Should we update, amend or make any changes to this document, those changes will be prominently posted here.
What type of information we have?
Bobbi | London™ currently collects and processes the following information that is necessary but is not limited to:
Personal identifiers, contacts and characteristics.
First and last name.
Birthday (if provided)
Payment processing information.
Personal image (if uploaded by you).
How we get the information and why we have it?
Most of the personal information Bobbi | London™ processes is provided to us directly by you for the following reasons:
For you to access and use our website(s).
Purchase our products.
Register for an account with us.
Under the General Data Protection Regulation (GDPR), the lawful bases Bobbi | London™ rely on for processing this information are:
Your consent. You can remove your consent at any time. You can do this by contacting us via email on firstname.lastname@example.org
We have a contractual obligation.
We have a legal obligation.
What we do with the information we have?
Bobbi | London™ use the information that you have given us to provide you with the requested products and services. This includes:
Maintain our records and databases.
We may use the information to improve our services.
We may periodically send promotional emails about new products, special offers or other news and events.
The use of information for completing transactions or communicating back to you. Credit card numbers are used only for payment processing and are not used for any other purpose.
Bobbi | London® will not share this information with anyone else or provide third-party access to our databases.
We will not release your personal information to authorities unless required by law, search warrant, court order, subpoena, or fraud investigation.
How we store your information
Our company is hosted on the Wix.com platform. Our hosting vendors provide us with the online platform that allows us to sell our products and services to you. Your data may be stored through the Wix.com data storage, databases and their general applications. They store your data on secure servers behind a firewall.
All direct payment gateways used by our company adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
Any other information is securely stored on our secure Azure cloud servers.
We keep personal information for two years. We will then dispose your information.
Your GDPR data protection rights
Under data protection law, you have rights including:
Your right of access - You have the right to ask us for copies of your personal information.
Your right to rectification - You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
Your right to erasure - You have the right to ask us to erase your personal information in certain circumstances.
Your right to restriction of processing - You have the right to ask us to restrict the processing of your information in certain circumstances.
Your right to object to processing - You have the the right to object to the processing of your personal data in certain circumstances.
Your right to data portability - You have the right to ask that we transfer the information you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.
Please contact us at email@example.com if you wish to make a request.
CCPA Privacy Rights
Under the CCPA, among other rights, California (USA) consumers have the right to:
Request that a business that collects a consumer's personal data disclose the categories and specific pieces of personal data that a business has collected about consumers.
Request that a business delete any personal data about the consumer that a business has collected.
Request that a business that sells a consumer's personal data, not sell the consumer's personal data.
If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us at firstname.lastname@example.org.
How to complain to the ICO
You can also complain to the ICO if you are unhappy with how we have used your data.
Information Commissioner’s Office
Helpline +44 (0)303 123 1113