1. Who we are
We are HydroPeptide Limited (company number: 14167040) (“HydroPeptide”, “we”, “our” and “us”) and we are the company that collects your personal data and controls how it will be used (the “controller”).
2. Scope of this policy
At HydroPeptide, we are committed to respecting your privacy and protecting the personal data you share with us and that we collect about you. This policy tells you about how and why we use the personal data we collect about you if you are a customer or potential customer of HydroPeptide. It also provides more information about your privacy rights and how the law protects you.
For your information, personal data (also known as personal information), means any information about an identifiable person which can be directly or indirectly identified.
You should ensure that you have read and understood this policy before providing your personal data to us.
3. How do we collect your personal data, what do we collect and what do we do with it?
We have set out below the personal data we may collect from you during your use of our website and how this is used by HydroPeptide.
|How and what personal data do we collect?||What do we do with it and why?|
|We collect your full name, gender, delivery address, billing address, email address, phone number and date of birth (should you choose to provide it) when you make a purchase via our website and/or register for an account with us.||• register your account with us |
• if you wish us to do so, store your details so it is easier for you to order on your next visit
• process and deliver any orders you place with us
• send you updates about our web-services (including updates to our terms and policies)
• to send our latest information and news to you by email, SMS and/or post (unless you specifically tell us you do not want us to)
• we may share your name, email address or phone number with the social media sites on which we present our adverts to check whether you use that social media site and (if you do) to present adverts for our products to you on that site. When we share your email address in this way, we always share a hashed version of your email address (which means the full address is not available to the social media site).
|We collect your credit/debit card details when you make a purchase via our website.||• to process your purchase.|
• to comply with our legal and regulatory obligations.
|We collect your date of birth when you make a purchase via our website (but only if you choose to provide this to us)||• to tailor the messages we send to you based on what we think will be of interest to you based on your age.|
• to provide you with discounts and offers on or around your birthday (unless you specifically tell us that you do not want us to).
|We collect your full name, email address, telephone number and postal address (unless you choose not to provide such information to us) when you create an account/register to receive our latest news and information.||• to store this on our internal database and, unless you tell us you do not wish to receive messages from us, to ensure you receive all the latest news and information about our new product releases, offers, discounts and events to your preferred contact method(s).|
|If you make a purchase via our website, details of your shopping history, including spending data, types of orders and frequency of orders.||• to analyse your shopping patterns compared to other customers (although we will aggregate your personal data before we use it for this purpose).
• to tailor the messages we send to you based on your shopping history.
|The fact you have visited our website and the products you have viewed, which may be collected via online identifiers such as cookies, tags and pixels.||• to share this information with social media sites (such as Facebook and Instagram) on which we publish adverts, to enable them to display advertising relevant to your interests.|
|Your name, email address, social media handle and any other information that you include in your message/comment when you send us a message with a comment or question on our website, by post, email, phone or on any of our social media pages (Facebook, Twitter, Instagram, Pinterest or YouTube).||• to deal with your comment/question and to contact you about this, if necessary.|
• if the comment/message is in relation to a social media competition, to enter you into the competition.
|Your name, email address, social media handle and any other information you provide to us when you take part in any competition we operate on our website or any of our social media sites.||• to enter you into the competition|
• to send you details of our products, offers and events which we think will be of interest to you by email, SMS and/or post (unless you specifically tell us that you do not want us to).
|Technical information about your computer, tablet or phone (including your IP address, screen resolution, browser type, operating system software type and device type).||• to enable you to store your preferences on your device (so you can, for example, save your login details, your preferred language and preferred currency)
• to improve our website, services marketing and customer relationships so our website is easier for you to use.
• to analyse your location to understand how best to provide advertising campaigns to you.
|Other technical information about your computer, tablet or phone (including your IP address, screen resolution, browser type, operating system software type and device type).||• to administer and protect our website through troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data.|
|If you are a business customer, we may obtain your name and contact details from publicly available sources, such as Google and LinkedIn.||• To contact you about our business, products and services.|
4. Our lawful basis for what we do with your personal data
We will never use your personal data unlawfully. We have set out below our lawful basis for the various ways we use your personal data.
|Our use of your personal data||Our lawful basis|
|Creating and maintaining your account.||Performing our contract with you. Some of this information will also be required for legal reasons such as fraud prevention.|
|Processing and delivering orders to you and dealing with returns, refunds and other customer service queries.||Performance of our contract with you (we need to do this to provide our products to you).
Some of this information will also be required for legal reasons such as fraud prevention and for our legitimate interests of defending against any claims made against us.
|Sending you details of our products, offers and events by email, SMS and/or post.||Our legitimate interests of communicating with our customers to tell you about our new products, offers, events and competitions and for the purpose of growing and expanding our business.|
|Creating a profile of you based on your shopping habits, purchase history, location and, if relevant, date of birth.||Our legitimate interests of ensuring that we are targeting our customers effectively which means that you do not receive news and information we don’t think that you would be interested in and so we can ensure that we are creating the best possible experience for our customers, so they keep coming back to us.|
|Dealing with your comments/questions (where these are not related to a specific order).||Our legitimate interests of ensuring we provide the best possible customer service.|
|Improving and securing our website.||Legal requirement of preventing fraud and our legitimate interests of ensuring that our website works effectively, is secure and reflects our customers’ browsing habits.|
|Administering our competitions.||Performance of our contract with you (we need to use the information to enter you into our competition and tell you if you have won).|
Where you have made a purchase from our website or created an account with us, we want to make sure that you are kept up to date with all our latest products, events and offers and therefore, unless you specifically tell us you do not want to receive these messages, we will send you messages by email, SMS and/or post. You can tell us that you do not want to continue receiving these messages by “opting out” or contacting us at firstname.lastname@example.org.
6. Sharing of Personal Data
We do not sell your personal data to any third parties. We may share your personal data with our carefully selected third party service providers who help us provide our services to you, including:
• Our logistics/warehouse service provider.
• Our couriers and similar delivery companies.
• Our e-commerce platform, Shopify.
• Our payment providers, such as Shopify/Stripe.
• Our professional partners, including our marketing agencies (such as Klaviyo) and website hosts and designers.
• Our IT and technical service providers.
• Social media platforms on which we publish adverts.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third party service providers to use your personal data for their own purposes and only permit them to use your personal data for specified purposes and in accordance with our instructions.
7. International Transfers
Given the international nature of our business, your personal data may be transferred and accessed in a country outside of your country of residence, this will include the following:
• your personal data may be transferred to our group companies based in the US, who need to access the personal data to provide support services to us;
• we use Shopify as our e-commerce platform and its servers are located in the US, Canada and Ireland. This means that certain of your personal data may be stored on servers outside the UK;
• we may use marketing agencies who store personal data outside of the UK. For example, Klaviyo stores personal data in the US;
• our payment processor may store personal data in the US.
We ensure that all transfers of personal data outside of the UK are carried out in accordance with data protection laws, including by ensuring the relevant country is the subject of an adequacy decision or, if not, entering into an international data transfer agreement or addendum (or equivalent).
Full details of the countries to which we may transfer your personal data, and the measures we have in place to protect our personal data, are available on request.
8. Data Security
We protect your personal data in the following ways:
• We will not request information which is excessive for our purposes, as outlined above.
• We try, with your assistance, to keep any information we hold about you up to date and accurate.
• We anonymise information where we do not require personally identifiable information for the purpose for which it is used.
• We follow strict security procedures in the storage and disclosure of information that you have given to us to prevent unauthorised access.
• We have appropriate written agreements in place with those advertisers and third-party technical providers (listed above) with which we may share any information submitted by you.
• We utilise Shopify’s e-commerce platform to ensure that our online store is secure. Details of Shopify’s security measures are available here https://www.shopify.com/security.
Unfortunately, the transmission of information via the internet is not completely secure. Although we try our best to keep your personal data secure, we cannot guarantee the security of your personal data transmitted from our website; any transmission is at your own risk. Our website may include links to third-party websites and apps. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of the websites that you visit.
9. How long will we keep your information for?
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, auditing or reporting requirements.
We will retain your name, email address, delivery and billing address(es), phone number, payment details and details of your purchase for up to seven years following your purchase.
We will retain your name, email address, delivery and billing address(es), phone number, date of birth, and purchase history for such time as you continue to hold an account with us and for six months afterwards (note that, if you’ve made a purchase from us, we may continue to hold certain of your personal data for a longer period, as set out above).
We will retain our correspondence with you whether ascertained through our website or any of our social media platforms for up to six years following the date of such correspondence.
We will retain details of your purchasing and browsing habits, and any technical information we collect about you, for up to twelve months following the date of collection.
Where you choose to receive our latest news, products and offers, we will keep your contact details (generally your email address, phone number and/or address) for such time as you wish to continue to receive such updates from us. Alternatively, you can choose to “opt-out” and stop receiving marketing emails by contacting us using the details provided.
10. Your legal rights
Dependent upon the circumstances, you may have certain rights in respect of your personal data under data protection laws These include:
• a right to be informed about the collection and use of the personal data we hold about you;
• a right of access to a copy of the personal data we hold about you;
• a right to object to processing that is likely to cause or is causing damage or distress to you;
• the right to object to our processing of your personal data for direct marketing purposes;
• a right to object to decisions being taken by solely automated means; • a right in certain circumstances to have information transferred to you or a third party;
• a right in certain circumstances for the personal data we hold about you to be erased; and
• a right in certain circumstances to have inaccurate personal data rectified, blocked, erased or destroyed.
If you wish to exercise any of the rights set out above, please contact us at email@example.com
You have the right to complain in respect of our use of your personal data. If you are a UK resident, your complaint would normally be addressed to the Information Commissioner’s Office (‘ICO’). Please contact us before you escalate your complaint.
11. Contacting us
12. Changes to this Policy