This Privacy Notice sets out the basis on which we will process the personally identifying information (personal data) that we collect and receive from and about users of www.fancydress.com and/or those subscribers to our newsletters.
- We will only collect, keep, use and share Personal Data for legitimate business purposes that we explain here below, or if we are legally required to do so.
- We will be as clear and open as we can with you regarding what Personal Data we collect and how it will be processed.
- For as long as we maintain records of your Personal Data, we will keep it up to date and protect it with appropriate safety measures.
We collect the following personal data from you as our customer:
- Personal Data collected directly from you through the check-out process: your name, postal address, phone number, email address, gender and age. Our legal basis for the collection and process of this data is the provision to you of the services purchased by you. It is also our legitimate interest in providing social media and marketing content that is of interest to our followers of social media.
- Personal Data collected automatically from the use by you of www.fancydress.com. The data transmitted from your browser includes your IP address, the date and time of the visit the pages accessed, the access/status/HTTP status code, your browser, your operating system and interface, as well as the language and version of the browser software. The legal basis for collecting and processing this personal data is to be able to operate the site and provide you with access to the pages you wish to access.
Uses of your Personal Data
We use your personal data:
- For administration of your order (purchase confirmation etc)
- To contact you with marketing messages which you have requested or agreed to receive from us, for example via a branded newsletter.
- To contact you with surveys and feedback requests.
- To analyse the purchase history of our customers and the way our customers use our website.
- To provide you with bespoke website content (for example by analysing our site visitors age ranges)
- To gain insight into your behaviour and preferences (for example by analysing the website pages you visit)
- To re-target our website visitors with relevant marketing messages (for example by using cookies hosted on our Sites).
- To collect site statistics.
- To provide bespoke social media content (for example by analysing your general interests)
- To create targeted advertising across all our social media channels (for example by analysing responses to posts and existing advertisements).
- To find our more about our digital community (for example by analysing the age ranges of our followers)
Google Analytics, a web analytics service provided by Google, Inc. also places cookies on your computer, to enable Google to provide us with activity reports relating to the website. Google uses this data only to provide us with information on how users use the website and does not associate your IP address with any other data held by Google. The information generated by Google cookies about your use of the platform (including your IP address) will be transmitted to and stored by Google on servers in the United States. You may refuse these cookies by selecting the appropriate settings on your browser or by downloading and installing a browser plug-in.
We will not sell your information. We will not share your information with any third party except as stated in this Privacy Notice or as required to Operate the website, provide our services to you and administer your account.
We will share your Personal Data with social media sites to enable them to provide marketing messages that you have agreed to receive from them. The social media sites we share your Personal Data with as at the date of this Privacy Notice and their respective privacy statements are:
1. facebook https://www.facebook.com/privacy/explanation
2. Coschedule - https://coschedule.com/terms
4. Twitter https://twitter.com/en/privacy
5. Pinterest https://policy.pinterest.com/en-gb/privacy-policy
6. Google+ - https://policies.google.com/privacy
7. Reddit - https://www.reddit.com/help/privacypolicy/
We use third party processors to collect, export, process and store Personal Data on our behalf. The processors we currently use are the following:
- Constant Contact - http://www.constantcontact.com/privacy_guarantee.jsp
- Mercanto Limited - https://mercanto.app/privacy/
- TrustPilot - https://uk.legal.trustpilot.com/end-user-privacy-terms
- WordPress - https://en-gb.wordpress.org/about/privacy/
- Microsoft Exchange - https://privacy.microsoft.com/en-gb/privacystatement
- Facebook (see complete list under social media section).
International Data Transfers
We use data processors located outside the EEA only after taking steps as required to ensure that Personal Data processed on our behalf receives protection equivalent to that provided in the EEA. Our processors are either certified as compliant with the EU, US Privacy Shield framework where they are located in the USA or have entered into an agreement with us containing the model clauses approved by the European Commission as providing contractual protection equivalent to that provided by the data protection regulations applicable in the EEA. To learn more about the Privacy Shield program, please visit www.privacyshield.gov .
We maintain technical and physical safeguards that are designed to protect the security and integrity of your Personal Data, and to guard it against accidental or unauthorised access, use, alteration or disclosure to third parties. These measures include device encryption, firewalls and virus checking procedures.
Where we keep personal data files on local devices these devices and protected and accessible only to our authorised employees.
We regularly review our security systems to ensure that your personal data remains safe and secure.
Duration of Storage
We will maintain records of your personal data for the statutory accounting period or as long as you remain:
- A registered subscriber to our mailing list
- A registered user of our website
Your rights in relation to Personal Data
You can unsubscribe from our marketing communications at any time by following the link in the footer of the last email you received from one of our brands (Unsubscribe) or by sending your request with detailed instructions for our Customer Services team.
You have the right to update and correct the personal information on your account. You also have the right to request from us all personal information that we hold that relates to you, to request restriction of the processing of that data and to request that we delete that data. Where allowed by applicable law there may be an administrative charge for supply of copies of data and we may also require you to provide us with appropriate identification before we comply with this request. You also have the right to object to our continued processing of your personal data. You may also have the right to data portability. If you have a complaint about the way in which we use your personal information you have the right to complain to the Information Commissioner www.ico.gov.uk .
You can contact us with questions about the personal information we hold about you using the contact information provided in the contact section of this privacy notice.
Changes to our Privacy Notice
We will update this Privacy Notice from time to time to reflect changes in our business. All such changes will be posted to the website and if we consider it to be appropriate we will notify subscribers of any material changes by e-mail.
Morris Angel & Son Limited is the Data Controller in respect of any Personal Data that you submit to us or that we collect from or about you. We are a limited company registered at 119 Shaftesbury Avenue, London, WC2H 8AE.
If you would like to know what information we hold about you or if you have any other queries or complaints in relation to this Privacy Notice, or our website, our contact details for Customer Services are as follows: (+44) 020 8732 8854.