Cookies and Privacy Policy

Innovation Diamonds Ltd.

Last Revisited: 03.03.2026

Effective Date: March 3, 2026

1. Who We Are

Innovation Diamonds Ltd. (“Innovation Diamonds”, “we”, “us”, or “our”) is a laboratory-grown diamond company registered in Israel, headquartered at the Israel Diamond Exchange, 1 Jabotinsky Street, Ramat Gan 5252236, Israel.

We supply CVD lab-grown diamonds, fancy color diamonds, and finished jewelry exclusively to trade professionals – including jewelry manufacturers, casting houses, wholesalers, distributors, retail brands, and e-commerce jewelers.

This Privacy Policy applies to personal data collected through:

  • Our website at innovationdia.com
  • Our trade portal and mobile application (App Store and Google Play)
  • Email, WhatsApp Business, and any other communications related to our services
  • KYC onboarding and partner verification processes

2. Scope and Applicable Law

This policy is written to comply with the following data protection frameworks applicable to our operations:

  • Israel Protection of Privacy Law (PPL), 5741-1981 as amended by Amendment No. 13 (effective August 14, 2025) – our primary governing law as an Israeli-registered company, enforced by the Privacy Protection Authority (PPA)
  • EU General Data Protection Regulation (GDPR) 2016/679 – applicable to personal data of individuals located in the European Economic Area
  • UK General Data Protection Regulation (UK GDPR) – applicable to individuals located in the United Kingdom, enforced by the ICO
  • Canada – PIPEDA (Personal Information Protection and Electronic Documents Act) – applicable to personal data of individuals in Canada; organizations in Quebec, British Columbia, and Alberta are subject to substantially similar provincial laws
  • California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA) – applicable to California residents
  • Australia – Privacy Act 1988 including the Australian Privacy Principles (APPs) – applicable to individuals located in Australia, enforced by the OAIC
  • UAE Federal Decree-Law No. 45 of 2021 (PDPL) – applicable to data subjects located in the UAE

As a B2B supplier, most personal data we collect relates to business contacts, authorized representatives, and employees of our trade partners. Where individuals interact with us in a professional capacity on behalf of a business entity, this policy governs how we handle their personal data.

3. Data Controller

Innovation Diamonds Ltd. is the data controller for personal data collected through this website and our services.

Contact details:

For data protection inquiries including access requests, correction requests, deletion requests, or complaints, contact us at privacy@innovationdia.com.

4. What Personal Data We Collect

4.1 Business Contact Information

When a trade professional registers, enquires, or enters into a business relationship with us, we collect:

  • Full name and job title
  • Business name, registration number, and address
  • Business email address and telephone number
  • Country and jurisdiction of operation
  • VAT or tax identification number where relevant

4.2 Business Verification and KYC Data

As a supplier of high-value goods, we are required to verify the identity and legitimacy of our trade partners. This may include:

  • Business registration certificates and trade licenses
  • Diamond exchange or bourse membership details and broker/dealer license numbers
  • Proof of identity of authorized representatives (government-issued ID)
  • Shareholder and officer details including names, positions, nationalities, and ownership percentages
  • Anti-money laundering (AML) and counter-terrorism financing (CTF) documentation
  • Annual turnover, financial references, and trade references
  • Bank account details for payment processing
  • Customs and import/export license documentation

4.3 Order and Transaction Data

In connection with orders and deliveries of diamonds and jewelry, we collect:

  • Purchase and order history including stone specifications, carat weights, shapes, grades, and pricing
  • IGI certificate numbers and diamond identifiers
  • Shipping addresses and consignee details
  • Payment records, invoice history, and credit terms
  • Customs documentation including commercial invoices, export permits
  • Insurance and logistics documentation

4.4 Website and Portal Usage Data

When you visit our website or trade portal, we may automatically collect:

  • IP address and approximate geographic location
  • Browser type, version, and operating system
  • Pages visited, time spent, and navigation paths
  • Referring URLs
  • Cookie identifiers and session data (see Section 9)

4.5 Mobile Application Data

The Innovation Diamonds mobile application (available on the Apple App Store and Google Play Store) is published by Innovation Diamonds Ltd. and powered by Virtual Diamond Boutique, Inc. (“VDB”), our technology platform provider.

When you download, install, or use the App, the following data may be collected automatically by the App’s underlying technology:

  • Contact information (name, email address, phone number, company name)
  • Login credentials and account activity
  • Purchase and transaction history within the App
  • Device identifiers (device ID, OS version, model)
  • IP address and network information
  • App usage data, browsing behavior within the App, and clickstream data
  • Cookies and web beacons used to track App engagement
  • Approximate and precise location data (as permitted by your device settings and as disclosed in the App Store and Google Play data safety disclosures)
  • Push notification preferences and responses

The App also uses third-party analytics services including Google Analytics, HotJar, Segment, and Woopra to help analyze usage patterns and improve App performance.

By using the App, you explicitly consent to the collection, hosting, use, and processing of information as described in this Privacy Policy.

4.6 Communications Data

We collect and retain data from communications including:

  • Email correspondence regarding orders, quotations, and support
  • WhatsApp Business messages sent and received through our business accounts
  • Records of calls and meetings where notes are taken
  • Contact form submissions from our website

We process personal data on the following legal grounds depending on the applicable law and context:

Performance of a contract: Processing necessary to fulfill orders, issue quotations, arrange shipping, and manage business relationships with trade partners.

Legal obligation: Processing required to comply with Israeli law, customs and export regulations, anti-money laundering obligations, Kimberley Process compliance, tax requirements, and other applicable regulations.

Legitimate interests: Processing necessary for our legitimate business interests including fraud prevention, credit risk assessment, security of high-value shipments, business analytics, and improving our products and services – where these interests are not overridden by individual rights.

Consent: Where we rely on consent (for example, for marketing communications or non-essential cookies), we obtain this separately. You may withdraw consent at any time without affecting the lawfulness of processing before withdrawal.

6. How We Use Your Data

We use personal data for the following purposes:

  • Processing and fulfilling diamond and jewelry orders
  • Issuing quotations, proforma invoices, and commercial invoices
  • Verifying trade partner identity and conducting KYC and AML checks
  • Assessing creditworthiness and managing payment terms
  • Arranging international shipping, insurance, and customs documentation
  • Providing access to our live inventory portal and mobile application
  • Managing ongoing business relationships and account queries
  • Sending order confirmations, shipping notifications, and account statements
  • Sending trade communications including new stock alerts and product updates (where you have not opted out)
  • Complying with Israeli export law, customs regulations, and financial reporting obligations
  • Detecting and preventing fraud, unauthorized access, and security incidents
  • Maintaining records required by law including invoice archives and customs documentation
  • Improving our website, portal, and mobile application

7. Who We Share Your Data With

We do not sell personal data. We share data only where necessary for business operations or legal compliance.

7.1 Logistics and Shipping Partners

We share consignee details and shipment documentation with logistics partners including Brinks, Malca-Amit, FedEx, and DHL for the purpose of arranging insured international shipments of diamonds and jewelry.

7.2 Certification and Grading Laboratories

Where required for order processing, we share relevant stone information with the International Gemological Institute (IGI) and other grading laboratories for certification purposes.

7.3 Payment Processors and Banks

Payment and billing data is shared with our banking partners and payment processors solely for processing transactions and managing credit accounts.

7.4 AML and Compliance Verification Services

To meet legal obligations, we may share relevant KYC data with compliance databases and verification services including Malca-Amit group companies for cross-verification, blacklist checks, and transaction history verification as required under AML and CTF regulations.

7.5 Technology and IT Service Providers

We use third-party technology providers for website hosting, cloud storage (including Amazon Web Services), mobile application infrastructure, and communication platforms. Our mobile application is powered by Virtual Diamond Boutique, Inc. (VDB), which processes certain App data on our behalf. All such providers are bound by data processing agreements and are not permitted to use data for any purpose other than providing the services to us.

We will disclose personal data to law enforcement agencies, courts, regulators, or government authorities when required to do so by law, court order, or other legal process. This includes cooperation with the Israel Privacy Protection Authority (PPA), customs authorities, and diamond industry regulatory bodies.

7.7 Business Transfers

In the event of a merger, acquisition, or sale of assets, personal data may be transferred as part of that transaction. We will notify affected individuals before any transfer takes place.

8. International Data Transfers

Innovation Diamonds operates internationally and may transfer personal data to countries outside your jurisdiction. These transfers may include data sent to or from Israel, the EU, UK, UAE, USA, and other countries where our partners, logistics providers, or technology providers operate.

When transferring personal data internationally, we implement appropriate safeguards including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission for transfers from the EU
  • UK International Data Transfer Agreements (IDTAs) for transfers from the UK
  • Contractual protections for transfers from Canada, Australia, and other jurisdictions
  • Verification that recipient countries provide adequate data protection under applicable law

Note: Israel has received an adequacy decision from the European Commission, meaning transfers of personal data from the EU to Israel are permitted without additional safeguards.

9. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies.

Essential cookies: Required for website functionality including login sessions and security. These cannot be disabled.

Analytics cookies: We use analytics tools to understand how visitors use our website. These are only placed with your consent.

Marketing cookies: Used for remarketing and advertising. Only placed with your explicit consent.

You can manage cookie preferences through our cookie consent banner when you first visit the site, or at any time through your browser settings. Refusing non-essential cookies will not affect your ability to use the website.

10. Data Retention

We retain personal data for as long as necessary to fulfill the purposes for which it was collected:

  • Active business relationships: Retained for the duration of the relationship and 7 years after the last transaction, to comply with Israeli tax and commercial law requirements.
  • KYC and AML records: Retained for a minimum of 5 years after the end of the business relationship, as required by anti-money laundering regulations.
  • Customs and export documentation: Retained in accordance with applicable customs law, typically 7 years.
  • Website and App usage data: Retained for up to 24 months.
  • Marketing communications: Retained until you opt out or request deletion.

When data is no longer required, we securely delete or anonymize it.

11. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

Right of access: Request a copy of the personal data we hold about you.

Right to correction: Ask us to correct inaccurate or incomplete data.

Right to deletion: Ask us to delete your personal data where we no longer have a legitimate reason to hold it, subject to legal retention requirements.

Right to object: Object to processing based on legitimate interests, including for direct marketing.

Right to restrict processing: Ask us to restrict processing of your data in certain circumstances.

Right to data portability: Request your data in a structured, machine-readable format (EU/UK GDPR, CCPA, PIPEDA).

Right to withdraw consent: Where processing is based on consent, you may withdraw it at any time.

California residents (CCPA/CPRA): Right to know what personal information is collected, right to delete, right to opt out of the sale or sharing of personal information (we do not sell personal information), and the right to non-discrimination.

Canadian residents (PIPEDA): Right to access your personal information, challenge its accuracy, and withdraw consent subject to legal or contractual restrictions.

Australian residents (Privacy Act 1988): Right to access and correct personal information held about you, and to make a complaint to the Office of the Australian Information Commissioner (OAIC).

Israeli residents (PPL / Amendment No. 13): Right to access data held about you in our databases, to request correction, and to file a complaint with the Privacy Protection Authority (PPA).

UK residents (UK GDPR): Right to lodge a complaint with the Information Commissioner’s Office (ICO).

EU residents (GDPR): Right to lodge a complaint with your local data protection supervisory authority.

To exercise any of these rights, contact us at privacy@innovationdia.com. We will respond within 30 days or within the timeframes required under applicable law.

12. Data Security

We implement appropriate technical and organizational security measures to protect personal data against unauthorized access, loss, alteration, or disclosure. Measures include:

  • Encrypted data transmission (SSL/TLS) on our website and portal
  • Access controls and authentication for systems containing personal data
  • Regular security assessments
  • Data processing agreements with all third-party service providers
  • Physical security measures appropriate to the handling of high-value goods and associated documentation
  • Staff training on data protection obligations
  • Incident response procedures for data breaches

In the event of a data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority and affected individuals as required by applicable law.

Despite our security measures, no internet-based system is completely secure. You are responsible for maintaining the confidentiality of your account credentials.

13. Children’s Privacy

Our website and services are strictly B2B and are not directed at individuals under the age of 18. We do not knowingly collect personal data from minors. If you are aware that a minor has provided us with personal data, contact us at privacy@innovationdia.com.

14. Third-Party Websites

Our website may contain links to third-party websites. We are not responsible for the privacy practices of those websites. We encourage you to read their privacy policies.

15. WhatsApp Business Communications

We use WhatsApp Business as a communication channel for trade operations. When you communicate with us via WhatsApp, your messages are subject to WhatsApp’s own privacy policy in addition to this policy. We retain WhatsApp communications as part of our business records. You may contact privacy@innovationdia.com to request access to or deletion of communications data.

16. Aggregated and Anonymized Data

We may use aggregated, anonymized data that cannot identify any individual for business analytics, market research, and internal reporting. This data is not subject to this Privacy Policy.

17. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the “Last Updated” date at the top of this page and, where appropriate, notify you by email or through a notice on our website.

18. Contact and Complaints

Innovation Diamonds Ltd. – Privacy

Email: privacy@innovationdia.com

Address: Israel Diamond Exchange, 1 Jabotinsky Street, Ramat Gan 5252236, Israel

If you are not satisfied with our response, you have the right to lodge a complaint with the relevant supervisory authority in your jurisdiction: