Zambian Emeralds Logo
Zambian Emeralds
Shop
Privacy Policy
Home  ⇒  Privacy Policy

Last Updated: October 11st 2025 (11.10.2025)

1. INTRODUCTION

Zambian-Emeralds.com ("we", "our", or "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website Zambian-Emeralds.com and use our e-commerce services, WordPress and WooCommerce.

This policy complies with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

Data Controller:

Zambian-Emeralds.com

Email: contact@zambian-emeralds.com

2. AGE REQUIREMENT

Our website and services are strictly intended for individuals who are 21 years of age or older. We do not knowingly collect personal information from anyone under 21 years of age. If we discover that we have collected data from someone under 21, we will promptly delete that information.

3. INFORMATION WE COLLECT

3.1 Information You Provide Directly

Account Information:

  • Full name
  • Date of birth (for age verification)
  • Email address
  • Phone number
  • Billing address
  • Shipping address
  • Password (encrypted)

Transaction Information:

  • Payment card details (processed securely via WooCommerce/Paypal/payment processors)
  • Order history
  • Product preferences
  • Delivery instructions

Communication Data:

  • Customer service inquiries
  • Email correspondence
  • Reviews and feedback
  • Newsletter subscriptions

3.2 Information Collected Automatically via WordPress and/or WooCommerce

Technical Data:

  • IP address
  • Browser type and version
  • Device information (type, operating system)
  • Time zone settings
  • Browser plug-in types and versions
  • Unique device identifiers

Usage Data:

  • Pages visited
  • Time spent on pages
  • Click patterns
  • Products viewed
  • Shopping cart contents
  • Referral sources
  • Exit pages

Cookie Data:

  • Session cookies
  • Persistent cookies
  • Analytics cookies (Google Analytics via WordPress)
  • Functional cookies
  • Marketing cookies

3.3 Information from Third Parties

WooCommerce and/or Paypal Platform Data:

  • Transaction processing information
  • Fraud prevention data
  • Analytics data
  • Customer behavior patterns

Payment Processors:

  • Payment verification
  • Transaction status
  • Fraud screening results
  • Billing Addresses
  • Delivery Addresses

Delivery Partners:

  • Delivery confirmation
  • Age verification at delivery
  • Signature confirmation

4. LEGAL BASIS FOR PROCESSING (GDPR)

We process your personal data under the following legal bases:

4.1 Contract Performance

Processing necessary to fulfill your orders and provide our services:

  • Order processing and fulfillment
  • Customer account management
  • Customer service provision
  • Delivery arrangements

4.2 Legal Obligations

Processing necessary to comply with legal requirements:

  • Age verification for gemstones sales and/or services
  • Tax and accounting records
  • Regulatory compliance
  • Legal claims and disputes

4.3 Legitimate Interests

Processing for our legitimate business interests:

  • Fraud prevention and security
  • Website improvement and analytics
  • Business operations and administration
  • Direct marketing (with opt-out rights)

4.4 Consent

Processing based on your explicit consent:

  • Placing orders
  • Marketing emails (where required)
  • Cookie placement (non-essential cookies)
  • Promotional communications
  • Customer surveys

5. HOW WE USE YOUR INFORMATION

We use your personal data for the following purposes:

Service Delivery:

  • Process and fulfill orders
  • Verify age for alcohol purchases
  • Manage your account
  • Process payments and refunds
  • Arrange delivery

Legal Compliance:

  • Comply with alcohol sales regulations
  • Maintain records as required by law
  • Respond to legal requests
  • Prevent underage sales

Communication:

  • Send order confirmations and updates
  • Respond to inquiries
  • Send service-related notices
  • Provide customer support

Marketing (with consent where required):

  • Send promotional offers
  • Personalize your experience
  • Recommend products
  • Send newsletters

Improvement and Analytics:

  • Analyze website usage
  • Improve our services
  • Develop new features
  • Conduct market research

6. COOKIES AND TRACKING TECHNOLOGIES

6.1 Advice in Regard to Maintaining Dough-Made Cookies

Unlike digital cookies, regular dough-made cookies might be prone to visits by the cookie monster, and as such should be kept in a well maintained cookie-jar, enclosed within a dry, cool and dark place. Preferably far away from the prying googly eyes of cookie-enthusiastic monsters

The Cookie Monster - An Avid Cookies Enthusiast

6.2 Cookies We Use

Essential Cookies:

  • Session management
  • Shopping cart functionality
  • Age verification status
  • Security features

Analytics Cookies (via WordPress and/or WooCommerce):

  • Google Analytics
  • WordPress Analytics
  • Performance monitoring

Marketing Cookies:

  • Retargeting pixels
  • Social media pixels
  • Advertising cookies

6.3 Managing Cookies

You can control cookies through:

  • Browser settings
  • Our cookie consent tool
  • Opt-out links in cookie notices

Disabling essential cookies may impact website functionality.

6.4 Controlling Cookies Using CookieAdmin

In order to ensure your privacy, we use CookieAdmin - a Lightweight, Powerful Cookie Consent manager and privacy guard. Among the features that CookieAdmin allows us to offer you for safeguarding of your privacy are:

  • Consent Logs
  • Anonymized User IP
  • GDPR & US State Laws Compliance
  • Consent Form
  • Google Consent Mode v2
  • ADA, EAA & WCAG Compliance

7. DATA SHARING AND DISCLOSURE

7.1 WordPress and/or WooCommerce Platform

As our e-commerce platform providers, WordPress and/or WooCommerce and/or Paypal process data on our behalf as data processors. They have access to:

  • Order information
  • Customer data
  • Transaction details
  • Analytics data

7.2 Service Providers

We share data with service providers who assist us:

  • Payment processors (Stripe, PayPal and others via WooCommerce)
  • Shipping companies (EMS, FedEx, DHL, UPS and others, with age verification requirements)
  • Email service providers (Gmail, Outlook, Proton and others)
  • Customer support tools
  • Analytics providers

7.3 Legal Requirements

We may disclose data when required by:

  • Law enforcement requests
  • Court orders
  • Regulatory requirements
  • Age verification obligations

7.4 Business Transfers

In case of merger, acquisition, or sale, your data may be transferred to the new entity.

7.5 Your Consent

We may share data with your explicit consent.

8. INTERNATIONAL DATA Transfers

Your data may be transferred outside the European Economic Area (EEA). We ensure appropriate safeguards:

WordPress and/or WooCommerce and/or Paypal and/or Our Servers:

  • Located in the United States and/or in Cyprus, and/or in Israel and/or in Iceland
  • EU-US Data Privacy Framework certified
  • Standard Contractual Clauses in place

Other Transfers:

  • Adequacy decisions
  • Standard contractual clauses
  • Your explicit consent

9. DATA RETENTION

We retain your personal data for:

Customer Accounts:

  • Active as long as account exists
  • 7 years after last activity (legal requirements)

Order Information:

  • 7 years (tax and legal obligations)

Marketing Data:

  • Until consent withdrawn
  • 3 years of inactivity

Age Verification:

  • As required by certain national and/or international regulations

Cookies:

  • Session: Until browser closed
  • Persistent: Up to 2 years

10. YOUR RIGHTS UNDER GDPR

You have the following rights regarding your personal data:

10.1 Right to Access

Request a copy of your personal data we hold.

10.2 Right to Rectification

Request correction of inaccurate or incomplete data.

10.3 Right to Erasure ("Right to be Forgotten")

Request deletion of your data (subject to legal obligations).

10.4 Right to Restrict Processing

Request limitation of processing in certain circumstances.

10.5 Right to Data Portability

Receive your data in a structured, machine-readable format.

10.6 Right to Object

Object to processing based on legitimate interests or direct marketing.

10.7 Rights Related to Automated Decision-Making

Not be subject to solely automated decision-making with legal effects.

10.8 Right to Withdraw Consent

Withdraw consent at any time where processing is based on consent.

To exercise your rights, contact us at:

Email: contact@zambian-emerald.com

We will respond within 30 days of receiving your request.

11. DATA SECURITY

We implement appropriate technical and organizational measures:

Technical Measures:

  • SSL/TLS encryption for data transmission
  • Encrypted password storage
  • Secure payment processing via WordPress and/or WooCommerce and/or Paypal
  • Regular security updates
  • Firewall protection

Organizational Measures:

  • Limited access to personal data
  • Employee training on data protection
  • Data processing agreements with providers
  • Regular security assessments
  • Incident response procedures

WordPress and/or WooCommerce and/or Paypal Security:

  • PCI DSS compliant
  • Regular security audits
  • Encrypted data storage
  • Secure data centers

12. THIRD-PARTY LINKS

Our website may contain links to third-party sites. We are not responsible for their privacy practices. Please review their privacy policies before providing personal information.

13. MARKETING COMMUNICATIONS

13.1 Opt-In/Opt-Out

  • Marketing emails require consent (where applicable)
  • Unsubscribe link in every marketing email
  • Account preferences to manage communications
  • Contact us to opt-out of all marketing

13.2 Types of Marketing

  • Promotional offers
  • New product announcements
  • Newsletter
  • Personalized recommendations

14. CHILDREN'S PRIVACY

Our website is not intended for anyone under 21 years of age. We do not knowingly collect data from minors. If you believe we have collected data from someone under 21, please contact us immediately.

15. CALIFORNIA PRIVACY RIGHTS

California residents have additional rights under CCPA:

  • Right to know what personal information is collected
  • Right to know if personal information is sold or disclosed
  • Right to opt-out of sale of personal information
  • Right to non-discrimination

We do not sell personal information.

16. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy periodically. Changes will be posted on this page with an updated "Last Updated" date. Significant changes will be notified and/or published via the following means (all or some, together or separately):

  • Our Privacy Policy Page
  • Our Website
  • Our Homepage
  • Email notification
  • Website banner
  • Account notification

Your continued use after changes constitutes acceptance.

17. COMPLAINTS

If you have concerns about our data processing:

  1. Contact us first at privacy@zambian-emeralds.com
  2. Supervisory Authority: You have the right to lodge a complaint with your local data protection authority:
  • For EU residents: Your national data protection authority
  • For UK residents: Information Commissioner's Office (ICO)

18. OUR DATA PROTECTION OFFICER

Email: gdpr@zambian-emeralds.net

19. CONTACT INFORMATION

For privacy-related questions or to exercise your rights:

Zambian-Emeralds.com Privacy Team

Email: privacy@zambian-emeralds.com

Response Time: We aim to respond to all privacy inquiries within 30 days.

By using our website, you acknowledge that you have read and understood this Privacy Policy.

Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None