Last date of modification: February 4th, 2022
This is the privacy notice of Sheabutterbaby (“Sheabutterbaby”, “us”, “we” and “our”). This document describes how your personal information is collected, used and shared when you visit or make a purchase from us.
Pursuant to the effect of Article 13 of the New European Regulation 2016/678 concerning the protection of individuals with regards to the processing of personal data (General Data Protection Regulation – GDPR). As required by the General Data Protection Regulation of the European Union (GDPR 2016/678, Article 13), before proceeding with processing, the interested party (user of the website www.sheabutterbaby.nl) is informed that personal data collected through the website are subject to processing by the company through IT and/or telematics tools, for the purposes indicated in this policy.
This notice is to inform you of the Data Controller, about all information that we record about the user. It sets out the conditions under which we may process any information that we collect, or that is provided to us. It covers information that could identify the user (“personal information”) or unidentifiable information. In the context of the law and this notice, “process” means collect, store, transfer, use or otherwise act on information.
1.1 We regret that if there is one or more points below with which you are not happy, your only recourse is to leave our website immediately.
1.2 The Data Controller takes seriously the protection of your privacy and confidentiality. We understand that all visitors to our website are entitled to know that their personal data will not be used for any purpose unintended by them, and will not accidentally fall into the hands of a third party.
1.3 The Data Controller undertakes to preserve the confidentiality of all information the user provides to us and hope to reciprocate.
1.4 The law requires us to tell you about your rights and our obligations to you in our regards to the processing and control of your personal data.
1.5 Except as set out below, we do not share, sell or disclose to a third party, any information collected through our website.
2. General information
2.1 By using our website, subscribing to the newsletter, submitting a complaint, withdrawing from the contract or simply contacting us, you provide us your personal data and we guarantee that your data will remain confidential, secure and will not be available to any third party without your permission.
2.2 We entrust the processing of personal data only to verified and trusted entities providing services related to the processing of personal data.
2.3 We use a Google Analytics tool that collects information about your website visits, such as the subpages that have been viewed, the time spent on the website and the transitions between individual subpages. For this purpose, cookies are used for the Google Analytics service. As part of the mechanism for managing cookie settings, you have the option of deciding whether we will be able to use marketing functions or not as part of the Google Analytics service.
2.4 We use our own cookies for the proper functioning of the website.
3. Legal Basis and purpose of processing
The personal data provided by the user when browsing our website are processed by us in accordance with the current regulations for the protection of personal data. The legal basis of the processing is identified in the provision of its services by the organisation, management and facilitation of our website, as well as in the establishment, execution and possible termination of online sales contract concluded between the parties, and in the obligations of the same contract connected either directly and/or indirectly deriving from it. The processing of your personal data by the Data Controller is aimed at pursuing the following purposes:
3.1 Subscription to our newsletter
In the case that you decide to subscribe to our newsletter, only after you express and specific consent, your personal data will be processed by the Data Controller for sending of commercial or promotional communications, relative updates. To unsubscribe from the newsletter simply click on the unsubscribe link at the bottom of the emails or by writing to firstname.lastname@example.org.
3.2 Online activities
The personal data you provide will be used for the establishment, management, execution and/or conclusion of the online contract.
4. How we use your personal data
4.1 We may process data about your use of our website and services (“usage data”). The usage data may include (your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views, website navigation paths, as well as information about timing, frequency and pattern of your service use). The source of the usage data is our analytics tracking system. This usage data may be processed for the purposes of analysing the use of the website and services. The legal basis for this processing is our legitimate interests, namely monitoring and improving our website and services.
4.2 We may process information contained in any enquiry you submit to us regarding goods and/or services (“enquiry data”). The enquiry data may be processed for the purposes of offering, marketing and selling relevant goods and/or services to you. The legal basis for this processing is the performance of a contract between you and us and/or taking steps, at your request to enter into such a contract.
4.3 We may process any of your personal data identified in this policy where necessary for the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure. The legal basis for this processing is our legitimate interests, namely the protection and assertion of our legal rights, your legal rights and the legal rights of others.
4.4 We may process any of your personal data identified in this policy where necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, or obtaining professional advice. The legal basis for this processing is our legitimate interests, namely the proper protection of our business against risks.
4.5 In addition to the specific purposes of which we may process your personal data set out in this section. We may also process any of your personal data where such processing is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.
4.6 Please do not supply any other person’s personal data to us, unless we prompt you to do so.
5. What kind of information do we collect?
We use your information in different ways – what we do depends on the information. We collect the following personal information from you; contact information – such as your name, email address, mailing address and phone number. Furthermore, we may collect information about your IP address.
6. Information relating to your method of payment
The Data Controller does not store information concerning your debit, credit card or any other means of payment that is first provided to us. The Data Controller stores payment information [at your request] in order to make repeat purchasing of goods and services easier next time you visit our website. In addition, we may store the information in order to help us prevent fraudulent transactions.
7. Email Policies
We are committed to keeping your e-mail address confidential. We do not sell, rent or lease our subscription lists to third parties and we will not provide your personal information to any third-party individual, government agency, or company at any time unless strictly compelled to do so by law. We will use your e-mail address solely to provide timely information about our good and/or services. We will maintain the information you send through e-mail in accordance with applicable federal law.
8. Does the Data Controller share your information with others?
We does not sell or rent our customer’s personal data to any other entity. We may share your data with affiliated companies including other companies within Sheabutterbaby, joint ventures, franchisees and licensees. We may from time to time contact you on behalf of external business partners about a particular offering that may be of interest to you. In those cases, your unique personal identifiable information (email, name, address, telephone number) is transferred to the third party. We may share data with trusted partners to help perform statistical analysis, send you email or postal mail; provide customer support or arrange for deliveries. All such third parties are prohibited from using your personal information except to provide these services to us, and they are required to maintain confidentiality of your information.
We will disclose your personal information, without notice, only if required to do so by law or in good faith that such action is necessary to: conform to the edicts of the law or comply with legal process served on Sheabutterbaby or the website, protect and defend the rights or property of Sheabutterbaby, act under exigent circumstances to protect the personal safety of users of Sheabutterbaby or the public.
9. Data under EU GDPR compliance
Here at Sheabutterbaby, we respect and value to the right to privacy. We also are consumers and know that it is our responsibility to build a company that protect consumer privacy. Our services are designed to protect privacy and personal data of consumers. We are considered a “data processor” under the guidelines of the GDPR. Our customers are primarily considered to be “data controllers”, and are responsible for meeting additional privacy or consent gathering requirements for their individual use case.
10. Is it mandatory to provide personal data?
When you create an account on the website or use our services of Sheabutterbaby, you agree to our terms and conditions, a contract is formed between you and us. In order to carry out our obligations under that contract we must process the information that is provided. Some of this information may be personal information. We may use it in order to; verify your identity for security purposes, provide our services, provide suggestions/advice on our services. We process this information on the basis that there is a contract between us, or that you have requested we use the information before we enter into a legal contract.
Additionally, we may aggregate this information in a general way and use it to provide class information, for example to monitor our performance with respect to a particular service we provide. If we use it for this purpose, you as an individual will not be personally identifiable. We shall continue to process this information until the contract between us ends or is terminated by either party under the terms of the contract.
When you purchase our products in our physical stores, you do not have to provide any personal data. Please note however, that if you chose to receive a digital receipt, it is mandatory that you provide your e-mail address or otherwise we will not be able to send you the digital receipt.
11. Personal identifiers from your browsing activity
Information about your computer hardware and software may be automatically collected by Sheabutterbaby. This information can include your IP address, browser type, domain names, access times and referring website addresses. This information is used for the operation of the service, to maintain quality of the service, and to provide general statistics regarding use of the Sheabutterbaby website.
Requests by your web browser to our servers for web pages and other consent on our website are recorded. We record information such as your geographical location, your Internet service provider and your IP address. We also record information about the software you are using to browse our website, such as the type of computer or device and the screen resolution. We use this information in aggregate to assess the popularity of the webpages on our website and how we perform in providing content to you. If combined, with other information, so we know about you from previous visits. The data could be used to identify you personally, even if you are not signed in to our website.
12. Information we process with your consent
Through certain actions when otherwise there is no contractual relationship between us, such as when you browse our website or ask us to provide you more information about our business, including our services, you provide consent to us to process information that may be personal information.
12.1 Wherever possible, we aim to obtain your explicit consent to process this information, for example, by asking you to agree to use our cookies.
12.2 Sometimes you might give your consent implicitly, such as when you send us a message by e-mail to which you would reasonable expect us to reply.
12.3 Except where you have consented to our use of your information for a specific purpose, we do not use your information in any way that would identify you personally. We may aggregate it in a general way and use it to provide class information, for example to monitor the performance of a particular page on our website.
12.4 If you have given us explicit permission to do so, we may from time to time pass your name and contact information to selected associates whom we consider may provide services or products you would find useful.
We continue to process your information on this basis until you withdraw your consent or it can be reasonable assumed that your consent no longer exists. You may withdraw your consent at any time by instructing us at email@example.com. However, if you do so, you may not be able to use our website or our services further.
13. Information we process for the purposes of legitimate interests
We may process information on the basis there is a legitimate interest, either to you or to us, of doing so. When we process your information on this basis, we do take careful consideration to:
13.1 Whether the same objective could be achieved through other means
13.2 Whether processing (or not processing) might cause you harm
13.3 Whether you would expect us to process your data, and whether you would, in the round, consider it reasonable to do so.
For example, we may process your data on this basis for the purpose of:
13.4 Record-keeping for the proper and necessary business administration
13.5 Responding to unsolicited communication from you to which we believe you would expect a response
13.6 Protecting and asserting the legal rights of any party
13.7 Insuring against or obtaining professional advice that is required to manage organisational or business risk
13.8 Protecting your interests where we believe we have a duty to do so
14. How do we share the information?
We may share your information, including personal information as follows:
14.1 Service providers
We may disclose the information we collect to third party vendor, service providers, contractor or agents who perform functions on our behalf.
14.2 Business transfers
If we are acquired by or merged with another organisation, if substantially all of our assets are transferred to another organisation, or as part of a bankruptcy proceeding. We may transfer the information that we have collected with the other organisation.
14.3 In response to legal process
We also may disclose information we collect from you in order to comply with the law, a judicial proceeding, court order, or other legal process, such as in response to a court order or a subpoena.
14.4 To protect us and others
We also may disclose the information we collect, where we believe it is necessary to investigate, prevent or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety of any person, violations of our Terms of Service or this policy, or as evidence in litigation in which we are involved.
15. Cookies policy under GDPR compliance
The information that we received from these cookies are used in order to:
16.1 Help us identify you and the account you hold with us
16.2 Inform you about services and/or events which we feel may be of interest to you, where you have assented to be contacted for such purposes
16.3 Enable us to evaluate, improve and develop our website and its services
16.4 Inform you about changes to our website and services
16.5 Customise your experience
16.6 Troubleshoot problems and resolve disputes
16.7 Discover and defend ourselves against error, fraud and other reprehensible activities
17. Third party advertising on our website
18. Third party analytics
We use automated devices and applications, such as Google Analytics, to evaluate usage of our website. We also may use other analytic means to analyse our performance. We use these tools to help us improve our services, performance and user experiences. These entities may use tracking technologies to perform their services.
19. How long do we keep your data?
20. Security of your personal information
E-mail is not recognised as a secure medium of communication. For this reason, we request that you do not send private information to us by email. However, doing so is allowed, but at your own risk. Some of the information you may enter on our website may be transmitted securely via a secure medium known as Secure Sockets Layer or SSL. We may use software programs to create summary statistics, which are used for such purposes as assessing the number of visitors to the different sections of our website, what information is of most and least interest, determining technical design specifications and identifying system performance or problem areas. For website security purposes and to ensure that this service remains available to all users. We use software programs to monitor network traffic to identify unauthorised attempts to upload or change information, otherwise cause damage. We secure your personal information from unauthorised access, use or disclosure.
21. Compliance with the law
22. Removal of your information
If you wish us to remove personally identifiable information from our website, you may contact us at firstname.lastname@example.org. Please note that this may limit the service that we can provide to you.