PRIVACY POLICY

This document sets out the privacy policy ("Privacy Policy") of Magnolia Silver Jewellery Group Ltd ("Magnolia", "we", "us" and "our").

 

Privacy Commitment

Magnolia is committed to protecting the privacy of all individuals in respect of whom we hold any personal data, regardless of whether those persons are customers, potential customers, business partners or otherwise and regardless of how we have come to possess the personal data.

 

Our privacy policy is designed to be compliant with all applicable Israeli privacy and data protection regulations, including without limit the Protection of Privacy Law 5741-1981 and the Privacy Protection (Data Security) Regulations 5777-2017 promulgated thereunder (collectively "Israeli Law") and the European Union's General Data Protection Regulation 2016/679 ("GDPR"), to the extent applicable.

 

Magnolia will ensure that all personal data that you submit to us, or which we collect, via various channels, including without limit via your interaction with our website, through written correspondence (including e-mail) and personal interaction with our representatives and business partners, is only used for the purposes set out in this policy and that it shall be held and stored safely and in compliance with the applicable laws.

Through this Privacy Policy we aim to inform you about the types of personal data that we collect from individuals, the purposes for which we use the information and the ways in which the information is handled.

Magnolia is the controller of all personal data that we collect, meaning that we determine the purposes and means of the collecting and using the personal data. We also control who has access to all personal data that is under our control. Additionally, if any of your personal data is processed, Magnolia is also the processor of the personal data. For correspondence relating to the Privacy Policy, please address our Data Security Officer, whose details are set out at the end of this Privacy Policy.

What is Personal Data?

For the purpose of this Privacy Policy, "personal data" means any information of any kind relating to you personally and which can be connected to you either directly or indirectly by reference to other information. If information relating to you is anonymized so that we cannot connect you to the personal data by any means, then it is not personal data. 

What Personal Data We Collect and Use?

These are the categories of Personal Data we collect directly or indirectly from you:

Information to verify your identity - includes: name [first, last, initials], Date of Birth, e-mail address, social media identifiers and information passed along to us via your Facebook or Google account.

Contact information - includes: your phone number, shipping and billing address, e-mail address, any other communication channel you have used to contact us for more information.

Purchase information - includes: your payment information (credit card number), payment risk profile (provided to us by our payment risk solution), shopping cart (your ordered items), delivery details, shipping and billing address, customer order number, purchase history with us, transaction ID, and any other information related to your purchase. We use it to complete your order on our site.

Correspondence – includes: conversation we have when you contact customer service, the emails you write us about our products or services, the complaints you address to us via post, e-mail, fax, or call, notes we prepared on your feedback, call back from our Customer Service to you, and any other communication between you and us. We may record Customer Service calls.

Social Media information – includes: information obtained through your interaction with us on various social media channels such as Facebook, Instagram, Google, etc.

Club Member information – includes: Unique Member Identifier (member ID), date you became a member, Purchase history.


User Statistics

We obtain certain information when your web browser accesses our website including your IP address, browser type, operating system, mobile network data, pages viewed and access times.  This includes information about your browsing actions and patterns on the website, which we will use in order to provide you with a more personal experience. We also aggregate all statistical information regarding the browsing actions and patterns of all visitors to our website and this aggregated statistical information does not identify you.

How we Process your Personal data

"Processing" personal data means performing any operation or set of operations on personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction of the personal data.

The personal data that you provide to us or that we receive from other sources will be kept confidential. We will only hold, use and disclose your personal data in a manner that is fully compliant with Israeli law and the GDPR and in accordance with our legitimate business purposes, which include:

  • Confirming orders
  • Issuing invoices and other documents
  • Promoting products and services for you and providing offers
  • Responding to enquiries
  • advising you of events and promotions
  • Customer service
  • Personalised marketing messages via email (newsletter sign-up)
  • Personalised marketing messages via email (via existing contract)
  • Targeted messages on 3rd-party advertising platforms
  • Collecting your device information on our website using cookies, pixels, tags, and similar technologies
  • Administrative purposes, such as sending you important information regarding our website, changes to our terms of business or policies, or other administrative information.

We may release your personal data to regulatory or law enforcement agencies, if we are required or permitted to do so.

We will not process your personal data for any reason other than those stated above, unless we first receive your express prior written consent or we are legally required to. The legal basis for processing your personal data is made up of one or more of the following reasons:

  • Your consent.
  • Providing our goods and services and conducting our business in the manner that we described above.
  • Compliance with applicable laws, regulations or other legal process. If we process your personal data in order to comply with a law, regulation or other legal process, then we will notify you of this in writing, unless we are not permitted to.
  • The processing is necessary for the purposes of our (or a third party's) legitimate interests, provided we have established that those interests are not overridden by your rights and freedoms, including your right to have your personal data protected.

How we share your Personal data

Personal data that we collect is stored on third party servers that have been selected, among other reasons, based on their commitments to hold and protect the personal data from unauthorized access or transfer and that have provided commitments consistent with the GDPR and Israeli privacy protection laws. Currently, the personal data is stored on servers located in ISRAEL belonging to 012. The personal data is stored on the servers under our own unique account to which no other party has access.012 undertakes to store and transfer personal data in accordance with its own strict privacy policy, more information of which can be found at BETANET. Only Magnolia has the power to determine who has access to the personal data held on its account with the 012 cloud and how the personal data may be processed.

Personal data we collect is stored on our servers located in Israel. We may use other jurisdictions as necessary for the proper delivery of our services and/or as may be required by law.

Different members of Magnolia personnel have different access rights to the personal data stored by Magnolia and different members of Magnolia personnel have different permissions for what they may and may not do with the personal data, including with whom they may share personal data. Access and permission for each Magnolia employee is set according to their responsibilities. Additionally, all personnel who have any kind of access to the personal data are made fully aware of this Privacy Policy and are also trained in Israeli privacy and GDPR requirements. 

Our policy is not to share your personal data with any other party unless it is in line with this Privacy Policy and the applicable Israeli laws and GDPR.

Whenever we share any personal data with third parties, we require that they contractually guarantee to maintain adequate levels of protection and that any processing of personal data is restricted to the purposes set out in this Privacy Policy and that, where required, they also contractually agree to GDPR approved standard contractual clauses. 

How Long We Will Hold Your Information

To the extent permissible by applicable law, we will retain your personal data for such period plus 12 further months as is necessary to satisfy or to fulfill the following:

  • the purposes for which that personal data was provided;
  • an identifiable and ongoing business need, including record keeping;
  • a requirement to retain records that may be relevant to any notified regulatory investigations or active legal proceedings;
  • comply with any applicable law, regulation, legal process, including, without limitation, court orders and/or compulsory disclosures required by governmental authorities;
  • fulfill legitimate interests of Magnolia that are not outweighed by your right to privacy.

Use of Cookies and Tracking Technology

We use cookies or other similar tracking technologies to provide you with better services. We may collect information about your activities on our website through the use of cookies, clear GIFs or web beacons, local shared objects or Flash cookies, pixels, tags or through other similar identifiers and technologies (“Cookies”). Cookies are pieces of information a website transfers to your computer’s hard disk for record-keeping purposes. We use both session and persistent Cookies. Cookies can either be persistent (i.e., they remain on your computer or device until you delete them) or temporary (i.e., they last only until you close your browser). We use first-party and third-party Cookies. First-party Cookies are used and controlled by us. Third-party Cookies are controlled by third parties, mostly for the purpose of analytics.

Cookies can make the web more useful by storing information about your preferences for a particular site. The use of Cookies is an industry standard, and many major websites use them to provide useful features for their customers. By using our websites, you consent to our use of Cookies and our processing of information collected through such Cookies, in accordance with this Privacy Statement. You can withdraw your consent at any time by deleting placed Cookies and disabling Cookies in your browser (consult your browser ‘help’ files or visit www.aboutcookies.org or www.allaboutcookies.org to learn more about Cookies and their management). However, if you refuse to accept Cookies, you may not be able to take full advantage of the functionality of the websites.

You can learn more about our cookie usage in our Cookie Policy 

Targeted Messages On 3rd-Party Advertising Platforms

We use third-party advertising platforms, such as Facebook, Google, YouTube, Instagram, etc. to send you messages that are targeted at you, based on your behavior and browsing pattern, at specific times and locations of these platforms to increase the efficiency of our advertising campaigns. Your personal information is shared with the third-party advertising platforms, and they will attempt to match your profile in their database to determine the optimal time and place (the page you are browsing) to show you an advertisement from Magnolia. We also need to analyze necessary information to understand the impact of our campaigns. If you don’t accept that we track you for this purpose, you still may see Magnolia advertisements on other platforms at random.

Security

We implement physical, administrative and technical security measures designed to protect your personal information. Magnolia is not responsible for unauthorized access to such information by hackers or others that obtain access through illegal measures.

You should understand that the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data while it is being transmitted to our website or sent to us by email via third party networks.

Your Rights in Connection with Your Personal Data Held by Us

You have certain rights in relation to personal data about you that we hold. Details of these rights and how to exercise them are set out below. We will require evidence of your identity before we are able to act on any request with respect to exercising any rights. For convenience, please address any requests to us regarding your rights below to our Data Security Officer who is responsible for our implementation of this Privacy Policy. The Data Security Officer's name and contact details are provided at the end of this document.

Right of Access

You have the right at any time to ask us for a copy of the personal data about you that we hold.  Israeli law and GDPR provides certain instances where we may refuse your request for a copy of your personal data, or certain parts of the personal data that we hold. If we refuse your request or any element of it, we will provide you with our written reasons for doing so as soon as possible.

Right of Correction or Completion

If personal data we hold about you is not accurate, out of date or incomplete, you have a right to have the data rectified, updated or completed.

Right of Erasure

You have the right to request that personal data we hold about you is erased if:

  • your personal data is no longer necessary for the purposes for which it was collected or otherwise processed;
  • you wish to withdraw your consent on which the processing of your personal data was based and there is no other basis justifying such processing;
  • you consider and can establish that your personal data has been unlawfully processed; or
  • your personal data must be deleted in accordance with a legal obligation.

Right to object to or restrict processing

You have the right to object to our processing of your personal data and you also have the right to object to use of your personal data for direct marketing purposes.

Right of Data Portability

You have a right to receive any personal data that we hold about you in a structured, commonly used and machine-readable format, provided that:

  • the personal data is data that you have provided to us previously; and
  • the personal data is processed by us using automated means.

Please note that if you are requesting the personal data to be transferred to a third party's system, we cannot guarantee technical compatibility with that system.

Consent

To the extent that we are processing your personal data based on your consent, you have the right to withdraw your consent at any time.

Complaints

If you are unhappy about our use of your personal data, please do notify us, providing the reasons and we will endeavor to rectify the problem. Please contact our Data Security Officer whose details are provided below.  

If you are based in the EU, you may also lodge a complaint with any Data Protection Authority set up to supervise and enforce the GDPR ("DPA"). There is a DPA in each EU member state and you may report to any DPA, although generally you will report to the DPA set up in the member state in which you are located. Here is a list of all DPAs and their contact details: http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm However, we do take your rights with respect to your personal data very seriously and will appreciate the chance to resolve any issues that you may have before you address a DPA.

Third Party Websites

Please note that clicking on links and banner advertisements on our website can result in your browser accessing a third-party website, where data privacy practices will be different to those of Magnolia as described in this Privacy Policy and we cannot be responsible for the manner in which those parties hold and process any personal data that they collect from you. We therefore recommend that you review their privacy policies separately before providing such third parties with any of your personal data.

Changes to our Privacy Policy

This Privacy Policy can be changed by Magnolia at any time. If we change our Privacy Policy in the future, we will advise you of material changes or updates by email. For less substantive changes, we will simply publish the revised policy on our website. You are therefore encouraged to review our Privacy Policy from time-to-time to ensure that you remain updated.

Further Information on Data Protection and Personal Privacy

If you have any enquiries or if you would like to contact us about our processing of your personal data, including to exercise your rights as outlined above, please contact us by email on  [email protected].

When you contact us, we will ask you to verify your identity.

California Privacy Rights

California law permits users of our website that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, California residents should send an e-mail to [email protected] or write us at:

Magnolia Silver Jewellery

Hataas 23

Kfar Saba, 4442525 

Israel

 

Governing law and place of jurisdiction

Any dispute arising in connection with this Privacy Policy shall be governed by Israeli law to the exclusion of its choice of law provisions, unless the GDPR or the applicable law of another country applies mandatorily. The exclusive place of jurisdiction shall be Tel Aviv, Israel.