The term "Personal Information" refers to personally identifiable information about you, such as your name, date of birth, e-mail address or mailing address, telephone number and payment details.
SECTION 1 – INFORMATION WE MAY COLLECT
We may collect and process the following Personal Information about you:
i. information you provide to us for the purpose of registering with us, including your name, e-mail address and postal address;
ii. information relating to transactions carried out between you and us on or in relation to this Website, including information relating to any purchases you make of our goods;
iii. information about your computer and about your visits to and use of our Website, including your IP address, login information, browser type, operating system, platform, geographical location, length of visit to certain pages and number of page views;
iv. any questions, suggestions and comments you send to us;
v. information about if you use any of the other websites we operate or the other services we provide; and
vi. information obtained through the completion of surveys that we use for research.
SECTION 2 - WHAT DO WE DO WITH YOUR INFORMATION?
We may use your Personal Information:
i. to administer the Website;
ii. to enable your use of the services available on the Website and to notify you about changes to our services;
iii. to supply you with any goods ordered on the Website;
iv. to carry out obligations arising from any contracts entered into between you and us; and
v. with your consent, to send you marketing communications to provide you with information about goods and services which may be of interest to you.
SECTION 3 - CONSENT
How do you get my consent?
We may also use your Personal Information to notify you of new products or services and special offers we think you may be interested in. However, you will only receive these communications where you consented to receive such communication either at the point of registration or at any point after. You can unsubscribe from such communications at any time by contacting us at email@example.com or at HelloSkin, Niels Hemmingsens Gade 1, DK 1153 Copenhagen. However, if you do unsubscribe you may miss out on some great offers.
SECTION 4 - DISCLOSURES
You understand and hereby consent that your Personal Information will be made accessible:
i. to LEO Pharma A/S and any other LEO Pharma Group company;
ii. to third parties providing technical support (e.g., SHOPIFY Inc., which provides hosting services);
iii. to third party service providers assisting LEO Pharma Group companies or to send communications to you;
v. to any governmental, administrative, judicial or regulatory authority to co-operate in proceedings, inquiries and investigations by such authorities or to comply with any legal or regulatory requirements.
You understand that these recipients may be located in countries outside of the European Economic Area (“EEA”), including in the United States of America, which may not have laws equivalent to data protection laws in the EEA.
SECTION 5 – SHOPIFY AND PAYMENT PROCESSING
Our Website is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you.
Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
For more insight, you may also want to read Shopify’s Terms of Service (https://www.shopify.com/legal/terms) or Privacy Statement (https://www.shopify.com/legal/privacy).
SECTION 6 - EXTERNAL LINKS
SECTION 7 - SECURITY
To prevent unauthorised access, maintain data accuracy, and ensure the correct use of information, we have put in place appropriate physical, electronic, and managerial procedures to safeguard and secure the information we collect online. [Note: the information you submit as part of product reviews may become public information and you should exercise caution when submitting reviews and consider carefully before disclosing Personal Information.]
If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
SECTION 8 - COOKIES
Here is a list of cookies that we use: i._session_id, unique token, sessional, Allows Shopify to store information about your session (referrer, landing page, etc).
ii._shopify_visit, no data held, Persistent for 30 minutes from the last visit, used by our Website provider’s internal stats tracker to record the number of visits
iii. _shopify_uniq, no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer.
cart, unique token, persistent for 2 weeks, Stores information about the contents of your cart.
iv._secure_session_id, unique token, sessional
storefront_digest, unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access.
“Persistent cookies” are more permanent bits of information that are stored and remain on your computer/phone until they are deleted by you. Persistent cookies delete themselves after a certain period of time but are renewed each time you visit the Website. This type of cookie stores information on your computer for a number of purposes; such as saving your passwords.
HelloSkin and our collaborating partners use the following cookies (i.e. third party cookies) over which we have no control:
Google Analytics cookies are deleted after 2 years.
SECTION 9 - AGE OF CONSENT
By using the Website, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use the Website.
SECTION 11 – YOUR RIGHTS AND RESPONSIBILITIES
You may request us or any third party instructed by us to:
i. provide you with information on the Personal Information that are being processed about you; the purposes of the processing; the categories of recipients of the data; and any available information as to the source of such data;
ii. correct, erase or block Personal Information we or any third party instructed by us hold about you if these turn out to be inaccurate or misleading; and
iii. at any time to withdraw the consent you have given with respect to our use of your Personal Information. If you have requested to receive information from us, e.g. newsletters etc., and do not wish to be receive further information, you can easily opt out of receiving further information from us by sending an email to address set out below.
If the Personal Information we or any third party instructed by us have about you changes please let us know as soon as possible so that we can keep our records up to date.
QUESTIONS AND CONTACT INFORMATION
The data controller responsible for this Website is LEO Pharma A/S.
If you would like to: exercise any of your data protection rights, register a complaint, or simply want more information contact us at firstname.lastname@example.org or at HelloSkin, Niels Hemmingsens Gade 1, 1153 Copenhagen DK