- Who is the data controller?
- What personal data do we collect?
- How do we use this personal data?
- What is our legal basis for processing your personal data?
- Who will process your data?
- Do we transfer your personal data outside of the EU?
- How long do we keep your personal data?
- Your rights
- Security measures
- Changes to this notice
- Legislative reference and useful links
- Who is the data controller?
Under the data protection law, the data controller is responsible for ensuring that your data is held securely, that you are given accurate information about how your data is used, and that your rights regarding your data are respected.
The “iSeha” website is owned and run by iSeha Smart Trading. For the purpose of the Data protection, the data controllers for any personal data we hold about you are iSeha Smart Trading. of Office 12, Golden Mile 8, Palm Jumeirah Dubai United Arab Emirates.
iSeha Smart Trading (referred to here as “we”, “our”, “us”) The term “our online services” refers toiSeha Smart Trading., our mobile and tablet applications, our pages on third party social media platforms such as Instagram, Facebook, Twitter, Pinterest and Google+ and any other websites or apps we own or run from time to time. If you use any of our services, we will refer to you using the terms “user”, “visitor”, “you”, “your”, “yours” in this policy.
- What personal data do we collect?
We collect and process only the data that is required to allow us to provide our services to you. We collect the following data when you browse or shop at https://iseha.ae/
- a) We process the personal data required to complete and dispatch your purchase, including your name, billing address, delivery address, payment details, mobile number, telephone number and email address. We collect your email address in order to send you confirmation of your order; we collect your telephone number so that we can contact you if there are any issues with the order.
- b) We collect your email address when you sign up to receive iSeha News.
- c) If you register for an iSeha account, we collect your name, email address, password, country, day and month of birth and additional information regarding your favorite designers and your marketing preferences.
- d) When you contact our Customer Care team, we may collect additional data to help us resolve any queries relating to your order, delivery, payments, marketing, the website or any other queries.
- e) We collect and process data about your browsing on https://iseha.ae/, including the pages you visit and how you interact with these pages. If you have registered for an account, we collect browsing data about your access to the dedicated areas of the website.
- f) If you are a customer of https://iseha.ae/ or if you have given us your consent, we collect and process your personal data for direct marketing activities.
- g) If you provide us with someone else’s data – for example, if you purchase a product to be delivered to a friend or as a gift, or provide us with someone’s data as part of our refer-a-friend scheme – we will collect and process the personal data required to complete the transaction such as the name, delivery address and other contact details for your friend. If you are receiving an item as a gift, we will process your data only to fulfil the gift request and our contractual obligations.
- h) When you use the App version of our website, we will ask for your consent to collect personal data from you in order to send you brief messages (“push notifications”) about products and services that we believe may be of interest to you. With your consent, we will also collect data regarding your use of the App and your IP address, in order to improve our service to you. You can disable push notification at any time by updating the App settings in your mobile device.
- j) When you call our Customer Care team, your call maybe recorded for training and fraud prevention purposes.
- How do we use the personal data we collect?
We collect and process your personal data for the following purposes:
- a) To fulfil our contract with you, including taking payment, shipping and delivery;
- b) To provide you with relevant information about our products and services via our marketing communications and advertising;
- c) To help you take full advantage of our website, including placing and holding items in your shopping bag and using services such as Wish Lists;
- d) To improve the performance of our website and our promotion of the website;
- e) To allow our Customer Care team to help you with queries and requests;
- f) To send you updates to important information such as our Terms & Conditions.
For a detailed breakdown of how we use your personal data, please view the table below.
4) What is our legal basis for processing your personal data?
Under the Law we must have a valid reason for using your personal data and we may not collect, store or use data about you that is not compatible with that reason. There are four valid reasons for our use of your personal data:
- a) Most of the data we collect from you is necessary to allow us to fulfil our contract with you or to enter into a contract with you e.g. you provide a billing address and email address when you purchase an item from https://iseha.ae/ so that we can process your payment and send you order confirmation.
- b) In certain circumstances we will ask for your permission or consent to use your personal data e.g. if we would like to send you marketing information about items we believe may be of interest to you via email. If you have given your consent to our use of your personal data, you are entitled to withdraw this consent at any time.
- c) We may also have a legitimate interest in using your personal data e.g. to ensure that the content of our website is presented to you and your device as effectively as possible, or to ensure that our marketing communications are relevant to your interests. If this is our reason for using your data, we must make sure that our interests do not override yours and you are entitled to object to this use of your data.
- d) Lastly, we may be required to use your data to meet a legal obligation or to protect your interests e.g. we may exchange information with other specialist organisations for the purposes of fraud detection and credit risk reduction and we will retain financial data long term to meet our statutory obligations.
For a detailed breakdown of how we use your personal data, please view the table below.
5) Who will process your data?
Your personal data will be processed by the internal staff ofiSeha Smart Trading. who have been specifically trained and authorised for this processing. In carrying out the processing, the data may also be transmitted to companies belonging toiSeha Smart Trading.
Your personal data will also be transmitted to third parties that we use to provide our services; these parties have been rigorously assessed and offer a guarantee of compliance with the legislation on the processing of personal data. These parties have been designated as data processors and carry out their activities according to the instructions given byiSeha Smart Trading. and under its control.
The third parties in question belong to the following categories: banking operators, internet providers, companies specialising in IT and telematics services; couriers; companies that carry out marketing activities, including social media organisations; companies specialising in market research and data processing; companies offering contact centre services; companies providing publishing and distribution services.
Under some circumstances we may be required to disclose or share your data without your consent, for example if we are required by the police, the courts or for other legal reasons. Your data may be transmitted to the police, judicial and administrative authorities, in accordance with the law, for the investigation and prosecution of crimes, the prevention of and protection from threats to public security, to allowiSeha Smart Trading. to ascertain, exercise or defend a right in court, as well as for other reasons related to the protection of the rights and freedoms of others.
6) Data transfer outside the European Union
Some of the third parties listed in the previous paragraph ‘Who will process your data?’ may be located in countries outside the European Union that nevertheless offer an adequate level of data protection, as established by specific decisions of the European Commission (https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en)
The transfer of your personal data to countries that do not belong to the European Union and that have not been assessed as offering adequate levels of protection will be performed only:
- after the completion betweeniSeha Smart Trading. and said parties of specific agreements containing safeguard clauses and appropriate guarantees for the protection of your personal data (known as “standard contractual clauses” and approved by the European Commission), or
- if the transfer is necessary for the completion and execution of a contract between you and THEiSeha Smart Trading (for the purchase of goods offered on our website, for registration on the website or use of services on the website), or
III. for the management of your requests.
7) How long do we keep your data?
We keep your personal data for a limited period of time in line with our data retention policy. The specific retention period will vary according to the reason for processing your personal data. After this period, your data will be permanently erased or otherwise irreversibly rendered anonymous.
Your personal data are retained in accordance with the following criteria:
When you have purchased goods from https://iseha.ae/ we will retain the billing data until the end of the relevant accounting period, normally seven years from the billing date;
When you make a payment, we will retain your payment details up to the certification of the payment and the completion of the relevant administrative-accounting formalities regarding your right of withdrawal and the terms applied for the disputing of the payment;
When you provide us with personal data in order to use the services https://iseha.ae/such as marketing communications subscription, we will keep your data for this purpose until the termination of the service or until you cancel your subscription to the service;
When you give us your consent to send you marketing communications, you can withdraw your consent at any time. We will consider your consent to be current for five years from your last interaction with any email that we send you, with our App or with https://iseha.ae/ in any case, we will reduce the number of marketing contacts after six months if you don’t interact with us;
When we use your personal data and browsing history to analyse your behaviour in order to customise the website and to show you personalised sales offers, we will keep the data for analytical purposes until you ask us to delete it;
When we use personal data for market research and satisfaction surveys, we will keep the data until you ask us to stop.
When you contact our Customer Care team, we will keep any additional personal data you provide that is specific to your enquiry for as long as you remain an active customer of https://iseha.ae/
When you contact our Customer Care team, we will keep the call recording for 6 months. Credit card details are not recorded as part of the call.
8) Your rights
You have the right to request a copy of the data that we hold about you (and we will provide this to you free of charge once we have confirmed your identity).
If you would like a copy of some or all of your personal data, please email or write to us using the contact details in this policy.
If we do hold data about you we will:
- give you a description of it
- tell you why we are holding it
- tell you who it could be shared with
- tell you how long we will keep the data
- if the data was not provided by you, we will give you any available information such as the source of the data
- tell you if the data has been used for automated decision making
- tell you if the data is stored outside of the European Economic Area, and if so what safeguards are in place to protect your personal data
- let you have a concise and clear copy of the data
You have the right to ask us to correct any inaccuracies in the personal data we hold about you and to stop us using your data until it has been corrected. We want to make sure that your personal data is accurate and up to date and we will be happy to correct or remove data you think is inaccurate. You can also update your own information at any time by logging into My Account at https://iseha.ae/
You have the right to withdraw your consent to marketing at any time by calling our Customer Care team, clicking “unsubscribe” on a marketing email or replying STOP to a text message. Alternatively, you can sign in to your account on https://iseha.ae/ and update your requirements in our Email Preference Centre. You may receive a small number of further communications immediately after unsubscribing but we will implement your request as quickly as possible.
You have the right at any time to oppose our processing of your personal data on the basis of our legitimate interest. You will need to explain the reasons behind your request and allow us to consider your request and respond.
You have the right to request the deletion of your personal data. After receiving and reviewing your request, if legitimate it will be our responsibility to cease processing promptly and to delete your personal data.
You have the right to receive a copy of your data that we process based on your consent or on the basis of a contract with you in a standard format. If you wish, where technically possible, we can transfer your data directly to a third party indicated by you.
To ensure that the data of our users are not subject to breaches or illegitimate use by third parties, we will ask you to confirm your identity before carrying out your request.
We protect your personal data with specific technical and organisational security measures aimed at preventing your personal data from being used illegitimately or fraudulently.
In particular, we use security measures that guarantee: pseudonymisation or encryption of your data; the confidentiality, integrity, and availability of your data as well as the resilience of the systems and services that process them; the ability to restore data in the event of a data breach. Furthermore,iSeha Smart Trading. undertakes to test, verify and regularly evaluate the effectiveness of technical and organizational measures in order to guarantee continuous improvement in the safety of processing.
If you believe thatiSeha Smart Trading. is processing your personal data in contravention of the Law, you can file a complaint with the supervisory authority responsible for compliance with the rules on personal data protection.
11) Changes to this notice
12) Legislative references and useful links.
TABLE OF USE AND LEGAL BASIS FOR PROCESSING
|Our use of your data||Our legal basis for processing|
|When you purchase a product from https://iseha.ae we ask you for the personal data necessary to allow us to fulfil our contract with you including taking payment, completing any related anti-fraud checks if you choose to pay by credit/debit card, billing, shipping and delivery of the product and possible handling of the return.||1. The provision of your personal data for these activities is a contractual obligation. You are free to communicate your data or not, but in the absence of the requested data it will not be possible to finalise or execute the contract and your requests. This means that while you will continue to be able to browse https://iseha.ae, you will not be able to purchase products and you will not be able to use the services of our website such as the Wish List
2. When you make a purchase at https://iseha.ae, we are required to process your personal data to meet our legal obligations in accordance with the tax provisions and other statutory rules which apply.
You are free to decide whether or not to purchase from us, but if you do make a purchase this use of your data will be necessary to meet our legal obligations.
3. When you make a purchase at https://iseha.ae, we will use some of your personal data to carry out anti-fraud activities: we have a legitimate interest in carrying out this activity to prevent and prosecute any fraudulent activity.
|When you visit https://iseha.ae, we will collect the personal data necessary to allow us to provide you with the services of the website, such as placing and holding items in your shopping bag.||Our use of your data is necessary for our legitimate interest in ensuring that the service we provide to you is managed correctly.|
|When you visit https://iseha.ae, we will use some data about your use of the website to help us improve the website and our promotion of the website. This will include data about how you came to the website; the date and time of your visit; products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction data (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page.||Our use of your data is necessary for our legitimate interest in ensuring that the service we provide to you is managed correctly.|
|When you register on https://iseha.ae,we will collect the data necessary to ensure that we can recognize you on return visits and provide you with the services registration offers, such as creating a wish list or subscribing to emails about your favourite designers. If you would prefer not to continue receiving these emails, you can unsubscribe at any time using the link on the bottom of the email, or by contacting our Customer Care team.||The provision of your personal data for these activities is a contractual obligation. You are free to communicate your data or not, but in the absence of the requested data it will not be possible to finalise or execute the contract and your requests. This means that while you will continue to be able to browse https://iseha.ae, you will not be able to use the services of our website such as the Wish List or alerts about deliveries from your favorite designers.|
|When you sign up for our marketing communications, we will ask you for your email address to enable delivery of the marketing communications. If you would prefer not to receive these emails, you can unsubscribe at any time using the link on the bottom of the email, or by contacting our Customer Care team.||You have given your consent and asked us to send you our marketing communications.|
|If you have purchased from https://iseha.ae, we will use the personal data we hold about you, including your purchase history, to contact you regarding products and services that may be of interest to you. This contact will normally be via email, but in certain circumstances we may contact you via other methods e.g. we may call you if an item you have been eager to purchase comes back into stock. If you would prefer not to be contacted in this way, you can unsubscribe from emails at any time using the link on the bottom of the email, or update your preferences via https://iseha.ae or by contacting our Customer Care team.||Our use of your data is necessary for our legitimate interest in ensuring that you receive information about goods and services that may be of interest to you.|
|We analyse contact data, purchase histories, web browsing data and lifestyle data to tailor our marketing communications, web site presentation and internet advertising to meet your preferences. For example, if you have been browsing or have previously purchased a particular shoe designer, we may send you an email to tell you that these items are now on sale or display similar products to you on our own website or as part of our advertising on other websites.||Our use of your data is necessary for our legitimate interest in ensuring that you receive information about goods and services that may be of interest to you.|
|When you contact our Customer Care team, we will use the personal data you provide and that we have collected to respond to your requests for help or information.||The provision of your personal data for these activities is a contractual obligation. You are free to communicate your data or not, but in the absence of the requested data it will not be possible to finalise or execute the contract and your requests.|
|When you use the App version of our website, we will collect data regarding your use of the App and your IP address, in order to send you push notifications about products and services that we believe may be of interest to you.||You have given your consent to push notifications.|
|When you call our Customer Care team, your call will be recorded for training and fraud prevention purposes.||Our use of your data is necessary for our legitimate interest in ensuring that our employees receive adequate training and for fraud prevention.|
|To improve our marketing communications, we use a similar technology to cookies to confirm whether you have opened a marketing email or clicked on a link in the email. This information helps us to measure the value of our communications and to provide you with relevant content.||This processing constitutes profiling under the GDPR. We process your personal data in this way as it is in our legitimate interest to offer you a personalised experience on our sites and to provide you with personalised advertising and marketing.|
|If you have given us your email address or mobile phone number, we may supply this data to digital advertising or social media companies who work on our behalf, such as Facebook and Google. This is so we can show you advertising via these sites that is tailored to your interests and your purchase history. At our request, Facebook and Google may also use this data to identify individuals with similar characteristics to our customers and then serve our advertising to these individuals. The data we provide to these organisations is limited to email address or mobile phone number and is always provided in an encrypted format. If you would prefer not to see targeted advertising from us on social media, please refer to the instructions provided by the website or app, for example on Facebook, Twitter, Instagram, and Google.||This processing constitutes profiling under the GDPR. We process your personal data in this way as it is in our legitimate interest to offer you a personalised experience on our sites and to provide you with personalised advertising and marketing.|
- What personal information do we collect from you and how?
- What about cookies? What are cookies?
- How this information may be used
- Who we will share your personal information with
- Where we process your personal information
- Marketing opt-in and opt-out provisions
- How you can access your personal information and keep it up to date
- Safeguarding your personal information
- Why we link to other websites
- How we can make changes to this policy
- Where and how to ask questions or contact us about this policy
- WHAT PERSONAL INFORMATION DO WE COLLECT FROM YOU AND HOW?
We collect personal information about you when you register or subscribe for one of our services, place an order, buy a gift voucher, use our online services, interact with us in any other way, such as via social media, click on an advert that we put on our or someone else’s website, use our Personal Shopping services, ask for information or assistance, give us a testimonial or other feedback, comment on any blogs or articles featured in our services, attend an event that we run or sponsor, enter competitions or special promotions, sign up for our special offers or other updates, participate in research panels or fill in surveys. By registering, subscribing or using our services, you consent to the use of your personal data in line with this policy. We may also receive information about you from our Group and from third parties, with whom we have a business relationship.
The information we collect and hold about you may include your name, email address, phone and mobile phone numbers, home address, shipping and payment card billing address, payment card details, IP address, search criteria, shopping history, shopping preferences, sizings, responses to research panels and surveys, the type of browser you use (a browser is the program you use to look at websites, such as Internet Explorer, Firefox or Safari), the times when you access the site and for how long, your referring URL (the site you come from to reach our website), cell IDs (these are the unique identifiers of the telecommunications towers being used by your mobile phone when you use our locations-based services on your mobile phone or tablet) and other location information (for example, GPS measurements), photographs and other content you share with us when you use our services, date of birth, password details, answers to security questions and any other information you may give us.
We may record or monitor calls that you receive from us or make to us. We do this for security and training purposes, and to improve the services we provide to you.
- WHAT ABOUT COOKIES? WHAT ARE COOKIES?
- HOW THIS INFORMATION MAY BE USED
Whenever you give us your personal information we will use it in accordance with applicable privacy laws and for the purposes set out in this policy, on the data entry forms you complete, in any relevant terms and conditions and on pages or emails which link to the data entry forms.
When you use our services: If you use any of our services, register for or attend one of our events, set up, look at or change your account details or contact your personal shopper or a member of our Customer Care team, we will record your personal details. Your information will be used in the first place to provide the products, services or information you have asked for and to provide you with a personalized shopping experience. We keep the information you provide and may use it for several purposes, including: (i) accounting, billing, reporting and audit; (ii) credit checking or screening; (iii) authentication and identity checks; (iv) credit, debit or other payment card verification and screening; (v) debt collection; (vi) safety, security, health, training, administrative and legal purposes; (vii) data matching and dedupe, statistical and market analysis, and marketing information; (viii) advertising and marketing for us, our Group and third parties; (ix) developing, testing and maintaining systems; (x) studies, research and development; (xi) customer surveys; (xii) customer care and to help us in any future dealings with you, for example by identifying your requirements and preferences; (xiii) where required by law or in connection with legal proceeding or disputes; and (iv) any other uses set out in the terms and conditions for use of our services. For these purposes we may disclose your information to one or more of the other organisations listed in the section called “who we will share your personal information with”.
Saved payment card details will only be shared with our payment partner and not with any other third parties and will only be used to process your order, using our payment partner’s systems.
We may also use your personal information to send you marketing updates, as detailed in the next section.
Testimonials: If you give us feedback, we may use it to improve our services and we may publish it online or offline to promote our business and our services. We will ask for your permission before we publish it.
Comments and reviews submitted to our online services: If you wish to submit a comment or feedback on a blog or article featured on our services, we may (but are not obliged to) publish your comment online or offline to promote our business and our services. We will collect your name or username which will be displayed next to your comment and e-mail address, which will not be published, but which we may use to contact you in relation to your comment.
Mobile services: When you request our mobile services, we may keep your mobile phone number, the make and model of your phone, the operating system used by your phone and details of your network operator, and we will link a unique identifier to your mobile phone number. We’ll store your device language, app language, country, We need this information in order to provide the features and services enabled through our mobile services and to administer our mobile service. Our Givenchy mobile services use your location to show your closest Givenchy store. We may also use it for SMS or voice marketing and market research.
Direct marketing: For information on how we may market to you, please read the section called “marketing opt-in and opt-out provisions”.
- WHO WE WILL SHARE YOUR PERSONAL INFORMATION WITH
From time to time, we may engage third party business partners to provide information about you or to collect personal information on our behalf. We may also share or match your data with third party business partners to provide you with the products, services or information you ask for or for interest-based advertising. We may pass your information onto one or more of the following organisations: (i) data processing companies, mailing houses and other third party suppliers working on our Group’s behalf; (ii) ad-serving agencies and other advertising intermediaries; (iii) credit reference or fraud prevention agencies, which may keep a record of that information; (iv) research students, universities and other research and development organisations; (v) regulatory bodies, government and enforcement agencies, such as the police.
Every now and again, we receive requests for information from government departments, the police and other enforcement agencies. If this happens, and there is a proper legal basis for providing your personal information, we will provide it to the organisation asking for it.
We collate information about site traffic, sales, wish lists, and other commercial information which we may pass onto third parties, but this information does not include any details which can identify you personally.
- WHERE WE PROCESS YOUR PERSONAL INFORMATION
When we use your information as described in this policy, this may involve sending your information outside the European Economic Area (EEA). When we do this, we make sure that appropriate steps are taken to protect your personal information and your rights. By providing us with your personal information, you agree that we may transfer, store and process your information outside the EEA. Governments in certain countries such as the USA have broad powers to access data for security, crime prevention and detection and law enforcement purposes.
- MARKETING OPT-IN AND OPT-OUT PROVISION
We offer you the chance to receive news and fashion updates which, depending on your preferences, we will discuss with you by phone or live chat or send to you via email, SMS and/or direct mail. These include alerts for new products, features, enhancements, special offers, upgrade opportunities, contests, events of interest, and one-off marketing promotions. You can opt-out of receiving these updates, if you wish.
We, or our third party business partners, may also ask you if you want to receive marketing if you enter a promotion or attend an event thrown or sponsored by us. Other companies in our Group may also pass your personal information to us for marketing use.
Marketing communications you subscribe to will only be sent by our Group.
You have the right to ask us not to use your personal information for marketing. At all times, we will offer you the opportunity to unsubscribe from any service or update to which you have subscribed, if you change your mind. Whenever you receive direct marketing from us, we will tell you how to unsubscribe. Alternatively you can change your marketing preferences by logging into My Account. To opt out of direct mail, please contact our Customer Care team:
If you tell us that you do not want to receive direct marketing, we will still contact you in order to provide you with products and services you request and for administration purposes.
- HOW YOU CAN ACCESS YOUR PERSONAL INFORMATION AND KEEP IT UP TO DATE
You have the right to see information we hold about you, with some exceptions which are described in the privacy laws. If you would like a copy of your personal information, please contact our privacy officer at firstname.lastname@example.org You will need to pay a processing fee.
You have the right to review and update your personal details. If for any reason you are concerned that the personal information we hold is not correct, please visit our online services and, after logging into the site using the “Sign In” menu on the home page, your personal information will be made available for review and change in the “My Account” section. Only you or, upon your request, our Customer Care team, may access your personal data from our online services using your user ID and password. Information may be changed online within “My Details”, “Shipping Details” and “My Email Preferences”. You can change or delete saved credit/debit card details each time you make a purchase. You will also be able to delete saved credit/debit card details by adding or editing a shipping/billing address. If you change your billing or shipping address while your order is still being processed, the order will be re-processed through security validation checks. If you prefer, you may contact us by email at email@example.com and we will amend your personal details.
Our Live Chat provider stores all chat conversations for 13 months. To receive a copy of your chat conversation simply request this when exiting Live Chat or contact our Customer Care team by emailing firstname.lastname@example.org foriSeha Smart Trading.
SAFEGUARDING YOUR PERSONAL INFORMATION
We will take reasonable care to maintain appropriate safeguards to ensure the security, integrity and privacy of the information you have provided to us. We have put in place technology and security policies which are designed to protect the personal information we hold about you. We also follow the security procedures that applicable privacy laws require. These cover storing, using and releasing any information you have provided and, as well as measures designed to prevent unauthorised access or use. When you place an order or access your account information, we use a Secure Socket Layer (SSL) encryption which encrypts your information before it is sent to us to protect it from unauthorised use.
- WHY WE LINK TO OTHER WEBSITES
Our online services contain hyperlinks to websites that are owned and operated by other organisations. These websites have their own privacy and cookie policies, and we urge you to read them. They control how your personal information is used when you give it to these other organisations or they collect it with cookies. We do not approve any other websites and we are not responsible for any information, material, products or services that are on or accessible through those websites or for the privacy practices of websites run by other organisations. If you use these other websites you do so at your own risk.
- HOW WE CAN MAKE CHANGES TO THIS POLICY
- WHERE AND HOW TO ASK QUESTIONS OR CONTACT US ABOUT THIS POLICY