Privacy Policy
Your privacy is important to us. This policy explains how we collect, use, and protect your personal information when you use our services.
Last updated: June 12, 2026
Quick Navigation
πPrivacy Overview
At Grown Gem, we respect your privacy and are committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, make purchases, or interact with our services.
We believe in transparency about our data practices and your rights. This policy applies to all information collected through our website, mobile applications, customer service interactions, and related services.
Our Commitment
We never sell your personal information to third parties. We use your data only to provide better service, process your orders, and improve your shopping experience.
πInformation We Collect
Personal Information You Provide
Account Information
- β’ Full name
- β’ Email address
- β’ Password (encrypted)
- β’ Phone number
- β’ Date of birth (optional)
Billing & Shipping
- β’ Billing address
- β’ Shipping address
- β’ Payment information
- β’ Purchase history
- β’ Order preferences
Communication Data
- β’ Customer service inquiries
- β’ Live chat conversations
- β’ Survey responses
- β’ Product reviews
- β’ Marketing preferences
Bespoke Orders
- β’ Design specifications
- β’ Uploaded files (CAD, images)
- β’ Project requirements
- β’ Budget information
- β’ Timeline preferences
Information Automatically Collected
- Device Information: IP address, browser type, operating system, device identifiers
- Usage Data: Pages viewed, time spent, click patterns, search queries
- Location Data: General location based on IP address (not precise GPS)
- Shopping Behavior: Cart contents, wishlist items, browsing history
- Performance Data: Website loading times, error reports, feature usage
Information from Third Parties
- Payment Processors: Transaction verification and fraud prevention data
- Shipping Partners: Delivery status and tracking information
- Social Media: Profile information when you connect social accounts
- Analytics Providers: Aggregated usage statistics and trends
- Marketing Platforms: Campaign performance and engagement metrics
βοΈHow We Use Your Information
Primary Uses
Order Processing
- β’ Process and fulfill orders
- β’ Handle payments securely
- β’ Arrange shipping and delivery
- β’ Send order confirmations
- β’ Provide customer support
Account Management
- β’ Create and maintain accounts
- β’ Authenticate users
- β’ Store preferences
- β’ Manage wishlists
- β’ Track order history
Service Improvement
- β’ Analyze usage patterns
- β’ Improve website functionality
- β’ Develop new features
- β’ Optimize user experience
- β’ Fix technical issues
Communication
- β’ Send transactional emails
- β’ Provide customer support
- β’ Send marketing messages
- β’ Share product updates
- β’ Conduct surveys
Legal Basis for Processing (GDPR)
Contractual Necessity
Processing required to fulfill your orders and provide services
Legitimate Interest
Improving services, fraud prevention, and security
Consent
Marketing communications and optional features
Legal Compliance
Meeting legal and regulatory requirements
π€Information Sharing
We Never Sell Your Data
We do not sell, rent, or trade your personal information to third parties for their marketing purposes. Your data is used solely to provide and improve our services.
When We Share Information
Service Providers
We share information with trusted partners who help us operate our business:
- β’ Payment Processors: Stripe, PayPal for secure transactions
- β’ Shipping Companies: FedEx, UPS for order fulfillment
- β’ Email Services: Automated transactional emails
- β’ Analytics: Google Analytics for website optimization
- β’ Customer Support: Help desk and chat platforms
- β’ Cloud Storage: Secure data hosting and backup
Legal Requirements
We may disclose information when required by law or to protect our rights:
- β’ Compliance with legal processes (subpoenas, court orders)
- β’ Government requests for law enforcement purposes
- β’ Protection against fraud, security threats, or illegal activity
- β’ Enforcement of our Terms and Conditions
- β’ Protection of rights, property, or safety of users
Business Transfers
In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new entity. We will notify you before your information becomes subject to a different privacy policy.
Data Protection Measures
- All service providers sign strict data processing agreements
- Regular audits of third-party security practices
- Minimal data sharing - only what's necessary for the service
- Encryption in transit and at rest for sensitive information
- Regular review and termination of unnecessary data sharing relationships
π‘οΈData Security
Security Measures
Technical Safeguards
- β’ SSL/TLS encryption for all data transmission
- β’ Advanced firewall protection
- β’ Regular security scans and penetration testing
- β’ Secure cloud infrastructure
- β’ Encrypted data storage
Administrative Controls
- β’ Limited access to personal information
- β’ Employee background checks
- β’ Regular security training
- β’ Incident response procedures
- β’ Data access logging and monitoring
Physical Security
- β’ Secure data center facilities
- β’ Restricted access controls
- β’ 24/7 monitoring and surveillance
- β’ Environmental controls
- β’ Backup and disaster recovery
Payment Security
- β’ PCI DSS compliance
- β’ Tokenized payment processing
- β’ No storage of full credit card numbers
- β’ Fraud detection systems
- β’ Secure payment gateways
Security Incident Response
In the unlikely event of a security incident, we have procedures in place to:
- β’ Immediately contain and assess the incident
- β’ Notify affected users within 72 hours
- β’ Work with law enforcement if necessary
- β’ Implement additional safeguards to prevent recurrence
- β’ Provide support and resources to affected users
Your Role in Security
- Use strong, unique passwords for your account
- Enable two-factor authentication when available
- Keep your contact information updated
- Report suspicious activity immediately
- Log out of shared or public computers
- Keep your devices and browsers updated
π§Marketing Communications
Types of Communications
Transactional Emails
Essential communications about your orders:
- β’ Order confirmations
- β’ Shipping notifications
- β’ Account updates
- β’ Password resets
- β’ Customer service responses
*These cannot be unsubscribed from as they're essential for service
Marketing Emails
Promotional content you can opt into:
- β’ New product announcements
- β’ Special offers and discounts
- β’ Jewelry care tips
- β’ Industry news and trends
- β’ Personalized recommendations
*Easy unsubscribe option in every email
Consent and Preferences
How We Obtain Consent
- Account Registration: Opt-in checkbox for marketing communications
- Checkout Process: Optional newsletter subscription
- Website Forms: Explicit consent for specific communications
- Double Opt-In: Email confirmation for newsletter subscriptions
Personalization
We use your purchase history, browsing behavior, and preferences to send relevant content. This includes:
- Product recommendations based on your interests
- Special offers for items in your wishlist
- Birthday and anniversary reminders
- Size-specific promotions based on past purchases
- Styling tips for your jewelry collection
Opting Out
Multiple Ways to Unsubscribe
- β’ Email Links: One-click unsubscribe in every marketing email
- β’ Account Settings: Manage preferences in your account dashboard
- β’ Customer Service: Contact us to update your preferences
- β’ Preference Center: Choose specific types of communications
Processing opt-out requests may take up to 48 hours. You may still receive transactional emails related to your orders.
CAN-SPAM Compliance
- Clear identification of emails as advertisements
- Truthful subject lines and sender information
- Valid physical business address in every email
- Honor opt-out requests within 10 business days
- Monitor third-party marketing on our behalf
βοΈYour Rights & Choices
Your Privacy Rights
Access & Transparency
- β’ Right to Know: What personal information we collect
- β’ Data Access: Request a copy of your personal data
- β’ Processing Purposes: Understand how we use your information
- β’ Third Parties: Know who we share data with
Control & Correction
- β’ Data Correction: Update inaccurate information
- β’ Preference Management: Control marketing communications
- β’ Account Settings: Modify privacy preferences
- β’ Consent Withdrawal: Revoke previously given consent
Deletion & Portability
- β’ Right to Delete: Request removal of personal data
- β’ Data Portability: Export your data in a readable format
- β’ Account Closure: Delete your account and associated data
- β’ Processing Restriction: Limit how we use your data
Objection & Complaints
- β’ Processing Objection: Object to certain data uses
- β’ Automated Decisions: Request human review
- β’ File Complaints: Contact supervisory authorities
- β’ Legal Remedies: Seek compensation for damages
How to Exercise Your Rights
Contact Methods
Live Chat
Available on our website
Account Settings
Manage preferences online
Response Timeline
- β’ Standard Requests: Response within 30 days
- β’ Complex Requests: May require up to 60 days with notification
- β’ Urgent Matters: Priority handling for security concerns
- β’ Verification Process: Identity confirmation may be required
Limitations and Exceptions
While we honor your privacy rights, some limitations may apply:
- Legal obligations may prevent deletion of certain records
- Legitimate business interests may require data retention
- Technical limitations may affect immediate data removal
- Security measures may require identity verification
- Some requests may incur reasonable administrative fees
ποΈCalifornia Privacy Rights (CCPA/CPRA)
California Consumer Privacy Act (CCPA)
California residents have additional privacy rights under the California Consumer Privacy Act and California Privacy Rights Act (CPRA). These rights are in addition to any other rights you may have.
California-Specific Rights
Information Rights
- β’ Right to know what personal information is collected
- β’ Right to know if personal information is sold or shared
- β’ Right to know business purposes for collection
- β’ Right to access personal information
Control Rights
- β’ Right to delete personal information
- β’ Right to opt-out of the sale of personal information
- β’ Right to limit use of sensitive personal information
- β’ Right to non-discrimination for exercising rights
Categories of Personal Information
We Collect:
- β’ Identifiers (name, email, phone)
- β’ Commercial information (purchase history)
- β’ Internet activity (browsing behavior)
- β’ Geolocation data (general location)
- β’ Audio/visual data (customer service calls)
Sensitive Information:
- β’ Payment information (tokenized)
- β’ Account login credentials
- β’ Personal communications
- β’ Precise geolocation (with consent)
Do We "Sell" Personal Information?
No, We Do Not Sell Personal Information
We do not sell personal information as traditionally understood. However, under the broad CCPA definition, some data sharing activities might be considered "sales":
- β’ Advertising Cookies: Some marketing cookies may be considered data sharing
- β’ Analytics: Sharing with analytics providers for website optimization
- β’ Social Media: Pixels and plugins for social media advertising
You can opt-out of these activities using our "Do Not Sell My Personal Information" link or cookie settings.
Exercising California Rights
How to Submit Requests
- β’ Email: privacy@growngem.com with "California Privacy Request" in subject
- β’ Phone: (954) 278-6000 (ask for privacy team)
- β’ Online Form: Privacy request form on our website
- β’ Mail: 10120 South Eastern Ave, Suite 200, Henderson, NV 89052
Verification Process
To protect your privacy, we verify the identity of individuals making privacy requests:
- Matching at least two data points we have on file
- Additional verification for sensitive information requests
- Authorized agents must provide written authorization
- Response provided to verified email address or phone number
Non-Discrimination
We will not discriminate against you for exercising your California privacy rights. We will not:
- Deny goods or services to you
- Charge different prices or rates
- Provide different levels or quality of service
- Suggest that you will receive different treatment
πContact Us About Privacy
Privacy Team Contact
π§ Email Support
Privacy Inquiries:
privacy@growngem.com
General Support:
support@growngem.com
Response within 24-48 hours
π± Phone Support
Monday - Friday: 9 AM - 6 PM PST
Saturday: 10 AM - 4 PM PST
Ask for "Privacy Team"
Mailing Address
π Privacy Officer
Grown Gem - Privacy Department10120 South Eastern Ave, Suite 200
Henderson, NV 89052
United States
Data Protection Officer
For EU residents or complex privacy matters, you can contact our Data Protection Officer directly:
Email: dpo@growngem.com
Subject Line: "DPO - [Your Privacy Concern]"
What to Include in Your Privacy Request
- Clear Request: Specify what privacy right you're exercising
- Identity Information: Name and email address associated with your account
- Account Details: Order numbers or account information for verification
- Specific Details: What information you want accessed, corrected, or deleted
- Preferred Response: How you'd like to receive our response
Supervisory Authorities
If you're not satisfied with our privacy practices, you have the right to file a complaint with relevant supervisory authorities:
EU Residents
Contact your local Data Protection Authority or the lead supervisory authority in your country.
California Residents
California Attorney General's Office Privacy Unit
We're Here to Help
We take your privacy seriously and are committed to addressing your concerns promptly and thoroughly. Don't hesitate to reach out with any questions about our privacy practices or your data rights.