Security and Privacy Guarantee
The Company Pure Fragrance and Cosmetics, Ltd, ID: 03567885, Based in Czech republic, 1301/2 Machova street, Brno, ZIP: 612 00 (“Notino”), the operator of the webstore www.notino.co.uk, declares that all personal data (hereinafter also referred to as “data”) is treated as strictly confidential and is handled in accordance with applicable legal provisions in the area of personal data protection.
The security of your personal data is our priority. We therefore pay due attention to personal data and its protection. In the Personal Data Processing Policy (the “Policy”), we would like to inform you about how we collect personal data about you and how we then use it.
1. Personal data and its processing
1.1. Personal data categories
We collect various types of data, depending on which of our services you are using.
If you shop with us, we collect your:
- Name and contact details. First name and surname, email address, delivery address, billing address, phone number, bank details
- Demographic data. Data about gender, date of birth, country and preferred language.
- Data as a result of the duration of the agreement – products bought, customer segment, volume of services provided
If you are a member of the VIP Club, we collect:
- Name and contact details. First name and surname, email address, delivery address, billing address, phone number, bank details.
- Demographic data. Data about gender, country and preferred language, date of birth.
- Login details. Login names and passwords. We have no access to the actual password.
If you are on our marketing mailing list, we collect:
- Name and contact details – email address and first name. Telephone number if you are a member of a VIP club.
- Demographic details – country, gender.
We also process the following personal data:
- Data from communication between Notino and the customer
- CCTV footage from Notino stores and premises
- Behavioural records for websites operated by Notino
1.2. Purpose of processing personal data:
- Provision of services and their improvement. In order to provide the services offered and improve them to your satisfaction, we process your personal data. This means specifically:
- Processing orders for products or services, ordered via our website, mobile application or customer hotline. The legal reason is the need to fulfil the purchase agreement or the VIP Club Agreement and, for selected data, to meet legal obligations (e.g. accounting documents).
- Notification of the availability of products. If you ask to monitor the availability of products, we will process your personal data on the basis of your consent.
- Customer support. To provide customer service and prevent any problems when fulfilling a purchase agreement or VIP Club Agreement, we will process your personal data on the basis of the necessary fulfilment of these agreements.
- Communication. We use the data that is collected to communicate with you and to adapt it for each individual. For example, we may contact you by phone, email or through the app or some other format to remind you that you have products in your online basket, to help you complete your order, give you the current status of your request, order or return or get more information from you about it, or notify you that you need to take action to keep your account active. If you are a member of the VIP Club, we will process data for this purpose to fulfil the VIP Club Agreement. If you shop with us as a non-member, we process this data for the purpose of fulfilling the purchase agreement or implementing the measures adopted before the conclusion of the agreement.
- Improving services. We use data to continuously improve our services and systems, including adding new features, and also to make informed decisions through the use of pooled analysis and business intelligence, all on the basis of our legitimate interest derived from the freedom of business and on the basis of the need to improve the services provided for competitive success. To ensure the adequate protection of your rights and interests, we use personal data in an anonymised form for the purpose of making improvements to our services.
- Protection, security and dispute resolution. We may also process data out of legitimate interest, to ensure the protection and security of our systems and customers, detect and prevent fraud, resolve disputes and enforce our agreements on the basis of legitimate interest.
- CCTV footage. Notino places CCTV cameras in its stores and on its premises to protect its legitimate interests. Premises where cameras are located always have a warning sign.
- Marketing offers.
- Commercial communication
- We send you commercial communications about similar products to those you have purchased.
- You can always decline commercial communications via the unsubscribe link found in every email.
- If you unsubscribe from commercial communications, we will stop using your electronic contact information for this purpose. We will start using it again if you register or request it specifically.
- The marketing offers you see may be chosen on the basis of other information we have gathered about you over time according to contact details, demographic data, favourites and data about using our products and websites (cookies, IP address, data provided by your browser, click data, commercial communications displayed, products visited). We do not have fully automated processing which would have a legal impact on you.
- If you are a member of the VIP Club, we will process data for this purpose to fulfil the VIP Club Agreement. If you shop with us as a non-member, we process this data because of legitimate interest, which belongs in the sphere of legitimate conventional marketing.
- If you are not our customer, we will process your data on the basis of your consent.
- You have the right to raise an objection to the processing at any time free of charge. Contact details are provided at the end of this document.
- Commercial communication
- Processing of cookies from websites operated by Notino
- If you have permitted cookies on your web browser, we will process records of behaviour from the cookies located on the websites operated by Notino to ensure better operation of the Notino website and for internet advertising by Notino. More information can be found in a separate chapter of this document. You consent with cookies through browser settings.
1.3. Transfer of personal data to third parties
Your personal information will be passed on to third parties or otherwise arranged only if it is necessary to fulfil a purchase agreement or VIP Club Agreement, is based on legitimate interest, because of the need to outsource, or if you have given your consent to this in advance, as follows:
- a) to affiliated companies and processors based on fulfilment of the purchase agreement or the VIP Club Agreement to perform internal processes and procedures;
- b) to companies issuing credit cards, to providers of payment services to process payments and to banks on the basis of your order, to fulfil a purchase agreement;
- c) to carriers to deliver your order or services and to resolve complaints, including withdrawal from an agreement;
- d) to our partners, in loyalty schemes that you join;
- e) to other service providers and third parties involved in data processing;
- f) to third parties, e.g. legal or financial representatives or courts, for the purpose of the processing of tax documents, recovery of debts or for other reasons ensuing from the fulfilment of our legal obligations;
- g) public authorities (e.g. the police);
- h) third parties carrying out surveys among customers.
If a third party uses data in connection with their legitimate interests, the controller is not liable for this processing. This processing is governed by the personal data processing policy of the relevant companies and individuals.
2. The customer account and purchasing without registering
- a) As part of your entering into a VIP Club Agreement, we will open a customer account for you which is password-protected. As part of the customer account, you will get direct access to your data, including editing, and you can view your data about both completed and incomplete orders and edit your newsletter preferences. You can also manage your personal data and newsletter preferences via the customer account.
- b) The VIP Club, where we offer you a range of benefits, is included in the customer account. For more information, refer to the relevant terms and conditions.
- c) If you do not wish to set up a customer account to make a purchase, you can also shop without registering in our webstore, i.e. as a non-member.
- d) You have the right to terminate the VIP Club Agreement in accordance with the relevant terms and conditions.
3. Personal data security and retention period
3.1. Personal data security
- a) Your personal data is transmitted to us in encrypted form. We use the SSL (secure socket layer) technology. We secure our websites and other systems using technical and organisational measures against the loss and destruction of your data, unauthorised access to your data or its modification or dissemination.
- b) We require our processors to prove compliance of their systems with the GDPR.
- c) Access to your customer account is only possible after entering your personal password. In this context, we would like to draw your attention to the fact that you must not share your access data with third parties and after finishing your activity in your customer account, always close the window of your web browser, especially if you are using a public computer. Notino is not liable for the misuse of passwords used, unless caused directly by Notino.
3.2. Duration of processing
We process and store personal data
- for the period necessary to ensure all rights and obligations arising from the purchase agreement, i.e. for the duration of the order and warranty period
- for the duration of a VIP Club Agreement
- one year after the end of the warranty period to resolve potential disputes
- for the period in which Notino is obliged as the controller to store it in accordance with generally binding legislation. Accounting documents, such as invoices issued by Notino, are archived according to law for 10 years from being issued.
- Consent to being notified about the availability of products remains valid until the information about availability is sent, but for a maximum of one year, or until consent is withdrawn.
- Consent to marketing offers is valid for four years or until it is withdrawn.
- CCTV footage from the Notino stores and the company, as well as the areas around the Notino buildings, is processed for a maximum period of 90 days from the date of the acquisition of the CCTV footage.
- Review 6 years
- We help the 10 years
- Communication 2 years
- Competitions 1 year
In other cases, the processing of data arises from the purpose of the processing or is determined by data protection legislation.
4. Rights of data subjects
- a) If we process your personal data, you may request free information about the processing of your personal data at any time.
- b) If you believe that we are processing your personal data in a manner contrary to the protection of your personal data and legal conditions for the protection of personal data, you may ask for an explanation and ask for us to remedy the situation that has arisen and, in particular, you may ask for corrections or supplementations to be made, the disposal of your personal data, or the blocking of your personal data.
- c) If you want to exercise your rights, contact the data protection officer at the e-mail address firstname.lastname@example.org. You can also contact the Information Commissioner's Office.
- d) You may withdraw your consent to the processing of your personal data at any time. If you withdraw your consent to the processing of your personal data, your personal data will be deleted or anonymised; however, this does not apply to the personal data Notino needs to fulfil its statutory obligations (e.g. handling orders already submitted) or to protect its legitimate interests. Personal data is also disposed of if the personal data is not necessary for the designated purpose or if the storage of your data is not permissible for other reasons as specified by the law.
5. The website
- for the shopping basket to work correctly, so that you can complete your order as simply as possible
- to remember your login details, so you don't have to enter them repeatedly
- to adapt our site to your needs in the best possible way by monitoring visits, your movement on the site and the functions used
- to discover information about advertisements you have browsed so that we do not show you advertising for products you are not interested in
Some cookies may collect information which is then used by third parties and which, for example, directly support our advertising activities (i.e. third-party cookies). For example, information about products purchased on our website may be displayed by an advertising agency as part of the display and customisation of web banner advertisements on your selected website. However, you cannot be identified by this data.
The cookies used on our website can be divided into two basic types. Session cookies are deleted as soon as your visit to our website ends.Persistent cookies remain stored on your device far longer or until you remove them manually (the period for which a cookie is left on your device depends on the cookie’s own settings and your browser settings).
Cookies can also be divided by functionality into:
- analytical, which help us improve the user experience of our website by understanding how people use it
- conversion, which help us analyse the performance of various sales channels
- tracking, which, combined with conversion cookies, help us analyse the performance of various sales channels
- remarketing, which we use to personalise the content of ads and their correct targeting
- essential, which are important for basic website functionality
5.3. Rejecting cookies
Settings for cookies are part of your browser. By default, most browsers automatically accept cookies. You can also reject or restrict cookies to the ones you select by using your web browser.
Information about browsers and how to set cookie preferences can be found on the websites below or in other internet browser documentation
An effective tool for managing cookies is also available on the website http://www.youronlinechoices.com/uk/
Our website contains links to other websites which are practical and contain information. Please note that these sites may be owned and operated by other companies and organisations and have different security and personal data protection policies. Our company has no control over, and nor does it bear any liability for, any information, material, products or services contained on or accessible via these websites.
6. Contact us
If you have any questions, comments or requests regarding this Policy, please do not hesitate to contact us at the address or customer hotline listed in the footer of this Policy.
Data protection officer: email@example.com
Contact: Pure Fragrance and Cosmetics, Ltd,
1301/2 Machova street, Brno, Czech republic
ZIP: 612 00
Customer service: 02 03 769 2779 or firstname.lastname@example.org
7. Entry into force
This Personal Data Protection Policy is valid from 25 May 2018.