1. PURPOSE OF NOTICE
1.1. At Skin Essentials by Mariga, we’re committed to protecting and respecting your privacy. This notice explains when and why we collect your personal information. It also explains how we use your personal data and how we keep it secure.
1.2. Importantly, this notice details how you can take control of your personal data and how you can contact us, if you wish to change, request or delete any of your personal data.
1.3. Our privacy practices are in line with requirements set out in the General Data Protection Regulation (GDPR) and the Data Protection Act 2018.
1.4. In order to provide you with the best products and experiences, we constantly evolve our services. We may, therefore, change this notice from time to time, so please continue to check this page to ensure that you’re happy with any changes. By using our website, you’re agreeing to be bound by this policy.
1.5. Any questions regarding this notice and our privacy practices should be sent by email to: firstname.lastname@example.org.
2. SCOPE OF NOTICE – WHO WE ARE AND WHO DOES THIS NOTICE APPLY TO:
2.1. This notice gives information to those who visit our website, enquire about or buy a product from us, use our services, or otherwise communicate with us about where and how we process their personal data.
2.2. We do not offer services to children under the age of 13. If you are under the age of 13, please stop using our services.
2.4. Skin Essentials by Mariga is the controller and is responsible for this business and website.
2.5. If you have any questions about how we collect, store or use personal data that we hold about you, please contact us Skin Essentials by Margia, Unit 10A Redmond Square, Wexford Town, Co.Wexford, or email email@example.com.
3. HOW DO WE OBTAIN INFORMATION FROM YOU?
3.1. We primarily collect your personal data when you buy from us, contact us about products and services, or if you register to receive one of our newsletters. Although, we may also obtain information about you when you use our website, or communicate with us in any way (email, social media, calls, mail).
3.2. We obtain information about you, for example when you:
3.2.1. use the website (including collecting data on your browsing habits, or your interactions with us through live chat);
3.2.2. register for, or use any in-store services;
3.2.3. register for, or create an account with us;
3.2.4. search for, purchase;
3.2.5. request an e-receipt from us;
3.2.6. communicate with us by telephone, email or otherwise;
3.2.7. sign up for our newsletters or to receive other marketing communications from us;
3.2.8. participate in any discussion board or other social media function on or linked to the website;
3.2.9. enter any competition, or participate in any promotion organised by us (such as when you refer a friend);
4. WHAT TYPE OF DATA DO WE PROCESS?
4.1. We collect data in many ways. Here we explain what type of data we collect. We’ll tell you how we use the data later.
4.2. Some of the data you may choose to give us includes:
4.2.1. personal details such as your name, age, gender, date of birth, address, email and telephone number;
4.2.2. details relating to your transaction history with us;
4.2.4. details of your shopping and product preferences; and
4.2.5. We may also collect information from you due to your interaction with our website, for example:
4.2.6. technical information: such as your time zone setting, the Internet Protocol (IP) address used to connect your computer to the Internet, your computer or mobile device and connection information such as your browser type, version, operating system and platform.
4.2.7. information about your visit and traffic pattern: such as the full Uniform Resource Locators (URL) clickstream to, through and from our website (including date and time), frequency, duration and usage of in-store services, products you viewed and searched for; page response times, download errors, length of visits to certain pages, page interaction information, basket contents and methods used to browse away from the page;
5.3. You can disable cookies on your computer by changing the preferences or options menus in your browser. However, it is possible that some parts of our Site will not operate correctly if you disable cookies.
5.4. Cookies helps us to improve our website and deliver a better, more personalised service.
- HOW WE USE YOUR DATA AND OUR LAWFUL BASIS
6.1. We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
6.2. Performance of Contract: this means processing your data where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract. For example, when you want to buy something from us.
6.3. Legitimate Interest: this means the interest of our Company in conducting and managing our business. This is to enable us to give you the best service, product and security. We make sure we consider and balance any potential impact on you (both positive and negative) as well as your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
6.4. Comply with a legal or regulatory obligation: this means processing your personal data where it is necessary for compliance with a legal or regulatory obligation that we are subject to.
6.5. Generally, we do not rely on consent as a legal basis for processing your personal data other than in relation to sending direct marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time by contacting us firstname.lastname@example.org.
6.6. We have detailed below the ways we use your personal data and our legal basis for processing:
6.7. Exercising our rights under contract for the sales of goods or services:
6.7.1. fulfilling and managing your requests, purchases and accounts with us – for example so that we can:
6.7.2. process orders, deliver products and services, process payments and carry out any other obligations arising from any sales entered into between you and us;
6.7.3. provide you with customer service functions to see if there was a problem with your use of the website;
6.7.4. notify you about changes to our website, or services;
6.7.5. maintain and update your account with us;
6.7.6. keep our business records and fulfil our contractual obligations.
6.8. Undertake our legitimate interests as a business. These include, but are not limited to:
6.8.1. analysing your personal information to create a profile of your interests and preferences so that we can contact you with information relevant to you. To help us to do this effectively, we may make use of additional information about you that is available from external sources;
6.8.2. offering you the opportunity to take part in competitions and prize promotions. Entry to competitions is entirely voluntary, and you are under no obligation to take up an invitation from us to enter;
6.8.3. enhancing your interaction and experience with us – for example so that we can:
220.127.116.11. administer our website including for internal operations, trouble -shooting, testing and research.
18.104.22.168. improve and optimise our website and in-store customer experience and develop new services;
22.214.171.124. analyse how you and others use our website and clinic;
126.96.36.199. customise your experience when using our Site or other services; and
188.8.131.52. ensure the health, safety and wellbeing of our employees.
6.9. Ensuring that we discharge and undertake our statutory, regulatory and legal obligations which may include:
6.9.1. our obligations to our insurers;
6.9.2. prevention of fraudulent transactions and other illegal activities; and
6.9.3. keeping our business records and fulfil our contractual obligations.
6.9.4. administering and protecting our business and website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data).
6.10. Generally, we do not rely on consent as a lawful basis for processing your personal information, other than in relation to:
6.10.1. sending certain direct marketing communications to you;
6.10.2. using cookies on our website or mobile apps (where such cookies are not of the strictly necessary type for functional purposes);
6.10.3. processing special categories of personal information in relation to health, medical or disability information, which you choose to provide to us (to the extent that this is not required for complying with a legal or regulatory obligation);
6.10.4. providing you with information that might be of particular interest to you, such as upcoming events and products and treatments that you previously showed interest in.
6.11. You have the right to withdraw consent at any time by contacting us email@example.com.
6.12. Any of these functions may be carried out by us.
8. MORE ABOUT HOW WE COMMUNICATE WITH YOU:
8.1. We send two types of emails: customer service emails which are required to maintain our website and services; and newsletters or other marketing communications which contain special offers, discounts and information that might be of interest to you.
8.2. While customer service emails are necessary to help you benefit from our services, you may choose not to receive marketing communications when you set up your account with us. You may also unsubscribe from receiving marketing communications from us at any time, by following the unsubscribe link in our emails, by modifying your subscription preferences in your account, or by emailing firstname.lastname@example.org.
9. WHAT ARE YOUR RIGHTS AND HOW CAN YOU CONTROL THE DATA WE HOLD ON YOU?
9.1. We will not contact you for marketing purposes by post, email, SMS, and telephone unless you have given your consent. You can withdraw this consent at anytime.
9.2. You can change your marketing preferences at any time by following the unsubscribe link in our emails, or by emailing email@example.com.
9.3. The Right to Object:
9.3.1. In some instances, you may have the right to ask us to stop processing your data. However, please note that this right does not always apply, for example where we are processing your data because we have a legitimate interest in doing so (such as where we contact you regarding a reminder for your upcoming treatment). You are always able to raise an objection to our processing and we will do our best to comply with your request, where we are legally able to.
9.4. The Right to Erasure (The right to be forgotten):
9.4.1. Similarly, you have the right (in some instances) to request that we destroy all the data that we hold on you.
9.4.2. We will stop processing your data for marketing as soon as you unsubscribe.
10. HOW CAN I ACCESS AND UPDATE MY INFORMATION?
10.1. The accuracy of your information is important to us. We’re working on ways to make it easier for you to review and correct the information that we hold about you. In the meantime, if any information that we hold on you is inaccurate or out of date, please email us at: firstname.lastname@example.org so that we can correct this for you.
10.2. If you wish to raise a complaint on how we have handled your personal data, you can contact email@example.com.
10.4. If you are not satisfied with our response, you can contact the Information Commissioner’s Office (OIC): http://www.oic.ie/
11. KEEPING YOUR INFORMATION SAFE
11.1. When you provide us with your personal information, we take steps to ensure that it’s treated securely.
11.2. Any sensitive information (such as bank, credit or debit card details) will always be entered on a secured page and transferred using SSL, a cryptographic protocol designed to provide communication security over the Internet. A secured page will be indicated by the appearance of a lock icon on the web browser.
11.3. Non-sensitive details, such as your email address, are transmitted normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk.
11.4. Where a password has been provided, or chosen by you, which enables you to access certain parts of our website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
11.5. We only store your personal data for as long as is necessary for the purposes listed in the How We Use Your Data and the Lawful Basis section above. We may have to keep some of your information (such as payments information) for longer where this is reasonably necessary or required by law or regulation, for instance, to prevent fraud or resolve disputes. The longest we normally hold customer records (apart from marketing) is 7 years after our business relationship has come to an end unless we are required by law or regulation to keep the data for longer. We will, however, stop processing your data for marketing as soon as you unsubscribe.
12. KEEPING CHILDREN SAFE
12.1. It is important to us that we protect the privacy of children, being those under the age of 18. If you are aged under 18‚ please get your parent/guardian’s permission beforehand whenever you provide us with personal information.
12.2. If we learn that we have collected the personal information of a child, being those aged 13 or under, we will take steps to delete the information as soon as possible.
12.3. If you believe that a child under your care has submitted personal information to us, please contact us at: firstname.lastname@example.org so that we can delete it.