Privacy Policy

Last updated: 7 June 2026

Regal Gems & Jewellery (“we”, “us”, or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal information when you visit our website (https://regalgemsandjewellery.co.uk) or make a purchase from us.

We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

Regal Gems & Jewellery operates the website https://regalgemsandjewellery.co.uk. We sell fine gemstones, jewellery, and related products to customers in the United Kingdom and internationally.

For any privacy-related questions, you can contact us at:

Phone: 020 8427 0646
WhatsApp: +44 7766 101056
Email: Via our Contact page

2. What Personal Data We Collect

We collect and process the following types of personal data:

2.1 Information You Provide to Us

Account information: Name, email address, phone number, billing and shipping addresses, when you create an account or place an order.
Order details: Products purchased, payment information (processed securely by our payment providers — we do not store full card details), and delivery preferences.
Communications: Any information you provide when contacting us via our contact form, WhatsApp, email, or phone, including inquiries about gemstones and jewellery.
Reviews and comments: Any feedback or reviews you choose to submit.

2.2 Information Collected Automatically

Device and browsing data: IP address, browser type and version, time zone setting, browser plug-in types, operating system, and platform.
Usage data: Pages you visit, products you view, time spent on pages, page interaction information, and referral sources.
Cookies: See our Cookies section below for details.

3. How We Use Your Personal Data

We use your personal data for the following purposes:

To fulfil orders: Processing payments, shipping products, and providing order confirmations and delivery updates.
Customer support: Responding to your inquiries, including gemstone sourcing requests and product questions via WhatsApp, phone, or email.
Account management: Maintaining your user account, wishlist, and order history.
Website improvement: Analysing how visitors use our site to improve functionality and user experience.
Marketing (with consent): Sending promotional emails about new products, offers, or events, only where you have opted in.
Legal compliance: Meeting tax, accounting, and other legal obligations.
Security: Protecting against fraud and ensuring the security of our website.

4. Legal Basis for Processing

Under UK GDPR, we process your personal data on the following legal bases:

Contract: Processing necessary to fulfil your order or respond to your request.
Consent: Where you have agreed to receive marketing communications.
Legitimate interests: Website analytics, fraud prevention, and improving our services.
Legal obligation: Compliance with tax, accounting, and regulatory requirements.

5. Cookies

Our website uses cookies to enhance your browsing experience. Cookies are small text files stored on your device.

We use the following types of cookies:

Essential cookies: Required for the website to function, such as maintaining your shopping cart and account session.
Analytics cookies: Help us understand how visitors interact with our website (e.g., Google Analytics).
Preference cookies: Remember your settings and choices, such as language or region.
Marketing cookies: Used to deliver relevant advertisements and track their performance (only with your consent).

You can manage or disable cookies through your browser settings. Please note that disabling essential cookies may affect the functionality of our website.

6. Who We Share Your Data With

We do not sell your personal data. We only share your data with trusted third parties where necessary to operate our business:

Payment processors: To securely process your payments (e.g., PayPal, Stripe, or other providers).
Shipping and delivery partners: To deliver your orders to the correct address.
Website hosting and IT providers: To maintain and secure our website infrastructure.
Analytics providers: To help us understand website traffic and usage.
Legal authorities: When required by law or to protect our legal rights.

All third-party providers are required to keep your data secure and use it only for the specified purposes.

7. International Data Transfers

Some of our service providers may process your data outside the UK. Where this occurs, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses, to protect your personal data in accordance with UK GDPR.

8. Data Retention

We retain your personal data only for as long as necessary:

Order records: Retained for 6 years to comply with UK tax and accounting laws.
Account information: Retained while your account is active. You may request deletion at any time.
Marketing data: Retained until you withdraw your consent or opt out.
Correspondence: Retained for 2 years after the last interaction.

9. Your Data Protection Rights

Under UK GDPR, you have the following rights:

Right to access: Request a copy of the personal data we hold about you.
Right to rectification: Request correction of inaccurate or incomplete data.
Right to erasure (“Right to be Forgotten”): Request deletion of your personal data, subject to legal obligations.
Right to restrict processing: Request that we limit how we use your data.
Right to data portability: Receive your data in a structured, commonly used format.
Right to object: Object to processing based on legitimate interests or direct marketing.
Right to withdraw consent: Withdraw consent for marketing at any time.

To exercise any of these rights, please contact us using the details above. We will respond within one month.

10. Data Security

We take appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or destruction. This includes:

SSL encryption for all data transmitted via our website.
Secure payment processing through PCI-compliant providers.
Regular security monitoring and updates.
Access controls limiting who can view personal data.

11. Children’s Privacy

Our website is not intended for children under 16 years of age. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. Any updates will be posted on this page with a revised “Last updated” date. We encourage you to review this policy periodically.

13. Contact Us

If you have any questions about this Privacy Policy or how we handle your personal data, please contact us:

Phone: 020 8427 0646
WhatsApp: +44 7766 101056
Online: Contact page

You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO) if you believe we have mishandled your personal data.