GDPR Compliance Statement

At Nugget Jewellery, we are committed to protecting your privacy and ensuring the security of your personal data. We comply with the General Data Protection Regulation (GDPR) and respect your rights regarding the collection, processing, and retention of your personal information.

Data Collection and Use

We collect and process personal data for specific and lawful purposes. The data we collect may include:

- Contact Information: Name, email address, phone number, and mailing address.

- Order Details: Information necessary for order processing and delivery.

- Payment Information: Securely processed through reputable payment gateways.

- Communication: Records of correspondence and inquiries you make with us.

Lawful Basis for Processing

We process your personal data based on the following lawful grounds:

- Consent: When you provide explicit consent for specific purposes.

- Contractual Necessity: To fulfill orders and provide requested services.

- Legal Obligations: To comply with applicable legal requirements.

Data Security

We take appropriate measures to ensure the security of your personal data. We implement safeguards to prevent unauthorized access, disclosure, alteration, or destruction of your information.

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected and to comply with legal obligations.

Your Rights

Under GDPR, you have certain rights regarding your personal data:

- Right to Access: You can request access to the personal data we hold about you.

- Right to Rectification: You can request the correction of inaccurate data.

- Right to Erasure: You can request the deletion of your data under certain conditions.

- Right to Object: You can object to the processing of your data under certain circumstances.

- Right to Restrict Processing: You can request the restriction of processing in certain situations.

- Right to Data Portability: You can request the transfer of your data to another party.