Security & Privacy
2. Purposes of Data Collection
3. Categories of Data Collected
4. How is your Data Processed?
5. Who will this information be shared with?
6. How long will we hold your information?
7. Transfers to Third Countries
8. Your Rights
10. Amendments of this Privacy Notice
11. Third Party Sites
12. Governing Law and Jurisdiction
Evanna Beauty Limited trading as Advanced Skin Shop.ie is a private limited company, registered address Ballinra, Screen, Co Wexford, Company Registration Number 420356 and is the data controller of any personal data you provide in the context of engaging our services.
We are committed to protecting your personal data in compliance with data protection principles. You may contact us at any time to exercise your rights as a data subject or where you require further clarification on the information provided in this policy by emailing email@example.com
By using this Website you are agreeing to the use of your personal data as described in this Privacy Notice.
Purposes of Data Collection
i.Performance of a Contract
Where you provide your personal data to us to receive goods you have purchased from our website, we rely on Article 6(b) of the GDPR to provide the legal basis for collecting and processing your personal data for this purpose i.e. we require your personal data to fulfil the performance of this agreement with you. We also rely on this legal basis where you voluntarily submit those details for the purposes of enquiring about our products or services.
We rely on Article 6(1)(b) and Article 9(a) to process special categories of data where it may be possible to infer the status of your health or any particular condition that you have through the purchase of healthcare or medicinal products on our website.
We also rely on Article 6(f) of the GDPR to process your personal data for the purpose of running analytics on our sales and website to determine how we can optimise and improve our business for the benefit of our customers.
iv.Performance of a Contract
We collect and process your personal data for the purposes of contacting you where you provide these details to us in the context of enquiring about our services or products. Where you voluntarily submit your personal details for the purposes of engaging our services we rely on Article 6(b) of the GDPR to provide the legal basis for collecting and processing your personal data for this purpose i.e. we require your personal data to fulfil the performance of this agreement with you.
Categories of Data Collected
We only collect personal data that is provided by you i.e. name, address, telephone number, email address. We do not collect payment details and all payments are routed through a secure payment gateway.
We also use your personally identifiable information for the purpose of website analytics i.e. we use your IP address for the purpose of identifying the number of visitors to our website, page impressions etc, however, we do not have the capability of identifying you from your IP address.
How is your Data Processed?
Your data is automatically synced with our mail servers and e-commerce system and will be processed internally for these purposes.
Who will this information be shared with?
Your privacy is very important to us. Your personal data may be shared with business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you. For example, we will share your details with our mail delivery partners for the purposes of ensuring the goods you purchase are delivered to you.
In the event of a purchase or sale of the business, we may disclose your personal data to third parties who are prospective buyers or sellers of such businesses or assets. If the Company or its assets are sold to a third party, personal data will be transferred as part of the transaction. However, the Company will ensure to the best of its ability that the privacy of your personal data is maintained on an ongoing basis.
Personal information may also be disclosed to law enforcement, regulatory, or other government agencies, or to other third parties, in each case to comply with legal or regulatory obligations or requests.
How long will we hold your information?
We will hold your information for the duration required to fulfil our contractual and statutory obligations. Where you would like your information to be deleted, please refer to section 8 below.
Transfers to Third Countries
Where personal data that is processed for the purposes of providing our services to you and where this requires the transfer of this data outside of the EEA .
Where personal data is transferred outside of the EEA, your rights as a data subject are protected by data transfer mechanisms such as Standard Contractual Clauses and EU/US Privacy Shield.
You have a number of rights as a data subject which you may choose to exercise at any time by contacting us at firstname.lastname@example.org
- Access to Personal Data
Where you wish to access a copy of your personal data held by us, you may do so by contacting us in writing and we will respond to this request in 30 days.
- Rectification or Erasure of Personal Data
Where you wish the data that we hold on you to be rectified, you have the right to request this in writing.
Where you wish to exercise your right to have your personal data erased, we will do so without undue delay, subject to the exemptions provided for in Article 17(3) of the GDPR.
iii. Restriction of processing
You have the right to obtain restriction of processing of your personal data where you contest the accuracy of the data for a period allowing us to verify the accuracy of the data; where the processing is unlawful and you oppose the erasure of your data and request the restriction of its use instead; where we no longer need the data for the purposes for which it was collected but it is required by you for legal purposes; where you have objected to the processing pursuant to Article 21(1).
- Right to Data Portability
You have the right to receive your personal data in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller.
We use reasonable technical and organisational security measures to protect your data and to prevent the loss, misuse or unauthorised alteration of any data in our control and will use our reasonable endeavours to ensure that such information is kept as secure as possible.
Amendments of this Privacy Notice
This Privacy Statement may be updated to reflect changes in privacy legislation, and any changes to this Notice should be reviewed when accessing the website.
Third Party Sites
Where links to third party websites are provided, we do not accept any liability or responsibility for the content or security of these websites.
Governing Law and Jurisdiction
This notice and all issues regarding this website are governed exclusively by Irish law and are subject to the exclusive jurisdiction of the Irish courts.