Because of a new data privacy law that is being introduced in the EU on 25 May 2018, we’ll be sharing some more information with you about how we collect and use your personal information. Nothing will change on how you use or shop online with Crystal Parade. We will just provide you with more power and control over your personal data.
General Data Protection Regulation (GDPR)
- Your rights relating to the information we hold about you.
o We want to give more power and control back to you over your data. You now can request a download, edit or deletion of your personal information. You can do this by contacting us email@example.com
- How we keep your personal information safe.
o Our internal processes, technology infrastructure, and 3rd party services / partners have all been revisited and are compliant with EU GDPR regulation. We have dedicated and secure servers for your personal data. These are shrouded in multiple layers of security to keep all your details safe.
o We now have a Data Protection Officer contactable at firstname.lastname@example.org whose responsibility is this.
- The types of personal information we collect and use to offer the services we promise to you and the legal basis we rely on, to use this information.
- Full transparency on the information that’s submitted by you or collected by us and the reasons why this information is needed to:
o Provide you with the best possible recommendations for crystal supplies and associated products in the most efficient way.
o Be able to deliver your products when you purchase them through Crystal Parade online.
o Understand which parts of our product you enjoy the most and to continuously improve our service to you.
- We will never sell your data and we will always allow you to have control over it.
Who we are
Newstorm Limited t/a Crystal Parade (we) are committed to protecting and respecting your privacy. We are an online business. Our main service is providing the distribution and supply of crystals and associated products to businesses and consumers.
Scope of policy
This policy sets out the legal basis on which any personal data we collect from you, or that you provide to us, will be processed by us. It also covers whether and how that information may be shared and your rights and choices regarding the information you provide to us.
We are the data controller responsible for your personal data.
Data Protection Officer (DPO)
We have appointed a Data Protection Officer (“DPO”). Our DPO has several important responsibilities including:
- Monitoring Crystal Parade’s compliance with the GDPR and other data protection laws;
- Raising awareness of data protection issues, training Crystal Parade staff and conducting internal audits; and
- Cooperating with supervisory authorities such as the ICO on our behalf.
If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact us at email@example.com.
Information we may collect and receive from you
We may collect and process the following information about you:
- Information you give us (submitted)
o information (such as your name, email address, postal address and telephone number and profile picture) that you provide by completing forms on Crystal Parade, including if you register as a user of Crystal Parade subscribe to any service, upload or submit any material via Crystal Parade, request any information or enter into any competition or promotion we may sponsor;
o to the extent that we offer an account sign-in facility, your password (which we will take all steps reasonably necessary to ensure that it is kept secure) and log-in details;
o your preferences, which helps us provide you with more tailored content;
o details of any transactions made by you through Crystal Parade;
o information you choose to share on Crystal Parade like your reviews about our products or services.
o communications you send to us, for example to report a problem or to submit queries or comments regarding Crystal Parade or its content;
o information from surveys that we may, from time to time, run on Crystal Parade for research purposes, if you choose to respond to them; and
- Information we collect about you and your device:
o details of your visits to Crystal Parade, the resources you access and any data you download;
o technical information, such as device properties (including, but not limited to IP address, Media Access Control (MAC) address and unique device identifier or other device identifier (UDID)), device software platform and firmware, mobile phone carrier, geographical data such as post code and location and other data as reasonably required by Crystal Parade to enhance our products and services; and
o information obtained from your social networking profile, if you log-in via a social networking site; by doing this you are giving Crystal Parade access your First name, Surname, profile picture and email address.
- Information to help us deliver our service to you which we receive from other sources:
o we are working closely with third parties (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies) and may receive information about you from them.
Uses made of the information
We use information held about you in the following ways:
- help us to build a profile of your preferences so we can offer you events and services you are interested in;
- enable us to process your orders and to provide you with the services and information offered through Crystal Parade and which you request;
- administer your account with us;
- verify and carry out financial transactions in relation to payments you make through Crystal Parade;
- share with third parties necessary to process your transactions with us, such as credit card processing companies, banks and suppliers;
- exchange information with other companies for fraud protection and credit risk reduction;
- contact you by post, phone or email when necessary to discuss the transactions entered into by you on Crystal Parade;
- audit the downloading of data from Crystal Parade;
- mprove the layout and/or content of the webpages of Crystal Parade and customise them for users;
- identify visitors to Crystal Parade;
- carry out research on our users’ demographics and tracking of website usage behaviour and sales data;
- market our products and services through 3rd party marketing and engagement platforms e.g Facebook Ads, Google Ads etc all of whose services are GDPR compliant.
- share with social networking sites at your request; and
- disclose to lawful authorities when required to do so by law.
We will also use information you provide to us for the purposes of contacting you with information or offers regarding upcoming events, products, services or surveys. This shall only be done with your consent which is explained in full below when setting out your rights.
Disclosure of your information
We may disclose your personal information to third parties in the following ways:
- We may disclose your personal information to any of our suppliers, agents or contractors who assist us in providing the services we offer through Crystal Parade, processing transactions, fulfilling requests for information, receiving and sending communications, updating marketing lists, analysing data, providing support services or in other tasks, from time to time.
- Our suppliers, agents and contractors will only use your information to the extent necessary to perform their functions.
- We do not disclose information about identifiable individuals to our advertisers, but we may provide them with anonymous aggregate information about our users. We may also use such aggregate information to help advertisers reach the kind of audience they want to target. We may make use of the personal data we have collected from you to enable us to comply with our advertisers’ wishes by displaying their advertisement to that target audience.
- If we sell or buy any business or assets, or substantially all of our assets are acquired by a third party, we may disclose, in each case, your personal data to the prospective seller or buyer of such business or assets.
- If we are under a duty to disclose or share your personal data in order to comply with any legal or regulatory obligation or request
- To protect our rights, or the property or safety of our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection or cybercrime.
Purposes for which we will use your personal data
We have set out below, in a table format, a description of all the ways we use your personal data as stated above, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate as well as what information is required by us to perform the contract we have with you: In certain circumstances, we need your personal data to comply with our contractual obligation to deliver the Services.
Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact our Data Protection Officer (DPO) at firstname.lastname@example.org
|Why use the information||What we use your information for||Type of Information||Our legitimate interests / Contractual obligation in performing our services|
|To provide Crystal Parade Services:||To carry out our obligation to our users which is to provide them with relevant and personalised information about products they might like.||Submitted||Being efficient and effective in providing relevant information about our products is in our commercial interest in providing you with a good service.|
|To provide Crystal Parade Services:||To be able to contact you regarding any orders you have placed or enquiries you have made using our service.||Submitted||Being efficient about how we fulfil our contractual obligation to our customers who purchase products and services.|
|To keep Crystal Parade services up and running:||To notify you about changes to our products or services.||Submitted||Being efficient and effective in providing relevant information about our products is in our commercial interest in providing you with a good service.|
|To provide Crystal Parade Services:||To notify you about new, existing products and services.||Device Information||Being efficient and effective in providing relevant information about our products is in our commercial interest in providing you with a good service.|
|To help market and provide products and services that may interest you:||To measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you.||Submitted Device information||Being efficient and effective in providing relevant information about our products is in our commercial interest in providing you with a good service.
Developing new products and services or enhancing existing products and services.
|To keep Crystal Parade services up and running:||To better understand which parts of our product / service you enjoy using the most to continuously improve our product.||Submitted||Developing new products and services or enhancing existing products and services.|
|To provide Crystal Parade Services:||To create a trust between our customers and community who share reviews about our products and services between each other and follow each other.||Submitted||Fostering a trustworthy community which fulfils the purpose of the company. Enabling users to receive trustworthy recommendations about our products and services.|
Where we store your personal data
Information that you submit via Crystal Parade is sent to and stored on secure servers located in the European Economic Area (EEA). This is necessary in order to process the information.
The data that we collect from you may be transferred to, and stored at, a destination outside the EEA. It may also be processed by staff operating outside the EEA, who work for us or for one of the third-party services we require to use. Third parties who use personal data in delivering their services to us, use data securely and confidentially and under strict contractual controls in accordance with data protection laws and enforced by Crystal Parade. These 3rd party services include: Amazon inc. (AWS), Ebay, Mailchimp, Paypal, Google, Facebook, Twitter, Instagram. They all carry out their services being compliant to GDPR.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to Crystal Parade. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
- remember that you have visited us before so that we can identify the number of unique visitors we receive. This allows us to make sure we have enough capacity for the number of users that we get;
- customise elements of the promotional layout and/or content of the pages of Crystal Parade; and
- collect statistical information about how you use Crystal Parade so that we can improve and learn which parts of Crystal Parade are most popular to visitors.
Cookies may be set by us or may be set by third parties who are delivering services on our behalf. For example, social networking sites.
Most web browsers automatically accept cookies but, if you prefer, you can change your browser to prevent that or to notify you each time a cookie is set. Please note however, that by blocking or deleting cookies you may not be able to take full advantage of Crystal Parade if you do so.
You can request a downloadable copy of your personal data, modify or delete this from Crystal Parade through your profile’s settings page. You may also request to delete your account from your profile settings page. We may retain certain information as required by law or as necessary for our legitimate business purposes.
Crystal Parade may, from time to time, contain links to and from the websites of our partner networks and affiliates. If you follow a link to any of these websites, please note that these websites and any services that may be accessible through them have their own privacy policies and that we do not accept any responsibility or liability for these policies or for any personal data that may be collected through these websites or services, such as contact and location data. Please check these policies before you submit any personal data to these websites or use these services.
Data Protection Authority
If you are a resident of the European Economic Area (EEA) and believe we maintain your personal data subject to the General Data Protection Regulation (GDPR), you may direct questions or complaints to our lead supervisory authority, the UK’s Information Commissioner’s Office, as noted below:
Information Commissioner’s Office
Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, United Kingdom
Phone: 0303 123 1113
We will respond to all requests, inquiries or concerns within thirty (30) days.