1. Introduction
Glamoréa ("we," "us," or "our") is committed to safeguarding the privacy and security of the personal data we collect, process, and store. This Data Protection Policy outlines our approach to handling personal data in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR) for our European customers.
2. Scope
This policy applies to all personal data processed by Glamoréa in relation to customers, employees, suppliers, and any other individuals whose data we may collect. It covers all processing activities, including data collection, storage, use, and sharing.
3. Data Collection
We collect personal data to provide and improve our services. The types of data we collect include, but are not limited to:
-
Customer Data: Name, contact details, billing and shipping addresses, payment information, and order history.
-
Device Data: IP addresses, browser types, device information, and interaction data from the use of our website.
-
Employee Data: Personal information of employees including contact details, job roles, performance data, and payroll information.
4. Legal Basis for Processing
We process personal data based on the following legal grounds:
-
Consent: Where we have obtained clear and explicit consent from the data subject.
-
Contractual Necessity: When processing is necessary to fulfill a contract with the data subject, such as processing orders and payments.
-
Legal Obligations: To comply with legal obligations, such as maintaining records for tax purposes.
-
Legitimate Interests: Where processing is necessary for the purposes of legitimate interests pursued by Glamoréa, except where such interests are overridden by the interests or fundamental rights of the data subject.
5. Data Use
Personal data collected by Glamoréa is used for the following purposes:
-
Processing and fulfilling customer orders.
-
Managing customer relationships and providing customer support.
-
Conducting marketing activities, including sending promotional materials where consent has been provided.
-
Improving our products, services, and website functionality.
-
Complying with legal and regulatory requirements.
6. Data Sharing
We may share personal data with third parties under the following circumstances:
-
Service Providers: We engage trusted third-party service providers to perform functions such as payment processing, shipping, and data analytics. These providers are contractually obligated to protect personal data and only process it on our behalf.
-
Legal Requirements: We may disclose personal data to comply with legal obligations, court orders, or governmental requests.
-
Business Transfers: In the event of a merger, acquisition, or sale of all or part of our business, personal data may be transferred to the new owners.
7. Data Security
Glamoréa is committed to ensuring the security of personal data. We implement appropriate technical and organizational measures to protect data against unauthorized access, loss, or misuse. These measures include encryption, access controls, secure storage, and regular security assessments.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected or to comply with legal, regulatory, or contractual obligations. Once the retention period expires, personal data is securely deleted or anonymized.
9. Data Subject Rights
Individuals have the following rights regarding their personal data:
-
Access: The right to request access to personal data held by Glamoréa.
-
Correction: The right to request correction of inaccurate or incomplete personal data.
-
Deletion: The right to request deletion of personal data where it is no longer necessary for the purposes it was collected.
-
Restriction: The right to request restriction of processing under certain circumstances.
-
Data Portability: The right to receive personal data in a structured, commonly used, and machine-readable format and to transmit it to another data controller.
-
Objection: The right to object to the processing of personal data based on legitimate interests, direct marketing, or for research purposes.
-
Withdraw Consent: Where processing is based on consent, the right to withdraw consent at any time.
To exercise these rights, individuals can contact us at info@glamorea.com.
10. Data Breach Notification
In the event of a data breach that poses a risk to the rights and freedoms of individuals, Glamoréa will promptly notify the affected individuals and the relevant supervisory authority in accordance with applicable laws.
11. Changes to this Policy
We may update this Data Protection Policy from time to time to reflect changes in our practices or legal requirements. We will notify individuals of any significant changes by posting the updated policy on our website.
12. Contact Information
For any questions, concerns, or requests regarding this Data Protection Policy or our data handling practices, please contact us at:
Email: info@glamorea.com