Legal Documents

---

PRIVACY POLICY

---

Last Updated: January 8, 2020

Fancy Luxury Fashion is committed to protecting our customer's privacy. Please take the time to review this notice which explains what information we collect about you, how we use it, and your rights. The Fancy Luxury Fashion (“we” or “us”) is the data controller of the personal data collected via or in connection with www.fancyluxuryfashion.com and any associated app or website (the “Site”).

 

1.   What personal data do we collect about you?

We collect personal data from you when you provide it to us directly and through your use of the Site. This information may include:

a) Information you provide to us when you use our Site (e.g. your name, contact details, gender, product reviews, and any information which you add to your account profile);

b) Transaction and billing information, if you make any purchases from us or using our Site (e.g. credit/debit card details and delivery information);

c) Records of your interactions with us (e.g. if you contact our customer service team, interact with us on social media);

d) Information you provide us when you enter a competition or participate in a survey;

e) Information collected automatically, using cookies and other tracking technologies (e.g. which pages you viewed and whether you clicked on a link in one of our email updates). We may also collect information about the device you use to access our Site; and

f) Other information necessary to provide the Site, for example we may access your location if you give us your consent.

To be perfectly transparent, you will actually provide your personal data to us and also to Shopify, whose ecommerce software is integrated into the Site. So, the use and storage of Information held by Shopify is also governed by Shopify’s applicable terms of service and privacy policy. While we think Shopify is a trustworthy enterprise, you may want to review their documents if you have any concerns.

2.    What do we use this personal data for?

Depending on how you use our Site, your interactions with us, and the permissions you give us, the purposes for which we use your personal data include:

a) To fulfil your order and maintain your online account.

b) To manage and respond to any queries or complaints to our customer service team.

c) To personalise the Site to you and show you content we think you will be most interested in, based on your account information, your purchase history and your browsing activity.

d) To improve and maintain the Site and monitor its usage.

e) For market research, e.g. we may contact you for feedback about our products.

f) To send you marketing messages and show you targeted advertising, where we have your consent or are otherwise permitted to do so.

g) For security purposes, to investigate fraud and where necessary to protect ourselves and third parties.

h) To comply with our legal and regulatory obligations.

We rely on the following legal basis, under data protection law, to process your personal data:

a) Because the processing is necessary to perform a contract with you or take steps prior to entering into a contract with you (e.g. where you have made a purchase with us, we use your personal data to process the payment and fulfil your order).

b) Because we have obtained your consent (e.g. where you contact us with a query, where you add optional information to your account profile, or if you consent to receive marketing from us).

c) Because it is in our legitimate interests as an e-commerce provider to maintain and promote our services. We are always seeking to understand more about our customers in order to offer the best products and customer experience. We use information about you to tailor your view of the Site, to make it more interesting and relevant in respect of the products and offers on view.

3.    Marketing

We love to communicate with our customers and so, depending on your marketing preferences, we may use your personal data to send you marketing messages by email, phone or post. Some of these messages may be tailored to you, based on your previous browsing or purchase activity, and other information we hold about you.

If you no longer want to receive marketing communications from us (or would like to opt back in!), you can change your preferences at any time by contacting us (details below), clicking on the ‘unsubscribe’ link in any email, or updating your settings in your account. If you unsubscribe from marketing, please note we may still contact you with service messages from time to time (e.g. order and delivery confirmations, and information about your legal rights).

You may also see ads for our Site on third party websites, including on social media. These ads may be tailored to you using cookies (which track your web activity, so enable us to serve ads to customers who have visited our Site). Where you see an ad on social media, this may because we have engaged the social network to show ads to our customers, or users who match the demographic profile of our customers. In some cases, this may involve sharing your email address with the social network. If you no longer want to see tailored ads you can change your cookie and privacy settings on your browser and these third-party websites.

4.    Who do we share this personal data with?

We share customers’ personal data with third parties in the following circumstances:

a) With other companies in our group of companies, as necessary to operate the Site.

b) With our suppliers and service providers working for us, e.g. payment processors and delivery companies.

c) With our professional and legal advisors.

d)With third parties engaged in fraud prevention and detection.

e) With law enforcement or other governmental authorities, e.g. to report a fraud or in response to a lawful request.

If we sell any business assets, the personal data of our customers may be disclosed to a potential buyer. In this event, we will make reasonable attempts to ensure the buyer will be bound by the terms of this Privacy Policy. Otherwise where we have your consent or are otherwise legally permitted to do so.

5.    Sharing Personal Data for Fraud Detection

We would like to specifically draw your attention to the fact that we share certain personal data with third parties who help us to detect and prevent fraudulent transactions. The information we share with those third parties includes some of the information that you share with us (such as, your contact details and information about the transaction), and some of the information from your online interactions (such as the IP address of your device). That information is used to determine whether a transaction could be fraudulent. The third party we currently use to help us detect and prevent fraudulent transactions is a company called Signifyd; they are responsible for their use of your personal information and will use it for the purposes set out in their privacy policy https://www.signifyd.com/privacy/.

6.    Storage and Retention

We use service providers based around the world. Consequently, your personal data may be processed in countries outside of USA, EU, including in countries where you may have fewer legal rights in respect of your data than you do under local law. If we transfer personal data outside the USA, EU, we will, as required by applicable law, ensure that your privacy rights are adequately protected by appropriate safeguards. Please contact us if you would like more information about these safeguards.

We will keep your personal data for as long as we need it for the purposes set out above, and so this period will vary depending on your interactions with us. For example, where you have made a purchase with us, we will keep a record of your purchase for the period necessary for invoicing, tax and warranty purposes. We may also keep a record of correspondence with you (for example if you have made a complaint about a product) for as long as is necessary to protect us from a legal claim. Where we no longer have a need to keep your information, we will delete it. Please note that where you unsubscribe from our marketing communications, we will keep a record of your email address to ensure we do not send you marketing emails in future.

7.    Security

This Site ensures that data is encrypted when leaving the Site. This process involves the converting of information or data into a code to prevent unauthorised access. This Site follows this process and employs secure methods to ensure the protection of all credit and debit card transactions. Encryption methods such as SSL are utilised to protect customer data when in transit to and from this Site over a secure communications channel.

Whilst we do everything within our power to ensure that personal data is protected at all times from our Site, we cannot guarantee the security and integrity of the information that has been transmitted to our Site.

8.    Children

Our Site is not intended for, and should not be used by, children under the age of 18. We do not knowingly collect personal data from children under 18.

9.    Cookies

Our Sites uses cookies and similar technologies to provide certain functionality to the Site, to understand and measure its performance, and to deliver targeted advertising. Please see our Cookie Policy for more information.

10.Your rights

If you are in EU, You have certain rights in respect of your personal data, including the right to access, portability, correct, and request the erasure of your personal data.

You also have the right to object to your personal data being used for certain purposes, including to send you marketing. See ‘Marketing’ above, for more details of how to opt-out of marketing.

We will comply with any requests to exercise your rights in accordance with applicable law. Please be aware, however, that there are a number of limitations to these rights, and there may be circumstances where we are not able to comply with your request. To make any requests regarding your personal data, or if you have any questions or concerns regarding your personal data, you should contact us using the details below. You are also entitled to contact your local supervisory authority for data protection.

11.Payment Method: Data protection provisions about the use of a payment processor

On this website, the controller has integrated components of online payment service providers. Payments are processed via debit and credit cards. Payment service providers makes it possible to trigger online payments to third parties or to receive payments.

If the data subject chooses payment service providers as the payment option in the online shop during the ordering process, we automatically transmit the data of the data subject to the particular payment service providers. By selecting this payment option, the data subject agrees to the transfer of personal data required for payment processing.

The personal data transmitted to payment service providers is usually first name, last name, address, email address, IP address, telephone number, mobile phone number, or other data necessary for payment processing. The processing of the purchase contract also requires such personal data, which are in connection with the respective order.

The transmission of the data is aimed at payment processing and fraud prevention. The controller will transfer personal data to payment service providers, in particular, if a legitimate interest in the transmission is given. The personal data exchanged between payment service providers and the controller for the processing of the data will be transmitted by payment service providers to economic credit agencies. This transmission is intended for identity and creditworthiness checks.

payment service providers will, if necessary, pass on personal data to affiliates and service providers or subcontractors to the extent that this is necessary to fulfil contractual obligations or for data to be processed in the order.

The data subject has the possibility to revoke consent for the handling of personal data at any time from payment service providers. A revocation shall not have any effect on personal data which must be processed, used or transmitted in accordance with (contractual) payment processing.

12.Period for which the personal data will be stored

The criteria used to determine the period of storage of personal data is the respective statutory retention period. After expiration of that period, the corresponding data is routinely deleted, as long as it is no longer necessary for the fulfilment of the contract or the initiation of a contract.

13.Provision of personal data as statutory or contractual requirement; Requirement necessary to enter   into a contract; Obligation of the data subject to provide the personal data; possible consequences of failure to provide such data

We clarify that the provision of personal data is partly required by law (e.g. tax regulations) or can also result from contractual provisions (e.g. information on the contractual partner). Sometimes it may be necessary to conclude a contract that the data subject provides us with personal data, which must subsequently be processed by us. The data subject is, for example, obliged to provide us with personal data when our company signs a contract with him or her. The non-provision of the personal data would have the consequence that the contract with the data subject could not be concluded. Before personal data is provided by the data subject, the data subject must contact our Data Protection Officer. Our Data Protection Officer clarifies to the data subject whether the provision of the personal data is required by law, contract or is necessary for the conclusion of the contract, whether there is an obligation to provide the personal data and the consequences of non-provision of the personal data.

14.Contact Us

If you have any queries on any aspect of our Privacy Policy, please contact our Data Protection Officer using the email below:

privacypolicy@fancyluxuryfashion.com