The purpose of this policy is to clarify how and why we process customer data and to ensure that you are fully informed on your rights under current laws and regulations and on what personal data we may collect when you interact with us. If you do not agree to the following policy you may wish to cease viewing / using this website.
If there are any points on which you would like further information, please do not hesitate to contact us on email@example.com or at the registered address above and we will be happy to answer any questions you might have.
From time to time the details of this policy may be amended in order to comply with any new regulatory requirements. If, as determined by us, the lawful basis upon which we process your personal information changes, we will notify you about the change and any new lawful basis to be used if required. We shall stop processing your personal information if the lawful basis used is no longer relevant.
1) When do we collect data about you?
- When you create an account with us
- When you purchase a product from us
- When you contact us to ask about a product, request information, raise a query, reply to an invitation or book an appointment
- If you engage with us online
- If you engage with us on social media
- If you fill in any forms
2) What type of information do we hold about you?
- Customer relationship data covering details of your interaction with us in person, or by telephone, email or online
- Enquiries and correspondence data regarding details of projects, information requests and products that you have voiced interest in, purchased or commissioned
- Profile and account data which is the contact information you have supplied to us in the course of communications: likely to include your title, name, email address and telephone number (landline and/or mobile) and if you have been invoiced or arranged a meeting with us, probably your home or work address. In addition, we might have your billing and/or postal address where parcels have been sent to you.
- Transaction data such as payment card / bank transfer information you have supplied in order to make payment to Jeppe Leon, or in order for us to make payment to you.
- Service data, including copies of Receipts, Invoices, Order forms, Buy Notes, Insurance valuations and Project Planning documents. This may also include information regarding items of your own jewellery where they have been noted/described on Workshop Instructions, Repair Notes, Take-in forms, Insurance documentation or Laboratory Reports
- Publication data where you have provided Jeppe Leon with product or service reviews, or have supplied a testimonial.
- Notification data covering your chosen preferences regarding newletters and updates
- Your social media username if you are in contact with us via Instagram or Twitter.
Some cookies are required to enjoy and use the full functionality of this website.
Further general information about cookies, how they work and how to manage them, can be found here [https://cookies.insites.com/]
3) On what premise do we collect data about you?
- When you have given Jeppe Leon your express permission, verbally or online, to use your contact details in order for us to keep in touch with you
- When you sign up for any of our marketing communications
Legitimate interest: This is to allow Jeppe Leon to function as a commercial entity without impacting your rights, freedoms or interests. This may include
- reasonable marketing activities such as news updates, information about product launches or personal invitations to events
- to offer you tailored, relevant information about our services or products to make your experience of Jeppe Leon the best it can be
- to enable Jeppe Leon to keep archived records of items that have been designed, crafted, undergone restoration or that have been valued for insurance (or probate) should they ever be required by us or by you for reference purposes.
Contractual: required when we need to access data in order to:
- Process the work you have requested us to carry out on your behalf
- Provide customer service and support
- If we are required to submit financial information or other data in the course of criminal or regulatory investigations
- To send you communications required by law or which are necessary to inform you about our changes to the services we provide you. For example, updates to this Privacy Notice, product recall notices, and legally required information relating to your orders. These service messages will not include any promotional content and do not require prior consent when sent by email or text message. If we do not use your personal data for these purposes, we would be unable to comply with our legal obligations.
4) What happens to the data we collect about you?
We are committed to protecting our customer’s privacy and we treat your data carefully to ensure it is protected
Any personal customer data we hold is kept
- for as long as you have an account with us
- for as long as it is needed to provide the services you have requested from us
- for as long as it is required for the purpose for which it was collected
- to comply with our legal and contractual obligations, prevent fraud, enforce our terms and conditions, or as required for purposes of due diligence or best practice
We do not sell your data to third parties
We may share your data with third parties in order for us to be able to carry out our contractual obligations to you. Examples include:
- Courier companies or postal services
- Financial institutions, payment service providers or auction houses to enable payments or transaction follow-up enquiries
- Digital support services that we use for our online systems management
- To send you information or marketing updates via online platforms such as Mailchimp
- We may disclose your personal data to our insurers and/or professional advisers insofar as reasonably necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, obtaining professional advice, or the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure
- To co-operate with any anti-fraud or law enforcement agency in the course of their enquiries
5) Your rights over personal data
Under the GDPR your rights are as follows:
- the right to be informed
- the right of access
- the right to rectification
- the right to erasure
- the right to restrict processing
- the right to data portability
- the right to object
- the right not to be subject to automated decision-making including profiling.
We handle subject access requests in accordance with the GDPR. Please do not hesitate to contact us should you wish to access, correct, amend or withdraw the personal data we hold on you.
You may also change or withdraw the consents you have given to us in the past about the use of your data or opt out of any or all direct marketing activities undertaken by Jeppe Leon by either clicking the ‘Unsubscribe’ button on our newsletters or by emailing or writing to our postal address as below.
Should you wish to make any of the above requests, we will ask that you provide us with verification of your identity to ensure that information is only released to those with a legal and legitimate right to it.
Any concerns or questions you might have about processing of your personal data at Jeppe Leon can be addressed to firstname.lastname@example.org or Jeppe Leon Ltd, Suite 77, 272 Kensington High Street, London W8 6ND.
You also have the right to complain to the Information Commissioner’s Office [www.ico.org.uk] if you feel there is a problem with the way we are handling your data.
6) Email marketing messages & subscription
Under the GDPR we use the consent lawful basis for anyone subscribing to our newsletter or marketing mailing list. We only collect certain data about you, as detailed above. Any email marketing messages we send are done so through an EMS, email marketing service provider. An EMS is a third party service provider of software / applications that allows marketers to send out email marketing campaigns to a list of users.
Email marketing messages that we send may contain tracking beacons / tracked clickable links or similar server technologies in order to track subscriber activity within email marketing messages. Where used, such marketing messages may record a range of data such as; times, dates, I.P addresses, opens, clicks, forwards, geographic and demographic data. Such data, within its limitations will show the activity each subscriber made for that email campaign.
Any email marketing messages we send are in accordance with the GDPR. We provide you with an easy method to withdraw your consent (unsubscribe) or manage your preferences / the information we hold about you at any time. See any marketing messages for instructions on how to unsubscribe or manage your preferences.
Our EMS provider is Mailchimp. We hold the following information about you within our EMS system;
- Email address
- I.P address
- Subscription time & date
- Communication preferences
7) Sponsored links, affiliate tracking & commissions
Our website may contain affiliate links on some pages. We only use trusted partners or associates who each have high standards of user privacy and security. However, we do not control, and cannot be responsible for, the security of links to such partners.
Clickable affiliate links may be displayed as a website URL or as a titled text link. Clicking on affiliate links may track your actions by using a cookie saved to your device. Your actions are usually recorded as a referral from our website by this cookie.
If you have any concerns about this we suggest you do not click on any affiliate links found throughout the website.
8 ) Our details
Registered address: Jeppe Leon Ltd
272, Kensington High Street
London W8 6ND
Telephone: +44 (0) 7932 110226
Company Registration: 72 96205
VAT No. 995 2675 61
Data protection officer: Jessica Pumphrey
These gems have life in them: their colours speak, say what words fail of.
~ George Eliot