Privacy Policy

PRIVATE POLICY AND DATA SECURITY recognises that privacy and security is a major concern. We have therefore set out below the guidelines we use for protecting your personal information. Please read this Privacy Policy carefully and check it periodically since it may change from time to time.

GFG Jewellery privacy commitment

The website (the "Site") is committed to safeguarding your privacy online. We will only collect, store and use your Personal Information for the specific purposes of supporting and enhancing our relationship with you. We only share your Personal Information in accordance with the General Data Protection Regulation effective 25 May, 2018 and other applicable laws. You may contact at any time with any privacy questions or concerns and to see the Personal Information you have given us and request correction.


Your use of the Site, and any disclosure of Personal Information via the Site signifies your consent to us collecting and using Personal Information about you in accordance with this Privacy Policy.

You agree that you do not object to us using your Personal Information for any of the purposes outlined in this privacy policy and you confirm that you do not and will not consider any of these purposes as a breach of any of your rights under the Privacy and Electronic Communications (EC Directive) Regulations 2003.

How does GFG Jewellery collect your Personal Information?

We call Personal Information that identifies, or that could reasonably be used to identify, you as an individual, as “Personal Information”.

We may collect Personal Information through some of the following ways:

  • When you register or use (the "Website").
  • When you are registered on the GFG Jewellery customer relationship management or "CRM" system.
  • When you contact GFG Jewellery by telephone, mail, in person or email.
  • When you enter any prize draws or competitions run by GFG Jewellery (or in some cases, in partnership with GFG Jewellery).
  • When completing any surveys that we send to you for research purposes (although you are under no obligation to complete these).
  • When completing any forms for transactional, employment or other purposes.

What sort of Personal Information will GFG Jewellery collect about you?

In addition to personal details such as your name, address, email and telephone number, GFG Jewellery may also collect some of the following Personal Information details about you:

  • Transactions you make from GFG Jewellery (via the Website, email or through our bespoke team).
  • Your shopping preferences, such as your favourite items and experiences.
  • Your visits to the Website and the resources that you access.
  • When you contact GFG Jewellery by email or post. Please note that we may keep a record of that correspondence, so we can track any problems or concerns you’ve had with our website or any of the partners’ stores on our website.
  • When you contact GFG Jewellery by phone. If you contact by telephone (via our customer service centre or otherwise) we may record, store and use that call for future training or business purposes. This includes, without limitation, use for the purpose of dispute resolution and/or complaints management.
  • Any other information from which we can identify you (or which is available on public registers).

We'll also ask you questions at registration, and from time to time by email, that will give us information that will be used to improve your experience of shopping at You do not have to answer these questions, but if you do we can communicate with you in a more relevant way.

How we use your Personal Information

All the information we collect via the Site, or through correspondence (including telephone calls) with you is used to operate and improve the service we offer you and to personalise our service. We are committed to using your Personal Information only for:

  1. Supplying goods and services to you and for customer administration. 
  2. Processing payments and preventing fraudulent transactions.
  3. Planning and managing's business activities, including analysis of customers' shopping habits, success of advertisements and push notifications and product and style preferences of our customers.
  4. Technical administration of our website.
  5. Providing you with information, offers and news about the services we offer from through our email platform MailChimp (see Mailchimp's Privacy Policy here)
  6. Letting you know about offers, news and products from ourselves and partner's on our site.
  7. We may make your name and email address available to companies in order to advertise and market our services to you through other platforms on the internet (e.g. Facebook).
  8. Handling payment transactions (please note, your personal data is stored within our third-party payment systems Stripe and Paypal)
  9. Accessing and processing your job application (we may retain a record of your information for a reasonable period of time following the end of our recruitment selection process for administration purposes).
  10. Database management and managing contacts.
  11. Please note that we may retain your Personal Information for a reasonable period of time after you have completed transactions in order to fulfil any customer-service related contractual obligations such as refunds, guarantees, etc. We may also retain your details for processing payments and preventing fraudulent transactions, but these are passed on to our authorised third-parties to carry out these functions.
  12. For our e-mail marketing platform MailChimp, all old event data is archived automatically for a period of 24 months by default. More about their Data Retention here

During your registration process you are given the opportunity to select some of the ways in which we may use your Personal Information.

We will treat all your Personal Information as private and confidential, although we reserve the right to disclose this information in certain circumstances, as set out below:

  1. When we instruct agents, contractors or third party service providers to provide business operations support (including marketing advice and support), financial services and technology services. Please note that these third parties are under contract, and our service agreements dictate that they only use your information in connection with the services they perform for us and not for their own benefit.
  2. In the unlikely event that our business assets are ever sold to or purchased by another company (our data records are part of our business), you will receive notice of any such event and we will use our reasonable endeavours to ensure that the new combined entity will follow the practices disclosed in this Privacy Policy.
  3. To outside research companies whom we may ask to contact you directly for your opinions on our service, and our partners' products and services (in which case we provide them with only the information they need to perform their function and with your consent).
  4. If we are requested by the police or a regulatory or government authority investigating illegal activities to provide information concerning your activities whilst using the network we shall do so.
  5. In circumstances where you contact us by telephone, calls may be recorded for quality, training and security purposes. Calls may also be monitored without your consent for the following circumstances: to provide evidence of a business transaction; to prevent or detect a crime; to investigate the unauthorised use of a telecom system; to ensure that a business complies with regulatory procedures; to see that quality standards or targets are being met; in the interests of national security; and to secure the effective operation of the telecom system.

Managing your orders

We may monitor and review communications between you and our partners on our Content Management System (CMS), solely for the purposes of ensuring that your orders are managed appropriately by our partners and our customer service team, and in accordance with the terms and conditions that we have in place with our partners.

Other Data

We call data other than Personal Infrmation "Other Data." We collect Other Data through a varity of sources. One of our sources for Other Data is our Trustmark app, cookies used throughout our site, and other technologies that record Data about the use of our websites, websites that implement our Services, and the use of our Services generally.

Other Data we may collect includes:

  • Trustmark app data, such as engagements, views, operating system, internet browser, IP address, device type, and other anonymous interactions with the Trustmark.
  • Cookie and tracking technology data, such as time spent on the Services, pages visited, language preferences, and other anonymous traffic data.

How We Use Other Data

  1. Research, which will only incorporate anonymous information from the Trustmark App, and analytic platforms such as Google Analytics, Hotjar and Survey Monkey.
  2. To improve or modify our Services.

Data over the internet

The internet is a global network, so it is possible for your data to travel internationally, which may include places outside the European Union. If you visit or shop at, you're agreeing and authorising us to process data in this way.

How we protect information

You acknowledge that the Internet is not a 100% secure medium for communication and, accordingly, we cannot guarantee the security of any information you send to us (or we send to you) via the Internet. We are not responsible for any damages which you, or others, may suffer as a result of the loss of confidentiality of such information.

We take every precaution to protect your information. To this end all Personal Information stored by us is kept on a server in a secure environment.

Secure Socket Layer ("SSL") encryption technology is used for protection of information in transit for any sensitive transactions such as payments. SSL is provided by Comodo SSL.

We do not store or process your card details ourselves, they are processed and stored via PayPal and Stripe, as third party service providers.

Only employees, our partners and any third party service providers who need the information to perform a specific job are granted access to personally identifiable information.

Storing your credit and debit card details

We do not store your credit or debit card details with when you purchase a product with us. All sensitive information is protected with a Secure Socket Layer (SSL) protocol. Personal Information is protected by our respective third-party payment gateways, PayPal, which provides world-class security, iZettle and Stripe.

All PayPal transactions are subject to the PayPal Privacy Policy, and all PayPal data and information are under strict security and confidentiality. You can learn more about PayPal’s compliance with Data Protection Laws here (under “Legal Agreements”, under section 3.2.5 “Your Refund Policy, Data Protection, Privacy Policy, and Security”, effective May 25, 2018).

All Stripe transactions are subject to the Stripe Privacy Policy. You can learn more about Stripe’s compliance with Data Protection Laws here.

All iZettle transactions are subject to the Stripe Privacy Policy. You can learn more about Izettle compliance with Data Protection Laws here.

We will not keep your Personal Information processed by us for any purpose or purposes for longer than is necessary for that purpose or for those purposes. Under data protection legislation you have the right to access information held about you. If you choose to exercise this right, then any access request may be subject to a fee to meet our costs in providing you with details of the information we hold about you. Please contact Customer Service at 

How you can help us protect your information

Please keep in mind that whenever you voluntarily disclose Personal Information online in non-protected environments - for example on message boards, through email, or in chat areas - that information can be collected and used by others. In short, if you post Personal Information online that is accessible to the public, you may receive unsolicited messages from other parties in return. Also remember to close your browser window when you have finished your work. This is to ensure that others cannot access your Personal Information and correspondence if you share a computer with someone else or are using a computer in a public place like a library or Internet café. We cannot ensure or warrant the security of any information you transmit to us, and you do so at your own risk. Once we receive your transmission, we make our best effort to ensure its security on our systems.

Choice and Access

You have choices regarding our use and disclosure of your Personal Information:

  1. Opting out of receiving electronic communications from us. If at any point you no longer wish us to hold your Personal Information or you do not wish to receive marketing-related emails from us then there are a number of ways you can unsubscribe. These are as follows:

    • You can delete your online account with us by simply logging in to your Profile and clicking “Delete Profile”.
    • You can click onto the "unsubscribe" link in any communication that we send to you by email which will automatically unsubscribe you from that type of communication. Each "unsubscribe" link only relates to that specific type of communication (e.g. marketing communications or survey communications). This means that unsubscribing from marketing communications will not automatically unsubscribe you from our survey communications (or vice versa).
    • You can click onto “Manage Your Preferences” in any communication that we send to you by email to choose which type of communication you would like to belong to.

    Please also note that you may continue to receive communications which are already on route to you for a short period of time while your relevant unsubscribe request is being processed.

  2. Access or change to personal data. If you would like to review, correct, or update Personal Information that you have previously disclosed to us, you may do so by signing in to your GFG Jewellery account or by contacting us.

    All subject access requests are subject to an administration fee (which is currently £10) and will provide a copy of the information we hold. Please note that in certain circumstances we may withhold access to your information where we have the right to do so under current data protection legislation. To make a request or if you believe that any information we are holding about you is incorrect or incomplete, please e-mail us at

  3. Erasure from our records. If you would like your information completely erased from our records, you can do so by contacting (see ‘Further Information’ for more contact details).

    If emailing us your request, please make clear in the email what Personal Information you would like to have changed or would like access to (‘subject access request’). For your protection, we may only implement requests with respect to the Personal Data associated with the particular email address that you use to send us your request, and we may need to verify your identity before implementing your request. We will try to comply with your request as soon as reasonably practicable.

The Website may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and does not accept any responsibility or liability for these policies. Please check these policies before you submit any personal details to these websites.

What is our policy on children users of our Site?

We do not knowingly collect or maintain personally identifiable information from persons under 13 years old, and no part of our Site is directed to persons under 13. If you are under 13 years of age, please do not use or access our site at any time or in any manner. If GFG Jewellery learns that personally identifiable information of persons less than 13 years old has been collected without verifiable parental consent, then we will take the appropriate steps to delete this information. If you are a parent or guardian and discover that your child under the age of 13 has obtained a GFG Jewellery account, then you may alert us at the address below and request that we delete that child’s Personal Information from our systems.

Further information

If you have questions about your personal data or our privacy policy, please contact us at Alternatively, you may call us at +44(0)2073707275. Our business hours are Monday to Friday, between 09:30 to 17:30 hours (GMT).

To see all the information we have about you, and to correct any inaccuracies, please write to us at: GFG Jewellery, 17 Hanover Square, London W1S 1BN.

Changes to privacy policy

We reserve the right to change our privacy policy, whilst of course keeping it within all relevant legislation and guidelines. We will do all we can to ensure that these pages show the most up to date information at all times, and may notify you of such changes by uploading the revised privacy policy on the website.

Third Party partners privacy policies

We are not responsible and do not warrant or guarantee that the privacy policies, of any partner, or any other companies that your Personal Information is passed to in accordance with this Privacy Policy, comply with data protection legislation. We are not responsible for any damages which you or others may suffer as a result of the loss of confidentiality of such information. When you place an order with any partner of GFG Jewellery, your personal details that you submit at registration must by necessity be forwarded along with the order, so you will need to verify their privacy policy directly with them if you wish.