations and respond to government requests.

2.2. The legal basis for data processing includes:

• Performance of a contract;
• Client’s consent;
• Company’s legitimate interests, such as improving services or protecting rights;
• Compliance with legal requirements.

3. Processing and Sharing of Personal Data

3.1. Personal data is shared only within the European Union and exclusively with trusted third parties directly involved in fulfilling the requested service (e.g., delivery providers).
3.2. The Company ensures that only the minimum necessary personal data is shared to provide the service.
3.3. Data is shared with third parties only in a secure manner and when legally justified.

4. Data Storage and Protection

4.1. The Client is responsible for maintaining the confidentiality of their login credentials, including the strength and uniqueness of passwords.
4.2. The Company employs industry-standard technical and organizational measures to protect personal data from unauthorized access. Data transmission between the Client’s device and our servers is secured using encrypted connections (e.g., SSL).
4.3. Personal data is stored for as long as one of the following conditions applies:

• The contract with the Client is active;
• The data is needed for legal purposes (e.g., defending claims in court);
• Client consent for data processing is valid.

After these conditions expire, personal data is either anonymized or securely deleted.

5. Client Rights and Access to Data

5.1. Clients have the right to access, correct, or delete their personal data.
5.2. Requests for data access or deletion can be made via email at info@preludejewelry.com.
5.3. Upon receiving a request, the Company will verify the Client’s identity, evaluate the request, and respond in compliance with applicable laws.

6. Commercial Communications

6.1. Marketing communications are sent only with the Client’s prior consent.
6.2. Clients can unsubscribe from marketing communications at any time by emailing info@preludejewelry.com or using the unsubscribe link in marketing emails.
6.3. The Company uses cookies to enhance website functionality and personalize Client experiences. Client can manage cookie preferences in their browser settings, but disabling cookies may impact some website features.

7. Deletion of Client Data

7.1. Clients may request the deletion of their personal data by emailing info@preludejewelry.com.
7.2. Data may not be deleted if it is necessary for:

• The purpose for which it was collected;
• Company’s legitimate interests;
• Compliance with legal obligations;
• Legal proceedings.

For any questions or concerns about this Policy, please contact us.

Last updated: November 27, 2024