PRIVACY POLICY
See Privacy policy in English below
The purpose of this Privacy Policy is to inform customers, potential customers or visitors of the websites owned by Puella, about the purposes and basis for the processing of personal data by PUELLA, cosmetics business, Tina Šuler s.p., Trg 57 a, 2391 Prevalje, Slovenia (hereinafter referred to as: Puella/the Provider). At PUELLA, cosmetic business, Tina Šuler, s.p. we value your privacy and therefore always protect your data carefully. This privacy policy may be changed or amended at any time, without prior notice or notification. By using the provider’s website after a change or update, the individual confirms that he/she agrees to the changes and updates. By using the website, the user confirms that he/she accepts and agrees to the entire content of this privacy policy, insofar as no additional forms of consent are required for individual cases. Our activities comply with European legislation (Regulation (EU) 2016/697 on the protection of individuals with regard to the processing of personal data and on the movement of such data (General Data Protection Regulation or GDPR) and Council of Europe Conventions (ETS No.108, ETS No.181, ETS No. 185, ETS No. 189)) and the national legislation of the Republic of Slovenia (the Personal Data Protection Act (ZVOP-1, Official Gazette of the Republic of Slovenia, No. 94/07), the Electronic Commerce on the Market Act (ZEPT, Official Gazette of the Republic of Slovenia, No. 96/09 and No. 19/15), etc.). As we are aware that your privacy and familiarity with the processes of processing your personal data mean a lot to you, we also invite you to read more about the individual segments of personal data protection in the guidelines of the Information Commissioner, which acts as the competent state authority in the territory of the Republic of Slovenia for the supervision of the legal framework of personal data protection.
PERSONAL DATA
Personal data is information that identifies you as an individual: your name, surname, email or postal address, etc. For the purposes of its business, Puella collects the following user data:
- name and surname,
- address and place of residence,
- email address,
- contact telephone number,
and other information you enter in the relevant forms on the website. By registering and / or placing an order on the website, you expressly agree that Puella may obtain personal data (name and surname, address of residence, e-mail address and any other information provided to the provider for the purpose of fulfilling the contract – orders are voluntarily provided by the buyer) , except for the purposes of negotiating a contract or for fulfilling a contract – an order (as specified in Article 10 of the current Personal Data Protection Act), also used for the purposes of direct marketing through all advertising channels used by the provider (notification by phone and SMS , print media, unaddressed and addressed direct mail, e-mail, etc.), and for the purposes of direct marketing-related statistical and market analysis, marketing profiling and segmentation. In this way, we will make sure that you are properly informed about our current offers at all times, and at the same time you will be informed only about the product offers that best suit your wishes. As a customer, you must also explicitly give your consent for direct marketing via Puella e-mail when registering and / or placing an order on the website marked “Subscribe to e-news”. Otherwise, the buyer will not receive direct marketing via e-mail, nor will he be duly informed about the provider’s online campaigns. To withdraw your consent to direct marketing by email, please:
- by sending a return e-mail in response to a specific e-mail received by the provider each time direct marketing is carried out, and / or;
- by filling in the online form, the link to which is stated in each e-mail received by the provider when performing direct marketing.
You will be informed of the possibility to withdraw your consent to direct marketing via email in each email. The Provider will take your cancellation request into account and will consistently arrange the cancellation of your consent for the purpose of direct marketing through the relevant advertising channel(s) within a maximum of 15 days and will notify you thereof in writing or by other agreed means within a further five days. You shall not incur any costs in doing so. The Provider also grants you all other rights in accordance with applicable law, as set out below. The Provider does not collect or process your personal data except when you allow or consent to the Provider to do so, i.e. when you order products or services, subscribe to a newsletter, enter a prize draw, etc., or where there is a legal basis for the collection of personal data or the Provider has a legitimate interest in the processing. The Provider collects and processes your personal data on the following legal bases:
- law and contractual relations,
- the consent of the individual,
- legitimate interest.
Processing on the basis of law and contractual relations
Where the provision of personal data is a contractual obligation, an obligation necessary for the conclusion and performance of a contract with a provider, or a legal obligation, you must provide personal data; if you do not provide personal data, you cannot enter into a contract with the provider and the provider cannot provide you with the services or products under the contract because it does not have the necessary data to perform the contract. Conclusion and implementation of the contract concluded with the provider, including the provider’s fulfillment of your orders (supply of products and provision of services), communication with you, verification of your payments and fulfillment of other obligations of the provider and / or your obligations. point (f) of Article 6 (1) of the GDPR). Directly informing customers about special offers, discounts and other content via e-mail or SMS At PUELLA, cosmetics, Tina Šuler, s.p., we inform our customers about our products, services and content on the basis of the ZEKom-1 Act (the Electronic Communications Act of the Republic of Slovenia, implemented on the basis of Directive 2002/58/EC of the European Parliament and of the Council). The customer may at any time request the termination of such communication and processing of personal data. The Customer may terminate such communication at any time via the unsubscribe link in the messages received or by written request to info@puella.si.
Processing on the basis of a legitimate interest
The Provider may also process data on the basis of legitimate interests pursued by the Provider, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require the protection of personal data. Where legitimate interest applies, the provider shall always make an assessment in accordance with the General Data Protection Regulation. General statistical processing of data on customers and their orders and potential customers (contacts) for the purposes of internal analyses of sales, repeat purchases, aggregate customer behaviour, advertising optimisation and business optimisation At Puella, we carry out general statistical processing of data on customers and their orders and potential customers (contacts), on the basis of which we carry out internal analyses of sales, repeat purchases and aggregate customer behaviour, and we monitor and optimise our business performance and optimise our advertising, for example:
- we monitor sales through our sales channels (internet),
- we monitor how many customers make repeat purchases, how quickly and in what value,
- we monitor general sales statistics, such as the average value of the cart, the number of products on order and the like,
- we monitor responses to e-mails, SMS messages, telephone calls and various advertising messages (online ads) and on this basis we optimize our advertising (we decide what, where, to whom and how to advertise).
This type of statistical monitoring allows us to optimise our overall business and advertising, and to offer affordable products and services to our customers.
Access to your past orders and other information for PUELLA, cosmetic business, Tina Šuler, s.p.
When you call PUELLA, cosmetics business, Tina Šuler, s.p. (or our outbound call to you) or in the event of a visit (if and when you self-identify), our sales and support consultants have access to your recorded personal data and purchase history, which will enable them to offer you a better service and more personalised offers. If you do not wish to do so, you may terminate this type of data processing at any time or by written request to info@puella.si.
Processing of data on uncollected distance orders in order to prevent fraud:
Puella processes data on distance orders sent and not received on the basis of its legitimate interest to determine whether and which customers are disproportionately ordering products at a distance with payment on delivery and then not collecting these products, thereby causing us commercial damage which we want to prevent. Once identified, such customers are prevented from ordering products in the online shop with payment on delivery, but are still allowed to order products with other payment methods.
Automatic email communication with the user based on his or. its start of the online buying process
In the context of basic personalised communication (via email, SMS, phone calls, mail, browser notifications, website information, social media), we try to present you with relevant offers, discounts and other content that may be of interest to you based on your past interactions with us For this purpose, we use the following information about you:
- demographic data (gender, age, address),
- history of your purchases (purchased products, time of purchase, number of purchases),
- easily address behavior on Puella websites (viewing individual products or content that may trigger the sending of customized messages), without using this information to create user profiles,
- your responses (opening a message, clicking on a link, purchasing) to the various messages we send you.
We do not use any kind of semi-automatic or automatic profiling, but simply select the appropriate recipient sets for each message. In doing so, we never focus on individual data, but perform aggregate processing of larger groups. This information can then determine which messages you receive from us:
- which products and contents we will present to you so that they will be of maximum interest to you,
- what offers you will receive,
- how often we will send you messages and through which communication channels.
The Buyer may terminate such communication at any time via the unsubscribe link in the messages received or by written request to info@puella.si.
Using the Facebook advertising tool Facebook Custom Audiences
Puella also uses Facebook Custom Audiences for online advertising on the basis of its legitimate interest, either in the context of carrying out basic personalised communication on the basis of its legitimate interest or in the context of obtaining consent to communicate personalised offers and content on the basis of the user’s profile. This service works as follows:
- we upload your email address, which we obtained from you during your purchase or your voluntary entry, to Facebook,
- facebook compares your email address with your user base and finds out if you are a Facebook user
- if you are not a Facebook user, then nothing happens to your email address and Facebook does not perform any activities with it,
- however, if you are a Facebook user, Facebook will add you to the newly created list of customized audiences, which will only and explicitly allow us to show customized ads to this group of users on Facebook,
- based on this, we can show you more targeted and personalized ads on Facebook and, above all, additional discounts.
Processing based on your consent
The Provider also collects and processes (uses) your personal data for the following purposes where you have given your consent:
- ensuring that you access and use your online account with the provider and the provider’s online store and for technical reasons of administration on the provider’s website,
- ensuring that you can access the specific information available to you on the provider’s website and on your online account / profile provided by the provider,
- prepare and send personalized e-newsletters, if you have subscribed to it,
- sending commercial offers and other content via e-mail, SMS messages, regular mail or telephone calls and social networks (Facebook, Instagram) when there is no other basis for this and you have agreed to it,
- any other purposes for which you specifically agree to cooperate with the provider.
CONTRACTUAL PROCESSING OF PERSONAL DATA
As an individual, you acknowledge and agree that the Provider may entrust certain tasks relating to your data to other persons (contract processors). Contractual processors may process confidential data exclusively on behalf of the provider, within the limits of the provider’s authorization (in a written contract or other legal act) and in accordance with the purposes defined in this privacy policy. The contractual processors with which the provider cooperates are:
- Accounting Service; law firms and other legal advice providers,
- data processing and analytics providers,
- IT system maintainers,
- e-mail providers,
- payment system providers,
- providers of customer relationship management systems,
- online advertising solution providers.
- The provider will not pass on your personal data to unauthorized third parties.
Contract processors may only process personal data under the controller’s instructions and may not use personal data to pursue any of their own interests. The controller and users do not export personal data to third countries.
PERSONAL DATA STORAGE
The Provider will keep your personal data only for as long as necessary to fulfil the purpose for which the personal data was collected and further processed. Those personal data that the provider processes on the basis of the law are kept by the provider for the period prescribed by law. The personal data processed by the provider for the purpose of concluding a contractual relationship with an individual shall be kept by the provider for the period necessary for the performance of the contract and for 5 years after its termination, except in cases where there is a dispute between you and the provider. ; in such a case, the provider shall keep the data for 5 years after the court or arbitration decision or settlement has become final or, if there has been no litigation, for 5 years from the date of the amicable settlement of the dispute. Those personal data that the provider processes on the basis of the personal consent of the individual or a legitimate interest, the provider keeps permanently, until the revocation of this consent by the individual or. interruption requests. The provider deletes such data before cancellation only when the purpose of personal data processing has already been achieved or if so provided by law. After the retention period has expired, the controller shall erase the personal data in an effective and permanent manner so that they can no longer be associated with a specific individual.
FREEDOM OF CHOICE
You control the information you provide about yourself. If you choose not to provide your information to the provider, then you will not be able to access certain sites or functions on the website. Individuals who want to unsubscribe from the e-news, let us know at the e-mail address info@puella.si. If your personal data (post code, e-mail address, physical address, telephone number) changes, please inform us of the changes by e-mail to info@puella.si.
COOKIES
Cookies are invisible files that are temporarily stored on your hard drive and allow the provider to recognise your computer the next time you visit a website. The provider uses cookies only to collect information concerning the use of the website and to optimize its Internet advertising activities. Advertising cookies track an individual’s use of the provider’s website unless the individual does not consent to the use of cookies on the site.
SECURITY
All information provided is protected against third party intrusion, which ensures you a smooth and uninterrupted transaction with the provider. The protection of the personal data of our users is an important concern of our company. The privacy policy deals with the handling of information that the provider receives about you when you visit and use our website or when you perform other activities on the website (registration and / or purchase of the product). The provider makes great efforts to ensure the security of personal data. Your data is protected at all times from loss, destruction, falsification, manipulation and unauthorized access or unauthorized discovery. The provider shall take various measures and information mechanisms to ensure the smooth operation of the website and the security of data transmission on the website.
Minors
The Provider strongly recommends that all parents and guardians teach their children and caregivers to handle personal data safely and responsibly on the Internet. Minors should not transfer any personal information to the Website without the permission of their parents or guardians. The Provider will never knowingly collect personal data from persons whom it knows to be minors.
INDIVIDUAL RIGHTS REGARDING DATA PROCESSING
You have a number of rights in relation to your personal data. These include the right to access, review, erasure and restriction of processing, transfer, objection and complaint.
- Right of information: the right to know what information we collect about you, for what purposes and for how long, where we obtain your personal information, to whom we pass it, who processes it besides us and what your other rights are in connection with the processing of your personal data. You can read all this in the chapter “Privacy Policy”, in case you have any questions, you can write to us at info@puella.si.
- Right to revoke consent: If, as an individual, you have consented to the processing of your personal data (for one or more specific purposes), you have the right to revoke that consent at any time, without prejudice to the lawfulness of the data processing carried out until its revocation. Consent can be revoked by a written statement sent to info@epuella.si. Revocation of consent to the processing of personal data does not have any negative consequences or sanctions for the individual. However, after revoking the consent to the processing of personal data, the controller may no longer be able to provide an individual with one or more of its services in the case of services that cannot be provided without personal data.
- Right of access to personal data: as an individual you have the right to obtain confirmation from the provider (personal data controller) whether personal data are processed in relation to you and, where applicable, access to personal data and certain information (on the purposes of processing, types of personal data, on users, on retention periods or criteria for determining periods, on the existence of the right to rectify or delete data, the right to restrict and object to processing and the right to appeal to the supervisory authority, the source of data if the existence of automated decision-making, including profiling, the reasons for it and the importance and consequences of such processing for you, and other information in accordance with Article 15 of the GDPR).
- Right to correct personal data: As an individual, you have the right to have the provider correct inaccurate personal data about you without undue delay. As an individual, you have the right to supplement incomplete data, including the submission of a supplementary statement, taking into account the purposes of the processing.
- Right to delete personal data: as an individual you have the right to have the provider delete personal data concerning you without undue delay, and the provider must delete data without undue delay when there is one of the following reasons: the data is no longer needed for the purposes for which were collected or. otherwise processed; if you revoke the consent and there is no other legal basis for the processing; if you object to the processing and there are no overriding legitimate reasons for the processing; the data were processed illegally; the data must be deleted in order to fulfill legal obligations under EU law or the law of the Member State applicable to the provider; data were collected in relation to information society service offers.
- As an individual, however, in certain cases described in 3. paragraph of Article 17 of the GDPR, you do not have the right to delete data.
- Right to limit processing: as an individual, you have the right to have the provider restrict processing when there is one of the following cases: if you dispute the accuracy of the data for a period that allows the provider to verify the accuracy of the data; the processing is illegal and you oppose the deletion of the data and instead request a restriction on their use; the data provider no longer needs it for processing purposes, but you need it to enforce, enforce and defend legal claims; you have lodged an objection to the processing until it is verified that the legitimate reasons of the provider outweigh your reasons.
- Right to data portability: as an individual, you have the right to receive personal data concerning you that you have provided to the provider in a structured, commonly used and machine-readable form, and you have the right to pass this data on to another controller without you the provider to whom the personal data have been provided has been hindered in doing so, namely when: the processing is based on consent or on a contract and the processing is carried out by automated means. As an individual, in exercising this right of portability, you have the right to transfer personal data directly from one controller (provider) to another, where technically feasible.
- Right to object to processing: As an individual, you have the right, on grounds relating to your specific situation, to object at any time to the processing of personal data necessary to perform tasks in the public interest or exercise public authority conferred on the provider (point (e) Article 6 (1) of the GDPR) or is necessary for legitimate interests pursued by the provider or a third party (point (f) Article 6 (1) of the GDPR), including profiling based on those treatments; the provider ceases to process personal data unless it proves compelling legitimate reasons for the processing overriding your interests, rights and freedoms, or for asserting, enforcing or defending legal claims. Where personal data are processed for marketing purposes, the individual has the right to object at any time to the processing of data relating to him for the purposes of such marketing, including the creation of profiles in so far as it relates to such direct marketing; where an individual objects to the processing for the purposes of direct marketing, the data shall no longer be processed for those purposes. Where data are processed for scientific or historical research purposes or for statistical purposes, the individual has the right to object to the processing of data relating to him for reasons related to his particular situation, unless the processing is necessary for the performance of the task carried out. for reasons of public interest.
- Right to lodge a complaint with the supervisory authority: without prejudice to any other (administrative or other) remedy, you as an individual have the right to lodge a complaint with the supervisory authority, in particular in your country of residence, place of work or which is alleged to have been breached (in Slovenia it is the Information Commissioner), if you believe that the processing of personal data in relation to you violates the regulations on personal data protection.
Without prejudice to any other (administrative or extra-judicial) remedy, you have the right as an individual to an effective remedy against a legally binding decision of the supervisory authority concerning your complaint, including if the supervisory authority does not consider your complaint or does not inform you within three months of the state of the case or of the decision on your complaint. Proceedings against the supervisory authority shall be subject to the jurisdiction of the courts of the Member State in which the supervisory authority is established. An individual may address all requests concerning the exercise of rights in relation to personal data to the controller, in writing, at info@puella.si. For the purposes of reliable identification in the case of exercising rights in relation to personal data, the controller may request additional data from the individual, and may refuse to act only if he proves that he cannot reliably identify the individual. The controller must respond to a request from an individual exercising his or her rights in relation to personal data without undue delay and at the latest within one month of receiving the request. In the event of a breach of personal data protection, the provider is obliged to inform the competent supervisory authority, except when it is probable that the breach did not endanger the rights and freedoms of individuals. Where there is a suspicion that a criminal offense has been committed, the tenderer is obliged to inform the police and / or the competent prosecutor’s office about the violation. In the event of a violation that may cause a great risk to the rights and freedoms of individuals, the provider is obliged to immediately or where this is not possible, without undue delay, inform the data subject. The notice to the individual must be made in understandable and clear language.
PRIVACY POLICE
PUELLA, kozmetična dejavnost, Tina Šuler, s.p. (“we”, or “us”, or “our”) is a company registered in Slovenia under company registration number 8009708000 with our registered office address at Trg 57 a, 2391 Prevalje, Slovenia. Our VAT number is SI-90878639. We operate www.puella.si (the “Site”). In this Privacy Policy, references to “you” mean any person submitting any data to us or the Site. If you have any comments or suggestions, please send them by post or by email sent to info@puella.si. Alternatively you may call us on +386 40 567 084 (local rates apply). This line is open to receive calls on Monday to Friday between 10:00 – 16:00 (CET).
DATA PROTECTION EXPLAINED
Data protection is a matter of trust and your privacy is important to us. We shall therefore only use your name and other information which relates to you in the manner set out in this Privacy Policy. We will only collect information where it is necessary for us to do so and we will only collect information if it is relevant to our dealings with you. We will only keep your information for as long as we are either required to by law or as is relevant for the purposes for which it was collected. You can visit the Site and browse without having to provide personal details. During your visit to the Site you remain anonymous and at no time can we identify you unless you have an account on the Site and log on with your user name and password.
THIS PRIVACY POLICY EXPLAINS THE FOLLOWING:
What information PUELLA, cosmetic activity, Tina Šuler, s.p. may collect about you.
How PUELLA, kozmetična dejavnost, Tina Šuler, s.p. will use information we collect about you. Your choices regarding the personal information you have provided to us. The use of cookies on PUELLA, cosmetic business, Tina Šuler, s.p. website. The website contains hyperlinks to websites owned and operated by third parties. These third party websites have their own privacy policies, including cookies, and we urge you to review them. They will govern the use of personal information you submit or are collected by cookies whilst visiting these websites. We do not accept any responsibility or liability for the privacy practices of such third party websites and your use of such websites is at your own risk.
THE INFORMATION WE COLLECT
In order to provide you with the full range of services, we collect personal information from you when you shop on the Site. We use this information to make your shopping experience as easy and enjoyable as possible. We collect, store and process your data for processing your purchase on the Site and any possible later claims, and to provide you with our services. We will collect your:
- Name
- Email address
- Billing address
- Delivery address (if different)
- Telephone or mobile number
USE OF YOUR PERSONAL INFORMATION
You must only provide to us or the Site information which is accurate and not misleading and you must keep it up to date and inform us of changes.
WE WILL USE YOUR PERSONAL INFORMATION LISTED ABOVE TO:
- Contact you in relation to the order you have placed on the website.
- Administer your account with us.
- Provide services to you in the way of sending goods to your address.
- Send you information we think you may find useful or which you have requested from us, including information about our products and services. Subject to obtaining your consent we may contact you by email with details of other products and services. If you prefer not to receive any marketing communications from us, you can opt out at any time.
- We will use your IP address to identify the location of users, the number of visits from different countries and also to block disruptive use; to analyze and improve the services offered on Flawless Lashes Limited. eg to provide you with the most user-friendly navigation experience.
Where PUELLA, kozmetična dejavnost, Tina Sklepič, s.p. proposes using your personal information for any other uses we will ensure that you are notified. You will also be given the opportunity to withhold or withdraw your consent to use your information other than as listed above.
DATA PROTECTION
As set out above, PUELLA, cosmetic business, Tina Šuler, s.p. is committed to safeguarding your personal information. Whenever you provide such information, we are legally obliged to use your information in line with all laws concerning the protection of personal information, including the Data Protection Act 1998 (these laws are referred to collectively in this Privacy Policy as the “data protection laws”). ). We will keep your information confidential except where disclosure is required or permitted by law (for example to government bodies and law enforcement agencies). We will never pass on your details to third parties for marketing purposes but we may pass your data on to a third party only to:
- Make delivery of the product to you (for example to our courier or supplier).
- Make a payment transaction with merchant bank or or Paypal
We provide them only with the information they need to perform their function. We use the latest secure server technology to ensure your information is protected to the highest standards. We use encryption to safeguard your credit card information and only accept orders from web browsers that permit communication through Secure Socket Layer (SSL) technology – this means you cannot inadvertently place an order through an unsecured connection.
COOKIES
PUELLA, kozmetična dejavnost, Tina Sklepič, s.p. also uses cookies and collects IP addresses (an IP address is a number that can uniquely identify a specific computer or other network device on the internet). We use analysis software to look at IP addresses and cookies for the purpose of enhancing your user experience. This information is not used to develop a personal profile of you and the log files are regularly purged.
CONSENT
By entering your details in the fields requested, you enable the PUELLA, kozmetična dejavnost, Tina Sklepič, s.p. to provide you with the services you select. By submitting data to us or using the Site, you consent to our use of your data in the manner set out in this Privacy Policy.
CHANGE TO OUR PRIVACY POLICY
This privacy policy may be updated from time to time so you may wish to check it each time you submit personal information to the Site. The date of the most recent revisions will appear on this page. This policy was last modified on 30/10/2019.