Website

This privacy policy covers the usage of skin-heal.com

What Personal Data is Collected and Why

Personal Data from The Contact Form and Email Correspondence

When you contact us via email or using the contact form on our website, we require a certain minimum of information is provided to us. This includes your name, email address, but we potentially request additional information like phone number, you location, your business detail. Such information is necessary for you to respond to your inquiries like shipping time, shipping expenses, VAT application and others. Any personal information you provide to us in our correspondence is completely protected and never shared with third parties.

Cookies

In order to operate normally our website need to utilize cookies. These are small packages of data stored in the users browser, containing various type of information, that helps the communication between your browser and our website. They help with both our system recognizing your browser and the normal functioning of the website. To learn in detail about  what cookies are, please visit the following link: http://ec.europa.eu/ipg/basics/legal/cookies/index_en.htm.

But why is cookie usage necessary? It is impossible for an online store to properly operate without using cookies. The data contained and stored in our cookies is strictly related to your purchasing and user experience on our website, containing such information as the products added to your card, the login status of our account. There is no risk to these cookies being stored in your browser’s cache and we guarantee the data of our cookies is not available or provided to third parties.

The primary usage of cookies on our website is the “session cookies”. These cookies are only used during the users browsing session and are deleted upon closing your browser. These contain only basic browsing data required by our system to properly run.

The cart cookies used by our store contain only information related to the content of your basket, i.e. the product you have added to is. These cookies are retained in your browser for up to a month, but contain no other, particularly personal, data whatsoever.

The third major type of our cookies are the ones that track your logged in status. If, upon logging into our system you choose the option to have our website remember you are logged in, a cookie will be stored in your browser that, upon your next visit, will signify to our system that your user account is logged in and you won’t have to type in your user credentials. This cookie is stored in your browser for up to a month.

Third Party Cookies

The card checkout service used on our website needs to use cookies in order to process payments. This is a third party session cookie which will temporarily store your details during the checkout process. The information will only be accessible and handled by our checkout service provider.

Any information submitted during the checkout safe and your card information, particular, is available only to the processing service provider.

Embedded Content

On our website you might find various types of embedded content. Embedded content hosted on another website, which is integrated into our website though an iframe or other form of embedding, which is displayed as visible on the original website. The most common example for embedded content are videos, but this can extent to other forms of media, text or other web content.

The third parties that own and control the embedded content might include cookies when their content is displayed. We have no direct control over the cookie or tracking policy of third aprties, but we do try to include embedded content only from trusted  sources like Youtube.

Google Analytics

Like most commercial website online, we are using services that analyze browsing and site usage of the visitors and customers to helps us improve our services. We have integrates  Google Analytics into our website. The service will collect anonymous browsing data for your experience when vising our website. No personal data is collected by Google.

To give your privacy a better protection we have anonymized the last three digits of your IP address which prevents us our Google to track your exact location.

All data collected with Analytics is browsing related and not personal and is safely stored by Google. We guarantee it will not be sold or provided to third parties.

Data Sharing Policy

Our primary policy is to never share personal data we collect with third parties. The only personal information which will be handled by third parties is the necessary information you submit when paying with a credit or debit card, which will be processed by the checkout service provider.

Non-personal, site usage data is visible to Google who provide the Analytics service we use. However, they are not permitted to provide it to other third parties.

How Long Is Your Data Kept?

With the exception of pending issues or us being required to maintain personal data for legal or administrative reasons, we will store personal details for no more than 5 years, if a user account has been inactive. Orders made as “guest” are stored no longer than 5 years unless the aforementioned exceptions.

Controlling Your Data – Rights

EU laws and GDPR, in particular, provide extensive protection of people over their personal data online. A person has the right to request all the personal data stored by a website about them. Additionally, you have the right to request the full deletion of your personal data, a.k.a. “the right to be forgotten”. At any point of time you can contact us via email to request your personal information or its deletions.

How Is Personal Data Provided?

Once you’ve made a request, we will send all the available personal information about you stored in our system to your email, using the integrated export tool.

Further Information About Personal Data Handling

Protection of Personal Data

Personal information you have submitted in your system in your user account or in an order you’ve made, will not be available to third parties under any circumstances, only accessed and processed by our employees.

Please note, that when you make a user profile at our website, you’re required to provide a strong enough password and link your account to a well protected email account. Failing to do either  may result in compromise of your personal data, which our company will not be held accountable for.

Our website is hosted on a secure server and we have taken of standard measures to provide a sufficient enough level of protection of our website and the information stored on our website.

Data Breach Procedures

Although we have taken all measures to provide the necessary level of data protection, in the unlikely event of data breach, you will be immediately notified by our team by email or phone, about the specific type of breach and what our team and hosting provider are doing to address the problem. You may also be requested to take certain measures to help protect your data further, like changing the email address linked to your account and/or changing your user account password.

Automatic Data Handling

Our system is set to automatically delete all user accounts after a five year period of inactivity. Excluded are accounts involved in unresolved issues.

The website automatically provides browsing data to Google Analytics, but out privacy settings allows you to turn that tracking service off for you. Please note, our system will store a cookie in your browser to tell the website to not track your usage.

Data Regulator

If you believe your data has been mishandled and we have not properly addressed the problem or resolved the situation you can turn your complaint to our local EU data regulator:

http://www.dataprotection.ro/