1 PURPOSE OF OUR POLICY
1.1 Welcome to the SKOLORR website (www.SKOLORR.com) (Website). The Website is owned and operated by Vision Independents Limited (Company Number 10100517) with a registered address at 54 Harley Street, London, United Kingdom, W1G 9PZ (SKOLORR, we, us or our).
1.2 For the purposes of the Data Protection Bill 2017 and the General Data Protection Regulation 2016 (Act), we are the data controller.
(a) providing the Services that the Website offers; and
(b) the normal day-to-day operations of our business.
2 WHO AND WHAT THIS POLICY APPLIES TO
2.1 We handle data in our own right and also for and on behalf of our customers and users.
2.4 If, at any time, an individual provides data or other information about someone other than himself or herself, the individual warrants that they have that person’s consent to provide such information for the purpose specified.
2.5 The Website is only available to people over the age of 18 (or over the age of 13 and under the supervision of a parent or legal guardian).
3 THE INFORMATION WE COLLECT
3.1 In the course of business it is necessary for us to collect data. This information allows us to identify who an individual is for the purposes of our business, share data when asked of us, contact the individual in the ordinary course of business and transact with the individual. Without limitation, the type of information we may collect is:
(a) Personal Information. We may collect personal details such as full name, email address, postal address, date of birth and other information that allows us to identify who the individual is;
(b) Contact Information. We may collect information such as an individual’s email address, telephone number, third-party usernames, residential, business and postal address and other information that allows us to contact the individual;
(c) Financial Information. We may collect financial information related to an individual such as any bank or credit card details used to transact with us and other information that allows us to transact with the individual and/or provide them with our services;
(d) Statistical Information. We may collect information about an individual’s online and offline preferences, habits, movements, trends, decisions, associations, memberships, finances, purchases and other information for statistical purposes;
(e) Device Information. We collect device-specific information, such as the hardware model, operating system version, advertising identifier, unique application identifiers, unique device identifiers, browser type, language, wireless network, and mobile network information (including the mobile phone number); and
(f) Information an individual sends us. We may collect any personal correspondence that an individual sends us, or that is sent to us by others about the individual’s activities, including activities with our partners (such as Facebook or Twitter).
3.3 We may also collect non-data about an individual such as information regarding their computer, network and browser. This may include their IP address.
4 HOW INFORMATION IS COLLECTED
4.1 Most information will be collected in association with an individual’s use of the Website, products and services, an enquiry about the Website or generally dealing with us. However, we may also receive data from other sources such as advertising, an individual’s own promotions, public records, mailing lists, contractors, staff, recruitment agencies and our business partners (such as Facebook or Twitter). In particular, information is likely to be collected as follows:
(a) Registrations/Subscriptions/Purchases. When an individual signs up to receive our communications, creates an account, and/or purchases a Product or other process whereby they enter data details or grant access to information in order to receive or access something;
(b) Partners. When an individual grants us access to their accounts with any third parties (such as Facebook or Twitter).
(c) Supply/Contact. When an individual supplies us with goods or services. or contacts us in any way;
(d) Pixel Tags. Pixel tags enable us to send email messages in a format customers can read and they tell us whether mail has been opened.
4.2 As there are many circumstances in which we may collect information both electronically and physically, we will endeavour to ensure that an individual is always aware of when their data is being collected.
4.3 We may also collect anonymous data such as traffic, IP addresses and transaction statistics, which may be used and shared on an aggregated and anonymous basis.
5 HOW DATA IS STORED
5.1 The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (EEA) and with third parties. It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. Such staff maybe engaged in, among other things, the fulfillment of your order, the processing of your payment details and the provision of support services.
5.2 By submitting your personal data, you agree to this transfer, storing or processing.
6 WHEN DATA IS USED
6.1 In general, the primary principle is that we will not use any data other than for the purpose for which it was collected other than with the individual’s permission. The purpose of collection is determined by the circumstances in which the information was collected and/or submitted.
6.3 Information is used to enable us to operate our business, especially as it relates to an individual. This may include:
(a) the provision of goods and services between an individual and us;
(b) verifying an individual’s identity;
(c) communicating with an individual about:
i their relationship with us;
ii our goods and services;
iii our own marketing and promotions to customers and prospects;
iv competitions, surveys and questionnaires;
(d) investigating any complaints about or made by an individual, or if we have reason to suspect that an individual is in breach of any of our terms and conditions or that an individual is or has been otherwise engaged in any unlawful activity; and/or
(e) as required or permitted by any law (including the Acts).
6.4 If you publicly post about us, or communicate directly with us, on a social media website, we may collect and process the data contained in such posts or in your public profile for the purpose of addressing any customers services requests you may have and to monitor and influence public opinion in respect of SKOLORR or a relevant Brand.
7 WHEN DATA IS DISCLOSED
7.1 It may be necessary for us to disclose an individual’s data to third parties in a manner compliant with the Acts in the course of our business, such as for processing activities like website hosting.
7.2 We will not disclose or sell an individual’s data to unrelated third parties under any circumstances unless we employ other companies to perform tasks on our behalf and we need to share your information with them to provide products and services to you.
7.3 There are some circumstances in which we must disclose an individual’s information:
(a) in the course of a business to the relevant Brand;
(b) where we reasonably believe that an individual may be engaged in fraudulent, deceptive or unlawful activity that a governmental authority should be made aware of;
(c) as required by any law (including the Acts) including court orders; and/or
(d) in order to sell our business (as we may transfer data to a new owner).
7.5 We may partner with or utilise third-party service providers (such as Gmail from Google Inc.) to communicate with an individual and to store contact details about an individual. These service providers may be located outside the United Kingdom or Europe, including the United States of America.
7.6 If the Company gets involved in a merger, asset sale, financing, liquidation or bankruptcy, or acquisition of all or some portion of the business to another company, we may share information with that company before and after the transaction closes.
8 THIRD PARTY SERVICES, WEBSITES AND ACCOUNTS
8.1 We may share an individual’s information with third parties for the processing and storage of certain personal information. For example:
(a) all information may be process and stored with cloud service providers (such as Amazon Web Services);
(b) all payment information shall be provided to and processed by a payment gateway (such as Stripe).
8.2 We recommend that you read the privacy policies of third party service providers so you can understand the manner in which your personal information will be handled by these providers.
8.3 In particular, remember that certain service providers may be located in or have facilities that are located a different jurisdiction (including outside the EEA). So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
8.4 As an example, if you are located in the United Kingdom and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation (including the USA Patriot Act).
8.5 We may link your account with a third party (such as Facebook or Twitter) to our services to enable certain functionality, which allows us to obtain information from those accounts (including your profile picture, friends or contacts).
8.6 The information we may obtain from those services often depends on your settings or their privacy policies. We recommend that you read any third party privacy policies before entering any personal information.
8.7 When you click on links on our store, they may direct you to third party websites. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
8.8 Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
(a) We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
(b) Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe.
(c) Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US.
Please Contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA
9.2 A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your device if you agree. Cookies contain information that is transferred to your device’s hard drive. You block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our website.
10 CONSENT TO COLLECTION OF DATA
10.1 An individual may opt to not have us collect their data and communicate with them. This may prevent us from offering them some or all of our services and may terminate their access to some or all of the services they access with or through us. They will be aware of this when:
(a) Opt In. Where relevant, the individual will have the right to choose to have information collected and/or receive information from us; or
(b) Opt Out. Where relevant, the individual will have the right to choose to exclude himself or herself from some or all collection of information and/or receiving information from us.
10.2 If an individual believes that they have received information from us that they did not opt in or out to receive, they should contact us on the details below.
11 YOUR RIGHTS
11.1 You have the right to:
(a) Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
(b) Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
(c) Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
(d) Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
(e) Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
(f) Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
(g) Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
11.2 If you wish to exercise any of your rights set out in this paragraph 11, you should contact us using the details set out below.
12 THE SAFETY & SECURITY OF DATA
12.1 We will take all reasonable precautions to protect an individual’s data from unauthorised access. This includes appropriately securing our physical facilities and electronic networks and putting place appropriate legal and operational protections in relation to individual’s data that is shared with third parties.
12.2 The security of online transactions and the security of communications sent by electronic means or by post cannot be guaranteed. Each individual that provides information to us via the internet or by post does so at their own risk. We cannot accept responsibility for misuse or loss of, or unauthorised access to, data where the security of information is not within our control.
12.3 We are not responsible for the privacy or security practices of any third party (including third parties that we are permitted to disclose an individual’s data to in accordance with this policy or any applicable laws). The collection and use of an individual’s information by such third parties may be subject to separate privacy and security policies.
12.4 If an individual suspects any misuse or loss of, or unauthorised access to, their data, they should let us know immediately.
12.5 We are not liable for any loss, damage or claim arising out of another person’s use of the data where we were authorised to provide that person with the data.
13 HOW TO ACCESS AND/OR UPDATE INFORMATION
13.1 The Acts give you the right to request from us the data that we have about you.
13.2 If an individual cannot update his or her own information, we will correct any errors in the data we hold about an individual within 7 days of receiving written notice from them about those errors.
13.3 It is an individual’s responsibility to provide us with accurate and truthful data. We cannot be liable for any information that is provided to us that is incorrect.
13.4 We may charge an individual a reasonable fee for our costs incurred in meeting any of their requests to disclose the data we hold about them.
14 COMPLAINTS AND DISPUTES
14.1 If an individual has a complaint about our handling of their data, they should address their complaint in writing to the details below.
14.2 If we have a dispute regarding an individual’s data, we both must first attempt to resolve the issue directly between us.
14.3 If we become aware of any unauthorised access to an individual’s data we will inform them at the earliest practical opportunity once we have established what was accessed and how it was accessed.
14.4 Under the Acts an individual is entitled to the complain about our processing of that individual’s data, but we would appreciate the opportunity to address any concerns ourselves first and politely request any individual’s wishing to complain to email us using the contact details below.
15 ADDITIONS TO THIS POLICY
16 CONTACTING US
16.1 All correspondence with regards to privacy should be addressed to hello@SKOLORR.com.
2 A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree. Cookies contain information that is transferred to your computer’s hard drive. You block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of the Website.
3 We use the following cookies:
(a) Strictly necessary cookies. These are cookies that are required for the operation of the Website. They include, for example, cookies that enable you to log into secure areas of the Website.
(b) Analytical/performance cookies. They allow us to recognise and count the number of visitors, track views of content and to see how users move around the Website when they are using it. This helps us to improve the way the Website works, for example, by ensuring that users are finding what they are looking for easily.
(c) Functionality cookies. These are used to recognise you when you return to the Website or when you have logged into the Website already. This enables us to personalise our content for you, greet you by name and remember your preferences.
(d) Tracking cookies. These enable us to track use of content from the Website (on third party services, such as posts on social media networks), in accordance with your third party settings.
(e) Targeting cookies. These cookies record your visit to the Website, the pages you have visited and the links you have followed. We will use this information to make the Website more relevant to your interests. We may also share this information with third parties for this purpose.
5 If you are unclear about the types of functions of cookies we use, please contact us for more information.