Welcome to Heart of the Ocean™ Jewelry - Inspired by the Iconic Necklace from Titanic

Menu

Welcome to Heart of the Ocean™ Jewelry - Inspired by the Iconic Necklace from Titanic

Privacy policy

Privacy Policy

Protection and processing of personal data on Heart of the Ocean

1. Data controller


Contact form

This entity acts as the data controller of the personal data collected via the website.

2. Personal data collected

When using the website and placing orders, Heart of the Ocean may collect, in particular, the following categories of personal data:

  • identification data, such as first name, last name, billing address and delivery address;
  • contact data, such as e-mail address, telephone number and the content of messages sent;
  • data relating to orders, payments, refunds, returns and after-sales service;
  • technical and browsing data, such as IP address, device type, browser used, pages viewed and interactions on the website;
  • data relating to requests sent via the contact form, customer communications or newsletter subscription, where such functionality is offered.

3. Purposes of processing

Personal data is processed only for specified, explicit and legitimate purposes, including in particular:

  • managing orders, payments, deliveries, returns and refunds;
  • responding to contact requests, requests for information or after-sales service requests;
  • managing the customer relationship;
  • sending communications relating to an order or its performance;
  • preventing abuse, fraud, unlawful use or security incidents;
  • complying with applicable legal, accounting, tax and administrative obligations;
  • measuring audience and improving the website, subject to the rules applicable to cookies and trackers;
  • sending marketing communications where the Customer has consented or where the law allows it.

4. Legal bases

Depending on the circumstances, processing activities are based on one or more of the following legal bases:

  • the performance of a contract or pre-contractual steps, in particular for order management;
  • compliance with a legal obligation, notably in accounting, taxation or evidentiary matters;
  • the legitimate interests of the data controller, for example for website security, fraud prevention, dispute management or service improvement;
  • the consent of the data subject, in particular where required for certain cookies, trackers or marketing communications.

5. Payment and transaction security

Payments made on the website are processed through specialised and secure technical service providers. Heart of the Ocean is not intended to store the Customer's full banking details on its own systems, unless the Customer is clearly informed otherwise.

Strictly necessary data may be transmitted to service providers involved in payment processing, fraud detection or reimbursement.

6. Data recipients

Personal data may be disclosed, strictly to the extent necessary, to the following categories of recipients:

  • technical service providers involved in hosting, maintenance or website operation;
  • payment service providers;
  • carriers and logistics partners responsible for delivery;
  • analytics, security, customer support or e-mail service providers;
  • professional advisers, administrative authorities or judicial authorities where required or permitted by law.

These recipients only access the data necessary for the performance of their tasks.

7. Retention period

Personal data is kept for no longer than necessary for the purposes for which it is processed, subject to longer retention periods imposed by law or required for the management of a dispute.

By way of indication:

  • data relating to orders, invoices and accounting obligations may be kept for the period required by applicable regulations;
  • data relating to contact requests is kept for the time necessary to process the request and follow it up;
  • data used for marketing purposes is kept until consent is withdrawn, the data subject objects, or the data is no longer relevant;
  • technical data and trackers are kept in accordance with the retention periods specified in the Cookie Policy or according to the applicable technical settings.

8. Cookies and similar technologies

The website may use cookies and similar technologies in order to ensure its proper functioning, improve the user experience, measure audience or, where applicable, offer adapted content or advertising.

Some cookies are strictly necessary for the operation of the website. Others require the user's prior consent depending on their purpose. Further details are provided in the Cookie Policy.

9. Data sharing opt-out

As described in this Privacy Policy, we may collect personal information through cookies and similar technologies and, where applicable, share certain information with third parties, including advertising partners, in order to provide more relevant advertising or for other purposes described in this policy.

Depending on where you live, you may have the right to opt out of certain processing activities that may be considered a “sale”, “sharing” or “targeted advertising” under applicable U.S. state privacy laws.

Where such a right is available, you may exercise it through the dedicated opt-out mechanism made available on our website.

10. Transfers outside the European Economic Area

Certain technical service providers used in connection with the operation of the website may be located outside the European Economic Area or may process certain data there.

Where such transfers take place, Heart of the Ocean ensures that they are based on a mechanism recognised by the applicable regulations, such as an adequacy decision, standard contractual clauses or any other appropriate safeguard provided for by the GDPR.

11. Rights of data subjects

Each data subject has, within the limits laid down by the applicable regulations, the following rights:

  • the right of access to their data;
  • the right to rectification;
  • the right to erasure;
  • the right to restriction of processing;
  • the right to object;
  • the right to data portability where applicable;
  • the right to withdraw consent at any time where processing is based on consent;
  • the right to lodge a complaint with the competent supervisory authority.

12. Exercising your rights

To exercise these rights or ask any question relating to the processing of personal data, the data subject may contact Heart of the Ocean via our contact form.

Heart of the Ocean may request reasonable proof of identity where necessary in order to prevent any unauthorised disclosure of personal data.

13. Complaint to the supervisory authority

Without prejudice to any other administrative or judicial remedy, any data subject has the right to lodge a complaint with the competent supervisory authority.

In Belgium, this authority is:
Data Protection Authority
Rue de la Presse 35
1000 Brussels
Website: https://www.dataprotectionauthority.be

14. Security

Heart of the Ocean implements appropriate technical and organisational measures to protect personal data against destruction, loss, alteration, unauthorised disclosure or unauthorised access, taking into account the nature of the data processed and the risks presented by the processing.

15. Updates to this policy

This Privacy Policy may be amended at any time in order to reflect legal, regulatory, technical or organisational developments. The applicable version is the one published on the website at the time of consultation.