1. Personal Data
Personal Data is information that does or may identify you.
You can choose not to share your Personal Data with us, but if you choose not to, we may not be able to provide you with our products and services, or answer any questions you may send to us through the Contact Us page or over the phone.
We may collect your Personal Data from a variety of sources. These include:
Personal Data you provide to us directly.
This will include:
- When you subscribe to receive one of our newsletters or information about our products, offers and promotions;
- When you enter one of our competitions;
- When you ask us a question through our Contact Us page.
As a skincare company offering a wide range of products, some of the Personal Data we collect may be Sensitive Data. This might include information about your race, ethnicity, health or general wellbeing. Whilst we do not give health advice, to answer your queries, we may need information about the condition of your skin or your particular skin related concerns.
Information collected automatically.
If profiling applies: We also use profiling techniques to collect information about how you use our sites and what pages you have visited. Profiling is an automated process that enables us to use your Personal Data to build a profile about you. This is one of the tools we use to analyse your online activities including surfing, searching and buying behavior. We may also analyse your participation in surveys, email preferences and activity on social medial channels.
This helps us ensure that we deliver relevant content to you and to better understand what is of genuine interest to you.
Personal Data from other sources
We collect personal data from other sources including third-party platforms such as our brand accounts on Twitter, Facebook and Instagram. This may be in the form of product promotions, answering your direct messages or competitions that we run through or social platforms from time to time.
Additionally, we receive information about you and other visitors’ interactions with our advertising to measure whether our advertising is relevant and successful. We also collect information about you and your activities from a third party when we jointly offer services or products.
2. Children’s data
Our websites are designed and intended for use by adults. Additionally, whilst our products do not contain ingredients harmful to children, we do recommend that our products only be used by people aged 16 and above.
3. How we use your Personal Data
We only collect, process and disclose your Personal Data for specific and limited purposes. These include:
- To administer any competition that you may have entered;
- To send you a brand newsletter;
- To provide you with information about our products and offers that we believe will be on genuine interest to you;
- To direct you to content within our site that we think is relevant to you;
- To provide tailored product recommendations and targeted advertising based on what you have shared with us;
- To allow you to participate in any interactive features, survey or quizzes on our site;
- To share with associate brands where they offer services or products we think may be of interest to you;
- To answer any enquiry you may send to us;
- To authenticate that we are talking to the right person should we need to get in touch with you;
- To help us to understand and react to the changing interests and needs of our consumers so that we can improve our websites and our products.
Where required, we will obtain your consent to process your Personal Data. Where you have given consent, you may withdraw your consent at any time. Please see below
4. How we share your Personal Data
We do not sell your Personal Data to any third party.
We share your Personal Data internally within the company and with selected third parties in the following circumstances:
- To partners with who we collaborate on competitions and events;
- With other businesses within the brand group of companies (who will become a joint-controller of your Personal Data) for operational and legitimate business reasons
5. International data transfers
We will only send Personal Data collected within the EEA to foreign countries:
- To follow your instructions;
- To comply with a legal duty; or
- To work with any agent or adviser who we use to help run our business and services.
If we do transfer Personal Data outside of the EEA, we will make sure that it is protected in the same way as if it was being used in the EEA. We will use one of the following safeguards:
- Transfer to a non-EEA country whose privacy legislation ensures an adequate level of protection of personal data to the EEA one;
- Put in place a contract with the foreign third party that means they must protect Personal Data to the same standards as the EEA; or
- Transfer personal data to organisations that are part of specific agreements on cross-border data transfers with the European Union (e.g., Privacy Shield, a framework that set privacy standards for data sent between the United States and the European countries).
6. How we protect your personal data
We take the security of your Personal Data very seriously. We take every effort to protect your Personal Data from misuse, interference, loss, unauthorized access, modification or disclosure.
Access to your Personal Data is only permitted among our employees and agents on a need-to-know basis and subject to strict contractual confidentiality obligations when processed by third parties.
7. How long we keep your Personal Data
We will keep your Personal Data for as long as we need it for the purpose it is being processed for. This may include holding your Personal Data to enable us to respond to any quality concerns raised or for complying with any contract we may have entered into.
8. Your rights as a data subject
This is a summary of your rights relating to the Personal Data we hold about you.
The right to be informed. You have the right to be provided with clear, transparent and easily understandable information about how we use your Personal Data and your rights. Therefore, we’re providing you with the information in this charter.
The right to access and rectification. You have the right to access, correct or update your Personal Data at any time. We understand the importance of this and should you want to exercise your rights, please contact us as set out below;
The right to data portability. The Personal Data you have provided us with is portable. This means it can be moved, copied or transmitted electronically under certain circumstances.
The right to be forgotten. Under certain circumstances, you have the right to request that we delete your Personal Data. If you wish to delete the Personal Data we hold about you, please let us know and we will take reasonable steps to respond to your request in accordance with legal requirements. If the personal data we collect is no longer needed for any purposes and we are not required by law to retain it, we will do what we can to delete, destroy or permanently de-identify it.
The right to restrict processing. Under certain circumstances, you have the right to object to certain types of processing, including processing for direct marketing (i.e. receiving emails from us notifying you or being contacted with varying potential opportunities).
The right to lodge a complaint with a supervisory authority. You have the right to lodge a complaint Information Commissioners Office about how we process our Personal Data;
The right to withdraw consent. If you have given your consent to anything we do with your Personal Data, you have the right to withdraw your consent at any time by contacting the details below.
Rights related to automated decision-making. You have the right not to be subject to any decision which is based solely on automated processing in certain circumstances.
9. Contact information
If you wish to contact us about your Personal Data, including where you wish to withdraw consent or restrict certain processing activities, please email email@example.com.
Dated 24 May 2018