For users ordering products via the website at www.anastasiabeverlyhills.co.uk (the “Site”), The Hut.com Limited (“we” “us”), a limited company registered in England and Wales under company number 05016010, with registered office address and main trading address at 5th Floor, Voyager House, Chicago Avenue, Manchester Airport, M90 3DQ, is the data controller in relation to all personal information collected in relation to the sale of products via the Site.
What personal data do we collect about you?
We collect the following personal data from you when you provide it to us directly and through your use of the Site:
• Transaction and billing information relating to purchases from us or using the Site (e.g. your name, contact details, address, credit/debit card details and other delivery information).
What do we use this personal data for?
We use this personal data:
• To fulfil your order and maintain your online account.
• To manage and respond to any queries or complaints in relation to your order.
• For security purposes, to investigate fraud and where necessary to protect ourselves and third parties.
• To comply with our legal and regulatory obligations.
What is the legal basis for processing?
We rely on the following legal basis, under data protection law, to process your personal data:
- The processing is necessary to perform a contract with you, or take steps prior to entering into a contract with you (e.g. where you make a purchase with us, we use your personal data to process the payment and fulfil your order).
• Because we have obtained your consent (e.g. where you contact us with a query).
Who do we share this personal data with?
We share your personal data with third parties in the following circumstances:
• With other companies in our group of companies, as necessary to operate the Site.
• With our suppliers and service providers working for us, e.g. payment processors and delivery companies.
• With our professional and legal advisors.
• With third parties engaged in fraud prevention and detection.
• With law enforcement or other governmental authorities, e.g. to report a fraud or in response to a lawful request.
• Otherwise where we have your consent or are otherwise legally permitted to do so.
Storage and Retention
We use service providers based around the world. Consequently, your personal data may be processed in countries outside of Europe, including in countries where you may have fewer legal rights in respect of your data than you do under local law. If we transfer personal data outside the European Economic Area we will, as required by applicable law, ensure that your privacy rights are adequately protected by appropriate safeguards, in particular the EU’s standard contractual clauses. Please contact us if you would like more information about these safeguards.
We will keep your personal data for as long as we need it for the purposes set out above, and so this period will vary depending on your interactions with us. For example, where you have made a purchase with us, we will keep a record of your purchase for the period necessary for invoicing, tax and warranty purposes.
Where we no longer have a need to keep your information, we will delete it.
This Site ensures that data is encrypted when leaving the Site. This process involves the converting of information or data into a code to prevent unauthorised access. This Site follows this process and employs secure methods to ensure the protection of all credit and debit card transactions. Encryption methods such as SSL are utilised to protect customer data when in transit to and from this Site over a secure communications channel.
Whilst we do everything within our power to ensure that personal data is protected at all times, we cannot guarantee the security and integrity of the information that has been transmitted to the Site.
The Site is not intended for, and should not be used by, children under the age of 18. We do not knowingly collect personal data from children under 18.
You have certain rights in respect of your personal data, including the right to access and correct your personal data, and, in specific circumstances, to transfer your personal data to another entity in a commonly-used format.
You have the right to object to your personal data being used for certain purposes.
You also have the right to request erasure of your personal data, for example, where our purposes for processing your personal data have come to an end; where you object to our processing of your personal data based on legitimate interests and we have no overriding legitimate grounds to continue to process your personal data; and where our processing was based on your consent which you have withdrawn.
We will comply with any requests to exercise your rights in accordance with applicable law. Please be aware, however, that there are several limitations to these rights, and there may be circumstances where we are not able to comply with your request. To make any requests regarding your personal data, or if you have any questions or concerns regarding your personal data, you should contact us using the details below. You are also entitled to contact your local supervisory authority for data protection.
Telephone: 0161 8131481
Address: Customer Services, Meridian House, Gadbrook Park, Cheshire, CW9 7RA
Last updated 16.10.2022