10. PRIVACY

10.1 We only use your personal information in accordance with our Privacy Policy. Please take the time to read this.

10.2 Lylie’s is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this privacy statement.

10.3 What information do we collect? Lylie’s collects information from you when you place an order. 
When ordering, as appropriate, you may be asked to enter your: name, e-mail address, mailing address, phone number, birthdate or credit card information. You may, however, visit our site anonymously.

10.4 What do we use your information for? Any of the information Lylie’s collects from you may be used in one of the following ways: 

10.4.1To process transactions.Your information, whether public or private, will not be sold, exchanged, transferred, or given to any other company for any reason whatsoever, without your consent, other than for the express purpose of delivering the purchased product or service requested.

10.4.2 To send periodic emails. The email address you provide for order processing, may be used to send you information and updates pertaining to your order, in addition to receiving occasional company news, updates, marketing material, related product or service information, etc.

10.5 How do we protect your information? Lylie’s implement a variety of security measures to maintain the safety of your personal information when you place an order.In order to prevent unauthorised access or disclosure, Lylie’s have put in place suitable physical and electronic procedures to safeguard and secure the information we collect online. 

Lylie’s offer the use of a secure server. All supplied sensitive/credit information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into our Database to be only accessed by those authorized with special access rights to our systems, and are required to keep the information confidential. After a transaction, your private information (credit cards, social security numbers, financials, etc.) will not be stored on our servers.

10.6 Lylie's uses Cookies (small files that a site or its service provider transfers to your computers hard drive through your Web browser (if you allow) that enables the sites or service providers systems to recognize your browser and capture and remember certain information). We use cookies to help us remember and process the items in your shopping cart and understand and save your preferences for future visits.

10.7 Lylie’s do not sell, trade, or otherwise transfer to outside parties your personally identifiable information. This does not include trusted third parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. Lylie’s may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others rights, property, or safety.

10.8 Online Privacy Policy Only. This online privacy policy applies only to information collected through our website and not to information collected offline. By using our site, you consent to our websites privacy policy.

10.9 Our data collection and storage is governed by the rules of the UK Data Protection Act 1998.

Additional information added 24.05.18

Protecting your data, privacy and personal information is very important to Lylie’s Ltd(" us", " our" or " we"). It is vitally important to us that our customers feel secure when using the Services.

This policy (together with our terms of use at https://lylies.com/pages/terms-conditions and any other documents referred to in it), sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by Lylie’s Ltd. Please read this privacy policy carefully to understand the types of information we collect from you, how we use that information, the circumstances under which we will share it with third parties, and your rights in relation to the personal data you provide to us.

When visiting Lylie’s Ltd’s website at https://www.lylies.com (our " Website"), using our application (our " App") or using any of the services offered via the Website (the " Services"), you will be asked to indicate your acknowledgment of, and where applicable your consent to, the practices described in this policy.

Our Website contain links to third party websites. If you follow a link to any of those third party websites, please note that they have their own privacy policies and that we do not accept any responsibility or liability for their policies or processing of your personal information. Please check these policies before you submit any personal information to such third party websites.

Information we may collect

We may collect and process the following data about you:

  • Information that you provide to us. You will be asked to provide us with your information when you:
    • fill in forms on our Website, or correspond with us by phone, email or otherwise;
    • register to use our Services, subscribe to our newsletter, promotional emails or other marketing materials;
    • use the Services;
    • report a problem with our Services; or
    • complete any surveys we ask you to fill in that we use for research purposes (although you do not have to respond to these if you do not want to).

The information you will be asked to provide to us for these purposes will include your first name, surname, email address, phone number, delivery address, or further information required to verify your identity.

  • Information we collect about you. With regard to each of your visits to our Website or our App we may automatically collect the following information; however, this information cannot be used to identify you:
    • device-specific information, such as your hardware model, operating system version, unique device identifiers, and mobile network information;
    • technical information about your computer, including where available, your IP address, operating system and browser type, for system administration and analytical purposes;
    • details of your visits to our Website and App, including the full Uniform Resource Locators (URL) clickstream to, through and from our Website and App (including date and time), length of visits to certain pages, and page interaction information (such as scrolling, clicks, and mouse-overs); and
    • information showing us from which app store you downloaded our App.
  • Information we receive from other sources. When using our Services, we will be in contact with third parties who may provide us with certain information about you in order to enable your use of the Services.

For the avoidance of any doubt, any reference in this privacy policy to your data shall include data about other individuals that you have provided us with.

How we use your information and justification of use.

Use of personal information under EU data protection laws must be justified under one of a number of legal "grounds" and we are required to set out the ground in respect of each use of your personal data in this policy. These are the principal grounds that justify our use of your information:

  • Consent : where you have consented to our use of your information (you are providing explicit, informed, freely given consent, in relation to any such use and may withdraw your consent in the circumstance detailed below by notifying us);
  • Contract performance : where your information is necessary to enter into or perform our contract with you;
  • Legal obligation : where we need to use your information to comply with our legal obligations;
  • Legitimate interests : where we use your information to achieve a legitimate interest and our reasons for using it outweigh any prejudice to your data protection rights; and
  • Legal claims : where your information if necessary for us to defend, prosecute or make a claim against you or a third party.

We use information held about you (and information about others that you have provided us with) in the following ways:

Types of Information Collected

Uses of that Information

Use Justification

Email address, first name, surname, home address

To provide you with access to our Website, App and any other information which you request from us, and to use our Services.

Contract performance.

Email address, first name, surname, home address, product choices and customization, phone call recordings and Website chat history

To provide you with the Services.

Contract performance.

Email address, first name, surname

For marketing our own products and services that we believe will be of interest to you.

Legitimate interest (for marketing our own similar products and services and any re-engagement campaigns).

Email address, first name, surname, home address, product choices and customization, phone call recordings and Website chat history

To identify more appropriate products and services to market to you.

Legitimate interest (to tailor our services appropriately). No marketing of third party products or services will be conducted without your consent.

Email address, first name, surname, home address, product choices and customization, phone call recordings and Website chat history

To administer our Services and for internal operations, including research, data analysis and data statistics, and to create derived, anonymised and aggregated data to improve our Services.

Legitimate interest (to administer and improve our Services).

Email address

To notify you about changes to our Services.

Contract performance, legitimate interests (to update our Services from time to time).

We will not sell your personal data (or any other data you provide us with) to third-parties, however, we reserve the right to share any data, which has been anonymised and/or aggregated. You acknowledge and accept that we own all right, title and interest in and to any derived data or aggregated and/or anonymised data collected or created by us.

Marketing

We may use information for marketing products and services to you in the following ways:

Type of marketing activity

Use Justification

Newsletters and marketing emails relating to our own similar services and products. Where required by law, we will ask for your consent at the time we collect your data to conduct any of these types of marketing.

Legitimate interest (to market our products and services - you have the right to unsubscribe at any time).

We will provide an option to unsubscribe or opt-out of further communication on any electronic marketing communication sent to you or you may opt out by contacting us.

Where we store your personal information

The personal data that we collect from you (including email addresses that form part of our prospective marketing database) is processed in the European Economic Area ("EEA"). This data may however be processed by staff operating outside of the EEA who work for us or for one of our business partners or service providers. Countries outside the EEA may not provide the same level of adequate protection for the rights and freedoms of data subjects in relation to the processing of personal data. In countries which do not provide appropriate safeguards, we shall transfer your data subject only to your consent except for transfers to and from: (i) any country with a valid adequacy decision from the European Commission; (ii) any country with which we have ensured similar levels of safeguards have contractually been put in place (this may include entering into standard contractual clauses); or (ii) any organization, including any of our sub-processors, which ensures an adequate level of protection in accordance with applicable data protection laws.

Your passwords are stored on Lylie’s Ltd servers in encrypted form. We do not disclose your account details. It is your responsibility to keep your password secure. Unfortunately, the transmission of information via the internet is not completely secure. Although Lylie’s Ltd will do its best to protect your personal data, we cannot guarantee the security of your data transmitted to our Website, any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent any unauthorised access.

Please contact us if you would like further details on the specific safeguards applied to the export of your personal information outside EEA.

Disclosure of your information

We may also disclose your personal information to third parties in the following circumstances:

Purpose of disclosure and third party(s) to which disclosure might be made

Use Justification

We may disclose your personal information to our service providers and business partners, including our manufacturers (to assist us in performing any contract we enter into with them or you, including providing the Website and the Services it enables), analytics providers, (to assist us in the improvement and optimisation of the Website) and/or a member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006. A list of such third parties can be reviewed at [LINK].

Contract performance, legitimate interest, (to allow our service providers to provide the necessary services).

If we sell or buy any business or assets, we may disclose your personal information to the prospective seller or buyer of such business or assets.

Legitimate interest (to sell our business or assets); and where required by applicable law, consent (for sensitive personal data).

If Lylie’s Ltd or substantially all of its assets are acquired by a third party, personal information about our customers will be one of the transferred assets.

Legitimate interest (to sell our Company or assets); and where required by applicable law, consent (for sensitive personal data).

If we are under a duty to disclose or share your personal data in order to comply with any legal obligation or to protect the rights, property, or safety of Lylie’s Ltd, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection.

Legal obligation, vital interest.

Fraud Prevention and other checks. We and other organisations may also access and use your personal information to conduct credit checks and checks to prevent fraud. If false or accurate information is provided and fraud is identified or suspected, details may be passed to fraud prevent agencies.

Legitimate interest (to assist with the prevention of fraud and to assess your risk profile).

We may disclose your personal information to third parties, the court service and/or regulators or law enforcement agencies in connection with proceedings or investigations anywhere in the world where compelled to do so. Where permitted, we will direct any such request to you or notify you before responding unless to do so would prejudice the prevention or detection of a crime.

Legal obligation (to cooperate with law enforcement and regulatory authorities).

How long we retain your personal data

We will hold the above information for as long as is necessary in order to provide you with the Services, deal with any specific issues that may raise, or otherwise as is required by law or any relevant regulatory body. Once your account is terminated or deactivated, we shall delete the personal data relating to your account within 30 days. If your account is inactive for 18 months, we may contact you to assess whether you want to continue to use the Services. Some personal data may need to be retained for longer than this to ensure Lylie’s Ltd can comply with applicable laws and internal compliance procedures, including retaining your email address for marketing communication suppression if you have opted not to receive any further marketing.

We restrict access to your personal information to those persons who need to use it for the relevant purpose(s). Our retention periods are based on business needs and your information that is no longer needed is either irreversibly anonymized (and the anonymized information may be retained) or securely destroyed.

Your rights

Under the General Data Protection Regulation (EU) 2017/676, you have various rights in relation to your personal data. All of these rights can be exercised by contacting us at enquiries@lylies.com

You have the following rights in relation to your personal data:

Right

Details

Right of Access

The data subject shall have the right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, a copy of the personal data undergoing processing.

Right to Rectification

We will use reasonable endeavors to ensure that your personal information is accurate. In order to assist us with this, you should notify us of any changes to the personal information that you have provided to us by sending us a request to rectify your personal data where you believe the personal data we have is inaccurate or incomplete.

Right to erasure / 'Right to be forgotten'

Asking us to delete all of your personal data will result in Lylie’s Ltd deleting your personal data without undue delay (unless there is a legitimate and legal reason why Lylie’s Ltd is unable to delete certain of your personal data, in which case we will inform you of this in writing).

Right to restriction of processing

You have the right to ask us to stop processing your personal data at any time.

Right to data portability

You have the right to request that Lylie’s Ltd provides you with a copy of all of your personal data and to transmit your personal data to another data controller in a structured, commonly used and machine-readable format, where it is technically feasible for us to do so.

Right to complain

You have the right to lodge a complaint to a supervisory authority such as the Information Commissioner's Office in the UK (see [www.ico.org.uk](http://www.ico.org.uk)). Although we encourage our customers to engage with us in the event they have any concerns or complaints.

Lylie’s Ltd will not ordinarily charge you in respect of any requests we receive to exercise any of your rights detailed above; however, if you make excessive, repetitive or manifestly unfounded requests, we may charge you an administration fee in order to process such requests or refuse to act on such requests. Where we are required to provide a copy of the personal data undergoing processing this will be free of charge; however, any further copies requested may be subject to reasonable fees based on administrative costs.

Asking us to stop processing your personal data or deleting your personal data will likely mean that you are no longer able to use Lylie’s Ltd’s Services, or at least those aspects of the Services which require the processing of the types of personal data you have asked us to delete, which may result in you no longer being able to use the Services.

Where you request Lylie’s Ltd to rectify or erase your personal data or restrict any processing of such personal data, Lylie’s Ltd may notify third parties to whom such personal data has been disclosed of such request.

Changes to this policy

Any changes we make to our privacy policy in the future will be posted on this page, and where appropriate, notified to you by email or notifications via the App. We therefore encourage you to review it from time to time to stay informed of how we are processing your information.

Contact

Questions, comments and requests regarding this privacy policy are welcome and should be addressed to enquiries@lylies.com

For the purpose of the relevant data protection legislation, the data controller is Lylie’s Ltd (company no. 10738265) with registered address at 14 Westminster Palace Gardens, Artillery Row, London, SW1P 1RL.

Our data compliance officer is Eliza Walter (eliza@lylies.com)

Cookies

Lylie’s Ltd uses cookies to distinguish you from other users. This helps us provide you with a good experience when you use our Website, and also allows us to improve our Services. Please note that it is possible to disable cookies being stored on your computer by changing your browser settings. However, our Website may not perform properly or some features may not be available to you if you disable cookies.

Send me love letters