Cart 0

Sorry, looks like we don't have enough of this product.

Subtotal Free
Shipping, taxes, and discount codes are calculated at checkout

Your Cart is Empty

Data Retention & Protection Policy

Last Updated: 17/10/2025

At Harry & Co Jewellery, we respect your privacy and are committed to protecting your personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). This policy explains how we store, protect, and manage personal data collected through our website and related services.

1. Purpose of Data Retention

We retain personal information only as long as necessary to fulfil the purpose for which it was collected, including to:

  • Process and deliver your orders.
  • Provide after-sales support and warranty services.
  • Comply with legal and tax obligations under Australian law.
  • Resolve disputes or enforce our Terms & Conditions.
  • Maintain accurate business and financial records.

2. Types of Data We Retain

The personal information we retain may include:

  • Customer contact details (name, address, email, phone number).
  • Order history and transaction records.
  • Payment details (processed securely through Shopify or payment gateways).
  • Communications or service enquiries you send us.

We do not store full credit card information on our servers. All payment data is processed securely by PCI DSS–compliant third parties such as Shopify Payments or other approved providers.

3. Data Retention Periods

Unless a longer retention period is required by law, we retain data for the following timeframes:

  • Customer order records: 7 years (to comply with accounting and taxation obligations).
  • Marketing data: until you unsubscribe or withdraw consent.
  • Customer service correspondence: up to 2 years from the last interaction.
  • Inactive user accounts: deleted or anonymised after 24 months of inactivity.

4. Data Protection Measures

We use a combination of administrative, technical, and physical safeguards to protect personal information from unauthorised access, misuse, loss, or disclosure, including:

  • SSL (Secure Socket Layer) encryption for data transmitted through our website.
  • Role-based access control for authorised staff only.
  • Secure password and authentication systems for internal platforms.
  • Regular security reviews and system updates.
  • Data minimisation and anonymisation where possible.

5. Data Storage Location

Personal data is securely stored on Shopify’s servers and trusted cloud providers, which may be located outside Australia. All storage partners must comply with strong data protection and privacy standards, consistent with the Australian Privacy Principles.

6. Data Deletion and Disposal

When personal information is no longer required, we securely delete or anonymise it to prevent reconstruction or misuse. Physical records are shredded, and digital data is permanently removed from storage systems.

7. Notifiable Data Breaches

In the event of a data breach that is likely to cause serious harm, we will promptly notify affected individuals and the Office of the Australian Information Commissioner (OAIC) as required under the Notifiable Data Breaches (NDB) scheme.

8. Your Rights

You may request access to, correction, or deletion of your personal data at any time by contacting us. We will verify your identity before acting on such requests, in line with privacy legislation.

9. Contact Us

If you have any questions about this Data Retention & Protection Policy or wish to exercise your privacy rights, please contact us:

📧 care@harryandcojewellery.com.au
📞 08 7119 8939
148 King William Rd, Hyde Park, SA 5061, Australia

Harry & Co Jewellery Pty Ltd (ACN 667 804 275)
ABN 39 575 433 607
Operated as trustee for the Harry and Co Jewellery Trust