Magnolia is committed to protecting the privacy of all individuals in respect of whom we hold any personal data, regardless of whether those persons are customers, potential customers, business partners or otherwise and regardless of how we have come to possess the personal data.
Magnolia will ensure that all personal data that you submit to us, or which we collect, via various channels, including without limit via your interaction with our website, through written correspondence (including e-mail) and personal interaction with our representatives and business partners, is only used for the purposes set out in this policy and that it shall be held and stored safely and in compliance with the applicable laws.
What is Personal Data?
What Personal Data We Collect and Use?
These are the categories of Personal Data we collect directly or indirectly from you:
Information to verify your identity - includes: name [first, last, initials], Date of Birth, e-mail address, social media identifiers and information passed along to us via your Facebook or Google account.
Contact information - includes: your phone number, shipping and billing address, e-mail address, any other communication channel you have used to contact us for more information.
Purchase information - includes: your payment information (credit card number), payment risk profile (provided to us by our payment risk solution), shopping cart (your ordered items), delivery details, shipping and billing address, customer order number, purchase history with us, transaction ID, and any other information related to your purchase. We use it to complete your order on our site.
Correspondence – includes: conversation we have when you contact customer service, the emails you write us about our products or services, the complaints you address to us via post, e-mail, fax, or call, notes we prepared on your feedback, call back from our Customer Service to you, and any other communication between you and us. We may record Customer Service calls.
Social Media information – includes: information obtained through your interaction with us on various social media channels such as Facebook, Instagram, Google, etc.
Club Member information – includes: Unique Member Identifier (member ID), date you became a member, Purchase history.
We obtain certain information when your web browser accesses our website including your IP address, browser type, operating system, mobile network data, pages viewed and access times. This includes information about your browsing actions and patterns on the website, which we will use in order to provide you with a more personal experience. We also aggregate all statistical information regarding the browsing actions and patterns of all visitors to our website and this aggregated statistical information does not identify you.
How we Process your Personal data
"Processing" personal data means performing any operation or set of operations on personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction of the personal data.
The personal data that you provide to us or that we receive from other sources will be kept confidential. We will only hold, use and disclose your personal data in a manner that is fully compliant with Israeli law and the GDPR and in accordance with our legitimate business purposes, which include:
- Confirming orders
- Issuing invoices and other documents
- Promoting products and services for you and providing offers
- Responding to enquiries
- advising you of events and promotions
- Customer service
- Personalised marketing messages via email (newsletter sign-up)
- Personalised marketing messages via email (via existing contract)
- Targeted messages on 3rd-party advertising platforms
- Collecting your device information on our website using cookies, pixels, tags, and similar technologies
- Administrative purposes, such as sending you important information regarding our website, changes to our terms of business or policies, or other administrative information.
We may release your personal data to regulatory or law enforcement agencies, if we are required or permitted to do so.
We will not process your personal data for any reason other than those stated above, unless we first receive your express prior written consent or we are legally required to. The legal basis for processing your personal data is made up of one or more of the following reasons:
- Your consent.
- Providing our goods and services and conducting our business in the manner that we described above.
- Compliance with applicable laws, regulations or other legal process. If we process your personal data in order to comply with a law, regulation or other legal process, then we will notify you of this in writing, unless we are not permitted to.
- The processing is necessary for the purposes of our (or a third party's) legitimate interests, provided we have established that those interests are not overridden by your rights and freedoms, including your right to have your personal data protected.
How we share your Personal data
Personal data we collect is stored on our servers located in Israel. We may use other jurisdictions as necessary for the proper delivery of our services and/or as may be required by law.
How Long We Will Hold Your Information
To the extent permissible by applicable law, we will retain your personal data for such period plus 12 further months as is necessary to satisfy or to fulfill the following:
- the purposes for which that personal data was provided;
- an identifiable and ongoing business need, including record keeping;
- a requirement to retain records that may be relevant to any notified regulatory investigations or active legal proceedings;
- comply with any applicable law, regulation, legal process, including, without limitation, court orders and/or compulsory disclosures required by governmental authorities;
- fulfill legitimate interests of Magnolia that are not outweighed by your right to privacy.
We use third-party advertising platforms, such as Facebook, Google, YouTube, Instagram, etc. to send you messages that are targeted at you, based on your behavior and browsing pattern, at specific times and locations of these platforms to increase the efficiency of our advertising campaigns. Your personal information is shared with the third-party advertising platforms, and they will attempt to match your profile in their database to determine the optimal time and place (the page you are browsing) to show you an advertisement from Magnolia. We also need to analyze necessary information to understand the impact of our campaigns. If you don’t accept that we track you for this purpose, you still may see Magnolia advertisements on other platforms at random.
We implement physical, administrative and technical security measures designed to protect your personal information. Magnolia is not responsible for unauthorized access to such information by hackers or others that obtain access through illegal measures.
You should understand that the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data while it is being transmitted to our website or sent to us by email via third party networks.
Your Rights in Connection with Your Personal Data Held by Us
Right of Access
You have the right at any time to ask us for a copy of the personal data about you that we hold. Israeli law and GDPR provides certain instances where we may refuse your request for a copy of your personal data, or certain parts of the personal data that we hold. If we refuse your request or any element of it, we will provide you with our written reasons for doing so as soon as possible.
Right of Correction or Completion
If personal data we hold about you is not accurate, out of date or incomplete, you have a right to have the data rectified, updated or completed.
Right of Erasure
You have the right to request that personal data we hold about you is erased if:
- your personal data is no longer necessary for the purposes for which it was collected or otherwise processed;
- you wish to withdraw your consent on which the processing of your personal data was based and there is no other basis justifying such processing;
- you consider and can establish that your personal data has been unlawfully processed; or
- your personal data must be deleted in accordance with a legal obligation.
Right to object to or restrict processing
You have the right to object to our processing of your personal data and you also have the right to object to use of your personal data for direct marketing purposes.
Right of Data Portability
You have a right to receive any personal data that we hold about you in a structured, commonly used and machine-readable format, provided that:
- the personal data is data that you have provided to us previously; and
- the personal data is processed by us using automated means.
Please note that if you are requesting the personal data to be transferred to a third party's system, we cannot guarantee technical compatibility with that system.
To the extent that we are processing your personal data based on your consent, you have the right to withdraw your consent at any time.
If you are unhappy about our use of your personal data, please do notify us, providing the reasons and we will endeavor to rectify the problem. Please contact our Data Security Officer whose details are provided below.
If you are based in the EU, you may also lodge a complaint with any Data Protection Authority set up to supervise and enforce the GDPR ("DPA"). There is a DPA in each EU member state and you may report to any DPA, although generally you will report to the DPA set up in the member state in which you are located. Here is a list of all DPAs and their contact details: http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm However, we do take your rights with respect to your personal data very seriously and will appreciate the chance to resolve any issues that you may have before you address a DPA.
Third Party Websites
Further Information on Data Protection and Personal Privacy
If you have any enquiries or if you would like to contact us about our processing of your personal data, including to exercise your rights as outlined above, please contact us by email on [email protected].
When you contact us, we will ask you to verify your identity.
California Privacy Rights
California law permits users of our website that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, California residents should send an e-mail to [email protected] or write us at:
Magnolia Silver Jewellery
Kfar Saba, 4442525
Governing law and place of jurisdiction