Privacy Policy

Que Bella Beauty GDPR Privacy Statement

This privacy statement sets out:

Que Bella Beauty GDPR Privacy Statement

This privacy statement sets out:

what information Que Bella Beauty collects from you and why;

how Que Bella Beauty uses and protects any information that you give; and

how you can access and manage your information.

Que Bella Beauty is committed to ensuring that your privacy is protected. If we ask you to provide certain information by which you can be identified, you can be assured that it will only be used in accordance with this privacy statement.

Que Bella Beauty may change this statement from time to time by updating this page.

We will make clear whenever any changes are made. This statement is effective from 30th June 2020.

What we collect

We may collect the following information:

  • name;
  • contact information including email and home address;
  • demographic information such as postcode, preferences, health related information and interests.

What we do with the information we gather

We require this information to understand your needs and provide you with a better service. In particular, we will use it and process it lawfully for the purposes of:

  • monitoring, recording and storing telephone or email communications for the purpose of internal training, to improve the quality of our customer service and in order to meet any legal and regulatory requirements;
  • improving our products and services;
  • customising our website according to your interests;
  • periodically sending you promotional mails, emails or SMS messages about new products, special offers or other information which we think you may find interesting using the contact details which you have provided;
  • use your information to contact you for market research purposes; and
  • contact you by phone in relation to the above.

We will also use your information to manage our contractual relationship with you for:

  • internal record keeping and account management purposes (e.g. verifying your identity and fulfilling orders you place); and
  • contacting you by email, phone or mail for the purpose of account administration and/or processing and fulfilling orders.

If you contact us or we contact you, we may ask for certain information from you to confirm your identity, check our records and deal with your account efficiently and correctly.

Where we have asked for your consent to use your personal information for a particular purpose, this consent can be withdrawn by you at any time. Please see the section entitled ‘Controlling your personal information’ below.

Security

The security of your information is very important to us. As part of our commitment to keeping your data safe, our technical experts maintain physical, electronic and managerial procedures to keep safe the information we collect.

Only authorised employees and carefully checked agents, contractors and sub-contractors, who provide a particular data processing service for us, are permitted access to your data. These people will only be allowed access to your data for the purposes identified within this Privacy Policy, processing it on our behalf or for IT security and maintenance.

If a third party processing your data on our behalf is located in a non-EU country that does not have data protection laws equivalent to those in the EU, we will always take appropriate additional steps to ensure that your personal information is kept safe and secure by those processing your data on our behalf. This will generally involve ensuring that such third party agrees to sign up to a formal legal agreement committing such party to comply with standards equivalent to those that would apply where that party to be located within the EU.

We aim to protect all of our customers from fraud. As part of this, we may use your personal information to verify your identity to help prevent or detect fraud. These checks may involve your information being disclosed to credit reference agencies, who may keep a record of that information. This is not a credit check and your credit rating will be unaffected.

Sometimes, you might wish to disclose sensitive information to us, for example if you need a priority delivery because you are receiving medical treatment. We will only use sensitive data for the specific reason you disclosed it to us and we will take extra care to keep it secure. From time to time, we will check with you that we may continue to use that sensitive data for the specified purpose. We will re- check this consent on a periodic basis. In either case, you may withdraw your consent at any time.

How long we hold your information for

The time period for which we keep information varies according to what we use the information for. Unless there is a specific legal requirement for us to keep information, we will keep your information for as long as it is relevant and useful for the purpose for which it was collected.

If you contact us via the contact form on our website, we will only keep your email and enquiry for up to 1 year. Typically the query is dealt with much sooner than this.

Where we are using your personal information to send you marketing information via email, we will retain your information for as long as you stay subscribed. You are only receiving marketing information because you have opted in to receive our email newsletters. If you wish to unsubscribe you can do so by clicking on the link at the bottom of the company’s email. Alternatively, you can email us via the contact form.

Where we are using Google Analytics to track and report on our monthly campaigns, we will only hold this information for as long as Google will allow. Currently data is held by Google Analytics for 26 months. That said, certain user-key data is by default deleted by Google Analytics after 6 months of inactivity for a given user

Third Parties that provide a particular data processing service for us, are permitted access to your data. These people will only be allowed access to your data for the purposes identified within this Privacy Policy, processing it on our behalf or for IT security and maintenance.

If a third party processing your data on our behalf is located in a non-EU country that does not have data protection laws equivalent to those in the EU, we will always take appropriate additional steps to ensure that your personal information is kept safe and secure by those processing your data on our behalf. This will generally involve ensuring that such third party agrees to sign up to a formal legal agreement committing such party to comply with standards equivalent to those that would apply where that party to be located within the EU.

Sometimes, you might wish to disclose sensitive information to us. We will only use sensitive data for the specific reason you disclosed it to us and we will take extra care to keep it secure. From time to time, we will check with you that we may continue to use that sensitive data for the specified purpose. We will re- check this consent on a periodic basis. In either case, you may withdraw your consent at any time.

Controlling your personal information

You may choose to restrict or control the collection or use of your personal information in the following circumstances:

when you are asked to fill in a form on the website or elsewhere (ensure that you do not tick any box which consents to our use of your personal information if you do not want us to use your personal information for those purposes);

if you have previously agreed to us using your personal information for specific purposes and wish to change your mind;

If you wish for your personal information to be erased from our systems;

If you wish for us to transfer your personal information to a third party (e.g. another service provider). In this case, we will provide you with certain personal information held by us for you to pass to that third party (or, in certain circumstances, we may be able to transfer that data to such third party directly if you wish for us to do so).

You have the right to:

know that information is being processed;

access information that is being processed;

rectification of information being processed;

erasure of information held on you (commonly known as the right to be forgotten);

restrict processing;

be notified about what information has been rectified, erased and restricted;

portability (that is, to request your data be handed over to someone else);

object to the processing of your information.

It is important to note that this is not an absolute right to review all the information that is held about you, as there are various exceptions to this right. These include:

where personal data is kept for the purpose of preventing, detecting or investigating offences and related matters; and

where the data is given by another person in confidence.

If you want to remove a consent or request erasure or transfer of your personal information, you may do so at any time by writing to us at Design Plus Health and Beauty Ltd, Rowan House, 3 Stevant Way, White Lund Ind Estate, Morecambe, Lancashire, LA3 3PU or emailing us at sales@designplusuk.com.

We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so. Where we do seek your permission, we will name the relevant third party at the time we seek such permission from you and any such permission shall be limited to that third party.

Sometimes we may have to pass information to statutory bodies authorised to obtain data under various legislation, such as the police or tax authority.

If you believe that any information, we are holding on you is incorrect or incomplete, please write or email us as soon as possible, using the details set out above. We will promptly correct any information found to be incorrect.

To protect your privacy and security, we will take reasonable steps to verify your identity before granting access or making corrections.

This policy replaces all previous versions and is correct as of 30th June 2020 We reserve the right to change the policy at any time.