Privacy policy

Privacy Policy

Last updated: [Add date]

Heyv Fine Jewelry ("we", "us", "our") operates the website [your-store-url] (the "Store"). This Privacy Policy explains how we collect, use, and protect your personal data when you visit our Store or purchase our handcrafted jewellery.

We process personal data in accordance with the EU General Data Protection Regulation (GDPR) and applicable national data protection laws.

1. Who we are

Data controller: Heyv Fine Jewelry
Email: [your-email@example.com]
Address: [Your business address, EU]

2. Personal data we collect

We may collect the following information when you place an order, create an account, subscribe to our newsletter, or contact us:

  • Name and contact details (email address, phone number, delivery address)
  • Order and payment information (processed securely by our payment provider — we do not store full card details)
  • Ring size and custom order specifications
  • Communication history (emails, contact form messages)
  • Technical data (IP address, browser type, device information) via cookies and analytics

3. How we use your data

We use your personal data to:

  • Process and fulfil your orders, including made-to-order jewellery production
  • Communicate about your order, delivery, and customer service requests
  • Send marketing communications if you have opted in (you may unsubscribe at any time)
  • Improve our website and customer experience
  • Comply with legal obligations (tax, accounting, consumer law)

Legal bases (GDPR): contract performance, legitimate interests, legal obligation, and consent (for marketing).

4. Sharing your data

We share data only with trusted service providers necessary to operate our business:

  • Shopify (e-commerce platform and hosting)
  • Payment processors
  • Shipping and courier partners (for EU delivery)
  • Email and marketing tools (if you subscribe)

We do not sell your personal data to third parties.

5. International transfers

Some service providers may process data outside the EU/EEA. Where this occurs, we ensure appropriate safeguards are in place (e.g. Standard Contractual Clauses).

6. Data retention

We retain order and customer data for as long as necessary to fulfil orders, handle returns, and meet legal accounting requirements (typically up to 7 years for financial records).

7. Your rights

Under GDPR, you have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Request erasure ("right to be forgotten") where applicable
  • Restrict or object to processing
  • Data portability
  • Withdraw consent at any time (for marketing)
  • Lodge a complaint with your local data protection authority

To exercise your rights, contact us at [your-email@example.com].

8. Cookies

Our Store uses cookies and similar technologies for essential functionality, analytics, and marketing. You can manage cookie preferences through your browser settings. See our cookie notice in the Store footer for more details.

9. Security

We implement appropriate technical and organisational measures to protect your personal data. Payment transactions are encrypted via our payment provider.

10. Changes to this policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated date.

11. Contact

For privacy-related questions: [your-email@example.com]