Política de privacidad

This Privacy Policy describes how hueday.com (the “Site” or “we”) collects, uses, and discloses your Personal Information when you visit or make a purchase from the Site.

SCOPE OF PRIVACY NOTICE

We understand and respect your privacy and the need to protect your personal data.

This Privacy Notice applies to your use of this Site (Site), regardless of how you access or use the Site, including access via mobile devices.

It describes how your personal data is collected, used, and shared when you visit or make a purchase from the Site.

We may update this Privacy Notice from time to time in order to reflect, for example, changes to our practices or for other operational, legal or regulatory reasons.

CONTROLLER

The entity responsible for the collection and processing of your personal data in connection with your use of the Site depends on where you use the Site. 

DISCLOSURE TO OTHER ENTITIES OVERSEAS

We may disclose some or all of your personal data to related or third party overseas entities pursuant to the terms of this Privacy Notice. 

WHAT PERSONAL DATA WE COLLECT AND PROCESS

When you visit the Site or make a purchase on the Site, we collect the following personal data from you.

PERSONAL DATA YOU PROVIDE WHEN USING THE SITE

Data that identifies you, such as your name, address, telephone numbers or email addresses.

Financial information (e.g. credit card numbers and payment details) in connection with a transaction.

Delivery, billing, and other information you provide in connection with the purchase or delivery of an item.

Other data that we are required or entitled by applicable law to collect and process and that we need for your authentication or identification, or for the verification of the data we collect.

PERSONAL DATA WE COLLECT IN CONNECTION WITH THE USE OF COOKIES AND SIMILAR TECHNOLOGIES

We use cookies, log file, web beacons and similar technologies to collect data when you use the Site. We collect this data from the devices (including mobile devices) with which you access the Site. The data collected includes the following usage- and device-related information:

Data about the pages you visit, the access time, frequency and duration of visits, the links on which you click and other actions you take as part of your use of the Site and in advertising and email content.

Model or device type, operating system and version, browser type and settings, device ID or individual device identifier, advertisement ID, individual device token, and cookie-related data (e.g. cookie ID).

The IP address from which your device accesses the Site.

Location data, including the location data of your mobile device. Please note that most mobile devices allow you to manage or disable the use of location services for all applications in the settings menu.

PURPOSES AND LEGAL BASIS FOR DATA PROCESSING

We process your personal data for various purposes and pursuant to various legal bases. We process your personal data primarily to operate and improve the Site, to provide you with a personalised user experience on this Site, to contact you about your transactions entered into on the Site, to provide customer service, to provide you with personalised advertising and marketing communications, and to comply with our legal obligations. We also share your information with entities related to us and third parties for these purposes.

PURPOSES FOR DATA PROCESSING

With your consent, we process your personal data for the following purposes:

Processing of data relating to you or your company for the purpose of entering into a contract with you to supply you with goods purchased through the Site and executing that contract.

Enabling the delivery of purchased items by logistics/shipping service providers including notifications in connection with the delivery (such as tracking information), the latter to the extent permitted by applicable law without your consent.

Processing of general location data (such as IP address or postcode) in order to provide you with location-based services (such as radius search and other content that is personalised on the basis of your general location data).

Marketing communications and targeted advertising by telephone or electronic mail (such as email or SMS), including communications by entities related to us or by third parties, unless these communications are permitted without your consent under applicable law.

Processing of your exact location data to provide location-based services.

Processing of your personal data on the basis of your consent, which you have given so that we or third parties can enable you to use certain services or make them available to you.

complying with applicable laws and regulations, to respond to a validly-issued subpoena, search warrant or other lawful request for information we receive, or otherwise to protect our rights.

ADVERTISING-RELATED THIRD PARTIES

In terms of third parties, we use Shopify to power the online store on our Site. You can read more about how Shopify uses your personal data here: https://www.shopify.com/legal/privacy.

We also use Google Analytics to help us understand how our customers use the Site – you can read more about how Google uses your personal data here: https://www.google.com/intl/en/policies/privacy/.

You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.

TARGETED ADVERTISING

For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.

You can opt out of targeted advertising by using the links below: 

Facebook: https://www.facebook.com/settings/?tab=ads  

Google: https://www.google.com/settings/ads/anonymous  

Bing: https://advertise.bingads.microsoft.com/en-us/resources/policies/personalized-ads

Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at: http://optout.aboutads.info/. Please note that we do not alter our Site’s data collection and use practices when we see a Do Not Track signal from your browser.

STORAGE DURATION AND ERASURE

Your personal data will be stored by us and our service providers in accordance with applicable data protection laws to the extent necessary for the processing purposes set out in this Privacy Notice. Subsequently, we will delete your personal data or take steps to properly render the data anonymous, unless we are legally obliged to keep your personal data longer (e.g. for tax, accounting or auditing purposes). 

RIGHTS AS A DATA SUBJECT

Subject to possible limitations under specific national law where you are resident, as a data subject, you have the right to access, rectification, erasure, restriction of processing and data portability with regard to your personal data. In addition, you can withdraw your consent and object to our processing of your personal data on the basis of legitimate interests. You can also lodge a complaint with an appropriate regulatory authority.

The following sets out your rights in more detail:

You can withdraw your consent to the processing of your personal data by us at any time. As a result, we may no longer process your personal data based on this consent in the future. The withdrawal of consent has no effect on the lawfulness of processing based on consent before its withdrawal.

You have the right to obtain access to your personal data that is being processed by us. In particular, you may request information on the purposes of the processing, the categories of personal data concerned, the categories of recipients to whom the personal data have been or will be disclosed, the envisaged period for which the personal data will be stored, the existence of the right to request rectification or erasure of personal data or restriction of processing of personal data or to object to such processing, the right to lodge a complaint with a regulatory authority, any available information as to the personal data's source (where they are not collected from you), the existence of automated decision-making, including profiling and, where appropriate, meaningful information on its details. Your right to access may be limited by national law.

You have the right to obtain from us without undue delay the rectification of inaccurate personal data concerning you. Taking into account the purposes of the processing, you have the right to have incomplete personal data completed.

You have the right to obtain from us the erasure of personal data concerning you, unless processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims. The right to erasure may be limited by national law.

You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller ("right to data portability").

You have the right to lodge a complaint with a regulatory authority. As a rule, you can contact the regulatory authority of your usual place of residence, your place of work or the registered office of the controller.

If your personal data is processed on the basis of legitimate interests, you have the right to object to the processing of your personal data on grounds relating to your particular situation. This also applies to profiling. If your personal data is processed by us for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing, which includes profiling to the extent that it is related to such direct marketing.

The exercise of the above data subjects' rights (e.g. right to access or erasure) is generally free of charge. Where requests are manifestly unfounded or excessive, in particular because of their repetitive character, we may charge an appropriate fee (at most our actual costs) in accordance with the applicable statutory regulations or refuse to process the application.

COOKIES & SIMILAR TECHNOLOGIES

When you use our Site, we and selected third parties may use cookies and similar technologies to provide you with a better, faster and safer user experience or to show you personalised advertising.

“Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org.

“Log files” track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.

“Web beacons”, “tags”, and “pixels” are electronic files used to record information about how you browse the Site.

DATA SECURITY

We protect your personal data through technical security measures to minimise risks associated with data loss, misuse, unauthorised access and unauthorised disclosure and alteration. To this end we use firewalls and data encryption, for example, as well as physical access restrictions for our data centres and authorisation controls for data access.

If we suffer a data security breach that involves your personal data such that:

there is unauthorised access to or unauthorised disclosure of your personal data, or a loss of your personal data, that we hold; and

this is likely to result in serious harm to you; and

we are not able to prevent the likely risk of serious harm with appropriate remedial action

we will notify you of the details of the breach. We will also notify the relevant regulatory authority.

HOW TO STOP RECEIVING COMMUNICATIONS FROM US

To stop receiving email correspondence from us, simply click on the link in the email communication to unsubscribe.

To stop receiving the SMS communications from us reply to any SMS with the word 'STOP".

To remove your details from any of our marketing and communication databases simply email the relevant Data Protection Officer listed in section 3 above.

Minors

The Site is not intended for individuals under the age of 13. We do not intentionally collect Personal Information from children. If you are the parent or guardian and believe your child has provided us with Personal Information, please contact us at the address below to request deletion.

Lawful basis

Pursuant to the General Data Protection Regulation (“GDPR”), if you are a resident of the European Economic Area (“EEA”), we process your personal information under the following lawful bases:

  • Your consent;
  • The performance of the contract between you and the Site;
  • Compliance with our legal obligations;
  • To protect your vital interests;
  • To perform a task carried out in the public interest;
  • For our legitimate interests, which do not override your fundamental rights and freedoms.

Retention

When you place an order through the Site, we will retain your Personal Information for our records unless and until you ask us to erase this information. For more information on your right of erasure, please see the ‘Your rights’ section below.

Automatic decision-making

If you are a resident of the EEA, you have the right to object to processing based solely on automated decision-making (which includes profiling), when that decision-making has a legal effect on you or otherwise significantly affects you.

We DO engage in fully automated decision-making that has a legal or otherwise significant effect using customer data.

Our processor Shopify uses limited automated decision-making to prevent fraud that does not have a legal or otherwise significant effect on you.

Services that include elements of automated decision-making include:

  • Temporary denylist of IP addresses associated with repeated failed transactions. This denylist persists for a small number of hours.
  • Temporary denylist of credit cards associated with denylisted IP addresses. This denylist persists for a small number of days.

Selling Personal Information

Our Site do not any sells Personal Information.

GDPR

If you are a resident of the EEA, you have the right to access the Personal Information we hold about you, to port it to a new service, and to ask that your Personal Information be corrected, updated, or erased. If you would like to exercise these rights, please contact us through the contact information below.

Your Personal Information will be initially processed in Ireland and then will be transferred outside of Europe for storage and further processing, including to Canada and the United States. For more information on how data transfers comply with the GDPR, see Shopify’s GDPR Whitepaper: https://help.shopify.com/en/manual/your-account/privacy/GDPR.

CCPA

If you are a resident of California, you have the right to access the Personal Information we hold about you (also known as the ‘Right to Know’), to port it to a new service, and to ask that your Personal Information be corrected, updated, or erased. If you would like to exercise these rights, please contact us through the contact information below.

If you would like to designate an authorized agent to submit these requests on your behalf, please contact us at the address below.

Cookies

A cookie is a small amount of information that’s downloaded to your computer or device when you visit our Site. We use a number of different cookies, including functional, performance, advertising, and social media or content cookies. Cookies make your browsing experience better by allowing the website to remember your actions and preferences (such as login and region selection). This means you don’t have to re-enter this information each time you return to the site or browse from one page to another. Cookies also provide information on how people use the website, for instance whether it’s their first time visiting or if they are a frequent visitor.

We use the following cookies to optimize your experience on our Site and to provide our services.

Cookies Necessary for the Functioning of the Store

Name Function
_ab Used in connection with access to admin.
_secure_session_id Used in connection with navigation through a storefront.
cart Used in connection with shopping cart.
cart_sig Used in connection with checkout.
cart_ts Used in connection with checkout.
checkout_token Used in connection with checkout.
secret Used in connection with checkout.
secure_customer_sig Used in connection with customer login.
storefront_digest Used in connection with customer login.
_shopify_u Used to facilitate updating customer account information.

Reporting and Analytics

Name Function
_tracking_consent Tracking preferences.
_landing_page Track landing pages
_orig_referrer Track landing pages
_s Shopify analytics.
_shopify_s Shopify analytics.
_shopify_sa_p Shopify analytics relating to marketing & referrals.
_shopify_sa_t Shopify analytics relating to marketing & referrals.
_shopify_y Shopify analytics.
_y Shopify analytics.


The length of time that a cookie remains on your computer or mobile device depends on whether it is a “persistent” or “session” cookie. Session cookies last until you stop browsing and persistent cookies last until they expire or are deleted. Most of the cookies we use are persistent and will expire between 30 minutes and two years from the date they are downloaded to your device.

You can control and manage cookies in various ways. Please keep in mind that removing or blocking cookies can negatively impact your user experience and parts of our website may no longer be fully accessible.

Most browsers automatically accept cookies, but you can choose whether or not to accept cookies through your browser controls, often found in your browser’s “Tools” or “Preferences” menu. For more information on how to modify your browser settings or how to block, manage or filter cookies can be found in your browser’s help file or through such sites as www.allaboutcookies.org.

Additionally, please note that blocking cookies may not completely prevent how we share information with third parties such as our advertising partners. To exercise your rights or opt-out of certain uses of your information by these parties, please follow the instructions in the “Behavioural Advertising” section above.

Do Not Track

Please note that because there is no consistent industry understanding of how to respond to “Do Not Track” signals, we do not alter our data collection and usage practices when we detect such a signal from your browser.

Changes

We may update this Privacy Policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal, or regulatory reasons.

Contact

For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail at contact@hueday.com or by mail using the details provided below:

Last updated: 13-Oct-2021