Legal
Privacy Policy
Effective 27 May 2026
1.
What we collect
We collect the following categories of personal data:
- Account details — name, email, password hash, company name, country, city, phone, website.
- Uploaded content — stone listings, photographs, videos, certification scans, pricing.
- Enquiry messages exchanged between dealers and jewellers on the platform.
- API key usage logs — timestamps, IP addresses, and request volume for each key.
- Basic analytics — page views, referrer, device and browser type.
2.
How we use it
We use your data only to:
- Operate the platform — display your listings, deliver enquiries, serve API feeds.
- Send transactional notifications (new enquiries, replies, approval emails).
- Detect abuse, fraud, or breaches of our Terms.
- Improve the service through aggregate analytics.
We do not sell personal data and we do not run advertising on the platform.
3.
Third-party processors
We rely on a small number of trusted infrastructure providers who process data on our behalf:
- Database, authentication, and file storage hosting.
- Transactional email delivery for notifications.
- Application hosting and CDN.
All processors are bound by their own data-processing agreements and operate in jurisdictions providing an adequate level of protection.
4.
Your rights (UK GDPR)
You have the right to:
- Access the personal data we hold about you.
- Have inaccurate data corrected (rectification).
- Have your data deleted (erasure), subject to legal retention rules.
- Restrict or object to processing.
- Receive your data in a portable format.
- Lodge a complaint with the UK Information Commissioner’s Office (ICO).
5.
Data requests
To exercise any of these rights, email us at the address shown on this page once our custom domain is live. We aim to respond within 30 days. We are registered with the UK ICO.
6.
Governing law
This policy is governed by the laws of England and Wales and the UK Data Protection Act 2018 (UK GDPR).