We at Amori Jewellery are committed
to protecting the privacy of our customers and other visitors who use our
website. This Privacy Policy informs you how Amori Jewellery (hereinafter
"Amori", "we", "us" and "our") to
process your personal data. For the purposes of this Policy, Amori is the
controller. This Privacy Policy concerns all Amori website, products and
services, which collect personal data or which are linked to this Privacy
Policy or on which this Privacy Policy is visible. Defined terms used in this
Privacy Policy are explained in Section 11, below.

We believe that you should know what
personal data we collect, as well as to understand your rights in respect of
your personal data. In this Privacy Policy we explain the purposes of
collecting and use of your personal data as well as how we have ensured that
you have adequate control over your own personal data.

We recommend that you read this
Privacy Policy carefully as it provides important information about personal
data and other information that we collect.

LAWFUL BASIS OF PROCESSING

Summary

We may process your data based on one
of three main legal grounds: (1) your consent; (2) any contract between you and
us; and (3) our legitimate interests.

We collect your personal data based
on one or many of the following legal bases:

we have obtained your prior express
consent (written, verbal or online) to the processing of your personal data
(this legal basis is only used in relation to processing that is entirely
voluntary - it is not used for processing that is necessary or obligatory in
any way);

the processing is necessary in
connection with any contract between Amori and you ("contractual
necessity"); or

we have a legitimate interest in
carrying out the processing for the purpose of managing, operating or promoting
our business, and that legitimate interest is not overridden by your interests,
fundamental rights, or freedoms ("legitimate interests").

You have a right to withdraw your
consent to the processing of your personal data, at any time, by contacting
Customer Service.

PERSONAL DATA WE COLLECT

Summary

We collect the following information:

Information provided directly by you

Information collected when our website
or interactive products or services are used

Information related to the purchases
and other business with us by you

Information collected from other
sources which may be combined with the user account details

Please note that we do not collect any
payment information. All payment data are processed by authorised third party
payment services providers and are encrypted using a minimum of 128-bit
SSL encryption.

We may collect personal data either
directly from you, automatically from your devices that interact with our
services, or from third party sources as described below.

Information collected directly from
you:

Contact details: your name, email
address(es), telephone number, postal address;

Demographic information: gender, date
of birth or age, language, title or degree;

Information related to your account:
payment type or method, username, encrypted password, account picture;

Any consents, communications and
feedback that you provide to us;

Personal interests notified by you;

Work-related information provided by
you: company/employer's name and contact details;

Gift purchase information: the
recipient's name, contact address, delivery address(es), telephone number and
email address(es); and

Other information collected on the basis
of your prior, express, voluntary consent (including public social media
profiles).

Information collected when our
website or interactive products or services are used:

Your user account identity and
registration date (if you are logged in);

Your browser, operating system,
device model, IP-address, time of access and duration of access;

Location data (including details of
your WiFi-connection point, GPS coordinates or similar measure (read more: use
of location data));

Web pages through which our website
was accessed, the pages browsed by you, all other actions with our website
during your website visit (e.g., interactions, referral sites, search key
words);

Cookies and other identification
tags;

Marketing information: the benefits,
campaigns and services directed or offered to the customer and your usage of
them; and

Other information collected based on
your consent.

Information related to your
purchases:

Information on orders, deliveries,
payment methods, billing address(es), delivery address(es), and other
information related to any business you may do with Amori;

Your contacts with Customer Service
and communication with you;

Your participation in our promotions
and contests; and

Your contact information.

Information collected from other
sources which may be combined with your user account:

If you have connected to our website,
service or social media channel using your social media profile(s), we may
collect the public information available on your social media profile(s);

We may purchase information from
third parties to complement the data collected by us;

We may collect information from
public registers maintained by authorities, if such registers are available in
your country; and

Updated delivery and contact
information from delivery agents.

We use third party service providers
for payment processing,  in which case you will be directed to the
relevant third party service provider's website which is subject to that third
party service provider's terms and conditions. Amori does not store credit card
information.

HOW AMORI USES YOUR PERSONAL DATA

Summary

We collect your personal data in order
to offer you our products and services in the best possible way; to create a
smooth shopping experience; and to operate and maintain our website and
services effectively. We use the collected information for the following
purposes:

Offering products, marketing and
personalising

Customer loyalty programs and other
user accounts

Customer service

Product and services development and
anonymised reporting

Orders

Detection, investigation and prevention
of unlawful activities

Identifying users

We may process your personal data for
the following purposes:

Offering products, marketing and
personalising

We want to offer you the most
interesting products and services and therefore we may analyse your interests,
preferences and needs.

We may process your personal data to
manage our relationship with you, in the context of marketing and sales
purposes as follows: managing the customer relationship lifecycle, customer
segmentation and improving effectiveness.

In addition, we may process your
personal data to optimise our website, product recommendations and product
assortment to better meet your preferences, enabling us to show and offer you
better and more relevant products and content. For this purpose, we may create
an account (which may be a guest account for non-logged-in users) which is
based on the data provided by you and data collected by us in accordance with
this Privacy Policy. The account may also include records of whether you have
opened any emails we have sent you, and clicked on any content within those emails.

Your personal data may be processed
for the purposes of informing you about our products and services, announcing
any new product or service launches or benefits available to you, and
concluding market surveys, provided that we have first obtained any necessary
consent, where required for such use, in accordance with the applicable law.
Such marketing may be carried out as follows:

Direct marketing through mail or
telephone, including text messages;

Electronic messaging: emails and
other electronic messages; and

Digital online marketing (e.g.,
displays, search engine marketing)

Customer service

We may process your personal data for
the purpose of providing personal and customised services when you contact our
Customer Service team.

Our Customer Service team may process
your personal data if you contact them. Your calls to the Customer Service team
may be recorded, in which case you will be informed of such recording
beforehand. We may connect the personal data collected by the Customer Service
team with other personal data, such as your purchase history, which enables us
to provide you with as efficient and personal service as possible.

Your personal data may also be
processed for warranty-related activities, such as activating the warranty,
claims related to warranties and registering additional warranties for certain
items.

Product and services development and
anonymised reporting

Product and services development is
essential to us and enables us to provide our customers with ever better, more
innovative and user-friendly products and services.

We may process your personal data and
account details to both improve our existing products and services, and to
develop new ones. We may connect any feedback and communication received from
you with your account.

We may use your responses to consumer
surveys, consumer panels, and consumer questionnaires to analyse our customers'
preferences, expectations and opinions. The processing of personal data
collected through such research, panels and surveys is governed by this Privacy
Policy. Such measures may include for example:

Surveys/research conducted via our
website: We may use questionnaire tools on our website to improve our customer
experience from time to time.

Loyal customer community: To improve
our service and our program to meet our customers' needs we may provide you
with surveys or research questions concerning our products and services
(whether in hard copy or online).

Research/surveys sent via email: We
may, from time to time, send you surveys concerning our products and services
via email, subject always to compliance with this Privacy Policy and the
requirements of applicable law.

We use anonymised data for reporting
purposes. Such data have been anonymised and cannot be used to identify you. We
use such data to analyse the realisation of our commercial objectives, such as
effectiveness of our product campaigns. Such anonymised data may contain:

Aggregate visitor numbers of our
website;

Aggregate visitor numbers of our
stores;

Average visit duration;

Typical visitors path on our site or
our store; and

Certain measurements related to our
product sales.

Orders

If you have ordered products or
services from our website or physical stores, we may process your personal data
for the purposes of processing your order(s).

Payment details are not stored in our
systems. Instead, payment data are provided by you directly to our third party
payment services providers.

Detection, investigation and prevention
of unlawful activities

We may process your personal data for
the purposes of detecting, investigating and preventing unlawful activities. We
may provide your information to law enforcement authorities based on their
request, or based on a legal basis defined in any applicable law for prevention
and investigation of fraud and other unlawful activities. We may disclose your
personal data to any party in response to an order from a court of competent
jurisdiction.

Identifying users

We may identify you for the purposes
of providing you with more personalised and customised services, and a better
experience.

We may identify your online
activities based on cookies. In mobile
applications and website, we may identify you based on your log-in details.

Identifying you in any of our
physical stores requires your name and postal address and possibly ID
verification.

HOW LONG YOUR DATA IS STORED

Summary

Your data are stored as long as your
online account is valid, plus the applicable period for limitation of legal
claims, and any additional periods required or permitted under applicable law.

Remember to update your information if
any material changes occur.

We take every reasonable step to
ensure that your personal data are only processed for the minimum period
necessary for the purposes set out in this Privacy Policy.

If you have created an account on our
website your personal data will be retained until such time as you either
terminate the account or request that your data be deleted. To ensure that you
receive news, offers and other information you are interested in, you may be
asked to update your data once in twelve (12) months when you use your website
account or when you purchase products in any of our local stores.

The criteria for determining the
duration for which we will keep your personal data are as follows: we will
retain copies of your personal data in a form that permits identification only
for as long as is necessary in connection with the purposes set out in this
Privacy Policy, unless applicable law requires a longer retention period. In
particular, we may retain your personal data for the duration of any period
necessary to establish, exercise or defend any legal rights.

HOW WE DISCLOSE YOUR PERSONAL DATA TO OTHER PARTIES

Summary

We do not disclose your data to third
parties, except for processors and approved third parties, in accordance with
applicable law. We do not sell, lease or rent your data. Your data are adequately
protected if transferred internationally. We may provide your data if needed
for lawful requests, fraud combating, mergers or acquisitions or protection of
our interests.

Except as described in this Privacy
Policy we do not sell, lease, rent or otherwise disclose your personal data to
a third party.

We disclose your personal data only
to the parties indicated below and for the following reasons only:

Affiliates and third party
processors. We may disclose your personal data to authorised third party vendors who
process the data for us. All such processing is based on our prior instructions
set out in a binding contract that is compliant with the requirements of
applicable law, and is conducted in accordance with this Privacy Policy. Such
disclosures may include disclosing your personal data to payment services
providers, companies that facilitate your orders, delivery companies, customer
service teams, and companies that analyse and manage consumer data for us,
conduct credit checks, market research and marketing campaigns. These
authorised third parties are not permitted to use your personal data for any
other purposes than those described in this Privacy Policy and they are
required to keep your personal data strictly confidential. We also require them
to use high standard security measures to protect your personal data.

International transfers. Our services
may be provided using resources and servers located in various countries,
partly located outside of EU/EEA. Therefore your personal data may be
transferred across international borders outside the country in which you use
our services. In the event that your personal data are transferred outside of
EU/EEA, we will ensure that any such transfer is covered by appropriate
contractual measures (e.g., using European Commissions Standard Contractual
Clauses), that the transfer has an appropriate legal basis,  and that the
data processing and confidentiality fulfills the requirements in relevant laws.
You may obtain a copy of the relevant Standard Contractual Clauses (where
applicable) by contacting us using the details set out in Section 12 below.

Lawful requests. We may be
required by the binding requirements of applicable law, or for the purposes of
responding to legal proceedings or other lawful requests to disclose your
personal data to authorities or third parties.

Protection of our interests and
combating fraud. We may also disclose or otherwise process your personal data, in
accordance with applicable law, to defend our legitimate interests (for
example, in civil or criminal legal proceedings) and when combating fraud.

Mergers and acquisitions. In the event of any
sale, consolidation or reorganisation of our businesses (for example mergers
and acquisitions), we may disclose your personal data to prospective or actual
purchasers or their advisers, where appropriate.

STEPS TAKEN TO SAFEGUARD THE PERSONAL DATA

Summary

We have created appropriate safeguards
to protect your personal data. We have implemented both technical and
organisational safety measures, and only certain restricted personnel are
permitted to access your data. However, you should always be careful when
transmitting your data via internet, as the transmission of data to our website
will be at your risk.

We have implemented appropriate
technical and organisational security measures designed to protect your
personal data against accidental or unlawful destruction, loss, alteration,
unauthorised disclosure, unauthorised access, and other unlawful or
unauthorised forms of processing, in accordance with applicable law.

We maintain a variety of physical,
electronic, and procedural safeguards to guard your personally identifiable
information. Specifically, we use commercially accepted procedures and systems
to protect against unauthorised access to our systems. Only our appointed
personnel and third party companies operating on behalf of us or on our
assignment (referred to as "Authorised Third Parties") are entitled
to access or process your personal data.

Unfortunately, the transmission of
information via the internet is never completely secure. Although we will
implement all reasonable measures to protect your personal data, we cannot
guarantee the security of your data transmitted to our site; any transmission
is at your own risk. Once we have received your information, we will use strict
procedures and security features to try to prevent unauthorised access.

ACTIONS YOU CAN TAKE IN REGARD TO THE PROCESSING

Summary

Subject to applicable law, you may have
the following rights with respect to the processing of your personal data:

Choosing not to provide your personal
data

Accessing, or obtaining a copy of, your
personal data

Checking and editing your data in your
user account

Unsubscribing from direct marketing

Checking and editing your personal data

Blocking and deleting the cookies

Permitting or refusing processing of
your location data

Erasure, or restriction of our
processing, of your data

Objecting to the processing of your
personal data

Withdrawing your consent

Porting your data to another controller

Lodging a claim at the supervisory
authority

We hope to ensure that the personal
data we possess are accurate at all times and therefore we encourage you to
update your information in your own account in case any changes have occurred.
We have listed below the rights that you may be able to exercise in respect of
the processing of your personal data, subject to applicable law. We take every
reasonable step to ensure that the personal data that we process are limited to
the personal data that are reasonably required in connection with the purposes
set out in this Privacy Policy.

Please note that upon exercising any
of the rights listed below, you may be requested to provide additional
information for identification purposes. Such additional information shall not
be used for any other purpose and will be removed after successful
identification.

Providing your data: You may choose not
to provide your personal data to us. It should be noted that some features of
our website and other services may not be fully available to you if you choose
not to provide us with your personal data (e.g., we may not be able to process
your orders without the necessary details).

Right of access: You may have the
right to request access to, or copies of, your personal data, together with
information regarding the nature, processing and disclosure of those data.

Unsubscribing: We include an
unsubscribe link in all electronic marketing messages we send to you. You may
withdraw your consent to direct marketing at any time. If you do so, we will
promptly update our databases, and will not send you further direct marketing,
but we may continue to contact you to the extent necessary for the purposes of
any products or services you have requested.

Checking and editing your personal
data: Should you have an online user account, you may edit and complete your
personal data directly yourself. If you do not have an online user account, you
may contact our Customer Service team using the details provided in Section 12 below, who will upon your request as
soon as possible rectify, remove or complete the information which is
incorrect, unnecessary, lacking or outdated.

Blocking and deleting cookies: You may block
the cookies using your browser settings. Please note that blocking the cookies
may affect the usability of our website. You may also delete the cookies from
your browser via its settings, in which case the information collected by the
previous cookie will not affect the account created based on the information
collected after such deletion.

Allowing use of location data: You may give your
consent to the use of location data in the options of the device or the
application. You may also withdraw such consent at any time from the options
menu in your account, or by contacting our Customer Service team

Erasure, or restriction of our processing,
of your data: Should you believe that we process your data which is not accurate; the
processing is illegal; we are not processing your data in accordance with the
processing purpose or you want to oppose the processing, you may contact
our Customer Service team to request the erasure, or
restrictions on the processing, of your data. Please note that we will
investigate your request reasonably promptly, before deciding what action to
take.

Right to object: You may have the
right to object, on legitimate grounds, to the processing of your personal
data.

Withdrawing your consent. You may at any time
decide to withdraw your consent to the processing of your personal data. If
your consent is withdrawn, it does not prevent us from processing your personal
data based on other legal bases, such as fulfilling your orders and storing
your order data as required by applicable law. However, it should be noted that
your account(s) on our website will be removed, and advantages granted to you
via your account will be reset. Please note that withdrawal of consent does not
affect the lawfulness of any processing performed prior to the date on which we
receive notice of such withdrawal.

Right to data portability: You may have
the right to have your personal data transferred to another controller, in a
structured, commonly used and machine-readable format, to the extent
applicable.

Lodging a claim with a supervisory
authority: Should you believe that our processing of your personal data
infringes your legal rights, you may lodge a claim with your local supervisory
authority.

 

USE OF COOKIES AND SIMILAR TECHNIQUES

Cookies are small text files, often
construed of letters and numbers, which the browser inserts into a computer or
other device while you use our website. Please refer to our Cookie Policy for
further information.

THIRD PARTY WEBSITE

Summary

Please note that certain features on
our website are offered by third parties and the third party privacy policies
apply.

Our website and services use options
which enable you to share content on social media, such as Facebook's
"share" button. Such options are provided directly by the third-party
service providers (e.g., Facebook, Twitter, Instagram, Google+, etc.). Each
such third-party service provider may collect personal data regarding your
visits and interaction with its services, based on its own policies and rules
concerning data privacy.

Diamond Style cannot be held liable
for any privacy policies or terms and conditions concerning data privacy of such
third parties.

CHANGES TO THIS PRIVACY POLICY

Summary

We may update this Privacy Policy from
time to time and communicate the changes on this site.

Amori reserves the right to change
and modify this Privacy Policy from time to time. When we post changes to this
Privacy Policy we will modify the "Effective Date" at the top of this
Privacy Policy to indicate when such changes have come into effect.

If the changes are material and
affect you in an adverse way, Amori will inform you with an email and
prominently post a notice advising of such change at the beginning of this
Privacy Policy and on our website home page.

DEFINED TERMS

In this Privacy Policy, the following
defined terms are used:

"controller" means the
entity that decides how and why personal data are processed. In many
jurisdictions, the controller has primary responsibility for complying with
applicable data protection laws.

"personal data" means any
information relating to an identified or identifiable natural person; an
identifiable person is one who can be identified, directly or indirectly, in
particular by reference to an identifier such as a name, an identification
number, location data, online identifier or to one or more factors specific to
the physical, physiological, genetic, mental, economic, cultural or social
identity of that person.

"process", "processing" or "processed" means anything that is done
with any personal data, whether or not by automated means, such as collection,
recording, organisation, structuring, storage, adaptation or alteration,
retrieval, consultation, use, disclosure by transmission, dissemination or
otherwise making available, alignment or combination, restriction, erasure or
destruction.

"processor" means any person or entity
that processes personal data on behalf of the Controller (other than employees
of the Controller).

OUR CONTACT POINT

In general privacy issues, in issues relating
to your account or to opt out from marketing messages, please contact our
Customer Service: hello@amorijewellery.com 

PAYMENT SECURITY

All credit card payments made during
on-line transactions are handled on our behalf by Shopify Payments secure
payment gateway. All transaction information passed between our site and Shopify
Payments systems are encrypted using a minimum of 128-bit SSL encryption.

No cardholder information is ever
passed unencrypted. You can be assured that nothing you pass to Shopify
Payments servers can be examined, used or modified by us and or any third
parties.

Shopify Payments is also audited
under the Payment Card Industry Data Security Standards (PCI DSS) and is a
fully approved Level 1 payment services provider, which is the highest level of
compliance. They are also active members of the PCI Security Standards Council
(SSC) that defines card industry global regulation.