Getmorebeautyinbox ("Getmorebeautyinbox", “we” or “us”) is the “data controller” in respect of your personal information. We take our relationship with all our users seriously, and this includes how we handle your personal information. Getmorebeautyinbox is committed to protecting the privacy of our customers’ personal information. This Policy sets out the ways we process any personal data relating to you.
1. The personal data we collect about you
Through your use of our websites and our social media channels, sometimes during visits to our stores and events, or where we communicate with you (e.g. by telephone, post, or email), we may collect and process the following information about you:
• your full name, age, date of birth and sex;
• your contact details (e.g. address, phone number and e-mail);
• where you have registered a user account with us, your user name and password;
• your communication and shopping preferences and interests;
• your browsing and shopping activities;
• feedback and survey responses;
• information about your device (e.g. IP address, operating system and browser type);
• your location;
• other personal information that you post, e-mail, share, reproduce or otherwise make available to us.
Where lawful to do so we may also obtain personal information about you from (or combine it with information from) public sources, third party service providers, individuals who have indicated you have agreed for them to provide your personal information, government authorities and other third parties. For example, if you are on another website and you opt-in to receive information from Getmorebeautyinbox, that website may submit to us your email address and other information about you so that we may contact you as requested. You may also use a third party app or feature (such as one of our Facebook or Twitter apps) through which you allow us to collect (or the third party to share) information about you (such as details of your friends/connections, "likes", comments you have shared, groups and location).
We will indicate where any personal information we have requested is mandatory or optional. We will also explain the consequences should you decide not to provide information which we have indicated is mandatory. In some circumstances this may mean we are unable to provide you with a certain service or product.
2. How do we use information about you?
We may use your personal information for the following purposes:
• to process an order placed via our websites or over the telephone;
• to respond and/or deal with your request or enquiry;
• to administer our websites and social media channels and personalise content for you;
• for internal record keeping;
• to provide marketing that you have requested or agreed to receive or which we are otherwise lawfully entitled to undertake with you as a customer or prospective customer and provided you have not opted out;
• to personalise offers, promotions and advertising provided to you based on our understanding of your browsing and shopping habits or purchase history;
• to establish or exercise our legal rights and to comply with law enforcement or other government agency requests or court orders.
3. Who does Getmorebeautyinbox share your personal data with?
We may share your personal data with third party companies (such as advertising and marketing agencies, social media agencies and platforms, software providers, and service providers such as couriers, customer services and payment services providers) for the purposes set out in this Policy including for example to complete your order, to facilitate your experience of our websites, enable offers, advertising or other promotional activity or materials about our products and services to be provided to you, to operate recognition or reward programmes, respond to your queries and / or to provide you with certain services such as aftercare services.
4. Your ability to access, restrict and correct
You have certain abilities in relation to your personal information. You may access the personal information we have collected regarding you, correct the information, and opt-out of particular uses of your information for marketing purposes. Please contact us using the contact details below if you would like to access, restrict, or correct your information.
6. What do we do to safeguard personal data?
We have put in place safeguards to check that our internal procedures meet our high policy standards. We also use reasonable efforts to ensure that our service providers agree to protect your personal data. We use reasonable technological, physical and other measures to keep your information protected from loss, misuse and unauthorized access, disclosure, alteration and destruction, taking into due account the risks involved in the processing and the nature of the personal information.
Where we have given you (or where you have chosen) a password which enables you to access certain parts of our websites, you are responsible for keeping this password confidential. We ask you not to share a password with anyone. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your personal data transmitted to our website(s) and/or social media channels; any transmission is at your own risk.
Our websites are not intended for children under the age of 13 and we do not knowingly collect personal information online from visitors of this age group.
7. How long will we store your personal data?
We take steps to ensure that your personal information is retained for only as long as it is necessary for the purpose for which it was collected. After this period it will be deleted or in some cases anonymised.
Where we have collected the personal information based on your consent and we have no other lawful basis to continue with that processing, if you subsequently withdraw your consent then we will delete your personal information.
8. Where do we store your personal data?
The personal information that we collect may be transferred to, and stored at, a destination outside the European Economic Area (the “EEA”), including countries, which have less strict, or no data protection laws, when compared to those in Europe.
Whenever we transfer your information as described in the paragraph above, we will take steps which are reasonably necessary to ensure that adequate safeguards are in place to protect your personal information and to make sure it is treated securely and in accordance with this Policy. In these cases, we rely on approved data transfer mechanisms (such as the EU “Standard Contractual Clauses” and the EU-US “Privacy Shield”) to ensure your information is subject to adequate safeguards in the recipient country. If you are located in the EEA, you may contact us for a copy of the safeguards which we have put in place to protect your personal information and privacy rights in these circumstances.
9. Other Websites and Services
We may offer links to third party websites and you may see our advertising on third party websites (such as social media platforms). However, we are not responsible for the information collection policies of any such third party websites. If you visit a third party website, we advise you to review their privacy and other policies before you submit any personal data to them. We do not accept any responsibility or liability for these policies.
10. Your California Policy Rights
California's Civil Code section 1798.100 et seq. provides residents of California a number of rights as they relate to personal data. These are the “right to know”, the “right to delete”, and the “right to opt-out”.
Right to Know. You may request us to provide you the specific pieces of personal data that we have about you; categories of Personal data we have collected about you; categories of sources from which the personal data is collected; categories of personal data that we sold or disclosed for a business purpose about you; categories of third parties to whom the personal data was sold or disclosed for a business purpose; and the business or commercial purpose for collecting or selling personal data. Please note that much of the information you can make a request for is already contained in this Policy. Should you wish to exercise this right, please contact our Customer Service Team via one of the methods noted below, and they will assist you. If you do not have an account with us, we may ask for some personal data in order to verify your identity and your rights to the data subject to your request.
Right to Delete. California law gives residents a limited right to request deletion of their personal data. However, this right is limited by a number of exceptions. Fundamentally, if we have a permissible need to retain personal data, we are not under an obligation to delete such information, even when requested. Generally, we retain personal data so we may complete the transaction for which the personal data was collected, provide a good or service requested by you, or reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform a contract between us and you; detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity; debug to identify and repair errors that impair existing intended functionality of our online properties; enable solely internal uses that are reasonably aligned with your expectations based on your relationship with us; comply with a legal obligation; or otherwise use your personal data, internally, in a lawful manner that is compatible with the context in which your provided the information. As such, we generally do not accept requests to delete personal data. However, we will respond to requests to remove personal data from some of our systems as a part of a request to close or otherwise disable a membership account. If you would like to request deletion of personal data, please contact our Customer Service Team via one of the methods noted below, and they will assist you. If you do not have an account with us, we may ask for some personal data in order to verify your identity and your rights to the data subject to your request.
Designating an Authorized Agent. California law permits California residents to designate an agent to manage their rights under California law. If you would like to designate an agent to manage your privacy preferences, you may do so using the mechanisms noted below under “Exercising California Privacy Rights”. Note that If you do not have an account with us, we may ask for some personal data in order to verify your identity and your rights to the data subject to your request. We will also need sufficient personal data about your authorized agent to be able to identify them. As part of this process, you must have permission from your authorized agent to disclose their personal data to us for the purpose of acting as your agent.
Non-discrimination. California law does not permit us to discriminate against you because you exercised any your rights under this title, including, but not limited to, by: denying you access to goods or services; charging different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties; providing a different level or quality of goods or services; suggesting that you will receive a different price or rate for goods or services or a different level or quality of goods or services.
Exercising California privacy rights. If you are a California resident and would like to exercise any of your rights you may do so by contacting us as specified in Section 12 below. Please be aware that we will need to have sufficient information to be able to verify your identity and the rights you have in the data subject to your request.
11. Contact us
If you have any questions regarding this Policy, please contact us online using the ‘Contact Us’ on our website, by email at firstname.lastname@example.org, by calling +86 13560403650.
Last updated 10.19.2020