Your Privacy Rights
Effective Date: [ June 1st ], 2020
Regardless of where our servers are located, your personal data may be processed by us in the United States, where data protection and privacy regulations may or may not be to the same level of protection as in other parts of the world. BY VISITING THE SITE AND USING THE SERVICE, YOU UNEQUIVOCALLY AND UNAMBIGUOUSLY CONSENT TO THE COLLECTION AND PROCESSING IN THE UNITED STATES OF ANY INFORMATION COLLECTED OR OBTAINED BY US THROUGH VOLUNTARY SUBMISSIONS, AND, TO THE EXTENT POSSIBLE, THAT U.S. LAW GOVERNS ANY SUCH COLLECTION AND PROCESSING.
1. Who Collects Your Information On Our Service?
We do. Under the GDPR, Chantecaille is what is known as the “Controller” of the PII that you provide to us. We collect information from you on the Service, and we are responsible for protection of your information.
2. What Information Does Chantecaille Collect?
A. Personal Information. We collect certain personal information about you, which may be supplied when you sign-up for the Service, when you complete a survey, when you create or update an account, when you use the Service, when you request services, or otherwise when you submit such information. We only collect basic personal data about you that does not include any special types of information (e.g., health-related) as defined in the GDPR, or location-based information. The types of personal information we collect and save include:
You may also provide us information when you interact with us through email, online chat, messaging functions within the Service, or otherwise. We may retain such information in order to provide you with Services, and you agree that we may share this information as needed with other users in order to resolve any issues that may arise between you and another user of the Service.
The Service may record photos, audio or video of your usage of the Service for quality and security purposes. The Service may also request permission and access to your photo gallery, camera roll or other device storage holding your images, audio or videos, in order for you to upload and transmit them through the Service.
You may provide us information when you interact with other users on the Service through the Service.
Although it may appear that the Service collects financial information, it is actually collected and processed through our third-party payment processor (“Payment Processor”) to process payments for the Service. Our Payment Processor may collect information such as banking information or credit card number, name, CVV code or date of expiration, from you on the Service. Chantecaille does not hold your financial information.
B. Non-personal Information. Non-personal information is anonymous or non-personally identifiable information about you, including but not limited to links and materials posted, information about your web browser, enrollment history, purchase history, the pages accessed most frequently, how pages are used, applications downloaded, search terms entered, and similar non-personal data.
Automatically tracking Internet Protocol (IP) addresses is one method of automatically collecting information about your activities online and information volunteered by you. An IP address is a number that is automatically assigned to your device whenever you surf the internet. Further, the Service may utilize web beacons, pixel tags, cookies, embedded links, and other commonly used information-gathering tools. Through collecting your IP address, we may be able to approximate your geographic location, however, unless and until this is information is paired with your PII, it cannot be used to identify you. If non-personal information is paired or linked to any of your PII, we will treat that non-personal information as if it was also PII.
C. Aggregate Information. We may also collect anonymous, non-identifying and aggregate information such as the type of browser you are using, the date and time of any request, language preference, referring site, and the domain name of your Internet service provider.
3. Why Is My Information Being Collected?
We accept and gather information in an effort to provide the Service to you. We need to collect your personal information so that we can respond to your requests for information or to be added to our email lists, to integrate with social media platforms, and to process your payment for the Service. We also collect aggregate information to help us better design the Service. We collect log information for monitoring purposes to help us to diagnose problems with our servers, administer the Service, calculate usage levels, and otherwise provide services to you.
4. How Do We Use the Information We Collect?
A. We use the personal information you provide for the purposes for which you have submitted it including:
B. We may use anonymous information that we collect to improve the design and content of our Service, and to enable us to personalize your internet experience. We also may use this information in the aggregate to analyze how our site is used, as well as to offer you programs or services.
5. Do We Share Your Personal Information?
We will not share your personal information except: (a) for the purposes for which you provided it; (b) with your consent; (c) as may be required by law or as we think necessary to protect our organization or others from injury (e.g., in response to a court order or subpoena, in response to a law enforcement agency request, or when we believe that someone is causing, or is about to cause, injury to or interference with the rights or property of another); or (d) with persons or organizations with whom we contract to carry out internal operations or business activities. With your knowledge and/or consent, we may share your personal information with our business partners. We may also share aggregate information with others, including affiliated and non-affiliated organizations.
6. How Can You Access And Control Your Information?
After becoming a user of the Service, you may revise or edit your information through your account or by sending an email to [email protected]. For instructions on how you can further access your personal information that we have collected, or how to correct errors in such information, please send an e-mail to [email protected]. We will also promptly stop using your information and remove it from our servers and database at any time upon your e-mail request. You may opt-out of the use of your personal information by the Service to send you promotional emails by sending an email to [email protected] with “Opt-Out” in the subject line. To protect your privacy and security, we will take reasonable steps to help verify your identity before granting access, making corrections or removing your information.
7. How Do We Store and Protect Your Information?
A. After receiving your personal information, we will store it on our servers for future use. We have physical, electronic, and managerial procedures in place to safeguard and help prevent unauthorized access, maintain data security, and correctly use the information we collect. Unfortunately, no data transmission over the internet or data storage solution can ever be completely secure. As a result, although we take industry-standard steps to protect your information (e.g., strong encryption), we cannot ensure or warrant the security of any information you transmit to or receive from us or that we store on our or our service providers' systems.
B. Please note that our Payment Processor is fully PCI-Compliant.
C. If you are visiting the Site from outside of the USA, you understand that your connection will be through and to servers located in the USA, and the information you provide will be securely stored in our servers and internal systems located within the USA.
D. We store your personal information until you request us to remove it from our servers. We store our logs and other technical records indefinitely.
A. To enhance your online experience with us, our web pages may presently or in the future use "cookies." Cookies are text files that our web server may place on your hard disk to store your preferences. Cookies, by themselves, do not tell us your e-mail address or other PII unless you choose to provide this information to us. Once you choose to provide PII, however, this information may be linked to the data stored in the cookie. Although it may be possible to turn off the collection of cookies through your device or browser, certain features of the Services may not function properly without the aid of cookies.
C. Chantecaille or our service providers may also use "pixel tags," "web beacons," "clear GIFs" or similar means (collectively, "Pixel Tags") in connection with some Chantecaille Site pages and HTML-formatted email messages for purposes of, among other things, compiling aggregate statistics about website usage and response rates. A Pixel Tag is an electronic image, often a single pixel (1x1), that is ordinarily not visible to website visitors and may be associated with cookies on visitors’ hard drives. Pixel Tags allow us and our service providers to count users who have visited certain pages of the Chantecaille Site, to deliver customized services, and to help determine the effectiveness of promotional or advertising campaigns. When used in HTML-formatted email messages, Pixel Tags can inform the sender of the email whether and when the email has been opened.
D. Our Service uses the “Custom Audience pixel” of Facebook, Inc., 1 Hacker way, Menlo Park, CA 94025 USA (if you live in the US or Canada) and Facebook Ireland Limited, 4 Grand Canal Square, Dublin, Ireland, Dublin 2 (if you live outside the US and Canada) (collectively “Facebook”)) on our website. This allows user behavior to be tracked after they have been redirected to the provider’s website by clicking on a Facebook ad. This enables us to measure the effectiveness of Facebook ads for statistical and market research purposes. The data collected in this way is anonymous to us, i.e. we do not see the personal data of individual users. However, this data is stored and processed by Facebook, which is why we are informing you, based on our knowledge of the situation. Facebook may link this information to your Facebook account and also use it for its own promotional purposes, in accordance with Facebook’s Data Policy https://www.facebook.com/about/privacy/. You can allow Facebook and its partners to place ads on and off Facebook. A cookie may also be stored on your computer for these purposes. The legal basis for the use of this service is Art. 6 paragraph 1 letter f of the GDPR. You can object to the collection of your data by Facebook pixel, or to the use of your data for the purpose of displaying Facebook ads by contacting the following address: https://www.facebook.com/settings?tab=ads.
E. As you use the internet, you leave a trail of electronic information at each website you visit. This information, which is sometimes referred to as "clickstream data”, can be collected and stored by a website's server. Clickstream data can reveal the type of computer and browsing software you use and the address of the website from which you linked to the Chantecaille Site. We may use clickstream data as a form of non-personally identifiable information to determine how much time visitors spend on each page of our Site, how visitors navigate through the Site, and how we may tailor our web pages to better meet the needs of visitors. We will only use this information to improve our site.
F. Do Not Track. At present, the Site does not specifically respond to browser do-not-track signals.
9. Collection of Information by Others.
Our Terms of Service document identifies certain third party websites to which we may provide links, and that you may click on our Site. Please check the privacy policies of these other websites to learn how they collect, use, store and share information that you may submit to them or that they collect.
If you currently reside in the EEA, the GDPR applies to your PII and you are a Data Subject. The GDPR requires that we, as a Controller, have a legal basis to process your PII.
A. We process your PII under one or more of the following legal bases:
B. Under the GDPR, as a Data Subject you have certain rights. They are:
Text Marketing Terms and Conditions:
We are using a text messaging platform, which is subject to the following terms and conditions. By opting-in for our text marketing and notifications in, you agree to these terms and conditions.
By entering your phone number in the checkout and initialising a purchase, subscribing via our subscription form or a keyword, you agree that we may send you text notifications (for your order, including abandoned cart reminders) and text marketing offers. You acknowledge that consent is not a condition for any purchase.
Your phone number, name and purchase information will be shared with our SMS platform "SMSBump Inc, an European Union company with office at Sofia, Bulgaria, EU. This data will be used for sending you targeted marketing messages and notifications. Upon sending the text messages, your phone number will be passed to a text messages operator to fulfill their delivery.
If you wish to unsubscribe from receiving text marketing messages and notifications reply with STOP to any mobile message sent from us or use the unsubscribe link we provided you with in any of our messages. You understand and agree that alternative methods of opting out, such as using alternative words or requests will not be accounted as a reasonable means of opting out. Message and data rates may apply.
For any questions please text "HELP" to the number you received the messages from. You can also contact us for more information. If you wish to opt out please follow the procedures above.
11. Children and Young People’s Information.
We do not knowingly collect any information from any minors, and we comply with all applicable privacy laws including the GDPR, the USA Children's Online Privacy Protection Act (“COPPA”) and associated Federal Trade Commission (“FTC”) rules for collecting personal information from minors. Please see the FTC's website (www.ftc.gov) for more information. If you have concerns about this Site, wish to find out if your child has accessed our services, or wish to remove your child's personal information from our servers, please contact us at [email protected]. Our Site will not knowingly accept personal information from anyone under 13 years old in violation of applicable laws, without consent of a parent or guardian. In the event that we discover that a child under the age of 13 has provided PII to us, we will make efforts to delete the child’s information in accordance with COPPA. If you believe that your child under 13 has gained access to our Site without your permission, please contact us at [email protected].
12. California Privacy Rights.
California law allows California residents to request information regarding our disclosures in the prior calendar year, if any, of their personally identifiable information to third parties. To make such a request, please contact us at [email protected] with "Request for Privacy Information" in the subject line. Please include enough detail for us to locate your file; at a minimum, your name, email, and username, if any. We will attempt to provide you with the requested information within thirty (30) days of receipt. We reserve our right not to respond to requests sent more than once in a calendar year, or requests submitted to an address other than the one posted in this notice. Please note that this law does not cover all information sharing. Our disclosure only includes information covered by the law.
13. Changes to this Policy.
14. Our Contact Information.
Copyright © Chantecaille UK Ltd. All rights reserved. The Service is the property of Chantecaille, and is protected by national and international copyright, trademark, and other applicable laws. This includes the content, appearance, and design of the Service, as well as the trademarks, product names, graphics, logos, service names, slogans, colors, and designs.