- Who we are
- What information do we collect
- Applying to work with us
- What information do we collect
- Applying to work with us
- How do we use your information
- Who may use your information
- Third party links and services
- How do we protect your information
- Where is your information processed
- Marketing communications - How long do we keep your information
- Your rights
- How do you contact us
1.5 We do not knowingly collect or process data from anyone under the age of thirteen (13) years old.
2. Who we are
2.3 Please check the Site or the store to see which member of the Extraless you are dealing with. If you are unsure please get in touch with us using the contact details below.
3. What information do we collect?
3.1 Most of the information we collect is information provided directly by you, which is set out on the web page on which we collect it - for example in our enquiry form - at events, in store or by our people by phone. This may include: contact information – information such as name, email address, physical mailing address, device identifier and telephone number ; personal information – such as your birthday, gender and clothes and shoe size; professional information – such as your employment background, job description and related information; social media – such as your Facebook, Instagram, twitter, WeChat or Google account details. In some cases we may use your Facebook, WeChat or Google credentials to allow access to your account with EXTRALESS; transaction information – your contact information, the products you are interested in, your purchasing requirements, financial or other payment information including your card details and billing address, your PayPal account (if any) and any identification numbers needed; and responses to surveys – information you provide in responding to a survey on the Site, via an app or email, on the telephone or otherwise.
3.2 We may also collect and process other information obtained through the Site or the device you are using, including: information through ‘My Account’ – information for registration of ‘My Account’ such as your contact information, password and email preferences.
If you are a registered user, we collect information about your access to the reserved area of the Site such as information on the date and time of access and with your consent, information on your interests and preferences in relation to our products and services.
We also collect information relating to your orders; including order number, list of products you have ordered and information on their delivery status as well as information on your wish list, which includes your personal collection of favourite items; location information (including GPS signals sent by a mobile device, location information gathered from social media networks or sensor or IP address data from your device); information from cookies, web beacons or from the internet, including your IP address, browser type, operating system, domain name, access times, which pages you visit within our Site and referring website addresses.
Cookies are small pieces of information that are stored by your browser on your computer’s hard drive. You can find out more about how we deal with cookies in our Cookies Policy; if you ask us to connect with other sites (for example if you ask us to connect with your Facebook account) we may get information that way too; and we may record telephone calls.
4. Applying to work with us
4.1 If you use the Site to apply to work with us, we will use the information you supply to process your application and to monitor recruitment statistics. Please do not send us any sensitive personal data with your application unless we specifically ask you for it. As a global business we may transfer your details outside of your home country and to other companies in our group. We will ask you to sign up to additional confidentiality and privacy terms if you apply for a job with us. Once a person has taken up employment with us, we will compile a file relating to their employment. At that stage we will give more details about how we hold employee data and we will expect the employee to sign up to additional confidentiality and privacy terms as part of their employment.
4.3 We may retain details of candidates who may be of interest to us, either now or in the future, for up to one year. If you would not like us to do that please let us know. Additionally, if your circumstances change – for example you no longer wish to be considered by us for employment – please let us know that too.
5. How do we use your information?
5.3 We process your personal data where we have your consent to do so, which you may withdraw at any time, or otherwise where this is necessary for: the performance of our contract with you for the provision of Extraless or to take preliminary steps at your request; us to fulfil our legal obligations; or, the purposes of the legitimate interests pursued by us or by a third party.
5.4 A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests. Our legitimate interests are those indicated with a “*” above, and we consider that we have implemented sufficient checks and protections to ensure that your rights and interests are not unreasonably intruded on. *However, you can object to processing on any of these bases at any time and, if you do so, we will stop processing the personal data unless we can show compelling legitimate grounds which override your rights and interests, or we need the data to establish, exercise or defend legal claims – see the paragraph “Your rights” below.
6. Who may use your information?
6.1 We may disclose your personal data to enforce our policies, to comply with our legal obligations or in the interests of security, public interest or law enforcement in any country where we have entities or affiliates. For example, we may respond to a request by a law enforcement agency or regulatory or governmental authority. We may also disclose data in connection with actual or proposed litigation, or to protect our property, security, people and other rights or interests.
6.2 We share your information with third parties who help deliver our products and services to you. Examples include hosting our web servers, analysing data, providing marketing assistance, and providing Customer Service. These companies will have access to your personal information as necessary to perform their functions, but they may not use that data for any other purpose.
6.4 You may have accessed our Site through a hyperlink from a third party website. If so, you consent to your personal details and purchase information, including behavioural patterns, being shared with that third party in accordance with our contractual relationship with them.
6.6 Please remember that when you share information publicly on the Site, for example a comment on a blog post, it may be indexable by search engines, including Google, which may mean that the information is made public.
7. Third party links and services
7.1 The Site may contain links to third parties’ websites. We are not responsible for the privacy practices or the content of those websites. Therefore, please read carefully any privacy policies on those links or websites before either agreeing to their terms or using those websites.
7.3 If you have asked us to share data with third party sites (such as social media sites), their servers may not be secure.
7.4 Note that, despite the measures taken by us and the third parties we engage, the internet is not secure. As a result others may nevertheless unlawfully intercept or access private transmissions or data.
8. How do we protect your information?
8.1 We take what we consider to be appropriate technical and organisational measures designed to reduce the risk of unauthorised or unlawful processing of your personal data and accidental loss or destruction of, or damage to, your personal data. While no system is completely secure, we believe the measures implemented by the Site reduce our vulnerability to security problems to a level appropriate to the type of data involved. However, it remains your responsibility: where you are a registered user with ‘My Account’ for the Site: to log off or exit from the Site when not using it; to ensure no-one else uses the Site while your device is logged on to the Site (including by logging on to your device through a mobile, Wi-Fi or shared access connection you are using); to keep your password or other access information secret. Your password and log in details are personal to you and should not be given to anyone else or used to provide shared access for example over a network. You should use a password which is unique to your use of the Site – do not use the same password as you use for another site or email account; and, to maintain good internet security. For example, if your email account or Facebook account is compromised this could allow access to your account with us if you have given us those details and/or permitted access through those accounts. If your email account is compromised it could be used to ask us to reset a password and gain access to your account with us. You should keep all of your account details secure. If you think that any of your accounts has been compromised you should change your account credentials with us, and in particular make sure any compromised account does not allow access to your account with us. You should also tell us as soon as you can so that we can try to help you keep your account secure and if necessary warn anyone else who could be affected.
9. Where is your information processed?
10. Marketing communications
10.1 If you have given permission, we may contact you by mail, telephone, SMS, text/picture/video message, social media and email about products, services, promotions and special offers that may be of interest to you. If you prefer not to receive any direct marketing communications from us, you can opt out at any time. See further 'Your rights', below.
11. How long do we keep your information?
12. Your rights
12.1 In some countries you may have the right to gain access, correct, update, restrict, delete, be forgotten, or object to the processing of, or request data portability of the personal data collected about you subject to some exceptions and conditions. You can find out more about these rights in the EU by reading the General Data Protection Regulation.
12.2 If you wish to inquire about any of those rights or would like to submit a request then please send us your request by any of the following ways: write to our Customer Service; or, write a letter to us and post it to 7-11 Woodcote Road, Wallington, Surrey, SM6 0LH, UK or contact us through email@example.com
12.3 We may charge a small fee depending on your request where that is permitted by law. We will take all reasonable steps to delete your personal data from our system(s) on receiving a valid request, unless restricted by law. We may keep a copy for as long as is necessary in our opinion, in compliance with applicable laws and regulations. We will respond to any of your above-mentioned requests within one month but we reserve the right to verify your identity before dealing with your request.
12.4 You may also have the right to lodge a complaint with a data protection regulator, which you may lodge with the Information Commissioner’s Office (ICO), as the EU lead supervisory authority for Badé. The ICO’s contact details are as follows: 7-11 Woodcote Road, Wallington, Surrey, SM6 0LH
12.5 If your complaint is about the processing activities of Extraless, then their lead supervisory authority is the Italian Data Protection Authority and you can contact them as follow: Postal Address 7-11 Woodcote Road, Wallington, Surrey, SM6 0LH