IN READINESS FOR THE GENERAL DATA PROTECTION REGULATION, AS OF 15TH MAY 2018
THIS IS OUR NEW PRIVACY NOTICE
Who we are
What is a privacy notice?
What personal data do we collect and when?
How do we use your personal data?
Why are we allowed to handle and store your personal data?
How do we protect your personal data?
How long do we keep your personal data for?
Who else sees your personal data?
Where is your data stored?
Do we process children's data?
What rights do you have over the data we store and how can you ask us to stop storing it?
What can you do if you are unhappy with how we handle your data?
1. Who we are
We are Auroras Angels Limited ("us/we") and we control the Auroras Angels website.
2. What is a privacy notice
This notice contains our obligations and promises to you about the different types of personal data we might collect about you when you shop, make contact, or browse with us. It explains how we'll store, handle and protect that data.
3. What personal data do we collect and when?
We collect the following information about you:
- Name and Surname
- Email address
- Date of Birth
- Contact phone number(s)
- Purchase information
- Interactions with us e.g. contacting our Customer Services Team (we may record your calls), or visits to our stores/website/app
- Personal information you put on social media
- Information you provide in your reviews of us, or survey responses
- Delivery address(s)
- Billing address
- Attendance at events (and travel preferences)
- Preferred store, categories and brands
- IP address
- Information from cookies, including information on the devices you may use to make a purchase - please see our separate Cookies Policy
- Images of you (including CCTV footage from our stores)
- Clothing size
We collect the information in the following circumstances:
- When you register to or use our website
- When you register to or use our in-store WIFI (in any of our stores)
- When you register to or use our app
- When you allow social media sites to provide your data to us
- When you contact us by telephone or email
- When you register or use our Style Studio services
- When you enter any event, prize draws or competitions run by us
- When completing any of our surveys or leaving us a review
- When completing any forms for transactional, employment or other purposes
- When you buy products or gift cards/vouchers
- When you've given a third party permission to share with us the information they hold about you
- When you shop in our stores we may capture your image on our CCTV cameras
4. How do we use your personal data?
We use your personal data in the following ways:
- To enable us to personalise your shopping experience on our sites.
- To allow us to handle your orders, deliver products and process your payments and refunds (including to ensure secure payment and prevent fraud).
- To respond to your queries, refund requests and complaints.
- To keep a record of when and why you contact us and to keep your contact details up-to-date.
- For statistical, analytical or survey purposes - so we can improve our websites and the services we offer you.
- To enable third parties to carry out technical, logistical or other business functions on our behalf such as advertising on social media sites you might use and visit (our ability to do this will depend on the privacy settings you have on your social media accounts).
- Where you are an existing customer (or you have otherwise given us your data) and have not opted out, or where you have consented, we use your data to send you information about our business and products we think you might like and to notify you of products or special offers that may be of interest to you.
- If you have signed up to Style Studio services, we may also contact you by telephone as part of our personalised service to you.
- To process your application when you enter a competition promotion or prize draw. (If there are other purposes specific to that competition promotion or prize draw, these will be explained in the applicable Competition Terms & Conditions).
In order to help us manage our customer relationships, we use third party platforms. These platforms assist us to do lots of things, including: conduct email marketing campaigns, advertise online, undertake customer analytics, plan and put on events, book appointments, fulfil orders, make deliveries, returns and refunds etc. We therefore pass on your personal data to these third parties, on the condition that they agree to handle your information in line with this notice.
5. Why are we allowed to handle and store your personal data?
There are number of legal bases which allow us to use your personal data. The following sets out more detailed explanations of the bases we rely on to collect and process your personal data:
If you visit our site and are not an existing customer, or if you fill in any in-store materials, such as prize-draw entries, we might ask for your consent to process your data, so that we can send you our special offers and news.
- Contractual obligations
Our primary use of this basis is when you purchase our products. In this situation it is necessary for us to process your personal data in order to fulfil your order and send your goods to you.
- Legal compliance
In some circumstances, we may be legally required to collect and process your data e.g. to pass it on to the police if criminal activity is suspected.
- Legitimate Interest
It may be necessary to use your data to help us run our business. For example, to action any changes to your account that you request, or to personalise the services we provide - with the aim of improving your customer experience. We will only use your data in these instances, where doing so does not materially impact your rights, freedom or interests.
6. How do we protect your personal data?
It is our duty to protect all personal data gathered and in order to do this our teams follow our internal data management policies and handle the data with the greatest level of care and expertise available to us. They do this by using various security technologies and internal procedures to ensure that it is kept safe and secure.
7. How long do we keep your personal data for?
We only keep your personal data for as long as is necessary for the purpose for which it was collected (subject to any legal requirements). Once it is no longer necessary, we will either delete the data, or anonymise it. The use of anonymised data helps us to optimise our customer service.
8. Who else sees your personal data?
Sometimes we will share your personal data with trusted third parties. We will do this in the following circumstances:
- To process your order e.g. with delivery drivers, or with third party payment service providers
- To handle complaints e.g. with our Customer Services call centre
- To detect any fraudulent activity, or assist law enforcement authorities
- To help us offer you a more personalised shopping experience by sending you offers and updates
When we share information with third parties, we will ensure that:
- We only provide the data they need to perform their specific function
- They only use the data provided as intended
- They have the requisite measures in place to protect your data and delete it once the function has been performed, or delete it when we cease working with them
9. Where is your data stored?
Some of our partners and third parties who may receive your personal data are based outside of the European Economic Area. In such cases, we ensure that our partners are contractually-bound to protect your data to the same degree that is required in the European Union.
10. Do we process children's data?
In order to shop with us online, you must be over 16 years old and we do not knowingly collect personal data from children under 16. However, we encourage parents and legal guardians to monitor their children's Internet usage and to help enforce this notice by instructing children never to provide personal data to us.
11. What rights do you have over the data we store and how can you ask us to stop storing it?
- You have the right to correct any information we store which might be incorrect, incomplete, or out of date. You can do this yourself by logging into your account, or by contacting our Customer Services Team who will give you step-by-step advice on how to do this. You can contact them by emailing: email@example.com
- If we are processing your personal data on the basis of our legitimate interest, you have the right us to ask us to stop. We must then do so unless we believe we have a legitimate overriding reason to continue processing your personal data.
- You have the right at any time to stop us sending you marketing material. You can do this in the following ways:
- Click the ‘unsubscribe' link in any email communication that we send you. We will then stop any further emails from that particular division.
- Contact our Customer Services Team by emailing: firstname.lastname@example.org
- If you have an account, log in into your account, visit the ‘My Account' area and change your preferences via our website or our app.
- You can unsubscribe from receiving push notifications by disabling the relevant options in your phone ‘settings'
Please note that you may continue to receive communications for a short period after changing your preferences whilst our systems are fully updated.
Please note that if you follow a link which clicks through to a third party site, this notice will not apply and you will need to review that third party's privacy terms and conditions.
- You have the right to ask us what data we hold which concerns you. Such requests are usually free, but we will ask you to submit your query in writing and include the following:
- Full name (we will ask you to verify your identity)
- Full address
- Email address
- Phone number
- Specific details on what you require or are requesting
We will process your request and will either respond within 30 days, or contact you to gather more information before we fulfil your request. In the event that we might refuse to fulfil your request (for example if it is unreasonable), we will give a full explanation as to why.
12. What can you do if you are unhappy with how we handle your data?
Your first port of call should be to contact our Data Protection Officer as outlined in Section 11. However, if you still feel that your data is not being handled appropriately, you have the right to lodge a complaint with the Information Commissioner's Office.
If you are outside of the UK, please contact the relevant data protection regulator in your country of residence.
We may update this notice and our policies from time to time, so please check back here for the latest version.