Daniel & Co. Effective Date: April 1, 2026

1. Introduction

We are committed to protecting the privacy and security of our customers and Site visitors. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our Site, create an account, or make a purchase.

By using our Site, you consent to the collection and use of your information as described in this Privacy Policy. If you do not agree, please discontinue use of the Site.

2. Information We Collect

2.1 Information You Provide Directly

We collect personal information that you voluntarily provide to us, including:

• Full name, billing and shipping address, phone number, and email address

• Payment information (processed securely through PCI-DSS compliant processors; we do not store full card numbers)

• Account credentials (username and encrypted password)

• Purchase history, wish lists, and product preferences

• Communications you send us (customer service inquiries, feedback)

• Gemological certificate numbers and product authentication records

2.2 Information Collected Automatically

When you visit our Site, we automatically collect:

• IP address and general geographic location

• Browser type, operating system, and device identifiers

• Pages visited, time spent on pages, and navigation paths

• Referring URLs and search terms

• Cookie identifiers and session data

2.3 Information From Third Parties

We may receive information about you from:

• Payment processors and fraud prevention services

• Shipping and logistics providers

• Third-party authentication services (e.g., Google or Apple sign-in)

• Marketing and advertising partners

• Credit and financing partners

3. How We Use Your Information

We use your personal information for the following purposes:

• Processing, fulfilling, and shipping your orders

• Communicating with you regarding your orders, account, and inquiries

• Sending order confirmations, shipping updates, and return notifications

• Verifying the authenticity of high-value transactions and preventing fraud

• Maintaining records of gemological certificates and purchase documentation

• Personalizing your shopping experience and product recommendations

• Sending promotional emails, newsletters, and special offers (with your consent)

• Complying with legal obligations and regulatory requirements

• Analyzing Site usage to improve our services and user experience

• Administering loyalty programs and customer accounts

4. Cookies & Tracking Technologies

We use cookies, web beacons, and similar tracking technologies to enhance your browsing experience, analyze Site traffic, and deliver personalized content and advertising.

Types of cookies we use:

• Essential Cookies: Required for the Site to function properly (shopping cart, login sessions)

• Analytics Cookies: Help us understand how visitors interact with our Site (e.g., Google Analytics)

• Marketing Cookies: Used to deliver relevant advertisements based on your browsing behavior

• Preference Cookies: Remember your preferences such as currency, language, and display settings

You may control or disable cookies through your browser settings. However, disabling certain cookies may affect the functionality of the Site. You may also opt out of interest-based advertising through the Digital Advertising Alliance (DAA) at www.aboutads.info.

5. How We Share Your Information

We do not sell, rent, or trade your personal information to third parties for their own marketing purposes. We may share your information only in the following circumstances:

5.1 Service Providers

We share information with trusted third-party vendors who assist us in operating our Site and fulfilling orders, including:

• Payment processors (e.g., Stripe, Authorize.net)

• Shipping and logistics carriers (e.g., FedEx, UPS, Brinks)

• Customer service platforms

• Email marketing services

• Website analytics providers

These service providers are contractually obligated to use your information only as necessary to provide their services and to maintain appropriate security measures.

5.2 Legal Compliance

We may disclose your information when required by law, regulation, legal process, or governmental request, or where necessary to protect the rights, property, or safety of our Company, our customers, or the public.

5.3 Business Transfers

In the event of a merger, acquisition, asset sale, or reorganization, your personal information may be transferred to the acquiring entity. We will notify you of any such change via email or prominent notice on our Site.

5.4 With Your Consent

We may share your information for any other purpose with your explicit consent.

6. Data Security

We implement industry-standard technical, administrative, and physical security measures to protect your personal information from unauthorized access, disclosure, alteration, and destruction. These measures include:

• SSL/TLS encryption for all data transmitted to and from the Site

• PCI-DSS compliant payment processing

• Encrypted storage of sensitive account and transaction data

• Access controls limiting employee access to personal information

• Regular security audits and vulnerability assessments

Despite these measures, no system is completely secure. You acknowledge that the transmission of information over the internet involves inherent risks. In the event of a data breach affecting your rights and freedoms, we will notify you in accordance with applicable law.

7. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, maintain accurate business records, comply with legal and regulatory requirements, and resolve disputes or enforce our agreements.

Transaction records, gemological certificate records, and purchase documentation may be retained for a minimum of seven (7) years for regulatory and warranty purposes. You may request deletion of your account data subject to legal retention requirements.

8. Your Privacy Rights

Depending on your jurisdiction, you may have the following rights with respect to your personal information:

8.1 General Rights

• Right to Access: Request a copy of the personal data we hold about you

• Right to Correction: Request correction of inaccurate or incomplete data

• Right to Deletion: Request deletion of your personal data (subject to legal retention obligations)

• Right to Portability: Request transfer of your data in a machine-readable format

• Right to Opt-Out: Opt out of promotional communications at any time

8.2 California Residents (CCPA/CPRA)

California residents have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), including the right to know, the right to delete, the right to opt-out of the sale of personal information, and the right to non-discrimination for exercising privacy rights.

To submit a privacy rights request, contact us at privacy@danielco.com. We will respond within 45 days.

8.3 EU/EEA Residents (GDPR)

If you are located in the European Union or European Economic Area, you have rights under the General Data Protection Regulation (GDPR), including the right to object to processing, the right to restrict processing, and the right to lodge a complaint with your supervisory authority.

Our lawful bases for processing your personal data include: performance of a contract (order fulfillment), compliance with legal obligations, legitimate interests (fraud prevention, Site improvement), and your consent (marketing communications).

9. Children's Privacy

Our Site is not intended for individuals under the age of 18. We do not knowingly collect personal information from minors. If you believe we have inadvertently collected information from a minor, please contact us immediately and we will promptly delete such information.

10. Third-Party Links & Services

Our Site may contain links to third-party websites, including brand websites for Rolex, Patek Philippe, Hublot, Audemars Piguet, Omega, Tag Heuer, Cartier, and other luxury brands, as well as financing partners and social media platforms. This Privacy Policy does not apply to third-party sites. We encourage you to review the privacy policies of any third-party services you access through our Site.

11. Marketing Communications

With your consent, we may send you promotional emails, SMS messages, or notifications about new arrivals, exclusive events, and special offers related to our jewelry and watch collections.

You may opt out of marketing communications at any time by:

• Clicking the "Unsubscribe" link in any promotional email

• Texting STOP in response to any SMS communication

• Updating your communication preferences in your account settings

• Contacting us directly at privacy@danielco.com

Opting out of marketing communications will not affect transactional communications related to your orders or account.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, applicable laws, or Site features. We will notify you of material changes by posting the revised policy on this page with an updated effective date. For significant changes, we may also send a notification to your registered email address.

Your continued use of the Site after the posting of changes constitutes your acceptance of the revised Privacy Policy.

13. Contact & Privacy Requests

For questions, concerns, or privacy rights requests regarding this Privacy Policy or our data practices, please contact our Privacy Team at:

Daniel & Co.

Attn: Privacy Officer

9798 Bellaire Blvd. Ste. C

Houston, TX 77036

Email: privacy@danielco.com

Phone: 713-980-9798

We are committed to resolving privacy-related inquiries in a timely and transparent manner.