Privacy Policy

Effective date: 3 March 2026

1. Who We Are and How to Contact Us

This Privacy Policy explains how Manja Jewellery collects, uses, shares, and protects personal data when you visit or make a purchase from manjajewellery.com and when you otherwise interact with us.

For the purposes of applicable data protection laws, Manja Jewellery is the “data controller” of personal data processed via this website.

You can contact us about privacy matters at: privacy@manjajewellery.com

We have appointed a Data Protection Officer (DPO). You can reach our DPO at: privacy@manjajewellery.com

2. Scope

This Policy applies to personal data we process when you:

  • Browse manjajewellery.com (the “Website”);
  • Create an account, place an order, or request delivery/returns support;
  • Subscribe to marketing communications, enter promotions, or leave reviews;
  • Contact us by email or other channels; and
  • Interact with our ads, social media pages, and analytics tools connected to the Website.

This Policy does not cover the privacy practices of third parties we do not control, including external websites or services you may access through links or integrations. Their policies apply to their processing.

3. Personal Data We Collect

3.1 Data you provide to us

  • Identity and contact details: name, email address, phone number, billing and shipping addresses.
  • Account details: username, password (stored in hashed form), preferences, saved items, order history.
  • Orders and customer service: items purchased, returns, refund details, communications with our support team.
  • Marketing and communications: your subscription status and marketing preferences.
  • Content you provide: product reviews, ratings, questions, and other user-generated content.

3.2 Data collected automatically

  • Device and usage data: IP address, device identifiers, browser type and version, operating system, language, pages viewed, time spent, clickstream, referring/exit pages, and approximate location derived from IP.
  • Cookies and similar technologies: cookies, pixels, tags, and SDKs to remember your settings, keep you signed in, measure site performance, prevent fraud, and personalize content and ads. See Section 5.

3.3 Data from third parties

  • Payment providers and e-commerce platforms: payment status and limited card details (e.g., last four digits, card type) — we do not receive or store full card numbers.
  • Delivery and logistics partners: delivery status and updates.
  • Analytics, advertising, and anti-fraud partners: aggregated insights, audience segments, and risk assessments.
  • Social media platforms: if you interact with our content or choose to log in via a social account, we may receive certain profile information as permitted by the platform’s settings.

We do not intentionally collect special categories of data (sensitive personal data). Please do not provide such information via the Website or support channels.

4. Purposes and Legal Bases for Processing

We process personal data for the purposes and under the legal bases listed below (EEA/UK/Swiss users):

  • To operate the Website and provide our services (create/manage accounts, process and fulfill orders, provide customer support, handle returns and warranties). Legal basis: performance of a contract and steps prior to entering into a contract.
  • To take payment and prevent fraud and abuse. Legal basis: performance of a contract; compliance with legal obligations; and our legitimate interests in preventing fraud and ensuring network and information security.
  • To communicate with you about orders, account updates, and service notices. Legal basis: performance of a contract and our legitimate interests in effective service administration.
  • To send marketing communications and personalize content and offers, where permitted. Legal basis: your consent where required; otherwise our legitimate interests in promoting our business. You can withdraw consent or object to marketing at any time (see Section 10 and 14).
  • To run analytics, improve and secure our Website, and develop new products. Legal basis: our legitimate interests in understanding performance, enhancing user experience, and maintaining security.
  • To comply with legal and tax obligations, respond to lawful requests, and establish, exercise, or defend legal claims. Legal basis: compliance with legal obligations and our legitimate interests.

5. Cookies and Similar Technologies

We use first-party and third-party cookies, pixels, and similar technologies to:

  • Essential: enable core functions such as page navigation, shopping cart, checkout, and security.
  • Performance/analytics: measure and improve site performance and understand how visitors use our Website.
  • Functional: remember choices (e.g., language, region) and provide enhanced features.
  • Advertising/targeting: deliver, measure, and improve advertising and limit repetition of ads.

Where required, we obtain your consent before setting non-essential cookies. You can withdraw or change your consent at any time by adjusting your browser settings to block or delete cookies or by revisiting your cookie preferences using your browser’s clear-cookies function and reloading the site. Blocking some cookies may affect site functionality. Do Not Track signals are not consistently honored across the industry; we may not respond to them, but you can use the controls above to manage tracking technologies.

6. When and With Whom We Share Personal Data

We share personal data only as necessary and in accordance with this Policy:

  • Service providers acting on our behalf, such as website hosting, IT support, payment processing, order fulfillment, logistics and delivery, communications, analytics, advertising, and fraud prevention. These providers are bound by contracts to use personal data only as instructed and to protect it appropriately.
  • Business partners involved in co-branded initiatives or promotions you choose to join.
  • Authorities, regulators, and legal advisors where required by law or to protect our rights or the rights of others.
  • Corporate transactions: in connection with any merger, acquisition, asset sale, financing, or similar event, subject to appropriate confidentiality and data protection safeguards.

We do not sell personal information for money. We may “share” identifiers and internet activity with advertising partners for cross-context behavioral advertising as defined by certain laws (for example, in California). You can opt out of such sharing as described in Sections 5, 10, and 14.

7. International Data Transfers

We may transfer personal data to countries outside your country of residence, including outside the UK, EEA, or Switzerland. Where we do so, we ensure appropriate safeguards are in place, such as adequacy decisions or standard contractual clauses (and, where applicable, the UK Addendum/IDTA), supplemented by transfer risk assessments and technical/organizational measures as needed.

8. Data Retention

We retain personal data only for as long as necessary for the purposes described in this Policy, including to satisfy legal, accounting, or reporting requirements. Typical retention periods include:

  • Orders, invoices, and related records: up to 7 years for tax and accounting obligations.
  • Customer accounts: for the life of the account and up to 24 months after inactivity or closure, unless longer retention is required by law or for legal claims.
  • Customer service correspondence: up to 36 months after resolution.
  • Marketing data: until you unsubscribe or object, or up to 24 months after last interaction.
  • Technical logs and analytics: 12–24 months, depending on the tool and purpose.

When retention is no longer necessary, we will delete or anonymize the data.

9. Data Security

We implement appropriate technical and organizational measures designed to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. Measures include secure transport (TLS) of data in transit, access controls, role-based permissions, encryption and pseudonymization where appropriate, regular security updates, and staff training. No system is completely secure; if we become aware of a data breach that poses a high risk to your rights and freedoms, we will notify you and the relevant authorities as required by law.

10. Your Privacy Rights

10.1 EEA, UK, and Swiss residents

You have the right to: (a) access your personal data; (b) request rectification of inaccurate data; (c) request erasure; (d) restrict or object to processing, including objection to processing based on legitimate interests and to direct marketing; (e) data portability; and (f) withdraw consent at any time, without affecting the lawfulness of processing before withdrawal. You also have the right to lodge a complaint with your local supervisory authority. In the UK, this is the Information Commissioner’s Office (ICO).

10.2 California residents

Under the California Consumer Privacy Act (as amended by the CPRA), you have the right to: (a) know the categories of personal information we collect, the purposes, and the categories of third parties with whom we share it; (b) access and obtain a copy of specific pieces of personal information; (c) request deletion; (d) request correction of inaccurate information; (e) opt out of “sales” or “sharing” for cross-context behavioral advertising; (f) limit the use and disclosure of sensitive personal information (to the extent we collect it, which we generally do not); and (g) be free from discrimination for exercising your rights.

We do not sell personal information for monetary consideration. We may share identifiers and internet activity with advertising partners for cross-context behavioral advertising; you can opt out as described in Sections 5 and 14.

10.3 Other jurisdictions

Depending on your location, you may have similar rights under local laws. We will honor applicable rights requests in accordance with the law.

11. Marketing Communications

Where permitted, we may send you marketing emails about products, services, and offers. You can opt out at any time by using the unsubscribe option in our emails or by contacting us at privacy@manjajewellery.com. Even if you opt out, we may still send service and transactional messages (e.g., order updates).

12. Children’s Privacy

Our Website is not intended for children, and we do not knowingly collect personal data from individuals under 16. If you believe a child has provided personal data, please contact us so we can delete it.

13. Automated Decision-Making and Profiling

We may use limited profiling to personalize content and marketing and to assess fraud risk. We do not engage in automated decision-making that produces legal effects concerning you or similarly significantly affects you without human involvement.

14. How to Exercise Your Rights and Manage Preferences

To exercise your privacy rights or make a request under Sections 10 and 11, contact us at privacy@manjajewellery.com. To protect your privacy, we may need to verify your identity (for example, by asking you to confirm your email address, recent order number, or other details). Authorized agents may submit requests on behalf of California residents if they provide proof of authorization and we can verify the requester’s identity.

To manage cookies and advertising preferences, adjust your browser settings to block or delete cookies, or clear your cookies and revisit the Website to update your preferences. See Section 5 for more details.

15. International Users

By using the Website from outside your home country, you acknowledge that your personal data may be processed in countries with different data protection standards. We will put in place appropriate safeguards for such transfers as described in Section 7.

16. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we do, we will revise the “Effective date” at the top. If changes are material, we will provide additional notice as required by law (for example, by email or a prominent notice on the Website). Your continued use of the Website after the effective date of an updated Policy constitutes your acknowledgment of the changes.

17. Contact and DPO

If you have questions about this Policy, our data practices, or your rights, please contact our Data Protection Officer at: privacy@manjajewellery.com

About The Editorial Team Terms of Service Legal Notice Privacy Policy Sitemap Contact
© 2026 Manja Jewellery