Privacy Policy

Effective May 25th, 2018 – View our last version visit here.

SSL site seal - click to verify

You can be confident in knowing that contempojewelers.com is a verified Authorize.Net merchant. Authorize.Net is committed to providing its merchant customers with the highest level of transaction processing security, safeguarding customer information and combating fraud. More merchants trust Authorize.Net than any other payment gateway to process their ecommerce transactions securely. For more information about the benefits of Authorize.Net’s secure transaction processing, please visit the Authorize.Net Web site.

 

This Web site is secured with a GoDaddy.com Web Server Certificate. Transactions on the site are protected with up to 256-bit Secure Sockets Layer encryption.

 

 

This Privacy Policy governs the manner in which Contempo Jewelers collects, uses, maintains and discloses information collected from users (each, a “User”) of the https://contempojewelers.com website (“Site”). This privacy policy applies to the Site and all products and services offered by Contempo Jewelers.

What Personal identification information We Collect & Why We Collect It

We may collect personal identification information from Users in a variety of ways, including, but not limited to, when Users visit our site, register on the site,place an order,fill out a form,subscribe to the newsletter, and in connection with other activities, services, features or resources we make available on our Site.

Users may be asked for and we collect, as appropriate:

Name

email address

mailing address

phone number

credit card information (private and secured and encryption layer via Authorize.net)

 

Users may, however, visit our Site anonymously.

We will collect personal identification information from Users anonymously. only if they voluntarily submit such information to us. Users can always refuse to supply personally identification information, except that it may prevent them from engaging in certain Site related activities.

Non-personal identification information

We may collect non-personal identification information about Users whenever they interact with our Site. Non-personal identification information may include the browser name, ip address, the type of device and technical information about Users means of connection to our Site, such as the operating system and the Internet service providers utilized and other similar information, as well as tracking behavior on what pages and products are viewed, added to cart and purchased. As well as behavior through marketing communications via text message and email using that the users consented to via our third parties MailChimp & AgileCRM.

Cookies

Our Site may use “cookies” to enhance User experience. User’s web browser places cookies on their hard drive for record-keeping purposes and sometimes to track information about them. User may choose to set their web browser to refuse cookies, or to alert you when cookies are being sent. If they do so, note that some parts of the Site may not function properly. A user has full control in each of their web browsers to manage and delete their cookies.  See each browsers practices directly for more information. (Chrome, Firefox, Safari, Opera, Brave, Internet Explorer, etc.)

 

Comments/Reviews Cookie

If you leave a comment/review on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment/review. These cookies will last for one year.

Contempo Jewelers also uses Disqus embedded frame comments system. This third-party Disqus receives information and sends it to Google Analytics tracking. Please read Disqus.com privacy policy and terms and conditions for more information.

Account Cookie:

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Google Analytics cookies

These are set for monitoring and tracking visitors behavior on the site.

WordPress logged-in cookies

These are used by WordPress to authenticate logged-in visitors, password authentication and user verification as mentioned above.

AgileCRM cookies

These are used by the AgileCRM plugin to identify and track visitors and their behavior on the site, emails, and text communications that we send.

WooCommerce cookies

these are used by the WooCommerce plugin to track visitors and their purchased items in the cart.

W3 Total Cache cookies

these are used by W3 Total Cache plugin to monitor referrer and user identification for caching purposes.

GoDaddy/Sucuri cookies

these are used by GoDaddy / Sucuri to monitor referrer and user identification for caching purposes as well as website security and prevention purposes.

Analytics

GOOGLE ANALYTICS:  We use Google Analytics, an analytics service, to help us analyze the traffic on our Site. For more information on Google Analytics’ processing of Personal Information, please see “How Google uses data when you use our partners’ sites or apps.”

 

FACEBOOK (VISITOR ACTION PIXEL)

We use the “visitor action pixels” from Facebook Inc (1 Hacker Way, Menlo Park, CA 94025, USA, or, if you are based in the EU, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”)) on our website.

This allows user behavior to be tracked after they have been redirected to the provider’s website by clicking on a Facebook ad. This enables us to measure the effectiveness of Facebook ads for statistical and market research purposes. The data collected in this way is anonymous to us, i.e. we do not see the personal data of individual users. However, this data is stored and processed by Facebook, which is why we are informing you, based on our knowledge of the situation. Facebook may link this information to your Facebook account and also use it for its own promotional purposes, in accordance with Facebook’s Data Usage Policy https://www.facebook.com/about/privacy/. You can allow Facebook and its partners to place ads on and off Facebook. A cookie may also be stored on your computer for these purposes.

The legal basis for the use of this service is Art. 6 paragraph 1 sentence 1 letter f GDPR. You can object to the collection of your data by Facebook pixel, or to the use of your data for the purpose of displaying Facebook ads by contacting the following address: https://www.facebook.com/settings?tab=ads.

Facebook is certified under the Privacy Shield Agreement and thus guarantees compliance with European data protection legislation (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).

 

How we use collected personal data information

Contempo Jewelers collects and uses Users personal information for the following purposes:

  • To process transactions
  • We may use the information Users provide about themselves when placing an order only to provide service to that order. We do not share this information with outside parties except to the extent necessary to provide the service.
  • To administer a content, promotion, survey or other Site feature
  • To send Users information and tips
  • To send periodic emails The email address Users provide for order processing, will only be used to send them information and updates pertaining to their order unless the user consented to subscribe to our mailing list while placing and order during checkout.  A users email and information such as phone may also be used to respond to their inquiries, and/or other requests or questions. If User decides to opt-in to our mailing list, they will receive emails that may include company news, updates, related product or service information, etc. If at any time the User would like to unsubscribe from receiving future emails, we include detailed unsubscribe instructions at the bottom of each email or User may contact us via our Site. Our third parties that we use to send our email newsletters and messages to our users (Google GSuite Gmail, MailChimp and AgileCRM) also include detailed unsubscribe instructions at the bottom of each email or the user can contact them directly.
  • Provide support services.
  • Send administrative information, such as changes to our terms, conditions, and policies
  • Administer promotions or contests
  • Survey our customers to get valuable feedback to provide a better customer and user experience
  • Facilitate social sharing functionality
  • Analyze and monitor Services usage and to make improvements
  • Help secure the Services, prevent fraud and enforce our policies
  • Help personalize our Services
  • Communicate about other Contempo Jewelers services
  • Perform other activities with consent

We will only share Personal Information as described in this policy. Specifically,

We may share Personal Information:

  • As necessary to perform the Services and to complete payment transactions.
  • With companies and vendors that help us to operate our business by providing services such as website hosting, fraud screening, data analysis, information technology and related infrastructure provision, customer service, email delivery, auditing and other similar services.
  • With third parties that have contracted with Contempo Jewelers to perform certain functions on our behalf.
  • With third parties sponsor of promotions or contests where consent has been given.
  • Our authorized third party email, phone call, text message marketing and Customer Relationship Management tools such as MailChimp and AgileCRM.
  • Anonymous information with Facebook to provide a better shopping experience and display the product you like or have recently viewed.
  • To comply with law or other legal obligations such as responding to subpoenas, or other requests from public and government agencies, including laws and other legal obligations outside a party’s country of residence.
  • To protect our rights, operations or property, or that of our users.
  • To investigate, prevent, or take action regarding potential or suspected illegal activities, fraud, threats to the personal safety of any person, or violations of the Service’s terms and conditions.
  • With third party Payment Gateway / Payment Processors (Authorize.net, PayPal) companies that have an account to control, are controlled by, or are under common control with Contempo Jewelers that support the secure and encrypted transaction services on our website to place orders and provide a secure and safe experience to users.
  • With consent.

Please note that any information posted to public areas such as on our social media pages may be seen by other visitors.

Where we send your data

Visitor comments may be checked through an automated spam detection service via WordPress and GoDaddy/Sucuri or Automattic.

MailChimp & AgileCRM Email marketing messages & subscription

Under the GDPR we use the consent lawful basis for anyone subscribing to our newsletter or marketing mailing list. We only collect certain data about you, as detailed in the “Processing of your personal data” above. Any email marketing messages we send are done so through an EMS, email marketing service provider. An EMS is a third party service provider of software / applications that allows marketers to send out email marketing campaigns to a list of users.

Email marketing messages that we send may contain tracking beacons / tracked clickable links or similar server technologies in order to track subscriber activity within email marketing messages. Where used, such marketing messages may record a range of data such as; times, dates, I.P addresses, opens, clicks, forwards, geographic and demographic data. Such data, within its limitations will show the activity each subscriber made for that email campaign.

Any email marketing messages we send are in accordance with the GDPR and the PECR. We provide you with an easy method to withdraw your consent (unsubscribe) or manage your preferences / the information we hold about you at any time. See any marketing messages for instructions on how to unsubscribe or manage your preferences, you can also unsubscribe from all MailChimp lists, by following this link, to unsubscribe from AgileCRM, visit a link in the footer of an email or email us at info[@]contempojewelers.com otherwise contact MailChimp or AgileCRM provider.

Our EMS providers are; MailChimp & AgileCRM hold the following information about you within their EMS systems;

Email address

I.P address

Subscription time & date

Phone (if provided)

Your Name (if provided)

Product Category of past orders

Agile CRM Inc. (“Agile CRM” or “AgileCRM” or AgileCRM.com) is keen on data security as we are well aware that our users (you) care about how the personal information is used. Hosted on high performing Google & Amazon clouds, we assure you that all our customer information is held confidential. We never sell our customer list or our customer information. All the customer information collected such as name, email address, phone number, website, social media handles, mailing address, billing information or any other information related to third party integrations is collected for the sole purpose of providing best services to our customers and to update them of the improvements to our product and services.

We will send product updates, special offers or promotional notices via mail, email or voice broadcast, from time to time, to our customers and prospects who have expressed interest and requested such information. The customer/ prospect can always opt out from receiving such offers/ notifications by following the opt out link on the specific communication or by contacting Agile CRM directly.

GOOGLE ANALYTICS:  We use Google Analytics, an analytics service, to help us analyze the traffic on our Site. For more information on Google Analytics’ processing of Personal Information, please see “How Google uses data when you use our partners’ sites or apps.”

FACEBOOK (VISITOR ACTION PIXEL)

We use the “visitor action pixels” from Facebook Inc (1 Hacker Way, Menlo Park, CA 94025, USA, or, if you are based in the EU, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”)) on our website.

This allows user behavior to be tracked after they have been redirected to the provider’s website by clicking on a Facebook ad. This enables us to measure the effectiveness of Facebook ads for statistical and market research purposes. The data collected in this way is anonymous to us, i.e. we do not see the personal data of individual users. However, this data is stored and processed by Facebook, which is why we are informing you, based on our knowledge of the situation. Facebook may link this information to your Facebook account and also use it for its own promotional purposes, in accordance with Facebook’s Data Usage Policy https://www.facebook.com/about/privacy/. You can allow Facebook and its partners to place ads on and off Facebook. A cookie may also be stored on your computer for these purposes.

The legal basis for the use of this service is Art. 6 paragraph 1 sentence 1 letter f GDPR. You can object to the collection of your data by Facebook pixel, or to the use of your data for the purpose of displaying Facebook ads by contacting the following address: https://www.facebook.com/settings?tab=ads.

Facebook is certified under the Privacy Shield Agreement and thus guarantees compliance with European data protection legislation (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).

 

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Contact form / Request an Appointment

Information submitted through the contact forms on our site are sent to our company email, hosted by Gmail. Google adheres to the EU “Privacy Shield” policy and you can find more information about this here.

While we keep these submissions for customer service purposes they are never used for marketing purposes, unless the user consented to, or shared with third parties.

 

How long we retain your data

We adopt appropriate data cleaning regularly and safe practices.

 

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

 

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

If you make a purchase or had a service at our store. We are following the current data retention time periods on our servers. To provide and facilitate orders some information is shared with our third parties securely such as Authorize.net, MailChimp and AgileCRM in which you can still request an additional data deletion for from us or from them directly. We safely and securely have an account with them to provide a better customer and user experience, and can assist with deleting any data that we retain for a legitimate period of time.

 

For our website database (Hosted on secure GoDaddy servers) we retain data for the following::

Retain inactive accounts

13 Month(s)

Retain pending orders

90 Day(s)

Retain failed orders

90 Day(s)

Retain cancelled orders

90 Day(s)

Retain completed orders

4 Month(s)

How we protect your data/information

Powerful protection against the worst threats.

Most site owners aren’t aware of all these different below threats and protection measures, but we are – and we protect our site against each one of these below:

Malware infection Protection

The most common threat, malware is an overarching term that covers viruses, worms, Trojan horses, ransomware, spyware and more. Malware can erase all your data, steal customer information, infect your visitors – the possibilities are nearly endless. Our platform provides continuous malware monitoring, scanning and alerting to avoid loss of business or downtime.

Distributed Denial of Service (DDoS) Protection

This attack can bring down our site by overwhelming it with a flood of automated traffic. And every minute our site is down, you’re losing customers and sales. Our advanced security monitoring and Web Application Firewall (WAF) prevent this type of attacks.

Brute Force Protection

This is where an application cycles through every possible password combination until it finds one that works. From there, hackers can access your system, steal sensitive data and do pretty much whatever they want.

Injection Protection

With injection flaws, a hacker sends malicious data as part of a command or query that tricks the site into doing something it shouldn’t, such as giving the hacker your entire customer database.

Cross-site scripting (XSS) Protection

Commonly abbreviated as XSS, this attack sends user-supplied data to a web browser without validating it first. Hackers use these flaws to hijack users away from the site or deface it, costing the site owner to lose business.

Zero Day Protection

This is an attack that’s launched as soon as new vulnerability is discovered, before a patch is available. While these are impossible to predict, our WAF will virtually patch our site within moments of a Zero Day attack being disclosed

 

We utilize state of the art WAF malware protection, malware scans, removal and prevention measures to secure our website, data and any possible breach.

 

(WAF) intercepts and inspects incoming data and automatically removes malicious code.

 

Advanced Security Monitoring:

Through our third party providers  in use GoDaddy performs monitoring of (DNS, WHOIS, SSL) services to ensure our website visitors aren’t redirected to another site or tricked into giving their private information.   DNS, SSL scans are performed daily. Malware & Blacklist scans every 12 hours to be extra secure and safe.

 

Google Blacklist monitoring & removal:

Google is one of the top search engines in the world and is committed to providing its users a safe online experience. To achieve this, it has invested resources in identifying and flagging any potentially malicious websites. To help users know when they’re visiting a potentially malicious website they “blacklist” it. This is meant to deter the user from moving forward, notify the website owner, and simultaneously impede the attacker’s intentions. Navigating the various blacklisting and warnings can be time-consuming, and to help with this we’ve put together the following guide to assist.

As an extra layer of security the following blacklists are in use:

Google Safe Browsing

Norton Safe Web

PhishTank

Opera browser

SiteAdvisor

Sucuri Malware Labs blacklist

SpamHaus DBL

Yandex (via Sophos)ESET

 

Sites are blacklisted when authorities such as Google, Norton Safe Web, McAfee SiteAdvisor etc., find irregularities on a website that they deduce to be malware. Malware can come in many forms: trojan horses, phishing schemes, pharma hacks, email or information scraping. Most often, the website owner is not even aware that they have been hacked. However, it’s in the search engine’s best interest not to show infected results, as they don’t want to lose users due to these results putting their computer in harm’s way.

 

Secure Access Control – Whitelist IP Addresses

Only an administrative member of Contempo Jewelers or an authorized professional has pre-approved and whitelisted IP address approved by Contempo Jewelers in advanced with two factor authentication and security scans mentioned above, to protect and restrict access to any information on our site and servers.

 

We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorized access, alteration, disclosure or destruction of your personal information, username, password, transaction information and data stored on our Site.

Sensitive and private data exchange between the Site and its Users happens over a SSL secured communication channel and is encrypted and protected with digital signatures.

WE DO NOT sell, trade, or rent users personal information

We do not sell, trade, or rent Users personal identification information to others. We may share generic aggregated demographic information not linked to any personal identification information regarding visitors and users with our business partners, trusted affiliates and advertisers for the purposes outlined above. We may use third party service providers to help us operate our business and the Site or administer activities on our behalf, such as sending out newsletters or surveys. We may share your information with these third parties for those limited purposes provided that you have given us your permission.

 

What data breach procedures we have in place

 

Should our website experience a data breach, this will be immediately communicated to those users affected by the breach within a timely period of 72 hours.

 

Audit and log systems are in place on the above written “how we protect your data/information” section.

  • What IPs tried to access and were blocked, as well as device and other browser information to assist with security enhancement and preventative measures.

We immediately send a clean up/ remediation request. When malware is detected we immediately begin a cleanup request ticket initiation. From there our 24/7 security experts will start the remediation process within 12 hours or 30 minutes – depending on the plan. We keep you informed of progress so you’ll know when your site is clean.

 

Data breaches usually occur when the above “how we protect your data/information”’s powerful protection methods aren’t in place.    They can also occur if administrative account devices are accessed and that will not occur with our company processes and vetting of our staff members and security on the devices that access (Only authorized by our security settings location IP address is allowed access to the backend sensitive areas of our website, any of these devices that do access the backend of our site, has security and passwords in place to not allow any other user to simply log in and access.  Our devices are also scanned and checked for any possible tracking or key logging technology and cleaned and maintained regularly.

 

The above mentioned advanced security monitoring and dedicated expert support request is made for immediately removal of possible breach of site via malicious code, upload, login, malware, point of entry etc to secure it again. As well as our authorized site administrators and staff members of Contempo Jewelers immediately assisting.

 

Security

Keeping your information secure is of great concern to us. We exercise care in facilitating the transmission of information between your device or computer and our servers (or the third party servers that operate and store information for the Service). Any personally identifiable information collected by the Service is stored in operating environments that are not available to the public. While we have mechanisms in place to safeguard your personal information after we receive it, no transmission of data over the internet can be 100% secure.

 

Disclaimer. Due to the complexity and open nature of the Internet, no transmission of data over the Internet can be 100% secure. There is always a risk that information collected by and/or displayed on the Service may be compromised or accessed notwithstanding the steps we take to secure your information. For example, a third party may unlawfully intercept or access transmissions or private communications, or other users of the Service may abuse or misuse your personal information. Accordingly, you agree that you are providing such information at your own risk.

 

 

Changes to this privacy policy

Contempo Jewelers has the discretion to update this privacy policy at any time. When we do, revise the updated date at the bottom of this page,. We encourage Users to frequently check this page for any changes to stay informed about how we are helping to protect the personal information we collect. You acknowledge and agree that it is your responsibility to review this privacy policy periodically and become aware of modifications.

Your acceptance of these terms

By using this Site, you signify your acceptance of this policy and terms of service. If you do not agree to this policy, please do not use our Site. Your continued use of the Site following the posting of changes to this policy will be deemed your acceptance of those changes.

Information Disclosure

Affiliated Entities and Service Providers. We may disclose your information, including personal information, to any affiliated entity or organization, business partner, and to agents and service providers to help us operate the Service, improve our business or the Service, and to provide services to us. These third parties may include customer service providers, business or sales service providers, or providers that provide support for the Service.

Disclaimer. Due to the complexity and open nature of the Internet, no transmission of data over the Internet can be 100% secure. There is always a risk that information collected by and/or displayed on the Service may be compromised or accessed notwithstanding the steps we take to secure your information. For example, a third party may unlawfully intercept or access transmissions or private communications, or other users of the Service may abuse or misuse your personal information. Accordingly, you agree that you are providing such information at your own risk.

Children’s Privacy

The Service is Not for or Directed Towards Children. While the Service is not intended for anyone under the age of 18, we do not intend to and will not knowingly collect any personal information from children under the age of 13. Children under the age of 13 are prohibited from using the Service.

How we protect your data

Keeping your information secure is of great concern to us. We exercise care in facilitating the transmission of information between your device or computer and our servers (or the third party servers that operate and store information for the Service). Any personally identifiable information collected by the Service is stored in operating environments that are not available to the public. While we have mechanisms in place to safeguard your personal information after we receive it, no transmission of data over the internet can be 100% secure.

Notice to European Users

The Data Protection Act puts obligations on users of Personal Information and sets forth principles for its use. One principle states that information must be processed fairly and lawfully. This means that citizens of the European Union are entitled to know how we intend to use Personal Information. Details are publicly available at ico.org.uk

The Data Protection Act does not generally apply to data about limited companies or partnerships, but it does cover personal data relating to sole traders and partnerships. When we receive an application from a business, we may perform a search with a credit reference agency and fraud prevention agency on the individual company directors or partners.

Personal Information may be processed and stored by Contempo Jewelers or its affiliates, service providers or agents located in the United States and other countries. By providing Personal Information directly to Contempo Jewelers, you consent to the transfer of such information outside of the European Union and to its storage and use as described herein. Please see more information into our specific providers that is outlined in this privacy page (MailChimp, AgileCRM, Facebook, Google, etc.)

How to contact Contempo Jewelers regarding your privacy concerns and questions

If you have questions or comments about our privacy practices, or if you want Contempo Jewelers to correct your Information or request removal of your information that is stored on our GoDaddy secure servers or our third-parties (AgileCRM, MailChimp, Google Cloud Servers, Amazon AWS, etc.) please submit your request via message or in writing at:

Contempo Jewelers

486 Hempstead Turnpike,

West Hempstead, NY 11552

(516) 483-1900

info@contempojewelers.com