Privacy Policy

Respecting your privacy and ensuring the confidentiality of your information is simply part of what we do.

This page explains how we manage and protect your personal information within the framework of the General Data Protection Regulation (GDPR) and Data Protection Act 2018 (DPA).

Website Security
The WOOLTON & HEWITT website is protected by DigiCert, a leading provider of online security. Combined with PayPal's state-of-the-art checkout and payment system, you can use our online services with confidence.

Click the padlock
To confirm our website is genuine click on the small padlock and make sure it says ""
Also look for the words "connection is secure". This means that you have a secure encrypted connection to our website.

security message from DigiCert confirming

Section 1: General Statement of Principles and Scope

1.1 Introduction
We know that your privacy is important. We have to process some of your personal information as part of our jewellery business and we will take all reasonable steps to keep it secure and confidential at least to the extent required by law.

1.2 Personal Data and the Data Subject
Personal Data is any information related to a data subject that can be used to directly or indirectly identify the person. And a Data Subject is an individual person who is the subject of the personal data. In the normal course of business we may collect personal data that includes your name, home and/or work address, email address and telephone numbers.

1.3 Data Protection Controller
As a small business we take responsibility as the Data Protection Controller (DPC) and will endeavour to ensure that all personal data is processed in compliance with this policy and the law. The DPC may be contacted by on any matters relating to this privacy and information management:

1.4 The Principles

1.4.1 We will take all reasonable actions to comply with the principles of the GDPR / DPA to ensure your personal data is:
- Processed lawfully, fairly and in a transparent manner;
- Collected for specified, explicit and legitimate purpose;
- Adequate, relevant and limited to what is necessary;
- Accurate and, where necessary, kept up to date;
- Kept in a form which permits identification of data subjects for no longer than is necessary;
- Processed in a manner that ensures appropriate security of the personal data.

1.4.2 In relation to your personal data, you have:
- The right to be informed;
- The right of access;
- The right to rectification;
- The right to erasure;
- The right to restrict processing;
- The right to data portability;
- The right to object;
- Rights in relation to automated decision making and profiling.

Section 2: Collecting and Using Your Data

2.1 Retention of Non-Customer Details
When you contact us to request, for example, a sample or sizers, a bespoke design, or a private appointment, you will need to provide some personal data. This is provided by you and will be used solely to fulfill your specific request(s) and, as appropriate, for the purposes explained below. To facilitate continuity over the wedding planning process personal data that we hold will be retained for 18 months from the date of the last communication. If, at that point, you not made a purchase all of your personal data will be securely destroyed.

2.2 Retention of Customer Details
When you place an order the personal data provided by you and will be used solely to fulfill the contract and, as appropriate, for the purposes explained below. In order to honour our warranty, and for formal record keeping, we will retain your personal data and order details for 10 years.

2.3 Third Party Disclosure
We will never disclose your personal data to a third party for marketing purposes. To supply goods you have purchased, and in the normal conduct of business, it may be necessary to pass on to a third party some of your personal data in the following circumstances:

2.3.1 Delivery Companies
For the purpose of delivery some personal data will be made available to the Royal Mail or other delivery company:
- UK customers - your name and address only.
- Overseas customers - your name and address, email address and telephone number. Due to the official nature of importation all of your delivery details and description of goods may be accessed by the relevant Customs authority and related agencies.

2.3.2 Fraud Prevention & Debt Recovery
On rare occasions it may be necessary to share your information with organisations such as law enforcement agencies, financial institutions, and law firms. This is out of the ordinary and would only happen:
- To detect and prevent fraud.
- To comply with law and regulations.
- To trace and recover money owed to us.

2.4 External Processors

2.4.1 PayPal - Online payments are made using PayPal's state-of-the-art secure payments system. We do not collect, store nor have any access to your credit or debit card details. Following payment, PayPal provide us with your contact details so we can complete your order. For full details see the PayPal Privacy Policy.

2.4.2 Banks - You may choose to make a payment to us via your bank which results in the minimum of personal data being shared with us. These transnational details are kept secure by the banks' own systems and policies.

2.4.3 Website & Email - The hosting facilities for our website and email services are located in the United Kingdom. We regularly check that our provider confirms their compliance with best practice data protection and the law.

2.4.4 Google Analytics - We use this service on our website to track clicks from Google sponsored links and to provide site usage data. This helps us to measure the performance of the site. For more details see the Google Privacy Policy.

2.4.5 Google Ads - To help couples find us we run ads using Google services. We do not share any personal data with Google. Google takes privacy and compliance very seriously, for more detail see the How Google Ads Work.

2.4.6 Courier Companies - We may use a courier company such as FedEx to delivery your rings to you. To perform their function they will require your name and address, email address and telephone number, along with a description of the items purchased and their value. The courier company will use robust systems to manage and secure your personal data. Where items are exported these details will be, as required by law, shared with the UK Customs Authority and the Customs agency of your country. For more information, as an example, please see the FedEx Privacy Notice.

Section 3: Managing Your Data

3.1 Rights of Access to Information
You have the right of access to any of your personal information held by us. Such a request should be made in writing and sent to our address given on the Contact Us page of this website. We will endeavour to respond quickly but in any event within one month.

3.2 Accuracy
We will endeavour to ensure that all personal data held in relation to all data subjects is accurate. You have the right in some circumstances to request that inaccurate information about them is erased.

3.3 Data Security
We will take appropriate technical and organisational steps to ensure the security of personal data. We will ensure that appropriate protection and security measures are taken against unlawful or unauthorised processing, or loss, of personal data. An appropriate level of data security will be deployed for the type of data and the data processing being performed. Our website uses strong SSL encryption via DigiCert.

3.4 Secure Destruction
When data held in accordance with this policy is destroyed, it will be destroyed securely in accordance with best practice.

Section 4: Cookies

4.1 A cookie is a piece of information in the form of a very small text file that is placed on an internet user's hard drive. It is generated by a web page server, which is the computer that operates a website.

4.2 We use cookies to enhance your experience of using our website. They help us to show relevant content and notices. Our cookies contain nothing about you and they collect no data from your web browser. They are session cookies and expire as soon as you close your browser.

4.3 Our session cookies are named "modalpromo" and "hhbag". For Google originated cookies please see 2.4.4 and 2.4.5.

4.4 Web browsers provide the option to control cookie preferences, to turn them off or to disallow/reject their use altogether. Please check the "Help" section of your particular browser for instructions. You can delete cookies from your device however, unless they are disallowed, they will be reapplied when you next visit our website. To manage your browser's cookies:
For Chrome go to "Menu" > "Settings" > "Privacy and security" > "Site Settings" > "Cookies and site data"
For Safari go to "Menu" > "Preferences" > "Privacy"
For Firefox go to "Menu" > "Options" > "Privacy & Security" > "Cookies and Site Data"
For Microsoft Edge go to "Menu" > "Settings" > "Privacy and security" > "Cookies"
For Opera go to "Menu" > "Settings" > "Advanced" > "Privacy & security"

4.5 Further information on deleting or controlling cookies is available at Please note that by deleting our cookies, or disabling future cookies, you may not be able to access certain features of our website.

Section 5: Feedback

We really do respect the privacy of your personal details and hope that this policy meets with your approval. If you have any questions or thoughts about our approach to data protection please feel free to contact us:

Last updated: 20 November 2021

Photo of our Showroom location in BerkhamstedWoolton & Hewitt rings for gay weddings and same sex marriage Woolton & Hewitt rings for gay weddings and same sex marriage Woolton & Hewitt rings for gay weddings and same sex marriage Woolton & Hewitt rings for gay weddings and same sex marriage Woolton & Hewitt rings for gay weddings and same sex marriage Woolton & Hewitt rings for gay weddings and same sex marriage