Privacy & Cookies

PRIVACY POLICY

 

BACKGROUND:

 Grace Beauty® understands that your privacy is important to you and that you care about how your personal data is used and shared online. We respect and value the privacy of everyone who visits this website, www.gracebeautybox.co.uk (“Our Site”) and will only collect and use personal data in ways that are described here, and in a manner that is consistent with Our obligations and your rights under the law.

 Please read this Privacy Policy carefully and ensure that you understand it. [Your acceptance of Our Privacy Policy is deemed to occur upon your first use of Our Site] AND/OR [You will be required to read and accept this Privacy Policy when signing up for an Account]. If you do not accept and agree with this Privacy Policy, you must stop using Our Site immediately.

 

  1. Definitions and Interpretation 

In this Policy the following terms shall have the following meanings:  

 

“Account”

means an account required to access and/or use certain areas and features of Our Site;

“Cookie”

means a small text file placed on your computer or device by Our Site when you visit certain parts of Our Site and/or when you use certain features of Our Site. Details of the Cookies used by Our Site are set out in section 13, below;

[“Cookie Law”

means the relevant parts of the Privacy and Electronic Communications (EC Directive) Regulations 2003;]

“personal data”

means any and all data that relates to an identifiable person who can be directly or indirectly identified from that data. In this case, it means personal data that you give to Us via Our Site. This definition shall, where applicable, incorporate the definitions provided in the [Data Protection Act 1998] OR [EU Regulation 2016/679 – the General Data Protection Regulation (“GDPR”)]; and

“We/Us/Our”

means [E &Y BEST BUYS LTD, a limited company registered in England under company number 07958829, whose registered address is FERN COURT, BRACKLEY,UNITED KINGDOM, and whose main trading address is] OR [of] the same address as registered



  1. Information About Us
    1. Our Site is [owned and] operated by [E&Y Best Buys Ltd, a limited company registered in England under company number 07958829, whose registered address is FERN COURT, BRACKLEY,UNITED KINGDOM and whose main trading address is] OR [of] the same address as registered
    2. [Our VAT number is 169331103.]
    3. [Our Data Protection Officer is Edward Gittins, and can be contacted by email at Customercare@gracebeautybox.co.uk.

 

  1. What Does This Policy Cover?

            This Privacy Policy applies only to your use of Our Site. Our Site may contain links to other websites. Please note that We have no control over how your data is collected, stored, or used by other websites and We advise you to check the privacy policies of any such websites before providing any data to them.

 

  1. Your Rights
    1. As a data subject, you have the following rights under the GDPR, which this Policy and Our use of personal data have been designed to uphold:
      1. The right to be informed about Our collection and use of personal data;
      2. The right of access to the personal data We hold about you (see section 12);
      3. The right to rectification if any personal data We hold about you is inaccurate or incomplete (please contact Us using the details in section 14);
      4. The right to be forgotten – i.e. the right to ask Us to delete any personal data We hold about you (We only hold your personal data for a limited time, as explained in section 6 but if you would like Us to delete it sooner, please contact Us using the details in section 14);
      5. The right to restrict (i.e. prevent) the processing of your personal data;
      6. The right to data portability (obtaining a copy of your personal data to re-use with another service or organisation);
      7. The right to object to Us using your personal data for particular purposes; and
      8. Rights with respect to automated decision making and profiling.

 

  1. If you have any cause for complaint about Our use of your personal data, please contact Us using the details provided in section 14 and We will do Our best to solve the problem for you. If We are unable to help, you also have the right to lodge a complaint with the UK’s supervisory authority, the Information Commissioner’s Office.
  2. For further information about your rights, please contact the Information Commissioner’s Office or your local Citizens Advice Bureau.]

 

  1. What Data Do We Collect?

                 Depending upon your use of Our Site, We may collect some or all of the following personal [and non-personal] data (please also see section 13 on Our use of Cookies and similar technologies [and Our Cookie Policy <<insert link>>]):

 

  1. [name;]
  2. [date of birth;]
  3. [gender;]
  4. [business/company name]
  5. [job title;]
  6. [profession;]
  7. [contact information such as email addresses and telephone numbers;]
  8. [demographic information such as post code, preferences and interests;]
  9. [financial information such as credit / debit card numbers;]
  10. [IP address;]
  11. [web browser type and version;]
  12. [operating system;]
  13. [a list of URLs starting with a referring site, your activity on Our Site, and the site you exit to;]

 

  1. How Do We Use Your Data?
    1. All personal data is processed and stored securely, for no longer than is necessary in light of the reason(s) for which it was first collected. We will comply with Our obligations and safeguard your rights under the [Data Protection Act 1998] OR [GDPR] at all times.
    2. Our use of your personal data will always have a lawful basis, either because it is necessary for Our performance of a contract with you, because you have consented to Our use of your personal data (e.g. by subscribing to emails), or because it is in Our legitimate interests. Specifically, We may use your data for the following purposes: 
  1. [Providing and managing your Account;]
  2. [Providing and managing your access to Our Site;]
  3. [Personalising and tailoring your experience on Our Site;]
  4. [Supplying Our [products] AND/OR [services] to you (please note that We require your personal data in order to enter into a contract with you);]
  5. [Personalising and tailoring Our [products] AND/OR [services] for you;]
  6. [Replying to emails from you;]
  7. [Supplying you with emails that you have opted into (you may unsubscribe or opt-out at any time by <<insert description of opt-out method>>;]
  8. [Market research;]
  9. [Analysing your use of Our Site [and gathering feedback] to enable Us to continually improve Our Site and your user experience;] 
  1. [With your permission and/or where permitted by law, We may also use your data for marketing purposes which may include contacting you by [email] AND/OR [telephone] AND/OR [text message] AND/OR [post] with information, news and offers on Our [products] AND/OR [services]. We will not, however, send you any unsolicited marketing or spam and will take all reasonable steps to ensure that We fully protect your rights and comply with Our obligations under the [Data Protection Act 1998] OR [GDPR] and the Privacy and Electronic Communications (EC Directive) Regulations 2003.] 
  1. You have the right to withdraw your consent to Us using your personal data at any time, and to request that We delete it. 
  1. How and Where Do We Store Your Data?

           We use service providers based around the world. Consequently, your personal data may be processed in countries outside of Europe, including in countries where you may have fewer legal rights in respect of your data than you do under local law. If we transfer personal data outside the European Economic Area we will, as required by applicable law, ensure that your privacy rights are adequately protected by appropriate safeguards, in particular the EU’s standard contractual clauses. Please contact us if you would like more information about these safeguards.

       We will keep your personal data for as long as we need it for the purposes set out above, and so this period will vary depending on your interactions with us. For example, where you have made a purchase with us, we will keep a record of your purchase for the period necessary for invoicing, tax and warranty purposes. We may also keep a record of correspondence with you (for example if you have made a complaint about a product) for as long as is necessary to protect us from a legal claim. Where we no longer have a need to keep your information, we will delete it. Please note that where you unsubscribe from our marketing communications, we will keep a record of your email address to ensure we do not send you marketing emails in future.

 

  1. Do We Share Your Data?

We share customers’ personal data with third parties in the following circumstances: 

  • With other companies in our group of companies, as necessary to operate the Site.
  • With our suppliers and service providers working for us, e.g. payment processors and delivery companies.
  • With our professional and legal advisors.
  • With third parties engaged in fraud prevention and detection.
  • With law enforcement or other governmental authorities, e.g. to report a fraud or in response to a lawful request.
  • In the event that we sell any business assets, the personal data of our customers may be disclosed to a potential buyer. In this event, we will make reasonable attempts to ensure the buyer will be bound by the terms of this Privacy Policy.
  • Otherwise where we have your consent or are otherwise legally permitted to do so. 

 

  1. Your Right to Withhold Information

You have certain rights in respect of your personal data, including the right to access, portability, correct, and request the erasure of your personal data. 

You also have the right to object to your personal data being used for certain purposes, including to send you marketing. See ‘Marketing’ above, for more details of how to opt-out of marketing. 

We will comply with any requests to exercise your rights in accordance with applicable law. Please be aware, however, that there are a number of limitations to these rights, and there may be circumstances where we are not able to comply with your request. To make any requests regarding your personal data, or if you have any questions or concerns regarding your personal data, you should contact us using the details below. You are also entitled to contact your local supervisory authority for data protection.

 

  1. Security

 This Site ensures that data is encrypted when leaving the Site. This process involves the converting of information or data into a code to prevent unauthorised access. This Site follows this process and employs secure methods to ensure the protection of all credit and debit card transactions. Encryption methods such as SSL are utilised to protect customer data when in transit to and from this Site over a secure communications channel.

     Whilst we do everything within our power to ensure that personal data is protected at all times from our Site, we cannot guarantee the security and integrity of the information that has been transmitted to our Site.

 

  1. Children

 

Our Site is not intended for, and should not be used by, children under the age of 18. We do not knowingly collect personal data from children under 18.

 

  1. Cookies

 

Our Sites uses cookies and similar technologies to provide certain functionality to the Site, to understand and measure its performance, and to deliver targeted advertising. Please see our Cookie Policy here for further information about the cookies we use and how to amend your cookie settings.

 

  1. Contacting Us

            If you have any questions about Our Site or this Privacy Policy, please contact Us by email at customercare@gracebeautybox.co.uk, by telephone on 01280704657. Please ensure that your query is clear, particularly if it is a request for information about the data We hold about you

  1. Changes to Our Privacy Policy

           We may change this Privacy Policy from time to time (for example, if the law changes). Any changes will be immediately posted on Our Site and you will be deemed to have accepted the terms of the Privacy Policy on your first use of Our Site following the alterations. We recommend that you check this page regularly to keep up-to-date.