Purpose of Processing and Legal Basis for Processing Personal Information
We collect and process your personal information only with your consent and as necessary to fulfil orders when you purchase products and as necessary for our legitimate interests in providing you with our products and services, enhancing our web services, conducting analytics, and delivering relevant advertising.
Your Rights Regarding Personal Information
The GDPR requires that we inform our users about certain specific rights:
- the right to object, for legitimate purposes, to the processing of personal data;
- the right to request copies of your personal data held by us in a structured, commonly used, and machine-readable format and/or request us to transmit this information to another service provider (where technically feasible);
- the right to request that we delete or block your personal data without undue delay; and
- the right to lodge a complaint with a supervisory authority.
If you wish to withdraw your consent to process your personal information, please contact firstname.lastname@example.org
Please note that if you withdraw consent, we may not be able to provide or continue to provide certain services or marketing communications to you.
Objection and Requests for Copies
If you wish to object, for legitimate purposes, to the processing of personal data as provided under applicable law, or to request copies of your personal data held by us in a structured, commonly used, and machine-readable format and/or request us to transmit this information to another service provider (where technically feasible), please contact email@example.com
Requests for Deletion
If you wish to request that we delete your personal data, please contact firstname.lastname@example.org. We will promptly send you a response to ensure that the request was not made in error. We will respond to your request to delete your information within one month of receipt of your verification.
You have the right to lodge a complaint about our data collection and processing actions with the supervisory authority in your country.
Personally Identifiable Information and Non-Personally Identifiable Information
In order to utilize some of our services on the Site, you may choose to upload, or we may ask you to provide us with certain Personally Identifiable Information (“PII”) that can be used to contact or identify you . Personally Identifiable Information may include:
- Contact information including name, mailing address, phone number and email address
- Purchase information including credit card number, billing and/or shipping information
We collect PII from you when you choose to participate in our offers and programs or when you otherwise provide information directly to us, including when you register with us, purchase products, review products, participate in our interactive features ( forms, competitions, lotteries, etc) or otherwise interact with us on the Site.
In addition, we may also collect non-personally identifiable information (“Non-PII”), such as IP addresses (which identify your device), pages viewed, computer type, screen resolution, operating system version, Internet browser type and version, information collected through cookies, pixel tags, web beacons, and other technologies, and other data. Because Non-PII does not personally identify you, we may collect, use and disclose Non-PII for any purpose.
Use of Personally Identifiable Information
We use PII to process and fulfill any orders that you have placed, contact you about our products and services and allow you to use, communicate and interact with others on our Site, including our product review system. This may include sharing information with third parties such as website hosting, data analysis, payment processing, order fulfilment, information technology services, customer service, email delivery services, and/or credit card processing. These third parties may have access to PII as necessary to perform their functions, but may not use it for other purposes. We will never sell your PII to any third party not affiliated with Alphabet Beauty Corporation Limited without your consent except in connection with the sale or merger of 21GRAMS or the division responsible for such services.
We may disclose PII as we believe necessary or appropriate: (a) under applicable law, including laws outside your country of residence; (b) to comply with legal process; (c) to respond to requests from public and government authorities including public and government authorities outside your country of residence; (d) to enforce our terms and conditions; (e) to protect our operations or those of any of our affiliates; (f) to protect our rights, privacy, safety or property, and/or that of our affiliates, you or others; and (g) to allow us to pursue available remedies or limit the damages that we may sustain.
Transfer of Data Outside of the European Union or the European Economic Area
Your PII and non-PII (collectively “Personal Information”) may be transferred outside of the European Union or the European Economic Area.
Email and Telephone Communications
If you receive an unwanted email from us, you can use the unsubscribe link found at the bottom of the email to opt out of receiving future emails. We will process your request within a reasonable time after receipt. Note that you will continue to receive transaction-related emails regarding products or services you have requested. We may also contact you from time to time via telephone regarding customer service inquiries pertaining to your orders.
There are several types of cookies,
- Strictly Necessary Cookies: These are required for the operation of our Site. They include, for example, cookies that enable you to log into secure areas of our Site..
- Analytical/Performance Cookies: These allow us to recognise and count the number of users of our Site and see how such users navigate through our Site. This helps to improve how our Site works, for example, by ensuring that users can find what they are looking for easily.
- Functionality Cookies: These improve the functional performance of our Site and make it easier for you to use. For example, such cookies are used to remember that you have previously visited the Site and asked to remain logged in to it
- Targeting Cookies: These record your visit to our Site, the pages you have visited and the links you have followed. We will then use this information to make advertising displayed on it more relevant to your interests.
You can manage cookies by activating the setting on your Internet browser that allows you to refuse the setting of all or some cookies.
Please note, if you do turn cookies off, this will limit the service that we are able to provide to you and may affect your user experience.
We may, from time to time, update our cookies policy. Any such changes will be posted on this page.
We may work with third-party service providers who use the technologies described in this section to conduct website analytics to help us track and understand how visitors use our Site.
Social Network and Interactive Tools
Certain features on our Site may give you an opportunity to interact with us and others. These may include blogs, message boards, messaging functionality and creating community profiles. When you use these features, you should be aware that any information you submit, including your name, location and email address, may be publicly available to others. We are not responsible for any information you choose to submit through these interactive features and we strongly discourage you from disclosing any sensitive PII (such as health or credit card information) through these features. If you use these features, your personal information may remain on the Site even after you cease use of the Site.
Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you.
Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
The security of your Personal Information is very important to us. The data file containing your Personal Information is confidential and adequately protected against use by outside parties (firewalls and other technical measures). The data file can be accessed only by persons whose tasks require the processing of personal data in the file and who are subject to adequate confidentiality obligations. Use of the data file is protected by personal user names and passwords. The data file is stored only electronically and occasional hard copies are promptly destroyed.
However, due to the inherent open nature of the Internet, we cannot guarantee that communications between you and 21GRAMS, or information stored on the Site or our servers, will be free from unauthorized access by third parties such as hackers and your use of the Website demonstrates your assumption of this risk. We have put in place reasonable physical, electronic, and managerial procedures to safeguard the information we collect. Only those employees who need access to your information in order to perform their duties are authorized to have access to your Personal Information. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you might have with us has been compromised), please immediately notify us of the problem by contacting us in accordance with the Contact section below.
Storing and destroying of the data
The data file containing your Personal Information is kept for the duration of the customer relationship. However, the data regarding orders, invoicing and payment is securely maintained for accounting purposes. Unnecessary data is destroyed in compliance with applicable law.
Communications with 21GRMAS
By providing your email address to us, you expressly consent to receive emails from us. We may use email to communicate with you, to send information that you have requested or to send information about our products or services. If you receive an unwanted email from us, you can simply reply and ask not to receive future emails. We also give you the option to completely remove your Personal Information from our list of active users. All unsubscribe or opt-out requests should be sent to us at email@example.com and we will process your request within a reasonable time after receipt. For questions or concerns relating to privacy, we can be contacted at: firstname.lastname@example.org
Changes to Policy