Graphters Ltd (trading as Shop Skincare) is committed to protecting customer’s privacy. We work hard to ensure that your privacy is maintained and that any data shared with us is carefully looked after. Graphters Ltd (trading as “Shop Skincare”, “we” or “us”) is the data controller of any personal data collected via connection with shopskincare.co.uk. Personal data refers to any data capable of identifying you. By providing us with your data, you warrant to us that you are over 18 years of age.
What Personal Data do we collect about you?
We may collect, store and use data when it is provided directly through your use of the Site: The following kinds of personal data may include:
- Information you provide to us when you use our Site (e.g. your name, contact details, gender, product reviews, and any information which you add to your account profile);
- Information about your computer, about your visits to and use of this website, IP address, geographical location, browser type, referral source, length of visit and number of page views.
- Transaction and billing information, if you make any purchases from us using our Site (e.g. credit/debit card details and delivery information);
- Records of your interactions with us (e.g. if you contact our customer service team, interact with us on social media); we will have record of your email/ account on our system.
- Any information that you provide to us for the purpose of subscribing to our e-mail notifications.
What do we use this personal data for?
We only request personal information for us to fulfil our side of things. Depending on how you use our Site, your interactions with us, and the permissions you give us, the purposes for which we use your personal data include:
- To fulfil your order and maintain your online account.
- To manage and respond to any queries or complaints to our customer service team.
- To improve and maintain the Site, and monitor its usage.
- To personalise the Site to you and show you content we think you will be most interested in, based on your account information, your purchase history and your browsing activity.
- For security purposes, to investigate fraud and where necessary to protect third parties and ourselves.
- To comply with our legal and regulatory obligations.
- As an e-commerce provider we want to maintain and promote our services. We use information about you to tailor your view of the Site, to make it more interesting and relevant in respect of the products and offers on view.
Our Site may give you the option of adding additional information to your account profile, such as information about your preferences in skincare/ skin type etc. We treat this information with particular sensitivity, as we understand it can reveal information about your health or ethnicity. You do not have to provide this information to us, and can delete it or update it at any time by contacting us on email@example.com.
We may process your personal data without your knowledge or consent where this is required or permitted by law. We may use your personal information to:
- Improve your browsing experience by personalising the website to you.
- Send goods to you purchased via the website.
- Send invoices to you, and collect payments from you.
- Send you our newsletter and other marketing communications (relating to our business which we think may be of interest to you), you can inform us at any time if you no longer require marketing communications to be sent to you by emailing us at firstname.lastname@example.org.
Please note: We will never share your personal details with any third-parties for their own use.
Who do we share this personal data with?
We share customers’ personal data with third parties in the following circumstances:
- To our suppliers and service providers working for us, e.g. payment processors, IT system administration services and delivery companies.
- To our professional and legal advisors and third parties engaged in fraud prevention and detection. In order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk).
- To law enforcement or other governmental authorities, e.g. to report a fraud or in response to a lawful requests.
- Otherwise where we have your consent or are otherwise legally permitted to do so, including where Government bodies require us to report processing activities.
- In order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk).
What and why is Enquiry Data collected?
Enquiry Data is collected so that we may communicate to you. The legal grounds for us processing this data is for legitimate interests and may include:
- User Generated Data is where you have chosen to post on our website, e.g a comment on a blog post or a product review. Send invoices to you, and collect payments from you.
- Preference Data is collected to enable the website to perform and be administered correctly. Our lawful ground for this processing is for legitimate interests.
- Statistical Data is collected so that we may provide a fully functioning website that helps our business to communicate core message to relevant persons. The legal ground for us processing this data is for legitimate interests.
- Marketing data is collected to allow us to grow our business and provide a better service to our customers. The legal ground for us processing this data is for legitimate interests.
- Other - Under GDPR it may be deemed that your IP address constitutes personal data because it could be used to identify you or in whole or part. The legal grounds for us processing your IP is for our legitimate interest which helps to keep our website safe. We process your IP address for security reasons to protect our website for malicious attacks and hacks. We may cross reference your IP with the IP’s of blacklisted users and if a match is found we may add your IP to the blacklist and prevent further access to you.
Depending on your marketing preferences, we may use your personal data to send you marketing messages via email, phone or post. Some may be tailored to you, based upon previous browsing or purchase history including other information we hold about you.
We may send you marketing communications from us:
- If you have previously purchased from us.
- If you have made an enquiry from us about our products and services.
- If you requested to receive marketing communications (opted in)
If you no longer want to receive marketing communications from us or would like to opt back in, email (email@example.com). If you are a limited company, we may send you marketing emails without your consent.
Please note: We may still contact you with service messages from time to time (e.g. order and delivery confirmations, and information about your legal rights).
Keeping Your Data Safe
We would like to make sure the data we hold about you is accurate and up to date. Please let us know if at any time your personal information changes. We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information. We store all personal information provided on our secure servers. All electronic transactions you make or receive from us will be encrypted using SSL technology. This is an encryption technology, SSL works to protect your personal information during data transport. It encrypts ordering information such as your name, address, and credit card number. You are responsible for keeping your password and user details confidential. Personal information provided on the website and online credit card transactions are transmitted through a secure server too. We are committed to handling your personal information with high standards of information security. We take appropriate physical, electronic, and administrative steps to maintain the security and accuracy of personally identifiable information we collect.
Please note: Our Customer Care centre stores operate over a private, secure network. Emails however, are not encrypted and are not considered to be a secure means of transmitting credit card information. To make online shopping faster and easier, you may register with us. As a registered customer, you only have to enter your shipping addresses and billing information once. You will then be securely stored with us for your future use. Using your name and a password of your choice, you may access your account online at any time to add, delete, or change information.
Storage and Retention
We will keep your personal data for as long as we need it. For the purposes set out above, this period will vary depending on your interactions with us. For example, where you have made a purchase with us, we will keep a record of your purchase for the period necessary for invoicing, tax and warranty purposes. We may also keep a record of correspondence with you (for example if you have made a complaint about a product) for as long as is necessary to protect us from a legal claim. Where we no longer have a need to keep your information, we will delete it.
Please note: Where you unsubscribe from our marketing communications, we will keep a record of your email address to ensure we do not send you marketing emails in future. As previously mentioned, you also have the right to object to your personal data being used for certain purposes, including, marketing. See ‘Marketing’ above, for more details of how to opt-out. We will aim to process your request as soon as possible and in any event, within no more than 14 days. Until this time, it is still possible that you may receive further communications from us.
This Site ensures that data is encrypted when leaving the Site. This process involves the converting of information or data into a code to prevent unauthorised access. With SSL technology, this Site follows this process and employs secure methods to ensure the protection of all credit and debit card transactions.
Whilst we do everything within our power to ensure that personal data is protected at all times. We cannot guarantee the security and integrity of the information that has been transmitted to our Site. Our Site is not intended for, and should not be used by, children under the age of 18. We do not knowingly collect personal data from children under 18.
You have certain rights in respect of your personal data, including the right to access, portability, correct, and request the erasure of your personal data. We will comply with any requests to exercise your rights in accordance with applicable law. Please be aware, however, that there are a number of limitations to these rights, and there may be circumstances where we are not able to comply with your request. To make any requests regarding your personal data, or if you have any questions or concerns regarding your personal data, you should contact us using the details below.
Tel: +44 (0)1737 222563
Postal Address: Customer Services, Graphters Ltd, 41 Holmethorpe Avenue, Redhill, Surrey, RH1 2NB.