City of Gem respects your privacy and is committed to handling personal information responsibly, securely, and transparently. This Privacy Policy explains how we collect, use, store, share, and protect information when you visit cityofgem.com, contact us, place an order, request gemstone sourcing, ask for gem cutting or polishing services, request certification support, or otherwise interact with our business online or offline.

City of Gem serves both business-to-business and business-to-consumer customers. Our services include gemstone sourcing, gemstone cutting and polishing, customer-request cutting, gemstone sets for jewelry design, crystal and specimen supply, rough gemstone and faceted gemstone sales, gem-related travel assistance, and online gemstone sales. We operate from Sri Lanka and source from Sri Lankan mining regions as well as selected international sources including Madagascar, Tanzania, Kenya, Burma, Thailand, and Mozambique, depending on availability and business requirements.

When you visit our website, contact us by email, WhatsApp, social media, website forms, or place an order, we may collect personal information such as your name, billing name, shipping name, phone number, WhatsApp number, email address, shipping address, billing address, business name, tax-related details if required for shipping or invoicing, communication records, order details, and payment-related transaction references. We may also collect technical information including IP address, browser type, device type, operating system, approximate geographic location, website usage patterns, pages visited, and interactions with cookies or similar technologies used on our website.

We collect this information for legitimate business purposes. These purposes include responding to inquiries, providing quotations, confirming availability, processing online orders, arranging shipping, handling customer support, managing custom cutting requests, discussing gemstone sourcing, maintaining transaction records, fraud prevention, platform security, service improvement, and compliance with legal or regulatory obligations.

We may also use certain information to send order updates, service communications, delivery notifications, payment confirmations, and important customer support responses. Where lawful and appropriate, we may send marketing messages or updates about gemstones, services, or offers, and you may opt out of marketing communications at any time.

Our website may use cookies and similar technologies for essential functionality, cart and checkout performance, analytics, website improvement, security, and remembering preferences. Some cookies are necessary for the website to function properly, while others help us understand site performance and customer behavior. By continuing to use our website, you acknowledge that such technologies may be used, subject to your browser settings and any cookie choices available on the website.

Payment card information entered through the website checkout is processed through secure payment gateway providers. City of Gem does not claim to store full credit card or debit card numbers, card verification values, or complete sensitive payment credentials on its own servers unless explicitly stated otherwise by the payment system in use.

City of Gem may receive limited transaction details such as payment status, last four digits where available, payment reference numbers, card type, currency, payer name, and billing confirmation details for order processing, fraud prevention, and accounting purposes.

We may share personal information only when reasonably necessary. This may include sharing with payment processors, banks, shipping providers, insurers, customs-support providers, IT or hosting providers, analytics services, business advisers, legal advisers, certification laboratories when requested or required, and government or regulatory authorities where legally required.

We take commercially reasonable steps to protect personal data from unauthorized access, misuse, alteration, loss, disclosure, or destruction. We keep personal data only for as long as reasonably necessary for the purposes described in this policy, including business operations, order fulfillment, support, accounting, fraud prevention, tax records, legal compliance, and dispute resolution.

If you are located in the EU or EEA, and the GDPR applies to our processing of your personal data, you may have the right to be informed, request access to your personal data, request correction of inaccurate data, request deletion in certain circumstances, request restriction of processing, object to certain processing, and request data portability where applicable. Where we rely on your consent, you may withdraw that consent at any time by contacting us at [email protected] or via WhatsApp at +94 074 0583 525.