We fully respect the privacy of our customers at all times and we fully comply with applicable Data Protection Legislation. When requesting information from us and/or placing orders with us, we keep a record of your basic contact information (including name, address, email and phone).
We will process your details at all times in accordance with the terms of GDPR (General Data Protection Regulation) which replaces the Data Protection Act from 25th May 2018.
If you have any queries relating to how we use your data please contact us.
This policy sets out the basis on which any personal data (meaning information about an individual from which that individual can be personally identified) we collect from you, or that you or others provide to us, will be processed by us, Enity Lab Ltd.
What type of information do we collect?
We collect personal data from you when you provide it to us directly and through your use of the Site. This information may include:
Information you provide to us when you use our Site (e.g. your name, contact details, gender, product reviews, and any information which you add to your account profile);
Transaction and billing information, if you make any purchases from us or using our Site (e.g. credit/debit card details and delivery information);
Records of your interactions with us (e.g. if you contact our customer service team, interact with us on social media);
Information you provide us when you enter a competition or participate in a survey;
Information collected automatically, using cookies and other tracking technologies (e.g. which pages you viewed and whether you clicked on a link in one of our email updates). We may also collect information about the device you use to access our Site; and
Other information necessary to provide the Site, for example we may access your location if you give us your consent.
If you contact us via the email address provided on our website, we will obtain your email address and any other information that you include in your email. To enable us to look into your enquiry, we are required to process this data. When you contact us, we will process your data so that we can look into and respond to your enquiry. The legal basis for the processing of this data is Art. 6, para. 1(f) of the GDPR. The aforementioned purpose is classed as a legitimate interest.
We will store your emails and other correspondence with us for as long as required to process your enquiry, plus a further period of three years, in case you contact us again with reference to your original question.
Article 6, para,1
Processing shall be lawful only if and to the extent that at least one of the following applies:
- the data subject has given consent to the processing of his or her personal data for one or more specific purposes;
- processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
- processing is necessary for compliance with a legal obligation to which the controller is subject;
- processing is necessary in order to protect the vital interests of the data subject or of another natural person;
- processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
- processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
What do we use your information for?
Depending on how you use our Site, your interactions with us, and the permissions you give us, the purposes for which we use your personal data include:
To fulfil your order and maintain your online account.
To manage and respond to any queries or complaints to our customer service team.
To personalise the Site to you and show you content we think you will be most interested in, based on your account information, your purchase history and your browsing activity.
To improve and maintain the Site, and monitor its usage.
For market research, e.g. we may contact you for feedback about our products.
To send you marketing messages and show you targeted advertising, where we have your consent or are otherwise permitted to do so.
For security purposes, to investigate fraud and where necessary to protect ourselves and third parties.
To comply with our legal and regulatory obligations.
We rely on the following legal basis, under data protection law, to process your personal data:
Because the processing is necessary to perform a contract with you, or take steps prior to entering into a contract with you (e.g. where you have made a purchase with us, we use your personal data to process the payment and fulfil your order).
Because we have obtained your consent (e.g. where you contact us with a query, where you add optional information to your account profile, or if you consent to receive marketing from us).
Because it is in our legitimate interests as an e-commerce provider to maintain and promote our services. We are always seeking to understand more about our customers in order to offer the best products and customer experience. We use information about you to tailor your view of the Site, to make it more interesting and relevant in respect of the products and offers on view.
We send out marketing communications via email when you have registered an account or signed up for our newsletter. This may relate to purchases you have made or your previous browsing.
You can opt out of the marketing communication at any time. To do this you can click ‘unsubscribe’ at the bottom of any email, or you can either email us at firstname.lastname@example.org or go onto ‘my account’ and select ‘manage preferences’.
You may also see ads for our Site on third party websites, including on social media. These ads may be tailored to you using cookies (which track your web activity, so enable us to serve ads to customers who have visited our Site). Where you see an ad on social media, this may be because we have engaged the social network to show ads to our customers, or users who match the demographic profile of our customers. In some cases, this may involve sharing your email address with the social network. If you no longer want to see tailored ads you can change your cookie and privacy settings on your browser and these third party websites.
Who do we share your information with?
We work with a number of trusted suppliers, agencies and businesses in order to provide you with a high quality service, such as delivery companies, businesses that support our website and payment processing providers. We only ever provide information essential to ensuring delivery of your items or fulfilling other important services for you. This may include providing contact information to the relevant courier to ensure the delivery of your order.
How long do we keep your information for?
If we collect your personal information the length of time we retain it is determined by different factors and our lawful obligations.
We may need your personal information to establish, bring or defend legal claims. For this purpose we will retain your information for 7 years after the date it is no longer needed by us, the only exceptions being:
- If the law requires us to hold your personal information for a longer period, or delete it sooner
- You exercise your right to have the information erased and we do not need to hold it in connection with any of the reasons permitted or required under law
- We bring or defend a legal claim or other proceedings during the period we retain your personal information, in which case we will retain your information until those proceedings have concluded and no further appeals are possible.
Withdrawal of information or questions
If you wish to have your personal information erased, you have the right to as long as we do no need to hold it in connection with any of the reasons permitted or required under law. If you wish to do so or have any questions, please contact us on email@example.com
You are entitled to Data Subject Rights and further information is available from the Information Commissioners website www.ico.org.uk.
- Right of access – to request access to your personal information and information about how we process it
- Right to rectification – to have your personal information corrected if it is inaccurate and to have incomplete personal information completed
- Right to erasure (also known as the Right to be Forgotten) – to have your personal information erased.
- Right to restriction of processing – to restrict processing of your personal information
- Right to data portability – to electronically move, copy or transfer your personal information in a standard form
- Right to object – to object to processing of your personal information
- Rights with regards to automated individual decision making, including profiling.
If you have any general questions about your rights or want to exercise your rights please contact firstname.lastname@example.org
Alternatively you can contact us.
Security/How do we protect your personal information/data?
As required by the GDPR we follow strict security procedures in the storage and disclosure of information you have given us to prevent unauthorised access. Our security procedures mean that we may occasionally require proof of identity before we are able to disclose sensitive information to you.
We use Stripe payment system to process your payments, view their security and privacy.
Our service is not intended for, and should not be used by, children under the age of 18. We do not knowingly collect personal data from children under 18.