Privacy Statement & Cookies Policy
This privacy statement refers to the website www.melya.co.uk owned wholly by Melya & Co Trading Ltd, trading as melya cosmetics, a Company Registered in England and Wales (Registration No. 9728324). Registered Office Address 5 – 7 Beatrice St, Oswestry, Shropshire SY11 1QE.
GDPR – General Data Protection Regulation from 25th May 2018. We are registered with the Information Commissioner’s Office – our Registration reference is ZA221872.
What personal data do we collect?
In general, you can visit our website without telling us who you are and without revealing any information about yourself. If, however, you use our site you will need to register and you will be asked to provide certain information such as your name, email address, home address, age range, mobile/landline telephone number, your credit, or debit card or other payment information and information you provide when you contact our customer services or when you engage with our social media platform. We will store this data and hold it on computer or otherwise.
We may use information that you provide to register you with our website and to administer it. If you do not want us to use data in this way, please do not provide us with any personally identifiable information. However, if you do not wish to provide personally identifiable information you will not be able to make purchases from our website.
How do we use your personal data and what are our legal justifications for doing so?
1. To make our products and services available to you. We use your personal data to provide you with the information you request and products that you purchase from us (i.e. to complete certain tasks, processes or orders on our website) and to take payment online and deliver your products and to communicate with you regarding those products that you purchase from us and respond to your questions and comments.
We rely on our contractual arrangements with you as the legal basis on which we collect and process your personal data when you place an order for products. This includes the use of our third party shipping account and PayPal our payment processor.
2. For administrative and internal business purposes. Alternatively, in some cases, we rely on our legitimate interests as a business (for example, to measure customer satisfaction and resolve customer issues) and we may use your personal data for our internal business purposes, such as enhancing our website, improving services and products and identifying buying trends. We may also use your data to monitor the use of our website and ensure that our website is presented in the most effective and relevant manner for users and their devices.
It is in our legitimate interests as a business to use your personal data in this way as we wish to ensure that our website is secure and user friendly. Where we rely on our legitimate business interests for the processing of data, we will always ensure that we balance these interests against your rights.
We may also use information that you provide for internal assessment and analysis, e.g. marketing, customer and product analysis, to enable us to review, develop and improve our services.
We will not pass your details on to third parties for marketing purposes.
We may be required to disclose your personal information to third parties in the following circumstances:-
- In the event that we sell or buy any business or assets, in which case we might disclose your personal data to the prospective buyer or seller.
- If we are under a legal duty to disclose or share your personal data in order to comply with or meet any legal obligation.
We do not, and will not knowingly collect information from any unsupervised person under the age of 18. If you are under the age of 18, you must not use this Website or submit any personal data to us unless you have the consent of, and are supervised by, a parent or guardian.
We collect your personal data when you;-
- purchase products from us online, or over the phone
- contact our Customer Service by email or over the phone.
- engage with us on social media (by mentioning/tagging us or by contacting us directly)
Some of our cookies are used to simply collect information about how visitors use our website and these types of cookies collect the information in an anonymous form.
To find out more about cookies, including seeing what cookies have been set and how to manage and delete them, visit www.allaboutcookies.org.
If you do not wish to accept cookies from our website, please leave this site immediately and then delete and block all cookies from this site.
We endeavour to take all reasonable steps to protect your personal information. However, we cannot guarantee the security of any data that you disclose online and we will not be responsible for any breach of security unless this is due to our negligence or wilful default.
We will never ask you to confirm any account or credit card details via email, text or telephone. If you receive an email claiming to be from firstname.lastname@example.org or any other email address containing the word “melya” asking you to do so, please ignore it and do not respond or open any attachments.
Payment information for customers buying on the website. When you enter sensitive information (such as debit or credit card numbers), the information is encrypted and protected with “extended SSL” – the best encryption software in the industry.
Your card details are only transported to a Bank to authorise your purchase. A https symbol will replace the http symbol at the start of the URL address which indicates it is a secure payment. While on a secure page, such as our order form, the lock icon on the bottom of web browsers such as Netscape Navigator and Microsoft Internet Explorer becomes locked, as opposed to unlocked, or open, when users are just ‘surfing’.
We use PayPal* an external payment processor to process your credit card details, utilising extended SSL encryption. You do not need to have a PayPal account in order to pay for goods from the website.
The payment processor guarantees that they will never:-
- pass your financial details to a third party.
- pass your personal data to a third party.
- sell your details to a mailing list.
* Further information about PayPal at – https://www.paypal.com/uk/account/signup
What types of security procedures are in place to protect the loss, misuse or alteration of information?
All customer information is restricted in our offices, only staff who need the information to perform a specific job are granted access to personally identifiable information. The servers that store personally identifiable information are in a secure environment.
How can users inform of us changes in their personally identifiable information:
If a customer’s personally identifiable information changes (such as telephone number or email or postal address), we provide a way to correct, update or delete customers’ personally identifiable information. This can be done by logging onto your account or contacting us directly – as noted below.
Data sharing – Your rights;-
You are entitled to:
- have your data processed in a fair, lawful and transparent way.
- access personal data we hold about you upon receipt of a written request.
- require us to correct any mistakes in your personal data upon receipt of a written request.
- require us to delete personal data concerning you in certain situations where there is no good reason for us to continue to process it upon receipt of a written request.
- request that we transfer your personal data to you or another service provider in a simple, structured format.
- object at any time to the processing of your personal data for direct marketing purposes (such as our Newsletter).
- object to automated decision making which produces legal effects concerning you or similarly significantly affects you.
- object in certain other situations to our continued processing of your personal data; and-
- otherwise restrict or temporarily stop our processing of your personal data in certain circumstances.
We do not use “pre ticked consent boxes”. Our Policy is to allow our Customers to “opt in” rather than “opt out” of receiving our marketing information .
If you have opted in to receiving information from us by e-mail, text, telephone, or post you may “opt out” by clicking the unsubscribe link in the footer of any email you receive from us, or e-mailing us at email@example.com entering “OPT OUT” into the subject box and clearly specifying which of these modes of communication you wish to opt out of.
Enquiries relating to your personal data – “Subject Access Requests” should be sent from the email address you provided to: firstname.lastname@example.org entering “Subject Access Request” into the subject box of your email and detailing which of your rights you wish to exercise. We must respond to your request within one month.
You can read more about your rights, including the circumstances in which they apply, in the Guidance from the UK Information Commissioner’s Office (ICO) https://ico.org.uk/for-the-public. You also have the right to complain about our use of personal data to the ICO. You can do this by contacting the ICO via their website https://ico.org.uk/concerns or by calling 0303 123 1113.
Privacy Statement updated 5th March 2019