skinSense are committed to providing our customers, prospective customers and the users of our website with an open and honest experience. We work hard to ensure that your privacy is maintained and that any data that you do share with us is carefully looked after. skinSense are responsible for your personal data and for the purposes of GDPR are the data controller. If you have any questions at all please do not hesitate to contact us.
This privacy notice provides you with details of how we collect and process your personal and non personal data through your use of our site.
Personal data refers to any data capable of identifying you and non personal data data refers to anonymised data. By providing us with your data, you warrant to us that you are over 13 years of age.
Please contact us if you have any questions at all.
What Personal Data Is Collected And Why?
We may collect, store and use the following kinds of personal data:
- information about your computer and about your visits to and use of this website, such as your IP address, geographical location, browser type, referral source, length of visit and number of page views
- information relating to any transactions carried out between you and us on or in relation to this website, including information relating to any purchases you make of our goods or services (including name, e-mail address, postal address and phone number)
- information that you provide to us for the purpose of subscribing to our e-mail notifications.
We only request personal information for the purpose that it was collected or a similar activity. Personal data is requested from us to fulfill our contractual obligations and to manage the day to day normal business activities. If you are unable or choose not to provide us with the data if and when requested we may not be able to fulfill our contractual obligations and the product or service may be cancelled. We will never share your personal details with any third-party for their own use.
- Enquiry Data is collected so that we may communicate to you. The legal grounds for us processing this data is legitimate interests.
- User Generated Data is data that you have chosen to post on our website, for example a comment to a blog post or a product review. The legal grounds for us processing this data is legitimate interests.
- Personal Information Data is collected so that we may process a purchase or a request to purchase. The legal grounds for our processing this data is the fulfillment of our contractual obligation with you or the creation of a future contract with you.
- Other. Under GDPR is may be deemed that your IP address constitute personal data because it could be used to identify you or in whole or part. The legal grounds for us processing your IP is legitimate interest since this helps to keep our website safe. We process your IP address for security reasons to protect our website for malicious attacks and hacks. We may cross reference your IP with the IP’s of blacklisted users and if a match is found we may add your IP to the blacklist and prevent further access to you.
We may process your personal data without your knowledge or consent where this is required or permitted by law. We may use your personal information to:
- improve your browsing experience by personalising the website
- send goods to you purchased via the website
- send invoices to you, and collect payments from you
- send you email notifications which you have specifically requested
- send to you our newsletter and other marketing communications (relating to our business which we think may be of interest to you), you can inform us at any time if you no longer require marketing communications to be sent to you by emailing us at firstname.lastname@example.org
We will not without your express consent provide your personal information to any third parties for the purpose of direct marketing.
What Non-Personal Data is Collected and Why?
- Preference Data is collected to enable the website to perform and to be administered correctly. Our lawful ground for this processing is legitimate interests.
- Statistical Data is collected so that we may provide a fully functioning website that helps our business to communicate core message to relevant persons. The legal grounds for us processing this data is legitimate interests.
- Marketing data is collected to allow us to grow our business and provide a better service to our customers. The legal grounds for us processing this data is legitimate interests.
Marketing and Advertising
We know that you don't want to be bombarded with advertising and marketing messages that are not relevant to you.
Email marketing. We may send you marketing communications from us:
- if you have previously purchased from us
- If you have made an enquiry from us about our products and services
- if you requested to receive marketing communications (opted in)
You will always receive a marketing message with an option to opt out of future marketing messages. If you are a limited company, we may send you marketing emails without your consent. However you can still opt out of receiving marketing emails from us at any time. Our lawful ground of processing your personal data to send you marketing communications is either your consent or our legitimate interests (namely to grow our business).
Display Advertisements. We may use your data to deliver relevant advertisements to you (including Facebook adverts or other display advertisements) and to measure or understand the effectiveness of the advertising we serve you. Our lawful ground for this processing is legitimate interests which is to grow our business.
We may have to share your personal data with the parties set out below:
- Service providers who provide IT and system administration services.
- Professional advisers including lawyers, bankers, auditors and insurers
- Government bodies that require us to report processing activities.
- to the extent that we are required to do so by law
- in connection with any legal proceedings or prospective legal proceedings
- in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk).
Please also read our www.skinsense.co.uk/shop/cookie-policy/ to understand more about what cookies are, how we use them and for instructions for blocking cookies if you prefer.
Keeping Your Data Safe
We would like to make sure that the data we hold about you is accurate and up to date. Please let us know if at any time your personal information changes. We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information. We will store all the personal information you provide on our secure servers. All electronic transactions you make to or receive from us will be encrypted using SSL technology. You are responsible for keeping your password and user details confidential. We will not ask you for your password. Personal information provided on the website and online credit card transactions are transmitted through a secure server. We are committed to handling your personal information with high standards of information security. We take appropriate physical, electronic, and administrative steps to maintain the security and accuracy of personally identifiable information we collect, including limiting the number of people who have physical access to our database servers, as well as employing electronic security systems and password protections that guard against unauthorized access. Our website uses encryption technology, like Secure Sockets Layer (SSL), to protect your personal information during data transport. SSL encrypts ordering information such as your name, address, and credit card number. Our Customer Care center and stores also operate over a private, secure network. Please note that email is not encrypted and is not considered to be a secure means of transmitting credit card information. To make online shopping faster and easier, you may register. As a registered customer, you only have to enter your shipping addresses and billing information once; they will be securely stored with us for your future use. Using your name and a password of your choice, you may access your account online at any time to add, delete, or change information. If you are using a public computer, we strongly encourage you to LOG OUT at the conclusion of your session. Your information will still be stored with us but it will not be accessible to anyone else from that computer.
Your Legal Rights
You may instruct us to provide you with any personal information we hold about you. You may instruct us not to process your personal data for marketing purposes by email (to email@example.com) at any time (in practice, you will usually expressly agree in advance to our use of your personal data for marketing purposes, or we will provide you with an opportunity to opt-out of the use of your personal data for marketing purposes). We will endeavor to process your request as soon as possible and in any event, within no more than 14 days. Until this time, it is possible that you may receive further communications from us.
email to firstname.lastname@example.org
or by post to:
skinSense, 41 Holmethorpe Avenue, Redhill, Surrey, RH1 2NB.
Alternatively you can contact us by telephone on +44 (0)1737 222563