Privacy Policy

Personal Information We Collect

When you visit the Site, we automatically collect certain information about your device, including your web browser, IP address, time zone, and some of the cookies installed on your device. Additionally, as you browse the Site, we collect information about the individual web pages or products you view, what websites or search terms referred you to the Site, and how you interact with the Site. We refer to this automatically collected information as “Device Information”. 

We collect Device Information using the following technologies:

• Cookies: are small data files stored on your device with a unique ID. Learn more about cookies and how to disable them.
• Log files: We track activity on the site and collect data like IP address, browser, ISP, pages visited, and time stamps.

“Web beacons”, “tags”, and “pixels” are electronic files used to record information about how you browse the Site.

Additionally when you make a purchase or attempt to make a purchase through the Site, we collect certain information from you, including your name, billing address, shipping address, payment information (including credit card numbers), email address, and phone number. But we do not store your credit card and other payment details with us. We refer to this information as “Order Information”.

When we talk about “Personal Information” in this Privacy Policy, we are talking both about Device Information and Order Information.

When you make a purchase through the Site, we collect:

• Name, billing & shipping address
• Payment details (not stored)
• Email & phone number

We refer to this “Personal Information” as both Device Information and Order Information.

 

• Who is the Data Controller for the purposes of GDPR?
  • Gemsbuild is the data controller for the personal information that we process, unless otherwise stated. You can contact us in the following ways:

    • Postal Address: E 6, Jhandewalan Extension, Second Floor, Rani Jhansi Road, New Delhi – 110055, India

    • Contact Number: +91 7011595969

    • Email Address: support@gemsbuild.com

 

• Our services are intended solely for individuals who are 18 years of age or older, and are not directed toward children. By using our Services, you confirm that you are at least 18 years old.

How We Use Your Information

We collect the following types of information from you during the course of your interaction and usage of our Website,

• To Process Orders: We Use Your personal information to process and fulfill your orders, including shipping and payment processing.
• Browsing Data: Browsing data refers to the information collected when you interact with our Website, such as searching for products, viewing product details, reading reviews or blogs, accessing your account page, adding or removing items from the cart, or placing an order.
  
• Personalize Recommendations and Offers: We may use your browsing and order data to personalize your shopping experience by suggesting products, promotions, and offers that are most relevant to your interests. This helps us ensure that your interaction with our Website feels tailored and meaningful.
• Content Data: Content data includes all order-related details you submit, such as the product category, number of units, price of each item, and any specific instructions or requests provided in the comments section of your order
• Chat messages data: When you reach out to our assistance team, we use your chat messages and communication data to address your questions, guide you in selecting the right products, provide details about Gems availability or Gemstone Certification resolve any issues you may face before, during, or after placing an order.

How We Protect Your Information

• We take the security of your personal information seriously and implement a combination of technical, administrative, and organisational measures to safeguard it from unauthorised access, misuse, loss, or disclosure.
• Secure Transmission of Data (SSL Encryption): All data transmitted between your device and our Website is protected using SSL (Secure Socket Layer) encryption. This ensures that any personal information you provide, including login credentials and payment details, is encrypted and cannot be intercepted during transmission.
  
• Secure Servers and Infrastructure: Your personal data is stored on secure servers that are protected by firewalls, intrusion detection systems, and continuous monitoring tools. Regular system updates, security patches, and vulnerability testing are conducted to minimize risks.
• Payment Security & PCI Compliance: All payments made through our Website are processed by PCI DSS–compliant payment gateways. We do not store or have direct access to your full credit card or financial details. This approach ensures that your sensitive payment information is handled in accordance with international security standards.
• Access Control and Confidentiality: Only authorized personnel with a legitimate business need are granted access to your personal information. All such personnel are bound by strict confidentiality obligations and are regularly trained on data protection and privacy practices.
• Data Minimization and Encryption at Rest: Where applicable, we employ data minimization practices by collecting only the information necessary for service delivery. Sensitive data is encrypted when stored (“encryption at rest”) to add an additional layer of protection.
• Regular Security Reviews and Monitoring: We continuously monitor our systems for potential threats, suspicious activity, or unauthorized access attempts. Periodic internal audits, risk assessments, and third-party security reviews are conducted to strengthen our defenses.
• Incident Response and Breach Handling: In the unlikely event of a data breach, we have a defined incident response plan in place. Affected users will be notified promptly in accordance with applicable legal requirements, and corrective measures will be taken immediately.

How Long do we keep your information

• We are committed to retaining your personal information only for as long as it is necessary to fulfill the purposes outlined in this Privacy Policy, and in accordance with applicable legal, regulatory, and business requirements.
  • We will archive and stop actively processing any personally identifiable information (PII) about you within 6 months from the last time you accessed your account or visited our Website. Once archived, your data will be securely stored and will no longer be used for active business purposes.
    
  • We will permanently delete your personal data from our systems and archives no later than 6 years from the last time you used our Website, unless you exercise your right to request earlier deletion under applicable data protection laws.
  • In certain circumstances, we may be legally or contractually required to retain specific data for a longer period, such as for tax filings, accounting, record-keeping, fraud prevention, dispute resolution, or compliance with regulatory and auditing obligations.
    
• Once the retention period has expired, we ensure that your personal data is either securely deleted, anonymized, or destroyed in a manner that prevents unauthorised access or misuse

Sharing Your Information

• Third-Party Providers: We may share your personal information with carefully selected and trusted third-party service providers. These providers assist us in operating our website, processing payments, delivering products, providing customer support, marketing, analytics, and other essential business functions. Each provider is contractually obligated to handle your information securely and to use it solely for the purposes we specify. They are not permitted to use your information for their own independent purposes.
• Legal Requirements: We may disclose your personal information if required to do so by law, regulation, legal process, or in response to valid requests by public authorities (such as a court, government agency, or law enforcement body). We may also disclose information when we believe it is necessary to:

  • Protect our rights, property, or safety, as well as that of our customers or others.

  • Detect, prevent, or address fraud, unauthorised use, or security issues.

  • Enforce our terms and conditions or other contractual obligations.

• Business Transfers: In the event of a merger, acquisition, reorganisation, sale of assets, or bankruptcy, your information may be transferred as part of the business assets. In such cases, we will ensure that your information remains protected and that you are notified before any transfer becomes subject to a different privacy policy.

Cookies and Tracking Technologies

• Use of Cookies: Our website uses cookies to enhance your browsing experience. Cookies are small files stored on your device that help us remember your preferences and understand how you use our site.
• Managing Cookies: You can manage your cookie preferences through your browser settings. However, disabling cookies may affect the functionality of our website.

Changes to This Privacy Policy

• We may update or revise this Privacy Policy from time to time to reflect changes in our practices, services, legal requirements, or other factors. Whenever we make changes, we will post the updated version on this page and revise the “Effective Date” at the top of the policy.
• We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of our website or services after any modifications indicates your acceptance of the updated policy.
• If the changes are significant, we may also notify you directly by email, website notification, or other appropriate means before the changes take effect, so you are always aware of what information we collect, how we use it, and under what circumstances we may disclose it.

Ways to Reach Us

If you have any questions about our Privacy Policy, contact us at:

• Email: support@gemsbuild.com