Adrianna Papell Group GDPR Compliance Policy
The EU General Data Protection Regulation (“GDPR”) comes into effect across the European Union on May 25, 2018, and brings with it the most significant changes to data protection and privacy law in two decades. Based on privacy by design and taking a risk-based approach, the GDPR has been enacted to address data collection and data privacy that meet the requirements of the digital age. The goal of the GDPR is to standardize data protection laws and processing across the EU; affording all EU citizens regardless of residency stronger, more consistent privacy rights to access and control their personal information.
We (and our service providers) may ask for certain Personal Data when you place orders with us. The Personal Data we may collect includes, but is not limited to, the following:
· Full name (including title).
· APG account information and loyalty programs.
· Contact information including shipping and billing addresses and email address.
· Payment information including debit card, credit card or PayPal information. (Note: we do not store or transmit unencrypted payment information, following PCI Compliance and other applicable payment card regulations).
· Phone number.
· Date of birth.
· Order history.
· Any other information you choose to provide us through any form of communications to APG directly or to our third-party service providers.
We may share your Personal Information with third-party service providers for marketing purposes and sometimes obtain information about you or your purchases from such other third parties. Please be advised that these third parties have their own privacy policies explaining how they use and share your Personal Data. You should carefully review these privacy policies prior to engaging with the third-party. If you wish to opt out of such sharing, please contact firstname.lastname@example.org.
We may collect your Personal Information when you use the APG website, applications and our customer service center. Some of this data does not identify you personally, like the information above. But we sometimes collect and gather additional Personal Data about how you use our services and engage with us to improve our services and make them more useful to you. The information we collect includes, but is not limited to, the following:
· The date and time you used our website and/or services.
· The source of how you accessed our site.
· Your shopping and browsing activities on-line, through mobile devices, shopping apps and social media.
· The pages you visited on the APG Website and for how long you visited us.
· The products you viewed or added to your shopping basket.
· Your IP address.
· Your location (where you have permitted such access).
· The internet browser and devices you use.
· Account information and loyalty programs, if such accounts are created by you.
· Information from sweepstakes and promotions in which you participate.
· Information from surveys, ratings or reviews completed by you.
· Communications with us via third-party service providers, including social media sites.
· Voice recordings of calls you make to our customer service center.
· Any information within correspondence you send to us.
· Where you engage with us in a business to business context, we may collect your job title, company contact details (including email address) and company details (some of which we may obtain from an online or public business directory).
APG will only process information that is necessary for the purpose for which it has been collected. You will always have the option not to receive marketing communications from us (and you can withdraw your consent or object at any time). We will never send you unsolicited ‘junk’ email or communications, or share your Personal Information with anyone outside of the purposes described in this notice. We require this information to understand your needs and provide you with better service; specifically, for the following:
· To process and fulfill your orders and collect payment for these orders.
· To maintain internal financial and legal records.
· To process returns and issuing credit.
· To improve our products and services.
· To send promotional emails about new products, special offers or other information which we think you may find interesting using the email address which you have provided.
· To contact you for market research purposes. We may contact you by email, phone, fax or mail. We may use the information to customize the website according to your interests.
We do not sell your information to third-parties. However, we may from time to time disclose your Personal Information to the following categories of companies or organizations to which we pass the responsibility to handle services on our behalf:
· Service providers who assist in the operation of the APG Website and apps, fulfil your orders and deliver our products to you, including:
· Credit reference agencies.
· Logistics providers.
· Payment providers.
· IT support.
· Direct marketing communications agencies and consultants.
· Market research and market analytics service providers.
· Legal and other professional advisors.
· Certain regulatory bodies, government and enforcement agencies, where required.
When you have provided your consent, this permits APG to use and process your Personal Information to contact you from time to time through electronic channels such as email regarding promotions, events, products, services or information that we think may interest you. Please be advised that you can withdraw or revoke your consent at any time by emailing email@example.com in relation to any marketing messages you receive, by selecting the unsubscribe option included in those messages. You will be unable to unsubscribe from email notifications for orders placed on the website.
We are committed to ensuring that your Personal Information is secure and privacy protected. To prevent unauthorized access or disclosure, we have put in place appropriate physical, electronic and managerial procedures to safeguard and secure your Personal Information. However, please be advised that we may use and process your Personal Information as set out below where it is necessary for us to carry out activities that are in our legitimate interests as a business to do so and/or in your interest:
· To comply with any legal and/or regulatory requirements.
· To contact you if there is an urgent safety or product recall notice that we need to tell you about.
· To perform a contract such as to fulfill and complete your orders and purchases.
We may also use and process your Personal Information if you have signed up for “Papell Points” or our Loyalty Programs, to send you information about how the program works, statement information and account updates. To support sales and/or customer inquiries, we may use your information to respond to correspondence or emails you send to us and fulfill the requests you make to us.
APG partners with Borderfree, Inc. to fill international orders. Borderfree will fully process your Personal Information and Personal Data with at least the same level of privacy protection consistent with this policy and applicable laws and regulations, including but not limited to GDPR, former U.S. - EU Safe Harbor Privacy Principles and the U.S. Swiss Safe Harbor Privacy Principles established by the U.S. Department of Commerce. Borderfree also agrees not to sell, transfer or otherwise use your Personal Information other than for processing international shipments.
When you indicate you are shipping internationally on the APG Website, you will be redirected to a checkout page hosted by Borderfree. On the checkout page you will be required to submit Personal Information to Borderfree to complete your order and ship your APG products. Once you place your order, you may be prompted to confirm whether you would like to receive future marketing communications from APG and/or the APG Website.
Borderfree will notify APG of the approval of your order and APG will then ship approved orders to Borderfree. Simultaneously, Borderfree will purchase the product from us, which allows them to take title to the product(s), bill your credit card, collect and remit any duties and taxes to the appropriate taxing authority, and arrange for the product(s) to be delivered to you. In this process, Borderfree makes the sale to you as the merchant of record. When ordering from the APG Website, you will be presented with the Borderfree terms and conditions. To complete the order for such international shipments and to receive the product(s) you ordered, you must agree to the Borderfree terms and conditions.
You have certain rights and options to protect and/or manage your own Personal Information and Personal Data. The GDPR provides you with 8 specific rights relating to how APG collects and uses your Personal Information. All of these privacy rights are addressed in this Policy and are summarized below:
The right to be informed.
APG is required to tell you what Personal Data we collect, how we use that Personal Data, how long we keep your Personal Data and with whom we share your Personal Data, including third-parties.
The right to access.
You can ask for a copy of the Personal Data and/or Personal information that we hold about you.
The right to verify and rectification.
You have the right to verify the accuracy of your Personal Data and Personal Information and ask APG to update any incomplete information or correct any inaccuracies.
The right to erasure (also known as the “right to be forgotten”).
Under certain circumstances, you are entitled to have your Personal Data deleted or removed.
The right to withdraw your consent at any time.
You have the right to withdraw consent where you have previously given your consent to the processing of your Personal Data.
The right to restrict and/or object to the processing of your data.
Under certain circumstances, you have the right to restrict or limit the way in which APG uses or processes your Personal Data and the way Personal Data is automatically processed such as profiling. You also have the right to object to our use of your Persona Data provided APG does not have a legal reason to continue to do so. However, please know, when we do rely on our legitimate interest to use your Personal Data for direct marketing, APG will always comply with your right to object.
The right to Personal Data portability.
You have the right to receive your Personal Data in a structured, commonly used and machine-readable format and, if technically feasible, to have it transmitted to another entity without any hindrance. This provision is applicable provided that the data is processed by automated means and that the processing is based on your consent.
The right to file a complaint.
You have the right to bring a claim before your competent Personal Data protection authority.
If you believe that any information we are holding on you is incorrect or incomplete, please write or email us as soon as possible at either address below. We will promptly correct any information found to be incorrect. You can exercise the above rights and/or manage your Personal Information by contacting us at firstname.lastname@example.org.
Adrianna Papell LLC
Att: Legal Department
500 7th Ave, 10th Floor
New York, NY 10018 USA
+ 1 (212) 695-5244
Adrianna Papell UK LTD
Att: Legal Department
6 Greenland Place
London NW1 0AP UK
+44 0(20) 3696 2163