IIDGR TRADE WEBSITE PRIVACY NOTICE

Our Site (“Our Site”) is operated by IIDGR UK Limited ("Company", “we” or “us” or “our”). We are registered in England and Wales under company number 08597754 and have our registered office at 20 Carlton House Terrace, London, SW1Y 5AN, UK. We are committed to protecting and respecting your privacy and we comply with data protection legislation and other applicable local laws.

The Company is a member of the De Beers Group of Companies ("Group"). The Group is made up of different legal entities, including:

  • DeBeers Diamond Jewellers Limited
  • De Beers Auction Sales Belgium NV
  • De Beers UK Limited
  • Forevermark Italy S.r.l.
  • Forevermark Limited (UK)
  • Forevermark NV
  • Element Six (UK) Limited
  • Element Six AB
  • Element Six B.V
  • Element Six GmbH
  • Element Six Limited
  • Element Six Limited (Ireland)
  • Element Six Technologies Limited

You can find out more about our Group at www.debeersgroup.com or by contacting us using the information in the contact us section.

This privacy notice (together with our Terms and Conditions and any other documents referred to in it) sets out how we will use any personal data which you provide through our Site. Please read it carefully before you proceed.

Updates

We may amend this privacy notice from time to time to keep it up to date with legal requirements and the way we operate our business, and will place any updates on this webpage. Please regularly check these pages for the latest version of this notice.  If we make fundamental changes to this privacy notice, we will seek to inform you by notice on our Site or email where possible.  This privacy notice was last updated on 23 May 2018.  

Third Party Websites

You might find external links to third party websites on our Site. This privacy notice does not apply to your use of a third party site.

WHAT PERSONAL DATA WE COLLECT AND WHEN AND WHY WE USE IT

In this section you can find out more about
  • the types of personal data we collect
  • when we collect personal data
  • how we use personal data
  • the legal basis for using personal data

When we collect personal data

Personal data is any information capable of identifying a natural person, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to their physical, physiological, mental, economic, cultural or social identity.  Data is considered personal when it enables anyone to link information to a specific person, even if the person or entity holding that data cannot make that link.

We collect personal data about you collectively ("you") if you · register with or use our Site or purchase one of our products or services.

Our Site is not intended for children and we do not knowingly collect data relating to children.

If you purchase one of our products or services

  • If you make a purchase through our Site, we will process your personal data in order to complete this purchase.  This will include fulfilling the order to inscribe and grade polished diamonds.
  • The personal data that we process to do so will be the personal data that you provide to us, such as your name, the name of your employer, your contact details (such as your business address, email address and telephone number), your payment information, VAT number and the information about your order.
  • The source of your personal data will be you, however, we may also generate personal data internally if this is needed to fulfil your order.

If you contact us using the enquiry form on our Site

  • If you contact us using the enquiry form, we will process your personal data in order to consider and respond to those queries.
  • The personal data that we process to do so will be the personal data that you provide to us, such as your name, your contact details (such as email address and telephone number) and the content of your query.
  • The source of your personal data will be you, however, we may also generate personal data internally if this is needed to respond to your query.

If you sign up to receive marketing communications

  • If you sign up to receive marketing communications, we will process your personal data in order to comply with this request.  We will process your personal data to provide you with alerts as requested.
  • The personal data that we process to do so will be the personal data that you provide to us, such as your name and your contact information.
  • The source of this personal data will be you.

Cookies

  • If you visit our Site, we use cookies to understand who has seen which webpages, to determine how frequently particular pages are visited and to determine the most popular areas of our Site.
  • Cookies will collect personal data about you.  The personal data that is collected by these cookies is internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our Site.
  • The source of this personal data will be you, gathered by the cookie.  For further information, please see the Cookies section below.

We also collect, use and share aggregated data such as statistical or demographic data for any purpose. Aggregated data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your usage data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice.

We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.

Legal basis for using your personal data

We will only collect, use and share your personal data where we are satisfied that we have an appropriate legal basis to do this. This may be because:

  • we need to use your personal data to perform a contract or take steps to enter into a contract with you; and/or
  • we need to use your personal data for our legitimate interest as a commercial organisation. In all such cases, we will look after your information at all times in a way that is proportionate and respects your privacy rights and you have a right to object to processing as explained in the Legal Rights section below; and/or
  • we need to use your personal data to comply with a relevant legal or regulatory obligation that we have; and/or
  • We have your consent to using your personal data for a particular activity. 

In particular:

What we use your information forLegal basis for using personal data Legitimate interests legal basis
To register you as a new customer Performance of a contract Not applicable
To process and complete your purchase Performance of a contract Not applicable
To manage our relationship with you which will include:
(a) notifying you about changes to our terms or privacy policy
(b) Asking you to leave a review or take a survey
Performance of a contractLegitimate interests To keep our records updated and to study how customers use our products/services
To consider and respond to queries that you submit using the "contact us" section of our Site Legitimate interests The management of our business
To communicate with you about De Beers Group products, services and news, and to send you notices (for example, in the form of e-mails, SMS, mailings, and the like), and otherwise correspond with you, about products, services, companies and events, sponsored by us and others, that We think might interest you Consent Not applicable
To manage our Site and improve your user experience Legitimate interests To ensure the effective operation of our Site.

To ensure that content from our Site is presented in the most effective manner for you and for your computer.

If you review or download information on our Site, we track the visit to give us information about which part of the site is frequented.

If you would like to find out more about the legal basis for which we process personal data please contact us.

COOKIES

Cookies help us remember information about your visit to our Site, like your country, language and other settings. They can also help us to operate our Site more efficiently and make your next visit easier. Cookies can allow us to do various other things, as explained further in our Cookie Policy which you can access by clicking on the link below. 

For more information about how our cookies work and information about how to manage your cookie settings please visit our Cookie Policy below.

SHARING PERSONAL DATA OTHERS

In this section you can find out more about how we share personal data:
  • within Company
  • with third parties that help us provide our products and services; and
  • government organisations and agencies, law enforcement and regulators

We share your personal data in the manner and for the purposes described below:

  • within the Group, where such disclosure is necessary to provide you with our products or services or to manage our business;
  • with other third parties who help manage our business and deliver services;
  • with government organisations and agencies, law enforcement, regulators, which may include the Information Commissioner's Office, to comply with all applicable laws, regulations and rules, and requests of law enforcement, regulatory and other governmental agencies; and
  • we may share in aggregate, statistical form, non‑personal data regarding the visitors to our Site, traffic patterns, and website usage with our partners, affiliates or advertisers.

Where appropriate, the third parties set out above have agreed to confidentiality restrictions and use any personal data we share with them or which they collect on our behalf solely for the purpose of providing the contracted service to us.

If, in the future, we sell or transfer some or all of our business or assets to a third party, we may disclose information to a potential or actual third party purchaser of our business or assets.

EXPLAINING MORE ABOUT DIRECT MARKETING

In this section you can find out more about
  • how we use personal data to keep you up to date with our products and services.
  • how you can manage your marketing preferences

How we use personal data to keep you up to date with our products and services

If you sign up to our marketing communications, we will use your personal data to let you know about our products and services that we believe will be of interest to you. We will do so by email, telephone and post. We will respect your preferences for how you would like us to manage marketing activity with you. 

How you can manage your marketing preferences

To protect privacy rights and to ensure you have control over how we manage marketing with you:

  • we will take steps to limit direct marketing to a reasonable and proportionate level and only send you communications which we believe may be of interest or relevance to you;
  • you can ask us to stop direct marketing at any time ‑ you can ask us to stop sending email marketing, by following the "unsubscribe" link you will find on all the email marketing messages we send you. Alternatively you can contact us. Please specify whether you would like us to stop all forms of marketing or just a particular type; and
  • you can change the way your browser manages cookies, which may be used to deliver online advertising, by following the settings on your browser as explained in the section on Cookies.

We recommend you routinely review the privacy notices and preference settings that are available to you on any social media platforms as well as your preferences within your account with us.

TRANSFERRING PERSONAL DATA GLOBALLY

In this section you can find out more about:
  • how we operate as a global business and transfer data internationally.
  • the arrangements we have in place to protect your personal data if we transfer it overseas.

We operate on a global basis. Accordingly, your personal data may be transferred and stored in countries outside the EU (including in India), that are subject to different standards of data protection.

We will take appropriate steps to ensure that transfers of personal data are in accordance with applicable law and carefully managed to protect your privacy rights and interests and transfers are limited to countries which are recognised as providing an adequate level of legal protection or where we can be satisfied that alternative arrangements are in place to protect your privacy rights. To this end:

  • we ensure transfers within the Groupwill be covered by an agreement entered into by members of the Group which contractually obliges each member to ensure that personal data receives an adequate and consistent level of protection wherever it is transferred within the Group;
  • where we transfer your personal data outside the Group or to third parties who help provide our products and services, we obtain contractual commitments from them to protect your personal data. Some of these assurances are well recognised certification schemes like the EU/ US Privacy Shield for the protection of personal data transferred from within the EU to the United States; or
  • where we receive requests for information from law enforcement or regulators, we carefully validate these requests before any personal data are disclosed.

You have a right to contact us for more information about the safeguards we have put in place (including a copy of relevant contractual commitments) to ensure the adequate protection of your personal data when this is transferred as mentioned above.

HOW WE PROTECT AND STORE YOUR INFORMATION

Security

We have implemented and maintain appropriate technical and organisational security measures, policies and procedures designed to reduce the risk of accidental destruction or loss, or the unauthorised disclosure or access to such information appropriate to the nature of the information concerned.

Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

While we have implemented reasonable technical and organisational precautions to protect the security and integrity of personal data provided to our Site, due to the inherent nature of the internet as an open global communications vehicle, we cannot guarantee that information, during transmission through the internet or while stored on our system or otherwise in our care, will be absolutely safe from intrusion by others, such as hackers. We maintain physical, electronic and procedural safeguards to protect your Personal Data.

You agree to (a) immediately notify us of any unauthorised use of your password or account or any other breach of security, and (b) ensure that you exit from your account at the end of each session. It is your responsibility to control the dissemination and use of your password, control access to and use of your account, and notify us when you desire to cancel your account on this Site. We are not responsible or liable for any loss or damage arising from your failure to comply with this provision.

We will not be liable for disclosure of your information due to errors or unauthorised acts of third parties during or after transmission.

We recommend that you change your password every three months. If you are using a public computer (e.g. at a library), or a shared computer, we urge you to log out of your account and our Site altogether, and quit the browser application before you leave the computer. This will help prevent others from accessing your account and any personal information.

In the unlikely event that we believe that the security of your personal information in our possession or control may have been compromised, we may seek to notify you of that development. If a notification is appropriate, we would endeavour to do so as promptly as possible under the circumstances, and, to the extent we have your e-mail address, we may notify you by e-mail.

Storing your personal data

We will store your personal data for as long as is reasonably necessary for the purposes for which it was collected, as explained in this privacy notice. Where your information is no longer needed, we will ensure that it is disposed of in a secure manner. In some circumstances we may store your personal data for longer periods of time, for instance where we are required to do so in accordance with legal, regulatory, tax or accounting requirements.

In specific circumstances we may store your personal data for longer periods of time so that we have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a prospect of litigation relating to your personal data or dealings.

LEGAL RIGHTS AVAILABLE TO HELP MANAGE YOUR PRIVACY

Subject to certain exemptions, and in some cases dependent upon the processing activity we are undertaking, you have certain rights in relation to your personal data.

To access personal data

You have a right to request that we provide you with a copy of your personal data that we hold and you have the right to be informed of; (a) the source of your personal data; (b) the purposes, legal basis and methods of processing; (c) the data controller’s identity; and (d) the entities or categories of entities to whom your personal data may be transferred.

To rectify / erase personal data

You have a right to request that we rectify inaccurate personal data. We may seek to verify the accuracy of the personal data before rectifying it.

You can also request that we erase your personal data in limited circumstances where:

  • it is no longer needed for the purposes for which it was collected; or
  • you have withdrawn your consent (where the data processing was based on consent); or
  • following a successful right to object (see right to object); or
  • it has been processed unlawfully; or
  • to comply with a legal obligation to which the Company is subject.

We are not required to comply with your request to erase personal data if the processing of your personal data is necessary:

  • for compliance with a legal obligation; or
  • for the establishment, exercise or defence of legal claims

Right to restrict the processing of your personal data

You can ask us to restrict your personal data, but only where:

  • its accuracy is contested, to allow us to verify its accuracy; or
  • the processing is unlawful, but you do not want it erased; or
  • it is no longer needed for the purposes for which it was collected, but we still need it to establish, exercise or defend legal claims; or
  • you have exercised the right to object, and verification of overriding grounds is pending.

We can continue to use your personal data following a request for restriction, where:

  • we have your consent; or
  • to establish, exercise or defend legal claims; or
  • to protect the rights of another natural or legal person.

Right to transfer your personal data

You can ask us to provide your personal data to you in a structured, commonly used, machine‑readable format, or you can ask to have it transferred directly to another data controller, but in each case only where:

  • the processing is based on your consent or on the performance of a contract with you; and
  • the processing is carried out by automated means.

Right to object to the processing of your personal data

You can object to any processing of your personal data which has our legitimate interests as its legal basis, if you believe your fundamental rights and freedoms outweigh our legitimate interests.

If you raise an objection, we have an opportunity to demonstrate that we have compelling legitimate interests which override your rights and freedoms.

Right to object to how we use your personal data for direct marketing purposes

You can request that we change the manner in which we contact you for marketing purposes.

You can request that we not transfer your personal data to unaffiliated third parties for the purposes of direct marketing or any other purposes.

Right to obtain a copy of personal data safeguards used for transfers outside your jurisdiction

You can ask to obtain a copy of, or reference to, the safeguards under which your personal data is transferred outside of the European Union.

We may redact data transfer agreements to protect commercial terms.

Right to lodge a complaint with your local supervisory authority

You have a right to lodge a complaint with your local supervisory authority if you have concerns about how we are processing your personal data.

We ask that you please attempt to resolve any issues with us first, although you have a right to contact your supervisory authority at any time. 

If you wish to access any of the above mentioned rights, we may ask you for additional information to confirm your identity and for security purposes, in particular before disclosing personal data to you. We reserve the right to charge a fee where permitted by law, for instance if your request is manifestly unfounded or excessive.

You can exercise your rights by contacting us. Subject to legal and other permissible considerations, we will make every reasonable effort to honour your request promptly or inform you if we require further information in order to fulfil your request. 

We may not always be able to fully address your request, for example if it would impact the duty of confidentiality we owe to others, or if we are legally entitled to deal with the request in a different way.

CONTACT US

The primary point of contact for all issues arising from this privacy notice is our Data Protection Team. The Data Protection Team can be contacted in the following ways:

Email address: dataprotection@angloamerican.com

Telephone number: +44 (0)20 7968 8888

Postal address: 20 Carlton House Terrace, London, SW1Y 5AN

If you have any questions, concerns or complaints regarding our compliance with this privacy notice, the information we hold about you or if you wish to exercise your rights, we encourage you to first contact our Data Protection Team. We will investigate and attempt to resolve complaints and disputes and make every reasonable effort to honour your wish to exercise your rights as quickly as possible and in any event, within the timescales provided by data protection laws.

To contact your data protection supervisory authority

You have a right to lodge a complaint with your local data protection supervisory authority (i.e. the supervisory authority in your place of habitual residence, place or work or place of alleged infringement) at any time. We ask that you please attempt to resolve any issues with us before your local supervisory authority.

COOKIE POLICY

IP Addresses, Cookies and GIFS

We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and to report aggregate information to Our advertisers. This is statistical data about Our users’ browsing actions and patterns, and does not show personal details that identify you.

For the same reason, We may obtain information about your general internet usage by using a cookie file which is stored on the hard drive of your computer. Cookies are small pieces of information sent by a web server to a web browser which allow the web server to recognise the web browser. They help Us to improve Our Site and to deliver a better and more personalised service. They enable Us:

  • To estimate Our audience size and usage pattern.
  • To store information about your preferences, and so allow Us to customise Our Site according to your individual interests.
  • To speed up your searches.
  • To recognise you when you return to Our Site.

You can control how your browser handles cookies received from websites. You can choose to refuse all cookies, or to be prompted before a cookie is saved to your hard drive, or to only accept cookies from certain websites that you designate. Information on deleting or controlling cookies is available at www.AboutCookies.org. By refusing to accept cookies from Us, you may not be able to use some of the features and functionality available on Our Site.

Here is a list of the cookies on Our Site and what they are used for:

Cookie NamePurpose Type of cookie
.AspNet.ApplicationCookie Authentication cookie used by the Site to authenticate the user logging on to the Site. Session & First Party Cookie
ASP.NET_SessionId In ASP.NET issues a cookie called ASP.NET_SessionId. This cookie contains the user’s session ID and the cookie will expire at the end of the session (when you close your browser). This cookie does not store personal data about you. Session & First Party Cookie
__RequestVerificationToken This is an anti-forgery token (preventing CSRF attacks). It guarantees that the poster is the one who gets the form. Session & First Party Cookie
_ga This cookie is used to distinguishes unique users by assigning a randomly generated number as a client identifier. It is included in each page request in a site and used to calculate visitor, session and campaign data for the sites analytics reports. By default, it is set to expire after 2 years. Persistent & First Party Cookie
_gat This cookie is used to distinguishes unique users by assigning a randomly generated number as a client identifier. It is included in each page request in a site and used to calculate visitor, session and campaign data for the sites analytics reports. By default, it is set to expire after 2 years. Persistent & First Party Cookie
_gid Used to distinguish users. By default, it is set to expire after 24 hours. Persistent & First Party Cookie

We may use “clear GIFs” (aka “Web beacons” or “pixel tags”) or similar technologies, in Our Site and/or in our communications with you to enable Us to know whether you have visited a web page or received a message. A clear GIF is typically a one-pixel, transparent image (although it can be a visible image as well), located on a web page or in an e-mail that communicates to Us whether you viewed an email that We sent you or visited a certain page on Our Site. A clear GIF may enable Us to relate your viewing or receipt of a web page or message to other information we hold about you.

Our server automatically collects data about your server’s internet address when you visit Us. This information, known as an Internet Protocol address, or IP Address, is a number that’s automatically assigned to your computer by your internet service provider whenever you’re on the internet. When you request pages from Our Site, Our servers may log your IP Address and sometimes your domain name. Our server may also record the referring page that linked you to Us (e.g., another website or a search engine); the pages you visit on Our Site; the website you visit after Our Site; the ads you see and/or click on; other information about the type of web browser, computer, platform, related software and settings you are using; any search terms you have entered on Our Site or a referral site; and other web usage activity and data logged by Our web servers. We use this information for internal system administration, to help diagnose problems with Our server, and to administer Our Site. Such information may also be used to gather broad demographic information, such as country of origin and internet service provider. Any or all of activities with regard to Our Site usage information may be performed on our behalf by our services providers.