This policy also applies to information held about suppliers and possible future suppliers, contacts and all other people we hold information about.
Please read the following carefully to understand our views and practices regarding your information and how we will treat it.
Please also refer to our Terms and Conditions.
You must be over 16 to register for a personal account, subscribe to Flawless Body emails and/or place an order with Flawless Body. The Site is not intended for children and we do not knowingly collect data relating to children.
Flawless Body is a NopCommerce Secure Site. To ensure that this is a legitimate NopCommerce secure Site, please check the following:
Who are we?
Flawless Body Limited (trading as Flawless Body) is the controller and responsible for this Site.
Our Data Protection Officer is Pritpal Matharu who can be contacted by emailing; firstname.lastname@example.org.
We are a company registered in the United Kingdom under registration number 10522460 and our trading address is 18a Scotgate, Stamford PE9 2YQ, UK.
Information we collect
By ‘information,’ we mean personal information about you that we collect, use, share, store and transfer in physical and electronic form. This information can be grouped together in the following categories:
How we collect information about you
You may give us your information by filling in forms on the Site or any Application or in-store or by corresponding with us by post, phone, email, on social media or otherwise. This includes information you provide when you:
As you interact with the Site or any Application we may automatically collect Technical Information about your equipment, browsing actions and patterns. We collect this information by using cookies, server logs and other similar technologies. We may also receive Technical Information about you if you visit other websites employing our cookies.
We may also receive information about you from various third parties such as: analytics providers, advertising networks, search information providers and payment service providers.
How we use your information
We use your information in the following ways:
Identity & Contact Information
Technical & Usage Information
Marketing and Communications Information
Legal basis for processing
Our processing of your personal information is necessary:
In relation to any processing of special categories of personal information such as information about your health, we will generally rely on obtaining specific consent from you at the time unless there is otherwise a legal requirement for us to process such information.
Where our processing is based on the legitimate interest grounds described above, those legitimate interests are: (i) collecting personal information to provide you with a smooth and efficient customer experience; (ii) running our business; (iii) to provide the products and services you have requested; (iv) to prevent fraud; and (v) for our own marketing, research and product development.
Will we share your information with third parties?
Except as expressly set out in this policy we will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so.
We may also share your personal information with:
We may provide third parties with aggregated but anonymised information and analytics about our customers and, before we do so, we will make sure that it does not identify you.
Will we transfer your information overseas?
The information that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area ("EEA"). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. Such staff may be engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services.
When we, or our permitted third parties, transfer your information outside the European Economic Area, we or they will impose obligations on the recipients of that data to protect your information to the standard required in the EEA or otherwise require the recipient to subscribe to international frameworks intended to enable secure data sharing. In the case of transfers by us, we will put in place appropriate safeguards to ensure that your information remains adequately protected. If you would like more details about the safeguards that we rely on, please contact the Customer Care Team at email@example.com.
At any time, you have the right:
Any request for access to or a copy of your information must be in writing and we will endeavour to respond within a reasonable period and in any event within one month in compliance with data protection legislation. We will comply with our legal obligations as regards your rights as a data subject.
We aim to ensure that the information we hold about you is accurate at all times. To assist us in ensuring that your information is up to date, do let us know if any of your personal details change. You can access, update or correct your personal account details via the "My account" section of the Site.
Data Subject Access Requests
We would gladly assist in any data subject access requests free of charge.
Data subject access requests must be made in writing and we advise emailing firstname.lastname@example.org to ensure action is promptly taken.
Please include the following:
We may ask for further information to identify you and ensure the personal data relates to the individual making the request.
We will respond within one month of receiving the information we require to carry out your request. Responses can be provided in either English, French or German.
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.
All information you provide to us is stored on secure servers. Any payment transactions will be encrypted. We use 256-bit SSL Software to encrypt your payment card information when you place an order on our secure server. For your added security all payment transactions are processed automatically by Adyen, and we are not party to your personal credit card or bank details. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Site, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
We may use your information to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you.
You will receive marketing messages from us if you have requested information from us or purchased goods or services from us and, in each case, you have not opted out of receiving that marketing.
We may also market to you if we have received your express consent to do so including where we have collected your details in connection with a competition or other promotion and you have agreed to receive marketing from us.
You can stop receiving marketing messages from us at any time.
You can do this:
Once you do this, we will update your profile to ensure that you don’t receive further marketing messages.
Stopping marketing messages will not stop service communications (such as order updates).
We will get your express opt-in consent before we share your personal data with any company outside Flawless Body Ltd for marketing purposes.
We also engage in online advertising, also to keep you aware of what we’re up to and to help you see and find our products.
Like many companies, we target Flawless Body banners and ads to you when you are on other websites and apps. We do this using a variety of digital marketing networks and ad exchanges, and we use a range of advertising technologies like web beacons, pixels, ad tags, cookies, and mobile identifiers, as well as specific services offered by some Sites and social networks, such as Facebook’s Custom Audience service.
The banners and ads you see will be based on information we hold about you, or your previous use of the Site or any Application (for example, your Site search history, and the content you read on the Site) or on Site banners or ads you have previously clicked on.
How long will we keep your information?
We will keep your information for as long as you have your account, or as long as is needed to be able to provide the services to you, or (in the case of any contact you may have with our Customer Care Team) for as long as is necessary to provide support-related reporting and trend analysis only.
If reasonably necessary or required to meet legal or regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce our Terms and Conditions, we may also keep hold of some of your information as required, even after you have closed your account or it is no longer needed to provide the services to you.
Where we are permitted to send you direct marketing communications we may retain your contact information necessary for this purpose, (provided that you have consented to receiving them) for as long as you do not unsubscribe from receiving the same from us.
Links to other websites
How to contact us
Questions, comments and requests regarding this policy are welcomed and should be addressed to email@example.com. You can also send a letter by mail to: Flawless Body, 18a Scotgate, Stamford, PE9 2YQ.
If you have any concerns about our use of your information, you also have the right to make a complaint to the data protection regulator in your country. If you are a UK resident, this is the Information Commissioner's Office, which regulates and supervises the use of personal data in the UK, via their helpline on 0303 123 1113.
Changes to this Policy