Effective Date: March 26, 2021
Personal Data We Collect and How We Use It
Depending on how you interact with our Services (through the Site, social media, online adverts, etc.), we collect different categories of Personal Data and use them in different ways, as we set out below:1. Information you provide to us when you interact with us
- Account information: such as your name, customer number, login ID, username, password, and/or security question and answer, and other registration information. Certain login information, such as your customer number, may be generated by us and then sent to you. We only collect (or create for you) unique login information for those activities that require an account. Your unique login information, especially your password, should always be kept confidential and should never be shared with anyone else.
- Personal contact information: This includes your name, home or postal address, phone number and email address. This could include information that you give us about someone else (for example, if you ask us to ship a product to someone else). We collect personal contact information in connection with account registration, product orders, customer service, registration to receive offers, discounts and marketing updates and customer feedback.
- Order and product information: This includes details of the products you have ordered and searched for on our Site, and the time, date of orders and searches. We use this information to send you (with your consent) promotional emails for products and offers tailored to your interests, to make personalised recommendations of products when you return to the Site, to advertise to you when you visit social media platforms like Facebook or other websites and to better understand our customers so we can improve our products and our users' experience of our Site.
- Demographic information and preferences: This includes any information that describes demographic characteristics and preferences, such as age, gender, preferences, interests, date of birth, age or age range, general geographic location (e.g., post code or city and state), favorite products, or lifestyle information. We use this information to send you promotional emails and communications to make personalised recommendations of products when you return to the Site, to advertise to you when you visit social media platforms like Facebook or other websites and to better understand our customers so we can improve our products and our customer's experience of our business both offline and online. We may also use this information to make our business more responsive to the interests of like-minded consumers. For example, we may aggregate your email address together with the email addresses of others who place orders on our Site, locally hash such data, and transmit the resulting hashed data to social media platforms like Facebook for the purpose of creating “Custom Audiences” (where targeted ads are sent to people on social media platforms like Facebook who have already been on our Site), and “Lookalike Audiences” (where targeted ads are sent to people on social media platforms like Facebook who have similar characteristics to people on our Custom Audience list). See “Online advertising” below for more detail.
- Your feedback: Examples include comments and suggestions, testimonials, or other feedback you send us about what you may have liked (or disliked) about your experience in using our products or services. We typically collect this information in the form of customer surveys, feedback forms, and email correspondence. We use your feedback to understand what our customers think of our products and the experience they have of us, to improve our products and the customer experience and – if you agree to - to discuss your feedback with you.
- User-generated content and posts: Any content that you create and then share with us (and perhaps others) by uploading it to one of our websites or applications, such as our Facebook fan pages or applications. Examples include photos, videos, personal stories, or other similar media or content.
- Payment and Transaction-related information: This includes any information that you use to make a purchase, such as your payment card details, gift card information, other forms of payment we make available. We only collect payment information for purchases. If you create an account with us, your payment information (along with your purchase history and other related preferences) may be stored under your account profile. We use this information to process your payments when you order products from us, to enable you to redeem or to give gift vouchers and to record your payment information for faster checkout if you choose to do that. Where we allow you to buy products from the Site, payments made on the Site are made through our payment gateway provider. You will be providing credit or debit card information directly to them, encrypting your credit/debit card information and authorising payment.
When you use the Site, we use various technologies (including cookies and pixel tags) to collect certain information about how you use the Site. We use this information to understand your preferences better so we can improve our Site and for security and anti-fraud purposes.
Cookies and similar technologies enable you to be remembered when using that computer or device to interact with websites and online services and can be used to manage a range of features and content as well as storing searches and presenting personalised content, and enable you to use your social media accounts in conjunction with the Site and enable us to advertise to you on our Site, social media platforms (like Facebook) and other sites and apps. For more details, see our Cookie Statement.
3. Online advertising
We work with social media platforms and digital advertising platforms to:
- Show you advertising for our products on other websites and social media platforms. For instance, if you show an interest or buy a product on our Site, we may advertise that or other products we think may be of interest and you may see them on other websites and on your Facebook or other social media feeds. To do this we will share information with our social medial and digital advertising partners about your age, gender and interests for instance so they can better understand what you are interested in. Our partners may also keep this information about you and use it to help other companies, unrelated to Ruggable, show you adverts online. You cannot be identified "in the real world" by any of this information. For more information about how to turn this feature off see below or visit http://www.youronlinechoices.eu.
4. Other uses
We use all of the information described above for the following general purposes:
- To protect against or deter fraudulent, illegal or harmful actions and maintain the safety, security and integrity of our Services.
- To comply with our legal or contractual obligations, resolve disputes, and enforce our Terms of Service.
- To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
We will not collect additional categories of Personal Data or use the Personal Data we collected for materially different, unrelated, or incompatible purposes without providing you notice.
As noted in the list above, we may communicate with you if you’ve provided us the means to do so. For example, if you’ve given us your email address, we may send you promotional email offers or email you about your use of the Services. Also, we may receive a confirmation when you open an email from us, which helps us improve our Services. If you do not want to receive marketing communications from us, please indicate your preference by emailing us at email@example.com.
How Personal Data May Be Disclosed
1. Your Personal Data (as listed above in Personal Data We Collect and How We Use It) may be disclosed with the following categories of third parties:
- to a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock.
- If we are under a duty to disclose or share your Personal Data in order to comply with any legal obligation, or in order to establish, exercise, defend, enforce or apply our terms of service or sale and other agreements or legal claims; investigate or prevent actual or suspected unlawful activity, loss or harm and to protect the rights, property, or safety of our customers, or others; or as otherwise required or permitted by law. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction and to prevent cybercrime.
- to third-party strategic partners with whom we may enter into a special relationship for promotional activities, where permitted by law.
- our online and email advertisers, social media partners or other third-party vendors we use who may provide Cookies or other similar technologies for use on our Site to manage and improve our online and email advertising campaigns.
Data Security and Retention
We seek to protect your Personal Data from unauthorized access, use and disclosure using appropriate physical, technical, organizational and administrative security measures based on the type of Personal Data and how we are processing that data. For example, the Site uses industry standard Secure Sockets Layer (SSL) technology to allow for the encryption of Personal Data you provide to us. You should also help protect your data by appropriately selecting and protecting your password and/or other sign-on mechanism; limiting access to your computer or device and browser; and signing off after you have finished accessing your account.
We retain Personal Data about you for as long as necessary to provide you with our Services. In some cases, we retain Personal Data for longer, if doing so is necessary to comply with our legal obligations, resolve disputes or collect fees owed, or is otherwise permitted or required by applicable law, rule or regulation. We may further retain information in an anonymous or aggregated form where that information would not identify you personally.
Personal Data of Children
As noted in the Terms of Service, we do not knowingly collect or solicit Personal Data from children under 18; if you are a child under 18, please do not attempt to register for or otherwise use the Services or send us any Personal Data. If we learn we have collected Personal Data from a child under 18, we will delete that information as quickly as possible. If you believe that a child under 18 may have provided us Personal Data, please contact us at firstname.lastname@example.org.
Data Subject Rights
Lawful basis under GDPR
We will only process your Personal Data if we have a lawful basis under the GDPR for doing so. Lawful bases for processing include consent, contractual necessity and our “legitimate interests” or the legitimate interest of others, as further described below.
- Contractual Necessity: We process Personal Data in the form of your name, address(es), order details, email address and phone number in order to comply with our contractual obligations to deliver products to you or to take steps at your request prior to an order being finalised. When we process data due to contractual necessity, failure to provide such Personal Data will result in your inability to use some or all portions of our Site that require such data, for instance the ability to order products.
- Legitimate Interests: This is a technical term in data protection law which really means we have a good and fair reason to use your data and we do so in ways which does not hurt your interests and rights. We use your data in our legitimate interests where it is reasonably expected as part of running our business and which does not materially impact your rights, freedom or interests. For example, we will send you promotional communications about our service, subject to your legal rights to control this. We also analyse how users interact with our Site so we can understand how different elements of the Site are working so we can improve and develop the Site. We also process your data to guard against fraud and security threats and may do so in the completion of corporate transactions for the sale or part or all of our business.
- Consent: In some cases, we process Personal Data based on the consent you expressly grant to us at the time we collect such data. When we process Personal Data based on your consent, it will be expressly indicated to you at the point and time of collection.
- Compliance with law: for instance, we keep Personal Data in the form of order and transaction records to comply with our tax record obligations under legislation.
- Other Processing Grounds: From time to time we may also need to process Personal Data if it is necessary to protect the vital interests of you or other data subjects, or if it is necessary for a task carried out in the public interest.
Data Subject Rights
You have certain rights with respect to your Personal Data, including those set forth below. For more information about these rights, or to submit a request, please:
Please note that in some circumstances, we may not be able to fully comply with your request, such as if it is frivolous or extremely impractical, if it jeopardizes the rights of others, or if it is not required by law, but in those circumstances, we will still respond to notify you of such a decision. In some cases, we may also need you to provide us with additional information, which may include Personal Data, if necessary to verify your identity and the nature of your request.
- Access: You can request more information about the Personal Data we hold about you and request a copy of such Personal Data. You can also access certain of your Personal Data by logging on to your account.
- Rectification: If you believe that any Personal Data we are holding about you is incorrect or incomplete, you can request that we correct or supplement such data. You can also correct some of this information directly by logging on to your account.
- Erasure: You can request that we erase some or all of your Personal Data from our systems.
- Withdrawal of Consent: If we are processing your Personal Data based on your consent (as indicated at the time of collection of such data), you have the right to withdraw your consent at any time. Please note, however, that if you exercise this right, you may have to then provide express consent on a case-by-case basis for the use or disclosure of certain of your Personal Data, if such use or disclosure is necessary to enable you to utilize some or all of our Services.
- Portability: You can ask for a copy of your Personal Data in a machine-readable format. You can also request that we transmit the data to another controller where technically feasible.
- Objection: You can contact us to let us know that you object to the further use or disclosure of your Personal Data for certain purposes, such as for direct marketing purposes.
- Restriction of Processing: You can ask us to restrict further processing of your Personal Data.
Right to File Complaint: You have the right to lodge a complaint about Ruggable’s practices with respect to your Personal Data with the supervisory authority in the UK, the Information Commissioner's Office.
Transfers of Personal Data
Examples of when we may transfer your personal information outside the EEA include:
- In order to store it.
- In order to enable us to provide goods or services to you and fulfil our contract with you. This includes displaying our products to you, in order fulfilment and the provision of customer support services.
- Where we are legally required to do so.
- In order to facilitate the operation of our group of businesses, where it is in our legitimate interests and we have concluded these are not overridden by your rights.