Last Updated 24 May 2018
What do we collect and use personal information for?
Please scroll down to find out the detailed purposes for which we collect your information, what specific information is collected and the legal basis for which we purpose that data.
- To register and manage your account in our Website, we collect your name, email, password and other additional details you may wish to add in your account, like phone number, addresses and gender. The legal basis is the performance of a Contract with you.
- To fulfil the orders you make through our website, we collect your Name, addresses, phone number, Order details, like the products you are buying, the size and price. The legal basis is the performance of a Contract with you.
- To collect payment from you we collect your payment information, which comprises the credit/debit card’s number, holder’s name and CVV we do not store them and only transfer them to our authorized payment providers. The legal basis is the performance of a Contract with you.
- To provide you with our customer services (including helping you to solve any issue you have with our services, updating you about any change to our terms of service, or contacting you to know how was your experience with us) we collect your name, email, password and addresses and your contact history with us (including phone records of our conversations. The legal basis is the performance of a Contract with you and our legitimate interests in retaining you as a customer.
- To monitor the quality of our customer services, we collect your name, email, password and addresses and your contact history with us. The legal basis is the legitimate interests in running our business.
- To administer, maintain and optimise our Website and our services, we collect your device information (such as your device IP address and device type), Cookie identifiers and browsing information. The legal basis is the legitimate interests in running our business.
- To perform fraud and credit checks and if we can do business with you, we collect your name; email; addresses; credit/debit card details;browsing history; purchase history; date of birth; gender; device information (such as IP address and device type), any national identifiers (like driver’s license or ID cards) and any publicly available information (like social media profiles or news). The legal basis is the legitimate interests to protect Sable Beauty and its customers from fraudulent activities and compliance with a legal obligation.
- To send you marketing communications and personalised offers, we collect your Name; Email; Phone Number; Addresses; Date of Birth; Purchase history; Browsing history and behaviour; Device information; Shopping preferences; Cookie identifiers; Internal identifiers; Country. The legal basis is the legitimate interests to electronic direct marketing of similar products and services to that which you have acquired using our Website or, when such is not applicable, your Consent.
- To manage our loyalty programmes, we collect your Name; Email; Phone Number; Addresses; Date of Birth; Purchase history; Browsing history and behaviour; Device Information; Shopping preferences; Nickname; Cookie identifiers; Internal identifiers; Country; Spent tier level and Wealth. The legal basis is our legitimate interests in running our business and improve the shopping experience.
- Analysis of your behaviour and purchases in our Website, we collect your Name Email; Phone Number; Addresses; Date of Birth; Purchase history; Browsing history and behaviour; Device Information; Shopping preferences; Nickname; Cookie identifiers; Internal identifiers; Country; Spent tier level and Wealth. The legal basis is our legitimate interests in running our business and improve our Website and your experience.
- Carry on research, analysis, enquiries and surveys on your use of our website, we collect your Name; Addresses; Email; Device information, legal basis is our legitimate interests in running our business and improve our Website and your experience.
- Advertising and retarget advertising, we collect your email, cookie identifiers and device information. The legal basis is our legitimate interests in running our business
We also ask you for other optional information such as what sort of device you use such as a mobile telephone or PDA or tablet, how you heard about our Site and what sort of subjects interest you. If you choose to give us this information, we will use it to help us to provide you with the best possible service that is personalised to your needs and preferences. Although we do not make it compulsory to give us every item of information we ask for, the more information you volunteer (and the more accurate it is), the better we can tailor our services for you.
Log files/IP addresses
When you visit our Site, we automatically log your IP address (the unique address which identifies your computer on the internet) which is automatically recognised by our web server. We use IP addresses to help us administer the Site and to collect broad demographic information for aggregate use. Your IP address is also logged when you make a purchase as a fraud prevention measure required by the payment gateway.
We may automatically collect non-personal information about you such as the type of internet browsers you use or the site from which you linked to our Site. You cannot be identified from this information and it is only used to assist us in providing an effective service on our Site. We may from time to time supply the owners or operators of third party sites from which it is possible to link to our Site with information relating to the number of users linking to our Site from their sites. You cannot be identified from this information.
Information placed on your computer
We may store some information (commonly known as a “cookie”) on your computer when you look at our Site. This information facilitates your use of our Site and helps us to understand how our Site is used. You can erase or block cookies from your computer if you want to (your help screen or manual should tell you how to do this), but certain Sable Beauty services may not work correctly or at all if you set your browser not to accept cookies.
Improving our service
Staff from Sable Beauty, or from our service providers, may contact you from time to time using the contact means you have supplied to us in order to get your views and comments on the service we provide to you.
Information about products and services.
It is very important to us that we provide you with the highest level of service. In order to help us do this, from time to time we may contact you using one of the contact methods you have provided, with details of our newsletters, surveys, products and services which we think may be of interest to you. If at any time you do not wish to receive these details, then send an e-mail message titled “unsubscribe” to firstname.lastname@example.org Please note that active customers will continue to receive order and account communications from us.
Keeping our records accurate
We aim to keep our information about you as accurate as possible. If you would like to review or change the details you have supplied us with, or you would like to remove your published Submission from the Site you may do so at any time by using the Contact Us page on this Site.
You should be aware that the internet is an insecure environment. We have implemented technology and employee policies to help safeguard your privacy from unauthorised access and improper use. We will continue to update these measures, as appropriate, when new technology becomes available.
Third party sites
We cannot be responsible for the privacy policies and practices of other third party sites, or for advertisers on our site, even if you access them using links from our Site and we recommend that you check the policy of each site you visit. In addition, if you linked to our Site from a third party site, we cannot be responsible for the privacy policies and practices of the owners or operators of that third party site and we recommend that you check the policy of that third party site and contact its owner or operator if you have any concerns or questions.
Unless expressly stated, we are not agents for these third party sites or for any third party advertisers on our Site, nor are we authorised to make representations on their behalf.
Transferring your personal information outside the European Economic Area
We may need, as part of the services offered to you though our Site, to communicate your details outside the European Economic Area (“EEA”). By way of example, this may happen if any of our servers are from time to time located in a country outside of the EEA or one of our service providers is located in a country outside of the EEA.
We are obliged to satisfy ourselves before transferring your information to a country outside the EEA that it provides adequate protection for your data protection rights. The EEA comprises of the EU countries and Norway, Iceland and Liechtenstein. Countries outside the EEA may not have similar data protection laws to the EEA.
If we do transfer your information outside of the EEA in this way, we will take reasonable steps to ensure that your privacy rights continue to be protected.
Our Site is hosted on servers located in the United Kingdom.
Disclosing your information to others
Other than the disclosures referred to in this policy, we will not disclose any personal information without your permission unless we are legally entitled or obliged to do so (for example, if required to do so by Court Order or for the purposes of prevention of fraud or other crime).
We will only disclose and/or transfer your personal information to a third party either as part of a reorganisation or a sale of the assets of Sable Beauty, or having ensured that steps have first been taken to ensure that your privacy rights continue to be protected.
Keeping you and your personal information secure is very important to us. We take a number of reasonable steps to try to protect the personal information that you provide, including:
• using a Transport Layer Secure (TLS) to encrypt the personal data that you send us during the order process (including any financial information such as credit or debit card details);
• requiring you to establish a unique username and password to access your account on our Website;
• not keeping details of your credit or debit card that would enable any third party to transact using that credit or debit card (such as your CVV number); and
• regularly monitoring our servers and IT systems for possible vulnerabilities and attacks. Unfortunately, despite this, the transmission of information via the Internet is not completely secure. We cannot guarantee the security of your personal data transmitted to or through our Website, and any such transmission is at your own risk. In particular, please keep in mind that if you voluntarily disclose personal information through other means of communication than the Website in a non-protected environment (such as through email, sms, online messages) then that information can be collected and used by others outside of our or your control.
HOW LONG WILL YOU USE MY INFORMATION FOR?
We retain the data you provide to us for as long as you have your account with us and thereafter for such period as you may have questions or a claim in relation to our services, notwithstanding any superior retention period that we may be obliged to observe in accordance with legal requirements applicable to us.
In some circumstances you can ask us to delete your data as set out below.
After you have terminated your use of our services, we may store your information in an aggregated and anonymised format.
WHAT ARE MY PRIVACY RIGHTS?
You have certain rights in relation to the personal data we hold about you, which we detail below. Some of these only apply in certain circumstances as set out in more detail below. We also set out how to exercise those rights. Please note that we will require you to verify your identity before responding to any requests to exercise your rights and that can include asking a set of security questions to ensure it is you. When you have appointed someone else to do the request on your behalf, that person and/or organization needs to show a valid power of attorney issued by you. We must respond to a request by you to exercise those rights without undue delay and at least within one month (although this may be extended by a further two months in certain circumstances). To exercise any of your rights, please contact us at email@example.com or by writing to Data Protection Officer, at 109 Campden Hill Road, London W8 7TL.
• Access. You have the right to know whether we process personal data about you, and if we do, to access data we hold about you and certain information about how we use it and who we share it with (including the categories of personal data we share with businesses for their direct marketing uses and the names and addresses of those businesses). Please note that in “My Account” dashboards, you can see information about you, namely your account details (such as name, email, phone number, date of birth), the addresses you use for billing and shipping, your order history and shopping preferences.
You can also request a copy of your information. If you require more than one copy of the data we hold about you, we may charge a reasonable administration fee.
We may not provide you with certain personal data if providing it would interfere with another’s rights (e.g. where providing the personal data we hold about you would reveal information about another person) or where another exemption applies.
• Portability. You have the right to receive a subset of the personal data we collect from you in a structured, commonly used and machine-readable format and a right to request that we transfer such personal data to another party. The relevant subset of personal data is data that you provide us with your consent or for the purposes of performing our contract with you.
If you wish for us to transfer the personal data to another party, please ensure you detail that party and note that we can only do so where it is technically feasible. We are not responsible for the security of the personal data or its processing once received by the third party. We also may not provide you with certain data if providing it would interfere with another’s rights (e.g. where providing the personal data we hold about you would reveal information about another person or our trade secrets or intellectual property).
• Correction. You have the right to correct any personal data held about you that is inaccurate. You can edit your personal information in “My Account” settings. You can also request the correction by emailing us. Please note that in some cases we can ask you to explain in detail why you believe the personal data we hold about you to be inaccurate or incomplete so that we can assess whether a correction is required. Please note that whilst we assess whether the personal data we hold about you is inaccurate or incomplete, you may exercise your right to restrict our processing of the applicable data as described below.
• Erasure. You may request that we erase the personal data we hold about you in the certain circumstances. Please [click here/scroll below ]down to know what those are:
- you believe that it is no longer necessary for us to hold the personal data we hold about you;
- we are processing the personal data we hold about you on the basis of your consent, and you wish to withdraw your consent and there is no other ground under which we can process the personal data;
- we are processing the personal data we hold about you on the basis of our legitimate interest and you object to such processing. Please provide us with detail as to your reasoning so that we can assess whether there is an overriding interest for us to retain such personal data;
- you no longer wish us to use the personal data we hold about you in order to send you promotions and special offers;
- you believe the personal data we hold about you is being unlawfully processed by us.
Also note that you may exercise your right to restrict our processing the data whilst we consider your request as described below.
Please provide as much detail as possible on your reasons for the request to assist us in determining whether you have a valid basis for erasure. Please note, however, that we may retain the personal data if there are valid grounds under law for us to do so (e.g., for the defence of legal claims or freedom of expression) but we will let you know if that is the case.
Where you have requested that we erase data that we have made public and there are grounds for erasure, we will use reasonable steps try to tell others that are displaying the data or providing links to the data to erase the data too.
• Restriction of Processing to Storage Only. You have a right to require us to stop processing the personal data we hold about you other than for storage purposes in certain circumstances. Please note, however, that if we stop processing the personal data, we may use it again if there are valid grounds under data protection law for us to do so (e.g. for the defence of legal claims or for another’s protection).
Please scroll down to know the cases where you may request we stop processing and just store the personal data we hold about you.
- you believe the personal data is not accurate for the period it takes for us to verify your claim;
- we wish to erase the personal data as the processing we are doing is unlawful but you want us to retain the personal data for storage but not further process it;
- we wish to erase the personal data as it is no longer necessary for our purposes but you require it to be stored for the establishment, exercise or defence of legal claims; or
- you have objected to us processing personal data we hold about you on the basis of our legitimate interest and you wish us to stop processing the personal data whilst we determine whether there is an overriding interest in us retaining such personal data.
You also have the right to object to our processing of data about you and we will consider your request in other circumstances as detailed below: o we are processing the data we hold about you (including where the processing is profiling) on the basis of our or a third party’s legitimate interest and you object to such processing. Please provide us with detail as to your reasoning so that we can assess whether there is a compelling overriding interest in us continuing to process such data or we need to process it in relation to legal claims. Also note that you may exercise your right to request that we stop processing the data whilst we make the assessment on an overriding interest;
• Withdrawal of Consent You can withdraw your consent at any time by changing your marketing preferences in “My Account” or by unsubscribing at the bottom of each email received or by writing emailing us as set out below.
• by emailing us at firstname.lastname@example.org; or • by writing to the Data Protection Officer, at 109 Campden Hill Road, W8 7TL London.
This is without prejudice to your right to launch a claim with the Information Commissioner’s Office (www.ico.org.uk) or the data protection supervisory authority in the EU country in which you live or work where you think we have infringed data protection laws.”
UPDATES TO THIS POLICY