We would like to let you know that WE RESPECT YOUR PRIVACY and we will always make sure to KEEP YOUR DATA AS SAFE AND AS SECURE AS POSSIBLE.
SC NATURAL ORGANIC COSMETICS SRL declares that all personal data provided to us (“data”) is treated as strictly confidential and is handled according to the Regulation of The European Parliament (EU 2016/679) and of The Council regarding the protection of persons with regard to the processing of personal data and on the free movement of such data.
WHAT IS PERSONAL DATA?
The term ‘personal data’ is the entryway to the application of the General Data Protection Regulation (GDPR). Only if a processing of data concerns personal data, the General Data Protection Regulation applies. The term is defined in Art. 4 (1). Personal data are any information which are related to an identified or identifiable natural person.
The data subjects are identifiable if they can be directly or indirectly identified, especially by reference to an identifier such as a name, an identification number, location data, an online identifier or one of several special characteristics, which expresses the physical, physiological, genetic, mental, commercial, cultural or social identity of these natural persons. In practice, these also include all data which are or can be assigned to a person in any kind of way. For example, the telephone, credit card or personnel number of a person, account data, number plate, appearance, customer number or address are all personal data.
WHAT TYPE OF DATA DO WE COLLECT?
In general, we collect certain types of data, depending on which one of our services are you using, such as:
- When you create an account/register: we collect your first and last name, email address, telephone no., address, post code, country, town/city, county, password.
- When you shop from us: we collect your first and last name, email address, telephone no., address, post code, country, town/city, county, bank details. We may also keep a record of our correspondence with you.
- When you login to your account: we collect your login details (email address and password).
- When you subscribe to our newsletter: we collect you email address
- Guest checkout-in case you prefer to buy without registration: we collect your email address.
- Other situations: when we might need to contact you we may collect your first and last name, email address, telephone no., address, post code, country, town/city, county and also information about your own experiences with our products and contact preferences so that we can continue to provide you with further information and news about our products and/or services.
WE USE YOUR PERSONAL DATA TO:
We generally need to use/process your personal data for the following reasons:
- To process and deliver your order
- To inform you about our offers
- To offer you discounts
- To meet legal obligations (accounting documents)
- To communicate with you via telephone or email in order to confirm your order, to update you on the status of your order/request or to discuss with you about the completion of your order (when necessary).
- To respond to comments and questions and to provide customer service when needed.
- To improve our products, website and/or services (marketing). In order to ensure that your rights and interests will be fully protected, we will use all personal data in an anonymised form for the above-mentioned matter.
- To prevent, investigate and prevent fraud, unauthorized or illegal activity or to resolve disputes.
SHARING/TRANSFER OF PERSONAL DATA TO THIRD PARTIES
We will not transfer or share your personal data with third parties unless it is necessary to do so and only after you have given us your consent to do this. We may need to share your personal data with our shipping partners, in order to ship and deliver your order; with suppliers or vendors we work with; a purchaser of our business; to public authorities.
We may share personal data for legal, protection, and safety purposes, in order to comply with the laws, or in case of emergency. Please note that we are not responsible for the way in which third parties may process your personal data.
HOW LONG DO WE STORE YOUR DATA?
We will store your personal data for a limited period of time, according to our data retention policy. The retention period may vary, depending on the purpose of the processing of your data. In general, we will store your data for the necessary period to ensure that your order has been completed. Also, we will store your data for the period we are obliged by law to do so, for instance in the case of accounting documents such as invoices issued by us.
PERSONAL DATA SECURITY
We will always do our best to safeguard and protect the information we collect from you online. Therefore, we put in place specific security measures to protect the loss, misuse and alteration of the personal data under our control.
KNOW YOUR RIGHTS
The right to be informed-you have the right to be informed about the collection and use of your personal data. Under the GDPR, you have the right to be given information regarding: our business, the data processing activities we carry out, the length of time we will keep/store the data, the rights available to you in respect of processing and the right to lodge a complaint.
- The right of access-you have the right to access your personal data and to request from us specific information about the processing of your personal data.
- The right to rectification- you have the right to ask us to erase or rectify inaccurate or incomplete personal data.
- The right to erasure (the right to be forgotten)-this right does not apply to the personal data that we need in order to fulfill our obligations.
- The right to restrict processing-you have the right to ask us restrict the processing of your personal data.
- The right to data portability- you have the right to ask for transfer of your personal data.
- The right to object to processing –you have the right to object to the processing of your personal data.
- The rights in relation to automated decision making and profiling-the GDPR includes provisions for decisions made with no human involvement, such as profiling, which uses personal data to make calculated assumptions about individuals. There are strict rules about this kind of processing, and you are permitted to challenge and request a review of the processing if you believe the rules aren’t being followed.