PRIVACY & SECURITY

WHY WEE'RE ALLOWED TO HANDLE AND STORE YOUR PERSONAL DATA

1. Consent
If you visit the Site and are not already an existing customer, we might ask for your consent to process your data, so that we can send you our special offers and news.

2. Contractual obligations
For example, in order to allow us to fulfil an order when you purchase our products.

3. Legal compliance
In some circumstances, we may be legally required to collect and process your data e.g. to pass it on to the police if criminal activity is suspected.

4. Legitimate Interest
It may be necessary to use your data to help us run and improve our business. For example, to personalise the services we provide, or to improve our internal processes. We will only use your data in these instances, where doing so does not materially impact your rights, freedom or interests.

We will only use your personal data when the law allows us to. Most frequently, we will use your personal data to fulfil a contractual obligation, or where we have a legitimate interest.


CALIFORNIA CONSUMER PRIVACY ACT

In order to satisfy the California Consumer Privacy Act (“CCPA”) and other relevant legislation, we are required to provide specific information for residents of California. You should also refer to the rest of this policy, which provides the requisite detail concerning:

the kind of personal data we collect;
the purposes for which we use the data; and
where we disclose this information to third parties.
In the preceding twelve months, we have not sold any personal information belonging to consumers.

California consumers may have the right (at no charge, up to twice every 12 months, subject to certain exceptions) to make requests regarding the following:

the categories of personal data we collected about you;
the categories of sources for the personal data we collected about you;
our business or commercial purpose for collecting that personal data;
the categories of third parties with whom we share that personal data;
the categories of personal data that each recipient received; and
the specific pieces of personal data we collected about you
You also have the right, subject to certain exceptions defined in the CCPA and other applicable laws and regulations, to request that a company delete any of your personal data that it has collected from you and retained, subject to certain exceptions. To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by contacting us here.

Your request must:

Provide sufficient information that allows us to reasonably verify, that you are the person about whom the personal data concerns. This may include requesting that you provide us with at least two or more pieces of personal data to match against personal data about you that we may or may not maintain and which we have determined to be reliable for the purpose of verification.
Describe your request with sufficient detail to allow us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with personal data if we cannot verify your identity or authority to make the request and confirm the personal data relates to you. Making a verifiable consumer request does not require you to create an account with us. We will only use personal data provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

We do not discriminate against consumers for exercising their rights under the CCPA.


HOW WE COLLECCT YOUR PERSONAL DATA

We use different methods to collect data from and about you including through:

Direct interactions. You may give us your personal data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:
apply for our products or services;
create an account on our website;
subscribe to our publications;
request marketing to be sent to you;
enter a competition, promotion or survey; or
give us feedback or Contact Us.
Automated technologies or interactions. As you interact with our website, we will automatically collect technical data about your equipment, browsing actions and patterns. We collect this personal data by using cookies and other similar technologies. Please see our [cookie policy] for further details.
Third parties or publicly available sources. We will receive personal data about you from various third parties as set out below.
Technical data from the following parties:

(a) analytics providers such as Google based outside the USA;

(b) advertising networks such as Facebook based outside the USA; and

(c) search information providers such as Google based outside the USA.

Contact, Financial and Transaction Data from providers of technical, payment and delivery services such as Paypal based outside the USA.

Identity and Contact Data from data aggregators based inside or outside the USA.


YOU PERSONAL DATA

regulusjewelry.com (the“Site”) is owned and run by Regulus Meteorite Jewelry Limited. (“we”, “us” or “our”). Your privacy is taken very seriously and steps are taken to ensure your privacy is protected at all times. We also believe it is important to let you know what information is collected from the Site and why, and what we do with this information.

At Regulus Meteorite Jewelry, we collect personal information about you. We are the controller and responsible for the information we may collect. We collect this information in order to provide a personalised experience catered to you, offer you competitions and promotions and to ensure that Regulus Meteorite Jewelry is able to continue to improve its standards and services. This also allows us to alert you to administrational, product or service changes, and for marketing purposes. We gather this information about you when you engage in the following ways:

You register with, or subscribe to, regulusjewelry.com and marketing channels.
You use our online services and place orders.
You sign up to competitions or special offers.
You interact with us online via social media, digital advertising on our, or any other, website where Regulus Meteorite Jewelry are represented.
You ask for information, provide a testimonial or feedback, comment on blogs and articles that are represented by Regulus Meteorite Jewelry.
You attend an event hosted by us, or where we are acting as sponsor.

This website is not intended for children and we do not knowingly collect data relating to children. If you are under the age of 16, you must inform a parent or guardian about our privacy policy and obtain their agreement to this privacy policy before using any of our online services, including, but not limited to, registration with Regulus Meteorite Jewelry, subscribing to our newsletter, or placing an order with us.

We have appointed a data protection officer (“DPO”) who is responsible for overseeing questions in relation to this privacy policy. If you have any questions about this privacy policy, please contact the DPO using the details set out below.


FAILURE TO PROVIDE PERSONAL DATA

If you do not provide personal data to us in the case where it is needed by law, or under the terms of a contract we have with you, we may not be able to perform the contract we have, or are trying to enter into, with you (for example, to fulfil your order). In this case, we may have to cancel your order, but we will notify you if this is the case at the time.


WHAT PERSONAL DATA IS COLLECTED

Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymised data). The personal information we may collect and store about you includes, but is not limited to, the following information:

Title
Name and surname
Date of birth
Gender
Email address
Contact phone number(s)
Billing and delivery address
Bank account and payment card details
Transaction data including purchase information and payment details
Technical data including IP address, log-in data and computer/device settings
Interests, preferences and website usage data
Interactions with us e.g. contacting our Customer Services Team (we may record your calls), or visits to our website
Personal information you put on social media
Information you provide in your reviews of us, or survey responses
Attendance at events (and travel preferences)
Information from cookies, including information on the devices you may use to make a purchase - please see our separate Cookies Policy
We may also use and share aggregated data, which may be derived from your personal data but due to the way the data is handled (by anonymising and/or combining it with other data) it is not considered by law to be personal data.

We do not collect any special categories of personal data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.


THIRD-PARTY LINKS

The site may include links to third-party websites, plug-ins and applications. By clicking on those links or enabling those connections you may allow third parties to collect or share data about you. Please note that we do not control these third-party websites and are not responsible for their privacy statements. As such, we recommend that you read the privacy policy of every website you visit.


CONTACT DETAILS

If you have any questions about this privacy policy or our privacy practices, please contact our DPO in the following ways:

Full name of legal entity: Regulus Meteorite Jewelry Limited

Email address: customer_service@regulusjewelry.com

Postal address: FAO: Data Protection Officer, Regulus Meteorite Jewelry Limited, China:No. 317, Building 20, No. 5, Vanke Park, Chaoyang District, Beijing


MARKETING AND PROMOTIONS

We may use your personal data to send you marketing and promotional information if you have:

requested information from us; or
purchased goods from us; and
you have not opted out of receiving that marketing.


OPTING OUT

You can opt of out Regulus Meteorite Jewelry or third-party marketing communications at any time by following the opt-out links on any marketing message sent to you, or by contacting us here CONTACT US at any time.

Where you opt out of receiving these marketing messages, this will not apply to any personal data provided to us as a result of purchasing our goods or any other transactions with us.


CHANGE OF PURPOSE

We only use personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Please note that we will only process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.


SECURITYT POLICY

To process an order, we need your credit / debit card number and expiry date, plus any security details that the credit card processor may require. Regulus Meteorite Jewelry employs trusted and reputable third-party hosting agents and payment providers to ensure the security of personal data. All credit card details that are given to us by you the customer are done so on a secure server using Shopify Payments. The transfer of the purchase details from our site to Shopify Payments are encapsulated using their encrypted and digitally-signed protocol. This uses a combination of standard methods to ensure that the information passed is secure and tamper-proof. Shopify Payments is PCI DSS compliant and is regulated by qualified security assessor Trustwave. Please note, we do not store any financial information from you. Alternatively, you may process an order using Paypal, Apple Pay, Google Pay or Amazon Pay.


CHANGES TO OUR PRIVACY POLICY

We reserve the right to modify this Privacy Policy at any time. Any material changes we may make to our Privacy Policy will be updated on the Privacy & Security section of our Site. Please review it occasionally to remain informed and updated. If your personal details change or if you have any queries about how we use your personal data, please notify missoma.com by contacting us here, or by writing to us at FAO: The DPO, China:No. 317, Building 20, No. 5, Vanke Park, Chaoyang District, Beijing