Privacy Policy

PRIVACY POLICY

Lipglossium Limited, a private limited company having its company number 15137604 and registered address at 483 Green Lanes, London N13 4BS (hereinafter also referred to as “Company”, “Lipglossium”, “we”, “our” or “us”) operates www.lipglossium.co.uk (“Website”) and offers a wide range of cosmetics products to their customers (“services”).

Our Privacy Policy (“Policy”) governs your visit to our website and explains how we collect, safeguard, and disclose information that results from your use of our service. We take your privacy very seriously. In this policy, we seek to explain to you in the clearest way possible what information we collect, how we use it and what rights you have in relation to it. We hope you take some time to read through it carefully, as it is important. If there are any terms in this policy that you do not agree with, please discontinue the use of our services immediately.

We use your data to provide and improve service. By using the service, you agree to the collection and use of information in accordance with this policy. Unless otherwise defined in this policy, the terms used in this policy have the same meanings as in our Terms and Conditions. Our Terms and Conditions govern all use of our service and together with the policy constitute your agreement with us.

If this policy is modified in any way, it will be updated here. Regularly checking and reviewing this page ensures that you are updated on the information which may be collected, used (and under what circumstances), and if it may be shared with other parties (if at all). If we believe that the modifications are material, we will notify you of the changes by posting a notice on the website or emailing you at the email address provided to us by you, and as we may deem appropriate. What constitutes a material change will be determined by us, at our sole and absolute discretion. In this Policy "you", "your" or “Users” refers to the users of the website.

WHAT INFORMATION DO WE COLLECT?

Personal Information you disclose to us.

We may collect personal information that you voluntarily provide to us when you register to our website, express an interest in obtaining information about us or our products and services or otherwise when you contact us.

The personal information that we may collect depends on the context of your interactions with us and the Website, the choices you make and the services and features you use. The personal information we collect may include the following:

Personal Information provided by you.

We collect names; email addresses; date of birth [to take benefit from eligible birthday offers]; phone numbers; photos/images; bank details if they place an order via our website and other similar information.
We may collect specific health data if the customer notifies us of any undesirable side effects concerning any of our products.
We may also collect additional information about our customers to provide relevant and effective services. All personal information that you provide to us must be true, complete, and accurate, and you must notify us of any changes to such personal information.

All personal information that you provide to us must be true, complete, and accurate, and you must notify us of any changes to such personal information.

Other Information provided by you.

We collect shipping address; billing address; order details and other similar information.

Information automatically collected.

When you access our websites, we, our service providers, and our partners may automatically collect information about you, your computer or mobile device, and your activity on our websites. Typically, this information includes your computer or mobile device operating system type and version number, manufacturer and model, device identifier, browser type, screen resolution, IP address, the website you visited before browsing our website, general location information such as city, state or geographic area; and information about your use of and actions on or in our websites, such as pages or screens you accessed, how long you spent on a page or screen, navigation paths between pages or screens, information about your activity on a page or screen, access times, and length of access.

Our service providers and business partners may collect this type of information over time and across third-party websites. This information is collected via various mechanisms, such as web beacons, embedded scripts, and similar technologies. This type of information may also be collected when you read our HTML-enabled emails.

The information we collect includes:

  1. Log and Usage Data - Log and usage data is service-related, diagnostic usage and performance information our servers automatically collect when you access or use our website and which we record in log files. Depending on how you interact with us, this log data may include your IP address, device information, browser type and settings and information about your activity on the Website.
  2. Device Data - We collect device data such as information about your computer, phone, tablet, or other devices you use to access the Website. Depending on the device used, this device data may include information such as your IP address, device application identification numbers, location, browser type, hardware model Internet service provider and/or mobile carrier, and operating system configuration information.
  3. Location Data - We collect information data such as information about your device's location, which can be either precise or imprecise. How much information we collect depends on the type of settings of the device you use to access the Website. For example, we may use GPS and other technologies to collect geolocation data that tells us your current location. You can opt out of allowing us to collect this information either by refusing access to the information or by disabling your Locations settings on your device.

HOW DO WE USE YOUR INFORMATION?                                      

We use personal information collected via our website for a variety of business purposes described below. We process your personal information for these purposes in reliance on our legitimate business interests, to enter or perform a contract with you, with your consent, and/or for compliance with our legal obligations. We indicate the specific processing grounds we rely on next to each purpose listed below.

We use the information we collect or receive:

  1. To create an account. We use your personal data to create and manage your customer account, allowing you to access and utilise our services.
  2. To provide our services to you. We offer products for sale, shipping, and fulfilment of your order, and we keep you up to date on new products, services, and offers.
  3. To send administrative information to you. We may use your personal information to send you product, service, and new feature information and/or information about changes to our terms, conditions, and policies.
  4. To protect our services. We may use your information as part of our efforts to keep our website safe and secure (for example, for fraud monitoring and prevention).
  5. To enforce our terms, conditions, and policies for business purposes, to comply with legal and regulatory requirements or in connection with our contract.
  6. To respond to legal requests and prevent harm. If we receive a witness summons or other legal request, we may need to inspect the data we hold to determine how to respond.
  7. Fulfill and manage your orders. We may use your information to fulfill and manage your orders, payments etc. made through the Website.
  8. To deliver and facilitate the delivery of services to the user. We may use your information to provide you with the requested service.
  9. To respond to user inquiries/offer support to users. We may use your information to respond to your inquiries and solve any potential issues you might have with the use of our services.
  10. To participate in Events. We may use your information if you take part in our organised events, and we may collect relevant personal data.
  11. To enter Sweepstakes, Contests, Competitions, or Promotions. We may use your information participation in such activities involves the collection and processing of personal data.
  12. To leave reviews on our website. We may use your information when you leave reviews to contribute to the improvement of our products and services.
  13. To use digital experiences. If you choose to use digital experiences like the Virtual Beauty Technology (Virtual Try-On tool), we may collect data related to your usage.
  14. To answer surveys or satisfaction questionnaires. Your feedback helps us enhance our products and services.
  15. To send you marketing and promotional communications. We and/or our third-party marketing partners may use the personal information you send to us for our marketing purposes if this is in accordance with your marketing preferences.

WILL YOUR INFORMATION BE SHARED WITH ANYONE?

We may process or share the data that we hold based on the following legal basis:

  1. Consent: We may process your data if you have given us specific consent to use your personal information for a specific purpose.
  2. Legitimate Interests: We may process your data when it is reasonably necessary to achieve our legitimate business interests.
  3. Performance of a Contract: Where we have entered a contract with you, we may process your personal information to fulfil the terms of our contract.
  4. Legal Obligations: We may disclose your information where we are legally required to do so to comply with applicable law, governmental requests, a judicial proceeding, court order, or legal processes, such as in response to a court order or a witness summons (including in response to public authorities to meet national security or law enforcement requirements).
  5. Vital Interests: We may disclose your information where we believe it is necessary to investigate, prevent, or act regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person and illegal activities, or as evidence in litigation in which we are involved.

WHAT IS OUR STANCE ON THIRD-PARTY WEBSITES?

The Website may contain third party’s links which may link to other websites. We cannot guarantee the safety and privacy of the data you provide to any third parties. Any data collected by third parties is not covered by this Policy. We are not responsible for the content or privacy and security practices and policies of any third parties, including other websites, services or applications that may be linked to or from the Website. We strongly advise you to review the Privacy Policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services.

WE HEREBY DISCLAIM LIABILITY FOR, ANY INFORMATION, MATERIALS, PRODUCTS, OR SERVICES POSTED OR OFFERED AT ANY OF THE THIRD-PARTY SITES LINKED TO THIS WEBSITE. BY CREATING A LINK TO A THIRD-PARTY WEBSITE, WE DO NOT ENDORSE OR RECOMMEND ANY PRODUCTS OR SERVICES OFFERED OR INFORMATION CONTAINED ON THAT WEBSITE, NOR ARE WE LIABLE FOR ANY FAILURE OF PRODUCTS OR SERVICES OFFERED OR ADVERTISED AT THOSE SITES. SUCH A THIRD-PARTY MAY HAVE A PRIVACY POLICY DIFFERENT FROM THAT OF OURS AND THE THIRD-PARTY WEBSITE MAY PROVIDE LESS SECURITY THAN THIS SITE.

HOW LONG DO WE KEEP YOUR INFORMATION?

We will only keep your personal information for as long as it is necessary for the purposes set out in this Policy unless a longer retention period is required or permitted by law. No purpose in this Policy will require us to keep your personal information for longer than the period in which users have an account with us.

When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymise such information, or, if this is not possible, then we will securely store your personal information and isolate it from any further processing until deletion is possible.

HOW DO WE KEEP YOUR INFORMATION SAFE?

We have implemented appropriate technical and organisational security measures designed to protect the security of any personal information we process. However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorised third parties will not be able to defeat our security, and improperly collect, access, steal, or modify your information. Although we will do our best to protect your personal information, the transmission of personal information to and from our website is at your own risk. You should only access the Website within a secure environment.

YOUR DATA PROTECTION RIGHTS UNDER THE GENERAL DATA PROTECTION REGULATION 2018 (GDPR) AND THE UK DATA PROTECTION ACT 1998 (DPA).

If you are a resident of the United Kingdom (UK), European Union (EU) and European Economic Area (EEA), you have certain data protection rights, covered by GDPR and DPA. We aim to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data. If you wish to be informed of what Personal Data, we hold about you and if you want it to be removed from our systems, please contact us.

Under certain circumstances, individuals in Europe have rights under data protection laws in relation to their personal data. If you are in Europe, you may ask us to take the following actions regarding personal data that we hold:

  1. Access. You are entitled to ask us if we are processing your personal data and, if so, for a copy of the personal data we hold about you, as well as obtain certain other information about our processing activities
  2. Correction. If any personal data we hold about you is incomplete or inaccurate, you can require us to correct it, though we may need to verify the accuracy of the new data you provide to us.
  3. Erasure. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law.
  4. Object. Where our reason for processing your personal data is a legitimate interest you may object to the processing as you feel it impacts your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes.
  5. Restriction. You may ask us to suspend our use of your personal data in the following scenarios: if you want us to establish the data's accuracy; where our use of your personal data is unlawful but you do not want us to erase it; where you need us to hold your data for a longer period than we usually would, because you need it to establish, exercise or defend legal claims; or you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
  6. Transfer. Where it is possible, we will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to personal data provided by you which you initially provided consent for us to use or where we used the information to perform a contract with you.
  7. Withdraw consent. Where our reason for processing is based on your consent, you may withdraw that consent at any time. If you withdraw your consent, we may not be able to provide certain services to you. We will advise you if this is the case at the time you withdraw your consent.
  8. Automated decision making. You have the right not to be subject to automated decision-making (e.g., profiling) that significantly affects you. The exercise of this right is not available to you in the following cases:
    1. The automated decision is required to enter, or perform, a contract with you.
    2. We have your explicit consent to make such a decision.
    3. The automated decision is authorised by the local law of an EU member state.

However, in the first two cases set out above, you still have the right to obtain human intervention in respect of the decision, to express your point of view and to contest the decision.

There may be legal or other reasons why we cannot, or are not obliged to, fulfil a request to exercise your rights. We will use available lawful exemptions to your individual rights to the extent appropriate. If we decline your request, we will tell you why, subject to legal restrictions.

You will not have to pay a fee to exercise any of your rights relating to your personal data. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

Please note that we may ask you to verify your identity before responding to such requests. Please note, that we may not be able to provide service without some necessary data.

You also have the right to file a complaint with the supervisory authority in the EEA, and in the UK you can file a complaint with the Information Commissioner’s Office.

CONTROLS FOR DO-NOT-TRACK FEATURES

Most web browsers and some mobile operating systems include a Do-Not-Track (“DNT”) feature or setting you can activate to signal your privacy preference and not to have data about your online browsing activities monitored and collected. At this stage, no uniform technology standard for recognising and implementing DNT signals has been finalised. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this privacy notice.

WHAT INFORMATION DO THE SERVICE PROVIDERS HAVE ACCESS TO?

Lipglossium may use third-party companies and individuals to facilitate our service ("service Providers"), to provide the service on our behalf, to perform service-related services or to assist us in analysing how our service is used.

These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

GOOGLE ADWORDS

Google AdWords remarketing service is provided by Google Inc. You can opt-out of Google Analytics for Display Advertising and customise the Google Display Network ads by visiting the Google Ads Settings page: My Ad Centre

Google also recommends installing the Google Analytics Opt-out Browser Add-on - https://tools.google.com/dlpage/gaoptout - for your web browser. Google Analytics Opt-out Browser Add-on provides visitors with the ability to prevent their data from being collected and used by Google Analytics.

For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy?hl=en

FACEBOOK ADS

Facebook Ads is an advertising service provided by Facebook. When using our service, certain data may be collected and used for advertising purposes on the Facebook platform. You can manage your Facebook ad preferences and opt-out of certain personalised advertising by adjusting your settings on the Facebook platform.

Facebook Data Policy: https://service.facebook.com/about/privacy/

INSTAGRAM ADS

Instagram Ads is an advertising service provided by Instagram, a subsidiary of Facebook. When using our service, certain data may be collected and used for advertising purposes on the Instagram platform. You can manage your Instagram ad preferences and opt-out of certain personalised advertising by adjusting your settings on the Instagram platform.

Instagram Data Policy: https://help.instagram.com/519522125107875

TIKTOK ADS

TikTok Ads is an advertising service provided by TikTok. When using our service, certain data may be collected and used for advertising purposes on the TikTok platform. You can manage your TikTok ad preferences and opt-out of certain personalised advertising by adjusting your settings on the TikTok platform.

TikTok Privacy Policy: https://service.tiktok.com/legal/privacy-policy

HOW WE PROTECT THE CHILDREN’S PRIVACY?

We do not knowingly collect personally identifiable information from children under 18 without the consent of the legal guardian. If you become aware that a Child has provided us with Personal Data without the parent's consent, please contact us. If we become aware that we have collected Personal Data from Children, we take steps to remove that information from our servers.

WHICH PAYMENT PROCESSOR DO WE USE?

​​​​We provide paid products and services within the service. We don’t store or collect your payment details. We use Stripe for payment processing. Their Privacy Policy can be viewed at https://stripe.com/in/privacy. In that case, the information is provided directly to our third-party payment processors whose use of your personal information is governed by their Privacy Policy. These payment processors adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of payment information.

DO WE MAKE UPDATES TO THIS NOTICE?

We may update this privacy notice from time to time. The updated version will be indicated by an updated “Last updated” date and the updated version will be effective as soon as it is accessible. If we make material changes to this privacy notice, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this privacy notice frequently to be informed of how we are protecting your information.

HOW TO CONTACT US?

After reviewing this policy, if you have any additional questions, concerning this Privacy Policy, please contact us by sending an email to contact@lipglossium.co.uk or contacting us via our live chat.

Last Updated: 13th November 2024.

Effective Date: 13th November 2024.