PRIVACY POLICY
1. Data Controller
Spotlight Cosmetics is the data controller responsible for your personal data. If you have any questions about this Privacy Policy or how we handle your personal data, please contact us at:
Company Name: Spotlight Cosmetics
Address: Flight Forum 3516, 5657 DW, Eindhoven, Netherlands
Phone: +31 6 46 66 13 90
2. Personal Data We Collect
We may collect and process the following types of personal data about you:
• Identity Data: includes first name, last name, username, or similar identifier.
• Contact Data: includes billing address, delivery address, email address, and phone numbers.
• Technical Data: includes internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website.
• Profile Data: includes your username and password, purchases or orders made by you, your interests, preferences, feedback, and survey responses.
• Usage Data: includes information about how you use our website, products, and services.
• Marketing and Communications Data: includes your preferences in receiving marketing from us and your communication preferences.
3. How We Collect Your Data
We use different methods to collect data from and about you, including through:
• Direct interactions: You may provide data by filling in forms or by corresponding with us by post, phone, email, social media, or otherwise.
• Automated technologies or interactions: As you interact with our website, we may automatically collect Technical Data about your equipment, browsing actions, and patterns. We collect this personal data by using cookies, server logs, and other similar technologies.
• Third parties or publicly available sources: We may receive personal data about you from various third parties and public sources, such as analytics providers or payment processing companies.
4. How We Use Your Personal Data
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
• To process and deliver your order: including managing payments, fees, and charges, and to collect and recover money owed to us.
• To manage your account: including keeping records of your purchases, processing payments, and communicating with you about your account.
• To improve our website, products, and services: including to analyze how users interact with our site, to provide relevant content, and to improve customer experiences.
• For marketing purposes: We may send you information about products and services that may be of interest to you. You have the right to opt out of receiving marketing communications at any time.
• To comply with legal obligations: We may process your data to comply with applicable laws and regulations, or to respond to lawful requests from public authorities.
5. Legal Basis for Processing Personal Data
We will process your personal data based on the following legal grounds:
• Performance of a contract: Processing your data is necessary for the performance of a contract to which you are a party (e.g., to process and deliver your orders).
• Legitimate interests: Processing is necessary for our legitimate interests (e.g., to improve our services and website), provided that such interests are not overridden by your rights and interests.
• Compliance with legal obligations: Processing is necessary to comply with a legal obligation (e.g., record-keeping obligations).
• Consent: In certain cases, we will process your personal data based on your consent, such as when you agree to receive marketing communications.
6. How We Share Your Data
We may share your personal data with:
• Service providers: including IT and system administration services, payment processors, and delivery services.
• Professional advisers: including lawyers, bankers, auditors, and insurers.
• Third-party companies: where you have expressly consented to such sharing, or as required to fulfill the terms of a contract (e.g., sharing information with a payment processor).
• Government authorities: where required by law or to protect our legal rights.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law.
7. International Data Transfers
If we transfer your personal data outside the European Economic Area (EEA), we ensure a similar degree of protection is afforded to it by implementing appropriate safeguards, such as:
• Ensuring the country to which the data is transferred has been deemed to provide an adequate level of protection by the European Commission.
• Using specific contracts approved by the European Commission which give personal data the same protection it has in Europe.
8. Data Security
We have implemented appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way. These measures include encryption, secure servers, and regular security assessments.
9. Data Retention
We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. Typically, we retain data related to your purchases and transactions for a period of 5 years.
10. Your Rights
Under the GDPR, you have the following rights regarding your personal data:
• Right to access: You have the right to request access to your personal data.
• Right to rectification: You have the right to request that we correct any inaccuracies in your personal data.
• Right to erasure: You have the right to request the deletion of your personal data in certain circumstances.
• Right to restrict processing: You have the right to request that we limit the processing of your personal data.
• Right to data portability: You have the right to request that we transfer your personal data to another party.
• Right to object: You have the right to object to the processing of your personal data based on legitimate interests or direct marketing.
To exercise any of these rights, please contact us using the contact details provided above.
11. Cookies
Our website uses cookies to enhance your browsing experience and to collect information about how you use our site. You can set your browser to refuse all or some cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly.
12. Changes to This Policy
We may update this Privacy Policy from time to time in response to changing legal, technical, or business developments. The most current version of this policy will govern our use of your personal data and will always be available on our website. We encourage you to review this Privacy Policy regularly to stay informed about how we are protecting your data.
13. Contact Us
If you have any questions about this Privacy Policy or our data protection practices, please contact us at info [at] spotlight-cosmetics.com
This Privacy Policy is designed to comply with the EU General Data Protection Regulation (GDPR) and other applicable data protection laws. We are committed to ensuring that your personal data is handled securely and transparently.
Last Updated: 4 Dec 2024