Privacy policy.
ASTORA SKIN LLC PRIVACY POLICY
ASTORA SKIN LLC ("we, us or our") is committed to protecting and respecting our customer's privacy. This privacy policy identifies and documents the types of personal information we collect and how we use this information. We detail who data is shared with and your rights. This policy is in connection with our website.
CONTACTS
This policy is in connection with our website. For the purpose of applicable data protection laws, the data controller is ASTORA SKIN LLC, a company registered in Brooklyn, New York.
b) Contacts of the data protection officer
This should include the identity and contacts of the data protection officer, when applicable.
WHAT PERSONAL DATA WE USE
The data we use is based on how you use and interact with our services and websites. For example personal information is passed on to us for shopping with us online, contacting us through our email, interacting with us on social media and when you participate in a competition with us amongst other reasons. The types of personal data may include:
-Name, address, email address & phone number
-Payment Information
-Location (geo-location, postal code, country etc)
-Product History
-Survey information, review responses, questions, images
-Information submitted via social media networks.
b) Lawful Basis
We will use the information you provide for the above purposes if:
-We have obtained your consent; or
-It is necessary to enter into or perform a contract with you, for example to process your payment and deliver the goods you have ordered; or
-It is necessary for compliance with a legal obligation that we are subject to.
WHY WE COLLECT YOUR PERSONAL DATA
a) Purposes
We use this information to create a better online experience of our websites. For example:
- Sending relevant marketing communications
-To provide the relevant services requested
-Processing payments and delivering goods
-Tailoring advertisements based on your interests and orders
-Responding to you and answering your questions on email
-To post your product reviews
-To improve our business
-To comply with applicable legal requirements and industry standards
b) Lawful Basis
We will use the information you provide for the above purposes if:
-We have obtained your consent; or
-It is necessary to enter into or perform a contract with you, for example to process your payment and deliver the goods you have ordered.
c) Legitimate interest pursued
We will also use the information you provide to the extent that it is in the legitimate interest of our business in conducting and managing our business to enable us to give you the best service and most secure experience and to comply with applicable laws, or for security reasons, website optimization, performance marketing activities, or data analytics.
WITH WHOM WE SHARE YOUR PERSONAL DATA
Our partners and providers who are contracted to perform services on our behalf. For example entities who process credit card payments, distribution partners who fulfil orders and partners who provide web-hosting and marketing services.
HOW LONG WE STORE YOUR PERSONAL DATA
We store the information you provide to us for the duration of our relationship and an appropriate period after to enable us to comply with legal requirements and applicable statue of limitation periods. If you have consented to marketing communications we will store the necessary information to continue to send you these communications. If you have a request for data removal you can submit a request to E: contact@astoraskin.com
IF YOU DON’T PROVIDE US YOUR PERSONAL DATA
Where we need to collect personal information by law, or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us, but we will notify you if this is the case at the time.
YOUR RIGHTS
You have certain rights and choices in connection with the personal data we collect from you. To update your preferences, ask us to remove your information from our mailing lists or submit a request, please contact us as specified below.
Email opt-out
If you have registered for email alerts, you can at any time tell us not to send you alerts by email by clicking on the unsubscribe link within the emails you receive from us or by contacting us as indicated below.
Withdrawing consent
You may withdraw any consent you previously provided to us at any time by contacting us as indicated below. This will not affect the lawfulness of our use of your information based on your consent before its withdrawal.
No fee usually required
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.
What we may need from you
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
Time limit to respond
We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
The data subject has the right to withdraw consent at any time, without affecting the lawfulness of the processing based on consent before withdrawal.
In this section you should inform the data subjects whether automated decision-making processing’s exist. You should also include the logic involved and the envisaged consequences for the data subjects (for example: describing the logic used by artificial intelligence and what could the outcomes be for the data subject)
INTERNATIONAL TRANSFER OF PERSONAL DATA
Our main operations are based in the USA and your personal information is generally processed, stored and used within the USA and other countries in the North American continents. In some instances however we may transfer the personal data we collect about you to our affiliates and third party service providers in countries other than the country in which the information was originally collected (including the Canada/Europe/Australia), where necessary to fulfil the purposes described in this Privacy Policy and your personal data will be subject to applicable foreign laws. When we transfer your information to other countries, we will protect that information and implement appropriate safeguards to ensure a level of data protection when transferring your personal data.
In this section you inform the data subjects of their right to lodge a complaint, possibly including the contacts details and name of the relevant supervisory authority.