1. Our statement on privacy
2. Collecting & using your personal data
3. Sharing personal data
4. Transferring data outside the EU
5. How long do we store your data?
6. Your rights
1. OUR STATEMENT ON PRIVACY
It’s our mission to give you a great fashion experience right from the moment you start browsing the many styles from our brand to the time that you actually receive your order. As part of your shopping experience with us, we want to ensure you that we protect and respect your privacy and handle all your personal data with care.
We uphold the following principles when handling your personal data:
1. We collect and store data for these main purposes:
- Packing and delivering your order
- Customer service
- Improving your user experience
- Fraud prevention
- Regulatory requirements
2. We only collect data that we need for the purposes mentioned above
3. We delete your personal data when we no longer need it.
4. We do not sell your data
- 5.We keep your data secure
Below you can read more about how and why we collect and store your personal data – and who we share it with.
You can also read about how you can exercise your privacy rights, e.g. how to request access to your personal data.
2. COLLECTING & USING YOUR PERSONAL DATA
Fulfilment of your order
To handle your order, we need some information from you. When you place an order with us, you provide us with your name, address, email, payment method and, of course, which products you wish to purchase. We use the information to fulfil your order including sending an order confirmation and packing and delivering your order.
When you contact our customer service, we will register the personal data that you provide to us. Our customer service has access to all information about your order, so we can help you in the best possible way, whether you have questions about the status of your order, or if you need to return an item. Our customer service is also able to see any previous correspondence with you as this allows us to provide you with a better service.
Improvement of your user experience
In order for us to present you with the best possible fashion advice and most relevant news and marketing, we use personal data to personalize the recommendations and promotions on our website and to show you relevant advertising on other websites, social media networks and apps.
Doing this, we use information such as order history, past correspondence and profile information.
If you have signed up to our newsletter we use information about you to send you newsletters with offers, information about new styles, fashion guides etc., based on your preferences in accordance with the content of the consent you provided when signing up to our newsletter.You can always object to our processing of your personal data for direct marketing purposes, including profiling, by contacting us at email@example.com.
If you choose to create a personal customer account, you must provide us with your name and email address. You can also choose to give us your phone number and address.
[My Account] provides you with an overview of you shopping bag and your order history. You can update or delete your account at any time by logging in.
We use the personal data submitted by you when you place an order for fraud detection and fraud prevention purposes. For those purposes we may also receive additional information from our payment solution and fraud detection partners.
We use and store your personal data in order to comply with regulatory requirements, e.g. bookkeeping regulations.
Legal bases for collecting and using your personal data
We collect and use your personal data on the following legal bases:
1. Our performance of a contract
- Fulfilment of your order
2. Our legitimate interest
- Customer service
- Improvement of your user experience
- Fraud detection and prevention
- Analysis, user experience and development based on cookies
3. Your consent
- My Account
4. Our legal obligations
- Regulatory requirements
3. SHARING PERSONAL DATA
In order to provide our services, we share personal data with our partners. We only share your data when this is allowed by law and all our partners are committed to keeping your data safe. Some of our partners are “data controllers” and others are “data processors”.
The below described partners are data controllers meaning that they are directly responsible for the processing of your data. We only share personal data to the extent it is required for performance of their services, e.g. shipping.
When you complete an order, your payment is handled by our payment solution partners such as GooglePay and ApplePay as well as fraud detection partner MaxMind, Inc. These partners are data controllers. In order to be able to offer you these payment options, we will pass certain aspects of your personal information, such as contact and order details, in order for the payment providers to assess whether you qualify for their payment options and to tailor the payment options for you. You can find more information about these provider, including their terms and conditions and privacy policies on their websites.
Afterwards, your order is sent to our warehouse partner. When your order is packed and ready to ship, we share your name, address, email and phone number with our carrier partners to fulfil your delivery.
For marketing purposes, we may share non-reversible and encrypted (hashed) information about your use of our website and services with our advertising partners who may combine it with other information that you have provided to them directly or that they have collected themselves.
The partners described below are data processors who are only allowed to process personal data on behalf of us and according to our instructions.
Our payment solution partner Shopify Payments handles your payments as a data controller. Your payment details are sent directly to Shopify Payment where it is handled and stored in compliance with regulatory requirements.
Our technical service providers process your personal data when they have access to our databases or store personal data in their applications. These service providers include, for example, hosting providers, providers of our website platform and providers of message distribution tools.
Finally, as part of our advertising campaigns we share non-reversible and encrypted (hashed) customer email addresses with social media networks and with other partners who will make the campaigns available to you on their websites or in your social media news feed.
Other situations where we share data
If we are obliged by law, a court decision or a decision of another authority, we will share personal data with the relevant authority or third party. We also report fraud incidents to the relevant law enforcement authorities.
4. TRANSFERRING DATA OUTSIDE THE EU
Some of our partners including their group companies handle your personal data outside the EU. In such case we will always ensure that your personal data is covered by an adequate level of data protection. The partners listed below have entities located outside the EU:
- Shopify, USA, Canada, Australia, India, Japan, Singapore and New Zealand (transfers to Canada, Japan and New Zealand are safeguarded by the European Commission’s adequacy decision 2002/2/EC)
- Maxmind, Inc., USA
- Google, USA
- Facebook, USA
In addition, some of our partners may use external subcontractors (sub-processors) located outside the EU. In such case, our partner is obligated to keep your personal data safeguarded. If you want specific information about these external sub-processors, please contact firstname.lastname@example.org.
5. HOW LONG DO WE STORE YOUR DATA
We only store your personal data for as long as it is necessary to fulfill the purpose for which it was collected, to establish, defend or exercise legal claims or to comply with regulatory requirements, e.g. bookkeeping regulations in the countries where we operate. When this is no longer the case, the information will be deleted.
You can also request us to delete personal data. We will comply with such request unless we are obligated to store the information for regulatory reasons or unless the information is relevant due to a pending legal case/dispute.
6. YOUR RIGHTS
When we collect and use your personal data you have a number of privacy rights. If you wish to exercise any of your rights, please submit your request to us at email@example.com
Right of access
One of the most important rights that you have is the right to request access to the data that we have registered on you. If you request access, we will provide you with a copy of your personal data.
Right to be forgotten
Another important right in terms of your relationship with us is that you have the right to be forgotten, meaning you can file a request asking that we delete the data that we have registered on you. We may not be able to delete all your personal data as we are required to continue to store certain data in order to comply with legal requirements or to establish, defend or exercise legal claims.
Right to object
You are entitled to object to the processing of your personal data on certain grounds. For example, you can object to the processing of your personal data for direct marketing purposes, including profiling.
Right to rectification
If you believe that the data we have registered on you is inaccurate or incomplete, please let us know and we will make sure to update your information.
Right to restriction
In combination with some of your other rights you can also request that we restrict the use of your personal data, e.g. instead of full erasure or during our assessment of your objection.
Right to data portability
You can file a request asking us to supply you with the personal data that you have provided to us in a structured, commonly used and machine-readable format and to transmit the data directly to a specific recipient.
If you wish to lodge a complaint about how we handle your personal data, you can always contact our customer service team. You can also file a complaint with the ICO – Information Commissioner’s Officer.