Privacy Policy

PRIVACY POLICY

Last updated: Detsember 2025

1. Introduction

This Privacy Policy explains how personal data is collected, used, stored, and protected when you use the website Birland Diamonds (the “Website”).

We are committed to protecting your privacy and complying with applicable data protection laws, including the EU General Data Protection Regulation (GDPR).

2. Data Controller and Data Processor

2.1 Data Controller

The Data Controller responsible for personal data processed in connection with the sale of products is:

DELTA CAPITAL MANAGEMENT LIMITED
Company number: 13767933
Registered address: One Canada Square, Canada Square, London, England, E14 5DY
Email: info@birlanddiamonds.com

DELTA CAPITAL MANAGEMENT LIMITED determines the purposes and means of processing personal data related to orders, deliveries, payments, refunds, and customer communications.

2.2 Data Processor

The Website and its technical infrastructure are operated by:

AJDrive OÜ
Registry code: 17277668
Registered address: Õismäe tee 118-38, Haabersti linnaosa, Tallinn, 13420, Estonia

AJDrive OÜ acts as a Data Processor, processing personal data solely on behalf of and under the instructions of the Data Controller.

3. What Personal Data We Collect

Depending on your interaction with the Website, we may collect the following categories of personal data:

3.1 Identification & Contact Data

  • Full name

  • Email address

  • Phone number

  • Billing and shipping address

3.2 Order & Transaction Data

  • Products ordered

  • Order value and currency

  • Payment status

  • Refund and return information

3.3 Technical & Usage Data

  • IP address

  • Browser type and version

  • Device information

  • Pages visited and interaction data

3.4 Payment Data

Payment details (e.g., card numbers) are not stored by the Website.
All payments are processed securely by third-party payment service providers.

4. Legal Basis for Processing

We process personal data on the following legal bases:

  • Performance of a contract (Article 6(1)(b) GDPR)

  • Legal obligation (Article 6(1)(c) GDPR)

  • Legitimate interests (Article 6(1)(f) GDPR), such as improving services and preventing fraud

  • Consent (Article 6(1)(a) GDPR), where applicable (e.g. marketing cookies)

5. Purpose of Processing

Personal data is processed for the following purposes:

  • processing and fulfilling orders;

  • handling payments and refunds;

  • delivering products;

  • customer support and communication;

  • fraud prevention and security;

  • compliance with legal and regulatory obligations;

  • website analytics and performance optimisation.

6. Payment Processing

Payments made through the Website are processed by trusted third-party providers, including but not limited to:

  • Shopify Payments

  • Stripe

  • PayPal

  • Revolut

  • Visa / MasterCard

  • Apple Pay / Google Pay

These providers process personal data in accordance with their own privacy policies and applicable regulations.

7. Data Sharing

Personal data may be shared only with:

  • payment service providers;

  • logistics and shipping partners;

  • IT and hosting providers;

  • analytics and marketing service providers (where permitted);

  • legal or regulatory authorities, if required by law.

We do not sell personal data to third parties.

8. International Data Transfers

Personal data may be transferred outside the European Economic Area (EEA) where necessary for order fulfillment or payment processing.

In such cases, appropriate safeguards are applied, including:

  • adequacy decisions;

  • standard contractual clauses;

  • GDPR-compliant processing agreements.

9. Data Retention

Personal data is retained only for as long as necessary to:

  • fulfil contractual obligations;

  • comply with legal and accounting requirements;

  • resolve disputes;

  • enforce agreements.

Order and transaction data may be retained for up to 5–7 years in accordance with legal requirements.

10. Data Security

We implement appropriate technical and organisational measures to protect personal data, including:

  • SSL encryption;

  • secure servers and access controls;

  • restricted access to personal data;

  • regular system monitoring.

11. Your Rights

Under GDPR, you have the right to:

  • access your personal data;

  • request rectification or deletion;

  • restrict or object to processing;

  • data portability;

  • withdraw consent at any time;

  • lodge a complaint with a supervisory authority.

To exercise your rights, please contact:
📧 info@birlanddiamonds.com

12. Cookies

The Website uses cookies and similar technologies to enhance user experience and analyse traffic.

For more details, please refer to our Cookie Policy.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time.

Any changes will be published on this page with an updated “Last updated” date.

14. Governing Law and Jurisdiction

This Privacy Policy shall be governed by the laws of the Republic of Estonia.

Any disputes relating to personal data processing shall be subject to the jurisdiction of the courts of Estonia.

15. Contact Information

For privacy-related inquiries or requests, please contact:

📧 info@birlanddiamonds.com