privacy policy
Privacy Policy & GDPR Statement for Butterfly Beauty & Beyond
​​
This privacy statement sets out:
What information Butterfly Beauty & Beyond collects from you and why;
How Butterfly Beauty & Beyond uses and protects any information that you give; and
How you can access and manage your information.
​
Butterfly Beauty & Beyond is committed to ensuring that your privacy is protected. If we ask you to provide certain information by which you can be identified, you can be assured that it will only be used in accordance with this privacy statement.
​
Butterfly Beauty & Beyond may change this statement from time to time by updating this page.
We will make clear whenever any changes are made.
This statement is effective from 1st August 2020.
​
What we collect
​
We may collect the following information:
-
name;
-
contact information including email
-
demographic information such as preferences, health related information and interests
What we do with the information we gather
​
We require this information to understand your needs and provide you with a better service. In particular, we will use it and process it lawfully for the purposes of:
​
-
monitoring, recording and storing telephone or email communications for the purpose of internal training, to improve the quality of our customer service and in order to meet any legal and regulatory requirements;
-
improving our products and services;
-
customising our website according to your interests;
-
contact you by phone in relation to the above.
​
We will also use your information to manage our contractual relationship with you for:
​
-
internal record keeping and account management purposes (e.g. verifying your identity) and;
-
contacting you by email, phone or mail for the purpose of account administration and/or processing and fulfilling services.
If you contact us or we contact you, we may ask for certain information from you to confirm your identity, check our records and deal with your account efficiently and correctly.
​
Where we have asked for your consent to use your personal information for a particular purpose, this consent can be withdrawn by you at any time. Please see the section entitled ‘Controlling your personal information’ below.
​
Security
The security of your information is very important to us. As part of our commitment to keeping your data safe, our technical experts maintain physical, electronic and managerial procedures to keep safe the information we collect.
​
Only authorised employees and carefully checked agents, contractors and sub-contractors, who provide a particular data processing service for us, are permitted access to your data. These people will only be allowed access to your data for the purposes identified within this Privacy Policy, processing it on our behalf or for IT security and maintenance.
If a third party processing your data on our behalf is located in a non-EU country that does not have data protection laws equivalent to those in the EU, we will always take appropriate additional steps to ensure that your personal information is kept safe and secure by those processing your data on our behalf. This will generally involve ensuring that such third party agrees to sign up to a formal legal agreement committing such party to comply with standards equivalent to those that would apply where that party to be located within the EU.
​
How long we hold your information for
​
The time period for which we keep information varies according to what we use the information for. Unless there is a specific legal requirement for us to keep information, we will keep your information for as long as it is relevant and useful for the purpose for which it was collected.
​
If you contact us via the contact form on our website, we will only keep your email and enquiry for up to 1 year. Typically the query is dealt with much sooner than this.
​
Where we are using Google Analytics to track and report on our monthly campaigns, we will only hold this information for as long as Google will allow. Currently data is held by Google Analytics for 26 months. That said, certain user-key data is by default deleted by Google Analytics after 6 months of inactivity for a given user.
​
Third Parties that provide a particular data processing service for us, are permitted access to your data. These people will only be allowed access to your data for the purposes identified within this Privacy Policy, processing it on our behalf or for IT security and maintenance.
​
If a third party processing your data on our behalf is located in a non-EU country that does not have data protection laws equivalent to those in the EU, we will always take appropriate additional steps to ensure that your personal information is kept safe and secure by those processing your data on our behalf. This will generally involve ensuring that such third party agrees to sign up to a formal legal agreement committing such party to comply with standards equivalent to those that would apply where that party to be located within the EU.
​
Sometimes, you might wish to disclose sensitive information to us. We will only use sensitive data for the specific reason you disclosed it to us and we will take extra care to keep it secure. From time to time, we will check with you that we may continue to use that sensitive data for the specified purpose. We will re- check this consent on a periodic basis. In either case, you may withdraw your consent at any time.
​
Controlling your personal information
​
You may choose to restrict or control the collection or use of your personal information in the following circumstances:
​
When you are asked to fill in a form on the website or elsewhere (ensure that you do not tick any box which consents to our use of your personal information if you do not want us to use your personal information for those purposes);
If you have previously agreed to us using your personal information for specific purposes and wish to change your mind;
If you wish for your personal information to be erased from our systems;
If you wish for us to transfer your personal information to a third party (e.g. another service provider). In this case, we will provide you with certain personal information held by us for you to pass to that third party (or, in certain circumstances, we may be able to transfer that data to such third party directly if you wish for us to do so).
​
You have the right to:
Know that information is being processed;
Access information that is being processed;
Erasure of information held on you (commonly known as the right to be forgotten);
Restrict processing;
Be notified about what information has been rectified, erased and restricted;
Portability (that is, to request your data be handed over to someone else);
Object to the processing of your information.
​
If you want to remove a consent or request erasure or transfer of your personal information, you may do so at any time by us at butterflybeautypink@gmail.com.
​
We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so. Where we do seek your permission, we will name the relevant third party at the time we seek such permission from you and any such permission shall be limited to that third party.​
​
If you believe that any information, we are holding on you is incorrect or incomplete, please write or email us as soon as possible, using the details set out above. We will promptly correct any information found to be incorrect.
​
To protect your privacy and security, we will take reasonable steps to verify your identity before granting access or making corrections.
​
This policy replaces all previous versions and is correct as of 1st August 2020 We reserve the right to change the policy at any time.