Privacy Policy
PRIVACY POLICY
Your privacy is important to us and we are committed to compliance of privacy in accordance with General Data Protection Regulation and the Data Protection Act 2018. This Privacy Policy applies between you, the user of this Website, and Onesta Clothing Ltd.
Our Privacy Policy applies to our use of any and all data collected by us or provided by you when you use our site and describes how we safely and securely handle and store this data. This policy should be read alongside, and in addition to, our Terms and Conditions, which can be found at: onesta.uk/termsandconditions.
Please read this privacy policy carefully.
Onesta Clothing Ltd, a company incorporated in England and Wales with registered number 12653440 whose registered office is at 4 Clos Pen y Fai, Llanelli, Carmarthenshire, SA15 4EJ and can be reached at gdpr@onesta.uk.
The Onesta website and any other means of collecting personal data are controlled by Onesta Clothing Limited (Ltd), hereinafter referred to as we, us or our.
Definitions
In this privacy policy, the following definitions are used:
-
Data – collectively all information that you submit to Onesta Clothing Ltd via the Website. This definition incorporates, where applicable, the definitions provided in the Data Protection Laws;
-
Cookies –small pieces of data stored on your browser when you visit a site. They are typically used to keep track of the settings users have selected and actions they have taken on a site. Details of the cookies used by this Website are set out in the clause below (Cookies);
-
Data Protection Laws – any applicable law relating to the processing of personal Data, including but not limited to the Directive 96/46/EC (Data Protection Directive) or the GDPR, and any national implementing laws, regulations and secondary legislation, for as long as the GDPR is effective in the UK;
-
GDPR – the General Data Protection Regulation (EU) 2016/679;
-
UK and EU Cookie Law – the Privacy and Electronic Communications (EC Directive) Regulations 2003 as amended by the Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011;
-
User or you – any third party that accesses the Website and is not either (i) employed by Onesta Clothing Ltd and acting in the course of their employment or (ii) engaged as a consultant or otherwise providing services to Onesta Clothing Ltd and accessing the Website in connection with the provision of such services; and
-
Website – the website the website that you are currently using, onesta.uk, and any sub-domains of this site unless expressly excluded by their own terms and conditions.
Scope of this privacy policy
This privacy policy applies only to the actions of Onesta Clothing Ltd and Users with respect to this Website. It does not extend to any websites that can be accessed from this Website including, but not limited to, any links we may provide to social media websites.
For purposes of the applicable Data Protection Laws, Onesta Clothing Ltd is the "data controller". This means that Onesta Clothing Ltd determines the purposes for which, and the manner in which, your Data is processed.
This Website may, from time to time, provide links to other websites. We have no control over such websites and are not responsible for the content of these websites. This privacy policy does not extend to your use of such websites. You are advised to read the privacy policy or statement of other websites prior to using them.
The type of Data we collect
We may collect and process the following information, which includes personal Data, from you:
-
personal identifiers, contacts and characteristics, such as name, gender, contact details including postal address, date of birth;
-
shopping preferences, interests and sizes;
-
financial information such as credit / debit card numbers;
-
online identifiers such as IP address, web browser type and version, operating system, a list of URLs starting with a referring site, your activity on this Website, and the site you exit to (automatically collected), information on how you browse the Site, and date and time stamps all of which are automatically collected;
-
employee data such as reviews, appraisals and financials.
in each case, in accordance with this privacy policy.
How we collect Data
Most of the personal information we process is provided to us directly by you:
-
when you contact us through the Website, by telephone, post, e-mail or through any other means;
-
when you register with us and set up an account to receive our products/services;
-
when you enter a competition or promotion through a social media channel;
-
when you make payments to us, through this Website or otherwise;
-
when you elect to receive marketing communications from us;
-
when you use our services.
in each case, in accordance with this privacy policy.
We also receive personal information indirectly, from the following sources in the following scenarios:
-
we automatically collect some information about your visit to the Website (this information helps us to make improvements to Website content and navigation, and includes your IP address, the date, times and frequency with which you access the Website and the way you use and interact with its content);
-
we will collect your Data automatically via cookies, in line with the cookie settings on your browser (for more information about cookies, and how we use them on the Website, see the section below, headed "Cookies");
in each case, in accordance with this privacy policy.
Why we have your Data
We use the information that you have given us for the following reasons:
-
internal record keeping;
-
improvement of our products;
-
transmission by email of marketing materials that may be of interest to you;
-
contact for market research purposes which may be done using email, telephone or mail. Such information may be used to customize or update the Website;
-
to process and fulfil your order(s) including communicating with you about your order;
in each case, in accordance with this privacy policy.
We may share this information with:
-
our employees and/or professional advisors – to provide you with the best possible customer service; to process and deliver your order; to inform you of any updates relating to your order; to request feedback and provide you with information about your products and services that may be of interest to you and any special offers, competitions and promotions;
-
third party service providers who provide services to us which require the processing of personal data – to deliver your order via our courier company; in certain circumstances, we may need to disclose your information to a legal third party in the detection or prevention of fraudulent activity;
-
third party payment providers who process payments made over the Website - to enable third party payment providers to process user payments and refunds;
in each case, in accordance with this privacy policy.
Under the General Data Protection Regulation (GDPR), the lawful basis we rely on for processing this information are:
-
Your consent – you are able to remove your consent at any time. You can do this by contacting gdpr@onesta.uk;
-
We have a legitimate interest.
How we store your personal Data
Our company is hosted on the Wix.com platform. Wix.com provides us with the online platform that allows us to sell our products to you. Your data may be stored through Wix.com’s data storage, databases and the general Wix.com applications. They store your data on secure servers behind a firewall.
All direct payment gateways offered by Wix.com and used by our company adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers. We use a PCI-DSS, GDPR-compliant third-party payment processor, Stripe, to collect payment for all orders, allowing us to sell our products to you.
Data Security
We have put in place technical and organisational measures to keep your data safe and to deal with any suspected data breach. If you suspect any misuse or loss or unauthorised access to your Data, please let us know immediately by contacting us at gdpr@onesta.uk.
Data Retention
Unless a longer retention period is required or permitted by law, we will only hold your Data on our systems for the period necessary to fulfil the purposes outlined below or until you request that the Data be deleted.
-
We keep your personal identifiers for as long as you have a registered account* and/or are subscribed to our mailing list. We will then dispose your information in accordance with GDPR.
*If your account lies dormant for two (2) years or more, we will contact you via email to confirm if you wish to keep your account. If no response if given, we will assume you no longer wish to have the account.
-
We keep your shopping preferences, interests and sizes for as long as you have a registered account and/or are subscribed to our mailing list. When you delete your account, or if it is inactive for at least two (2) years, we will then dispose your information in accordance with GDPR.
-
We keep your financial information for as long as you have a registered account. When you delete your account, or if it is inactive for at least 2 years, we will then dispose your information in accordance with GDPR.
-
We keep your online identifiers for one month. We will then dispose your information in accordance with GDPR.
-
We keep your employee data for a period of up to 7 years from the end of employment, as required by law. We will then dispose your information in accordance with GDPR.
Even if we delete your Data, it may persist on backup or archival media for legal, tax or regulatory purposes.
It is important that the Data we hold about you is accurate and current. Please keep us informed if your Data changes during the period for which we hold it.
Your data protection rights
Under data protection law, you have rights including:
-
Your right of access – You have the right to ask us for copies of your personal information.
-
Your right to rectification – You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
-
Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances.
-
Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal information in certain circumstances.
-
Your right to object to processing – You have the the right to object to the processing of your personal information in certain circumstances.
-
Your right to data portability – You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you. If you wish to make a request, please contact us at:
Onesta Clothing Ltd
4 Clos Pen y Fai
Llanelli
Carmarthenshire
SA15 4EJ
How to complain
If you have any concerns about our use of your personal information, you can make a complaint to us at gdpr@onesta.uk.
If you do not find our response to your concern satisfactory, we would encourage you to contact ICO. The ICO’s address is:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk
Cookies
Cookies can be placed on our site by Google Analytics, Facebook Ads, or other third-party apps – we need to confirm which ones we are using and notify them here. You can check which cookies are used by each business solution, third-party app or third-party integration using Chrome's built-in cookie view. While in incognito mode, click the Secure icon next to the URL bar and then select Cookies.
Tip: Make sure you're viewing your site in incognito mode so that your browser doesn't detect irrelevant cookies.
This Website may place and access certain Cookies on your browser. We use a third-party website building platform that, in accordance with its own privacy policy, uses cookies to:
-
provide a great experience for visitors and customers;
-
identify our registered members (users who registered to our site);
-
monitor and analyse the performance, operation and effectiveness of the platform;
-
ensure our platform is secure and safe to use;
Before the Website places Cookies on your computer, you will be presented with a message bar requesting your consent to set those Cookies. By giving your consent to the placing of Cookies, you are enabling the Website platform to provide a better experience and service to you. You may, if you wish, deny consent to the placing of Cookies; however certain features of the Website may not function fully or as intended.
This Website may place the following Cookies:
Strictly necessary cookies - These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website, use a shopping cart or make use of e-billing services.
Analytical/performance cookies - They allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
Functionality cookies - These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
You can choose to enable or disable Cookies in your internet browser. By default, most internet browsers accept cookies but this can be changed. For further details, please consult the help menu in your internet browser.
You can choose to delete Cookies at any time; however you may lose any information that enables you to access the Website more quickly and efficiently including, but not limited to, personalisation settings.
It is recommended that you ensure that your internet browser is up-to-date and that you consult the help and guidance provided by the developer of your internet browser if you are unsure about adjusting your privacy settings.
For more information generally on cookies, including how to disable them, please refer to https://www.allaboutcookies.org/. You will also find details on how to delete cookies from your computer.
The following links explain how to access cookie settings in various browsers:
To opt out of being tracked by Google Analytics across all websites, visit this link: http://tools.google.com/dlpage/gaoptout.
General
You may not transfer any of your rights under this privacy policy to any other person. We may transfer our rights under this privacy policy where we reasonably believe your rights will not be affected.
If any court or competent authority finds that any provision of this privacy policy (or part of any provision) is invalid, illegal or unenforceable, that provision or part-provision will, to the extent required, be deemed to be deleted, and the validity and enforceability of the other provisions of this privacy policy will not be affected.
Unless otherwise agreed, no delay, act or omission by a party in exercising any right or remedy will be deemed a waiver of that, or any other, right or remedy.
This Agreement will be governed by and interpreted according to the law of England and Wales. All disputes arising under the Agreement will be subject to the exclusive jurisdiction of the English and Welsh courts.
Changes to this privacy policy
Onesta Clothing Ltd reserves the right to change this privacy policy as we may deem necessary from time to time or as may be required by law. Any changes will be immediately posted on the Website and you are deemed to have accepted the terms of the privacy policy on your first use of the Website following the alterations.