Your Consent
By using a Lish Lash website, you are consenting to Lish Lash collecting, using and disclosing your personal information in accordance with this Privacy Policy. If you do not agree to the collection, use and disclosure of your personal information in this way, please do not use the Lish Lash websites or otherwise provide Lish Lash with your personal information.
Lish Lash will only collect, use or disclose your personal information where it is fair and lawful to do so. In most cases, we will ask for your consent explicitly but, in some cases, we may infer consent from your actions and behaviour. We may ask you to provide additional consent if we need to use your personal information for purposes not covered by this Privacy Policy. You are not obliged to provide such consent but if you decide not to then your participation in certain activities may be restricted. If you provide additional consent, the terms of that consent shall prevail in the event of any conflict with the terms of this Privacy Policy.
Please note, however, that we may process your personal information without consent if we have a legitimate reason to do so, provided that such use will not have a prejudicial effect on your own rights, freedoms and interests. Any such use shall be in accordance with the Lish Lash privacy principles set out below
What This Policy Covers
The data controller is Lish Lash Limited (referred to in this policy as “we” or “us”).
We are committed to doing the right thing when it comes to how we collect, use and protect your personal data. That’s why we’ve developed this privacy and cookies policy (“Policy”), which:
- sets out the types of personal data that we collect
- explains how and why we collect and use your personal data
- explains when and why we will share personal data within Lish Lash and with other organisations; and
- explains the rights and choices you have when it comes to your personal data
We offer a wide range of products and services, so we want you to be clear about what this Policy covers. This Policy applies to you if you use our services (referred to in this Policy as “our Services”). Using our Services means:
- shopping with us over the phone, or online or otherwise using any of the websites (“our Websites”) or mobile applications (“our Mobile Apps”) where this Policy is posted
Our Websites or Mobile Apps may contain links to other websites operated by other organisations that have their own privacy policies. Please make sure you read the terms and conditions and privacy policy carefully before providing any personal data on a website as we do not accept any responsibility or liability for websites of other organisations.
This Policy also applies if you contact us or we contact you about our Services.
Last updated: 1st May 2023.
Children
The Lish Lash websites are designed and intended for use by adults. Where a Lish Lash website is intended for use by a younger audience, we will obtain consent from a parent or guardian before we collect personal information where we feel it is appropriate to do so or where it is required by applicable laws and regulations (the age at which consent is necessary varies from country to country). If you are a child over the age where parental consent is required in your country, you should review the terms of this Privacy Policy with your parent or guardian to make sure you understand and accept them.
If we discover that we have collected information from a child without consent from a parent or guardian where such consent should have been obtained, we will delete that information as soon as possible.
Access to certain parts of the Lish Lash websites and/or eligibility to receive prizes, samples or other rewards may be limited to users over a certain age. We may use your personal information to carry out age verification checks and enforce any such age restrictions.
How Long Do We Keep Your Personal Data For?
We will keep your personal data for as long as we need it for the purpose it is being processed for. For example, where you make a purchase online with us we will keep the data related to your purchase, so we can perform the specific contract you have entered and after that, we will keep the personal data for a period which enables us to handle or respond to any complaints, queries or concerns relating to the purchase.
Your data may also be retained so that we can continue to improve your experience with us and to ensure that you receive any loyalty rewards which are due to you.
We retain the identifiable data we collect directly for targeting purposes for as little time as possible, after which we employ measures to permanently delete it.
We will actively review the personal data we hold and delete it securely, or in some cases anonymise it, when there is no longer a legal, business or consumer need for it to be retained.
Personal Data We Collect
We may collect the following information:
This section tells you what personal data we may collect from you when you use our Services and what other personal data we may receive from other sources.
When you register for our Services, you may provide us with:
- Your personal details, including your postal and billing addresses, email addresses, phone numbers and date of birth and title
- Your account login details, such as your username and the password that you have chosen
When you shop with us online or browse our Websites or use our Mobile Apps, we may collect:
- Information about your online purchases (for example, what you have bought, when and where you bought it and how you paid for it)
- Information about your online browsing behaviour on our Websites and Mobile Apps and information about when you click on one of our adverts (including those shown on other organisations’ websites)
- Information about any devices you have used to access our Services (including the make, model and operating system, IP address, browser type and mobile device identifiers)
When you contact us or we contact you or you take part in promotions, competitions, surveys or questionnaires about our Services, we may collect:
- Personal data you provide about yourself anytime you contact us about our Services (for example, your name, username and contact details), including by phone, email or post or when you speak with us through social media
- Details of the emails, SMS and other digital communications we send to you that you open, including any links in them that you click on
- Your feedback and contributions to customer surveys and questionnaires
Other sources of personal data
We may also use personal data from other sources, such as specialist companies that supply information, online media channels, our Retail Partners and public registers. For example, this other personal data helps us to:
- review and improve the accuracy of the data we hold; and
- improve and measure the effectiveness of our marketing communications, including online advertising.
How And Why We Use Personal Data
Make our Services available to you
- Manage the accounts you hold with us
- Process your orders and refunds
We need to process your personal data so that we can manage your customer accounts, provide you with the goods and services you want to buy and help you with any orders and refunds you may ask for
Manage and improve our day-to-day operations
- Manage and improve our Websites and Mobile Apps
We use cookies and similar technologies on our Websites and Mobile Apps to improve your customer experience. Some cookies are necessary so you should not disable these if you want to be able to use all the features of our Websites and Mobile Apps. You can disable other cookies but this may affect your customer experience. For more information about cookies and how you can disable them, see the cookies and similar technologies section.
- Help to develop and improve our product range, services, stores, information technology systems, know-how and the way we communicate with you.
We rely on the use of personal data to carry out market research and internal research and development, and to improve our information technology systems (including security) and our product range, services and stores. This allows us to serve you better as a customer.
- Detect and prevent fraud or other crime
It is important for us to monitor how our Services are used to detect and prevent fraud, other crimes and the misuse of services. This helps us to make sure that you can safely use our Services.
Personalise your Lish Lash experience
- Use your online browsing behaviour as well as your in-store and online purchases to help us better understand you as a customer and provide you with personalised offers and services.
Looking at your browsing behaviour and purchases allows us to personalise our offers and services for you. This helps us meet your needs as a customer.
- Provide you with relevant marketing communications (including by email, SMS, post or online advertising), relating to our products and services, and those of our suppliers and Retail Partners. As part of this, online advertising may be displayed on our websites and on other organisations’ websites and online media channels. We may also measure the effectiveness of our marketing communications and those of our suppliers and Retail Partners.
We want to ensure that we provide you with marketing communications, including online advertising, that are relevant to your interests. To achieve this we also measure your responses to marketing communications relating to products and services we offer, which also means we can offer you products and services that better meet your needs as a customer. You can change your marketing choices, both when you register with us, and at any time after that. You also have choices when it comes to online advertising. We set out below your choices when it comes to cookies, and how you can control your online behavioural advertising preferences.
Contact and interact with you
- Contact you about our Services, for example by phone, SMS, email or post or by responding to social media posts that you have directed at us.
We want to serve you better as a customer so we use personal data to provide clarification or assistance in response to your communications
- Manage promotions and competitions you take part in, including those we run with our suppliers and Retail Partners.
We need to process your personal data so that we can manage the promotions and competitions you choose to enter.
- Invite you to take part in and manage customer surveys, questionnaires and other market research activities carried out by Lish Lash and by other organisations on our behalf.
We carry out market research to improve our Services. However, if we contact you about this, you do not have to take part in the activities. If you tell us that you do not want us to contact you for market research, we will respect this choice. This will not affect your ability to use our Services.
Sharing Personal Data With Service Providers
We work with carefully selected Service Providers that carry out certain functions on our behalf. These include, for example, companies that help us with technology services, storing and combining data, processing payments and delivering orders. We only share personal data that enable our Service Providers to provide their services.
Some of the Service Providers we work with operate online media channels, and they place relevant online advertising for our products and services, as well as those of our suppliers and our Retail Partners, on those online media channels on our behalf. For example, you may see an advert for our products and services as you use a particular social media website or watch television through your pay TV account.
Sharing Personal Data With Other Organisations
We may share personal data with other organisations in the following circumstances:
- if the law or a public authority says we must share the personal data;
- if we need to share personal data in order to establish, exercise or defend our legal rights (this includes providing personal data to others for the purposes of preventing fraud and reducing credit risk);
- to an organisation we sell or transfer (or enter into negotiations to sell or transfer) any of our businesses or any of our rights or obligations under any agreement we may have with you to. If the transfer or sale goes ahead, the organisation receiving your personal data can use your personal data in the same way as us; or
- to any other successors in title to our business.
How We Protect Personal Data
We use computer safeguards such as firewalls and data encryption, and we enforce physical access controls to our buildings and files to keep this data safe. We only authorise access to employees who need it to carry out their job responsibilities.
- We protect the security of your information while it is being transmitted by encrypting it using Secure Sockets Layer (SSL).
- We enforce physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of personal data. We may occasionally ask for proof of identity before we share your personal data with you.
- We will reveal only the last four digits of your credit card number when confirming an order.
However, whilst we take appropriate technical and organisational measures to safeguard your personal data, please note that we cannot guarantee the security of any personal data that you transfer over the internet to us.
The personal data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by companies operating outside the EEA who work for us or for one of our service providers. We will put in place appropriate protection to make sure your personal data remains adequately protected and is treated in line with this Policy.
Marketing And Market Research
We will send you relevant offers and news about our products and services in a number of ways including by email or SMS but only if you have previously agreed to receive these marketing communications. When you register with us we will ask if you would like to receive marketing communications, and you can change your marketing choices online, over the phone or in writing at any time.
We also like to hear your views to help us to improve our Services, so we may contact you for market research purposes. You always have the choice about whether to take part in our market research..
Your Rights
Where we process your personal data, you have a number of rights over how the data is processed and can exercise these rights at any point. We have provided an overview of these rights below, together with what this entails for you. You can exercise your rights by sending an email to us.
The right to be informed. You have the right to be provided with clear, transparent and easily understandable information about how we use your personal data and your rights. Therefore, we are providing you with the information in this Notice.
The right to access and rectification. You have the right to access, correct or update your personal data at any time. We understand the importance of this and should you want to exercise your rights, please contact us.
The right to data portability. The personal data you have provided us with is portable. This means it can be moved, copied or transmitted electronically under certain circumstances.
The right to be forgotten. Under certain circumstances, you have the right to request that we delete your data. If you wish to delete the personal data we hold about you, please let us know and we will take reasonable steps to respond to your request in accordance with legal requirements. If the personal data we collect is no longer needed for any purposes and we are not required by law to retain it, we will do what we can to delete, destroy or permanently de-identify it.
The right to restrict processing. Under certain circumstances, you have the right to restrict the processing of your personal data.
The right to object. Under certain circumstances, you have the right to object to certain types of processing, including processing for direct marketing (i.e. receiving emails or SMS from us notifying you or being contacted with varying potential opportunities).
The right to lodge a complaint with a Supervisory Authority. You have the right to lodge a complaint directly with any local Supervisory Authority about how we process your personal data.
The right to withdraw consent. If you have given your consent to anything we do with your personal data (i.e. we rely on consent as a legal basis for processing your personal data), you have the right to withdraw your consent at any time (although if you do so, it does not mean that anything we have done with your personal data with your consent up to that point is unlawful). You can withdraw your consent to the processing of your personal data at any time by contacting us with the details provided below.
If you would like a copy of the personal data we hold about you, please write to: Lish Lash Ltd, 4 Greenside, Cowbridge, Wales, CF71 7EU
You can also email us at hello@mylishlash.co.uk
The law allows us to charge an administration fee if the request is excessive or if you request further copies.
We want to make sure that the personal data we hold about you is accurate and up to date. If any of the details are incorrect, please let us know and we will amend them.
How We Use Cookies
Cookies, pixel tags and similar technologies (collectively ‘cookies’) are files containing small amounts of information which are downloaded to any internet enabled device – such as your computer, smartphone or tablet – when you visit a website. Cookies are then sent back to the originating website on each subsequent visit, or to another website that recognises that cookie. Cookies do lots of different and useful jobs, such as remembering your preferences, generally improving your online experience, and helping us to offer you the best product and services.
There are many types of cookies. They all work in the same way, but have minor differences.
Your consent applies to the following domains: www.mylishlash.co.uk