- General information
- This document specifies the privacy principles applicable in the Online Shop enjoythedrop.com (hereinafter referred to as the “Online Shop”).
- For the purposes of data protection legislation, we are the data controller of your personal data. The Drop Supplements Ltd, Kemp House 160 City Road, London EC1V 2N, United Kingdom, e-mail : email@example.com .
- We are committed to complying with the GDPR and the Data Protection Act 2018.
- Personal information
- collects information provided voluntarily by the Online Shop Customers. However, the provision of marked personal data is a condition for placing an order.
- Moreover, The Controller may record the information about connection parameters, like IP addresses, for technical purposes, for server administration and for collection of general, statistical demographic information (e.g. about the region from which the connection comes), and also for security purposes.
- The Controller shall make an extra effort in order to protect privacy and information about the Online Shop Customers provided to him. The Controller shall exercise due diligence when selecting and applying appropriate technical measures, including those of programming and organizational nature, in order to protect the processed data, and in particular he shall protect the data from unauthorized access, disclosure, loss and destruction, unauthorized modification, and also from their processing with the breach of the applicable provisions of law.
- Personal data will be processed in accordance with the principles of art. 5 GDPR.
- Personal data will be:
- processed lawfully, fairly and in a transparent manner in relation to the data subject (‘lawfulness, fairness and transparency’);
- collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; (‘purpose limitation’);
- adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (‘data minimisation’);
- accurate and, where necessary, kept up to date (‘accuracy’);
- kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; (‘storage limitation’);
- processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures (‘integrity and confidentiality’).
- Legal basis
- The basis for the processing of the Customer’s Personal Data is primarily the necessity to perform the contract to which he is a party or the need to take action at his request prior to its conclusion (Article 6 par 1 ( b) of GDPR).
- After expressing separate consent, pursuant to art. 6 par. 1 (a) GDPR data may also be processed for the purpose of sending commercial information by electronic means or making telephone calls for direct marketing purposes.
- Personal data may also be processed in an automated way in the form of profiling, provided that the user consents to it on the basis of art. 6 par. 1 (a) GDPR. The consequence of profiling will be the assignment of a profile to a given person in order to take decisions regarding him or to analyze or predict his preferences, behaviors and attitudes.
- If the Customer has subscribed for the newsletter, The Controller shall send, to the electronic mail address provided by the Customer, messages with information about products and services available in the Online Shop, and also information about organized competitions, promotions.
- In other purposes, the Customer’s Personal Data may be processed on the basis of:
- applicable law when processing is necessary to fulfill the legal obligation of the Administrator e.g. when based on tax regulations or accounting one, The Controller settles concluded sales contracts (Article 6 (1) (c) of the GDPR);
- indispensable for purposes other than those mentioned above resulting from legitimate interests pursued by The Controller or by a third party, in particular to determine, assert or defend claims, market and statistical analyses (Article 6 (1) (f) GDPR).
- Personal data processed for purposes related to the purchase will be processed for the period necessary to complete the purchase and order, after which the data subject to archiving will be stored for the period appropriate for the limitation of claims. Personal data processed for marketing purposes covered by the consent statement will be processed until the consent is revoked.
- The personal data we collect and use
- We ensure that the collection and use of your personal data is lawful. Therefore, for the purposes listed below, we only use your personal data if one of the following conditions apply:
- You have given us your consent ;
- We need your personal data for the performance of a contract you enter into with us, such as when you purchase a product through the website ;
- We need to comply with legal obligations ;
- We need to protect your vital interests ;
- Your data is necessary for the public interest, or ;
- We have a legitimate interest in processing the personal data.
- We may collect the following:
- Contact information : First name, Email ;
- Purchases : First name, Last name ,email, phone, postal address ;
- Anonymous statistical information about your visits to our website and the resources that you access, including, but not limited to, traffic data, location data, weblogs and other communication data.
- If you make a purchase our third party payment provider (PayPal, Apple Pay, World Pay) may require additional personal information. This information, which is required to process your payment, is not collected or stored by us. We do not store credit or debit card details nor do we share customer details with any 3rd parties, unless it is for the purpose of delivering the product or service you have purchased. During the payment process you will be able to read the payment providers privacy terms.
- Recipients of personal data
- Recipients of the Buyer’s personal data may by entities performing the order at the Seller’s request and handling it, such as: shipment companies, accounting companies, suppliers of the goods, assembly services, providers of IT solutions, payment processing companies, banks, companies providing marketing services, telecommunication providers, law offices, authorised state authorities.
- We do not allow third-party suppliers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
- Your rights on personal data concerning you
- As Customers provide their personal information voluntarily, they shall have the right to access their personal data and the right to rectify, delete, limit the processing, the right to data transfer, the right to object, the right to withdraw consent at any time .
- Detailed conditions of the above rights shall be indicated in Articles 15-22 of the GDPR Regulation.
- We’d like the chance to resolve any complaints you have, however you also have the right to complain to the UK data protection regulator (the “ICO”) about how we have used your personal data. Their website is https://ico.org.uk/your-data-matters/raising-concerns/.
- Their website also contains useful information about your privacy rights https://ico.org.uk/for-organisations/resources-and-support/your-data-matters.
- When viewing the Online Shop websites “cookie” files are used, which are small text files recorded in the Customer’s target device in connection with using the Online Shop. They are used in order to improve the experience with the Online Shop websites.
- The “cookie” files used by the Administrator are safe for the Customer’s devices. In particular, it is not possible for viruses or other unwanted or malicious software to enter the Customer’s devices in that way. Those files allow to identify the software used by the Customer and to adjust the Online Shop to each Customer individually. “Cookie” files sometimes contain information about the domain name of their origin, how long they are kept in the device and the ascribed value.
- The Administrator uses three types of “cookie” files:
- Session cookies: they are kept in the Online Shop Customer’s device and remain there until the given browser session is closed. Then the recorded information is permanently deleted from the memory of the Online Shop Customer’s device. The session cookies’ mechanism does not allow to download any personal information or confidential information from the Online Shop Customer’s device.
- Permanent cookies: they are kept in the Online Shop Customer’s device and remain there until they are deleted. They are not deleted automatically when the session of the given browser is closed or when the device is turned off. The permanent cookies’ mechanism does not allow to download any personal information or confidential information from the Online Shop Customer’s device.
- ” Analytical ” cookies allow for a better understanding of how the Customer interacts with the content of the Store, better organize its layout. “Analytical” ” cookies ” collect information about the manner of using the Store by the Customer, the type of website from which the Recipient was redirected, and the number of visits and time of the Customer’s visit to the Store. This information does not record specific Customer’s personal data, but it is used to develop statistics on the use of the Store.
- “Cookie” files may be used by advertisement networks, in particular by the Google network, in order to display advertisements adjusted to the way the Customer uses the Online Shop. To that end, the information may be retained about the Customer’s navigation path or the time spent on the given website.
- As regards the information about the Customer’s preferences collected by the advertising network Google, the Customer may view and edit the information related to cookie files by means of the following tool: https://www.google.com/ads/preferences/.
- The Customer may, by himself and at any time, change the “cookie” files settings, specifying the conditions of their storing and of their access to the Customer’s device. The settings referred to in the previous sentence may be changed by the Customer through the web browser settings or through configuration of the service. Those settings may be changed in particular so as to block automatic support for “cookie” files in the web browser settings or to inform each time they are introduced to the Customer’s device. Detailed information about the possibilities and ways of supporting cookie files is available in the software (web browser) settings.
- To learn how to manage cookies, including how to disable them in your browser, you can use the help section of your browser. You can learn more about this by pressing the F1 key while in your browser. In addition, you will find appropriate tips on the following pages, depending on the browser you are using:
Internet Explorer / Microsoft Edge
- The Customer may remove “cookie” files at any time, using the functions available in the web browser he uses.
- Limitation of the “cookie” files application may affect some functionalities available on the Online Shop website.
- We use the following third party cookies to help run our business:
- Google Analytics