PRIVACY POLICY

Effective Date: [[YYYY-MM-DD]]
Last Updated: [[YYYY-MM-DD]]

This Privacy Policy explains how [[Company Legal Name]] ("JOILY", "we", "us", or "our") collects, uses, discloses, and protects your information when you visit [[https://www.joily.com]] and any related sites, mobile experiences, or services we control (collectively, the "Services"). This is a comprehensive template and should be reviewed by counsel to reflect your actual practices and applicable law in your markets.

1. Who We Are & Contact Details

  • Controller: [[Company Legal Name]], [[Registered Company Number if any]].
  • Registered Address: [[Street, City, State/Province, Postal Code, Country]].
  • Contact: [[support@joily.com]]
  • Data Protection Officer (if applicable): [[Name, dpo@joily.com]].

If you reside in the EEA/UK, JOILY is the controller of your personal data. If required, our EU/UK representative is: [[Representative Name & Address]].

2. Scope

This Policy applies to information we process when you:

  • browse or purchase on our storefront;
  • create or log into an account;
  • contact support, submit a warranty/repair request, or join our newsletter;
  • interact with our ads, social, or third-party tools integrated into our Services.

This Policy does not cover third-party websites, apps, or services linked from our Services.

3. Information We Collect

We collect information directly from you, automatically from your device, and from third parties.

3.1 Information You Provide

  • Account & Profile: name, email, phone, password, shipping/billing addresses, preferences.
  • Orders & Payments: items purchased, order number, delivery details, transaction totals. We receive a tokenized confirmation from payment processors (e.g., card last 4 digits) but do not store full card numbers.
  • Customer Support & Warranty: communications, photos/videos for sizing, defect diagnosis, or custom design, RMA details.
  • Marketing & Surveys: newsletter opt-ins, reviews, ratings, survey responses, giveaway entries.
  • Custom/Engraving Inputs: texts, symbols, ring sizes, design references you upload.

3.2 Information Collected Automatically

  • Device & Usage Data: IP address, device identifiers, browser type, language, referral/exit pages, date/time stamps, pages viewed, approximate geolocation, clickstream and conversion data.
  • Cookies & Similar Technologies: pixels, tags, local storage, SDKs used for site functionality, analytics, and advertising (see Cookie Notice below).

3.3 Information From Third Parties

  • Payment Processors: payment status, limited card details (type/last 4), dispute/chargeback info.
  • Fulfillment & Logistics Partners: shipment/tracking updates, delivery confirmations.
  • Marketing/Ad/Analytics Providers: audience and campaign performance data.
  • Anti‑Fraud Services: signals to prevent unauthorized transactions.

4. Purposes & Legal Bases (EEA/UK)

We process your information for the following purposes under these legal bases:

  • Provide the Services & fulfill orders (contract performance).
  • Account creation, authentication, and customer support (contract; legitimate interests).
  • Personalization & product recommendations (consent where required; legitimate interests).
  • Payments, fraud prevention, and security (legitimate interests; legal obligation).
  • Shipping, returns, warranty, and repairs (contract).
  • Analytics, reporting, and service improvement (legitimate interests; consent for non‑essential cookies).
  • Marketing communications (consent where required; opt‑out anytime).
  • Compliance with law, tax, accounting, and enforcement (legal obligation).
  • Vital interests in rare emergencies.

5. How We Share Information

We share information with:

  • Vendors/Processors acting on our behalf and under contract (e.g., ecommerce platform, payment processors such as [[Stripe/PayPal/Adyen]], cloud hosting/CDN, customer service tools, analytics such as [[Google Analytics]], marketing partners);
  • Logistics partners (e.g., DHL/UPS/local carriers) to deliver your orders;
  • Professional advisors (legal, tax, auditors) under confidentiality;
  • Authorities when required by law, to protect rights, safety, or investigate fraud;
  • Corporate transactions (merger, acquisition, financing, or sale) subject to appropriate safeguards.

We do not sell your personal information for money. Under US state privacy laws, certain analytics/advertising disclosures may be considered a “sale” or “sharing” of personal information; see Your Privacy Rights below for opt‑out options.

6. International Transfers

Your information may be transferred to and processed in countries outside your residence (e.g., to servers in [[Country]]). Where required, we use lawful transfer mechanisms such as Standard Contractual Clauses (SCCs) and implement appropriate safeguards.

7. Retention

We keep personal information for as long as necessary to fulfill the purposes above, including to meet legal, accounting, or reporting requirements. Typical periods (subject to change):

  • Orders & invoices: up to 7 years for tax/recordkeeping;
  • Customer service & warranty records: 24 months after last activity;
  • Marketing consents: until you withdraw consent or your email bounces;
  • Site logs & security events: 12 months unless needed longer.

8. Your Privacy Rights

Depending on your location, you may have the right to access, correct, update, delete, restrict, or object to processing; to data portability; and to withdraw consent.

  • EEA/UK: GDPR/UK GDPR rights; you may lodge a complaint with your local supervisory authority.
  • California (CPRA): right to know, delete, correct, opt‑out of sale/sharing, limit use of sensitive personal information, and non‑discrimination.
  • Canada/PIPEDA and other regions offer similar rights.

How to exercise: email [[privacy@joily.com]] with your request and residency. We may verify your identity and will respond within the time required by law.

Opt‑out of marketing: click "unsubscribe" in emails or contact us.
Cookie choices: use our Cookie Preferences tool or your browser settings.

9. Cookies & Similar Technologies (Cookie Notice)

We use cookies and similar technologies to:

  • Strictly Necessary: core site functions, cart, checkout, security;
  • Performance/Analytics: measure usage and improve experience;
  • Functionality: remember preferences (e.g., language, size);
  • Advertising/Retargeting: show relevant ads and measure campaigns;
  • Social Media: enable sharing and embedded content.

Where required, we request consent for non‑essential cookies. You can withdraw consent at any time via Cookie Preferences. Blocking some cookies may affect site functionality.

10. Children’s Privacy

The Services are not directed to children. We do not knowingly collect personal information from children under 13 (US) or under 16 (EEA/UK). If you believe a child provided information to us, contact [[privacy@joily.com]] to request deletion.

11. Security

We implement administrative, technical, and physical safeguards proportional to the nature of the data (e.g., encryption in transit, limited access, logging, secure development practices). No method of transmission or storage is 100% secure.

12. Do Not Track & Global Privacy Control

Our Services currently do not respond to browser Do Not Track signals. Where required by law, we honor Global Privacy Control (GPC) signals as a request to opt‑out of sale/sharing for the device/browser.

13. Automated Decision‑Making

We do not engage in automated decision‑making that produces legal or similarly significant effects without human involvement. Basic fraud screening and risk scoring may be used to protect our Services.

14. Third‑Party Links & Integrations

Our Services may include links to or integrations with third parties (e.g., payment gateways, social platforms). Their privacy practices are governed by their own policies.

15. Changes to This Policy

We may update this Policy from time to time. Material changes will be posted on this page with a new Effective Date. Where required, we will seek your consent to changes.

16. Contact Us

For any questions or requests, contact: [[support@joily.com]].
If you are in the EEA/UK, you may also contact our representative or lodge a complaint with your local data protection authority.

Annex A – CCPA/CPRA Category Mapping (Sample)

We collect the following categories of personal information as defined by the CPRA: Identifiers; Customer Records; Commercial Information; Internet/Network Activity; Geolocation (approximate); Inferences; and, where provided, Audio/Visual (e.g., photos for custom orders). We disclose these to service providers and contractors for business purposes as described above.