When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
• CONTACT FORMS
If you have any questions about the policy or the personal data we collect about you, please contact us – firstname.lastname@example.org.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
• EMBEDDED CONTENT FROM OTHER WEBSITES
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
We use personal information for internal research and development purposes, to help diagnose system problems, to administer our websites, to improve and test the features and functions of our services, to develop new content, products and services. To carry out testing and analysis. This processing is necessary for the purpose of our legitimate interests.
• WHO WE SHARE YOUR DATA WITH
We do not sell your personal data to any third parties. We may share your personal data with our carefully selected third party service providers who help us provide our services to you, including: Our logistics/warehouse service provider, our couriers and similar delivery companies, our payment providers, our professional partners, including our marketing agencies and website hosts, and our IT and technical service providers. In certain circumstances we may also need to share your personal data with our legal advisers, bankers, auditors and insurers and our regulators, including HM Revenue & Customs and with any third parties to who we choose to sell or transfer any part of our business or assets. We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third party service providers to use your personal data for their own purposes and only permit them to use your personal data for specified purposes and in accordance with our instructions.
• HOW LONG WE RETAIN YOUR DATA
We retain personal information for as long as we reasonably require it for legal or business purposes. For the unregulated jurisdictions in which operate, and subject to us not having a legal or regulatory requirement or a risk management reason for retaining your information for a longer period, your information will not be kept for longer than 7 years post account closure. We will take all necessary steps to ensure that the privacy of information is maintained for the period of retention.
• WHAT RIGHTS YOU HAVE OVER YOUR DATA
Under the General Data Protection Regulation, you, as a data subject have a number of rights which are detailed below. Some of these only apply in specific circumstances and are qualified in several respects by exemptions in data protection legislation. We will advise you in our response to your request if we are relying on any such exemptions.
Right to access:
You have the right to request information about the personal data we hold on you at any time. You can contact Carter Beauty Cosmetics and we will provide you with your personal data via email. You should include adequate information to identify yourself and such other relevant information that will reasonably assist us in fulfilling your request.
Right to rectification:
You can request us to rectify and correct any personal data that we are processing about you which is incorrect.
Right to portability:
Whenever Carter Beauty Cosmetics processes your personal data, by automated means based on your consent or which was necessary for us to provide you with our products and services, you have the right to get a copy of your data transferred to you. This only includes the personal data you have submitted to us. You may have the right to have your personal data transferred by us directly to another organisation, if this is technically feasible.
Right to erasure:
You have the right to erase any personal data processed by Carter Beauty Cosmetics at any time except for the following situations:
• You have an ongoing matter with Customer Service
• You have an open order which has not yet been shipped or partially shipped
• You have an unsettled debt with Carter Beauty Cosmetics, regardless of the payment method
• If you are suspected or have misused our services within the last four years
• If you have made any purchase, we will keep your personal data in connection to your transaction for book-keeping purposes
Your right to object to processing based on legitimate interest:
You have the right to object to processing of your personal data that is based on Carter Beauty Cosmetics legitimate interest. Where we suspend our processing of your personal data we will still be permitted to store your personal data, but any other processing of this information will require your consent, subject to certain exemptions. When you do so your account will cease to exist and you will be considered inactive.
Right to withdraw consent:
Where we have relied upon your consent to process your personal data, you have the right to withdraw that consent.
To opt out of marketing, you can use the unsubscribe link or the opt out option found in the marketing communication you receive from us.
• WHERE WE SEND YOUR DATA
The data that we collect from you is stored within the European Economic Area (“EEA”) but may also be transferred to and processed in a country outside of the EEA. Any such transfer of your personal data will be carried out in compliance with applicable law.
• YOUR CONTACT INFORMATION
We use personal information such as your name, email address, phone number, card details, and information about your device to:
• To set up and administer your account
• To deliver your purchases
• To provide customer care and technical support
• To process returns
• For security and to verify your identity
• To take payment and process refunds
• Fraud protection
• To send you messages by email, SMS or otherwise such as order updates
• To provide you with marketing (where we have the right to do so – see marketing section below)
• To communicate with you
• ADDITIONAL INFORMATION
We may also collect the following information:
• Name, contact information and message if you contact us or participate in a survey, contest or promotion
• Technical Information includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, language, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access the site or any application
• Transaction information including details about payments to and from you and other details of products and services you have purchased from us
• Marketing and communications information includes your preferences in receiving marketing from us and our third parties and your communication preferences
• Contact History means keeping a record of what you have said to us, for example, over the phone, by live chat, through a web form, by email, on social media or otherwise
• Your response to marketing campaigns from us or through our third parties i.e. open/click on such emails;
• Social Information means information collected if you choose to link your social media accounts with us.
• WHAT DATA BREACH PROCEDURES WE HAVE IN PLACE
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know such information. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.