Heidi Klein is committed to protecting and respecting your privacy.
Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
If you would prefer your personal data was not used in the manner described in this policy, you should not use our websites or services.
For the purpose of EU and UK data protection law, the data controller is Heidi Klein Limited registered at 8 Manchester Square, London, W1U 3PH
Information we may collect from you
We will collect and process the following data about you:
- Information you give to us. This is information about you that you provide to us when you use our websites or applications or correspond with us by phone, e-mail or otherwise. It includes information you provide when you register to use our websites or applications, subscribe to our services, purchase a product, sign-up to receive our newsletters and offers, search for a product, participate in discussion boards or other social media functions or enter a competition, promotion, survey, market research, or any information you add to your online account (if you have one) as part of your ongoing use of the services. The information you give to us may include your name, address, e-mail address, phone number, financial and credit card information, log-in details (if any), marketing preferences, and in some cases a personal description and photograph. If you contact us with a complaint or query, we may keep a record of your contact details and the correspondence between us and your levels of satisfaction. When we collect personal data from you we will indicate whether any personal data we have requested from you is mandatory or optional and explain the consequences if you decide not to provide that information. In some cases, not providing the information may mean we are unable to provide you with a product or service you have requested.
- Information we collect about you. When you visit our websites or applications or use our services, we will automatically collect the following information:
- information about your visit and use of our services, including the full Uniform Resource Locators (URL), clickstream to, through and from our site (including date and time), products you viewed or searched for’ page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page and any phone number used to call our customer service number.
- Information we receive from other sources. This is information which we receive about you if you use any of our other websites, applications or services, login through a third-party channel such as Facebook or Google or allow us to connect to third party devices or applications. We also receive information about you from other sources to enable us to provide you with a better user experience. For example, we work closely with third parties including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, customer management platforms, search information providers. We may also collect information about you from credit reference agencies where we have informed you this will take place.
What do we do with the information?
We use information held about you in the following ways:
Information you give to us. We (and our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006) will use this information:
- to carry out our obligations arising from any online or offline contracts entered into between you and us and to provide you with the information, products and services that you request from us;
- with your consent or as otherwise permitted by applicable law, to provide you with information about other goods and services we offer that are similar or complimentary to those that you have already purchased or enquired about;
- with your consent or as otherwise permitted by applicable law, to provide you, or permit selected third parties to provide you, with information about goods or services we feel may interest you. Where we contact you by electronic means for marketing purposes, we will only do so if you have consented to this. If you do not want us to use your data in this way, or to pass your details on to third parties for marketing purposes, please tick the relevant box situated on the form on which we collect your data (the registration form). You can also amend your preferences at any time. Please see the section ‘Marketing’ below;
- where you have provided your details to enable you to enter into one of our competitions, we will use the personal data you provide to process your entry into the competition and to communicate with you about this;
- to handle any customer service requests or other queries you communicate to us;
- to notify you about changes to our products or services;
to ensure that content is presented in the most effective manner for you and for your computer or mobile.
Information we collect about you. We will use this information:
- to provide the information, products and services that you request from us;
- to administer our websites or applications and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- to enable you to have a single customer account and identity with us;
- to ensure that content is presented in the most effective manner for you and for your computer;
- to allow you to participate in interactive features of our services, when you choose to do so;
- as part of our efforts to keep our websites and applications safe and secure;
- to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you;
- to make suggestions and recommendations to you and other users about goods or services that may interest you or them; and
- to allow us to receive feedback and conduct reviews of our products and services.
Information we receive from other sources. We may combine this information with information you give to us and information we collect about you. We will use this information and the combined information for the purposes set out above (depending on the types of information we receive).
Technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, information about the device you use the application on, including the device’s unique identifiers and mobile network information, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform.
Cookies are widely used in order to make websites work, or work more efficiently, and to provide information to the owners of the site.
You can block cookies by activating the browser setting that allows you to refuse the setting of all or some cookies. However, if you use your browser to block all cookies (including essential cookies) you may not be able to access all or parts of the website. Our system will issue cookies as soon you visit the website unless you have adjusted your browser setting to disable them.
This website uses Google Analytics, a web analytics service provided by Google, Inc. ("Google"). Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyse how visitors use the site.
Where do we store your personal data?
Whenever we transfer your information as described in the paragraph above, we will take steps which are reasonably necessary to ensure that adequate safeguards are in place to protect your personal data and to make sure it is treated securely and in accordance with this Privacy Notice. In these cases, we rely on approved data transfer mechanisms (such as the EU “Standard Contractual Clauses”) to ensure your information is subject to adequate safeguards in the recipient country. If you are located in the EEA, you may contact us for a copy of the safeguards which we have put in place to protect your personal data and privacy rights in these circumstances.
All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted using SSL technology. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our websites or applications, you are responsible for keeping this password confidential. We must not share your password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
We may collect and store personal data on your device using application data caches and browser web storage (including HTML 5) and other technology.
Legal basis for processing your information
We will only process your personal data where we have a legal basis to do so. The legal basis will vary depending on the purposes for which we have collected and use your personal data. In almost all cases, the legal basis will be one of the following:
- Consent: For example, where you have provided your consent to receive certain marketing from us. You can withdraw your consent at any time, including by clicking on the “unsubscribe” link at the bottom of any marketing email we send you. Please see the section, ‘Marketing’ below.
- Our legitimate business interests: Where it is necessary for us to understand our customers, promote our services and products and operate effectively as a business, provided in each case that this is done in a legitimate way which does not unduly affect your privacy and other rights. For example, we will rely on this legal basis when we conduct certain market analysis to understand our customers in sufficient detail so we can raise the profile of our products and services and create new ones.
- Performance of a contract with you: For example, where you have purchased one of our products or our services and we need to use your contact details and payment information in order to process your order and deliver the products or services to you.
- Compliance with law: Where we are subject to a legal obligation and need to use your personal data in order to comply with that obligation.
Disclosure of your information
We may disclose your personal data to the following third parties, for the purposes set out below:
- Any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006, where these companies assist us in providing the services, administering our group operations or performing any of the tasks set out below;
- Our partners and licensees who manage Heidi Klein for us in certain territories so that they may provide you with relevant Heidi Klein content and marketing in your local area;
- analytics and search engine providers that assist us in the improvement and optimisation of our websites and applications;
- third party customer management companies to enable you to have a unique customer identity with us which should enable you to access all our websites, applications and services with one single account and login details;
- credit reference agencies for the purpose of assessing your credit score where this is a condition of us entering into a contract with you and
- our third-party suppliers and professional advisors, who may need access to your personal data in order to provide services to us.
We may also disclose your personal data to third parties in the following circumstances:
- In the event that we sell or buy any business or assets, in which case we will disclose your personal data to the prospective seller or buyer of such business or assets.
- If Heidi Klein is acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
Data protection law gives you certain rights in relation to your personal data. These include: the right to access information held about you, the right to object to it being used for certain purposes (for example marketing, as explained above), and the right to have personal data deleted, restricted and in certain cases to receive a machine-readable copy of your personal data.
If you would like to exercise your right of access, to the extent you cannot access your information by logging into your online account, please submit your request at the address below, or using the details on the ‘Contact Us’ page online. If permitted by applicable law, any access request may be subject to a fee to meet our costs in providing you with details of the information we hold about you. For information about how to request the deletion of your personal data, see the section on ‘Deletion’ above.
We will handle any request to exercise your rights in accordance with applicable law and any relevant legal exemptions. If you wish to exercise any of these rights please conduct us using the contact details below.
You may also have the right to complain to a data protection authority if you think we have processed your personal data in a manner which is unlawful or breaches your rights. If you have such concerns we request that you initially contact us (using the contact details below) so that we can investigate, and hopefully resolve, your concerns.
Retention of your information
We take steps to ensure that the personal data that you provide is retained for only as long as it is necessary for the purpose for which it was collected. After this period, it will be deleted or in some cases anonymised.
Where we have collected the personal data based on your consent and we have no other lawful basis to continue with that processing, if you subsequently withdraw your consent then we will delete your personal data.
Marketing and how to unsusbcribe
You have the right to ask us not to process your personal data for marketing purposes. We will inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data. You can also exercise the right at any time by contacting us at Heidi Klein, Customer Services, Lakeside, Squires Lane, London, N3 2QL
You can unsubscribe from our marketing emails at any time by clicking on the Unsubscribe link at the bottom of the email you’ve received. Should you experience any problems please call our Customer Services Team who will assist you with unsubscribing from our database.
If you have asked us to stop sending emails and this hasn’t happened, it may be because the email address to which we are sending information is not the same as the address you sent your request from. Please check the address we are using and include this information in your request. The easiest way to do this is to return to us the whole of the unwanted email. The address we are sending to is included within the message.
Access to information
The Act gives you the right to access information held about you. Your right of access can be exercised in accordance with the Act. Any access request may be subject to a £10 fee to meet our costs in providing you with this information.
Third party sites
Our websites and applications may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link, please note that those websites and applications will have their own privacy policies and we do not accept any responsibility or liability for them. Please check their policies before you submit any personal data.
Deleting your account
You can close your account with us at any time by contacting our customer service team at the address above. If you choose to close your account, please note that you will no longer be able to access your account. We will delete the personal data associated with your account within a reasonable period, other than personal data which we have a need to retain for our internal business records (for example, data related to purchasing history).