- What Personal Data the Company might collect on you.
- How long might the Company hold on to your Personal Data.
- How the Company might collect your Personal Data.
- The grounds on which the Company may store and use your Personal Data.
- The way(s) in which the Company might use your Personal Data.
- The measures the Company has in place to protect your Personal Data.
- Your rights.
- Third Party Websites
- How you can contact the Company.
In compliance with the General Data Protection Regulation (the “GDPR”), in force as of 25 May 2018 and other data protection legislation applicable to where you are resident from time to time, this Policy sets out the obligations of the Company (defined below) in respect of the collection, retention, safeguarding of and access to your Personal Data (also defined below).
“Personal Data” is defined as any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier. This includes, but is not limited to, name, email address, postal address, location data, an online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
For the purposes of GDPR, the “Data Controller” is Inspired Beauty Brands, Inc. of 330 Seventh Avenue New York, NY 10001 (the “Company”).
The Personal Data that the Company may collect from you is listed in section 2 below.
2. What Personal Data the Company might collect on you.
2.1 The Company might collect some or all the following Personal Data from you:
i) Your name, age/date of birth and gender;
ii) Your contact details, including: postal address including billing and delivery addresses, telephone numbers (including mobile numbers) and e-mail address;
iii) Details of purchases and/or orders made by you;
iv) Details of Company events attended by you (if applicable);
v) Your competition or other contest entries;
vi) Your communication and marketing preferences;
vii) Your interests, preferences, feedback and survey responses;
viii) Your correspondence and communications with the Company;
ix) Other publicly available Personal Data, including any which you have shared via a public platform (such as a Twitter feed, public Facebook page or a company website);
x) Information about your visit to Company’s website, including the full Uniform Resource Locators (URL), clickstream to, through and from Company’s site (including date and time), pages you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page;
xi) Technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, browser plug-in types and versions, and operating system and platform.
xii) Information collected from Company’s websites and elsewhere across the internet through cookies, web beacons, pixel tags, device identifiers and other technologies including information about your shopping habits and preferences.
2.2 This list is not exhaustive and, in specific instances, the Company may need to collect additional data for the purposes set out in this Policy. The Company may also collect Personal Data from third parties who have your consent to pass your details to the Company, or from publicly available sources.
3. How long might the Company hold on to your Personal Data.
The Company will not retain your Personal Data for longer than necessary for the purposes set out in this Policy. Different retention periods apply for different types of data, however the longest the Company will normally hold any Personal Data is 6 years
4. How the Company might collect your Personal Data.
4.1 The Company may collect your Personal Data in the following:
i) When you opt-in to receive marketing or other communications from Company;
ii) When you place an order with Company or a stockist of Company’s product;
iii) When you enter one of Company’s competitions or other contests;
iv) When you correspond with Company (by phone, email or otherwise);
v) Information that Company may collect automatically when you use Company’s website, for example with regard to each of your visits to Company’s website it may, independently or through third-party data analytics tools or services such as Google Analytics, automatically collect information as you use Company’s services/website;
vi) Information gathered through cookies and other similar technology to distinguish you from other users of Company’s website, to assist Company in providing you with a good experience when you browse Company’s site and also allows Company to improve its website.
5. The grounds on which the Company may store and use your Personal Data.
The Company might store and use your Personal Data on the following legal grounds:
– for example, if you have opted in to receive marketing communications and/or news from the Company.
5.2 Fulfilment of a Contractual Obligation
– for example, if you have purchased an item via the website (or via a third party stockist), the Company will store and process your data insofar as it is necessary to fulfil such order.
5.3 Legitimate Interest
– for example, if you have previously provided the Company with your contact details in the course of sale of goods/services, the Company may send you electronic communications relating to similar goods/services. You will always be given the opportunity to opt-out of this form of communication. If relying on legitimate interest as a lawful ground for processing your Personal Data, the Company will always take into account your rights and interests prior to sending any such communications.
5.4 Legal and Compliance Purpose(s)
– for example, to assist Company in keeping their website safe and secure; to use profiling tools to identify fraudulent behaviour; and to protect Company’s rights or property.
6. The way(s) in which the Company might use your Personal Data.
The Company (and trusted partners acting on Company’s behalf under contract) might use your Personal Data:
i) to provide goods and services to you;
ii) to make a tailored website available to you;
iii) to manage any registered account(s) that you hold with us;
iv) to verify your identity;
v) for crime and fraud prevention, detection and related purposes;
vi) to contact you electronically about news/events and/or products which the Company thinks may interest you;
vii) for market research purposes – to better understand your needs;
viii) where the Company has a legal right or duty to use or disclose your information (for example in relation to an investigation by a public authority or in a legal dispute).
The Company might use your Personal Data for electronic marketing purposes (with your consent) and may send you postal mail to update you on various news, event and/or products.
The Company aims to update you about items which are of interest and relevance to you as an individual.
You have the right to opt-out of receiving communications at any time, by:
i) making use of the simple “unsubscribe” link in emails; or
ii) contacting the Company via email to email@example.com or via post to the registered office (listed in section 1 above).
6.3 Sharing data with third parties
i) Company’s service providers and suppliers
In order to make certain services available to you, the Company may need to share your Personal Data with some of its service providers/partners. These could include IT, delivery and marketing service providers.
The Company only allows its service providers/partners to handle your Personal Data when the Company has confirmed that they apply appropriate data protection and security controls. The Company also imposes contractual obligations on service providers/partners relating to data protection and security, which mean they can only use your Personal Data to provide services to the Company and to you, and for no other purposes.
ii) Other third parties
Aside from to its service providers/partners, the Company will not disclose your Personal Data to any third party, except as set out below. The Company will not sell or rent your Personal Data to other organisations for marketing purposes without your prior written consent.
Company may share your data with:
– credit reference agencies where necessary for card payments;
– governmental bodies, regulators, law enforcement agencies, courts/tribunals and insurers where the Company is required to do so: –
– to comply with Company’s legal obligations;
– to exercise Company’s legal rights (for example in court cases);
– for the prevention, detection, investigation of crime or prosecution of offenders; and
– for the protection of Company’s employees and customers.
7. The measures the Company has in place to protect your Personal Data.
7.1 The Company strives to maintain the highest standards of data privacy and security to protect your personal details and other information about you.
7.2 The Company shall ensure that Personal Data is stored securely using modern software that is kept-up-to-date.
7.3 Access to Personal Data shall be limited to personnel who need access and appropriate security should be in place to avoid unauthorised sharing of information.
7.4 When Personal Data is deleted this should be done safely such that the data is irrecoverable.
7.5 Appropriate back-up and disaster recovery solutions shall be in place.
7.6 The Company regularly reviews its processes and procedures to protect your information from unauthorised access and use, accidental loss and/or destruction.
8. Your Rights.
You have the following rights in respect of the Personal Data that the Company holds:
8.1 the right to ask for a copy of Personal Data that the Company holds about you (the right of access);
8.2 the right (in certain circumstances) to request that the Company deletes Personal Data held on you; where the Company no longer has any legal reason to retain it (the right of erasure or to be forgotten);
8.3 the right to ask the Company to update and correct any out-of-date or incorrect Personal Data that the Company holds about you (the right of rectification);
8.4 the right to opt out of any marketing communications that the Company may send you and to object to the Company using / holding your Personal Data if the Company has no legitimate reasons to do so (the right to object);
8.5 the right (in certain circumstances) to ask the Company to ‘restrict processing of data’; which means that the Company would need to secure and retain the data for your benefit but not otherwise use it (the right to restrict processing); and
8.6 the right (in certain circumstances) to ask the Company to supply you with some of the Personal Data that the Company holds about you in a structured machine-readable format and/or to provide a copy of the data in such a format to another organisation (the right to data portability).
9. Third Party Websites.
The Company may update this Policy to reflect changes in how it collects, stores and/or uses your Personal Data. The most recent version of the Policy will always be available via the Company’s website. Where appropriate, the Company will provide you with notice of any significant changes to how it uses your information.
12. How you can contact the Company.
If you have any questions/comments on the contents of this Policy please write to:
Website Team, Inspired Beauty Brands, Inc. of 330 Seventh Avenue New York, NY 10001 or email firstname.lastname@example.org
Last updated February 2020.