We recognize that the protection of your personal information is a very important principle in building trust and maintaining a good relationship with you. We take the protection of your personal information very seriously.
This Privacy Notice explains what personal information we collect about you, how and why we use it, who we disclose it to, and how we protect your privacy.
Please take the time to read and understand this Notice.
This Privacy Notice explains what personal information we collect about you, how and why we use it, who we disclose it to, and how we protect your privacy. It also set outs your rights in relation to your personal information.
SECTION 1 – WHO IS RESPONSIBLE FOR YOUR PERSONAL INFORMATION?
1.1 We are Skinfull Affairs (Dublin) Limited, a company registered at 9-10 Eustace St, Temple Bar, Dublin 2 (postal address: 34 Exchequer Street, Dublin 2). For the purposes of applicable data protection laws, we are the “data controller”. “Data controller” is a legal term used to describe the person or entity that controls the way your personal information is processed. We have Data Protection Coordinators in our headquarters in Dublin. If you have a query about the use of your personal information you may contact the Data Protection Coordinator by using the contact information at the end of this Privacy Notice.
1.2 By providing us with your personal information, you agree to the collection and use or otherwise processing (including disclosure) of your personal information in the manner and for the purposes described in this Privacy Notice.
SECTION 2 – WHEN DO WE COLLECT PERSONAL INFORMATION FROM YOU?
2.1 We receive personal information from you through a variety of means and channels, including through our flagship store, our concession stores located nationwide, through the internet (such as via our e-commerce websites or via social media) .
2.2 We also receive communications from you via post, email, phone, or text messaging on your mobile phone.
Such communications may involve giving to you, as well as receiving information from you.
2.3 Here are some examples of how you may provide personal information to us:
(a) sending us e-mails and text messages
(b) interacting with us on social media platforms (for example, when liking or commenting on our posts)
(c) adding services or products to your basket on our website .
(d) talking to us in our stores or over the telephone
(e) registering accounts on our website (for example, when giving us your contact details and your preferences or interests).
2.4 We limit the amount and type of personal information that we collect to that which is necessary for the purposes for which we are collecting it.
2.5 Although the precise details of the personal information collected will vary according to the specific purpose for which we are collecting the information, we may typically collect the following personal information from or in relation to you:
(c) phone number(s)
(d) date of birth
(e) e-mail address
(f) credit card number
(h) language preference
(i) merchandise category preferences
(j) Consultation Forms (for treatments to be performed)
(k) Health information
(l) Appointment data & associated notes
(m) CCTV images in store premisses. Please note that where CCTV is in operation in our stores you may be captured on CCTV and your image stored. All CCTV footage is captured purely for your security and for the prevention and detection of crime. If you would like to know more about this, please contact us using the details provided below.
2.6 – In the event that you want to purchase a product or service from Skinfull Affairs, certain personal information is required to enter into a contract with you. We will not be able to enter into a contract with you to fulfil an attempt to purchase a product or service if you do not provide your personal information. As noted in this privacy statement, we are processing your personal data to comply with legal and statutory obligations and in the performance of a contract. You can always choose not to provide personal information; however, we will be unable to provide certain products, services and treatments in these instances.
SECTION 3 – WHAT DO WE DO WITH YOUR INFORMATION?
When you purchase something from our store, as part of the buying and selling process, we collect the personal information you give us such as your name, address, mobile number and email address.
When you browse our web store, we also automatically receive your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system.
Skinfull Affairs takes your privacy seriously and we will never sell or rent your personal data to any third-party. Sharing of your data and direct marketing activities are only carried out with your express consent, which you are free to withdraw at any time. We need to obtain and process your personal data to provide you with our products and services, and to fulfil our business and legal obligations. We will never collect any personal information from you that we do not need or retain any data that is no longer necessary for the purposes specified in this notice.
Where we request sensitive personal data from you (i.e. health or medical data), the reason(s) for the request will be clearly given along with the purposes of the processing. Explicit consent through a signature will always be required for us to obtain and process your health information.
Your personal data is collected and processed for the following reasons:
• Through legitimate interest to engage in communication with you including confirmation and reminders of appointments, and requests to cancel or change bookings.
• Health information is collected for our business clients to perform the agreed services appropriately, to potentially highlight areas that products and services may cause issues to clients because of their health and provide industry standard advice.
• As part of our legal obligation for business accounting, tax and insurance purposes.
• As required by law or to respond to legal process.
• Select relevant offers, promotions and information for you with your consent.
SECTION 4 – CONSENT
How do you get my consent?
When you provide us with personal information to complete a transaction or treatment, verify your credit card, place an order, arrange for a delivery or return a purchase, we imply that you consent to our collecting it and using it for that specific reason only.
If we ask for your personal information for a secondary reason, like marketing, we will either ask you directly for your expressed consent, or provide you with an opportunity to say no.
4.1 – How do I withdraw my consent?
If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at anytime. You have the right to modify or withdraw your consent at any time by using the unsubscribe option accompanied with all of our direct marketing or by contacting us at email@example.com or mailing us at:
34 Exchequer St Dublin 2
IE D02 CP46
You also have the right:
• To be informed of how your personal data will be used before it is collected.
• To access your personal data and to receive information on how your information is used after it has been gathered.
• To have personal data corrected if it is incomplete, inaccurate or out-of-date.
• To request the removal or deletion of personal data where there is no compelling reason for its continued processing.
• To restrict processing, to ‘block’ processing of your personal data.
• To data portability, having your data moved, copied or transferred from Phorest to another organisation in an easily readable format.
• To object to direct marketing from us.
SECTION 5 – DATA SHARING
5.1 We may share your personal information with other companies within our Group (i.e. subsidiaries, affiliates). It may also be shared with a third party who acquires us, a member of our Group, or substantially all of our assets.
5.2 – We may use other carefully selected companies, agents, or contractors to perform services on our behalf or to assist us with the provision of services to you. Data processors are third parties who provide some elements of our business services for us. Where we use a third-party, we have strict agreements in place governing the processing of your personal data, on which no action can be taken without instruction from us. The third-parties with whom we work will never share or disclose your personal information and will hold it securely at all times.
5.3 Each time we send you marketing communications, we will give you the option to unsubscribe by contacting us as set out in the relevant communication.
5.4 We will only use your personal information for a purpose that has been specified, as appropriate, prior to its use or where the processing of your personal information is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract or processing is necessary for other legal purposes.
5.5 When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
SECTION 6 – CHILDREN’S PRIVACY
Skinfull Affairs do not collect the personal data of children under the age of 16 without parental or guardian consent. If you believe that we hold any information from or about a child under age 13, please contact us and we will remove the personal data from storage.
SECTION 7 – DISCLOSURE
We may disclose your personal information if we are required by law to do so or if you violate our Terms of Service.
SECTION 8 – HOW LONG DO WE KEEP YOUR DATA?
Skinfull Affairs retains your personal data for as long as necessary to provide you with our services as our client. Skinfull Affairs are required under tax laws to keep your personal data for a minimum of 7 years. Health and Safety records will be retained for 10 years and where we have your consent for marketing purposes, we will retain the minimum required data until you notify us that you no longer wish to receive such information.
The criteria for which we would continue to process your personal information includes:
• Where there is a legal basis, obligation or legitimate interest to continuing processing your personal information
• Where processing is necessary for the establishment, exercise or defence of legal claims
SECTION 5 – SECURITY
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
SECTION 7 – COLLECTION AND USAGE OF TECHNICAL INFORMATION
We may collect and store general information for statistical purposes. For example, we may count the number of visitors to the different pages of our Web site to help make them more useful to visitors. This information does not identify you personally. We automatically collect and store only the following information about your visit:
- The Internet domain (for example, “xcompany.com” if you use a private Internet access account, or “yourschool.edu” if you connect from a university’s domain) and IP address (an IP address is a number that is automatically assigned to your computer whenever you are surfing the Web) from which you access our Web site.
- The type of browser and operating system used to access our site.
- The date and time you access our site.
- The pages you visit and If you visited Skinfull Affairs site from a link on another Web site, the address of that Web site.
In short the technical information will be used only by Skinfull Affairs for statistical and other administrative purposes and treated with the highest standard of security and confidentiality, strictly in accordance with the Data Protection Acts, 1988 and 2003.
SECTION 8 – COOKIES
As a rule, cookies will make your browsing experience better. However, you may prefer to disable cookies on this site and on others. The most effective way to do this is to disable cookies in your browser. We suggest consulting the Help section of your browser or taking a look at the About Cookies website which offers guidance for all modern browsers.
8.1 – How Do I Block Cookies on My Browser?
All web browsers all the ability of blocking cookies, popular browsers such as IE, FireFox and Chrome can be done as follows:
Click here to find out how to disable cookies on Internet Explorer (External Link)
Click here to find out how to disable cookies on Mozilla Fire Fox (External Link)
Click here to find out how to disable cookies on Google Chrome (External Link)
Click here to find out how to disable cookies on Apple Safari (External Link)
SECTION 9 – AGE OF CONSENT
By using this site, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this site.
If our store is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.
This privacy notice has been last updated on 22nd May 2018
SECTION 11 – HOW DO WE KEEP YOUR INFORMATION SECURE?
11.1 We protect personal information against loss or theft, unauthorized access, disclosure, copying, use or modification with security safeguards appropriate to the sensitivity of the personal information, regardless of the format in which it is held
11.2 We use various administrative, technical and physical methods to safeguard your personal information. They include:
(a) physical measures: locked filing cabinets, restriction of access to offices, and company alarm systems.
(b) technical tools: passwords and encryption, using generally industry best practices.
(c) organizational controls: confidentiality agreements, limiting access on a need-to-know basis, staff training and security clearances.
11.3 Online security is also a priority. We incorporate security measures such as encryption and authentication tools to protect your personal information from unauthorized use. Firewalls are utilized to protect our servers and network from unauthorized users accessing and tampering with files and other information that we store.
11.4 We use Secure Sockets Layer (SSL) technology to protect your credit card information online.
11.5 Payments made via our website and via Paypal are processed in a secure environment using software provided by third party providers.
11.6 Skinfull Affairs has signed up to and aims to comply – to the extent relevant to its type of business – with the Payment Card Industry Data Security Standard (PCI DSS). For more details on PCI DSS please refer to: https://www.pcisecuritystandards.org/.
QUESTIONS AND CONTACT INFORMATION
If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information contact our Privacy Compliance Officer at firstname.lastname@example.org or by mail at
[Re: Privacy Compliance Officer]
34 Exchequer St, Dublin 2
Ireland – D02 CP46