Privacy and Cookie Policy


SMART SKIN

Last updated: September 2020

At Smart Skin, we are committed to respecting your privacy and protecting your personal data. This privacy and cookies policy (“Policy”) sets out how we use data relating to you and applies to all use of your personal data by Smart Skincare Limited, a private company incorporated and registered in England and Wales with company number 11780795 whose registered office is at 20 Triton Street Triton Street, Gleam Futures, London, England, NW1 3BF (“Smart Skin”, “we”, “us” or “our”). 

This Policy sets out the basis on which any personal data we collect from you, or that you provide to us through our website available at www.mysmartskin.co.uk the “Online Service”) will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

We will only collect and process information about you in accordance with this Policy and we will only use information collected about you in accordance with applicable data protection laws including the EU General Data Protection Regulation 2016 (“GDPR”) and the UK Data Protection Act 2018. Where we decide the purpose or means for the processing of the personal data that you provide when using our Online Service, we are the “data controller” for the purposes of the GDPR.

You have the right to object to the processing of your personal data, including where your personal data is being processed for direct marketing purposes. Further information on this right, and your other rights, is set out below.

If you have any concerns over privacy, or this Policy contact us at support@mysmartskin.co.uk. 

 

How we collect and use your personal data

    1. The table below explains what data we collect, how we use it, and which recipients it might be shared with.

Your data

How we use it

Recipients

Customer information (information provided by you when creating a customer account on the Online Service or signing up to our newsletter)

  • Name
  • Username and password
  • Contact details (email, address, phone number)

We process this information in accordance with the terms of our contract with you (we need your information to setup your account and provide services to you).

Where you have consented, or where it is otherwise lawful for us to do so (such as in pursuit of our legitimate interest in promoting our products and services) we may use this information to send you our newsletter and emails in order to keep you informed with news and updates about our Online Service.

We use Shopify (https://www.shopify.com/legal/privacy) to host our Online Service.

We use Mailchimp to send you our newsletter and emails about our Online Service.

Order information (information about your orders provided by you to our payment processors when making an order on the Online Service)

  • Name
  • Contact details (email, address, phone number)
  • Billing information

We process this information in accordance with the terms of our contract with you (we need your contact details and billing information to process your orders).

We use Shopify (https://www.shopify.com/legal/privacy) to host our Online Service.

This information is provided by customers to our payment processor Shopify.

Support / enquiry information (information we receive when you get in touch with us for support)

  • Name
  • Contact details (email, address, phone number)
  • Other personal data you send to us 

We process this information either in accordance with the terms of our contract with you (where we need this information to provide our services to you) or in pursuit of our legitimate interests in responding to your enquiry and in order to improve our services.

Where your enquiries necessitate contact with the manufacturer of certain elements of our product line, we may put you in touch directly with, or share your queries with, Elementary Brands.

Online Service analytics (collected from your device and interaction with our Online Service)

  • How often you use our Online Service
  • Which webpages/application screens you go to and which features you use
  • Your IP address, and device identifiers communicated by your device
  • Device and browser operating system, version, make and model

This processing is necessary for us to pursue our legitimate interests of understanding how you use the Online Service so we might identify problems, and improve the Online Service.

To the extent that our analytics depends on storing or accessing non-essential cookies or other information on or from your device, we will obtain your consent.

We use Google Analytics (https://support.google.com/analytics/answer/6004245) & Shopify Analytics (https://www.shopify.co.uk/legal/cookies) to help us understand how our services are used.

Analytics cookies and anonymous identifiers may be used to conduct analytics on your visit to the Online Service, including by recording and analysing user behaviour, location, audience, demographic and interest data.

Feedback / review information (any information or content you submit to us via the Online Service such as images, reviews, comments and other information concerning your use of the Online Service and your orders)

We process this information either in accordance with the terms of our agreement with you (such as in respect of providing feedback or review services) or in pursuit of our legitimate interests in responding to your enquiries and in order to improve or deliver our products or services.

We use Shopify (https://www.shopify.com/legal/privacy) to host our Online Service.

 

 

Your Rights In Relation To Your Personal Data

    1. You have certain rights over the way we process personal data relating to you. We aim to comply without undue delay, and within one month at the latest, in response to any requests submitted by you to us:
    • for a copy of personal data we are processing about you and/or to have inaccuracies corrected;
    • to restrict, stop processing, or to delete your personal data; 
    • for a machine-readable copy of your personal data, which you can use with another service provider. Where it is technically feasible, you can ask us to send this information directly to another provider if you prefer; and 
    • to make a complaint to a data protection regulator. You may contact them at: https://ico.org.uk/concerns/.
    1. To make a request in relation to any of the aforementioned rights, please send your request to support@mysmartskin.co.uk. 
    2. You may request deletion of your account via the Online Service or by sending an e-mail to support@mysmartskin.co.uk. Please note that some information may remain in our private records after deletion of your account. We may use any aggregated data derived from or incorporating your personal data after you delete your account but not in any manner that would identify you personally.
    3. There may be circumstances where we will ask you for your prior consent in respect of our use of your personal data for direct marketing. Where we rely upon your consent to do this activity, you can withdraw your consent at any time upon email to support@mysmartskin.co.uk. We hope that you would like to receive our updates, but we do not want to send you emails that are not of interest for you. If you would like to be removed from our mailing list please let us know by clicking unsubscribe at the bottom of any marketing email that you receive from us.
  1. DISCLOSURE OF YOUR Personal DATA
    1. We will share your personal data with third parties only in the ways that are described in this policy.
    2. Group, suppliers, subcontractors, service providers. We keep your personal data confidential, but may disclose it to any member of our corporate group, our personnel, suppliers or subcontractors insofar as it is reasonably necessary for the purposes set out in this Policy. 
    3. Government authorities. In addition, we may disclose your personal data to the extent that we are required to do so by law (which may include to government bodies and law enforcement agencies); in connection with any legal proceedings or prospective legal proceedings; and to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention).
    4. Potential acquirers or investors. If we are involved in a merger, acquisition, or sale of all or a portion of our business or assets, the personal data we hold may be included as part of that sale, in which case you will be notified via email, your account and/or a prominent notice on the Online Service of any changes in ownership or use of your personal data, as well as any choices you may have.
    5. Enforcement. We may also disclose your personal information to third parties in order to enforce or apply the terms of agreements, to investigate potential breaches, or to protect the rights, property or safety of us, our personnel or customers, or others.
    6. We only permit our suppliers and subcontractors to process your personal data for specified purposes and in accordance with our instructions. All our third-party service providers are required to take appropriate security measures to protect your personal data.
  2. Data Retention
    1. We will only hold data about you for as long as necessary, bearing in mind the purpose for which that data was collected, or as otherwise described in this Policy.
    2. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. 
  3. Security
    1. We will take commercially reasonable, appropriate technical and organisational measures to ensure a level of security appropriate to the risk that could be encountered via the use of our Online Service taking into account the likelihood and severity those risks might pose to the rights and freedoms of our Online Service visitors and customers.
    2. In particular, we will take precautions to protect against the accidental or unlawful destruction, loss or alteration, and unauthorised disclosure of or access to the personal data transmitted, stored or otherwise processed by us. 
  4. International Data Transfers
    1. We are a UK Company and our servers are located in the EEA and your personal data will be stored in these servers.
    2. Where we use data processors which are outside the EEA, there are agreements in place to ensure that personal data is processed using appropriate safeguards that meet the requirements of data protection laws. Such appropriate safeguards may include standard data protection clauses adopted by a data protection regulator and approved by the European Commission, such as the European Commission’s standard contractual clauses.
    3. If you would like to find out more about these safeguards or if you have any other queries or comments in relation to this Policy, please let us know by emailing us at support@mysmartskin.co.uk. 
  5. General
    1. If you follow a link from the Online Service to any third party websites, you should be aware that those websites may have their own privacy policies. We do not accept any responsibility or liability for those websites. Please check the policies of any third party websites before submitting any personal data to those websites.
    2. We may make changes to this Policy in the future, which will be posted on this page. You should check this page from time to time to ensure you are aware of any changes. Where appropriate we may notify you of changes by email.
    3. All questions, comments or enquiries should be directed to us. We will try to respond to you within 48 hours.

CONTACT US

E-mail: support@mysmartskin.co.uk. COOKIE POLICY

Last updated: September 2020

Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site. The table below explains the cookies we use and why.

Cookie

Duration 

Purpose/ Third Party Access 

Google Analytics

180 days

This cookie is used to collect information about how visitors use our Online Service. We use the information to compile reports and to help us improve our Online Service. The cookies collect information on the number of visitors to the Online Service, where visitors have come to the Online Service from and the webpages or app screens they visited. We do not facilitate the merging of personally-identifiable information with non-personally identifiable information.

Read Google’s overview of privacy and safeguarding data here.

Authentication

During your session

To log you into our Online Service and keep you logged in, and to ensure that your shopping basket stays full when you move from page to page.

Preferences

One month

To remember information about you such as your preferred language and configuration.

Shopify

 

Shopify will also place certain analytics cookies on your device in order to enable the operation of our storefront, and for the purposes of collecting information about how visitors use our Online Service.  More information about these cookies is available online here:

https://www.shopify.co.uk/legal/cookies

 

HOW DO I CHANGE MY COOKIE SETTINGS

Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set, visit https://www.allaboutcookies.org/.

Find out how to manage cookies on popular browsers:

To find information relating to other browsers, visit the browser developer’s website.

For information how to opt out of the collection and use of information for ad targeting visit http://www.aboutads.info/choices and http://www.youronlinechoices.eu/.