Ace Jewellery t/a Palgrange Ltd – Privacy & Data Protection Notice – for Ace Jewellery Website (

V1 – 24/05/2018

Ace Jewellery is committed to protecting your privacy, whether as a member of staff, client, stakeholder, supporter, supplier, or visitor to this website.  This Privacy Notice explains what personal data we may collect, how we use it and how we ensure it is kept secure.

Ace Jewellery is the Data Controller for all the personal data which it collects for various reasons and this is held electronically on various computer and/or laptops, in paper files, or both.  All personal data which we collect will be used and protected in accordance with our Data Protection and Information Governance Policy.  We are responsible for complying with all data protection legislation including the General Data Protection Regulation (GDPR), which came into force on 25 May 2018.


What is Personal Data?

Personal data is any information which relates to and identifies a living person, for example, name, address, bank details, CCTV images, computer IP address, email address.

Some types of personal information are classified as ‘sensitive personal data’ and this includes (but is not exclusive to) name, address, email address, data of birth, and sensitive information such as marital status.

Any organisation which processes personal data must have a lawful basis for doing so.  Ace Jewellery uses various legal bases for processing personal data and these are detailed in our Privacy Policy, a copy of which is available on request.


How Ace Jewellery collects information

Ace Jewellery may collect personal information in the following ways:

  • Directly from you – use any of our jewellery services or make a purchase in our shop
  • From other organisations, with your permission – for example if the police or other government agency makes a referral to us for crime prevention issues
  • Publicly available information – we may use data freely available to the public, such as within the criminal courts system or published in articles
  • Indirectly from you – if you contact us via email, telephone or in writing, your information may be shared with us with your consent
  • From organisations, without consent – for example if there is a legal reason to do so, for example a legitimate request from the police or other government agency


What information does Ace Jewellery collect and why?

Ace Jewellery needs to collect personal data in order to fulfil its role as an employer, and in our work to provide various jewellery services.

Some information is collected because it is in our legitimate interest to process the data and in this situation we always balance this against your rights as an individual.  We ensure that we only use personal data for a purpose that you would reasonably expect.  Other data will be collected with the consent of the individual concerned.

Detailed below are the types of personal data which we collect and the reasons, or legal basis, for doing so: 

  • We are required to collect information on staff that is necessary to fulfil our role as an employer.  We will also collect personal data from prospective employees to process the application.  
  • Data relating to people who chose to use certain jewellery services that we provide are collected to enable us to make the necessary contact with them.  
  • Name and contact details will be taken for people who ask us to provide jewellery services, such as jewellery valuations.  Consent will always be asked when collecting this information.
  • We use CCTV at our shop at 1 Lands Lane Leeds LS1 4AW for crime prevention purposes. We have a separate CCTV policy.
  • Bank details will be processed from suppliers of goods and services to Ace Jewellery and for customers in our shop who make a card payment.  This data is required to fulfil the contract of making the purchase.
  • Some partly anonymised data will be used for testimonials displayed on our website.  No individuals will be uniquely identifiable from data used for this purpose.


Is my data secure with Ace Jewellery?

In short, yes it is.  Personal data may be stored on paper, electronically on computers and/or laptops.  We make sure that all personal data is held in a secure way (via a cloud-based system) and only relevant and appropriate people will be able to access it.  Detailed below are some examples of how we keep information secure:

  • Access to personal data is restricted on a ‘need to know’ basis. 
  • Data stored electronically will be password protected and only appropriate staff will have access.
  • All staff are fully trained in how to handle personal data including when and how it can be shared.
  • Ace Jewellery’s systems have full IT security protection, including firewalls and encryption.

All personal data held by Ace Jewellery is stored on systems in the UK.  No data is held or stored outside the UK. Personal data will be retained by Ace Jewellery for a minimum period of time in accordance with applicable legislation.  Data which is no longer required will be securely deleted and disposed of.


Who does Ace Jewellery share information with?

Ace Jewellery uses various other organisations to help deliver support and to assist with our legal obligations by processing data on our behalf.  Where we deliver services and contracts in partnership with others, these companies are also known as Data Controllers. They have agreements with us about the types of data we hold and share to be able to offer services. We also work with other companies who process data on our behalf, these companies are known as Data Processors.  Your data may be shared with all or some of these organisations and it will only be shared if it is necessary to complete our obligations.  

For example, individuals who provide us with their personal details for the purpose of us contacting them after they have requested to use one of our jewellery services, may have their data shared with another company to enable us to carry out that service. When Ace Jewellery shares personal information with another organisation, we will always have an agreement in place to ensure that they comply with all data protection law. Where this is necessary this will be explained to you when you request the service, and you can give or withdraw your consent to share data with other companies at any time.

On a rare occasion it may be necessary for us to share personal information without consent if we are required to do so by a court order or if there are other valid reasons, such as crime prevention or suspected unlawful activity.  If this happens, then we will record our reasons for doing so and details of the information we have shared.  We may or may not be permitted to tell you what we have done, depending on the guidance from the lawful government agency.


We never sell your personal information on to anyone else. It’s your personal data!

The data we hold is about you and the law gives you rights about what we can do with your information:

  • Consent

You can give or withdraw consent for Ace Jewellery to share your personal data at any time.  As mentioned previously, this will also be explained to you when you request our services. There may be circumstances in which we have to override your consent, but reasons for this will be always explained to you.

  • Subject Access Request

You can ask for all the information we hold about you and this is called a ‘Subject Access Request’.  These requests can be in writing or verbally, so please ask about our Responding to Requests for Information Procedure.  If you ask to see your data, we will provide your information within one month of receipt of the request.There may be some parts of your data which we would not be able to let you see and this could include information which could reveal certain price sensitive information about one of the services we provide to you. This will be explained to you.

  • Inaccurate information

If you think that any of the data we hold is wrong, please let us know by contacting us via email address, in writing or verbally.

  • Right to be forgotten

It is possible to ask for all your personal information to be deleted from Ace Jewellery’s records.  Requests for your data to be deleted should be made to the Data Controller.

There may be some reasons why we are unable to delete all your personal information, for example, if we are required to keep it by law. In these circumstances we will inform you that we are unable to do so.


Cookies and our website

Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site. 

We use traffic log cookies to identify which pages on the website are being used.  This helps us analyse data about web page traffic and improve our website and we need to use it for statistical analytical purposes and then the data is removed from the system.

Most web browsers allow some control of most cookies and this is done through the internet browser settings.  To find out more about cookies, visit or

Our website may contain links to other websites which may be of use to you.  This privacy notice only applies to this website so when you link to another website, you should also read their own privacy notices.


How to contact us

If you have any concerns or worries about how your personal data is being processed by us, please contact us by clicking here (online contact form), or by writing to us at the following address:

Ace Jewellery t/a Palgrange
1 Lands Lane
West Yorkshire

Tel: 0113 245 4040
Fax: 0113 243 2183

Further information about privacy and personal data

If you would like to get independent advice about data protection, data sharing issues or privacy, or lodge a complaint about how we process your data, you can contact the Information Commissioner’s Office (ICO) at the following address:

Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

Tel: 0303 123 1113 (local rate) or 01625 545 745 if you prefer to use a national rate number

Date approved:           24 May 2018

Review Date:               23 May 2022