All your personal Information shall be held and used in accordance with the EU General Data Protection Regulation 2016/679 (“GDPR”) and national laws implementing GDPR and any legislation that replaces it in whole or in part and any other legislation relating to the protection of personal data. If you wish to know what information we collect and hold about you, or to exercise any of your rights as set out in Section 10 below, please write to us at the address on our contact page or via e-mail at firstname.lastname@example.org:
First of all – what is Personal Information?
Personal Information is information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
We do not consider personal information to include information that has been anonymized or aggregated so that it can no longer be used to identify a specific natural person, whether in combination with other information or otherwise.
We collect personal information from you when you use our Services.
We collect personal information from you and any devices (including mobile devices) you use when you: use our Services, register for an account with us, provide us information on a web form, update or add information to your account, or when you otherwise correspond with us.
Some of this personal information, such as a way to identify you, is necessary to enter into our User Agreement. The provision of all other personal information is voluntary, but may be necessary in order to use our Services, such as buying information needed to conclude a transaction.
We may also collect personal information from other sources, as described below.
Personal information you give us when you use our Services or register for an account with us can consist of…
- Identifying information such as your name, addresses, telephone numbers or email addresses when you register for an account with us.
- Buying information you provide during a transaction, or other transaction-based content that you generate or that is connected to your account as a result of a transaction you are involved in.
- Other content that you generate, or that is connected to your account, such as adding items to your trolley.
- Financial information (such as credit card data) in connection with a transaction.
- Postage, billing and other information used to purchase our products, as well as information required to clear customs (such as Tax ID or other identification numbers) and relevant postage information (such as tracking numbers and tracking updates).
- In some instances, when you use our Services, you may provide age, gender, interests and favorites.
- You may also provide us other information through a web form, by updating or adding information to your account, or when you otherwise communicate with us regarding our Services.
- Additional information we are required or authorised by applicable national laws to collect and process in order to authenticate or identify you or to verify the information we have collected.
Personal information we collect automatically when you use our Services or register for an account with us
- We collect information about your interaction with our Services and your communications with us. This is information we receive from devices (including mobile devices) you use when you access our Services. This information could include the following: Device ID or unique identifier, device type, ID for advertising, and unique device token.
- Location information, including location information from your mobile device. Keep in mind that most mobile devices allow you to control or disable the use of location services by any application on your mobile device in the device’s settings menu.
- Computer and connection information such as statistics on your page views, traffic to and from the sites, referral URL, ad data, your IP address, your browsing history, and your web log information.
Personal information we collect using cookies and similar technologies
Personal information collected from other sources
- Social Media. We do not collect any information provided on our social media channels. We might use information like addresses given by you to send out prizes for competitions.
- If you give us personal information about someone else, you must do so only with that person’s authorisation. You should inform them how we collect, use, disclose, and retain their personal information according to our privacy notice.
We use the personal information we collect from you for a range of different business purposes and according to different legal bases of processing. The following is a summary of how and according to which legal bases we use your personal information.
We use your personal information to fulfill a contract with you and provide you with our Services, to comply with our legal obligation, or as may be required for the public good. This includes
- To provide payment processing and account management, operate, measure and improve our Services, keep our Services safe, secure and operational.
- To contact you regarding your account, to troubleshoot problems with your account, to collect fees or monies owed or as otherwise necessary to provide you customer service.
- When contacting you for such purposes as outlined above, we may contact you via email, telephone, SMS/text messages, postal mail, and via mobile push notifications.
- To provide other services requested by you as described when we collect the information.
- To prevent, detect, mitigate, and investigate fraud, security breaches or other potentially prohibited or illegal activities.
- To enforce our Terms & Conditions, this privacy notice, or other policies.
We use your personal information to pursue our legitimate interests where your rights and freedoms do not outweigh these interests. We have implemented controls to balance our interests with your rights. This includes to:
- Improve our Services, for example by reviewing information associated with stalled or crashed pages experienced by users allowing us to identify and fix problems and give you a better experience.
- Contact you via email or postal mail in order to offer you coupons, discounts and special promotions, poll your opinions through surveys or questionnaires and inform you about our Services, as authorised by applicable law.
- Contact you about public policy matters, or other current events, related to your ability to use our Services. This could include an invitation to join a petition, letter writing, call or other sort of public policy related campaigns.
- Deliver targeted marketing, service updates, and promotional offers based on your communication preferences.
- Measure the performance of our email marketing campaigns (e.g. by analysing open and click rates).
- Monitor and improve the information security of our site and mobile applications.
With your consent, we may use your personal information to:
- Provide you with marketing via telephone calls, email, SMS or text.
- Use your sensitive personal information to facilitate transactions.
You have the right to withdraw your consent at any time.
We may use technologies considered automated decision making or profiling. We will not make automated decisions about you that would significantly affect you, unless such a decision is necessary as part of a contract we have with you, we have your consent, or we are required by law to use such technology.
Marketing communication preferences
You can control your email communication preferences by subscribing to our monthly email newsletter on our homepage, or by unsubscribing from same by clicking on links provided in the newsletter. You can unsubscribe from our annual postal mailing by sending us an email.
Keep in mind, we do not sell, rent, or otherwise disclose your personal information to third parties for their marketing purposes – ever.
Staying Signed in
When you sign in to your account on our website using a public or shared computer, we encourage you to log out. You or any other user of the computer/browser you signed in on will be able to view and access most parts of your account and take certain specific actions during this signed in period without any further authorisation.
If you attempt to change your password, User ID, update any other account information or attempt other account activity beyond those listed above, you may be required to enter your password.
You can typically end your signed-in session by signing out. If you have certain browser privacy settings enabled, simply closing your browser may also end your signed in session. If you are using a public or shared computer, you should sign out and/or clear your cookies when you are done using our website to protect your account and your personal information.
- You have the right to know what personal information we maintain about you.
- We will provide you with a copy of your personal information in a structured, commonly used and machine readable format on request.
- If your personal information is incorrect or incomplete, you have the right to ask us to update it.
- You have the right to object to our processing of your personal information.
- You can also ask us to delete or restrict how we use your personal information, but this right is determined by applicable law and may impact your access to some of our Services.
Access, correction, and deletion of your personal information
You can see, review and change most of your personal information by signing in to your account. Please update your personal information immediately if it changes or is inaccurate.
We will honour any statutory right you might have to access, modify or erase your personal information. To request access and to find out whether any fees may apply, if permitted by applicable national laws, please contact us following the instructions in the Contact Us section below. Where you have a statutory right to request access or request the modification or erasure of your personal information, we can still withhold that access or decline to modify or erase your personal information in some cases in accordance with applicable national laws.
If you request that we stop processing some or all of your personal information or you withdraw (where applicable) your consent for our use or disclosure of your personal information for purposes set out in this privacy notice, we might not be able to provide you all of the Services and customer support offered to our users and authorised under this privacy notice and our Terms & Conditions.
Upon your request, we will close your account and remove your personal information from view as soon as reasonably possible, based on your account activity and in accordance with applicable national laws.
We may disclose your personal information to the following parties for the following purposes:
Service Providers and financial institutions partners as follows:
- Payment Facilities:
Third party service providers who help us to provide our Services, payment processing services, to assist us with the prevention, detection, mitigation, and investigation of potentially illegal acts, violations of our User Agreement, fraud and/or security breaches, bill collection, and other business operations.
- Couriers and Postal Services:
Third party shipping providers (e.g. DPD, UPS, TNT, postal services etc.) with whom we share delivery address, contact information and shipment tracking information for the purposes of facilitating the delivery of items purchased and other delivery related communications.
- Providers of online presence:
Third party providers of websites, applications, services and tools that we cooperate with so that they can create our website(s) or other applications, services and tools. If we transfer personal information to third party providers, this will be solely on the basis of an agreement limiting use by the third party provider of such personal information to processing necessary to fulfil their contract with us and obligating the third party provider to take security measures with regard to such data. Third party providers are not permitted to sell, lease or in any other way transfer the personal information included in your listings to third parties.
Law enforcement, legal proceedings, and as authorised by law
- To law enforcement or governmental agencies, or authorised third-parties, in response to a verified request or legal process relating to a criminal investigation or alleged or suspected illegal activity or any other activity that exposes us, you, or any other of our users to legal liability. We will only disclose information we deem relevant to the investigation or inquiry, such as name, city, county/state, postcode, telephone number, email address, User ID history, IP address, fraud complaints.
- To credit agencies or bureaus as authorised by applicable national laws (e.g. information on late or missed payments or other defaults on your account that may be reflected in your credit report or file).
- To third parties involved in a legal proceeding, if they provide us with a summons, court order or substantially similar legal basis, or we otherwise believe in good faith that the disclosure of information is necessary to prevent imminent physical harm or financial loss or to report suspected illegal activity.
We may disclose your personal information to our third-party payment facilitator
- To prevent, detect, mitigate, and investigate potentially illegal acts, fraud and/or security breaches, and to assess and manage risk, including to alert you if fraudulent activities have been detected on your online customer accounts
- To provide customer services, including to help service your account or resolve disputes (e.g., billing or transactional disputes)
- To facilitate the processing of payment cards when you pay within our Services with a payment card
How long we retain personal information can vary significantly based on context of the Services we provide and on our legal obligations. The following factors typically influence retention periods:
- How long is the personal information needed to provide our Services? This includes such things as maintaining and improving the performance of our products, keeping our systems secure, and maintaining appropriate business and financial records. This is the general rule that establishes the baseline for most of our data retention periods.
- Is the personal information sensitive? If so, a shortened retention time is generally appropriate.
- Have you provided consent for a longer retention period? If so, we will retain data in accordance with your consent.
- Are we subject to a legal, contractual, or similar obligation to retain your personal information? Examples can include mandatory data retention laws in the applicable jurisdiction, government orders to preserve data relevant to an investigation, or personal information retained for the purposes of litigation.
After it is no longer necessary for us to retain your personal information, we will dispose of it in a secure manner.